CN114065167A - Biometric authentication system using biometric code storage medium and method thereof - Google Patents

Biometric authentication system using biometric code storage medium and method thereof Download PDF

Info

Publication number
CN114065167A
CN114065167A CN202111371946.5A CN202111371946A CN114065167A CN 114065167 A CN114065167 A CN 114065167A CN 202111371946 A CN202111371946 A CN 202111371946A CN 114065167 A CN114065167 A CN 114065167A
Authority
CN
China
Prior art keywords
biometric
code
information
user
card
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111371946.5A
Other languages
Chinese (zh)
Inventor
闫丰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhou Zhiguan Technology Co ltd
Original Assignee
Shenzhou Zhiguan Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhou Zhiguan Technology Co ltd filed Critical Shenzhou Zhiguan Technology Co ltd
Publication of CN114065167A publication Critical patent/CN114065167A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • G06F21/35User authentication involving the use of external additional devices, e.g. dongles or smart cards communicating wirelessly
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K19/00Record carriers for use with machines and with at least a part designed to carry digital markings
    • G06K19/06Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
    • G06K19/067Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components
    • G06K19/07Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components with integrated circuit chips
    • G06K19/0723Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components with integrated circuit chips the record carrier comprising an arrangement for non-contact communication, e.g. wireless communication circuits on transponder cards, non-contact smart cards or RFIDs
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06VIMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
    • G06V40/00Recognition of biometric, human-related or animal-related patterns in image or video data
    • G06V40/10Human or animal bodies, e.g. vehicle occupants or pedestrians; Body parts, e.g. hands
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06VIMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
    • G06V40/00Recognition of biometric, human-related or animal-related patterns in image or video data
    • G06V40/10Human or animal bodies, e.g. vehicle occupants or pedestrians; Body parts, e.g. hands
    • G06V40/12Fingerprints or palmprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06VIMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
    • G06V40/00Recognition of biometric, human-related or animal-related patterns in image or video data
    • G06V40/10Human or animal bodies, e.g. vehicle occupants or pedestrians; Body parts, e.g. hands
    • G06V40/16Human faces, e.g. facial parts, sketches or expressions
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06VIMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
    • G06V40/00Recognition of biometric, human-related or animal-related patterns in image or video data
    • G06V40/10Human or animal bodies, e.g. vehicle occupants or pedestrians; Body parts, e.g. hands
    • G06V40/18Eye characteristics, e.g. of the iris

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Multimedia (AREA)
  • Human Computer Interaction (AREA)
  • Bioethics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Ophthalmology & Optometry (AREA)
  • Oral & Maxillofacial Surgery (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Medical Informatics (AREA)
  • Databases & Information Systems (AREA)
  • Collating Specific Patterns (AREA)

Abstract

An embodiment of the present invention provides a biometric authentication system using a biometric code storage medium, which enhances security and effectively authenticates biometric information. The biological information is not stored in the biological authentication system but is safely processed, so that the problem of biological information leakage is solved, and the biological authentication time can be effectively shortened by using intelligent equipment such as a smart phone, a wearable device and a tablet personal computer.

