JP2003242125A - Portable information terminal, authentication auxiliary terminal and individual authentication method - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To realize a safe and easy individual authentication by use of a portable information terminal. <P>SOLUTION: An image displayed on the LCD 112 of the portable information terminal is enlarged through a free-form surface prism and displayed on the window part of a casing. A cursor displayed on the window part is controlled according to the instruction from an input device 140. When the start of individual authentication processing is instructed by the input device 140, a CPU 121 radiates infrared ray to the eyeballs of a user from an infrared ray source 172 to make an imaging device 172 acquire iris information. The acquired iris information is compared with the individual authentication information stored in a ROM 123, thereby, the CPU 121 executes the individual authentication. <P>COPYRIGHT: (C)2003,JPO

Description

Detailed Description of the Invention

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a mobile information terminal, and more particularly to a mobile information terminal having a personal authentication function, a personal authentication method applied to the mobile information terminal, and a personal authentication function for a computer. Regarding programs that let you.

[0002]

2. Description of the Related Art Conventionally, a portable information terminal (PDA: Personal Digital As) has been used as an information device for supporting an intellectual activity of an individual with a palm size.
(sistant) has been developed. This portable information terminal is equipped with a liquid crystal display device and has a schedule book function, a memo pad function, a telephone book function, and the like.

[0003]

In the information-oriented society in which the information and communication technology has permeated, there is a growing concern about privacy as in the real world. For example, since the conventional portable information terminal is often used at least 20 cm away from the user's eyes, if personal information is displayed on the liquid crystal display device, not only the user but also a third person can peek at it. There was a risk of being

Therefore, an object of the present invention is to provide a portable information terminal which suppresses peeping from a third party.

Further, when inputting important personal information such as authentication information from the keyboard, even if the input information is masked by an asterisk or the like, it may be known to a third party by looking into the key input operation. There was a nature.

Therefore, another object of the present invention is to provide a portable information terminal equipped with an input section in which a third party cannot substantially recognize the input information only by looking at the key input operation.

By the way, a bank terminal or the like is still constructed so that a personal identification number can be inputted by a keyboard. Therefore, there is a risk that a secret code may be known to a third party if the key input operation is scrutinized.

[0008] Therefore, still another object of the present invention is to provide a portable information terminal which transmits a personal identification number stored therein when a personal identification number is requested from an information processing device such as a bank terminal. To aim.

[0009]

[Means for Solving the Problems] In order to solve the above problems,
The present invention provides a housing that can be held by hand, a window portion provided in the housing, a magnifying optical portion provided inside the window portion, and a window portion via the magnifying optical portion. There is provided a mobile information terminal comprising: a display unit for displaying image information; and an input unit for controlling the movement of a cursor displayed by the display unit.

That is, the display contents of the liquid crystal display device provided in the housing are magnified by using a magnifying optical system such as a free-form surface prism, and the magnified display contents can be seen through the window. , It becomes difficult for a third party to see the displayed contents.

Since the size of the housing is such that it can be held by hand, the size of the window is naturally small and it is difficult for a third party to look into the window. As a more specific example, the area of the window is such that a third party cannot substantially look into the window when the user of the portable information terminal is in contact with the window. Area will be enough. In order to make it more difficult to look through, a size that can be held with one hand may be preferable to a size that can be held with both hands.

In order to solve the above other problems, the present invention is
The control unit further includes a control unit that controls the display unit and the input unit, the control unit controls the display unit to display a keyboard image, and further, a cursor position when a click signal is input from the input unit. It is characterized in that a key corresponding to is used as input information.

That is, by providing a software keyboard in place of the physical keyboard, the number of physical keys is reduced, and it is difficult for a third party to know what information is input by just looking at the key input operation. is doing.

Further, a biometric information input unit for inputting biometric information may be further provided, and the control unit may execute the authentication process based on the inputted biometric information. That is, it is possible to prevent the theft of the authentication information at the time of authentication by executing the authentication process by inputting the biometric information instead of the key operation. Moreover, since the number of input steps required by the user is reduced as compared with the key input, the authentication process can be executed safely and easily.

In order to solve the above-mentioned other problems, the present invention has an encryption unit having at least one encryption algorithm, and a communication unit for exchanging information with other devices.
Further comprising, the control unit causes the encryption unit to encrypt the information based on the input biometric information,
The encrypted information may be transmitted by the communication unit.

By configuring the portable information terminal in this way, it will be possible to perform communication with an external device more safely.

Further, the communication section may transmit personal authentication information necessary for the personal authentication processing to an information processing apparatus which executes the personal authentication processing. For example, if the information processing device is a bank terminal or a server on a network that includes a communication unit that communicates with the communication unit, the key input of the personal identification number can be simplified, and the personal identification number can be more safely and easily provided. It will be possible to input to the bank terminal etc.

The encryption unit may use the input biometric information as key information.

Further, a storage unit for storing a plurality of key information used by the encryption unit is further provided, and the control unit stores a plurality of storage units in the storage unit based on the inputted biometric information. At least one piece of key information may be selected from the key information, and the selected key information may be used by the encryption unit.

In order to solve the above-mentioned problems, the present invention is an authentication assisting terminal for transmitting password-related information to a data processing device which requests password-related information at the time of use via a communication line. First storage means for storing the password-related information, second storage means for storing permission information for permitting transmission of the password-related information, and biometric information input from a user of the authentication auxiliary terminal Biometric information input means, determination means for determining whether or not transmission of the password-related information is permitted based on the biometric information and the permission information, and when it is determined that the transmission is permitted And a transmission means for transmitting the password-related information.

Here, the information processing device is a bank terminal or a server on a network provided with a receiving means for receiving the password related information and an authenticating means for executing personal authentication based on the password related information. May be.

Further, the biometric information input means may input information about an iris pattern, a retina pattern, a fingerprint or a voiceprint of the user's eye.

In order to solve the above problems, the present invention is an authentication assisting method for transmitting password related information via a communication line to an information processing device which requests password related information when used. Storing the password-related information and permission information for permitting the transmission of the password-related information; inputting biometric information from a person who desires to use the information processing device; A step of determining whether the transmission of the password-related information is permitted based on the permission information, and a step of transmitting the password-related information when the transmission is determined to be permitted,
An authentication assisting method is provided, which comprises:

[0024]

BEST MODE FOR CARRYING OUT THE INVENTION An embodiment of the present invention will be described below. Of course, the following embodiments are provided for facilitating the implementation of the present invention by those skilled in the art, and only a part of the embodiments within the technical scope of the present invention defined by the claims. Nothing more. Therefore, it is obvious to those skilled in the art that even the embodiments not directly described in the specification of the present application are included in the technical scope of the present invention as long as the technical idea is common.

Although a plurality of embodiments will be described for the sake of convenience, those skilled in the art will understand that not only these embodiments are individually realized, but also the invention can be realized by appropriately combining a plurality of embodiments. Easy to understand.

(First Embodiment) In the first embodiment,
In particular, by improving the display device used for the portable information terminal, it is difficult for a third party to see the display contents. Here, as an example of the use of the mobile information terminal, a WWW (World Wide Web) on the Internet, which is connected to a mobile phone terminal and goes through a mobile phone network, is used.
Connect to the server (hereinafter referred to as "Web server")
An operation example of displaying page information provided by the eb server on the mobile information terminal will be described. Furthermore, according to the present embodiment, the displayed page information includes a text input box, and when the user selects the text input box, the software keyboard function is activated and appropriate text input is performed. A possible example is also described.

FIG. 1 is a schematic view of a portable information terminal according to this embodiment. (A) is a perspective view of the portable information terminal,
(B) is a front view and (C) is a view showing a state where the portable information terminal is held by a hand.

A window 1 shown in FIG. 1B is provided on the front surface of the portable information terminal, and the window 1 is located on the eyepiece side of a free-form curved surface prism described later. The user can enlarge and view the screen of a small liquid crystal display, which will be described later, by holding the portable information terminal with his / her hand and bringing his / her eyes close to the window 1 to look into the window. Since the mobile information terminal uses a battery as a power source and has a wireless communication function, the user can carry the mobile information terminal and view necessary information.

Further, as shown in FIG. 1, the operation button 2 is mounted on the upper left when viewed from the front, and the user operates the operation button 2 to obtain desired information. The operation button is realized by, for example, an input device using a pressure sensitive element or the like that can detect a slight finger movement. This input device is a pointing device (mouse) used in notebook computers, etc.
And realizes pointing and button clicking on a two-dimensional plane.

