JP2000235630A - Method for authenticating authentication information, medium for authentication information input and authenticating device for authentication information - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide an authenticating method which prevents all authentication information from being stolen by an illegal device even when a medium on which all information necessary to authentication is recorded is inserted into a device and authentication is performed. SOLUTION: A member ID and a password are printed in a blank and white code string on a card 1 being a medium for authentication in respectively different reading areas, and a photosensor of a card reader 2 into which it is inserted scans the code and reads it. In such a case, information recorded in a code area where the member ID is recorded and in a code area where the password is recorded are differently and independently read according to the insertion position of the card. Meanwhile, the reader 2 displays the image of a person in charge proper to a user by using preliminarily stored confidential information and a one-way function to let the user confirm that the device can be trusted when the member ID is previously inputted and then successively reads the password and performs prescribed authentication from the read password and the member ID previously read.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

[0001] 1. Field of the Invention [0002] The present invention relates to an authentication information authentication method, an authentication information input medium, and an authentication information authentication apparatus for reading authentication information recorded on a medium and authenticating the authentication information.

[0002]

2. Description of the Related Art Conventionally, a combination of an identification ID and a password is often used to input personal authentication information into an apparatus for authentication.

[0003] For example, in a bank card,
The identification information magnetically recorded on the cash card is input to the cash dispenser, and a password is input from an input device such as a touch panel of the cash dispenser, and the card is authenticated when both are correct.

However, for a strict use such as cash handling, a method in which a password is stored by a person independently of a card should be adopted. In some cases, the number of types of information has increased, so that one person cannot completely remember the password.

[0005] In view of this, an authentication method such that an identification number and a password, such as an identification number and a password, are recorded on the card, and the owner of the card can obtain the authentication only by presenting the card. Are also widely adopted.

[0006] In a credit card system in which payment can be made only with a credit card, authentication is performed based on such a concept.

[0007]

When a credit card is authenticated, the credit card is handed over to a store clerk. At this time, since the store itself is trusted, it is unlikely that the clerk uses the credit card number of the handed out credit card illegally.

[0008] However, the story is different when the system for handling authentication information becomes more generalized and many devices with unattended authentication become widespread in towns.

[0009] When a user performs authentication by attaching a card in which authentication information is described to an authentication device for authentication information of a device with authentication, it is very worried whether the device is a legitimate device.

[0010] For example, if an unauthorized process generally called a "Trojan horse" is designed in the device, after the authentication information is stolen from the inserted card, for example, a message indicating that the device is out of service time is displayed. To return the card to the user.

[0011] The user leaves the place without any particular distrust of thinking that the service is out of service hours, but the authentication information already recorded on the card possessed by the user is illegally robbed. They do not notice that there is.

[0012] As described above, a method of performing authentication by an authentication device using information obtained by recording all authentication information sufficient for authentication on a single medium such as a card is an unauthorized method in which a so-called “Trojan horse” is installed. However, there is a problem that security for such devices is low, which hinders the spread of these authentication methods themselves.

[0013]

According to a first aspect of the present invention, there is provided an authentication information authentication method for reading authentication information recorded on a medium and authenticating the authentication information. The first authentication information, which is part of the authentication information, is read from the medium mounted on the authentication information reading device in a mounting mode in which only some of the authentication information of the authentication information can be read, and the first read information is read. It can be generated only by a legitimate device based on authentication information, and guides and displays information for confirmation that the user can confirm the accuracy, and can read the remaining authentication information of the authentication information recorded on the medium Reading the second authentication information, which is the remaining information of the authentication information, from the medium mounted on the authentication information reading device in an appropriate mounting mode, and performing authentication based on the first authentication information and the second authentication information. It is characterized by.

According to a second aspect of the present invention, there is provided the authentication information authentication method according to the first aspect.
The information for confirmation is derived based on the first authentication information, secret information recorded only in an authorized device, and a result calculated using a predetermined one-way function.