Description

Biometric authentication system using biometric code storage medium and method thereof
Technical Field
The present invention relates to a biometric authentication system using a biometric code storage medium, and more particularly, to a system and method thereof, which registers biometric information of a user in advance on a card and a device, and compares the biometric information of the user recognized by a sensor with the registered biometric information, thereby controlling to allow only an authenticated user to come in and go out.
Background
Recently, due to security problems, enterprises, offices, apartments, and the like are equipped with an access control system for allowing only authenticated persons to access.
In such a place, the user must be authenticated by an entrance/exit control system such as an RFID card reader/writer provided at an entrance/exit door to allow entrance/exit. In other words, the following is utilized: the RF card is brought into contact with the RF card reader/writer so as to allow access only to a user holding a previously registered RFID card, the RF card being provided so as to be able to allow access.
The user who can come in and go out is easily managed with the control of cominging in and going out of RFID card, but when RFID card was stolen and lost, because open the breach safely and there is weak link in the user authentication aspect that allows true cominging in and going out.
In addition, an entry and exit control system using biometric information of a user such as an iris, a face, a fingerprint, and a palm vein may be used. The biological information authentication mode completes the security weak link of the RFID card, so that the RFID card can be used in places where security is more strictly managed. The biometric information registers in advance information of a specific part of the individual's body such as the user's fingerprint, iris, palm vein, and face in the system, and if the specific biometric information sensed from the user is the same as the information registered in advance in the access control system, access can be permitted. However, since biometric information is information unique to an individual, there is a high risk of malicious use during intrusion, and a system for registering and storing biometric information needs to ensure absolute security.
As one of the prior arts, a method is disclosed which utilizes a fingerprint template T and an RFID tag corresponding to a fingerprint of an authenticated user.
Fig. 1 is a block diagram illustrating a portable access device using RFID and biometric information according to the related art.
Referring to fig. 1, the related art portable device compares a pre-stored fingerprint template T with biometric information input by a fingerprint sensor S, and thus an authentication signal is generated by an authentication device 10. If the biometric information is authenticated, an authentication signal is transmitted to the RFID tag 20, so that the switch of the RFID tag 20 is turned on, thereby driving the RFID tag.
If the driven user is a real holder having a portable device provided with a fingerprint template storage device for driving the RFID tag and a sensor, user authentication is performed using the RFID tag.
In other words, the RFID tag 20 may be operated when the fingerprint template storing the authentication signal and the sensed fingerprint appear to be in agreement. The RFID tags 20 that are operational are detected by the reader 30.
According to such a conventional technique, there is an advantage in that even if the RFID tag is lost or stolen, some misuse can be prevented, but user authentication can be achieved by using an expensive large-sized device including a storage device, a sensor, and a processor.
Further, since the conventional technology passes through the access control system after the user authentication is finally performed only using the RFID tag, there is a problem in that the access control system is finally intruded when only the RFID tag is activated at the time of theft.
In addition, even in the case where a storage device storing a fingerprint template of an individual is hacked, a serious problem may occur in which important biometric information of a user is stolen together.
Also, the biometric information requires two-step authentication to be performed, and the RFID tag authentication is performed after the fingerprint authentication, so that the necessary user authentication may take a considerable time until the entrance and exit are allowed.
Prior art documents
Patent document
Patent document 0001 (patent document 001) prior document 1: publication No. 2006-7026192-portable access device for biometric authentication
Disclosure of Invention
The present invention has been made to solve the above-described problems, and an object of the present invention is to provide a biometric authentication system that performs security processing without storing a plurality of pieces of biometric information, thereby preventing leakage of the biometric information.
Further, there is provided a biometric authentication system which encrypts biometric information so that after being stored in an RFID card, a smart device, or the like, the biometric authentication system decrypts the encrypted biometric information in a code form to judge whether authentication is performed or not, thereby being capable of solving the problems of forgery and alteration.
In addition, a biometric authentication system is provided, which uses smart devices such as smart phones, wearable devices, and notebook computers, thereby effectively shortening the time required for authentication.
Further, a biometric authentication system is provided which cannot be stolen or invaded even if an authentication device such as an RFID card, a smartphone, or the like is lost or stolen.
The technical problem to be achieved by the present invention is not limited to the above-mentioned technical problem, and other technical problems not mentioned are clearly understood by those having ordinary knowledge in the technical field to which the present invention pertains from the following description.
In order to achieve the technical problem, a biometric authentication system using a biometric code storage medium according to one embodiment of the present invention includes: a biological information receiving part which receives at least one piece of biological information of the user from the biological information recognition sensor; a biological information processing unit that processes the biological information received from the biological information receiving unit into a first biological code; a biometric encryption code receiving unit that receives a biometric encryption code stored in an RFID card or a smart device of the user; a decryption unit that decrypts the biometric encrypted code into a second biometric code; and a biometric code comparison unit that compares the first biometric code and the second biometric code, thereby performing authentication.
The biological encryption code can encode and encrypt biological information of the user from a biological code issuing system, so that the biological encryption code is issued and stored in the RFID card or the intelligent device.
Further, the biometric code issuing system may include a personal security processing section that discards biometric information of the user after issuing the biometric encryption code.
Further, the biometric information recognition sensor uses an optical device, thereby enabling non-contact recognition of at least one of a fingerprint, a palm vein, a face, and an iris.
In addition, the biometric authentication system may further include a wireless communication interface that is wirelessly connected to the RFID card or the smart device, thereby receiving card/device information and a biometric encryption code.
Wherein if the smart device comes within a certain range, the wireless communication interface requests the biometric encryption code and is capable of receiving the biometric encryption code in response to the request.
The wireless communication interface may include: a reception intensity comparing unit that compares reception intensities at the time of receiving the biometric encryption codes from the smart devices of the plurality of users; a comparison priority determining section that determines a comparison priority based on the reception intensity.
Wherein the decryption section is capable of decrypting the biometric encryption code using the card/device information.