FIG. 2 is a sectional view of the portable information terminal. In the figure, 112 is a small liquid crystal display for displaying information, 113 is a backlight for supplying transmitted light to the small liquid crystal display 112, and 111 is a small liquid crystal display 1.
12 is a free-form surface prism for enlarging the screen of 12.
These small liquid crystal display 112, backlight 1
The magnifying display device 110 is configured by the free-form surface prism 13 and the free-form surface prism 111. Reference numeral 3 is a housing of the portable information terminal, and 4 is a main board that sends a drive signal to the small liquid crystal display 112.

FIG. 3 is a diagram showing an optical path in the free-form surface prism 111. The free-form surface prism 111 has 3
There are two optically active surfaces 111a-111c. A small liquid crystal display 112 and a backlight 113 are arranged near the working surface 111c farthest from the observer,
They are adjusted to a position that gives the viewer an appropriate display. The light emitted from the backlight 113 passes through the small liquid crystal display 112 on each of the working surfaces,
It is designed to reach the observer via 1c, 111a, 111b. By using the free-form surface prism 111, a magnifying optical system for magnifying and displaying the image output can be realized in a compact size. In this embodiment,
Although a transmissive liquid crystal display element is used as the small liquid crystal display 112, a reflective liquid crystal display element may be used instead. In that case, the shape of the free-form surface prism and the position of the backlight will be adjusted appropriately.

FIG. 4 is a block diagram showing an electric circuit mounted on the portable information terminal. The portable information terminal includes an enlarged display device 110 including a small liquid crystal display (LCD) 112, a backlight 113, and the like, and a SoC (System).
A small computer device 120 integrated by em on a Chip) technology, a Bluetooth compliant low power consumption communication device 130, and an input device 140 that realizes pointing and button clicking by combining a pressure sensitive element and a tact switch.
And L that can realize multiple display states by lighting or blinking
An ED device 150 and a power supply device 160 including a lithium ion secondary battery are provided, and these are mounted in a portable information terminal that is small enough to fit in the hand. The operation button 2 in FIG. 1 serves as an operation unit of the input device 140.

The portable information terminal operates so that the computer device 120 processes the information obtained from the network via the communication device 130 and provides it to the user via the enlarged display device 110.

The inside of the computer device 120 is a CPU 1 that executes various processes by a program described later.
21, a RAM 122 serving as a memory for storing programs and holding intermediate results of processing, and a ROM storing software such as programs and data.
123, a display control circuit 124 for controlling the small liquid crystal display 112 and the backlight 113 so as to reflect the execution result of the program, the CPU 121 and the RAM 12
2, a bus 125 serving as a data communication path, a communication control circuit 126 that controls the communication device 130, an input control circuit 127 that controls the input device 140, an LED control circuit 128 that controls the LED device 150, and power saving. A power supply control circuit 129 that controls the power supply device 160 for control and the like. In this, RAM12
2, the ROM 123, the display control circuit 124, the bus 125
Is connected to the CPU 121 via. Communication control circuit 12
6, the input control circuit 127, the LED control circuit 128, and the power supply control circuit 129 are connected to the CP via the I / O port.
It is connected to U121. And these circuits are SoC
It is miniaturized on one semiconductor chip by technology. One chip is considered to be the most efficient, but it will be apparent to those skilled in the art that the chips may be mounted separately. The ROM 123 of this configuration has a mask RO
It includes a non-rewritable storage device such as M and a rewritable storage device such as a flash ROM.

FIG. 5 is a diagram showing a connection form between the portable information terminal and the network. A plurality of Web servers 400 exist on the network 350 such as the Internet. The portable information terminal 100 according to the present embodiment is Bl
The mobile phone terminal 200 is connected via the Bluetooth network 150, and the mobile phone terminal 200 is connected to the Web server 400 via the mobile phone line network 250.

The mobile phone terminal 200 is a mobile phone line network 2
In addition to the function of connecting to 50, it has a Bluetooth communication function. Although the mobile phone network 250 is actually composed of a plurality of radio base stations and switching equipment, a detailed description of the mobile phone network 250 is omitted for the sake of brevity. A router 300 intervenes to get in from the mobile phone network 250 to the network 350. Router 3
00 is often ISP (Internet Se)
It is operated by a mobile phone provider and serves as a bridge from the mobile phone network 250 to the network 350.

The portable information terminal 1 according to the present embodiment.
The configuration of 00 may be implemented in the mobile phone terminal 200. On the contrary, the mobile information terminal 100 and the mobile phone terminal 200
The mobile phone function of may be implemented.

Web issued from the mobile information terminal 100
The page information request is made by the corresponding Web server 400.
Sent to the Web server 400
Returns the Web page information to the mobile information terminal 100. Furthermore, in the mobile information terminal 100, the received We
b Page information is analyzed and displayed by a browser program.

In Bluetooth communication from the mobile information terminal 100 to the mobile phone terminal 200, a dial-up networking profile (Dial-u) is used.
pNetworking profile and serial port profile (serial port)
communication based on t profile) is performed.

Further, on the network, a plurality of Web
The browser 500 is connected, and similarly, the web server 40
Connect to 0 and display the page information held there. Note that the web server 400 and the web browser 500 are servers and browsers that implement widely-used web technology, and the page information held in the web server 400 is described in HTML or the like and has a URL.
The link information described as is included. The link information makes it easy to access another page information from the web browser 500 or the like. This different page information may be held on the same Web server or a different Web server.

In addition to the data communication function, the mobile phone terminal 200 has a widely used ordinary call function. In the present embodiment, the data communication function and the Bluetooth function are provided.
Only the function of relaying the connection from the portable information terminal 100 to the Web server 400 using the ooth communication function will be described. That is, in the state where the connection between the mobile phone terminal 200 and the mobile information terminal 100 is established by Bluetooth communication, it is possible to dial the ISP phone number by the dial-up function installed in the mobile information terminal 100. Request to the terminal 200. Accordingly, the mobile phone terminal 200 establishes a link between the mobile phone terminal 200 and the ISP in the mobile phone network. Furthermore, the communication stack installed in the portable information terminal 100 allows the portable information terminal 100 to
Establishes a virtual communication path between the router and the router 300 operated by the ISP. In this way, the mobile phone terminal 200
Plays a role of relaying the connection from the mobile information terminal 100 to the Web server 400. The network shown in FIG. 5 may be an intranet operated in a company or an organization, or may be the Internet that widely connects the world.

FIG. 6 shows HTTP (Hyp) which is the most general communication protocol used when the web browser 500 requests web page information from the web server 400.
It is a figure which shows an example of the communication sequence by erText Transfer Protocol. of course,
Other protocols such as WAP may be used. HTT
In the procedure of P, first, the Web browser 500 sets We
b establish a connection with the server 400 (HTTPconne
ct), then HTTPr from Web browser 500
A request for data in the request format is issued to the Web server 400. Then, the Web server 400 that receives the request analyzes the request content and
Send back a se format response. Then, finally, the communication is closed (HTTP close), and one HTTP session ends.

The contents of the HTTP response format will be described below. The first line of the HTTP response format is defined as a status line (RFC
2616 "HTTP 1. First Edition"). Here, the HTTP version, the status code, and the reason statement are arranged separated by a space character. In particular, the status code, which is the second item, consists of three numbers.
It is used to classify content in the nse format.

FIG. 7 is a flowchart showing the procedure of the operation of portable information terminal 100. A program describing this operation processing is stored in the ROM 123 shown in FIG. 4, and is executed by the CPU 121 as needed. With this execution, the input control circuit 127, the display control circuit 124, the communication control circuit 126, or the like is activated as necessary.

First, step S at the start of the program
At 1001, the setting information is read. Subsequent processing contents are determined based on this setting information. The contents of this setting information are stored in the ROM 123. Typical setting information is fixedly stored in the ROM 123 together with a program, but some setting information is set and changed by the user and stored in another area of the ROM 123.

Next, in step S1002, the CPU 12
1 waits for an instruction from the user. The waiting target here is typically an input signal from the input device 140, but may be the arrival of communication data from the communication device 130.

Then, in step S1003, the CPU 1
21 receives an instruction from the user from the input control circuit 127.

In step S1004, the CPU 12
1 determines whether the received instruction is an instruction to end the program. If the instruction is to end, the CPU 121 ends the program. On the other hand, if the end is not instructed, step S100
Go to 5.

