JP2006085559A - Personal identification system, personal authentication method and storage medium - Google Patents

Personal identification system, personal authentication method and storage medium Download PDF

Info

Publication number
JP2006085559A
JP2006085559A JP2004271433A JP2004271433A JP2006085559A JP 2006085559 A JP2006085559 A JP 2006085559A JP 2004271433 A JP2004271433 A JP 2004271433A JP 2004271433 A JP2004271433 A JP 2004271433A JP 2006085559 A JP2006085559 A JP 2006085559A
Authority
JP
Japan
Prior art keywords
fingerprint
authentication
db
password
personal
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
JP2004271433A
Other languages
Japanese (ja)
Inventor
Keiichi Takashima
敬一 高島
Original Assignee
Canon Inc
キヤノン株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Canon Inc, キヤノン株式会社 filed Critical Canon Inc
Priority to JP2004271433A priority Critical patent/JP2006085559A/en
Publication of JP2006085559A publication Critical patent/JP2006085559A/en
Withdrawn legal-status Critical Current

Links

Images

Abstract

<P>PROBLEM TO BE SOLVED: To provide an authentication system that enhances security strength by combining a fingerprint identification device with an authentication device having input keys into a personal authentication system. <P>SOLUTION: As a password is input into the authentication device having input keys, the fingerprints of the fingers that press input keys are read by the fingerprint identification device, and both are matched against a fingerprint DB and a password DB. The fingerprint image read at each input keystroke is matched against the fingerprint DB for fingerprint authentication that acquires a personal identifier and a finger identifier as authentication results. The input character and the finger identifier of each input acquired by the matching against the fingerprint DB are further matched against the password DB for finger-assigned password authentication. <P>COPYRIGHT: (C)2006,JPO&NCIPI

Description

  The present invention relates to a personal authentication device, a personal authentication method, and a personal authentication device, which determine the authenticity of an input password, determine the authenticity of a read fingerprint image, and enable more accurate and reliable identification. The present invention also relates to a computer-readable recording medium on which a control program for personal authentication is recorded.

As a means for personal authentication, input of a password or a personal identification number (password method) is generally used. Recently, biometrics methods such as fingerprint authentication have begun to spread due to their ease of use. However, in the password method, if the password is stolen or decrypted, the security is easily broken, and in the biometric method, impersonation may be possible by using a copied fingerprint. Therefore, an apparatus using an authentication method that combines a password method and a biometrics method has been devised in order to realize stronger security. For example, Patent Document 1 devises a personal authentication device in which a fingerprint identification device is provided in an authentication device having an input key.
JP2001-242952

  The security strength of a personal authentication device in which a fingerprint identification device is provided in an authentication device having such an input key is the same as the security strength obtained by combining individual authentication devices.

  The present invention relates to a personal authentication device and a personal authentication method using a designated password authentication method capable of strengthening security beyond a simple combination of a password method and a fingerprint authentication method without impairing user convenience. And a storage medium.

  Further, the present invention is characterized in that a password is input by an authentication device having an input key, and at the same time, a fingerprint of the finger when the input key is pressed is read by the fingerprint identification device, and collated with the fingerprint DB and the password DB. It is desirable to use a touch sensor switch with an input key displayed on the touch panel, and the touch panel has a fingerprint identification function. However, open a device with a fingerprint reader next to the input key, or open each key top of the input key. It is also possible to use an apparatus configured such that a fingerprint image reading unit appears at the same time.

  In addition, the present invention performs fingerprint authentication by comparing the fingerprint image read by the fingerprint identification device every time the input key is pressed with the fingerprint DB, obtains the personal identifier and finger identifier of the authentication result, and when all the input keys are pressed It is characterized by authenticating from a fingerprint. The fingerprint DB stores a plurality of sets of personal identifiers, finger identifiers, and fingerprint images per user. By comparing the read fingerprint image with the fingerprint DB, it is possible to identify who is which finger. In addition, since a plurality of fingers can be registered per user, fingerprint recognition can be performed a plurality of times with different fingers, thereby realizing stronger security. The fingerprint DB may be inside the personal authentication apparatus or may exist outside and be connected via a network.

  Further, the present invention is characterized in that finger-specified password authentication is performed by collating a character input by an input key with a finger identifier for each input obtained by collation with the fingerprint DB against the password DB. The password DB stores a plurality of sets of input characters and finger identifiers and a set of personal identifiers per user. By assigning a finger identifier to each input character of the password, a finger designation password becomes possible, and stronger security can be realized. The password DB may be inside the personal authentication apparatus or may exist outside and be connected via a network.