Further, the decryption section may be capable of decrypting the biometric encryption code using an encryption key provided by the biometric code distribution system.
A biometric code issuing method according to an embodiment of the present invention for realizing biometric authentication using a biometric code storage medium may include the steps of: receiving at least one biometric information of a user; generating a first biometric code corresponding to the received biometric information for storage in the biometric code storage medium; and encrypting the first biometric code to be output as a biometric encrypted code and stored in a storage medium of the RFID card or the smart device.
Wherein, still include the following step: receiving card/device information of the RFID card or smart device, the second bio-code being capable of being generated further using the received card/device information.
In addition, the method can also comprise the following steps: after storing the biometric encryption code, the biometric information is deleted and discarded.
An access control method according to an embodiment of the present invention may include the steps of: receiving biometric information of a user who wants to enter and exit using a biometric information recognition sensor; processing the received biometric information to generate a first biometric code; receiving a biometric encryption code stored on the RFID card or the smart device; decrypting the biometric encryption code, thereby extracting a second biometric code; and comparing the first biological code with the second biological code, thereby executing authentication and further executing permission and refusal of access.
Wherein the biometric information recognition sensor uses an optical device so that at least one of a fingerprint, a palm vein, a face, and an iris can be recognized in a non-contact manner.
In addition, in the biometric encryption code receiving step, if the smart device comes within a certain range, the biometric encryption code is requested, and the biometric encryption code responding to the request can be received.
In addition, the method can also comprise the following steps: card/device information is received from the RFID card or smart device, and in the decrypting step, the biometric encryption code is decrypted using the card/device information.
According to the embodiment of the present invention, since the biometric information is encrypted and stored in the authentication device such as the RFID card or the smart device, rather than the access control system, the biometric information can be prevented from being leaked.
In addition, after the biometric information is encrypted and registered by authentication equipment such as an RFID card and a smart phone, the biometric information is compared with the biometric information received by the identification sensor in a code form in the biometric authentication system, so that the biometric authentication system is not easy to forge and change, and the reliability of the biometric authentication system can be improved.
In addition, if the user enters a certain range while holding a smart device such as a smartphone, a tablet computer, or a wearable device, since the biometric information can be automatically transmitted to the biometric authentication system, the access authentication time can be shortened.
Further, the biometric sensor can recognize the biometric information in a non-contact manner, and thus can overcome sanitary problems compared to a contact recognition method.
It is to be understood that the effects of the present invention are not limited to the above-described effects, and include all the effects that can be inferred from the configurations of the invention described in the description of the present invention or the claims.
Drawings
Fig. 1 is a block diagram illustrating a portable access device using RFID and biometric information according to the related art.
Fig. 2 is a schematic diagram of a biometric authentication system according to an embodiment of the present invention.
Fig. 3 is a block diagram showing a bio-code distribution system according to an embodiment of the present invention.
Fig. 4 is a block diagram showing a biometric code authentication system according to an embodiment of the present invention.
Fig. 5 is an exemplary diagram illustrating a method of recognizing multiple biometric information using a smart device according to an embodiment of the present invention.
Fig. 6 is an exemplary view illustrating a method of recognizing multiple biometric information using a smart device according to another embodiment of the present invention.
Fig. 7 is a flowchart showing a method of registering biometric information in a card/device according to an embodiment of the present invention.
Fig. 8 is a flow diagram illustrating a method for regulating access using a biometric code, in accordance with one embodiment of the present invention.
100: biological code issuing system
200: biometric code authentication system
300: identifier
Detailed Description
The present invention will be described below with reference to the accompanying drawings. However, the present invention can be realized in various forms, and is not limited to the embodiments described herein. In the drawings, portions that are not related to the description are omitted for the sake of clarity, and like reference numerals are given to like portions throughout the specification.
Throughout the specification, when a portion is referred to as being "connected (connected, contacted, or combined)" to another portion, it includes not only a case of being "directly connected" but also a case of being "indirectly connected" to another portion with another member interposed therebetween. In addition, when a component is referred to as "including" a certain component, unless otherwise specified, it does not mean that other components are excluded, but means that other components may be included.
The terminology used in the description is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. The singular expressions include the plural expressions unless the context clearly dictates otherwise. In the present specification, terms such as "including" or "having" should be understood to mean that the existence of a feature, a number, a step, an operation, a constituent element, a component, or a combination thereof described in the specification is intended to be specified, but does not preclude the possibility that one or more other features and numbers, steps, operations, constituent elements, components, or a combination thereof exist or are appended thereto.
Hereinafter, embodiments of the present invention will be described in detail with reference to the accompanying drawings.
Fig. 2 is a schematic diagram of a biometric authentication system according to an embodiment of the present invention.
Referring to fig. 2, the present invention includes a biometric code issuing system 100, a biometric code authentication system 200, and a recognizer 300.
First, the biometric code distribution system 100 can convert the multiple biometric information B of the user a into a biometric code and output a biometric information encryption code that encrypts it. The multiple biometric information B may include information of a fingerprint, a palm vein, an iris, a face, and the like, and two or more types of biometric information may be used.
The multiple biometric information B may be captured in a graphic form and may be converted into a feature point, a pattern (pattern), a template form, and thus data representing the inherent biometric features of the user. The converted data is encoded in a form that can be stored in a storage medium, and is referred to as a bio-code.
The biometric code issued by the biometric code issuing system 100 may have a preset key value and be encrypted. The encrypted key may utilize an identifier of the storage medium or device, or may also utilize a user-assigned identifier.
Further, the biometric code may be encrypted with an encryption key generated by the biometric code distribution system 100. At this time, the biometric code issuing system 100 can provide the decryption key to the biometric code authentication system 200 through the secure channel.
The encrypted multiple biometric information B is stored in the form of a biometric information encryption code in the smart device C or the RFID card D. The smart device C may include various forms of smart devices such as a wearable device, a tablet computer, and a notebook computer.
