JP2002269054A - Identifying device - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide an identifying device which is low-cost and has high reliability. SOLUTION: First and second user portable devices 10a and 20b provided to user portable equipments 40a and 50a that a user can carry and a user device 30a provided to a user device (card and portable telephone set) 60a that the use uses are used. One piece of information (original information) is divided on the whole to obtain 1st information (1), 2nd information (2), and 3rd information (3). The user portable device 10a holds the 1st information (1), the user portable device 20a holds the 2nd information (2), and the user device 30a holds the 3rd information (3). The user device 30a combines received information and the 3rd information (3) that the device itself has together by algorithm for processing. When the original information can be generated by combining the received information and the 3rd information (3) together, it is confirmed that the user is the original user of the user device 60a and the user is allowed to use the user device 60a.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

[0001] 1. Field of the Invention [0002] The present invention relates to an identification device for confirming that a user using a user device is an original user of the user device (identity). In particular, the present invention relates to an identification device that can be suitably used for a system that requires authentication.

[0002]

2. Description of the Related Art When a user uses a service provided by a service company, the service company performs authentication in order to confirm that the user who intends to use the service is himself. As the authentication method, for example, a method using a personal identification number, a method using a signature, a method using a seal, a method using an ID code (a small communication device that transmits or transmits an ID code to a user device in a non-contact manner), and the like are used. I have. The method using a personal identification number is used, for example, when withdrawing cash from a bank account using a cash card. When a user withdraws cash, the bank ATM
Insert a cash card into the card slot of the (cash machine) and enter your PIN. The ATM transmits card information (for example, ID) read from the cash card and a password input by the user to the authentication center. The authentication center, based on the password input to the ATM and the read card information, and a database containing the correspondence between the card information and the password stored in the storage means,
Perform authentication. The method using a signature is used, for example, when paying for a product using a credit card. When a user pays by credit card,
Sign the product purchase slip. The product seller performs authentication by comparing the signature on the product purchase slip with the signature on the credit card. The method using a seal is used, for example, when withdrawing cash from a bank account using a bankbook. When a user withdraws cash from a bank account using a bankbook, the user stamps a cash withdrawal sheet using a seal. The bank performs authentication by comparing the seal stamped on the cash withdrawal sheet with a previously registered seal. A method using an ID code is, for example,
This is used to prevent unauthorized use of user equipment used by the user. In this method, the same ID code is stored in a tag (a card member with a transmission / reception function) carried by the user and a user device (for example, a mobile phone) used by the user. The tag can be used by connecting to a user device, but is often used as a wireless tag. The user device compares the ID code transmitted from the tag with the ID code stored therein, and releases the use restriction of the user device if the ID code matches (outputs a use permission signal).
I do. As another authentication method for confirming the identity of a user, a method using biometric information unique to each person (voiceprint, fingerprint, palmprint, retinal pattern, face image, or the like) is known. In this authentication method, biometric information of a user is read by a biometric information reading device, and authentication is performed by comparing the read biometric information with pre-registered biometric information. Since this authentication method uses biometric information unique to each person, authentication accuracy is high.

[0003]

The conventional method of verifying the identity of a person using a personal identification number, a signature, a seal, or an ID code is performed by a person using a cash card, a person using a credit card, or a person using a bankbook. Even when the person carrying the tag storing the ID code is not the original user, the tag may be authenticated as a correct user. For example, user equipment (eg, cash card)
If information theft or information leakage such as theft of a personal information, a seal, a personal identification number, a signature, an ID code, etc. occurs, the user equipment is illegally used. Conventional personal identification methods for performing personal identification using biological information include a biological information reading device (for example, an imaging unit) and a biological information processing device (for example, an image processing device,
Since a large-capacity storage device or the like is required, the cost of the entire system increases. In addition, when a finger is damaged or suffers from eye disease, a fingerprint or a retinal pattern changes, and authentication accuracy may be reduced. In addition, when a retinal pattern is used, it is necessary to bring the eye to a measurement position, which is troublesome. In addition, when a fingerprint is used, it is necessary to bring the finger into contact with the fingerprint reader, so that a person who likes cleanliness has a psychological discomfort. Therefore, an object of the present invention is to provide a low-cost and highly reliable personal identification device.

[0004]

According to a first aspect of the present invention, there is provided an identity verification apparatus as set forth in claim 1. In the personal identification device according to the first aspect, the original information is divided into at least first to third information,
The information is stored in a first user portable device carried by the user, the second information is stored in a second user portable device carried by the user, and the third information is stored in a user device provided in a user device used by the user. The user device confirms the identity of the user when the received information can be combined with the information held by the user device to form the original information. If the personal identification device according to claim 1 is used, it can be configured at a lower cost than when using biometric information,
Even if your PIN or card is stolen, you don't have to worry about unauthorized use.
In addition, since the first and second user portable devices and the user device store the first to third information obtained by dividing the original information (not the same information), even if the user device is stolen, the unauthorized use of the device is not possible. Don't worry. Thus, the reliability is higher than when a password, a signature, a seal, an ID code, or the like is used.
According to a second aspect of the present invention, there is provided an identity verification device as described in claim 2. If the personal identification device according to claim 2 is used, the first and second user portable devices transmit the first information and the second information at predetermined time intervals, so that the user device is an identity or not. Can always be checked. According to a third aspect of the present invention, there is provided an identity verification device as described in claim 3. In the personal identification device according to the third aspect, the user device transmits an information transmission request signal to the first and second user portable devices, for example, when it is necessary to perform personal identification, and The first information and the second information are received from a user portable device. Thereby, the first
In addition, the power consumption of the second user portable device can be reduced. According to a fourth aspect of the present invention, there is provided an identity verification device as described in claim 4. In the personal identification device according to claim 4, the user device detects the third information stored in the user device when the unauthorized reading of the third information is detected.
A reading prohibiting unit for prohibiting reading of information is provided. Thereby, the third information can be prevented from being illegally read, and the reliability is further improved. A fifth invention of the present invention is an identity verification device as described in claim 5. In the personal identification device according to the fifth aspect, the read prohibition unit destroys the third storage unit. Therefore, with a simple configuration, it is possible to prevent the third information stored in the user device from being illegally read. A sixth invention of the present invention is an identity verification device as described in claim 6. With the use of the personal identification device according to the sixth aspect, the user device can be used only when the personal identification means confirms that the user is the principal, thereby improving reliability.

[0005]

Embodiments of the present invention will be described below with reference to the drawings. FIG. 1 is a schematic diagram of a first embodiment of an identity verification method according to the present invention. FIG.
FIG. 1 shows a diagram in which an authentication system is configured using the identity verification method of the present invention. For example, when the user 1 makes a decision using a debit card 60a, which is a type of user equipment (payment for a purchased product), the conventional authentication method uses:
User authentication is performed as follows. First, the user 1 inserts the debit card 60a into the card insertion slot of the authentication terminal device 2a and inputs a personal identification number using an input unit or the like. The authentication terminal device 2a reads the card information (ID or the like) stored in the debit card 60a, and transmits the read card information and user information including the password input by the user 1 to the authentication center 3a. The authentication center 3a performs authentication by comparing the card information and the password transmitted from the authentication terminal device 2a with a database storing the password in association with the card information. Then, the authentication center 3a confirms that the authentication is OK.
If so, an authentication OK signal is transmitted to the authentication terminal device 2a,
If the authentication is NG, the authentication NG signal is sent to the authentication terminal device 2a.
Send to

[0006] In this authentication processing, as described above, confirmation that the user 1 is the original user of the debit card 60a (identification) is not performed. Therefore, in the present embodiment, before the user authentication process is performed in the authentication center 3a, the identity verification process (the portion surrounded by the two-dot chain line in FIG. 1).
Is performed as follows. In the present embodiment, at least the user identification device includes the user portable device 10a provided on the first user portable device 40a carried by the user 1 and the user portable device 2 provided on the second user portable device 50a.
0a and a user device 30a provided in a user device 60a used by the user. The first and second user portable devices 10a and the user device 30a are, for example,
Prepared by a service company that performs user authentication. Various methods are available for attaching the user portable devices 10a and 20a and the user device 30a to the user portable devices 40a and 50a and the user device 60a. For example, a method using an attaching means such as an adhesive or an adhesive tape, a method built in the first and second user portable devices 40a and 50a, and the user device 60a can be used. Further, in the present embodiment, for example, the user device 30a outputs a use prohibition signal and disables the debit card 60a, which is the user device, until the user device can be identified. That is, the authentication terminal device 2a cannot read the card information of the debit card 60a.

[0007] The first and second user portable devices 10a and 20a and the user device 30a store information necessary for personal identification. For example, information (original information) originally recognized as one piece of information is divided into at least three pieces of information, and the first divided information (first information (1)) is divided into first user portable devices 40a (for example, wristwatches). The second divided information (second information (2)) is stored (stored) in the user portable device (10a) provided in the second user portable device 50a (for example, glasses) provided in the second user portable device 50a (for example, glasses). Equipment (10
a) is stored (stored) in the third division information (third information
(3)) the user equipment 60a (for example, a debit card)
Is stored (stored) in the user device 30a provided in the server.
Various methods can be used to divide the original information.

The first and second user portable devices 40a
And 50a are not limited to wristwatches and glasses, and need only be portable or portable by user 1. For example, rings, glasses, belt buckles, bracelets, pendants, earrings, wallets, commuter passes, licenses, and the like can be used. Further, the first and second user portable devices 40a and 50a may use the same user portable device. Also,
The first and second user terminal devices 10a and 20a need not be carried with the user portable devices 40a and 50a, and may be carried in a purse, bag, or pocket, for example. Further, the user device 60a is not limited to a card, and may be any device that requires personal identification. For example, a mobile phone or a personal computer may be used. The user device 60a may be shared by a plurality of users. In addition, a PHS (Personal Ha
ndyphone System phone, PDA (PersonalData As)
sistance, personal digital assistant, radio, ETC (Elec
Communication device for tronic TollCollection System (non-stop automatic fee payment system), ITS (Intelligent Tra)
nsport Systems, intelligent transportation systems), vehicle communication equipment, telephone communication terminals (eg, public telephones, fax terminals),
A data communication terminal (eg, a personal computer) or the like can be used. What to use as user equipment is a matter of business or design choice. First and second user portable device 1
Each of 0a and 20a includes a transmission unit that transmits the first information (1) and the second information (2) to the user device 30a. As a method of transmitting the first information (1) and the second information (2), a radio wave may be used, or an ultrasonic wave or light (infrared ray) may be used.

[0009] The user device 30a receives the first information (1) and the second information (1).
When the information (2) is received, the received first information (1) and second information (2) are combined with the third information (3) stored therein by a predetermined algorithm to generate the information (4). (Form. Then, identity verification is performed by collating the information (4) with the original information. That is, the received first information (1) and second information (2)
When the original information can be reproduced or restored by using the information (3) stored therein, it is confirmed that the user is the principal. As described above, the corresponding first and second user portable devices 10a and 20a and the user device 30a store divided information (first information) generated from the same original information.
(1), second information (2), and third information (3)).
Therefore, the user device 30a can reproduce or restore the original information only when receiving the correct first information (1) and correct second information (2). In the authentication system shown in FIG. 1, the debit card 60a, which is a user device, allows the authentication terminal device 2a to read the card information stored therein only when it is confirmed that the user 1 is himself. As described above, the debit card 60a is configured to output the card information stored therein to the authentication terminal device 2a after performing the identity verification process. Here, the debit card 60a is lost and stolen,
Alternatively, when the personal identification number is known to another person, the debit card 60a is used as the first and second user portable devices 1 carried by the original user of the debit card 60a.
The first information (1) and the second information (2) transmitted from 0a and 20a cannot be received. Therefore, before the user authentication is performed in the authentication center 3a, the user device 30a
The unauthorized use can be surely prevented by the personal identification processing.