  According to the present invention, personal authentication is not possible unless two types of secret keys, that is, a password and a plurality of fingerprints, and information about a finger that presses the password are provided, and security is stronger than a combination of a simple password method and a fingerprint authentication method. Can be realized. In addition, password input and fingerprint authentication can be performed at the same time with almost the same operation as the conventional password method, and there is almost no burden on the user. Furthermore, since it does not look like fingerprint authentication from the side, it is difficult to realize that it is necessary to duplicate fingerprints to break security. In addition, when an attempt is made to use it illegally, the fingerprint remains and becomes a clue for identifying the criminal.

Further, as in the second embodiment, even when the fingerprint recognition rate is slightly low, it is possible to perform a flexible operation in which the user's convenience is improved by avoiding repeated authentication failures.
Further, as in the third embodiment, extremely strong security that requires finger designation password input by a plurality of persons can be achieved.

Example 1
Embodiments of the present invention will be described below with reference to the drawings.

  FIG. 1 is a block diagram showing a system configuration of an embodiment of a personal authentication apparatus according to the present invention, and FIG. 2 is an example of a touch panel therein. FIG. 3 is a diagram showing a configuration of the entire system. FIG. 4 is a flowchart showing the flow of data processing in the personal authentication apparatus of FIG.

  First, the configuration of the personal authentication apparatus of this embodiment will be described with reference to FIG.

  The personal authentication device according to the present embodiment includes a central processing unit 1, a storage device 2, an external auxiliary storage device 3, a touch panel 4 with a fingerprint authentication function, a network connection device 5, and the like.

  FIG. 2 is an example of the touch panel 4 with a fingerprint authentication function.

  As shown in FIG. 3, the personal authentication device performs authentication by comparing the password and fingerprint image input by the user with the personal information DB, fingerprint DB, and password DB via the network connection device 5.

  FIG. 4 is an example of information registered in advance in the personal information DB, fingerprint DB, and password DB by the user of the apparatus. Personal information such as name and address provided by the user is registered in the personal information DB, and a unique number (excluding 0) for identifying the user inside the system is assigned to the user ID. The user ID is also used as a key for identifying the user in the fingerprint DB and password DB. The fingerprint DB registers a fingerprint image of a plurality of fingers for one user and which finger it is, and identifies which finger of which user ID the fingerprint image read by the touch panel 4 with a fingerprint authentication function is. It can be so. It is not necessary to register all fingers, but all fingers registered in the password DB must be registered. In the password DB, not only numbers and characters but also which finger to press each character (finger designation password) is registered. For example, “{3, 6 (right thumb)}, {8, 9 (right ring finger)}, {8, 5 (left little finger)}, {7, 8 (right middle finger)}” are registered.

  FIG. 5 shows a memory map in a state where the personal authentication program and the program work memory are stored in the storage device 2 and the program can be executed.

  The external auxiliary storage device 3 indicates that the program, personal information DB, fingerprint DB, password DB, and the like can be distributed from the medium to the personal authentication device. A ROM, floppy (registered trademark) disk, CD-ROM, hard disk, memory card, magneto-optical disk, or the like can be used as a storage medium for storing the program and each DB.

  Next, the operation of the present embodiment will be described based on the flowchart of FIG.

  First, the key input by the user is recognized (step S601), and what key is determined (step S602). If it is a password key (0 to 9, *, # in the case of the touch panel of FIG. 2), it is determined whether or not the input character exceeds the maximum number of characters (step S603), and if it exceeds, the process returns to S601. If the maximum number of characters has not been exceeded, the fingerprint is read (step S604), the fingerprint image thus read is checked against the fingerprint DB (step S605), and the user ID and finger number are acquired. If fingerprint authentication cannot be performed, the user ID and finger number are set to 0. That is, it is assumed that 0 does not exist in the user ID and the finger number. The input key, user ID, and finger number are additionally stored in the 504 program work memory of FIG. 5 as a set of recognition data (step S606). FIG. 7 shows a state where recognition data is stored up to the fourth character.

  If it is determined that the cancellation is made in S602, all the recognition data stored in the 504 program work memory in FIG. 5 is deleted (step S607).

