JP2006331355A - Authentication apparatus - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide an authentication apparatus when transmitting and receiving data through facsimile, etc., enabling prompt authentication by recording fingerprint data in a name card and a registration card, with sufficiently ensured security by means of rearrangement of split fingerprint images and adoption of a personal identification code corresponding to each split fingerprint image. <P>SOLUTION: The authentication apparatus stores fingerprint data together with data ordinarily described on the name card, and registers in advance name card information acquired through exchanging the name cards. Fingerprint data information, etc. are registered as electronic data in an IC incorporated in the name card. When facsimile data, etc. are transmitted to the opposite party to which the name card is exchanged, first, the fingerprint data is transmitted to the destination party, and after the opposite party is confirmed, data are transmitted and received, thereby preventing incorrect transmission produced in facsimile transmission, etc. <P>COPYRIGHT: (C)2007,JPO&INPIT

Description

  The present invention relates to an authentication apparatus for transmitting and receiving data by facsimile or the like.

  In recent years, authentication apparatuses that perform personal authentication using information such as irises, handwriting, and palm veins have been adopted. For example, Patent Document 1 proposes a reading system for performing authentication using a fingerprint. For example, when the finger and the sensor attached to the reading means are in contact with each other and the sensor and the finger slide relative to each other, the fingerprint is read, and the fingerprint is reconstructed from the partial images obtained during the motion. The fingerprint is read.

Patent Document 2 proposes a fingerprint authentication system in which a fingerprint read by a sensor is divided, and fingerprint authentication is performed by comparing the degree of approximation between a previously registered fingerprint and a feature point.
JP-A-10-91769 (paragraph numbers 0050 to 0063) JP2003-51013A (paragraph numbers 0012 to 0020)

  However, in the case of Patent Document 1, the procedure is complicated, and it takes a lot of time until fingerprint authentication is completed. Also, in the case of Patent Document 2, it is necessary to perform complicated processing such as the need to capture a fingerprint image in a horizontally long region with a ratio of 1 to 2 or more, and determination of the similarity of feature portions.

  Therefore, the present invention can store fingerprint data on a business card or registration card, and can quickly perform authentication processing. Further, by rearranging the divided fingerprint images and adopting a personal identification number corresponding to the divided fingerprint images, sufficient security can be obtained. A sufficiently secured authentication device is provided.

  According to the present invention, there is provided a registration means for registering fingerprint information, which has been subdivided and arbitrarily rearranged, together with name information, the registration means based on the name information, and the name information And a first transmission means for transmitting the fingerprint information to the other party and requesting the other party to authenticate, and a second transmission unit for transmitting data to the other party based on the authentication result from the other party. When the name information and fingerprint information for authentication are input from the transmission means and the counterpart, the information is compared with the information registered in the registration means, and the comparison result is sent to the counterpart as the authentication result information. This can be achieved by providing an authentication device having a third transmission means.

  Here, arbitrary rearrangement of fingerprint information is performed by the user, and the number of divisions at the time of subdivision is also arbitrarily performed by the user. Also, the fingerprint data that is subdivided and selected is registered in advance in the registration means together with the user name information. The data registered in the registration means is used to check the transmission destination before sending the data in facsimile transmission or the like.

  By configuring in this way, data can be transmitted to the correct counterpart, and the fingerprint data is a part of the divided data, and it is difficult to abuse even if the fingerprint data leaks.

  In addition, according to the present invention, the above-described problem is a registration unit that registers biometric information that is subdivided and arbitrarily rearranged together with name information, searches the registration unit based on the name information, and The biometric information corresponding to the name information is transmitted to the other party, the first sending means for requesting the other party to authenticate, and the transmission of data to the other party based on the authentication result from the other party. When the name information and the biometric information for requesting authentication from the second transmission means to be input from the other party are input, the information is compared with the information registered in the registration means, and the comparison result is used as the authentication result information. This can be achieved by providing an authentication device having a third transmission means for transmitting to the other party.

  The present invention uses biometric information such as irises and palm veins for authentication. Therefore, arbitrary reordering of biometric information can be performed by, for example, subdividing iris data into arbitrary reordering or subdividing palm vein data. And can be realized by rearranging them arbitrarily.

  In this way, even when biometric information is used as identification information, data can be transmitted to the correct partner as in the above-described invention, and biometric information is a divided part, and biometric information leaks out. Even if it is difficult to abuse.

  Further, the name information and fingerprint information registered in the registration means are information obtained by reading data stored in or written on a business card by a data reading means, for example. Similarly, the name information and the biometric information registered in the registration unit are information obtained by reading data stored or written on a business card by the data reading unit.

  Further, the fingerprint information is subdivided and stored, the fingerprint data is stored, the storage means for storing the personal identification number corresponding to the division and rearrangement of the fingerprint information, and the input of the fingerprint information and the personal identification number The authentication apparatus includes an input unit that performs the authentication, and an authentication unit that authenticates the fingerprint data stored in the storage unit based on the fingerprint information input from the input unit and the personal identification number.

  Similarly, the biometric data is subdivided and stored, and the biometric data is stored, the storage means for storing the personal identification number corresponding to the subdivision and rearrangement of the biometric information, the biometric information and the personal identification number And an authentication unit that authenticates biometric data stored in the storage unit based on the biometric information input from the input unit and the personal identification number. is there.

  By configuring in this way, even if the registration card or business card in which the identification information is recorded is lost, the registration means can be obtained by inputting the PIN code corresponding to the subdivision and rearrangement together with the fingerprint information and the biometric information. Information can be read from

According to the present invention, since the destination is confirmed in advance, facsimile data and print data can be sent to the correct destination.
In addition, fingerprint data and biometric data are a part of the divided data, and even if fingerprint data or biometric data is leaked, there is a low possibility of being misused.

Further, since fingerprint data and biometric data with a small capacity are stored, the memory capacity of an IC attached to a business card or the like can be reduced.
Furthermore, the operation of a device such as a printing device can be permitted by the authentication device of this example, and authentication can be performed even if the registration card or the like is lost.

Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings.
(Embodiment 1)
FIG. 1 is a system configuration diagram of an authentication apparatus according to the present embodiment. The authentication device of this example is centered on the central processing unit 1, fingerprint data / name transmission unit 2, fingerprint data / name reception unit 3, fingerprint data / name reading unit 4, data reading unit 5, fingerprint data analysis unit 6, The data receiving unit 7, the storage unit 8, the data transmission unit 9, and the fingerprint data registration unit 10 are configured.

  The central processing calculation unit 1 controls each unit in accordance with, for example, a program stored in the storage unit 8 and performs fingerprint authentication control of this example. The fingerprint data / name transmission unit 2 transmits data read by the fingerprint data / name reading unit 4 or a name (user name) and fingerprint data stored in the storage unit 8 to be described later to the other party. On the other hand, the fingerprint data / name receiving unit 3 receives the name (user name) and fingerprint data transmitted from the other party, contrary to the above.

  FIG. 2 is a diagram showing a memory configuration of the storage unit 8. Fingerprint data is registered in the storage unit 8 for each user name, and the registered fingerprint data is a part of the divided fingerprint data of the user. For example, FIG. 3 shows an example of division of fingerprint data. One fingerprint data is divided into 12 and a part of the fingerprint is registered in the storage unit 8. That is, one fingerprint is divided into fingerprint data 1 to fingerprint data 12, and fingerprint data arbitrarily designated by the user is registered.

  For example, in FIG. 2, fingerprint data 1 and 3 are registered for user A, fingerprint data 4 and 6 are registered for user B, and fingerprint data 9 and 1 are registered for user C. The other users are as shown in FIG. As will be described later, the registration order of the fingerprint data is also an important fingerprint authentication condition.

  On the other hand, the fingerprint data / name reading unit 4 is a device for reading data of a business card exchanged with a customer, and includes a sensor provided on the upper part of the authentication device. FIG. 4 is a diagram showing an example of a sensor provided in the authentication apparatus. In this example, an example of an MFP (multifunction printer) is shown as the authentication apparatus, and an example of a sensor 4a provided on the operation panel of the MFP is shown.

  For example, a business card data is read by placing or approaching the sensor 4a (fingerprint data / name reading unit 4). Also, fingerprint data is read by placing a finger.

FIG. 5 shows an example of a business card used in this example.
As shown in the figure, an IC is built in the business card 11, and data such as a company name, affiliation, name, and telephone number are written on the surface of the business card.

  The IC stores not only the description data described on the business card surface but also the fingerprint data of the user. The fingerprint data stored in the IC is the same divided fingerprint data as the fingerprint data registered in the storage unit 8 described above.

In the above configuration, the processing operation of this example will be described below.
First, the information of the business card 11 exchanged with the other party in the business negotiation or the like is read. This process is performed according to the flowchart shown in FIG. First, the user places the exchanged business card 11 on the sensor 4a of the fingerprint data / name reading unit 4 described above. The fingerprint data / name reading unit 4 determines whether the one placed on the sensor 4a is a business card 11 or a finger (step (hereinafter referred to as S) 1). The business card data is read (S2). The business card data is read by reading the description data and fingerprint data stored in the IC using a contact pin (not shown) or wireless communication and registering them in the storage unit 8 via the central processing unit 1 ( S3).

On the other hand, when the finger is placed on the sensor 4a, the fingerprint data / name reading unit 4 performs a fingerprint reading process (S4). The read fingerprint data is registered in the storage unit 8 (S5). Also, name data is extracted from the storage unit 8 (S6), and name input is performed (S7).
Next, the user's own fingerprint data is registered in the fingerprint data registration unit 10. FIG. 7 is a flowchart for explaining this process. First, the user sets the number of fingerprint data divisions. In the description of this example, for example, the above-described 12 divisions are used (step (hereinafter referred to as ST) 1).

  Next, a fingerprint data reading process is performed and continued until the fingerprint data reading process is completed (ST2 to ST4). Thereafter, when the fingerprint data reading process is completed, the number is set according to the number of divisions described above (ST5). For example, if numbers 1 and 3 are used as described above, fingerprint data 1 and 3 are designated.

  Next, the selected number is rearranged (ST6, ST7). When the number rearrangement process ends (ST6 is Y), the fingerprint data registration unit 10 registers fingerprint data (ST6 is Y). Note that the flowchart shown in FIG. 8 shows processing of the data reading unit 5, performs reading processing of data other than fingerprint data, and registers the data in the storage unit 8 (ST9, ST10).

After the necessary data is registered in the storage unit 8 and the fingerprint data registration unit 10 as described above, data transmission processing is performed on the other party.
FIG. 9 shows basic processing performed in this example when data is transmitted. First, fingerprint data and name data are transmitted from the fingerprint data / name transmitter 2 to the other party (step (hereinafter referred to as STP1) 1). In this process, confirmation communication is performed with respect to a partner to which data is to be transmitted. The fingerprint data and name data of the partner are read from the recording unit 8 and the fingerprint data is read via the central processing unit 1.・ Send from the name sending unit 2 to the other party.

  The counterpart apparatus that acquired this data performs an analysis process to be described later, and transmits the verification result to the data receiving unit 7. The central processing unit 1 determines this result, and if it is a permission signal, it transmits data to the counterpart (STP2, STP3). Therefore, in this case, it is determined that the destination is a correct destination, and facsimile data and print data are transmitted to the destination. This transmission is performed via the data transmission unit 9, and after all the data to be transmitted is acquired (STP4 and STP5 are Y) as shown in FIG. 10, transmission processing is performed on one machine (STP6).

  On the other hand, when a rejection signal is input from the other party, it is understood that the destination is not a correct party to which data is to be transmitted, and the confirmation operation is performed again. Thus, according to this example, before sending data, the other party is confirmed by the fingerprint data and the name data, so that erroneous transmission can be avoided.

  Next, in contrast to the above, processing when fingerprint data and name data for authentication are sent from the transmission destination will be described. In this case, the fingerprint data / name receiving unit 3 receives the fingerprint data and the name data sent from the transmission destination (step (hereinafter denoted by W) 1 in the flowchart shown in FIG. 11).

  This data is transmitted to the fingerprint data analysis unit 6 via the central processing unit 1. The fingerprint data analysis unit 6 performs fingerprint data analysis processing according to the flowchart shown in FIG. That is, the storage unit 8 is searched according to the input name data, and the fingerprint data registered in advance based on the business card is called (W2). Then, it is determined whether the fingerprint data sent from the transmission destination matches the fingerprint data registered in the storage unit 8.

  In this case, it is determined whether the fingerprint data (part of the fingerprint) that has been divided and registered matches (W3). For example, in the case of the user A shown in FIG. 2 described above, the matching determination for the divided fingerprint data 1 and 3 is performed. In the case of the user B, the matching determination for the divided fingerprint data 4 and 6 is performed.

  Next, in the above determination, when the fingerprint data match, a data reception permission signal is output to the transmission destination (W3 is Y, W4). On the other hand, when the fingerprint data does not match, a data reception rejection signal is output to the transmission destination (W3 is N, W5). In this case, any signal is output from the data transmission unit 9 to the transmission destination (W6).

  Thereafter, the transmission destination that has received the data reception permission signal transmits facsimile data or print data based on the authentication result, and this data is input via the data receiving unit 7. FIG. 13 is a flowchart showing this processing. Data from the transmission destination is received (W7) and written in, for example, the storage unit 8 (W8).

  As described above, according to this example, before sending data, the other party is confirmed by the fingerprint data and the name data, so that erroneous transmission can be prevented, and the fingerprint data to be used when judging the match of fingerprint data is This is divided data with a small capacity, and it is possible to make a coincidence determination in a short time.

In the description of the first embodiment, fingerprint information is used as an authentication target. However, the present invention is not limited to fingerprint information, and may be realized using biological information such as an iris or a palm vein.
(Embodiment 2)
Next, Embodiment 2 of the present invention will be described.
The authentication device of this example relates to personal authentication when using the device, for example. Note that the system configuration of the authentication apparatus of this example is the same as that of FIG. This will be specifically described below.

  FIG. 14 shows an example of a registration card used in this example, and this registration card 15 contains an IC as in the case of the business card described above. The registration card 15 includes data such as company name, affiliation, name, and telephone number. In addition, description data described in the registration card 15 is stored in the IC. In addition, fingerprint data of the registrant is stored. However, in this example, the fingerprint data stored in the IC is not a part as described above, but is a whole fingerprint of the registrant, but is divided and registered in a random arrangement state.

  FIG. 15 shows an example. The number “161214... 04” shown in the figure indicates the number of fingerprint information divisions and the registration order, the first “16” indicates the number of divisions, and the subsequent “1214... 04” indicates the registration order. Show. Therefore, the example of FIG. 4 indicates that the 16-divided fingerprint data is registered in the order of division numbers “12”, “14”,... “04”.

  FIG. 16 shows an example of registering the above data in the storage unit 8. For example, when fingerprint data of the user A is acquired, the data is divided into 16 and rearranged in the order arbitrarily set by the user from the state shown in FIG. For example, they are rearranged in the order of “12”, “14”, “16”,. The fingerprint data is registered in the storage unit 8. At the same time, the data “161214... 04” is also registered as a personal identification number.

After the above setting, when the authentication apparatus (MFP) is used, the authentication process is performed using the registration card 15. FIG. 17 is a flowchart for explaining the authentication processing of this example.
First, the user who intends to use the MFP places the registration card 14 on the sensor 4a of the fingerprint data / name reading unit 4 and starts the authentication process. That is, it is determined whether the one placed on the sensor 4a of the fingerprint data / name reading unit 4 is the registration card 15 (step (hereinafter referred to as U) 1).

  Here, when it is determined that the registration card 15 is placed (U1 is Y), data authentication processing is performed (U2). In this process, the fingerprint data registered in advance in the storage unit 8 is compared with the fingerprint data detected by the fingerprint data / name reading unit 4 to authenticate whether or not they match. Here, if both fingerprint data match, use is permitted (U3), and if both fingerprint data do not match, use is disabled (U4). Therefore, authentication processing for easily using the MFP can be performed by placing the registration card 15 in which the fingerprint data of this example is registered on the sensor 4a of the fingerprint data / name reading unit 4.

  Even when the registration card 15 is not held, the fingerprint can be determined by placing a finger on the sensor 4a (U1 is N and U5 is Y). In this case, the fingerprint data / name reading unit 4 can perform the data authentication by reading the fingerprint information and inputting the password (U6, U7, U2). That is, as described above, the code number indicates the number of fingerprint data divisions and the registration order. If the number of divisions and the registration order are divided for the fingerprint data read from the fingerprint data / name reading unit 4, it is stored in the storage unit 8. Authentication with registered fingerprint data is possible.

  Accordingly, as described above, both fingerprint data are compared, and if both fingerprint data match, use is permitted (U3), and if both fingerprint data do not match, use is disabled (U4). Therefore, the authentication process of this example can be performed even when the registration card 15 is not owned, such as when the registration card 15 is lost or forgotten.

  In the description of the second embodiment, fingerprint information is used as an authentication target. However, the present invention is not limited to fingerprint information, and may be realized using biological information such as an iris or a palm vein.

It is a system configuration figure of an authentication device of this embodiment. It is a figure which shows the memory structure of a memory | storage part. It is a figure which shows the example of a division | segmentation of fingerprint data. 2 is a diagram illustrating an overview configuration of an MFP. FIG. It is a figure which shows the example of the business card to be used. 3 is a flowchart for explaining processing of the first embodiment. It is a flowchart which shows the registration process of fingerprint data. It is a flowchart which shows the process of a data reading part. It is a flowchart which shows a data transmission process. It is a flowchart which shows a data transmission process. It is a flowchart which shows the reception process of fingerprint data and name data. It is a flowchart which shows the process of a fingerprint data analysis part. It is a flowchart which shows the process of a data receiver. It is a figure which shows the example of a registration card. It is a figure which shows the example of a PIN code. (A), (b) is a figure explaining the rearrangement process of fingerprint data. 10 is a flowchart for explaining the second embodiment.

Explanation of symbols

DESCRIPTION OF SYMBOLS 1 ... Central processing operation part 2 ... Fingerprint data / name transmission part 3 ... Fingerprint data / name reception part 4 ... Fingerprint data / name reading part 4a ... Sensor 5 ... Data reading part 6 ... Fingerprint data analysis unit 7 ... Data reception unit 8 ... Storage unit 9 ... Data transmission unit 10 ... Fingerprint data registration unit 11 ... Business card 15 ... Registration card

Claims (6)

Registration means for registering fingerprint information that has been subdivided and arbitrarily rearranged together with name information,
Searching for the registration means based on the name information, sending the fingerprint information together with the name information to a partner, and a first transmitter for requesting authentication to the partner;
A second transmission means for transmitting data to the destination based on the authentication result from the destination;
When inputting the name information and fingerprint information for authentication from the other party, the information is compared with the information registered in the registration means, and the comparison result is transmitted to the other party as the authentication result information. A transmission means;
An authentication apparatus comprising: Registration means for registering biometric information subdivided and arbitrarily rearranged together with name information,
Searching for the registration means based on the name information, transmitting the biometric information corresponding to the name information to a partner, and a first transmitter for requesting authentication to the partner;
A second transmission means for transmitting data to the destination based on the authentication result from the destination;
When the name information and biometric information for authentication are input from the other party, the information is compared with the information registered in the registration means, and the comparison result is transmitted to the other party as authentication result information. A transmission means;
An authentication apparatus comprising:   2. The authentication apparatus according to claim 1, wherein the name information and the fingerprint information registered in the registration unit are information obtained by reading data stored in or written on a business card by a data reading unit.   3. The authentication apparatus according to claim 2, wherein the name information and the biometric information registered in the registration unit are information obtained by reading information stored in or written on a business card by a data reading unit. Storage means for storing fingerprint data that has been sorted by subdividing the fingerprint information, and storing passwords corresponding to the division and rearrangement of the fingerprint information;
Input means for inputting fingerprint information and the password;
Based on the fingerprint information input from the input means and the password,
Authentication means for authenticating fingerprint data stored in the storage means;
An authentication apparatus comprising: Storage means for storing biometric data that has been subjected to subdivision by rearranging biometric information, and storing passwords corresponding to the subdivision and rearrangement of the biometric information;
Input means for inputting biometric information and the password;
Based on the biometric information input from the input means and the password,
Authentication means for authenticating biometric data stored in the storage means;
An authentication apparatus comprising: