KR100788768B1 - System for automatic teller machine and automatic cash transaction device - Google Patents

Abstract

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a cash automatic deposit payment system and apparatus, comprising: a storage unit for storing a plurality of biometric information, a biometric information acquisition unit for acquiring biometric information of a user, and biometric information and the memory acquired by the biometric information acquisition unit; A biometric information combining unit which combines whether the biometric information previously stored in the unit is matched to obtain a combination result, and counts the number of successes of the combination result each time the combination is performed by the biometric information combining unit, and succeeds in the combination. A change process for changing the priority of a plurality of biometric information previously stored in the storage unit in accordance with the number of times, the biometric information obtained by the biometric information acquisition unit, and the storage unit according to the priority; A technique is provided having a control unit for controlling a combination process of combining biometric information.

Description

Automatic cash advance payment system and automatic cash transaction system {SYSTEM FOR AUTOMATIC TELLER MACHINE AND AUTOMATIC CASH TRANSACTION DEVICE}

1 is an example of a schematic diagram of a biometric information registration processing system.

2 is an example of a block diagram of a biometric information registration processing system.

3 is an explanatory diagram of a biometric information registration process.

4 is an example of a flowchart of biometric information registration processing.

5 is an example of a schematic diagram of a biometric authentication processing system.

6 is an example of a block diagram of a biometric authentication processing system.

7 is an example of configuration diagram of authentication control software.

8 is an explanatory diagram of a biometric authentication process.

9 is an example of a flowchart of a transaction including biometric authentication processing using an IC card authentication method.

10 is an example of a flowchart of authentication transaction initiation processing.

11 is an example of a flowchart of biometric authentication processing.

12 is an example of a flowchart of the authentication transaction termination process.

13 is a data example showing a relationship between priority and biometric information.

The present invention relates to a biometric authentication system used in ATMs and the like.

Conventionally, the following biometric authentication systems have been performed by ATMs or the like.

Patent document 1 (Japanese Patent Laid-Open No. 2002-140707) describes a priority processing apparatus in a biometric personal identification device. This technique prioritizes and registers a plurality of personal identification information in a database in advance and combines them according to the priorities. Since the first finger is more likely to be used next time, the priorities are sorted based on the use history, so that the speed of identity authentication can be improved compared to the combination in a fixed order.

However, in the method of Patent Literature 1, the following problem arises because it is a priority changing technique that sorts the priorities based on the usage history that the finger used first is likely to be used next time.

When five biometric information (five different fingers) are registered, and past authentication success number is different for every finger (authentication success number: thumb 0 times, index finger 70 times, suspension 15 times, ring finger ten times, pinkie five times) When we authenticate with thumb which we did not use for certification in the past of thing which was registered for certification, priority before thumb certification is first place index, second place stop, third place ring finger, fourth place pinky finger, fifth place thumb After authentication, it is changed to 1st thumb, 2nd index finger, 3rd stop, 4th ring finger, and 5th pinkie. Also, if the authentication is performed with a ring finger that has never been used for authentication, the ring finger is changed to 1st ring finger, 2nd thumb, 3rd index finger, 4th stop, and 5th pinky finger after the ring finger authentication. If the user wants to authenticate by the index finger next time, the priority is lowered to 3 in this situation. Therefore, it takes time because the combination of the ring finger and the thumb with less authentication success in the past is performed until the index finger is reached.

That is, in the method of Patent Document 1, if a finger having a small number of past successful authentications is used for authentication once, the number of successful authentications must always be obtained before the combination of a finger that usually uses many fingers at the time of authentication using a finger that most frequently uses the next time. It is inconvenient because a combination of a few fingers must be performed.

An object of the present invention is to solve the above-mentioned problems and to realize a biometric authentication system using an IC card and a method of the same, which has high biometric information concealment and a reduction in authentication processing time.

MEANS TO SOLVE THE PROBLEM This invention employ | adopted the following means in order to solve the said subject.

In the automatic cash deposit payment system, a storage unit for storing a plurality of biometric information, a biometric information acquisition unit for acquiring biometric information of a user, biometric information acquired by the biometric information acquisition unit, and biometric information previously stored in the storage unit Is matched, and each time a combination is performed by the biometric information combining unit for obtaining a combination result and the biometric information combining unit, the number of successes of the combination result is counted, and the storage unit is counted according to the number of successes of the combination. Change processing for changing the priority of the plurality of biometric information stored in advance in the memory and combination processing for combining the biometric information acquired by the biometric information acquisition unit with the biometric information previously stored in the storage unit according to the priority. It is equipped with a control part to control.

In the present invention, a biometric authentication system and apparatus using an IC card, by adding priority to a plurality of biometric information and performing authentication processing from high priority biometric information, maintains high security and performs personal authentication in a short processing time. You can do it.

EMBODIMENT OF THE INVENTION Hereinafter, one Embodiment using this invention is described.

Example 1

In the present embodiment, a biometric information registration process of registering biometric information (eg, finger vein) of a user in a portable electronic device owned by a user, particularly an IC car, between an operator (window manager) and a user at a branch of a financial institution; It is divided into two types of biometric authentication process, which is installed in financial institutions, convenience stores, etc., and automatically authenticates transactions mainly related to cash, and authenticates using biometric information of the user using ATM (ATM). do. The biometric information registration process will be described with reference to FIGS. 1 to 4, and the biometric authentication process will be described with reference to FIGS. 5 to 12.

First, the outline | summary of the registration process and authentication process of biometric information is demonstrated easily.

In the biometric information registration process, the feature amount is extracted from the finger vein of the user and generated as preprocessing data, and at the same time, the registration data is also generated and registered with the IC card. The window terminal used in the process of this process is connected to a biometric information registration device with an IC card device, and the biometric information (preprocessing data, registration data) for registration is encrypted so that the IC can be accessed from the biometric information registration device without passing through the window terminal. Direct transfer and writing to the card is performed.

On the other hand, in the biometric authentication process, the processing is performed based on the characteristic amount from the finger vein of the user, the preprocessing data registered with the IC card, and the registration data based on the unique authentication and combination technology. In the process of this process, the authentication data is generated from the biometric information newly acquired by the biometric authentication mechanism connected to the ATM and the preprocessing data read from the IC card, transferred to the IC card, and authenticated in the IC card. Perform the process.

In the description of the present invention, the biometric information registration process uses a sales point system and the authentication process uses an ATM. However, the authentication process may also be performed in the branch office system and the registration process may be performed in the ATM. However, it is preferable to perform the registration processing of the biometric information in the branch office system in which the operator joins, even in ensuring that the user is the person. Although an IC card is used as a medium for registering biometric information, portable electronic media (portable electronic devices) such as mobile phones and RFID (Radio-Frequency-Identincation) tags may be used. An IC card in which an IC chip is mounted on a cash card most prevalent in China is preferable, and a change of a system can be suppressed.

Fig. 1 is a schematic diagram of a branch office system used by an operator in a branch of a financial institution, particularly a biometric information registration processing system related to registration of biometric information. This biometric information registration system connects and comprises the biometric information registration device 101 including the biometric information reading device 102 and the registration terminal device 104 that controls the biometric information registration device 101. In this system, an operator (window manager) of a financial institution operates the terminal device 104 for registration to register the user's biometric information on the IC card 105. Specifically, the operator in charge of the operation unit 107 is selected from various menus displayed on the display unit 106 to enable various transactions in the financial institution other than the registration of the biometric information.

The person in charge of the window inserts the IC card 105 into the IC card device 103, which is one component of the biometric information registration device 101, and makes the IC card 105 writable. On the other hand, the user places it in the biometric information reading apparatus 102 along the shape which shows the user's own finger. The bioinformation reading device 102 penetrates the finger placed near the infrared ray by operation of the person in charge of the window, and photographs the vein pattern of the finger by the camera to obtain the image. The biological feature amount is extracted from this image, and the processing described later is added to the extracted biological feature amount, and the IC card device 103 executes recording and writing processing on the IC card 105. In addition, the bio-characteristic quantity is data which can identify an individual obtained from the vein data (vein pattern) of a finger.

The IC card device 103 has a function of writing information into the IC card 105 as described above, and also has a function of reading information stored in the IC card 105. That is, although it has a read or write function, it demonstrates in the example which writes biometric information into the IC card 105 below.

2 is a block diagram showing the configuration of one embodiment of the biometric information registration processing system described with reference to FIG.

The biometric information registration device 101 includes a CPU 201 for controlling the entire biometric information registration device 101, a main memory 202 for storing various kinds of information, a biometric information reading device 102 for reading biometric information, and an IC card. An IC card device 103 for writing biometric information into the 105 and a communication unit 215 for connecting with the registration terminal device 104 are provided.

The main memory unit 202 can be divided into a ROM 203 for storing various programs and a RAM 204 for storing mainly data and rewriting the stored data. Here, the main memory section (also referred to as a storage section 202) by the ROM 203 and the RAM 204 will be described, but a hard disk and various semiconductor memories may be used as well. The ROM 203 is a living body for controlling the registration processing program 205 for registration processing of biometric information, a registration data creation program 206 for creating registration data used for authentication, and a biometric information reading device 102. An information reading device control program 207, an IC card device control program 208 for writing information into the IC card 105, and a communication control program 209 for controlling the communication unit 215 are provided.

The biometric information reading device 102 acquires a biometric image (a finger vein pattern), and whether a finger is placed in the image acquisition area of the image sensor (image acquisition unit 210) and the image sensor 210 constituted by a CCD camera or the like. It is provided with the presence or absence detection illumination LED 211 which detects whether or not, and the illumination acquisition LED (bio irradiation part, 212) which irradiates near-infrared rays with respect to a finger at the time of acquisition of a biological image (a finger vein pattern). The IC card apparatus 103 includes an IC card writing unit 213 for writing information into the IC card 105 and a contact terminal 214 for connecting with the IC card 105.

The IC card 105 includes a CPU 221 for controlling the entire IC card 105, a storage unit 222 for storing data related to biometric information, a program related to financial transactions, and the like, and a biometric information registration device 101. And a contact terminal 223 for connecting with each other. In addition, the IC card device 103 and the IC card 105 can be constituted not only by the contact type by the contact terminal but also by the non-contact type.

The registration terminal device 104 includes a CPU 231 for controlling the entire registration terminal device 104, a main memory part 232 for storing data or programs, a display part for displaying an operation guide, and the like for a CRT or a liquid crystal display. And a communication unit 235 which is connected to the biometric information registration device 101 and the biometric registration terminal device 104. In addition to the biometric information registration device control program 233 for controlling the biometric information registration device 101, the main memory 232 stores various financial transaction programs traded at the window.

3, the creation process of the registration data registered in the IC card 105 by the biometric information registration process will be described. However, the description of the algorithm or the like in the production process is omitted for security reasons, i.e., a relationship that prevents forgery due to information leakage or the like. The same applies to the authentication processing of the biometric information.

First, based on the biometric image (arrhythmic pattern) obtained by the image sensor 210, a biometric characteristic amount representing the characteristic is extracted using a certain algorithm (step 301). And the preprocessing data is created using the algorithm further from this biometric characteristic amount. In addition, registration data is created by combining the biometric feature and the preprocessing data (step 302).

Here, the preprocessing data can also be interpreted as a cryptographic authentication key used to create registration data. In addition, the registration data is data that cannot be created directly from the biometric feature amounts as is apparent from the foregoing description and the drawings. In addition, although the preprocessing data and the registration data are data created from a biometric feature amount that clearly shows the user's own characteristics, an algorithm by irreversible conversion processing is used in this preparation process. Therefore, it is not possible to create the biometric feature amount or preprocessing data from the registration data as the creation process by the inverse transformation, or create the biometric feature amount from the two data of the preprocessing data and the registration data. In addition, the preprocessing data is information created by extracting a portion which cannot identify a user individual, and the registration data is preferably formed by extracting a portion that can identify an individual. In addition, both the preprocessing data and the registration data are unique information that only the card holder can obtain. As described later, the preprocessing data and registration data exist for each finger, and priority is given to the number of fingers to be registered and stored in the IC card 105. For example, if a vein of three fingers (priority of right hand detection, right hand stop, left hand detection is prioritized) is registered, as shown in FIG. 13, preprocessing data / authentication data of right hand detection of priority 1, priority 2 The preprocessing data / authentication data for right hand stop and the preprocessing data / authentication data for left hand detection of priority 3 are registered.

As shown in Fig. 13, reference numeral 1301 denotes a priority order when the user registers the biometric information with the IC card and is a value (fixed value) set for each type 1302 of the fingers. Then, the preprocessing data 1303 and the registration data 1304 are registered with the IC card with respect to the kind of finger 1302, respectively. As another example, the number of successes at the time of authentication, which will be described later, is accumulated and stored at 1305 for each kind of finger 1302. By the number of successes of authentication 1305, a setting value (change value, not shown) of priority change data for changing the priority is added and stored in the IC card.

Finally, the created preprocessing data and registration data are stored in the IC card 105 (step 303). These data stored in the IC card 105 are stored in an encrypted state and, as described above, are stored in a state in which creation processing by inverse conversion is impossible. Therefore, even if the preprocessing data and registration data are read by a malicious person and both data are deciphered, it is impossible to generate the biometric characteristic amount. Thus, one of the features is that the data in the IC card can be protected by the double security, such as data generation, which cannot encrypt or reverse data.

The above data creation algorithm is shown in the following formula.

If the biometric feature amount is x, the preprocessing data (y) can be expressed as "y = f (x)" using a function (f, equivalent to an algorithm).

Since the registration data (z) is created by the combination of the biometric feature (x) and the preprocessing data (y), it can be expressed as "x + y + z = g (x, y)" using a certain function (g). .

And since this creation process is irreversible, from the registration data such as z = g (x, y) + x, z = g (x, y) + y, z = g (x, y) + x + y It is not possible to restore biometrics or preprocessing data.

4 is an example of a flowchart of registration processing of biometric information executed by each mechanism and each part (including a program) by the CPU 201 of the biometric information registration device 101 or based on an instruction from the CPU 201.

The IC card 105 is inserted into the IC card device 103, and is in a IC card connection state (a state in which data can be written to the IC card 105). In order to establish an IC card connection, it is necessary to contact the contact terminal 214 of the IC card apparatus 103 with the contact terminal 223 of the IC card 105. The following describes the process of the person in charge of the window operating the registration terminal device 104 to register the user's biometric information in the IC card 105, and at the same time the processing and control executed by each mechanism or the like based on the operation. Explain. In addition, although the communication control program 209 described with reference to FIG. 2 controls the transmission / reception of data between the biometric information registration device 101 and the biometric registration terminal device 104, the description will be omitted below.