In this embodiment, one piece of original information is divided into at least first information (1), second information (2), and third information, such as a tally.
Information (3), the first information (1) is stored in the first user portable device 10a, the second information (2) is stored in the second user portable device 20a, and the third information (3) To the user device 30a
Is stored. Then, the user device 30a confirms the identity of the user when receiving the correct first information (1) and correct second information (2). Therefore, the configuration can be made at a lower cost as compared with the case where the biological information is used. Further, even if the personal identification number or the card is stolen or lost, there is no fear of unauthorized use unless the user portable device (user portable device) is stolen or lost. In addition, the first and second
User mobile devices 10a and 20a and user device 30a
Stores different information, so if one is stolen or lost, there is no fear of unauthorized use. Therefore, the identity verification can be performed more reliably than when the personal identification number, signature, ID data, and the like are used. The present invention relates to a method for confirming (identifying) whether a user is a real user of the user device when the user uses the user device. Therefore, how to use the result of performing the personal identification process in the user device (user device) is a matter appropriately selected according to the type of the user device and the form in which the user device is used. For example, in FIG. 1, when the user device 30a confirms that the user is the user, the user device 30a receives a debit card (user device).
The output of the card information 60a to the authentication terminal device 2a is permitted. Thereby, the card information of the debit card 60a is read by the authentication terminal device 2a. User 1
Inputs a password using the input means of the authentication terminal device 2a. Thereafter, user authentication processing (processing for authenticating the validity of the debit card) is performed in the authentication center 3a in the same procedure as in the conventional example.

Next, a procedure for performing an identity verification process using the identity verification apparatus of the present embodiment will be described. FIG.
FIG. 9 is a diagram illustrating an example of a processing procedure of an identity verification method. In the present embodiment, the user device 30 always performs the identity verification process. In the present embodiment, the personal identification processing is performed in the following procedure. At an appropriate time (for example, at a predetermined time interval), the user portable device 10 stores (stores) the first information stored therein.
Send (1). The second information (2) that the user portable device 20 owns (stores) at an appropriate time (for example, at predetermined time intervals).
Send Here, depending on the information transmission method, if the user portable devices 10 and 20 transmit information at the same time, there is a possibility that both information interfere and the user device 30 cannot receive the information correctly. Therefore, the user portable device 1
It is preferable to set the transmission time of 0 and the transmission time of the user portable device 20 so as not to overlap. For example, the transmission timing of the user portable device 10 and the user portable device 20 is set in advance. The user device 30 in the reception standby state includes the first information (1)
And the second information (2). Upon receiving the first information (1) and the second information (2), the user device 30 receives the first information (1) and the second information (2) and the third information held (stored) by itself. (3) is combined with a predetermined algorithm to form fourth information (4). The user device 30 compares the information (4) with the original information, and when the information (4) matches the original information (the first information (1) and the second information
If (2) and the third information (3) are combined to form the original information), it is confirmed that the user is himself.

FIG. 3 is a diagram for explaining another example of the processing procedure of the identity verification method of the present invention. In the present embodiment, the user device 30 performs an identification process when identification is required. In the present embodiment, the personal identification processing is performed in the following procedure. The user device 30 transmits an information transmission request signal when it is necessary to perform an identity verification process (for example, when a debit card is inserted into the card insertion slot of the authentication terminal device). The user portable device 10 in the reception standby state receives the transmission request signal. When the user portable device 10 receives the transmission request signal,
The first information (1) stored therein is transmitted. The user portable device 20 in the reception standby state receives the transmission request signal. When the user portable device 20 receives the transmission request signal,
It transmits the second information (2) stored therein. here,
Depending on the information transmission method, the user portable devices 10 and 2
If 0 transmits information at the same time, both information may interfere with each other and the user device 30 may not be able to receive information accurately. Therefore, it is preferable to set the transmission timing of the user portable device 10 and the transmission timing of the user portable device 20 so as not to overlap. For example, it is set so that information is transmitted after different standby times have elapsed since the reception of the transmission request signal. Alternatively, the transmission request signal is transmitted from the user device 30 to the user portable device 10 or the user portable device at different times. The user device 30 in the reception standby state includes the first information (1)
And the second information (2). The user device 30 forms the information (4) by combining the received first information (1) and second information (2) with the third information (3) held (stored) by a predetermined algorithm. I do. The user device 30 checks the information (4) against the original information,
If (4) matches the original information, confirm the identity. It should be noted that the user device 30 has the first information (1) and the second information (2)
Cannot be received, or the received information is the first information
If it is not (1) or the second information (2), a predetermined process is executed. For example, if information cannot be received within a predetermined time after transmitting the transmission request signal, the transmission request signal is transmitted again. If the information cannot be received even after transmitting the transmission request signal a predetermined number of times, it is determined that the user cannot be identified, and predetermined termination processing is executed. For example, an error message is displayed on the authentication terminal device.