According to a third aspect of the present invention, there is provided the authentication information authentication method according to the first or second aspect, wherein the information for confirmation includes a person or a character. It is characterized by being presented with the name and shape of the.

According to a fourth aspect of the present invention, there is provided a medium for inputting authentication information, in which information necessary for authentication is recorded and the authentication information is input to an authentication device. When mounting, a first mounting mode such that only a part of the recorded authentication information can be read,
It is characterized in that a mounting mode different from the second mounting mode in which at least the remaining authentication information can be read can be selectively mounted.

Further, the authentication information input medium according to claim 5 is the authentication information input medium according to claim 4,
A code for recording authentication information is recorded on the medium, and the device used for the authentication is configured to read this code by a detection sensor, and further, the code is used in the first mounting mode. A first code recording area read by the detection sensor; and a second code reading area read by the detection sensor in the second mounting mode.
Are recorded separately in a different area from the code recording area.

Further, the authentication information input medium according to claim 6 is the authentication information input medium according to claim 5,
The code recorded on the medium is scanned and read by moving the medium with respect to the detection sensor, and the first code recording area and the second code recording area are moved in this scanning direction. It is characterized by being set separately in a direction perpendicular to the direction.

According to a seventh aspect of the present invention, in the authentication information authentication apparatus for reading authentication information recorded on a medium and authenticating the authentication information, a part of the authentication information recorded on the medium is provided. First authentication information reading means for reading first authentication information, which is a part of the authentication information, from a medium mounted in a mounting mode capable of reading only the authentication information of the first authentication information; A confirmation information generating means for generating information for confirmation that can be generated only by an authorized device and that allows the user to confirm the accuracy, a display means for displaying information for confirmation, and a recording medium recorded on a medium. Second authentication information reading means for reading second authentication information, which is the remaining information of the authentication information, from a medium mounted on the device in a mounting mode capable of reading the remaining authentication information of the obtained authentication information; And a witness information and the second authentication information from an authentication means for performing authentication.

An authentication information authentication device according to an eighth aspect of the present invention further includes, in addition to the authentication information authentication device according to the seventh aspect, secret information storage means for storing secret information. The information is derived based on a result calculated using the first authentication information, the secret information, and a predetermined one-way function.

According to a ninth aspect of the present invention, there is provided the authentication information authentication apparatus according to any one of the seventh and eighth aspects, wherein the information for confirmation includes a person or a character. It is characterized by being presented with the name and shape of the.

According to a tenth aspect of the present invention, in the authentication information authenticating apparatus according to any one of the seventh to ninth aspects, the authentication information recorded on the medium is recorded. The first authentication information reading means reads the first authentication information from the medium mounted in the first mounting mode by the detection sensor, and reads the second authentication information. The reading means reads the second authentication information from the medium mounted in the second mounting mode by the detection sensor.

In the authentication information authentication apparatus according to the present invention, the detection sensor may be moved in a predetermined direction after the medium is mounted. Accordingly, the code recorded on the medium is scanned and read.

[0024]

BRIEF DESCRIPTION OF THE DRAWINGS FIG. 1 is a block diagram showing a preferred embodiment of the present invention.

In the present embodiment, the member authentication card 1 sent by mail or the like to a person who has registered as a member through a predetermined authentication procedure in writing is attached to a predetermined authentication device, and the member authentication card 1 is used. The present invention is applied to a member authentication system for authenticating an owner.

FIG. 1 is a diagram showing the entire system.
In this system, each user has a membership authentication card issued in advance to a plurality of users (A, B, C), and the user can read his / her own membership authentication card 1 into the card reading device 2 as necessary. The personal computer 3 reads the authentication information, and authenticates the authentication information by an authentication program executed by the personal computer 3 as described later.

FIG. 2 shows a member authentication card 1 possessed by a member.
It is a diagram showing the surface of the, in addition to a predetermined display indicating that it is a member authentication card for the convenience of the user,
The name and image of the person in charge are displayed as information for confirmation, which will be described later.

As shown in FIGS. 3 and 4, on the back of the member authentication card 1, a member ID represented by a 10-digit number is provided in the lower half area A, and a 10-digit number is provided in the upper half area B. Are displayed by printing, each of which is represented by a black-and-white code.

FIG. 3 is a diagram when the card is arranged so that the area A of the code in which the member ID is described is viewed in the lower half to explain the code representing the member ID, and FIG. 4 shows the password. As you can see in the bottom half of the area B of the code with the password to explain the code,
FIG. 4 is a diagram when the display is arranged upside down from the direction shown in FIG. 3.

In the figure, black-and-white codes arranged in a line vertically represent one character number in one line. Specifically, each digit number is a 4-bit binary code of 0 to 15 bits.
Can be expressed.

In the embodiment, the bit printed black is regarded as 1, and the bit printed white without printing is regarded as 0, and corresponds to the digits of 8, 4, 2, 1 from the top. .
The narrow code 12 at the bottom is a synchronization code for generating a timing signal for reading each character.

According to the above expression method, the member ID shown in FIG. 3 is "287654194" from the right, which is the scanning direction.
5 "can be read. Similarly, the password shown in FIG. 4 can be “98264453758”.

Next, the card reading device 2 shown in FIG.
7 will be described with reference to FIG.

FIG. 5 is an exploded perspective view showing the structure of the card reader 2, and FIG. 6 is a partial cross-section viewed from the front when the member authentication card 1 is attached to the card reader 2 with the member ID read. FIG. 7 is a center sectional view of FIG.

As shown in FIG. 5, the card reading device 2 includes five reflection-type photosensors 21 and one push switch 22, which are operated by a personal computer 3.
A sensor board 23 on which electronic components necessary for outputting data are mounted is fixed inside a case 24, and is connected to a parallel port 31 of the personal computer 3 via a cable 25.

The case 24 includes a reflection type photo sensor 21.
There are formed five detection holes 24a through which the light-emitting / light-receiving portions are inserted, so that the reading operation is not affected by the light emitted from the adjacent element.

A case plate 24 having a suitable thickness is provided so that a flat stainless steel front plate 26 is spaced from the case 24 by about 1 mm at a position covering the detection hole 24a of the case 24 via a guide plate 27 having an appropriate thickness. Mounted in parallel to A gap t of approximately 1 mm between the front plate 26 and the case 24 is a gap through which the member authentication card 1 passes, and is a relationship between the thickness of the member authentication card 1 and the mounting position of the reflective photosensor 21 on the case 24. It is needless to say that the predetermined interval is set.

The upper end surface of the guide plate 27 guides the lower part of the member authentication card 1 passing through the gap t. A white sheet is provided on the surface of the front plate 26 facing the case 24 so that the detection light is reflected by the reflection type photosensor 21 and the detection is always on (white code detection state). Affixed or painted white. However, if the stainless steel plate of the front plate 26 is mirror-finished, the same effect can be obtained, so that a white sheet or painting is unnecessary.

When the member authentication card 1 is mounted on the card reading device 2, the member is inserted into the gap t with the code printing surface of the member authentication card 1 on the case side (the description surface is on the front side). Pass the authentication card 1 and use arrow C in the figure.
Move in the direction. Then, the five reflective photosensors 21 detect the code pattern of the member authentication card 1 and
The result is output to the personal computer 3.

Here, since the area of the code printed on the back of the member authentication card 1 is described separately in the area A and the area B, it is necessary to pass the member authentication card 1 through the card reading device 2 once. It is understood that the information recorded in both areas cannot be read by the operation of.