The registration terminal device 104 displays a menu screen (a screen for guiding the selection of processing such as registration, authentication, change, and termination) on the display unit 106, and accepts an input operation of the counter staff by the operation unit 107. do. If registration processing is selected from the displayed transaction item by the operation unit 107, the CPU 231 of the registration terminal device 104 executes the registration processing program 205 and the biometric information registration device control program 233, and the biometric information. The registration processing start instructs the registration device 101. The CPU 201 of the biometric information registration device 101 which has been instructed to start the registration processing executes the registration processing program 205 and performs the registration processing as a whole of the system.

A guide is displayed on the display unit 106 of the registration terminal device 104 so as to insert the IC card 105 into the biometric information registration device 101. When the IC card 105 is inserted into the IC card apparatus 103 (step 401), the contact terminal 223 of the IC card 105 and the contact terminal 214 of the IC card apparatus 103 are brought into contact with each other to obtain biometric information. The registration apparatus 101 and the IC card 105 are connected (step 402). At this time, it is determined whether or not there is a program related to the biometric information in the storage unit 222 of the inserted IC card 105 (step 403), and if there is no program (in the case of a card for which data cannot be registered) The IC card 105 is returned (step 414). On the other hand, when there is a program related to biometric information in the storage unit 222 of the inserted IC card 105 (in the case of a card that can register data), the priority N is set to "1" (step). 404, the guidance is displayed so that the finger registered in the display unit 106 is placed in the biometric information reading device 102. Accordingly, the user places the finger to register on the biometric information reading device 102. The CPU 201 of the biometric information registration device 101 executes the biometric information reading device control program 207, and instructs the biometric information reading device 102 to start biometric information reading. When the object (finger) is placed in the image acquisition area of the image sensor 210, the biometric information reading device 102 detects the entry of the object (finger) by the illumination LED 211 for detecting the presence or absence (step 405). Then, it is checked whether or not the object (finger) is a living body (step 406). If the inserted object (finger) is not a living body, the IC card 105 is returned without writing any information into the IC card 105 (step 414). When the inserted object (finger) is a living body, the near-infrared ray is irradiated to the object (finger) by the biometric acquisition LED 212, and the biometric image of priority N (N = 1) is transmitted to the image sensor 210. Finger vein pattern) is acquired and stored in RAM 204 (step 407). Next, the biometric feature amount of priority N (N = 1) is extracted from the biological image (arrhythmic pattern) of priority N (N = 1) (step 408). Then, by executing the registration data creation program 206, after preprocessing data of priority N (N = 1) is created from the biometric feature amount of priority N (N = 1) as shown in Fig. 3 (step 409), Registration data of priority N (N = 1) is created from the biometric feature amount of priority N (N = 1) and preprocessing data of priority N (N = 1) (step 410). Subsequently, the IC card device control program 208 is executed, and the IC card writing unit 213 stores preprocessing data of priority N (N = 1) and authentication data of priority N (N = 1) in the created RAM 204. In addition, the CPU 221 in the IC card 105 stores the data in the storage unit 222 of the IC card 105 (step 411). It is determined whether the registration of the number of fingers desired to be registered is completed (step 412). Upon completion, the biometric information registration is completed, and the IC card 105 is returned (step 414). If not, add 1 to priority N (N = 1), set priority N (N = 2) (step 413), and proceed to steps 405 to 411 again, priority N (N = 2). The preprocessing data of the finger and the authentication data of the finger of priority N (N = 2) are stored in the storage unit 222 of the IC card 105. In this manner, steps 405 to 411 are repeated, and registration is continued until the desired number of registrations is completed. In addition, the number of fingers to be registered may be such that the financial institution side and the user side can be freely determined.

Note that the priority is not added at the time of registration as shown in Fig. 4, but can be added and changed in any order by the user's notification after registration of all the fingers. This allows the user time to consider the order of priority.

In addition, in prior registration, even if the priority is not added, it is also possible to automatically add and change the finger used by the user at the time of the authentication process according to the frequency of use. The frequency of use is added to the preprocessing data and registration data and registered in the IC card. The order of use not only reduces the effort of adding priority, but also facilitates the user. The priority can be defined in various ways, such as numerical descending or descending order or using a character string. In addition, the frequency of use may simply count (calculate) the number of successes of biometric authentication, as shown in FIG. Various statistics can be considered if the object of the invention can be achieved.

In the above, the registration processing and control of the biometric information have been described on the basis of the processing and control of each program stored in each CPU 201, 221, 231 or the storage unit. However, each program is already in the initial stage of transition to the registration processing. Needless to say, the configuration by the hard and the software may be grasped as a control unit, and the various types of control and processing described above are functions and means of the control unit. The same applies to the authentication processing for biometric information described below.

In performing the authentication process of the biometric information, it is assumed that information registered by the above-described registration process, that is, preprocessing data and registration data stored, registered, and written in the IC card 105 is performed, and the authentication process is performed. It explains as follows.

5 is a schematic diagram of a biometric authentication processing system. The biometric authentication system includes a cash automatic transaction having a function of reading biometric information and a reading (or writing) function of the information of the IC card 105, or a transaction related to a deposit payment device (ATM) 501 and a financial product. The server 502 which stores necessary information is connected and comprised. The ATM 501 is an apparatus that automatically executes various transactions desired by the user, such as deposit, payment, and remittance, and the user inserts the IC card 105 into the card / specification tag mechanism 504, and the operation unit 503 The desired transaction, the amount of money, and the like are inputted, and the biometric authentication mechanism 508 enables the transaction to be successful when authentication is successful. In particular, in the cash transaction, the deposit or withdrawal of the banknote by the banknote deposit and withdrawal mechanism part 506, the deposit or withdrawal of cash with the coin withdrawal mechanism part 507 is performed, and the ATM 501 exchanges cash desired by the user. . In addition, when a user wishes to fill out a bankbook, the account book mechanism unit 505 can fill in and print the transaction contents in the bankbook. In addition, since the biometric authentication system described in the present embodiment is used as an automatic cash transaction or a deposit payment device, the biometric authentication system can be referred to as an automatic cash transaction or a prepayment system as a whole.

6 is a block diagram showing the configuration of one embodiment of a biometric authentication processing system. The ATM 501 includes an operation unit 503 composed of a control CPU 601 for detecting the entire ATM, a screen display of a transaction item, a key input detection, specifically a touch panel for accepting a user's operation or a key input pressed by a finger. , Card insertion and ejection operation, magnetic stripe of the card or read / write operation to the IC card 105, reading of the image of the card embossing part, or printing the transaction contents in the specification table and discharging from the device. The branch has a card / specification tag mechanism 504, a bankbook mechanism 505 having a user's insertion / ejection operation of a bankbook, a read / write operation of a magnetic stripe, a printing function by a printing part to a bankbook, and the like.

In addition, the banknotes withdrawal and withdrawal mechanism part 506 which has the discrimination and conveyance of a banknote, the storage function, etc., and performs the deposit or withdrawal process of a banknote, and has the discrimination, conveyance, and storage function of hardening, and performs the deposit or withdrawal process of hardening. The coin deposit and withdrawal mechanism part 507 acquires biometric information and supports the authentication, and the biometric authentication mechanism part 508 (also called a biometric information acquisition part) and a main memory part (also called a storage part 602) which stores data or a program And a communication unit 610 for connecting with the server 502.