  If the authentication start key (OK in the case of the touch panel of FIG. 2) is recognized in S602, first, it is determined whether the user IDs of the recognition data stored in the 504 program work memory are not all 0 and the same. (Step S608). This is the same as personal authentication using a plurality of fingerprints. If the authentication result is OK, the designated password authentication is performed (step S609). This is to determine whether the input character and finger number of the recognition data stored in the 504 program work memory match the character code and finger number of the password information corresponding to the user ID stored in the password DB. is there. It seems that it is more common to determine the match including the order, but depending on the operation, it can also be determined in combination. If the authentication result is OK, an authentication OK process is performed (step S610), and the entire process ends. If either S608 or S609 is NG, an authentication NG process is performed (step S611), and the entire process is terminated.

(Example 2)
If the recognition rate of fingerprint authentication is not good or the recognition error rate is high in S605 of the first embodiment, some user IDs in the recognition data become 0 or different user IDs, and authentication in S608 A case where the result is NG frequently occurs. In such a case, only one user ID is allowed to be 0, or more than half of the user IDs may be the same. For example, the user's convenience is improved by slightly lowering the determination criterion in S608. It is possible. In this case, in step S609, the finger number is not used for the determination with respect to the input character having the user ID = 0 or a different user ID in the recognition data stored in the 504 program work memory, and only the input character is determined.

(Example 3)
By adding user IDs one by one as passwords to be registered in the password DB and allowing multiple user IDs, a stronger security system that cannot be authenticated without password input by specific fingers by multiple people can be obtained. Is possible. In that case, the fingerprint authentication in S608 and the finger designation password authentication in S609 of the first embodiment are performed in one authentication process (user designation password authentication).

It is a block diagram which shows the hardware constitutions of the information processing system which implement | achieves this implementation. It is a figure which shows an example of the touchscreen of a present Example. It is a figure which shows the structure of the whole system in this implementation. It is a figure which shows an example of the information stored in each database. And a memory map in a state where the personal authentication program can be executed. It is a flowchart which shows the flow of the data processing in the computer of FIG. It is a figure which shows the program work memory of the state in which the recognition data for 4 characters were stored.

Claims (7)

  1.   A personal authentication device characterized in that a fingerprint identification device is provided in an authentication device having an input key, and a fingerprint DB and a password DB are collated.
  2.   2. The personal authentication apparatus according to claim 1, wherein the fingerprint DB stores a plurality of sets of personal identifiers, finger identifiers, and fingerprint images per user.
  3.   The personal identification device according to claim 1, wherein the password DB stores a plurality of sets of input characters and finger identifiers and a set of personal identifiers per user.
  4.   A personal authentication method characterized in that a password is input by an authentication device having an input key, and at the same time, a fingerprint of the finger when the input key is pressed is read by a fingerprint identification device, and collated with the fingerprint DB and password DB.
  5.   Each time the input key is pressed, the fingerprint image read by the fingerprint identification device is collated with the fingerprint DB, fingerprint authentication is performed, the personal identifier and finger identifier of the authentication result are obtained, and authentication is performed from the fingerprint when all the input keys are pressed. 5. A personal authentication method according to claim 4 and characterized in that:
  6.   The personal authentication method according to claim 4, wherein the character specified by the input key and the finger identifier for each input acquired in claim 5 are collated with the password DB to perform finger designation password authentication.
  7.   A storage medium storing a program for causing the personal authentication apparatus according to any one of claims 1 to 3 to execute the procedure of the personal authentication method according to any one of claims 4 to 6.
JP2004271433A 2004-09-17 2004-09-17 Personal identification system, personal authentication method and storage medium Withdrawn JP2006085559A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
JP2004271433A JP2006085559A (en) 2004-09-17 2004-09-17 Personal identification system, personal authentication method and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
JP2004271433A JP2006085559A (en) 2004-09-17 2004-09-17 Personal identification system, personal authentication method and storage medium

Publications (1)

Publication Number Publication Date
JP2006085559A true JP2006085559A (en) 2006-03-30

Family

ID=36163996

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2004271433A Withdrawn JP2006085559A (en) 2004-09-17 2004-09-17 Personal identification system, personal authentication method and storage medium

Country Status (1)

Country Link
JP (1) JP2006085559A (en)