In step S1005, a process corresponding to the instruction content is executed, and thereafter, the process returns to step S1002 to wait for the next instruction. Note that the program of the process executed in step S1005 is also the ROM 12 similarly.
3 and is executed by the CPU 121.

FIG. 8 is a flow chart showing the procedure of the Web access processing executed in the portable information terminal 100. The program describing this processing is called from step S1005 of FIG. 7 in response to an instruction from the user, and has a Web access function, that is, a Web access function.
A function for acquiring and displaying Web page information from the server is realized.

The instruction from the user is, for example, when the user inputs a click signal from the input device 140 when the pointing cursor on the display screen is at the anchor position (link information display position), or the Web to be acquired. This means that the URL data of the page information is directly input.

First, in step S2000, the CPU 12
1 instructs the display control circuit 124 to switch the enlarged display device 110 to the low power consumption mode. The display control circuit 124 stops power supply to the backlight 113 and the small liquid crystal display 112, for example.

Next, in step S2001, the CPU 12
1 acquires the instructed URL. This URL instruction may be directly input by the user or may be an anchor. In the latter case, the anchor selected by the user is specified from the click position information, and the link information included therein is acquired.

Succeedingly, in a step S2002, the CPU 1
21 analyzes the acquired URL. According to this analysis, the CPU 121 determines a Web server, a protocol, etc. to be connected.

Succeedingly, in a step S2003, the CPU 1
21 determines whether or not the instructed URL is a URL corresponding to data existing in the mobile information terminal 100 itself. As a result of the determination, if it exists in the own device, the process proceeds to step S2006, while if it does not exist in the own device, the process proceeds to step S2004. Note that this determination is U
The determination is made in consideration of the case where the RL instruction directly refers to the data in the own device, or the case where the RL instruction refers to external data but the data is cached in a history file or a save file.

In step S2004, the CPU 121
Since the instructed page information does not exist in the own machine, the instructed Web page is used to acquire necessary Web page information.
Connect to the server using the protocol specified by the URL. Here, the HTTP protocol is typically used, but FTP (File Transfer Prot) is used.
Ocol) protocol etc. may be specified. When the protocol designation is omitted, the HTTP protocol is used.

Then, in step S2005, C
The PU 121 acquires the web page information designated by the URL from the web server of the connection destination, and executes the step S
Proceed to 2007. Specifically, the data requested by the URL is requested to the web server, then the response from the web server is waited for, and desired web page information is acquired.

On the other hand, in step S2006, since the instructed page information exists in the own device, necessary Web page information is acquired from the own device, and the process proceeds to step S2007.

In the next step S2007, the CPU 12
1 analyzes the acquired Web page information. Specifically, the content described in HTML format or the like is read, and the image or other multimedia information or anchor (link information) embedded therein is detected, and then the logical structure of the page information is determined.

Subsequently, in step S2008, the CPU 1
Reference numeral 21 controls the display control circuit 124 to switch the enlargement display device 110 to the normal mode. That is,
When the power supply to the backlight 113 and the small liquid crystal display 112 is stopped, the display control circuit 124 restarts the power supply.

Then, in step S2009, the analyzed Web page information is displayed on the small liquid crystal display 112. Specifically, the acquired Web page information is laid out in an appropriate arrangement based on the embedded various information and the logical structure of the analysis result. Then, the layout result is reflected on the screen of the small liquid crystal display 112.

Then, in step S2010, the user is notified of the completion of access to the Web page information. Here, the user is notified using the ringtone function of the mobile phone terminal 200 that is a communication partner. Specifically, the mobile information terminal 1
00 is the serial port for Bluetooth communication.
By using the profile specification, the mobile phone terminal 200 is directly connected to receive appropriate melody data according to a ringtone function interface that has been arranged in advance, and instruct execution of the melody. Typically HTTPr
The performance of a melody whose status can be identified is specified for each status code in the esponse format.

Thereafter, the CPU 121 waits for the next instruction from the user, and thus ends this processing, and proceeds to step S of FIG.
Return to 1002.

FIG. 9 shows the Web displayed on the small liquid crystal display 112 by the Web access processing shown in FIG.
It is a figure which shows an example of page information. Here, the URL data “http://www.xyznews.com
"/ Jp /" indicates the Web page information displayed as a result of direct input. This web page information is stored in the CPU 121.
The display control circuit 124 converts the display signal into a display signal, which is transmitted to the small liquid crystal display 112. The small liquid crystal display 112 displays an image based on the display signal. The backlight 113 irradiates the displayed image with light. Finally, the display image is imaged at the observer position by way of the optical magnifying action of the free-form surface prism 111.

The mobile phone terminal 2 according to the present embodiment.
00 ringtone (ringtone) function interface,
This is to receive appropriate melody data from the mobile information terminal 100 via a Bluetooth communication device provided in the mobile phone terminal 200, and deliver the melody data to a sound source device built in the mobile phone terminal 200. Data communication between the mobile information terminal 100 and the mobile phone terminal 200 at this time is performed in accordance with the serial port profile specification in Bluetooth communication.

FIG. 10 is a flow chart showing the procedure of the setting process executed in portable information terminal 100.
The program describing this processing is called from step S1005 of FIG. 7 in response to an instruction from the user, and realizes a function of setting values specified by the user in various setting items of the mobile information terminal 100. Specifically, the designation by the user is, for example, a case where a setting function is selected from a menu item on the display screen and designation is performed by this function, or a case where the user directly inputs the setting function.

First, in step S3001, the CP
U121 displays the current setting value of the mobile information terminal 100 on the small liquid crystal display 112 and starts the setting session. FIG. 11 is a diagram showing an example of setting values displayed on the small liquid crystal display 112.

Subsequently, in step S3002, C
The PU 121 waits for a user input on the setting screen from the input device 140.

In step S3003, the CPU 12
1 determines a user input from the input device 140. Here, if the user input is a setting end command,
The process proceeds to step S3004. The setting end command is "su
It is either "bmit" or "cancel". On the other hand, if it is not the setting end command, the process advances to step S3007.

In step S3004, the CPU1
21 determines whether the setting end command is “submit” or “cancel”. In the case of the former, the process proceeds to step S3005, the held data of the setting content during the setting session is reflected on the portable information terminal 100, and then the process ends. Here, in the process of reflecting the setting contents on the portable information terminal 100, the setting contents are stored in the ROM 123.
It also includes saving to.

On the other hand, if "cancel" is designated, the flow advances to step S3006 to discard the contents of the setting session and terminate the processing.

If it is determined in step S3003 that the command is not a setting end command, the process advances to step S3007,
The CPU 121 reflects the setting content received by the user input on the held data and the screen in the setting session. Then, the process returns to step S3002 to wait for the next user input.

By the way, important personal information such as authentication information must be entered as safely as possible. Therefore,
In this embodiment, a software keyboard is realized in addition to the above configuration.

FIG. 12 is a flow chart showing the procedure of software keyboard processing executed in the portable information terminal 100. The program that describes this process is
It is called from step S1005 of FIG. 7 in response to an instruction from the user, and realizes a text input function capable of performing text input using the software keyboard and the input device 140 displayed on the screen.

The instruction from the user is, for example, a click signal from the input device 140 by the user when the pointing cursor on the display screen is in the position of the text input box (such as an element having a TEXT type INPUT tag in HTML description). Is input, URL data of Web page information to be acquired is directly input, or a text input area is selected on the setting screen.

First, in step S4001, the CPU 12
1 acquires context information indicating the current environment and situation. When the CPU 121 detects based on a signal from the input control circuit 127 that the text input element (text input box) described in the page described in HTML or the like is clicked, the CPU 121 activates the software keyboard. The context information is the display position information of the text input element on the page information, the page identification information such as a URL, and the HTML assigned to the element in the page.
It is composed of tag information such as description. If text data is already stored in this context information, for example, if the text input box already holds a value, the CPU 121 copies it to the text variable of the text input session and saves the text variable. initialize. If nothing is included in the text input box, the CPU 121 initializes the text variable with an empty character string.