That is, as shown in the figure, the member authentication card 1 is only mounted to a height slightly less than half of the card,
When the card is attached and moved so as to read the code of the member ID described in the area A of the member authentication card 1, the area B is out of the card reading device 2 and accordingly, The password code cannot be read by the reflective photosensor 21. Conversely, when reading the password code recorded in the area B of the member authentication card 1, the member ID cannot be read at the same time.

Next, a member authentication program executed on the personal computer 3 will be described with reference to FIGS.
First, FIG. 8 is a diagram showing data used in the member authentication program executed on the personal computer 3.

In the figure, SECRET1 is secret information used when authenticating a member ID and a password. SECRET2 is confidential information used when requesting a correspondence between a member ID and a person-in-charge number for designating information for confirming the member ID.

The ID is a storage area for temporarily storing the member ID read from the member authentication card 1.
ASSWORD is a storage area for temporarily storing the password read from the member authentication card 1 in the same manner.
The CONFIRM is a storage area for storing a result of the authentication.

Also, TANTOU0 to TANTOU15
Is a storage area for storing data relating to a person to be displayed on the screen in accordance with a person-in-charge number (derived from 0 to 15) determined by a program described later, and preferably indicates the name of the person in charge. It is composed of data and image data indicating a face photograph.

Next, the operation of the member authentication program executed by the personal computer 3 will be described with reference to the flowchart of FIG.

First, after the member authentication program is started in S1, the state of the push switch 22 of the card reader 2 is read in S2, and the loop from S2 to S3 is repeated until it is determined in S3 that the push switch 22 is pressed. When pressed, the process proceeds to S4.

In S4, the display screen of the personal computer 3 displays
A message as shown in FIG. 10 is displayed.

In S5, the reflection type photo sensor 21 for detecting the read timing of the card reader 2 is used.
(Hereinafter, the reflection type photosensor 21 for detecting the read timing is referred to as a T sensor.) The loop is repeated until the output becomes “ON” (black code is detected).

The user looks at the message displayed in S 4, takes out the member authentication card 1 owned by the user, first holds the card in a state where the code of the member ID is read, and holds the card in the space t of the card reading device 2. Is attached and moved horizontally.

At this time, the code of the member ID recorded in the area A is read by the reflection type photosensor 21 of the card reader 2 according to the movement, while the code of the password recorded in the area B is read by the card reader 2. The user can easily imagine that the code is not read by the device because the code is exposed to the outside of the gap t, so that the member authentication card 1 can be securely attached to the card reading device 2 for the time being. .

Then, the black code for timing synchronization subsequently reaches the detection area of the T sensor, is detected in the loop of S5, and the process proceeds to S6.

In S6, the output signals of the other four reflection-type photosensors 21 are immediately input and decoded as 4-bit numbers. In the case of the embodiment, as shown in FIG. 3, the value “2” is input corresponding to the first character of the member ID.

In the following S7, the output of the T sensor is "OF"
F ”and loops until“ OFF ”.
Proceed to 8.

In S8, it is determined whether the number of input characters has reached 10, and if not, the flow returns to S5. Thus member ID
The loop from S5 to S8 is repeated until a character string of 10 characters “2876541945” is input.

When the tenth character data is input, it is determined in S8, and the process proceeds to S9. In S9, the input ten character member ID is once recorded in the ID.

Subsequently, in S10, the ID and the SECRE
A string obtained by concatenating T2 as a character string is input to a one-way conversion function to obtain 16 remainders of the conversion result obtained. Specifically, it is desirable to use the MD5 function as the one-way conversion function because the inverse conversion is difficult.

Subsequently, in S11, the obtained remainder (0 to 1)
5), the corresponding TA
The data of NTOUn (n is 0 to 15) is read out, and a message is presented to the user together with the display of the person in charge as shown in FIG.

At the time of the user's membership registration procedure, a person in charge or the like is determined in advance based on the issued member ID and the person's number obtained by performing the same operation as the above processing from the above SECRET2. It is assumed that the name and photo of the user have been given to the user. Preferably, the name and photograph of the person in charge may be printed on the surface of the member authentication card 1.