In addition, the operation unit 107 of the terminal device 104 for registration described in Figs. 1 and 2 is for performing an input operation when a person in charge of a window registers the user's biometric information on the IC card 105, using a keyboard or a mouse. 5 and 6, the operation unit 503 of the ATM 501 shown in Figs. 5 and 6 is for input operation when a user makes a transaction with the ATM 501. The operation unit 503 is composed of a touch panel and the like. The configuration and use of the control panel are also different.

The card / specification tag mechanism 504 is a contact for connecting with the IC card reader 603 for reading the information of the IC card 105, the specification card printing portion 604 for printing the transaction contents in the specification table, and the IC card 105. The terminal 605 is provided.

The biometric authentication mechanism unit 508 acquires a storage unit 606 for storing various data and the like, and a biometric image (arrhythmic pattern) of the user, and an image sensor (image acquisition unit 607) composed of a CCD camera or the like. Illumination LED 608 for detecting presence or absence of detecting a finger on the image acquisition area of the image sensor 607 and illumination LED for irradiating near-infrared light on the finger at the time of acquisition of a biometric image (a finger vein pattern) (bio Irradiation part 609 is provided. In other words, the biometric authentication mechanism unit 508 has a function of acquiring biometric information which is almost the same as the biometric information reading device 102 shown in FIGS.

The main memory unit (also referred to as a storage unit) 602 is hardly comprised of a ROM 620 for storing various programs and a RAM 621 for storing data mainly and rewriting the stored data. As described in the above-described registration processing, the configuration by the hard disk or the various semiconductor memories may be sufficient, and it is also called the 1st, 2nd storage part. In addition, the ROM 620 performs processing such as acquisition of a biometric image, authentication, and the like described below in accordance with an instruction of the CPU 601 or the like, and the authentication control software 622 for controlling the biometric authentication mechanism unit 508. Equipped. In addition, although not shown, screen data to the operation unit 503 of the ATM 501, programs and software necessary for cash transactions and deposit transactions in the ATM 501 are also stored. The server 502 connected via the communication network with the ATM 501 is constituted by a CPU 611 that controls the entire server 502, a storage unit 612, and a communication unit 613 that connects with the ATM 501. .

Fig. 7 shows a main memory unit 602 and a biometric authentication mechanism centering on the authentication control software 622 for controlling the control of the biometric information in the ATM 501, in particular, the biometric authentication mechanism unit 508. 508, a control block (software configuration) associated with the IC card 105 in the card / specification table mechanism section 504 is shown.

The authentication control software 622 can be roughly divided into an authentication control application 701 and an authentication control middleware 702, and software can be referred to as software, application to middle, and application to middleware, respectively. The authentication control application 701 is a program having individual functions, such as a financial institution incorporating an ATM 501 equipped with the biometric authentication mechanism unit 508, and displays the screen in the order and method of authentication and authentication. Each financial institution is prepared and its specifications are changed again. In particular, the authentication control application 701 performs the authentication process start indicator to the authentication middleware 702.

The authentication control middleware 702 is a program having a common function necessary for authentication processing even if the financial institutions are different and the biometric information is different, and the biometric authentication mechanism unit control program 703 that controls the biometric authentication mechanism unit 508, the IC card ( 105 is a program that controls and processes various programs related to authentication of biometric information called an IC card control program 704 that controls the exchange of data with a card and execution of a program in the IC card 105.

The data executed by the authentication control middleware 702 and obtained are temporarily stored in the RAM 621. The RAM 621 serves as an authentication result data buffer 705, an authentication data buffer 706, and a preprocessing data buffer 707 which are buffer areas for exchanging data between the biometric authentication mechanism unit 508 and the IC card 105. Each data buffer has one. Although these data are hardly stored in the RAM 621, it can be said that they are stored softly in the authentication control software 622, especially the authentication control middleware 702.

The authentication control middleware 702 operates the card / specification tag mechanism 504 or the biometric authentication mechanism 508 via a driver (not shown) by an instruction from the authentication control application 701. As described above, the processing of these parts is controlled by the CPU 601 of the ATM 501. The driver also includes control software for using a computer peripheral device (device).

The storage unit 606 of the biometric authentication mechanism unit 508 controlled by the authentication control software 622 includes an authentication data creation program 709 for creating authentication data and an authentication result for determining whether the authentication succeeds from the authentication result data. Has a decision program 710. The card / specification tag mechanism 504 also has an authentication program 711 for performing authentication processing.

8, the structure of authentication and data exchange in a biometric authentication process are demonstrated. It is also used as a supplement to the description of the biometric authentication flow of FIG. 11 described later. The main subject of the following operation is the authentication control middleware 702 which has received an execution command from the authentication control application 701, but the authentication control software is performed by the authentication control application 701 and the authentication control middleware 702 jointly performed. It can also be said that the operation by (622). In addition, reception and transmission can also be called input and output, respectively.

When authentication of the biometric information is executed in the transaction of the ATM 501, the preprocessing data is transmitted to the authentication control middleware 702 among preprocessing data and registration data stored in advance in the IC card 105. The authentication control middleware 702 receives the preprocessing data from the IC card 105 and enters the preprocessing data buffer 707 of the RAM 621, which includes the authentication control software 622 and the authentication control middleware 702. After storing temporarily, it transmits to the biometric authentication mechanism part 508 (step 801). On the other hand, the biometric authentication mechanism unit 508 receives the preprocessing data from the authentication control software 622, and subsequently or in parallel acquires the biometric information of the user, and extracts the biometric feature amount from the biometric information. Then, authentication data is created by combining the received preprocessing data with the acquired and extracted biometric feature amounts (step 802).

In this manner, in the biometric information authentication process, the preprocessed data also has a function as a cryptographic authentication key for creating the authentication data. In addition, even if this authentication data can be acquired, a biometric characteristic amount cannot be created directly from this data. Although the authentication data is data created from the biometric characteristic amount, in this creation process, the algorithm by the irreversible conversion process is used, and on the contrary, it is impossible to create the biometric characteristic amount from the authentication data, and furthermore, it is necessary to create two pieces of preprocessing data and authentication data. Biometric quantities cannot be created from dog data. The preprocessing data is information created by extracting a part that cannot identify an individual, and the authentication data is information created by extracting a part that can identify an individual.

Here, the data creation algorithm described above is expressed by a mathematical formula as in the case of biometric information registration.

The information obtained at the time of authentication by the biometric authentication mechanism unit 508, that is, the newly obtained biometric characteristic amount is set to /. And since the preprocessing data y is not different from the time of registration, it is "y = f (x)".

Since the authentication data (z ') is created by the combination of the biometric feature (x') and the preprocessing data (y), using a function (g), "x '+ y → z' = g (x ', y) ”. In addition, since this preparation process is an irreversible process, it is not possible to restore the biometric characteristic amount and the preprocessing data from the registration data such as z '→ x', z '→ y, z' → x '+ y.

After creating the authentication data of S802, the authentication data created by the biometric authentication mechanism unit 508 is temporarily stored in the authentication data buffer 706 by the instruction and control of the authentication control software 622, and then transmitted to the IC card 105. (Step 803). The IC card 105 receives the authentication data, combines the registration data stored in the IC card 105 with the authentication data by some algorithm (also referred to as biometric authentication processing), and creates authentication result data (step 804). . The created authentication result data is also sent to the authentication control middleware 702. The authentication control middleware 702 receives the authentication result data from the IC card 105, temporarily stores the authentication result data in the authentication result data buffer 705 of the authentication control software 622, and then transmits the authentication result data to the biometric authentication mechanism unit 508. . Then, the biometric authentication mechanism unit 508 determines (analyzes) the authentication result data in the biometric authentication mechanism unit 508 (step 805), and the authentication control middleware 702 determines the authentication result data and the authentication success site and the cause of the authentication failure. (Step 806), the biometric authentication process ends.

In this way, in the biometric authentication process, the biometric feature amount closest to the user's biometric information is not stored in the IC card 105, and the biometric feature amount is obtained and extracted by the biometric authentication mechanism unit 508. It has a feature that does not come out from inside.

In addition, the data exchanged between the IC card 105 and the biometric authentication mechanism unit 508 via the authentication control software 622 and the basis of the control are three pieces of preprocessing data, authentication data, and authentication result data. However, as mentioned above, even if these data are combined, it also has the characteristic that a biometric characteristic cannot be created.

In addition, in the biometric authentication process such as the preparation of each data related to the biometric information, the IC card 105 and the biometric authentication mechanism unit 508 each share a feature of obtaining an authentication result. Therefore, even if the IC card or the biometric authentication mechanism is stolen and the inside thereof is decrypted, the biometric authentication process cannot be executed. That is, it is also theoretically possible to create new preprocessing data from the biometric feature amount acquired by the biometric authentication mechanism unit 508 at the time of authentication, and to create authentication data from the processed data and biometric feature amount previously, but in this embodiment as such Instead, the authentication data is generated from the preprocessing data and the biometric characteristic amount stored in the IC card 105, so that the security is kept high.

In addition, the authentication control middleware 702 stores the preprocessed data in the biometric authentication mechanism unit 508, deletes it after the authentication data has been created, and when the authentication is necessary, the biometric authentication mechanism unit (from the preprocessing data buffer 707) is frequently used. 508 is preferred. That is, the preprocessing data is stored in the preprocessing data buffer 707 in the authentication control software 622 until the transaction by the ATM 501 is completed. By doing this, there is an effect that the faster processing is possible from the preprocessing data buffer 707 in the authentication control software 622 than the preprocessing data is transmitted from the IC card 105.

As described above, since the biometric authentication process is performed in the IC card 105, the IC card 105 itself or the CPU 221 of the IC card 105 is also referred to as a biometric information combining unit or biometric authentication processing unit.

9 to 12, a process for carrying out a payment transaction including a biometric authentication process using an IC card authentication method using an IC card 105 with an automatic cash transaction device and an automatic cash advance payment device (ATM) 501 is performed. Explain.

Fig. 9 is an example of a flowchart showing a transaction on an ATM executed by a CPU 601, an authentication control software 622, and the like (control unit) of the ATM 501, and in particular by biometric authentication processing using an IC card authentication method.

Before performing the biometric authentication processing, processing necessary for executing a transaction in the ATM 501, such as transaction selection, password authentication number input, card insertion, etc., is performed. The operation selection unit 503 reads and displays the transaction selection guide such as deposit, payment, balance inquiry, and deposit at the ROM 620, and accepts the transaction selection from the user (step 901). When a transaction requiring biometric authentication, for example, a payment transaction, is selected, a guide for inserting the IC card is displayed on the operation unit 503 to prompt the insertion of the IC card 105. When the IC card 105 is inserted into the card / specification tag mechanism 504 by the user, it is detected (step 902) and the account is released from the IC card 105 in the IC card reading portion 603 of the card / specification tag mechanism 504. Read the number. The IC card 105 may be provided with a magnetic stripe, and in this case, data such as an account number other than the biometric information may be read out from the magnetic stripe of the IC card 105.

Next, a guide for inputting a password authentication number is displayed on the operation unit 503. If a password authentication number is input to the operation unit 503 by the user, it is detected (step 903), and the read account number and the input password authentication number are transmitted to the server 502 via the communication units 610 and 613. On the other hand, the CPU 611 of the server 502 receives the input password authentication number via the communication units 610 and 613, and inputs the input password authentication number and the account number registered in the storage unit 612 in advance. The corresponding cipher authentication numbers are combined, and the combined result is transmitted to the ATM 501 via the communication units 610 and 613. The ATM 501 receives the combined result via the communication units 610 and 613, checks the government of the password authentication number (step 904), and if the entered password authentication number is not correct, inputs the number of times of the password authentication number. It counts (step 905). If the number of times of entering the password authentication number is within the specified number of times, the user is prompted to re-enter the password authentication number. If the number of times the password authentication number has been entered exceeds the prescribed number of times, the transaction is aborted (step 906).

If the password authentication number entered in S904 is correct, it is determined whether the inserted IC card 105 is a biometric authentication target card (step 907). The biometric authentication target card at this time is a card having information and a program necessary for performing biometric authentication.

If the inserted IC card 105 is not the biometric authentication target card, the biometric authentication process is not performed and the transaction such as payment is subsequently executed (step 915). When the inserted IC card 105 is a biometric authentication target card, an authentication transaction start process is performed as a preliminary preparation of the biometric authentication process (step 908). The authentication transaction start processing will be described in detail with reference to FIG. 10 described later.

When the authentication transaction start processing ends, the CPU 601 of the ATM 501 puts the authentication control software 622 into the RAM 621 and expands. The CPU 601 of the ATM 501 then executes the authentication control application 701. Upon receiving it, the authentication control application 701 gives a registration information acquisition instruction to the authentication control middleware 702. The authentication control middleware 702 having received the registration information acquisition instruction executes the IC card control program 704 to acquire information (registrant information) necessary for the processing instructed from the authentication control application 701 from the IC card 105. (Step 909). Information necessary for processing includes account information such as account number, branch number, subject, and user information such as user name, presence or absence of certificate which can verify identity such as driver's license or insurance card. At this time, the authentication control middleware 702 acquires the preprocessing data previously registered in the IC card 105 of the information which has been instructed to be acquired by the authentication control application 701, and the preprocessing data buffer 707. To be stored in. This is to reduce the number of times of access to the IC card 105 by acquiring preprocessing data at the same time as the information specified by the authentication control application 701 to improve the processing time. This data is transmitted to the authentication control middleware 702 and stored in the preprocessing data buffer 707. In this way, the CPU 501 of the ATM 501 is the main agent, and executes various programs in the authentication control software 622 to perform respective processes. In the following, this process is omitted for simplicity and authentication control. The middleware 702 will be described as a subject. Moreover, as mentioned above, these are also called control processes by a control part (means).

After obtaining the registration information from the IC card 105, the authentication control middleware 702 executes the biometric authentication mechanism unit control program 703 to perform biometric authentication processing (step 910). That is, the preprocessing data stored in the preprocessing data buffer 707 is transmitted to the biometric authentication mechanism unit 508, and the biometric authentication mechanism unit 508 is instructed to acquire the biometric information. Although this biometric authentication process was demonstrated using FIG. 8, it demonstrates in detail also in FIG. 11 mentioned later.

Next, it is checked whether or not the biometric authentication succeeds (step 911). If the biometric authentication fails here, the number of times of biometric authentication is performed is counted (step 912). If the number of times of the biometric authentication at this time is within the prescribed number of times, the preprocessed data stored and stored in the RAM 621 or the program is retransmitted to the biometric authentication mechanism unit 508, and re-authenticated to the operation unit 503 of the ATM 501. A start screen is displayed and the user is made to perform biometric authentication again (step 917). If the number of times of biometric authentication exceeds the prescribed number of times, the transaction is aborted (step 913). At this time, the preprocessed data and the like stored in the RAM 621 are deleted to increase security. In S911, when the biometric authentication succeeds, the authentication transaction end process is performed as a post-process of the biometric authentication process (step 914). This authentication transaction termination process will be described in detail with reference to FIG. 12 described later.

When the authentication transaction end processing is finished, a transaction desired by the user, that is, a transaction selected by S901, is executed (step 915). Specifically, if the transaction desired by the user is a payment transaction, the operation unit 503 receives the input of the payment amount. When the user inputs the payment amount, a message is displayed on the operation unit 503 to prompt the user to press the confirmation key to confirm whether the input amount and the amount are correct. When the confirmation key of the operation unit 503 is pressed, the server 502 communicates with the transaction data. After communication, the CPU 601 of the ATM 501 discharges the bills and coins for the required amount of money from the banknote deposit and withdrawal mechanism 506 and the coin deposit and withdrawal mechanism 507, respectively, and prints the specification table of the card / specification tag mechanism 504. The unit 604 causes the transaction data to be printed. Then, the IC card 105 is returned from the card / specification tag mechanism 504, the transaction data is printed and sent to the specification table, and the transaction ends (step 916).

If the transaction desired by the user is the balance inquiry, the server 502 communicates with the transaction data, and after the communication, the deposit or borrowing balance is displayed on the operation unit 503. After display, we guide whether user wants to end transaction or continue other transactions. When the transaction is to be terminated, the IC card 105 is returned from the card / description table mechanism unit 504, at the same time, the transaction data is printed and sent to the specification table according to the user's request, and the transaction ends (step 916). When the user wants to perform another transaction, the following processing is performed.

If a transaction requiring biometric authentication, such as the above-mentioned payment transaction, is subsequently desired after the balance inquiry, biometric authentication is performed again, and the transaction is executed only when the biometric authentication succeeds. By performing biometric authentication for each transaction, if the user confirms the deposit and borrowing balance in the balance inquiry but moves away from the ATM without receiving the IC card 105, it is conceivable to conduct a transaction by a third party. By eliminating such risks, a highly secure ATM system can be realized.

In this flow, the biometric authentication is performed after the password authentication number is input, but the reverse of this order may be performed after the biometric authentication is performed. In the case of entering the password verification number first, the user enters the password verification number immediately after inserting the card and selecting the first transaction as in a normal transaction. There is an advantage that it is easy to do it. On the other hand, if the biometric authentication is performed before the authentication by the password authentication number, if the non-owner performs the biometric authentication and the biometric authentication fails and the transaction is rejected, the transaction is terminated without entering the password authentication number. Therefore, there is no need to communicate with the server for the combination of unnecessary password authentication number, there is an advantage that the burden on the server can be reduced.

10, the authentication transaction start process in S908 of FIG. 9 is demonstrated. The authentication control middleware 702 which has received the authentication transaction start instruction from the authentication control application 701 executes the IC card control program 704 and connects with the IC card 105 (step 1001). This makes reading of data from the IC card 105 possible. However, in the case of an IC card which does not have biometric information data on the IC card 105 and does not support authentication in the IC card, for example, a desired transaction in the ATM can be achieved even by the authentication process using the above-mentioned encryption authentication number. Preferably, the IC card control program 704 is executed by ATM software other than the authentication control middleware 702 at approximately the same timing as the card insertion of S902 or the like in FIG. It is better to let the connection with the IC card 105 be completed before.

In addition, in the IC card 105 inserted into the card / specification tag mechanism 504, user-specific registration data and preprocessing data are registered in advance by the biometric information registration device 101 of FIG. The authentication program 711 for performing authentication is loaded and stored. This authentication program 711 is an application written in advance in a non-rewritable form on the IC card 105, and matches registration data pre-registered with the IC card with authentication data obtained by the ATM control unit according to a specific algorithm. , A program that performs a combination.

If the connection between the card / specification tag mechanism 504 and the IC card 105 is successful in S1001, the authentication control middleware 702 acquires the support authentication method (or support authentication information) registered in the IC card 105 ( Step 1002). The support authentication method is registered in advance in the IC card 105, and it is information which can determine in one control order which authentication process, such as authentication data or biometric feature amount, can be performed in any control order. For example, in the finger vein authentication, the in-device authentication processing to authenticate (combine) in the biometric authentication mechanism unit 508 and the IC card authentication processing to authenticate in the IC card 105 are supported, and the IC card 105 is supported. By obtaining the support authentication method from the system, two authentication methods are enabled by one authentication control program which switches the authentication control procedure.

The method of switching the order and method of authentication control using the authentication method registered in the IC card or the like and the information for determining the authentication control procedure at once, such as acquiring the support authentication method, is used for plural authentications to terminals equipped with biometric authentication devices such as ATM. Even when a device (for example, a vein authentication device such as a finger or a palm or an iris authentication device of an eye) is mounted, it is possible to cope with control of a plurality of biometric authentication devices by switching the control method of the authentication control program.

Next, it is judged whether or not the authentication method obtained in step 1002 is authentication in the IC card (step 1003), and when it is not authentication in the IC card, the IC card 105 is returned without performing transaction processing (step 916). ). On the other hand, in the case of the IC card authentication method, mutual authentication is performed between the ATM 501 and the IC card 105, and the authentication transaction start process ends (step 1004). Mutual authentication means that the authentication data creation program 709 in the biometric authentication mechanism unit 508, the authentication program 711 mounted on the IC card 105, etc. are not revised in an illegal program, or the ATM 501 and the IC. The card 105 is a process for confirming the validity of the mutual program.

The biometric authentication process of S908 of FIG. 9 will be described with reference to FIG. 11. As described with reference to Fig. 8, this biometric authentication process finally performs authentication (combination) between registration data previously recorded in the IC card 105 and newly created authentication data at the time of biometric authentication, and obtains the result of the combination. The processing related to the basis of the authentication itself is performed in the IC card 105.

In step S909 of FIG. 9, the data is received from the IC card 105. In addition, at the time of this biometric authentication, the authentication control middleware 702 stores the preprocessed data for the number of registrations stored in advance from the IC card 105. Send to The authentication control middleware 702 receives the preprocessing data stored in the IC card 105 and stores it in the preprocessing data buffer 707. Furthermore, the preprocessing data for this registered number stored in the preprocessing data buffer 707 is transmitted to the biometric authentication mechanism part 508 (step 1101). When the biometric authentication mechanism unit 508 receives the preprocessing data for the number of registrations, the biometric authentication mechanism unit 508 reads the user's biometric information as a parallel process next time.

The processing of steps 1102 to 1106 of FIG. 11 executes substantially the same processing as that of steps 405 to 408 of FIG. 4 to obtain a biometric characteristic amount. When the finger is placed in the image acquisition area of the image sensor 607, the illumination LED 608 for detecting the presence or absence of the body detects that the object (finger) is placed (step 1102), and examines whether the object (finger) is a living body. (Step 1103). If the inserted object (finger) is not a living body, biometric authentication fails (step 1104). In the case where the inserted object (finger) is a living body, the near-infrared ray is irradiated to the living body by the illumination LED 609 for obtaining the living body, the living body image (a finger vein pattern) is acquired by the image sensor 607, and the storage unit 606 (Step 1105).

Next, a biometric characteristic amount representing characteristic data is extracted from the biometric image (a finger vein pattern) (step 1106). Here, priority N is set to "1" (step 1107). Then, the authentication data creation program 709 is executed under the instruction of the authentication control middleware 702 to create authentication data of priority N (N = 1) described in FIG. 8 (step 1108). Authentication data of the created priority N (N = 1) is then transmitted to the authentication control middleware 702 and stored in the authentication data buffer 706.

The authentication control middleware 702 executes the IC card control program 704 and simultaneously transmits the authentication data of priority N (N = 1) stored in the authentication data buffer 706 to the IC card 105. The biometric authentication instruction is issued to the authentication program 711 in the IC card 105 (step 1109). On the other hand, the IC card 105 executes the authentication program 711 stored in the card, and the registration data of priority N (N = 1) registered in advance in the IC card 105 and the authentication control middleware 702 described above. The authentication data of priority N (N = 1) stored in the authentication data buffer 706 is combined to perform biometric authentication, and authentication result data of priority N (N = 1) is created.

Then, the IC card 105 transmits authentication result data of priority N (N = 1) to the authentication control middleware 702, and the authentication control middleware 702 is provided in the authentication control middleware 702 (hard). Is stored in the authentication result data buffer 705 (in RAM). As described above, in the transmission / reception control of the data between the biometric authentication mechanism unit 508 and the IC card 105 performed by the authentication control middleware 702, the biometric feature amount obtained from the biometric image (a finger vein pattern) is determined by the biometric authentication mechanism unit 508. ), And authentication data registered in the IC card 105 also does not appear outside. Therefore, since personal information can be prevented from leaking to the outside of the device, the security of the personal information is improved by protecting the confidentiality of the personal information.

The authentication control middleware 702 executes the biometric authentication mechanism part control program 703 and transmits authentication result data of priority N (N = 1) stored in the authentication result data buffer 705 to the biometric authentication mechanism part 508. (Step 1110) and an authentication result determination instruction is given to the authentication result determination program 710. Next, the biometric authentication is performed from the authentication result data of priority N (N = 1) stored in the authentication result data buffer 705 which is the result of the authentication performed in the IC card 105 by executing the authentication result determination program 710. FIG. Determine if it is a success or a failure.

Here, as an output, the biometric authentication mechanism unit 508 notifies the authentication control middleware 702 at which part of the living body the authentication succeeds when authentication succeeds. For example, if the site of biometric authentication is finger vein or fingerprint, which finger (eg right hand, middle finger, etc.) is successful, if the palm vein is the right hand or left hand, or if the iris of the eye is the right eye? The authentication control middleware 702 is notified of whether the authentication succeeded in the left eye. On the other hand, when the authentication fails, the authentication result determination program 710 determines the cause of the failure in the IC card authentication and notifies the authentication control middleware 702. As a cause, for example, the method of releasing the finger was bad, the other finger was registered, or the like was accompanied by information to the authentication control middleware 702, and based on the authentication control application ( It is preferable to display the cause on the operation unit 503 by 701, whereby a device having good operability can be provided. As described above in the example in which the biometric authentication mechanism unit 508 determines the authentication result, the authentication program 711 in the IC card or the authentication control middleware 702 in which the authentication result data has been acquired has succeeded or failed the authentication process. The form which can discriminate authentication result, such as a success part and the cause of authentication failure, may be sufficient.

Next, the authentication control middleware 702 authenticates the priority N (N = 1) as a result of matching and combining the registration data of priority N (N = 1) and the authentication data of priority N (N = 1). The result data is sent to the authentication control application 701. The authentication control application 701 determines whether the authentication result data of priority N (N = 1) is success or failure (step 1111). If the authentication result data is successful, the biometric authentication process is terminated. If the authentication result data is unsuccessful, the IC card 105 determines whether or not the biometric authentication for the number of registrations has been completed (step 1112). When the registered biometric authentication is completed, the biometric authentication process ends. If the registered biometrics have not finished, add 1 to priority N (N = 1), make priority N (N = 2) (step 1113), and proceed back to steps 1108 to 1112. Then, it is determined whether the authentication result data of the fingers of priority N (N = 2) is success or failure, and if it is a failure, it is determined whether or not the registered number of biometric authentications has ended. In this manner, steps 1108 to 1112 are repeated, and authentication continues until the number registered in the order of high priority ends. At this time, the authentication control middleware 702 preferably holds the preprocessing data acquired by the registration information acquisition process of the IC card 105 in the preprocessing data buffer 707, and performs the registration information acquisition process of the IC card 105. Since it can be omitted, authentication processing time is improved. This is similar to preprocessing data obtained from the IC card 105 even when a plurality of authentication processes are executed in order to perform a transaction requiring continuous identity verification from a balance inquiry to a visit, such as a payment transaction. By not deleting from the buffer 707, it is possible to omit the registration information acquisition process of the IC card 105 and to execute the authentication process in the continuous transaction.

Here, an example in which the priority of FIG. 13 is not changed as an example when the authentication result data succeeds in step 1111 has been described. As described in the biometric registration process, data indicating the number of successful authentications may also be added to the data in FIG. 13. At that time, when the authentication result data succeeds, the success count is counted as one count (count, account), and it is added to the authentication success count 1305 in Fig. 13, and the change processing for changing the priority is authenticated. Execution and control are performed according to the instruction of the control middleware 702. This makes it possible to construct a device and a system which are more convenient for the example in which the priority is not changed at all (when only 1301 of FIG. 13 is used). However, when the number of successful authentications is in the same state, authentication processing is performed based on priority 1301 of the first registered party.

In addition, in this embodiment, "put the right hand index.", "Authentication succeeded by the right hand index.", "Failed authentication by the right hand index." Next, please put your right hand stop. "" Please insert your finger. "" Authentication succeeded. "" Authentication failed. Please insert your finger once more. ” When the authentication control application 701 receives the result of the authentication failure, another registration finger is automatically assigned in the order of high priority, and the authentication control middleware 702 is requested again for authentication processing. If the authentication fails, the user is first notified of the authentication failure. In this way, the type of the finger used for authentication is not displayed on the screen of the operation unit 503, so if a third party who is not the owner of the card wants to know which finger is registered for criminal purposes such as forgery, etc. You can stop it.

However, the instruction including the type of finger and the authentication result may be displayed on the screen of the operation unit 503. In this way, since the user can operate while confirming which finger is registered and which finger is used for authentication, it is easy to use for the user and it is a structure which can be assured psychologically.

With reference to FIG. 12, the authentication transaction termination process shown in S914 of FIG. 9 is demonstrated.

The authentication control application 701 issues an authentication transaction termination instruction to the authentication control middleware 702 if the authentication result data is successful. The authentication control middleware 702 executes the IC card control program 704 to execute the cutting process with the IC card 105. The disconnection from the IC card 105 is a state in which the IC card 105 cannot be accessed. After cutting with the IC card 105, the biometric authentication device control program 703, based on the instruction from the authentication control middleware 702, uses the personal information used for biometric authentication, such as the biometric feature in the biometric authentication mechanism unit 508, and the information thereof. Delete all information related to the authentication created from the storage unit.

This is also a valid feature to prevent personal information leaks to the outside and improve security. After clearing the data in the biometric authentication mechanism 508, the authentication control middleware 702 stores the information stored in the authentication result data buffer 705, the authentication data buffer 706, and the preprocessing data buffer 707 which it has. Delete (except for continuous transactions) and prevent information leakage. When the authentication transaction termination process ends, the payment amount is input, communication with the server 502 is performed, and the payment transaction is terminated.

As described above, the registration processing of the biometric information using FIGS. 1 to 4 and the authentication processing of the biometric information using FIGS. 5 to 12 have been described. For example, the control of the CPU 601 and the main storage unit 602 is hardly performed. The authentication of the biometric information is executed by the control and processing of the authentication control software 622, the authentication control application 701, and the authentication control middleware 702. Therefore, as mentioned above, these can be summed up as the control and processing by a control part and a control means, and the function of each program can also be hardly achieved, such as LSI. In addition, the various programs shown in Fig. 7 are not only started and executed for the first time when they are necessary for the processing, but also the respective programs can be started at the time of ATM startup, and the necessary programs are executed in each process, so that the processing time can be shortened.

In addition, although FIG. 3 demonstrated the form which created preprocessing data from a biometric characteristic amount, and creates the registration data used at the time of authentication from the created preprocessing data and a biometric characteristic amount, about the creation of a preprocessing data You can also write it independently and have nothing to do with it. As described above, in the registration of the biometric information, the preprocessed data has the function of an encryption authentication key (or algorithm) for creating registration data, and in the case of biometric authentication, it has the function and role of an encryption authentication key for creating authentication data. have. Therefore, if the preprocessing data is created from the biometric characteristic amount, that is, the data corresponding to each user can be constructed, a highly secure data creation algorithm can be constructed. On the other hand, the preprocessing data can be created independently of the biometric characteristic amount and encrypted authentication is performed in advance. The preprocessing data itself, which serves as a key, can also be created, resulting in a simple and easy program configuration as a whole, which can reduce labor and shorten the processing time for registration and authentication.

In addition, although the preprocessing data was created in one layer from the biological feature amount, it may be made after several steps. As a result, even if a third party analyzes the preprocessing data creation process, the creation process is complicated and difficult to interpret, and the analysis takes time.

In addition, the preprocessing data, registration data, and authentication data (including authentication data created at the time of authentication failure or continuous transaction) are information created and generated from biometric features (including image patterns) such as the user's finger. From, first, second,... It can be called (bio) information. That is, these 1st, 2nd ... (biological information) can also be said to be the information which can be obtained from the biological information which is a concept containing the biological characteristic quantity.

As described above, according to the authentication method in the IC card of the present invention, information that can identify an individual registered in the IC card and biometric information (a biometric characteristic amount) acquired by the authentication device are not accepted by the terminal equipped with the authentication device. The confidentiality of personal information can be preserved, enabling secure biometric authentication.

In the registered biometric information priority addition authentication method of the present invention, the user can shorten the authentication process by adding a priority to a plurality of biometric information registered in advance and executing the authentication process in the order of high priority. .

In addition, there has been a technique for changing the priority of the biometrics, which prioritizes the biometric information so far, based on the use history that the finger used first is more likely to be used next time. However, in this change technique, five biometric information (five different fingers) are registered, and the past authentication success times differ from finger to finger (authentication success times: 0 thumbs up, 70 indexes, 15 stops, ring finger 10). When we use finger (thumbs) with a small number of past authentication success times for authentication once in time, little finger five times), we usually use at the time of authentication using finger (detection) that we usually use It was inconvenient because a combination of fingers with fewer authentication success numbers must be performed before the combination of many fingers.

The present invention therefor is also prioritized based on the number of times of authentication success, even in the same situation (number of times of authentication success: 0 times of indexes, 70 times of indexes, 15 times of middle finger, 10 times of ring finger, 5 times of pinky finger). Because it is added, before and after thumb authentication, before and after ring finger authentication, it is always the first index finger, the second stop, the third ring finger, the fourth pinkie, and the fifth thumb. In this case, the next priority is to use authentication as the index. Since the priority is 1, it is possible to perform authentication in a short time without using unnecessary finger combinations.

Claims (6)

In the cash automatic deposit payment system that deals with transactions of financial institutions, A storage unit that stores a plurality of biometric information; A biometric information acquisition unit for obtaining biometric information of the user, A biometric information combining unit for combining the biometric information acquired by the biometric information obtaining unit with the biometric information previously stored in the storage unit and obtaining a combination result; Each time the combination is performed by the biometric information combination unit, the number of successes of the combination result is counted, and the priority of the plurality of biometric information previously stored in the storage unit is changed in accordance with the number of successes of the combination. Change processing, And a control unit for controlling a combination process of combining the biometric information acquired by the biometric information acquisition unit and the biometric information previously stored in the storage unit according to the priority. In the cash automatic deposit payment system of claim 1, And an IC card having the storage unit and the biometric information combination unit. In the cash automatic deposit payment system according to claim 2, Banknote deposit and withdrawal department which performs banknote deposit and withdrawal, Display the operation contents to the user, and has an operation unit for receiving input from the user  The control unit receives a payment transaction desired by the user by the operation unit, and withdraws a bill from the bank note withdrawal unit when the result is successful in response to the combination process by the biometric information combining unit of the IC card. Cash automatic deposit payment system. In a cash automatic transaction device that automatically conducts cash transactions, Card mechanism part which reads information of chip card, A biometric authentication mechanism unit for acquiring a biometric characteristic amount of a user who uses the automatic cash transaction apparatus; Receives a plurality of preprocessing data added with priority in the IC card read by the card mechanism unit, and transmits a plurality of preprocessing data to which the received priority is added to the biometric authentication mechanism and simultaneously Receive authentication data generated by pre-processing data having high priority among the plurality of pre-processing data to which the priority is added and biometric feature amount acquired by the biometric authentication mechanism unit, and receive the received authentication data into the card mechanism unit. And a control unit which transmits to the IC card via the control unit and performs authentication processing of biometric information by the IC card. In the cash automated transaction apparatus according to claim 4, If the result of the authentication process is successful, the control unit processes a transaction desired by the user. If the result of the authentication process fails, the control unit preprocesses the next higher priority among the plurality of preprocessed data to which the priority is transmitted. Receive authentication data generated by the data and the biometric feature amount acquired by the biometric authentication mechanism portion, and transmit the authentication data to the IC card via the card mechanism portion, and perform authentication processing of the biometric information by the IC card. A cash automatic transaction apparatus, characterized in that executed. In a cash automatic transaction device that automatically conducts cash transactions, Card mechanism part which reads information of chip card, Each time the biometric authentication process is executed, a change process of calculating the number of successes of the authentication result and changing the priority of a plurality of preprocessed data previously stored in the IC card in accordance with the number of authentication successes; Receives a plurality of preprocessing data in the IC card read by the card mechanism unit, and transmits the received plurality of preprocessing data to the biometric authentication mechanism, and at the same time, the biometric feature amount and the transmission obtained by the biometric authentication mechanism Receive authentication data generated by preprocessing data according to priority among the plurality of preprocessing data, and transmit the received authentication data to the IC card via the card mechanism unit, and authenticate the biometric information with the IC card. And a control unit for executing the processing.

Images