Next, in step S4002, the CPU 12
1 is a virtual keyboard similar to the small liquid crystal display 112 (hereinafter referred to as "software keyboard").
Is called) and the text input session is started. The software keyboard may include a key for inputting a plurality of pre-registered words (phrases) in addition to the key for inputting characters included in a normal keyboard. Pre-registered words and phrases are words and phrases that are expected to be frequently entered, and because you can register them in advance and enter those words simply by operating the corresponding key. belongs to. The pre-registered phrases are, for example, the user's name, address, telephone number, login account, email address, and the like. Note that the security level attribute is also registered in the pre-registered words, and words with a high security level (eg, deposit account number, password, etc.) cannot be used for input by anyone other than the authorized user, as described later. You may FIG. 13 shows an example of pre-registered phrases. Further, FIG. 14 shows an example in which a software keyboard including an input key for this pre-registered phrase is displayed on the small liquid crystal display 112.

Next, in step S4003, the CPU 12
1 inputs selection designation (pointing) of any key on the software keyboard from the input device 140, and receives an instruction from the user based on the input information.

Subsequently, in step S4004, the CPU 1
21 determines whether or not the received instruction is an instruction to end the text input using the software keyboard. If it is an input end command, step S
If it is not an input end command, the process proceeds to step S4008. Here, the input end command means the key "submit" or the key "can" on the screen shown in FIG.
“Cel” is an instruction designated by pointing.

In step S4005, the CPU
Reference numeral 121 determines whether the input end instruction is “submit” or “cancel”. In the case of the former, the process proceeds to step S4006, the text data value of the text variable in the text input session is reflected in the context in which the software keyboard is activated, and the process is terminated. Here, the process of reflecting the text data value in the context also includes displaying the text data in an appropriate portion of the currently displayed page information.

On the other hand, if the input end command is "cancel", the flow advances to step S4007 to discard the contents of the text input session and end the process.

If it is determined in step S4004 that the received instruction is other than the input end instruction, the flow advances to step S4008 to process the text variable of the text input session according to the instruction content. This processing is typically the addition of a character string to a text variable, but it may also be an editing operation such as changing the editing position in the text variable or deleting a character. In addition of a character string, a software keyboard is operated to select and input a desired character. Alternatively, a key corresponding to a pre-registered word can be operated to easily input the pre-registered word.

However, in the processing of step S4008, the instruction content received in step S4003 is an addition operation to the text variable of the pre-registered phrase, and
If the security level (confidentiality) of the registered word is higher than a predetermined value (for example, 4), the CPU 121
Requests an authentication procedure (FIG. 15) described later and determines whether or not an additional operation should be executed. Then, only when the user is authenticated, the registered word is input. Note that, as shown in FIG. 14, a registered image having a security level higher than a predetermined value is preset with a key image icon as a key, which is distinguished from other registered words having a high security level. Then, the process returns to step S4003 to receive the next instruction.

When pointing a key on the software keyboard, the normal pointing cursor (equivalent to the mouse cursor) is not displayed, but only the key of interest is indicated by blinking to indicate the pointed key. Good. Then, when the user operates the input device 140 to move the key to be pointed, according to the operation movement amount,
The key to be pointed may be skipped. If you configure the control program in this way, instead of selecting points with the pointing cursor,
It would be possible to select by key (or button). This allows the user to easily point to any key on the software keyboard.

By the way, if personal information such as a personal identification number can be input at once with a software key, the usability of the user is improved. However, if anyone can freely input personal information at one time, there is a possibility that the personal digital assistant will be misused if it is stolen. Therefore, in this embodiment, as shown in FIG.
As shown in FIG. 4, when a bank account number, a personal identification number, etc. are input once, an authentication process is provided in advance to ensure safety.

FIG. 15 is a flow chart showing an example of an authentication procedure executed in portable information terminal 100.
The program describing this processing is executed in step S in FIG.
When the instruction content received in 4003 is an addition operation to the text variable of the pre-registered phrase and the security level of the registered phrase is higher than a predetermined value (that is,
As shown in FIG. 14, when the key image icon is preset as a key in the registered phrase on the software keyboard (for example, in step S40 of FIG. 12).
It is called from 08 and realizes an authentication function prior to inputting a pre-registered word.

First, in step S5001, the CPU 1
21 is a software keyboard similar to the software keyboard shown in FIG.
And start the authentication session. The software keyboard displayed here is, for example, as shown in FIG. 16, excluding the input keys for pre-registered phrases. At this time, the CPU 121 initializes the authentication code variable held in the authentication session by emptying it.

Next, in step S5002, the CPU 12
1 receives from the input device 140 an instruction from the user represented by pointing any key on the software keyboard.

Succeedingly, in a step S5003, the CPU 1
21 determines whether or not the received instruction is an instruction to end the input of the authentication code using the software keyboard. If it is an input end command, step S500.
4. If it is not the input end command, go to step S50.
Proceed to 07. Here, the input end command means the key "submit" or the key "cance" on the screen shown in FIG.
"l" is an instruction designated by pointing.

In step S5004, the CPU 121
The input end command is "submit" or "ca
ncel ”is determined. If the former,
In step S5005, the value of the authentication code variable during the authentication session is compared with the pre-registered authentication password, the comparison result is output as the authentication result, and the process is terminated. The authentication password is, for example, the ROM 123.
It is stored in the memory and stored by the CPU 121 and read by the CPU 121.
Further, it may be desirable that the length of the authentication password is shorter than the length of the pre-registered phrase from the viewpoint of input efficiency. Further, the authentication password may be set in common to a plurality of pre-registered word keys to prevent the authentication password from being lost. Now, the input end command is "c
In the case of “ancel”, the process proceeds to step S5006, the content of the authentication session is discarded, the authentication result of “unable to authenticate” is output, and the process ends.

In step S5003, the CPU 121
If it is determined that the received instruction is other than the authentication code input end instruction, the process advances to step S5007 to process the authentication code variable of the authentication session according to the instruction content. The process of step S5007 is typically the addition of a character to the authentication code variable, but may be an editing operation such as deletion of the character. To add a character to the authentication code variable, the password of the user is input using the software keyboard. Then, the process returns to step S5002 to receive the next instruction.

As described above, the portable information terminal of the present embodiment, which is small enough to fit in the hand, is used in combination with the portable telephone terminal 200 so that the portable information terminal passes through the portable telephone network 250. It becomes possible to access the Web server 400 on the Internet 350, display the obtained Web page information on a large screen, and operate it.

In particular, text input to a text input box included in Web page information (TEXT type INP
The software keyboard function is used for selecting an element having a UT tag, directly inputting a URL, etc.), thereby enabling text input in a small device that is difficult to have an actual keyboard.

Further, in this software keyboard function, instead of selecting a point on the screen by a normal pointing device, skip movement in units of keys (or buttons) represented on the software keyboard is used to perform key (or button) ) Can be used as a unit for fast and accurate text input.

In addition, in the software keyboard function of the present embodiment, in addition to the usual keys, words and phrases that are expected to be frequently input are registered in advance, and by simply selecting the key corresponding to such words and phrases, It is equipped with an interface that allows inputting such words and phrases, and enables more convenient text input for specific words and phrases that are frequently input.

In addition, when the security level is also registered in the pre-registration of the pre-registered word, and the pre-registered word having a high security level is selected and designated, the user is authenticated and the user is authenticated. Only when it is done, it is possible to input the relevant phrase. This allows
It is possible to prevent the pre-registered phrase from being used for inputting unnecessarily by another person, and to ensure high security. At the same time, it has the efficiency of being able to input frequently-used words and phrases by selecting one of the corresponding keys, achieving both safety and efficiency, which are contradictory features.

In this embodiment, by using the context information when the software keyboard function is activated,
Although the value of the text variable of the text input session is initialized, other than that, it is possible to use the context information. For example, the display position information of the text input box included in the context information can be used to control the display position of the software keyboard so that the text input box is displayed so as not to be hidden by the software keyboard. Conversely, the software keyboard can be displayed so as to cover the text input box.

The URL included in the context information
Using page identification information such as page identification information and tag information, the relevance between these and pre-registered phrases is calculated, and the phrase for which a high relevance value is calculated is displayed on the screen of the small liquid crystal display 112 shown in FIG. It may be preferentially displayed on the screen on which the software keyboard including the input key of the registered word is displayed) so that the selection can be performed efficiently. further,
If the above calculated relevance is higher than a certain value, arrange words with high relevance and display a dialog screen to let the user directly select, before displaying the software keyboard. Good.

Further, in the present embodiment, each key corresponding to the pre-registered word is displayed at the bottom of the software keyboard as shown in FIG. 14, but instead, only the software keyboard is shown. A screen and a screen showing each key corresponding to the pre-registered phrase may be prepared, and each screen may be switched by operating a predetermined button. At that time, the predetermined button may be a software button displayed on a part of the software keyboard, or may be a hardware switch of the portable information terminal 100 to which an equivalent function is assigned. .