Then, looking at the person in charge displayed in S11,
The user can easily determine that it is the familiar person presented at the time of member registration or the familiar person described on the member authentication card 1.

Here, since SECRET2 is required to obtain the correspondence between the member ID and the person in charge, even if an unauthorized device attempts to deceive the user with an unauthorized program called “Trojan horse”, At this stage, it is not possible for the user to present the correct person on the screen, so the user is suspicious of it and does not proceed with the subsequent password input operation, so the unauthorized device cannot obtain the password. Attempts end in failure.

On the other hand, in the case of a proper device, S11 is always used.
, The display of the correct person in charge can be presented, so that the user can read the password with confidence.

The processing of the following program loops in S12 until the output of the T sensor becomes "ON".

Here, the user changes the membership authentication card 1 owned by the user to a posture in which the password code is read, in this embodiment, the card is rotated 180 degrees up and down in the embodiment, and the card is read by the card reading device 2. Reattach and move.

Then, when the rectangular pattern P1 shown in FIG. 4 reaches the detection area of the T sensor, it is detected in the loop of S12, and the process proceeds to S13.

In S13, the output signals of the other four reflection-type photosensors 21 are immediately input, decoded as 4-bit numbers, and decoded so as to correspond to the numbers 0 to 9. In the case of the embodiment, as shown in FIG.
A value "9" is input corresponding to the first character of the password.

In the following S14, the output of the T sensor becomes "OF".
F ”and loops until“ OFF ”.
Proceed to 15.

In S15, it is determined whether or not the number of input characters has reached 10, and if not, the process proceeds to S12, and from S12 to S15 until a character string of "982643758" representing a password is input.
Loop is repeated.

When data of the tenth character is input, S1
5 and the process proceeds to S16. In S16, the entered 10-character password is temporarily set to PASSWORD.
Will be recorded.

Subsequently, in S17, the ID and the SECRE
A conversion result obtained by inputting a concatenation of T1 as a character string into a one-way conversion function is first calculated, and then a lower ten digit character string in which the conversion result is expressed in a decimal number is obtained. Subsequently, in S18, it is determined whether or not the character string matches the read password information recorded in PASSWORD. If the character string matches, "ON" is recorded in CONFIRM in S19. CO at S20
Record “OFF” in NFIRM. Thus, the process ends.

At the time of the user's membership registration procedure, the member ID card 1 is printed on the back of the member authentication card 1 based on the issued member ID and the password obtained by performing the same operation as the above processing from the above SECRET1. Since the password and the corresponding code are printed, they match here only if the user uses the regular member authentication card 1.

Further, even if the user tries to create the member authentication card 1 fraudulently, the member ID other than the regular member who has obtained the member authentication card 1 as a result of the member registration based on the separately defined procedure will correspond to the member ID. It is impossible to know the password to do unless you know SECRET1,
Unauthorized creation of the member authentication card 1 can be prevented.

As a result of the execution of the member authentication procedure, whether or not the authentication is performed is recorded in the CONFIRM. Therefore, if the above-described program is used as a predetermined subroutine, a system that provides various services that can be used only for the authenticated member is provided. Available.

In the present embodiment, an example in which the present invention is applied to the member authentication system has been described. However, the present invention is not limited to this embodiment, and an arbitrary account may be used to improve user convenience. The present invention can be similarly applied to an apparatus in which a medium in which authentication information issued in advance is recorded is mounted on an input device, the information is read, and authentication is performed based on the information.

In particular, in the embodiment, a black-and-white pattern is printed on the surface of a card such as paper or plastic so that the storage medium for authentication information and the authentication information authentication device can be manufactured at low cost. However, the present invention is not limited to this, and is limited to the area of the information that can be read from the medium based on the medium on which the authentication information is recorded and the mounting mode of the reading device that mounts the medium. Is clearly provided, the user can mount the medium on the device while selecting the information area on the medium to be read by the device, and it is obvious that the effects of the present invention can be obtained.