Cited By (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2008305382A (en) * 2007-03-19 2008-12-18 Acer Inc System and method for fingerprint registration, setting of application login method, and application login
JP2009009332A (en) * 2007-06-27 2009-01-15 Sharp Corp User authentication system, and image processing system equipped therewith
JP2009048418A (en) * 2007-08-20 2009-03-05 Nec Corp Personal digital assistant, personal digital assistant authentication method and personal digital assistant authentication program
JP2009104339A (en) * 2007-10-22 2009-05-14 Kyocera Mita Corp Image forming apparatus
JP2009116570A (en) * 2007-11-06 2009-05-28 Oki Electric Ind Co Ltd Transaction device and data input method for transaction device
US8943580B2 (en) 2007-09-24 2015-01-27 Apple Inc. Embedded authentication systems in an electronic device
US9342674B2 (en) 2003-05-30 2016-05-17 Apple Inc. Man-machine interface for controlling access to electronic devices
JP2017511912A (en) * 2014-01-30 2017-04-27 クアルコム,インコーポレイテッド Dynamic keyboard and touchscreen biometrics
KR101760326B1 (en) 2016-05-16 2017-07-24 배재광 Method and apparatus for performing user authorization based on touch input including fingerprint information
US9847999B2 (en) 2016-05-19 2017-12-19 Apple Inc. User interface for a device requesting remote authorization
US9898642B2 (en) 2013-09-09 2018-02-20 Apple Inc. Device, method, and graphical user interface for manipulating user interfaces based on fingerprint sensor inputs
US10142835B2 (en) 2011-09-29 2018-11-27 Apple Inc. Authentication with secondary approver
US10395128B2 (en) 2017-09-09 2019-08-27 Apple Inc. Implementation of biometric authentication
US10438205B2 (en) 2014-05-29 2019-10-08 Apple Inc. User interface for payments
US10484384B2 (en) 2011-09-29 2019-11-19 Apple Inc. Indirect authentication
US10521579B2 (en) 2017-09-09 2019-12-31 Apple Inc. Implementation of biometric authentication

Cited By (38)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9342674B2 (en) 2003-05-30 2016-05-17 Apple Inc. Man-machine interface for controlling access to electronic devices
JP2008305382A (en) * 2007-03-19 2008-12-18 Acer Inc System and method for fingerprint registration, setting of application login method, and application login
JP2009009332A (en) * 2007-06-27 2009-01-15 Sharp Corp User authentication system, and image processing system equipped therewith
JP2009048418A (en) * 2007-08-20 2009-03-05 Nec Corp Personal digital assistant, personal digital assistant authentication method and personal digital assistant authentication program
JP6134875B1 (en) * 2007-09-24 2017-05-24 アップル インコーポレイテッド Authentication system built into electronic devices
US8943580B2 (en) 2007-09-24 2015-01-27 Apple Inc. Embedded authentication systems in an electronic device
US9038167B2 (en) 2007-09-24 2015-05-19 Apple Inc. Embedded authentication systems in an electronic device
US9128601B2 (en) 2007-09-24 2015-09-08 Apple Inc. Embedded authentication systems in an electronic device
US9134896B2 (en) 2007-09-24 2015-09-15 Apple Inc. Embedded authentication systems in an electronic device
JP2015167022A (en) * 2007-09-24 2015-09-24 アップル インコーポレイテッド Authentication system incorporated into electronic device
US9274647B2 (en) 2007-09-24 2016-03-01 Apple Inc. Embedded authentication systems in an electronic device
US9304624B2 (en) 2007-09-24 2016-04-05 Apple Inc. Embedded authentication systems in an electronic device
US9329771B2 (en) 2007-09-24 2016-05-03 Apple Inc Embedded authentication systems in an electronic device
US9953152B2 (en) 2007-09-24 2018-04-24 Apple Inc. Embedded authentication systems in an electronic device
US9495531B2 (en) 2007-09-24 2016-11-15 Apple Inc. Embedded authentication systems in an electronic device
US9519771B2 (en) 2007-09-24 2016-12-13 Apple Inc. Embedded authentication systems in an electronic device
JP2017117477A (en) * 2007-09-24 2017-06-29 アップル インコーポレイテッド Embedded authentication systems in electronic device
US10275585B2 (en) 2007-09-24 2019-04-30 Apple Inc. Embedded authentication systems in an electronic device
JP2009104339A (en) * 2007-10-22 2009-05-14 Kyocera Mita Corp Image forming apparatus
JP2009116570A (en) * 2007-11-06 2009-05-28 Oki Electric Ind Co Ltd Transaction device and data input method for transaction device
US10419933B2 (en) 2011-09-29 2019-09-17 Apple Inc. Authentication with secondary approver
US10516997B2 (en) 2011-09-29 2019-12-24 Apple Inc. Authentication with secondary approver
US10484384B2 (en) 2011-09-29 2019-11-19 Apple Inc. Indirect authentication
US10142835B2 (en) 2011-09-29 2018-11-27 Apple Inc. Authentication with secondary approver
US10410035B2 (en) 2013-09-09 2019-09-10 Apple Inc. Device, method, and graphical user interface for manipulating user interfaces based on fingerprint sensor inputs
US10055634B2 (en) 2013-09-09 2018-08-21 Apple Inc. Device, method, and graphical user interface for manipulating user interfaces based on fingerprint sensor inputs
US10262182B2 (en) 2013-09-09 2019-04-16 Apple Inc. Device, method, and graphical user interface for manipulating user interfaces based on unlock inputs
US10372963B2 (en) 2013-09-09 2019-08-06 Apple Inc. Device, method, and graphical user interface for manipulating user interfaces based on fingerprint sensor inputs
US9898642B2 (en) 2013-09-09 2018-02-20 Apple Inc. Device, method, and graphical user interface for manipulating user interfaces based on fingerprint sensor inputs
JP2017511912A (en) * 2014-01-30 2017-04-27 クアルコム,インコーポレイテッド Dynamic keyboard and touchscreen biometrics
US10438205B2 (en) 2014-05-29 2019-10-08 Apple Inc. User interface for payments
WO2017200239A3 (en) * 2016-05-16 2018-08-09 배재광 Method and apparatus for user authentication based on touch input including fingerprint information
KR101760326B1 (en) 2016-05-16 2017-07-24 배재광 Method and apparatus for performing user authorization based on touch input including fingerprint information
US10334054B2 (en) 2016-05-19 2019-06-25 Apple Inc. User interface for a device requesting remote authorization
US9847999B2 (en) 2016-05-19 2017-12-19 Apple Inc. User interface for a device requesting remote authorization
US10410076B2 (en) 2017-09-09 2019-09-10 Apple Inc. Implementation of biometric authentication
US10395128B2 (en) 2017-09-09 2019-08-27 Apple Inc. Implementation of biometric authentication
US10521579B2 (en) 2017-09-09 2019-12-31 Apple Inc. Implementation of biometric authentication