Next, a method of dividing and combining original information is shown in FIG.
This will be described more specifically. In the present embodiment, the original information [the bit matrix of the figure of the number 7] is divided into two left and right division lines.
At (1) and the dividing line (2), the image is divided into upper first information (1), central second information (2), and lower third information (3). And
The first information (1) is stored in the user portable device 10, the second information (2) is stored in the user portable device 20, and the third information (3) and the original information are stored in the user device 30. User device 3
0, upon receiving the information, combines the received information with the third information (3) stored therein by a predetermined algorithm to form information (4). In this embodiment, the bit matrix of the received information and the bit matrix of the third information (3) are combined. In the case where the received information is the first information (1) and the second information (2), the bit matrix of the received information and the bit matrix of the third information (3) are combined to obtain the original information [ Bit matrix] is formed. Further, the information (4) is compared with the original information to confirm the identity. In this embodiment, it is determined whether the graphic represented by the bit matrix of the information (4) is the same as the graphic represented by the bit matrix of the original information. The place where the dividing line is drawn, how to draw the dividing line, the number of dividing lines, and the like can be appropriately selected. An algorithm for combining the received information with the information stored therein is determined by a division method for dividing the original information.

Next, FIG. 5 shows a block diagram of a first embodiment of the personal identification device of the present invention. The personal identification device of the present embodiment includes a first user portable device 10b, a second user portable device 20b, and a user device 30b. The first user portable device 10b includes a signal output unit 1
1b, modulation / demodulation means 12b, and communication means (first communication means) 13b. Signal output means 11b
Has, for example, a storage unit (first storage unit) that stores the first information (1), and outputs the first information (1). Various formats can be used as the format of the first information (1) stored in the storage means. The modulation / demodulation unit 12b modulates the first information (1) output from the signal output unit 11b and transmits the modulated first information (1) via the communication unit 13b. Alternatively, the modulation / demodulation unit 12b demodulates a signal received via the communication unit 13b. When the demodulated signal includes the transmission request signal, the first information (1) is modulated and
b. The user portable device 10b is provided with a battery for supplying power to each unit. The second user portable device 20b has the same configuration as the first user configuration device 10b, and includes a signal output unit 21b and a modulation / demodulation unit 2.
2b and communication means (second communication means) 23b. The signal output unit 21b has a storage unit (second storage unit) that stores the second information (2), and outputs the second information (2). The modulation / demodulation means 22b is a signal output means 21
b, and modulates the second information (2) output from
b. Alternatively, the modulation / demodulation means 22b
Demodulates the signal received via the communication means 23b.
If the demodulated signal includes the transmission request signal, the second information (2) is modulated and transmitted via the communication unit 23b. The user portable device 20b is provided with a battery for supplying power to each unit.

The user device 30b includes a communication means (third communication means) 31b, a modulation / demodulation means 32b, and a coupling means 33.
b, signal output means 34b. The modulation / demodulation unit 32b demodulates the signal received via the communication unit 31b and outputs the demodulated signal to the combining unit 33b. Alternatively, the modulation / demodulation means 32b modulates the transmission request signal,
To send over. After that, the signal received via the communication unit 31b is demodulated and output to the coupling unit 33b. The signal output unit 34b includes a storage unit (third storage unit) that stores the third information (3), and outputs the third information (3). The combining means 33b (identity confirming means) receives the signals (first information (1) and second information (1)) inputted from the demodulation / modulation means 32b.
(2)) and the third information (3) are combined by a predetermined algorithm to form information (4). For example, the first information (1), the second information (2), and the third information (3) are combined using a tally matching method. Further, the combining unit 33b confirms whether or not the user is the principal based on the comparison result of the information (4) and the original information. Coupling means 33
b is the signal output means 34b or the modulation / demodulation means 32
It may be provided integrally with b. The user device 30b is provided with a battery for supplying power to each unit. Coupling means 3
3b outputs, for example, an output prohibition signal when the user is not confirmed. When the output prohibition signal is output from the coupling unit 33b, the user device becomes unusable. For example,
The card information stored in the debit card cannot be read by the authentication terminal device, or the mobile phone cannot be used. The original information may be stored in the output unit 34b of the user device 30b.