After the distribution of the biometric code, the multiple biometric information B may be deleted and discarded without being stored in the biometric code distribution system 100. This makes it possible to effectively protect the multiple biometric information B and the personal information such as whether the multiple biometric information B is registered.
When the user a requests permission of entry, the biometric information encryption code stored in the smart device C or the RFID card D is supplied to the biometric code authentication system 200. The user A enables the RFID card D to be connected with the reader-writer, or utilizes a wireless link which can be accessed by intelligent equipment C such as WiFi, Bluetooth, UWB and the like to provide a biological information encryption code.
Thereafter, the biometric code authentication system 200 may sense multiple biometric information B in order to perform user authentication.
The biometric code authentication system 200 encodes the biometric information if sensing multiple biometric information B of the user a who requests an entrance and an exit. Thereafter, the encrypted multiple biometric information B stored in the smart device C or the RFID card D is compared with a code encoded from the sensed biometric information after being decrypted. When the comparison value is above the threshold value, the biometric code authentication system 200 allows the user a to enter and exit.
Alternatively, the biometric code authentication system 200 may compare the encrypted multiple biometric information B stored in the smart device C or the RFID card D with the sensed biometric information after decoding and restoring the same.
With the above configuration, since the biometric information of the plurality of users is not stored in the biometric code distribution system 100 or the biometric code authentication system 200, the risk of intrusion can be eliminated.
Moreover, the smart device C or the RFID card D cannot be used alone, and therefore, even if the smart device C or the RFID card D is stolen, the security of the access control system does not become a problem.
Further, the information stored in the smart device C or the RFID card D is encoded and encrypted, and thus restoration or intrusion of the biometric information cannot be achieved even if it is lost or stolen.
Fig. 3 is a block diagram showing a bio-code distribution system according to an embodiment of the present invention.
The biometric code distribution system 100 includes: a biometric information receiving unit 110, a card information receiving unit 111, a device information receiving unit 112, a template generating unit 120, a code generating unit 121, a code synthesizing unit 122, an encryption processing unit 130, a biometric information encryption code output unit 140, and a personal security processing unit 141.
The biological information receiving part 110 can receive the biological information of the user. As an example, in order for the user to obtain access permission, a part corresponding to the multiple biometric information may be provided by a non-contact method. At this time, the biometric information of the user may include information of a fingerprint, a palm vein, an iris, a face, and the like, and two or more types of biometric information may be used. The biological information receiving unit 110 may receive biological information identified from at least one or more pieces of biological information.
The card information receiving section 111 receives card information from an RFID card registered in advance by a user. The card information may include an RFID card with a number or the like affixed thereto. The card information can be received from the RFID card in a non-contact manner by the card information receiving portion 111.
The device information receiving unit 112 can receive device information of a smart device such as a smartphone or a wearable device, which contains biometric information registered in advance by a user. The device information may include at least one of a device inherent number, a user account, and a MAC address. The device information can be received from the device information receiving unit 111.
At this time, since the RFID card and the smart device can be selectively used, the card information receiving unit 111 and the device information receiving unit 112 can selectively receive information.
For example, when the user uses only the RFID card, the card information receiving unit 111 can receive the card information from the RFID card. Further, when the user uses only the smart device, the device information receiving unit 112 can receive the device information of the smart device. In addition, all information of the RFID card and the smart device may be received.
The template generating section 120 can generate a template of the biological information received from the biological information receiving section 110. Instead of generating all the pieces of biological information with the template, biological information corresponding to feature points of biological information set in advance can be generated with the template. In other words, the received biometric information is simplified and can be generated as a template.
The code generating part 121 may convert into a code capable of storing a simplified template of biological information in a storage medium. The code generated by the code generation unit 121 includes any code that can be electromagnetically stored.
The code combining unit 122 can combine the card information received from the card information receiving unit 111 and the code generated by the code generating unit 121. Further, the device information received from the device information receiving unit 112 and the code generated by the code generating unit 121 may be combined. This enables the generation of multiple biometric codes of the user into which the card or device information is inserted.
The encryption processing unit 130 can perform encryption processing on the code synthesized by the code synthesizing unit 122. The code is personal information because it contains biometric information. Thus, encryption processing is performed to prevent a person other than the user from being able to perform artificial alteration, forgery, or theft when the user is stolen or lost. The encryption key may use an identifier of the storage medium or device, or may also use an identifier given by the user. Further, the biometric code may be encrypted with an encryption key generated by the biometric code distribution system 100. At this time, the biometric code issuing system 100 can provide the decryption key to the biometric code authentication system 200 through the secure channel.
The biometric information encrypted code output unit 140 outputs the code encrypted by the encryption processing unit 130 as a biometric information encrypted code. The biometric information encryption code, which is encrypted biometric information, may be transmitted to and stored in various devices such as an RFID card, a smart phone, and a wearable device.
The personal security processing unit 141 may not store and discard multiple pieces of biometric information for personal information security after transmitting the biometric information encryption code. Thus, since personal information is not leaked, safety can be secured to the maximum.
Fig. 4 is a block diagram showing a biometric code authentication system according to an embodiment of the present invention.
The biometric code authentication system 200 includes a biometric information receiving unit 210, a biometric information processing unit 211, a biometric encrypted code receiving unit 220, a decryption unit 221, a biometric code collating unit 222, a card/device information receiving unit 230, and a biometric information authentication unit 240.
First, the biometric information receiving unit 210 can receive biometric information of the user for authentication. The biological information may include information of a fingerprint, a palm vein, an iris, a face, and the like, and two or more kinds may be used.
The biological information processing unit 211 can process the received biological information. For example, the received biological information may be an image modality. At this time, the biological information processing unit 211 processes the received biological information image or a part thereof in the form of a template or other data. In other words, the received biometric information can be simplified.