Therefore, when the medium is a magnetic tape and the reading device is a device for reading magnetic information recorded on the magnetic tape, the medium is provided with a surface shape such as a notch or an emboss, and the reading device has the shape. Or a method in which characters or codes are printed on a medium and the reading device reads the information with an image sensor such as a CCD and extracts information by image processing.

In addition, as long as it does not deviate from the object of the present invention, for example, information such as a member ID and a password can be used for authentication such as a member ID and a password on two cards which are clearly used in pairs. Even if it is described separately, it is more convenient to describe all the information required for authentication on one card as in the embodiment of the present invention, and it is essential that the accident such as loss of the card is small. Although the present invention is slightly retreated, if the method is based on the premise that the user clearly uses the two cards in a pair based on the concept of "member authentication", the present invention can be applied in the same manner. The effect can be expected.

[0078]

As described in detail above, claim 1 of the present invention
According to the authentication information authentication method described in (1), as is clear from the embodiment, the authentication is performed by mounting a medium such as the member authentication card 1 on which the authentication information valid for the first time is recorded in the authentication device. Even in this case, instead of reading the entire authentication information into the device, once the medium is loaded into the device and read only with a part of the authentication information being input, only the authorized device can read the information based on the part of the authentication information. The user can generate the information for confirmation that can be generated and present it to the user on the display device, so the user can confirm that the device is a legitimate authentication device before reading the remaining authentication information into the device. This has the effect that if the device is an unauthorized device, the information for confirmation is not presented, so it can be determined not to continue the next step, and the remaining authentication information can be read into the device. Because it can interrupt the operation before, full authentication information can be obtained confidence that not deprived of any unauthorized device, there is an effect that in turn can contribute to the spread of this type of authentication method.

In particular, according to the authentication information authentication method according to the second aspect, in the authentication information authentication method according to the first aspect, a part of the input authentication information and a secret recorded only in an authorized device are used. The display device presents the user with information for confirmation derived based on the result derived using the predetermined one-way function using the information. The information for the correct confirmation can be derived by the calculation by the correspondence of the member I. In the embodiment, the member I
There is no need to record the person-in-charge number for each D, so that it is possible to save the storage means and to update the storage contents of the apparatus.

According to the authentication information authentication method of the third aspect, in the authentication information authentication method of the first or second aspect, the information for confirmation is presented by a person or a character. Therefore, there is an effect that information for confirmation unique to the user can be easily stored.

Further, if the authentication is performed by using the authentication information input medium according to the fourth aspect of the present invention, a part of the recorded authentication information is used when the device is mounted on an apparatus used for the authentication. Only the first mounting mode in which only the readable information can be read and the second mounting mode in which at least the remaining authentication information can be read can be selectively mounted. Even if an unauthorized device steals the recorded authentication information to the attached arrowhead, if the confirmation can be performed between the first mounting mode and the second mounting mode, it is the same in both mounting modes. Since the medium is not mounted on an unauthorized device, there is an effect that it is possible to prevent all the authentication information from being robbed.

The authentication information input medium according to a fifth aspect of the present invention is the authentication information input medium according to the fourth aspect, wherein a code for recording authentication information is recorded, and The device used is configured to read this code with a detection sensor.
Since the first code recording area read by the detection sensor in the first mounting mode and the second code recording area read by the detection sensor in the second mounting mode are recorded separately. This has the effect that the authentication information is not read from the medium at once even if the user wears it by mistake.

According to a sixth aspect of the present invention, in the authentication information input medium according to the fifth aspect, the code recorded on the medium is obtained by moving the medium with respect to the detection sensor. Scanned and read, the first code recording area and the second code recording area are characterized by being set separately in a direction perpendicular to this scanning direction, the medium By moving the sensor with respect to the sensor, it is possible to reduce the number of sensors to read a large amount of data, and the code recording area for recording authentication information that you do not want to read all at once is perpendicular to the operation direction. Because it is set apart, even if you move a lot of media by mistake in scanning, the authentication information that you do not want to be read is read by mistake Les is there is an effect that does not.