Further, in the present embodiment, with respect to registered words having a high security level that require personal authentication, an icon of a key image is used as a key corresponding to those registered words to distinguish them from other registered words. However, it is not always necessary to display the distinguishing icon on the display screen. In addition, if the registered words are divided into two according to the security level, the registered words are divided into three or more according to the security level, and different security management is performed for the registered words in each division. May be.

Further, in this embodiment, the character strings in the "display" column shown in FIG. 13 are displayed on the keys corresponding to the pre-registered words shown in FIG. Instead of this, an appropriate icon image may be displayed on the corresponding key.

Further, in the present embodiment, since the present invention is applied to a small portable information terminal using the free-form surface prism 111, the software keyboard can be seen only by the user and cannot be seen by others. When the present invention is applied to a device using a normal CRT or a liquid crystal screen, when displaying a word having a high security level, it is necessary to devise a display method that avoids leakage to others. Specifically, a display in which a semi-transparent color is used to display the relevant word portion or the relevant word portion is painted is considered. Alternatively, similar to the display performed when the password is input on the personal computer, the characters of the corresponding phrase may be replaced with "*" (asterisk) for display.

(Second Embodiment) In the first embodiment,
Among the pre-registered words, if a word with a high security level is selected and specified as a word to be entered, an authentication session is created and the user's password is entered using the software keyboard to perform authentication. Met. However, with this method, it is possible to reduce the troublesomeness of inputting the word and phrase by pre-registering the word and phrase, but the troublesomeness of inputting the password remains.

Therefore, in the second embodiment, the operation of inputting a password is simplified by introducing an authentication session using biometric information (biometrics).
This aims to realize more efficient and safe word input. Particularly, in the present embodiment, an authentication session using iris information is adopted.

The biometrics represented by the iris of the eyeball, the fingerprint, etc. can be used as the key information for the personal authentication. For example, US sensor company (Sensar, In
c. ) Provides highly accurate personal identification technology based on iris information. In this technology, a standard video camera is used to photograph the iris of the eyeball from a distance of about 1 meter, and based on this, image information of the iris is extracted / coded.
Data is compressed to 56 bytes and used as a personal authentication code. In addition, at NEC, we have developed a fingerprint authentication module,
It is mounted on an A interface PC card for sale.

The configuration of the second embodiment is basically based on the configuration of the first embodiment. Therefore, the explanation of common technical matters is omitted and the description is made clear. The second embodiment includes a new imaging optical system as compared with the first embodiment, and there is a difference in the authentication procedure related to a part of the electric circuit and the software keyboard processing.

FIG. 17 is a view showing the arrangement of the image pickup optical system according to the second embodiment. Here, the same components as those in the first embodiment are designated by the same reference numerals, and the description thereof will be omitted. In the second embodiment, a biometric information input means for inputting biometric information used for authentication is arranged around the free-form curved surface prism 111. For example, when iris information is input as biometric information, the imaging optical system 17
1, an image pickup optical system including an image pickup device 172 and an infrared light source 173 is arranged.

The infrared light source 173 is a light source for illuminating the eyes of an observer with infrared rays to obtain an iris image.
As the light source, for example, a light emitting diode that emits infrared light having low visual sensitivity for an observer may be used.
The imaging optical system 171 is an optical system for collecting the infrared light reflected by the observer's iris in the imaging device 172. The imaging optical system 171 is preferably designed to cancel (cancel) the action of the optical action surface 111 a of the free-form surface prism 111. Imaging device 172
Is an image sensor for acquiring iris image data, and is composed of a CMOS sensor device or the like.

FIG. 18 is a block diagram showing an electric circuit mounted on the portable information terminal according to the second embodiment.
Here, the same components as those in the first embodiment are designated by the same reference numerals, and the description thereof will be omitted. In the second embodiment, an image pickup device 172, an infrared light source 173, and an image pickup control circuit 175 for controlling them are newly added to the electric circuit in the first embodiment shown in FIG. . The image pickup control circuit 175, like the input control circuit 127, uses the I / O port to control the CPU 1
The infrared light source 173 is turned on / off and the imaging device 17 is connected to the imaging device 17 according to a control signal from the CPU 121.
The image data acquired from 2 is transferred.

FIG. 19 is a flow chart showing an example of an authentication procedure executed in portable information terminal 100.
The program describing this authentication processing is called from step S4008 of FIG. 12 as in the first embodiment, and realizes an authentication function prior to inputting pre-registered words. Specifically, when the content of the instruction received in step S4003 of FIG. 12 is an instruction for adding a pre-registered phrase to a text variable and the security level of the registered phrase is higher than a predetermined value (in other words, if,
In the software keyboard, the authentication processing program is called when the key image icon is preset as a key in the registered word.

First, in step S6001, the CPU1
21 supplies power to the infrared light source 173 and the image pickup device 172, and instructs the image pickup control circuit 175 to start image pickup preparation.

Next, in step S6002, the CPU 12
The first instruction instructs the imaging control circuit 175 to transfer the image data captured by the imaging device 172 to the RAM 122 after waiting for the infrared light source 173 to stabilize. RAM1
A predetermined storage area for storing image variables for authentication is provided in advance in 22, and the image data is stored in this predetermined storage area.

In step S6003, the CPU 121
The imaging control circuit 175 is instructed to stop the power supply to the infrared light source 173 and the imaging device 172.

Then, in step S6004, the CPU 1
Reference numeral 21 analyzes the authentication image variables stored in the RAM 122, extracts a partial image corresponding to the iris, and codes it. The iris code variable for authentication thus obtained is stored in RAM1.
It is held in another predetermined storage area of 22. For the encoding at this time, for example, a personal authentication technology provided by Sensor Co. is used.

In step S6005, the CPU 121
The value of the authentication iris code variable is read from the RAM 122, the pre-registered iris code for personal authentication is read from the ROM 123, both are compared, the comparison result is output as the authentication result, and the present process is ended.

As described above, in the second embodiment, the biometrics information, particularly the iris pattern, is used for the personal authentication to reduce the troublesomeness of inputting the password for the authentication.

In the present embodiment, the infrared light source is used to illuminate the eyeball in order to obtain an iris image, but a visible light source may be used instead. When a visible light source is used, in addition to iris pattern information, iris color information and the like can be used for authentication.

Further, in the present embodiment, the iris information is used as the biometrics information, but the retina information may be used in a similar mechanism. Alternatively, authentication may be performed using fingerprint information or voice print information.
In this case, a fingerprint information input sensor or a voice print information input sensor will be used as the biometric information input means.

Further, in the present embodiment, the portable information terminal 10
Although the personal authentication is performed by using the authentication means built in 0, the mobile information terminal 100 may communicate with an external authentication device to perform the personal authentication instead.
In this case, the external authentication device may be a secure IC card terminal or a UIM (User Identity Module).
The mobile phone terminal 200 having a built-in device) is considered. Further, the communication form in this case may be a wired connection such as USB, or a wireless communication such as Bluetooth.

Further, the personal authentication means does not use a single method as in the present embodiment, but uses biometrics as described above, as well as the use of an external authentication device,
It is also possible to use it in combination with password authentication using a software keyboard. Furthermore, these may be selectively used according to the security level of the pre-registered words. Further, in the present embodiment, personal authentication based on biometrics is used to realize a secure software keyboard. However, the configuration of the present embodiment can be applied directly to a charging service, personal information service or Internet banking service on the Internet. It may be applied to authentication such as. For example, pre-registered biometric information may be prepared in the server, biometric information input by the biometric information input means may be transmitted to the server, and the server may compare and authenticate the two. Alternatively, based on the authentication request from the server, the authentication using the biometric information may be executed by the portable information terminal 100, and the execution result may be returned to the server as data indicating the authentication success or the authentication failure. In the latter case, since it is not necessary to transfer the biometric information to the server, it is possible to reduce the risk of the biometric information being stolen on the network.

(Third Embodiment) In the third embodiment, the personal information authentication device 100 (PersonalTrusted) is used by communicating the above-mentioned morphological information terminal 100 with a device such as a bank ATM terminal that requires personal authentication. Device
It is intended to function as e). The hardware configuration of the mobile information terminal 100 may be almost the same as that of the second embodiment, but as for the software configuration, software for causing the mobile information terminal 100 to function as a personal authentication device is added. become.