In addition, the generated template can be converted into code. As will be described later, the biometric information of the user identified for authentication and the biometric information registered in advance in the device can be compared in the form of a code.
When the user uses the RFID, the biometric encryption code receiving unit 220 can receive biometric information of the user stored in advance in the RFID card. The biometric information stored on the user of the RFID card may be an encrypted code. The user can selectively use the RFID and the smart device. In the case of using the smart device, the biometric encryption code can be received through the RFID module or the NFC module built in the smart device.
The decryption unit 221 is capable of decrypting biometric information of the encrypted user, i.e., a biometric encryption code. The biometric information of the user received for authentication is in the form of an encrypted code. Thus, the encrypted biometric information of the user is decrypted so as to be compared with the biometric information of the user received by the biometric information receiving unit 210.
The biometric code collating unit 222 collates the biometric code processed in the biometric information received by the biometric information receiving unit 210 with the biometric code of the user who realizes the storage in the card/device for the purpose of authentication.
In addition, the card/device information receiving section 230 receives RFID card information when the user uses an RFID card. In addition, in the case where the user uses the smart device, it is possible to receive information of the smart device and the biometric encryption code stored in the smart device through the wireless link. Among other things, the card/device information can be used in identifying the RFDI card or smart device, and can also be used as information necessary in decrypting the encrypted biometric code.
The biometric information authentication unit 240 can determine whether or not the user is authenticated using the user biometric information. The biometric information authentication unit 240 can determine that the user is authenticated if the biometric code received by the biometric code comparison unit 222 for authentication matches the biometric code stored in the card/device to a threshold value or more. Further, if the biometric codes do not match, it is possible to judge that the user and the external person are not authenticated. This enables the entrance and exit to be controlled based on the authentication of the user determined by the biometric information authentication unit 240.
In addition, the identifier 300 includes a biometric information recognition sensor 310, a biometric encryption code reader/writer 320, and a wireless communication interface 330.
First, the biometric information recognition sensor 310 recognizes biometric information of the user for acquiring authentication. The biometric information may include information of a fingerprint, a palm vein, an iris, a face, and the like, and two or more types of biometric information may be utilized. Thus, the biometric information recognition sensor 310 may include at least one of a fingerprint recognition sensor, a palm vein recognition sensor, an iris recognition sensor, and a facial recognition sensor. The biological information recognized by the biological information recognition sensor 310 can be transmitted to the biological information receiving part 210. The biometric information recognition sensor 310 may be implemented as a non-contact type sensor using an optical device.
The biometric encryption code reader/writer 320 can read the biometric encryption code registered to the RFID card. The biometric encryption code recognized by the biometric encryption code reader/writer 320 can be transmitted to the biometric encryption code receiving section 220.
Further, the RFID card information stored in the RFID card can be transmitted to the card/device information receiving portion 230.
The wireless communication interface 330 enables smart devices such as smart phones, wearable devices, and notebook computers to be wirelessly connected to the identifier 300. The wireless communication interface 330 can transmit the identification information of the smart device and the encrypted biometric information code stored in the smart device to the card/device information receiving part 230. The transmitted encrypted biometric information code can be converted into an unencrypted code in the decryption unit 221, and can be compared with the biometric information in the biometric code comparison unit 222.
An embodiment utilizing wireless communication interface 330 is described in more detail with reference to fig. 5.
Fig. 5 is an exemplary diagram illustrating a method of recognizing multiple biometric information using a smart device according to an embodiment of the present invention.
Referring to fig. 5, as an example, a user a can move while holding a smart device C. The smart device C stores therein various biometric information B of the user a in the form of an encrypted code.
In case that the user a enters the coverage of the wireless communication interface 330, the smart device C responds to the request of the wireless communication interface 330, thereby being able to transmit the biometric code.
For example, if the smart phone C comes within a certain range of a wireless protocol such as Wi-Fi, bluetooth, UWB, etc., the wireless communication interface 330 identifies the identifier of the smart device C and requests a biometric encryption code. If the smart device C does not have a biometric code, the corresponding request is ignored, and if the smart device C has a biometric code, the biometric code is transmitted according to the corresponding wireless protocol, either automatically or upon user approval.
With the smart device C, the multiple biometric information B of the user can be transmitted to the identifier 300 only when the user comes within a certain range, and thus the time to input the stored biometric encryption code of the user may be shortened. For example, the user may transmit a biometric code stored in advance in the recognizer 300 and may perform a biometric authentication on multiple biometric information B such as a face, a fingerprint, an iris, and a palm vein in the biometric information recognition sensor 310.
Thus, the user can use a more enhanced security service by using a program that actually performs only biometric authentication.
Fig. 6 is an exemplary view illustrating a method of recognizing multiple biometric information using a smart device according to another embodiment of the present invention.
Compared with the embodiment shown in fig. 5, in the embodiment shown in fig. 6, a plurality of users a1, a2, A3 can respectively hold smart devices C1, C2, C3 into the coverage range. At this time, the wireless communication interface 330 may receive the biometric encryption codes corresponding to the multiple biometrics information of the plurality of users. Finally, the user's biometric encryption code is not 1:1, but 1: n performing multiple alignments.
1: the N multiple comparisons are set according to the priority order of the comparison, so that the processing speeds are different. In the embodiment shown in fig. 6, a method for implementing 1: and N, processing the structure by multiple comparison.
The reception intensity comparing unit 331 measures and stores the reception intensity information when receiving the biometric code, and can compare the reception intensities. The received Strength of the Signal can be easily obtained by an identifier such as a Received Signal Strength Indicator (RSSI), and any wireless protocol that identifies the Strength, distance, and approach direction of the Signal can be used.
If the reception intensity is known, the comparison priority determination unit 333 compares the biometric encryption codes that have not been compared in order from the biometric encryption code having the highest reception intensity. Therefore, since the multiple biometric information can be compared from the user a1 closest to the wireless communication interface 330, the speed of matching with the own biometric code can be increased.
Since such measurement of the reception intensity can be performed periodically, the positions of the users a1, a2, and A3 can be grasped almost in real time, and the delay is minimized when the users a1, a2, and A3 are arranged side by side, so that the authentication and identification of an individual can be performed.