According to a seventh aspect of the present invention, in the authentication information authenticating apparatus, the first authentication information reading means can read only a part of the authentication information recorded on the medium. The first authentication information, which is a part of the authentication information, is read from the medium mounted in step (1), and the confirmation information generating means can be generated and used only by a proper device based on the read first authentication information. Guides the information for confirmation by which the user can confirm the accuracy, displays the information for confirmation by the display means, and reads the remaining authentication information of the authentication information recorded on the medium by the second authentication information reading means. The second authentication information, which is the remaining information of the authentication information, is read from the medium mounted on the device in a mounting mode in which the information can be read, and the authentication unit reads the second authentication information from the first authentication information and the second authentication information. Authenticate, so use Can check that the device is a legitimate authentication device before loading the rest of the authentication information into the device, so that even if it is an unauthorized device, there is no effect that all the authentication information is deprived. .

The authentication information authentication device according to claim 8 of the present invention further includes a secret information storage unit for storing secret information, in addition to the authentication information authentication device according to claim 7.
The information for confirmation is characterized in that it is derived based on a result calculated using the first authentication information, the secret information, and a predetermined one-way function. As a result, information for correct confirmation can be derived by calculation in a one-to-one correspondence, so that the storage means can be saved and there is no need to update the storage contents of the apparatus.

According to a ninth aspect of the present invention, in the authentication information authenticating apparatus according to any one of the seventh and eighth aspects, the information for confirmation is a person. It is characterized in that it is presented in the form of names and shapes of characters and characters, so that it is easy to memorize information for confirmation unique to oneself.

According to a tenth aspect of the present invention, there is provided the authentication information authentication apparatus according to any one of the seventh to ninth aspects, wherein the authentication information recorded on the medium is provided. The first authentication information reading means reads the first authentication information from the medium mounted in the first mounting mode by the detection sensor, and reads the second authentication information. Is characterized in that the authentication information reading means reads the second authentication information from the medium mounted in the second mounting mode by the detection sensor. Can be input in accordance with the above, and there is an effect that the detection sensor is common and the cost can be reduced.

The authentication information authentication device according to claim 11 of the present invention is the authentication information authentication device according to claim 10, wherein the detection sensor is configured to move in a predetermined direction after the medium is mounted. It is characterized in that it is configured to scan and read the code recorded on the medium as it is performed, so that a plurality of codes can be read in a time-resolved manner over the scanning direction, There is an effect that a large number of information can be read by a small number of detection sensors.

[Brief description of the drawings]

FIG. 1 is a diagram showing an entire member authentication system according to an embodiment of the present invention.

FIG. 2 is a diagram showing a front surface of the member authentication card 1.

FIG. 3 is a diagram in which cards are arranged so that an area A in which a member ID is described by a code is viewed downward.

FIG. 4 is a diagram in which a card is arranged so that an area B in which a password is described in a code is viewed downward.

FIG. 5 is an exploded perspective view of the card reading device 2.

FIG. 6 is a partial front sectional view showing a state where the member authentication card 1 is attached to the card reading device 2;

FIG. 7 is a central sectional view of the card reading device 2.

FIG. 8 is a diagram showing data used in a member authentication program.

FIG. 9 is a flowchart of a member authentication program.

FIG. 10 is a diagram showing a message on a display screen.

FIG. 11 is a diagram showing a person in charge of a display screen and a message.