When the user equipment and the user equipment are separate, signal transmission between the user equipment (coupling means) and the user equipment is performed by radio or via a cable. If connection terminals that can be connected to each other are provided in the user device and the user device, the user device and the user device can be connected only by connecting the connection terminals, thereby facilitating the connection operation. Note that the user portable devices 10b, 2
0b signal output means 11b, 21b, modulation / demodulation means 1
2b, 22b, signal output means 34 of user device 30b
b, the modulation / demodulation means 32b, the combining means 33b, and the signal output means 34b may be realized by hardware or may be realized by software. Connecting means 3 of the present embodiment
3b corresponds to the identification means of the present invention.

FIG. 6 is a perspective view of one embodiment of the user equipment 60b. The user device 60b shown in FIG. 6 is formed in a card shape. Then, each means 31b to 34b shown in FIG. 5 is provided inside the card. The user device 60b is also a communication device having a communication function for communicating with the user portable devices 10b and 20b. User equipment 6
As 0b, a magnetic card, IC card, debit card, credit card, cash card, or the like can be used. For example, by providing communication means on a payment card such as a debit card, credit card, or cash card, the payment card can have an identity verification function. It should be noted that the card is not limited to a payment card or a financial card, and it is a matter of course that a communication device such as a wireless device may be formed in a card shape.

FIG. 7 is a block diagram of a second embodiment of the personal identification device of the present invention. In the present embodiment, a destruction unit 36c is provided in the user device 30c (for example, the signal output unit 34c). The destruction means 36c is provided with predetermined information (for example, the third information stored in the signal output means 34c).
When the illegal reading of the information (3) is detected, the predetermined information is prevented from being output from the signal output means 34c to the outside. The detection of the illegal reading is performed by, for example, the communication unit 3
It is detected by the fact that the signal received at 1c includes a read signal other than the normal read signal. As a method of preventing signal output from the signal output unit 34c, for example, a method of flowing an overcurrent to the signal output unit 34c to destroy the signal output unit 34c can be used. Alternatively, when information or the like is stored in the volatile storage means, a method of shutting off power supply to the storage means and erasing the information or the like stored in the storage means may be used. In addition,
The destruction unit 36c may destruct the signal output unit 34c or the user device 30c when detecting that the user device 30c is decomposed. The destruction means 36c of the present embodiment corresponds to the read prohibition means of the present invention.

[0019]

The present invention has the following effects. The present invention provides biometric information, personal identification number, signature (signature),
Instead of using a seal or an ID code, information such as a tally is originally used as information or a signal obtained by dividing a signal. Then, each divided information is stored in a user portable device carried by the user and a user device provided in a user device used by the user, and the information held by the user portable device and the information held by the user device are combined (tally matching).
To confirm the identity. Such information does not fluctuate unlike biological information. In addition, the communication means and the means for combining the information can be easily implemented by an IC chip or the like.
It can be configured at low cost. Therefore, the identification can be performed with high accuracy and at low cost. Also, in the present invention, identity verification is not performed unless the information held by the user portable device and the information held by the user device are combined to restore the original information (original information). Therefore, there is no fear of unauthorized use even if a password, a card, an ID tag, or the like is stolen. That is, as long as the user device and the user portable device are not dropped or stolen, there is no possibility of unauthorized use. If the user portable device is configured by an IC chip, it can be attached to many members (for example, rings and glasses) that can be carried by the user. In this case, since the user portable device can be attached to a member determined by the user, there is almost no risk of the user portable device being stolen. In the present invention, since the division information is stored in two or more user portable devices, the risk of unauthorized use is further reduced. If there is a possibility that information is leaked, a predetermined IC chip of the user portable device and the user device may be replaced with a new chip. As described above, by using the present invention, for an unspecified number of users,
Simple, low-cost, high-reliability, high-security personal identification processing can be performed.

The present invention is not limited to the configuration of the embodiment described above, and various changes, additions, and deletions can be made without changing the gist of the present invention. For example, the manner of assembling the user device and the user device and the manner of assembling the user portable device and the user portable device can be variously changed, such as an integrated configuration or a separate configuration. For example, the user portable device may be formed of an IC chip, and the IC chip may be attached to the user portable device (watch, glasses, etc.) with an adhesive, an adhesive tape, or the like. Further, the user device and the user device can be integrally configured. Further, the means constituting the user device may also be used as the means constituting the user equipment. When the user portable device is provided integrally with the user portable device, and when the user device is provided integrally with the user device, the user portable device and the user device are referred to as the user portable device and the user device, respectively. It can also be called a device. In addition, although the transmission and reception of information between the user portable device and the user device is performed in a non-contact manner, the transmission and reception of information can be performed in a state where the information is in a contact state. Further, the personal identification device is configured by two user portable devices and one user device, but the number of user portable devices may be three or more.
In this case, the present invention provides, for example, “the original information is divided to form N (N is an integer of 3 or more) divided information, and the first divided information to the (N−1) th divided information are respectively The first user portable device to the (N-1) th user portable device store the N-th divided information in the user device, and the user device (identification means) combines the received information with a predetermined algorithm. When the original information can be formed, the user confirms that the user is the original user of the user device. " Further, a method of preventing information from leaking when transmitting information between the user portable device and the user device can be used. For example, an encryption unit for encrypting information is provided on the transmission side, and a decryption unit for decrypting encrypted information is provided on the reception side. Alternatively, the transmission side is provided with RN insertion means for inserting random noise (RN) into information, and the reception side is provided with RN removal means for removing RN from information with RN inserted. Further, the present invention can be configured as an identity verification method.

As described above, by using the personal identification device according to the first to sixth aspects, the personal identification can be performed at low cost and with high reliability.

[Brief description of the drawings]

FIG. 1 is a schematic diagram of an embodiment of an identity verification method according to the present invention.

FIG. 2 is a diagram illustrating an example of a processing procedure of an identity verification method according to the present invention.

FIG. 3 is a diagram illustrating another example of the processing procedure of the identity verification method of the present invention.

FIG. 4 is a diagram illustrating an example of dividing original information.

FIG. 5 is a block diagram of a first embodiment of the personal identification device of the present invention.

FIG. 6 is a diagram showing one embodiment of a user device.

FIG. 7 is a block diagram of a second embodiment of the personal identification device of the present invention.

[Explanation of symbols]

1 User 2a Authentication terminal device 3a Authentication center 10, 10a to 10c, 20, 20a to 20c User portable device 11b, 11c, 21b, 21c Signal output means 12b, 12c, 22b, 22c Modulation / demodulation means 13b, 13c, 23b, 23c Communication means 30, 30a to 30c, User equipment 31b, 31c Communication means 32b, 32c Modulation / demodulation means 33b, 33c Coupling means (identification means) 34b, 34c Signal output means 36c Destruction means (read prohibition means) 40a, 50a User portable device 60a, 60b User device

 ──────────────────────────────────────────────────続 き Continuing from the front page (72) Inventor Hirokazu Fukatsu 2-13-1, Chigadori, Minami-ku, Nagoya-shi F-term in Taitec Co., Ltd. (reference) 3E040 AA10 CB01 DA02 5B085 AE02 AE12 AE23 5J104 AA07 KA01 NA05

Claims (6)

[Claims] An identity verification device for confirming that a person using a user device is an original user of the user device, wherein at least a first and a second user portable device carried by the user; A first user portable device provided with a user device to be used, the first user portable device storing first information of at least first to third information obtained by dividing original information; And a first communication unit for transmitting the first information stored in the first storage unit, wherein the second user portable device includes at least the first to third information obtained by dividing the original information. And a second communication unit for transmitting the second information stored in the second storage unit, wherein the user device obtains at least the original information obtained by dividing the original information. First to first
Third storage means for storing third information of the third information;
A third communication unit that combines the information received by the third communication unit with the third information stored in the third storage unit, and confirms the identity of the user when the original information can be formed. An identity verification device having a confirmation means. 2. The personal identification device according to claim 1, wherein the first and second user portable devices transmit the first information at predetermined time intervals. 3. The personal identification device according to claim 1, wherein the user device transmits an information transmission request signal, and wherein the first and second user portable devices receive an information transmission request signal when receiving the information transmission request signal. An identity verification device that transmits the first information and the second information. 4. The personal identification device according to claim 1, wherein the user device inhibits reading of the third information when detecting unauthorized reading of the third information. An identity verification device provided with means. 5. The personal identification device according to claim 4, wherein the read prohibition unit destroys the third storage unit. 6. The identity verification device according to claim 1, wherein the identity verification means permits use of the user device when the identity is confirmed.