Fig. 7 is a flowchart showing a method of registering biometric information in a card/device according to an embodiment of the present invention.
In step S110, the biometric code distribution system can receive biometric information of the user. The biometric information may include fingerprints, palm veins, iris, face, etc. In addition, at least one or more pieces of biological information can be received, and at least two types of biological information can be received to improve the access security.
The biometric information of the user can be recognized by at least one of a fingerprint recognition sensor, a palm vein recognition sensor, an iris recognition sensor, and a face recognition sensor.
In step S120, card/device information can be received from the RFID card or smart device. The information of the card/device may include a unique number of the card or device, an identifier, a user account number, and the like. The received card/device information may identify the RFID card or smart device or be used as part of an encryption/decryption key.
In step S130, a code corresponding to the received biometric information is generated. Instead of generating all the information of the received biological information in the form of a code, information corresponding to the feature points or templates of the biological information can be generated only in the form of a code. In other words, the biological information can be generated in a code form so as to be simplified and stored in a storage medium.
In step S140, the card/device information code can be synthesized with the code of the received biometric information of the user. The biometric information of the user corresponding to the card/device information code is synthesized so that a code capable of storing the biometric information of the user can be generated at the corresponding card/device. Further, the code generated for personal information security may be encrypted.
The encrypted code is not easy to forge, change and steal, so that the security can be improved. Thus, even in the case where the card/device is stolen or lost, the biological information can be effectively protected.
In step S150, the encrypted biometric information code is output as a biometric encryption code and can be stored in the card/device. The encrypted biometric information code can be stored in a storage medium of at least one device designated by the user, such as an RFID card, a smart phone, or a wearable device.
In step S160, the biometric code issuing system may not store and delete the biometric information after the biometric encrypted code is stored in the storage medium. Thus, the biometric information is stored only in the card/device held by the user, and thus the personal information is not leaked. The personal information security processing can effectively protect the user from registering or not, and the personal information such as multiple biological information.
Fig. 8 is a flow diagram illustrating a method for regulating access using a biometric code, in accordance with one embodiment of the present invention.
In step S210, the biometric code authentication system can receive information of the card/device. For example, a user can identify a card/device in a contactless manner in an identifier in order to obtain access permission. The user can selectively use intelligent equipment such as an RFID card, a smart phone, a wearable computer, a notebook computer and the like as a storage medium for storing the biological code.
The biometric code authentication system receives RFID card information in the case where the user uses the FID card, and can receive information of the smart device in the case where the smart device is used.
At this time, in the case where the user uses the smart device, if the user enters a certain range of the wireless protocol, the biometric code request can be displayed on the smart device. The user can transmit the biometric encryption code in response to a request displayed on the display screen. Further, a biometric encryption code may be provided so as to be able to automatically transmit information. Thus, if the user enters a certain range, the biometric information can be transmitted from the smart device, and thus the authentication time can be shortened.
In step S211, the biometric code authentication system can receive a biometric encryption code. The biometric encryption code includes biometric information stored on the RFID card and the user of the smart device. The biometric information is stored in encrypted form in the RFID card and smart device for personal information security. In the case where the user uses the RFID card, the RFID card can receive the user's biometric encryption code stored in the RFID card from the reader.
In the case of using a smart device, the biometric encryption code can be received wirelessly through a wireless communication interface.
In step S212, the encrypted biometric information can be decrypted.
In step S213, the decrypted biometric information code is extracted. The RFID card and the smart device can be registered with multiple biometric information. Only a biometric information code necessary for acquiring authentication can be extracted from the plurality of pieces of biometric information. Alternatively, when the card/device information is included in the decrypted data, only the biometric code related to the biometric information can be extracted.
In addition, in step S220, biometric information of the user is recognized using the recognizer. For the identification of the biological information, a fingerprint recognition sensor, a palm vein recognition sensor, an iris recognition sensor, a face recognition sensor, or the like may be used.
In step S221, the identified biometric information can be compared and processed. The biological information is usually acquired in the form of an image, but it is not necessary to use all image data as the biological information, and therefore the biological information can be processed so that only the feature point information can be used.
In step S222, a code of processed biometric information can be generated. The processed biometric information can be converted into a code of the same form for comparison with the biometric code stored on the card/device.
In step S230, the biometric code of the user acquired by the recognizer is compared with the biometric code of the storage medium stored and extracted from the card/device.
In step S240, if the two compared biometric information codes are identical, it is determined that authentication is obtained, and if they are not identical, it is determined that authentication is not obtained.
If it is determined in step S250 that the authentication is obtained, the user can be permitted to enter and exit, and if it is determined in step S250 that the authentication is not obtained, the user can be denied to enter and exit.
According to the foregoing embodiment, even if the card/device is lost, even if the picked-up outside person tries to come in and go out, since the biometric information identification is not authenticated, the coming in and go out can be rejected.
Further, since the biometric information stored in the picked-up card/device is stored in the form of a biometric encryption code, it cannot be hacked or restored.
Further, since the biological information is not stored in the central system, security is ensured and the risk of intrusion is prevented.
In addition, in the case where a higher level of security is required, it is also possible to further increase the degree of security using a plurality of pieces of biological information.
The foregoing description of the present invention is for illustrative purposes, and it is to be understood that variations may be made in other specific forms by those skilled in the art without departing from the spirit or essential characteristics of the present invention. Accordingly, the embodiments described above are to be understood as not being comprehensive examples and not restrictive. For example, each component described in a single form may be implemented in a distributed manner, and similarly, components described in a distributed manner may be implemented in a combined manner.
It should be understood that the scope of the present invention is defined by the claims to be described later, and all modifications or variations derived from the meaning, scope, and equivalent concept of the claims are included in the scope of the present invention.