[Explanation of symbols]

 DESCRIPTION OF SYMBOLS 1 Member authentication card 2 Card reading device 3 Personal computer 10 Person in charge 11 Person in charge image 21 Reflective photo sensor 22 Push switch 23 Sensor board 24 Case 24a Detection hole 26 Front plate 27 Guide plate

──────────────────────────────────────────────────続 き Continued on the front page (51) Int.Cl. ⁷ Identification symbol FI Theme coat ゛ (Reference) G06F 15/30 340

Claims (11)

[Claims] 1. An authentication information authentication method for reading authentication information recorded on a medium and authenticating the authentication information, wherein the authentication information is mounted in such a manner that only a part of the authentication information recorded on the medium can be read. The first authentication information, which is a part of the authentication information, is read from the medium mounted on the reading device, and can be generated only by an authorized device based on the read first authentication information, and the user can obtain the correct information. The information for confirmation that can confirm the authenticity is guided and displayed, and the remaining authentication information of the authentication information recorded on the medium is read from the medium mounted on the authentication information reading device in a mounting mode capable of reading the remaining authentication information. A method for authenticating authentication information, comprising reading second authentication information as information, and performing authentication based on the first authentication information and the second authentication information. 2. The information for confirmation is derived based on the first authentication information, secret information recorded only in an authorized device, and a result calculated using a predetermined one-way function. 2. The authentication information authentication method according to claim 1, wherein: 3. The authentication information authentication method according to claim 1, wherein the information for confirmation is presented in a name or a shape of a person or a character. 4. A medium for recording information necessary for authentication and for inputting the authentication information to an authentication device. When the medium is mounted on a device used for authentication, the recorded authentication information is An authentication characterized in that a first mounting mode in which only a part can be read and a second mounting mode in which at least the remaining authentication information can be read can be selectively mounted. Information input medium. 5. A code for recording authentication information is recorded on the medium, and an apparatus used for the authentication is configured to read this code by a detection sensor, and further, the code is used for the first code. The first code recording area read by the detection sensor in the mounting mode of the first embodiment and the second code recording area read by the detection sensor in the second mounting mode are recorded separately. The authentication information input medium according to claim 4, wherein 6. The code recorded on the medium is scanned and read by moving the medium with respect to the detection sensor, and the first code recording area and the second code recording area are 6. The authentication information input medium according to claim 5, wherein the authentication information input medium is set separately in a direction perpendicular to the scanning direction. 7. An authentication information authentication device for reading authentication information recorded on a medium and authenticating the authentication information, wherein the authentication device is mounted in a mounting mode in which only some of the authentication information recorded on the medium can be read. Authentication information reading means for reading the first authentication information, which is a part of the authentication information, from the read medium, and the user can generate the authentication information only with an authorized device based on the read first authentication information, and Confirmation information generating means for guiding information for confirmation by which the accuracy can be confirmed, display means for displaying information for confirmation, and mounting capable of reading the remaining authentication information of the authentication information recorded on the medium A second authentication information reading unit that reads second authentication information, which is the remaining information of the authentication information, from a medium mounted on the device in an aspect, and performs authentication from the first authentication information and the second authentication information. Recognition An authentication information authentication apparatus, comprising: authentication means. 8. A secret information storage means for storing secret information, wherein the information for confirmation is based on a result calculated using the first authentication information, the secret information and a predetermined one-way function. 8. The authentication information authentication device according to claim 7, wherein the authentication information is guided. 9. The authentication information authentication device according to claim 7, wherein the information for confirmation is presented in the form of a name or shape of a person or a character. 10. A detection sensor for reading a code for recording authentication information recorded on the medium, wherein the first authentication information reading means reads the code from the medium mounted in the first mounting mode. The first authentication information is read by a detection sensor, and the second authentication information reading means reads the second authentication information from the medium mounted in the second mounting mode by the detection sensor. The authentication information authentication device according to any one of claims 7 to 9. 11. The apparatus according to claim 1, wherein the detection sensor is configured to scan and read a code recorded on the medium as the medium is mounted and moved in a predetermined direction. The authentication information authentication device according to claim 10.