In a general ATM terminal, when withdrawing cash, a cash card and a personal identification number are used for authentication. In the present embodiment, an example will be described in which the portable information terminal 100 is used as a personal authentication device in place of such an authentication method to perform identity verification. For convenience of explanation, it is assumed that the user has an account in “Bank A” and the account number is “121-220865” in accordance with FIG. Further, regarding the account password information, it is assumed that data having a larger data amount than a normal four-digit number is set. For example, in the present embodiment, it is assumed that 256-byte account password information is set.

The present embodiment is characterized in that the personal identification information stored in the personal identification device can be carried more safely by performing identity verification using the iris information.

FIG. 20 is a connection diagram for explaining the connection status between the devices in this embodiment. Mobile information terminal 100
Communicates with the ATM terminal 800 via the Bluetooth network 150. Then, the ATM terminal 800
It connects to the bank host machine 900 via the bank dedicated line network 850 and processes transaction transactions such as deposit and withdrawal as in the conventional case. Further, the bank host 900 is the other bank host 9
10, 920 and the inter-bank connection network 950 are interconnected to execute a transfer process across banks.

FIG. 21 is a flow chart for explaining the rough operation of this embodiment. In the following, it is assumed that the communication procedure is executed in conformity with Bluetooth. At step t10, the user holding the portable information terminal 100 of this embodiment approaches the ATM terminal 800. At step t11, the ATM terminal 800
Detects the approaching mobile information terminal 100 and starts a customer confirmation session. At this time, challenge information is generated and transmitted to the mobile information terminal 100. Step t12)
The mobile information terminal 100 verifies the identity using the iris information, then generates response information from the account number, account password information, challenge information, and the like, and transmits the response information to the ATM terminal 800. At step t13, ATM
The terminal 800 determines the validity of the sent contents (account number and response information). Then, when it is confirmed that the customer is a legitimate customer, the customer confirmation session is shifted to the command reception session, and to that effect the portable information terminal 100
Send to. At step t14, the portable information terminal 1
00 generates an appropriate command message according to a user's instruction and transmits it to the ATM terminal 800. At step t15, the ATM terminal 800 executes the received command and outputs the execution result thereof to the mobile information terminal 100.
Send to. Then, the command reception session ends. At step t16, the portable information terminal 100
When receiving the execution result, displays it and ends the session with the ATM terminal 800.

FIG. 22 shows the ATM terminal 8 according to this embodiment.
It is a block diagram of 00. The CPU 821 is an arithmetic unit that forms the core of the control unit of the ATM terminal 800. RAM8
22 stores various variables and functions as a work area of a control program. ROM823 is B
It stores the most basic control program such as IOS, and can be configured by EEPROM or the like. Blu
etothIF 830 is a mobile information terminal 100 and Bl.
This is a communication interface for communicating via the Bluetooth network 150. The private line network IF 840 is a communication interface for communicating with the bank host 900 via the bank private line network 850. HDD 850 is the OS
And a hard disk drive that stores application programs. The HDD control circuit 851 is HD
It is a control circuit for controlling the D drive 850. The display 812 is a display device for displaying a menu screen and transaction contents to the user. The display control circuit 824 is a control circuit for controlling display processing of the display 812. The bill mechanism 860 is a mechanical mechanism for paying out bills and depositing bills. The bill mechanism control circuit 861 is a control circuit for driving and controlling the bill mechanism 860.

FIG. 23 shows the A when the ATM terminal 800 in this embodiment detects the approach of the portable information terminal 100.
9 is a flowchart illustrating a processing procedure of software of the TM terminal 800. The program in which this processing is described indicates that the mobile information terminal 100 has approached Bluetooth.
When detected by the othIF 830, the ATM terminal 80
0 from the main program, the mobile information terminal 100
It realizes banking transactions through. Both programs are stored in the HDD 850.

In step S7001, the CPU 821
In order to perform secure communication with the approaching mobile information terminal 100,
Initiate a customer verification session via Bluetooth IF 830. Here, the mobile information terminal 100 and the SS
By performing a negotiation equivalent to L, it is assumed that subsequent communication contents are encrypted. Furthermore, the CPU 821
Challenge information consisting of a random number sequence is generated and embedded in the customer confirmation session start message. Then, the Bluetooth IF 830 is instructed to transmit the customer confirmation session start message to the mobile information terminal 100.
BluetoothIF830 responds to this instruction by
The message is transmitted to the mobile information terminal 100 via Bluetooth.
transmission via the th network 850.

In step S7002, the CPU 821
Wait for communication from the mobile information terminal 100, and
Receive data via ooothIF 830.

In step S7003, the CPU 821
The account number and response information are extracted from the received data. In step S7004, the CPU 821 determines the validity of the retrieved account number and response information. If it is determined to be valid, step S7
If 005 is determined to be invalid, the process proceeds to step S7009. In order to confirm the validity, CHAP (Challenge Handshake Authentication) is used for the account number by using the challenge information and the response information.
Protocol: Authentication procedure based on 3-way handshake and user authentication protocol that uses authentication data calculated by hash function). That is, the account password information and challenge information corresponding to the account number are ordered from the bank host machine 900 via the leased line network IF840, these pieces of information are input to the one-way hash function, and the output is used as response information. Compare. Thereby, the CPU 821 confirms the validity.

In step S7005, since it is confirmed from the communication contents that the customer is a valid customer, the CPU 82
1 shifts from the customer confirmation session to the command reception session. Then, the CPU 821 lists up tradeable commands from the confirmed account attribute information,
A command reception message is transmitted to mobile information terminal 100. Note that the correspondence between the attribute information and the command is stored in advance in the HDD.
It is assumed to be stored in 850. Step S700
In 6, the CPU 821 waits again for communication from the mobile information terminal 100, and causes the Bluetooth IF 830 to receive the data.

In step S7007, the CPU 821
Command information is extracted from the received data and the extracted command is executed. For example, when the command is a transfer process, an instruction to that effect is transmitted from the dedicated line network IF 840 to the bank host machine 900. For example, when the command is the withdrawal process of the deposit, the bank host machine 900 is instructed to check the balance and prepare the designated amount to the bill mechanism control circuit 861, and the bill mechanism control circuit 861 designates the bill mechanism 860. The banknote mechanism 860 dispenses a banknote corresponding to the amount.

Finally, in step S7008, the CPU 8
21 transmits the execution result to the portable information terminal 100 via the Bluetooth IF 830, and ends the command reception session.

At step S7009, the portable information terminal 1
The processing when it is determined that the communication content from 00 is not valid is performed. Typically, Bluetooth IF830
Notify your bank's customer service contact via
End the customer verification session.

In order to confirm the customer by using the account number and account password information at the ATM terminal 800, it is necessary to actually communicate with the bank host machine 900. However, in the description of the present embodiment, the portable information terminal 100 will be described. I explained in detail the parts necessary to interact with. For example, step S70
The validity confirmation of 04 is not processed in the ATM terminal 800, the received information is transferred to the bank host machine 900, the bank host machine judges the validity, and only the judgment result is AT
The safety may be further enhanced by notifying the M terminal 800.

Further, the ATM terminal 800 actually discards the session and detects the next portable information terminal 100 at the time of exceptional processing such as loss of communication with the portable information terminal 100 during the session. In this embodiment,
A description of such exceptional situations is omitted.

FIG. 24 is a flow chart for explaining the software processing procedure of the portable information terminal 100 when the portable information terminal 100 in this embodiment carries out a bank transaction with the ATM terminal 800. The program describing this processing is called from step S1005 of FIG. 7 according to an instruction from the user, and realizes a bank transaction via the mobile information terminal 100.

First, in step S8001, the CPU1
21 transmits the message to the ATM terminal 800 to notify the approach of the mobile information terminal 100 to the communication control circuit 1.
Instruct 26. According to the instruction, the communication control circuit 126 sends the message from the communication device 130 to the ATM.
It is transmitted to the terminal 800. The CPU 121 further executes a negotiation corresponding to SSL to perform secure communication, and encrypts subsequent communication contents.

Next, in step S8002, communication device 130 receives a customer confirmation session start message including challenge information from ATM terminal 800. The received message is C via the communication control circuit 126.
It is transferred to the PU 121. The CPU 121 extracts challenge information from this message.

In step S8003, in response to this start message, the CPU 121 confirms the identity using the iris information. The procedure for identity verification using iris information is the second
Is as described in the embodiment. In the present embodiment, the screen shown in FIG. 25 is displayed on the display LCD 112 to prompt the user to confirm the identity using the iris information. Here, if it is confirmed that the person is the person, the process proceeds to step S8004. If it is not confirmed, the fact that the person cannot be confirmed is displayed on the LCD 112, and then the step S801.
Go to 0.