Claims (15)

1. A biometric authentication system that utilizes a biometric code storage medium, comprising:
a biological information receiving part which receives at least one piece of biological information of the user from the biological information recognition sensor;
a biological information processing unit that processes the biological information received from the biological information receiving unit into a first biological code;
a biometric encryption code receiving unit that receives a biometric encryption code stored in an RFID card or a smart device of the user;
a decryption unit that decrypts the biometric encrypted code into a second biometric code; and
a biometric code comparison section that compares the first biometric code and the second biometric code to perform authentication,
the biological encryption code encodes and encrypts the biological information of the user from a biological code issuing system, so as to issue and store the biological information in the RFID card or the intelligent device.
2. The biometric authentication system according to claim 1,
the biometric code distribution system includes a personal security processing unit that discards biometric information of the user after distributing the biometric encryption code.
3. The biometric authentication system according to claim 1,
the biometric sensor uses an optical device to recognize at least one of a fingerprint, a palm vein, a face, and an iris in a non-contact manner.
4. The biometric authentication system according to claim 1,
the RFID card/equipment information and the biological encryption code are received by the RFID card or the intelligent equipment through the wireless communication interface.
5. The biometric authentication system according to claim 4,
the wireless communication interface requests the biometric encryption code if the smart device comes within a certain range and receives the biometric encryption code in response to the request.
6. The biometric authentication system according to claim 5,
the wireless communication interface includes: a reception intensity comparing unit that compares reception intensities at the time of receiving the biometric encryption codes from the smart devices of the plurality of users;
a comparison priority determining section that determines a comparison priority based on the reception intensity.
7. The biometric authentication system according to claim 4,
the decryption unit decrypts the biometric encryption code using the card/device information.
8. The biometric authentication system according to claim 1,
the decryption unit decrypts the biometric encrypted code using an encryption key provided by the biometric code distribution system.
9. A biometric code issuing method for realizing biometric authentication using a biometric code storage medium, characterized by comprising the steps of:
receiving at least one biometric information of a user;
generating a first biometric code corresponding to the received biometric information for storage in the biometric code storage medium; and
the first biometric code is encrypted to be output as a biometric encrypted code and stored in a storage medium of an RFID card or smart device.
10. The bio-code issuing method according to claim 9,
also comprises the following steps: receiving card/device information of the RFID card or smart device,
the second biometric code is further generated using the received card/device information.
11. The bio-code issuing method according to claim 9,
also comprises the following steps: after storing the biometric encryption code, the biometric information is deleted and discarded.
12. An access control method using biometrics authentication using a biometrics code storage medium, comprising the steps of:
receiving biometric information of a user who wants to enter and exit using a biometric information recognition sensor;
processing the received biometric information to generate a first biometric code;
receiving a biometric encryption code stored on the RFID card or the smart device;
decrypting the biometric encryption code, thereby extracting a second biometric code; and
and comparing the first biological code with the second biological code so as to execute authentication and further execute access allowance and refusal.
13. The access control method of claim 12,
the biometric sensor uses an optical device to recognize at least one of a fingerprint, a palm vein, a face, and an iris in a non-contact manner.
14. The access control method of claim 12,
in the biometric encryption code receiving step, if the smart device enters a certain range, the biometric encryption code is requested, and the biometric encryption code responding to the request is received.
15. The access control method of claim 12,
also comprises the following steps: receiving card/device information from the RFID card or smart device,
in the decryption step, the biometric encryption code is decrypted by using the card/device information.
CN202111371946.5A 2021-01-22 2021-11-18 Biometric authentication system using biometric code storage medium and method thereof Pending CN114065167A (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR10-2021-0009165 2021-01-22
KR1020210009165A KR20220106339A (en) 2021-01-22 2021-01-22 Biometrics authentification system using bio-code storage medium and method of the same