Similar Documents

Publication Publication Date Title
US20180204080A1 (en) System for multiple algorithm processing of biometric data
US8775819B2 (en) Flexible method of user authentication
Roy et al. Masterprint: Exploring the vulnerability of partial fingerprint-based authentication systems
EP3257194B1 (en) Systems and methods for securely managing biometric data
US9400879B2 (en) Method and system for providing authentication through aggregate analysis of behavioral and time patterns
Jain et al. Biometrics: a tool for information security
JP4519963B2 (en) Biometric information encryption / decryption method and apparatus, and personal authentication system using biometric information
US6700998B1 (en) Iris registration unit
US8417960B2 (en) Method for generating an encryption key using biometrics authentication and restoring the encryption key and personal authentication system
US8605959B2 (en) Apparatus, system, and method for sequenced biometric authentication
US7475812B1 (en) Security system for access control using smart cards
Uludag et al. Biometric cryptosystems: issues and challenges
JP4111810B2 (en) Personal authentication terminal, personal authentication method, and computer program
CN100414867C (en) Protection of biometric data via key-dependent sampling
Pankanti et al. Biometrics: The future of identification [guest eeditors' introduction]
KR100847532B1 (en) User terminal and authenticating apparatus used for user authentication using information of user&#39;s behavior pattern
JP3957130B2 (en) User authentication method, user authentication system, verification device, storage device, and electronic data record carrier
US7653818B2 (en) System and method for user authentication with enhanced passwords
EP1418486B1 (en) Fingerprint-based authentication apparatus
JP4531374B2 (en) Information holding device
US7689006B2 (en) Biometric convolution using multiple biometrics
US7191466B1 (en) Flexible system and method of user authentication for password based system
US6268788B1 (en) Apparatus and method for providing an authentication system based on biometrics
US8171304B2 (en) Method, system and computer program product for multiple biometric template screening
US6393139B1 (en) Sequence-encoded multiple biometric template security system

Legal Events

Date Code Title Description
A300 Withdrawal of application because of no request for examination

Free format text: JAPANESE INTERMEDIATE CODE: A300

Effective date: 20071204