Since it is confirmed in step S8004 that the user is the person himself / herself, the CPU 121 advances the procedure for customer confirmation. Here, the CPU 121 is a ROM
The user's account number and account password information safely stored in 123 are read and response information is generated. Specifically, the same hash function as the one-way hash function in step S7004 is used to process the account password information and the challenge information to obtain response information.

In step S8005, the CPU 121
Causes the communication device 130 to transmit the user's account number and response information to the ATM terminal 800.

At step S8006, the ATM terminal 80
Communication from 0 is waited for, and the communication device 130 receives data.

In step S8007, it is determined whether the received data is a command reception message. Here, if the received data is a command reception message, the process proceeds to step S8008, and if not, the received message is sent to the LCD 11
2 is displayed, the process proceeds to step S8011.

In step S 8008, the CPU 121
In accordance with the content of the received command reception message, a transactable command such as withdrawal of deposit or transfer is displayed on the command reception screen on the LCD 112, and the user's instruction is awaited. Depending on the type of command, a submenu is displayed,
Enter or select the parameters required for the command. Figure 2
6 is a diagram showing an example of a command reception screen.

In step S8009, the CPU 121
Generates an appropriate command message from the command and the parameter designated by the user, and transmits the command message from the communication device 112 to the ATM terminal 800.

Finally, in step S8010, communication device 112 receives the command execution result from ATM terminal 800. When the CPU 121 receives the execution result,
It is displayed on the LCD 112 and the session with the ATM terminal 800 is ended. FIG. 27 is a diagram showing a display example of the execution result.

In step S8011, the CPU 121
The process ends after clearing session-related data such as intermediate data during the session.

Although the transaction with one bank is described here, in the case of a user who has transactions with a plurality of banks, the account password information of each bank is stored in the ROM 123, and when necessary. In addition, personal identification may be performed using iris information or the like. This makes it possible to easily carry out necessary bank transactions even in situations where it is difficult for the user to remember all the account password information for each bank. Note that if there is no input for a certain period during the session, the session may be canceled for safety.

As described above, in the present embodiment, the personal confidential information stored in the portable information terminal 100 can be safely carried by the identity confirmation using the proposed iris information. Further, by displaying the transaction process on the mobile information terminal 100 of the present proposal, it is possible to reduce the risk of being peeped by another person. This makes it possible to provide a safer and simpler authentication means.

Further, in the present embodiment, an example in which the account password information safely held in the portable information terminal 100 is used by performing the identity verification using the iris information has been described. However, instead of concealing the key information such as the password in the portable information terminal 100 as described above, the iris information may be directly used as the key information. Further, although the present embodiment has been described on the premise that the portable information terminal 100 and the ATM terminal 800 perform communication conforming to the Bluetooth specification, from the viewpoint of safely providing the personal authentication function, Bluetooth is used.
By performing communication with a radio wave output weaker than the specifications and limiting the effective range of the radio wave, the concern of signal interception in wireless communication may be reduced.

Further, in the present embodiment, an example in which the personal authentication device to which the mobile information terminal 100 of the present proposal is applied is applied to a bank transaction is explained. However, in another system that requires authentication in the real world, A personal authentication device may be applied. For example, it can be used as a part of identity verification in a service provided by an electronic government or an electronic local government. Alternatively, under the connection environment as shown in FIG. 5 described in the first embodiment or the second embodiment,
This embodiment can be applied to the case of receiving a service on the Internet. Typically, the portable information terminal 100 is made to operate in cooperation with a server program on a network that requires personal authentication such as a billing service on the Internet, a personal information service and an Internet banking service. Good.

(Fourth Embodiment) The third embodiment is an example in which a CHAP-equivalent method is used as a method of confirming the account password information held in the portable information terminal 100.
The fourth embodiment is the same as the third embodiment in that the portable information terminal 100 is used as a personal authentication device, but
A feature is that an electronic signature is used to confirm the account password information held in the portable information terminal 100. More specifically, the account password information is confirmed by an electronic signature using the RSA public key cryptosystem. That is, the public key paired with the private key held in the portable information terminal 100 is registered in the bank host machine 900 in advance. The mobile information terminal 100 signs the challenge information generated by the ATM terminal 800 using the private key. The bank host machine 900 judges the validity of the signature information by using the public key paired with the private key. Specifically, it can be implemented by changing the following two steps described in the third embodiment as follows.

The first change point is step S70.
04. This will be described below in step S7104.
Replace with. In step S7104, the CPU 821
Judges the validity of the retrieved account number and response information. If it is determined to be valid, the process proceeds to step S7005, and if it is determined to be invalid, the process proceeds to step S7009. In order to confirm the validity, the challenge information and the response information for the account number are sent from the dedicated line network IF to the bank host machine 90 from the 840.
0 to let the bank host machine 900 judge the validity. The bank host machine 900 extracts the signature information from the response information, substitutes the extracted signature information and the public key of the RSA public key encryption method registered in advance for the account number into the signature confirmation function to obtain the signature information. Judge the legitimacy.

The second change point is step S80.
04. This will be described below in step S8104.
Replace with. In step S8104, since it is confirmed that the user is the person himself / herself, the procedure for customer confirmation is advanced. Here, the user's account number and account password information safely stored in the ROM 123 of the mobile information terminal 100 are read out, and the CPU 121 generates response information. The account password information in this embodiment is R
This is a private key of the SA public key cryptosystem. The public key paired with this private key is securely registered in advance in the bank host machine 900. A specific method of generating response information is to apply a signature by applying a secret key and challenge information to a signature function that makes a pair with the signature confirmation function of step S7104,
The signature information is used as response information.

With the above two changes, it becomes possible to confirm the account password information by using the electronic signature, and it is possible to easily provide a safer authentication means.

In addition, the bank host machine 900 is
(Certification Authority)
The public key certificate guaranteed as
00, the portable information terminal 100 attaches the signature information and the public key certificate to the response information, and the ATM terminal 800
By sending to AT, instead of bank host machine 900
The M terminal 800 may confirm the validity of the signature information.

(Other Embodiments) Incidentally, a storage medium storing a program code of software for realizing the functions of the above-described embodiments is supplied to a system or an apparatus,
Computer of the system or device (or CP
It goes without saying that the present invention can also be achieved by reading and executing the program code stored in the storage medium by the U or MPU).

In this case, the program code itself read from the storage medium realizes the functions of the above-described embodiments, and the storage medium storing the program code constitutes the present invention.

As a storage medium for supplying the program code, for example, a floppy disk, a hard disk, an optical disk, a magneto-optical disk, a CD-ROM, a CD
-R, magnetic tape, non-volatile memory card, ROM,
Alternatively, a server computer or the like connected to a communicable network can be used.

Further, by executing the program code read by the computer, not only the functions of the respective embodiments described above are realized, but also the OS or the like running on the computer is executed based on the instruction of the program code. Needless to say, the present invention includes cases where a part or all of the actual processing is performed and the functions of the above-described embodiments are realized by the processing.

Further, after the program code read from the storage medium is written in the memory provided in the function expansion board inserted into the computer or the function expansion unit connected to the computer, based on the instruction of the program code, Needless to say, the present invention also includes a case where the CPU or the like included in the function expansion board or the function expansion unit performs a part or all of the actual processing and the functions of the above-described embodiments are realized by the processing. .

[0163]

As described above in detail, according to the present invention, the portable information provided with the input section such that the third party cannot substantially recognize the input information only by observing the key input operation. A terminal is provided.

Further, according to another aspect of the present invention, there is provided a portable information terminal which transmits a personal identification number stored therein when a personal identification number or the like is requested from an information processing device such as a bank terminal. .

Further, according to the portable information terminal of the present invention,
Although it is small, it is possible to realize personal authentication safely and easily.

[Brief description of drawings]

FIG. 1 is an external view of a mobile information terminal according to an embodiment.

FIG. 2 is a cross-sectional view showing an internal configuration of a mobile information terminal.

FIG. 3 is a diagram showing an optical path of a free-form surface prism.

FIG. 4 is a block diagram showing an electric circuit mounted on the portable information terminal.

FIG. 5 is a diagram showing a connection form between a portable information terminal and a network.

FIG. 6 is a diagram showing an example of an HTTP communication sequence.

FIG. 7 is a flowchart showing an operation procedure of the mobile information terminal.

FIG. 8 is a flowchart showing a procedure of Web access processing executed in the mobile information terminal.

9 is a diagram showing an example of Web page information displayed on a small liquid crystal display by the Web access processing shown in FIG.

FIG. 10 is a flowchart showing a procedure of a setting process executed in the mobile information terminal.

FIG. 11 is a diagram showing an example of set values displayed on a small liquid crystal display.

FIG. 12 is a flowchart showing a procedure of software keyboard processing executed in the portable information terminal.

FIG. 13 is a diagram showing an example of pre-registered words and phrases.

FIG. 14 is a diagram showing an example of a screen in which a software keyboard including input keys for pre-registered words is displayed on a small liquid crystal display.

FIG. 15 is a flowchart showing an authentication procedure executed in the mobile information terminal.

FIG. 16 is a diagram showing a software keyboard excluding an input key for pre-registered words.

FIG. 17 is a diagram showing a configuration of an image pickup optical system according to a second embodiment.

FIG. 18 is a block diagram showing an electric circuit mounted on the portable information terminal.

FIG. 19 is a flowchart showing an authentication procedure executed in the mobile information terminal.

FIG. 20 is a connection diagram illustrating a connection status between devices according to the third embodiment.

FIG. 21 is a diagram showing an example of a signal sequence between an ATM terminal and a mobile information terminal.

22 is a block diagram showing a configuration example of an ATM terminal 800. FIG.

FIG. 23 is a flowchart explaining the operation of the ATM terminal 800.

FIG. 24 is a flowchart illustrating a bank transaction procedure of mobile information terminal 100.

FIG. 25 is a diagram showing an example of a screen when the mobile information terminal 100 prompts the user to confirm the identity.

FIG. 26 is a diagram showing a screen example of a command reception of the portable information terminal 100.

27 is a diagram showing an example of a command execution result display of the mobile information terminal 100. FIG.

[Explanation of symbols]

100 Portable Information Terminal 110 Enlarged Display Device (Screen Display Unit) 111 Free-Form Surface Prism 112 Small Liquid Crystal Display 113 Backlight 120 Small Computer Device 121 CPU (First Display Means, Storage Means, Second Display Means, Display Input Means ) 122 RAM (storage section, display input means) 123 ROM 124 display control circuit (first display means, second display means, display input means) 125 bus 126 communication control circuit 127 input control circuit 128 LED control circuit 129 power supply Control circuit 130 Communication device 140 Input device (operating means) 150 LED device 160 Power supply device 171 Imaging optical system 172 Imaging device 173 Infrared light source 175 Imaging control circuit

─────────────────────────────────────────────────── ─── Continuation of front page (51) Int.Cl. ⁷ Identification code FI theme code (reference) G06F 15/00 330 G06F 15/00 330B 5K067 330F H04L 9/32 H04M 1/00 U H04M 1/00 1 / 274 1/274 1/725 1/725 H04B 7/26 109H H04Q 7/38 H04L 9/00 673D F term (reference) 5B019 BA10 DA06 DA08 DA10 EA10 GA10 HD20 HG30 5B085 AE03 AE25 BE01 5J104 AA07 AA16 EA03 KA01 5K27 KA16 AA11 BB09 FF01 FF22 HH23 HH26 5K036 AA07 BB18 DD48 JJ01 JJ13 5K067 AA30 BB04 BB21 DD17 EE02 EE16 EE35 HH24 HH36

Claims (24)

[Claims] 1. A housing that can be gripped by hand, a window portion provided in the housing, a magnifying optical portion provided inside the window portion, and the window portion via the magnifying optical portion. A portable information terminal, comprising: a display unit for displaying image information on the display; and an input unit for inputting instruction information for controlling the movement of the cursor displayed on the display unit. 2. The portable information terminal according to claim 1, wherein the magnifying optical unit includes a free-form surface prism. 3. The area of the window is such that a third party cannot substantially look into the window when the user of the portable information terminal is in contact with the window. The mobile information terminal according to claim 1 or 2, characterized in that. 4. A control unit for controlling the display unit and the input unit is further provided, wherein the control unit controls the display unit to display a keyboard image, and further, a click signal is input from the input unit. 2. A key corresponding to the cursor position when the cursor is pressed is used as input information.
The portable information terminal according to claim 3. 5. The biometric information input unit for inputting biometric information is further provided, and the control unit executes authentication processing based on the input biometric information. The mobile information terminal according to any one of 1. 6. An encryption unit having at least one encryption algorithm implemented therein, and a communication unit for exchanging information with other devices, wherein the control unit is based on the input biometric information. The mobile information terminal according to claim 5, wherein the encryption unit encrypts the information, and the communication unit transmits the encrypted information. 7. The portable information terminal according to claim 6, wherein the communication unit is a low-power wireless communication unit. 8. The wireless communication means is Bluetooth.
The portable information terminal according to claim 7, wherein the portable information terminal is compliant with the h specification or communicates using a transmission output weaker than the Bluetooth specification. 9. The biometric information input unit inputs information about an iris pattern, a retina pattern, a fingerprint or a voice print of a user's eye, according to claim 5. Mobile information terminal. 10. The encryption unit is an SSL (Secur).
10. An encryption algorithm corresponding to e Socket Layer) is provided, and the communication unit communicates encrypted information with a communication partner in accordance with the communication procedure of the SSL. The mobile information terminal according to any one of 1. 11. The communication unit transmits personal authentication information required for the personal authentication process to an information processing device that executes the personal authentication process. The mobile information terminal according to item 1. 12. The portable information terminal according to claim 11, wherein the information processing device is a bank terminal or a server on a network that includes a communication unit that communicates with the communication unit. 13. The encryption unit uses the input biometric information as key information.
The portable information terminal according to claim 12. 14. The storage unit further stores a plurality of pieces of key information used by the encryption unit, wherein the control unit stores a plurality of pieces of information stored in the storage unit based on the input biometric information. 14. The portable information terminal according to claim 13, wherein at least one key information is selected from the key information, and the selected key information is used by the encryption unit. 15. The mobile information terminal according to claim 6, wherein the encryption unit generates signature information by an electronic signature using a public key cryptosystem. 16. A display unit for displaying an image, a magnifying optical unit for optically magnifying the image displayed on the display unit, and a control instruction according to the image displayed on the display unit are input. A personal authentication method using a mobile information terminal having an input unit, the step of determining whether the control instruction is a request to start an authentication process, and the control instruction is a request to start an authentication process. When it is determined, the step of inputting biometric information related to the user of the portable information terminal, and determining whether the user is a valid user based on the biometric information and pre-registered personal authentication information A personal authentication method, comprising: a step of outputting predetermined information when the user is a legitimate user. 17. The personal authentication method according to claim 16, wherein the predetermined information is password-related information transmitted to another device via a communication line and verified by the device. 18. The personal authentication method according to claim 17, wherein the password-related information includes account information and password information. 19. An authentication auxiliary terminal for transmitting password related information via a communication line to an information processing device requesting password related information at the time of use, the first storage storing the password related information. Means, second storage means for storing permission information for permitting transmission of the password-related information, biometric information input means for inputting biometric information from a user of the authentication auxiliary terminal, the biometric information and the Determination means for determining whether or not the transmission of the password-related information is permitted based on the permission information; and transmission means for transmitting the password-related information when the transmission is determined to be permitted. An authentication assisting terminal, comprising: 20. The information processing device is a bank terminal or a server on a network, which includes a receiving unit that receives the password-related information and an authentication unit that executes personal authentication based on the password-related information. The authentication assisting terminal according to claim 19, wherein: 21. The authentication assistant terminal according to claim 19 or 20, wherein the biometric information input means inputs information about an iris pattern, a retina pattern, a fingerprint or a voiceprint of a user's eye. 22. An authentication assisting method for transmitting password related information via a communication line to an information processing device which requests password related information at the time of use, comprising the password related information and the password related information. Storing permission information for permitting transmission, inputting biometric information from a person who desires to use the information processing device, and the password-related information based on the biometric information and the permission information. And a step of transmitting the password-related information when the transmission is determined to be permitted, and a step of determining whether the transmission is permitted. 23. Claims 1 to 15 and 1.
A computer program comprising a program code for causing a computer to perform all of the means described in any one of claims 9 to 21. 24. A computer program comprising a program code for causing a computer to execute each of the steps recited in claim 16 or 22.