Publications (1)

Publication Number Publication Date
CN114065167A true CN114065167A (en) 2022-02-18

Family

ID=80278287

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111371946.5A Pending CN114065167A (en) 2021-01-22 2021-11-18 Biometric authentication system using biometric code storage medium and method thereof

Country Status (2)

Country Link
KR (1) KR20220106339A (en)
CN (1) CN114065167A (en)

Also Published As

Publication number Publication date
KR20220106339A (en) 2022-07-29

Similar Documents

Publication Publication Date Title
US11397800B2 (en) Biometric identification device and methods of use
US11012438B2 (en) Biometric device pairing
RU2718226C2 (en) Biometric data safe handling systems and methods
JP6188938B2 (en) Security card for performing fingerprint authentication, security card processing system using the same, and processing method therefor
US20120032781A1 (en) Remote personal authentication system and method using biometrics
US20110154485A1 (en) Authentication apparatus using human body communication, portable device having authentication function using human body communication, and authentication method using human body communication
CN103699995A (en) Payment authentication method based on fingerprints and finger veins
EP2590101B1 (en) Authentication using stored biometric data
US20190028470A1 (en) Method For Verifying The Identity Of A Person
EP3285221A1 (en) Card payment processing system using biometric information and processing method thereof
CN104462926A (en) Intelligent card identity recognition method and system
KR102010764B1 (en) Computer security system and method using authentication function in smart phone
CN114065167A (en) Biometric authentication system using biometric code storage medium and method thereof
JP2002074365A (en) Identity authentication system
KR101885733B1 (en) Biometric authentication apparatus and user authentication method using biometric authentication apparatus
KR20120014533A (en) System and method for user verification using biometrics at a distance
JP2003085150A (en) Individual authenticating system, individual authenticating method, portable information terminal, portable authenticating medium, authenticating device and storage medium
KR20210103094A (en) User authentication system and method for authenticating access to an industrial control system
CN109005158B (en) Authentication method of dynamic gesture authentication system based on fuzzy safe
KR102165105B1 (en) Method for Providing Appointed Service by using Biometric Information
WO2022237550A1 (en) Access control authentication method, apparatus and system for preventing privacy leak
US20220027922A1 (en) Method, Apparatuses and System for Authorizing a Third Party
KR20040037449A (en) A Mobile Fingerprint Key And A Verification System using thereof
KR102138659B1 (en) Smart credit card and settlement system to recognize fingerprints
KR101693271B1 (en) Method for Providing Appointed Service by using Biometric Information

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination