JP2007004478A - Personal identification system - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a personal identification system capable of specifying a customer without installing various living body authentication apparatuses. <P>SOLUTION: The personal identification system is constituted of connecting a personal identification terminal device 1 for allowing a customer 6 requiring a transaction to execute receiving processing before the transaction, an automatic transaction apparatus 2 requiring customer information and personal identification in executing the transaction and a master apparatus 3 for storing and managing customer information and living body feature information of the customer himself (or herself) in each previously registered customer prior to the transaction through a communication line 5. The personal identification terminal device 1 is provided with a living body information recognition part capable of sampling living body feature information. The master apparatus 3 retrieves the customer information from the living body feature information sampled by the personal identification terminal device 1, receives and registers each corresponding customer information as a transaction customer in the processing order, and when customer information is input from the automatic transaction apparatus 2, retrieves the received/registered customer information. When the coincident customer information exists, the success of personal identification based on the living body feature information is confirmed and the transaction is executed. <P>COPYRIGHT: (C)2007,JPO&INPIT

Description

  The present invention relates to a personal authentication system that performs personal identification using biometric feature information registered in advance when using ATM or the like.

  In an automated corner of a financial institution where a customer-operated automatic transaction apparatus (ATM) is installed, a customer queue is formed on a busy day or a busy hour. In particular, transfer transactions and the like are currently performed by ATM, and shortening of the transaction time is required. In order to deal with such a problem, there is one that identifies a customer waiting in a queue prior to the start of a transaction, omits an input operation when the customer starts a transaction, and shortens the transaction time (for example, Patent Documents). 1). According to this technology, the eye image is captured from the human body image of the first customer in the queue, and the biological features are extracted and transmitted to the host computer. The host computer retrieves the matching account information from the biometric feature data and returns it to the ATM. When the transaction item at the ATM is selected, the account information received as the first customer is used.

Moreover, what is called a pre-terminal device has been proposed to speed up the operation of an automatic transaction apparatus by inputting and storing various information that should be input by a customer before operating the automatic transaction apparatus (for example, Patent Document 2). The pre-terminal device is provided with a part for acquiring identity confirmation data, and the automatic transaction device operated in cooperation performs the identity confirmation processing automatically based on the identity confirmation data obtained in advance. Furthermore, there are also those that specify a customer who has visited a sales office of a financial institution and provide customer information in advance to the person in charge of the window (for example, Patent Document 3). According to this technique, the store visitor accepting apparatus gives a receipt number in the order of acceptance and recognizes a person who uses an account, a family member, an agent, or the like by recognizing a biological characteristic of a customer, for example, a face pattern.
Japanese Patent Laid-Open No. 9-305767 (paragraphs 0007 to 0008) JP 11-045364 A (paragraphs 0009 and 0034) JP 2004-151862 (paragraphs 0015 to 0028)

However, a wide variety of biometric authentication technologies that use biometric features for customer identification have been developed and exist. For example, it begins with voiceprint recognition and signatures (handwriting), then proceeds with fingerprint, retina, iris, and face recognition. Recently, palm vein and finger vein authentication technology has been developed, and further, it is based on DNA called the ultimate biometric feature information. Appraisal is being considered. There are a variety of parts of the human body collected at the time of biometric authentication, and there is room for common use in some technologies, but there are also various types of biometric authentication devices.
Therefore, it is necessary to prepare various biometric authentication devices in the above-described ATM and store visit reception device. In particular, in ATM, if each biometric authentication device is individually held, there arises a problem that the size and price of the ATM increases.

On the other hand, recently, the use of IC cards has been made to deal with cash card skimming damage and the like, and the use of ICs (integrated circuits) has made it possible to increase the amount of stored information. Can do. Therefore, even though it is possible to read out biometric authentication information from an IC card in an ATM, it is necessary to solve the above-described problem in collecting biometric feature information.
The present invention has been made to solve the above problems, and an object of the present invention is to provide a personal authentication system that can identify a customer without providing various biometric authentication devices.

In order to solve the above-described problems, the present invention provides a personal authentication terminal for a customer who wishes to perform a transaction to perform a reception process before the transaction, an automatic transaction device that requires customer information and identification when executing the transaction, Prior to the transaction, for each customer registered in advance, in a personal authentication system in which customer information and a host device that stores and manages the customer's own biometric feature information in association with each other are connected via a communication line.
The personal authentication terminal is provided with a biometric information recognition unit capable of collecting biometric feature information, and the host device retrieves customer information from the biometric feature information collected by the personal authentication terminal and deals with each corresponding customer information. When customer information is registered in the order of processing as a customer and customer information is input from an automatic transaction device, the customer information registered for registration is searched, and when matching customer information exists, identity verification is performed using biometric feature information. Execute the transaction as if.

  The present invention makes it possible to collect a plurality of types of biometric feature information with a single person recognition device, collect biometric feature information before a transaction, and use a collection verification result during an ATM transaction. Therefore, there is no need to deploy biometric authentication devices to all automatic transaction apparatuses (ATMs), and there is an effect that it is possible to suppress the increase in size and cost of ATMs.

  Embodiments according to the present invention will be described below with reference to the drawings. In addition, the same code | symbol is attached | subjected to the element common to drawing.

Embodiment 1 will be described below with reference to the drawings. FIG. 1 is a conceptual diagram of a personal authentication system according to the present invention, and FIG. 2 is an external view of a biometric authentication terminal. FIG. 3 is a control block diagram of the biometric authentication terminal, and FIG. 4 is a control block diagram of the automatic transaction apparatus.
In the figure, reference numeral 1 denotes a biometric authentication terminal as a personal authentication terminal for recognizing biometric feature information (hereinafter referred to as biometric information) for identity verification, and a customer who wishes to make a transaction accepts and registers a transaction. Is to do. Reference numeral 2 denotes an automatic transaction apparatus (hereinafter referred to as ATM) that is installed, managed and maintained by a financial institution at a business store. Reference numeral 3 denotes an authentication server as a host device, which has a timekeeping function and various information processing functions. Reference numeral 4 denotes an authentication database as a storage device in which customer information such as a customer account number, name, and biometric information is stored. Reference numeral 5 denotes a communication line for connecting the biometric authentication terminal 1 and ATM 2 installed in the store, and the authentication server 3 controls various information communication via the communication line 5.

  Reference numeral 6 denotes a customer who wishes to make a financial transaction and visits a sales store. For convenience of explanation, 6a is a customer who is operating ATM2 for transaction, and 6b is a customer who has been queued for receiving the biometric authentication terminal 1. Suppose that the customer who is accepting the biometric authentication terminal 1 is 6c, and the customer before the biometric authentication terminal 1 is 6d. In addition, when it does not specifically limit, it demonstrates as the customer 6. In addition, biometric authentication (biometrics) based on biometric information includes palm (palm) veins, finger veins, fingerprints, irises, retinas, faces, voices, signatures, DNA, etc., but in this embodiment, In the following description, the palm (palm) vein, finger vein, fingerprint, and iris are used.

Reference numeral 11 denotes an operation display unit, which includes a transaction guidance display for inputting a transaction reservation by the customers 6c and 6d and a touch panel for inputting the operation. Reference numeral 12 denotes a display, which is an LED capable of emitting red or green light, and is disposed in the vicinity of a biological information recognition unit described later.
An iris recognition unit 13 reads an iris image formed in the eyeball of the customer 6c and uses it as feature data. The iris recognition unit 13 is composed of an optical camera and an analysis unit (not shown).
Reference numeral 14 denotes a fingerprint recognition unit, which optically reads the fingerprint of the customer 6c's finger and extracts the fingerprint shape, branch points, and their positional relationships as feature points of the fingerprint pattern.

  15 is a palm vein recognition unit that uses the property that hemoglobin in the blood flowing inside the palm of the customer 6c absorbs near-infrared light, reads the dark portion as a blood vessel pattern, and extracts feature points like a fingerprint To do. Reference numeral 16 denotes a finger vein recognition unit, which optically reads a blood vessel pattern flowing inside a finger like a palm and extracts feature points like a palm. Note that iris recognition is for photographing the eyeball with an optical camera. Fingerprints are imaged with visible light, and blood vessel patterns are imaged with near-infrared (transmitted) light. To do. Further, the iris recognition unit 13, the fingerprint recognition unit 14, the palm vein recognition unit 15, and the finger vein recognition unit 16 are collectively referred to as the biological information recognition unit 10.

Reference numeral 17 denotes a control unit that controls each of the above units, and also includes a connection unit with the authentication server 3 that is a host device. Reference numeral 18 denotes a storage unit including a RAM, a hard disk, and the like, which stores a control program for reading and analyzing various biological information, and also stores display screen information to be displayed on the operation display unit 11. Needless to say, the biometric information collected by the biometric information recognition unit 10 may be analyzed on the authentication server 3 side.
Furthermore, although it has a power supply part etc. which supply electric power to the site | part described above, description is abbreviate | omitted.

A plurality of ATMs 2 are installed in business stores, unmanned booths, and the like.
Reference numeral 21 denotes a customer operation display unit, which includes a transaction guidance display for inputting a transaction operation by the customer 6a and a touch panel for inputting the operation. Reference numeral 22 denotes an IC card processing unit as a customer information reading unit, which stores the customer information from a customer identification medium (hereinafter referred to as an IC cash card) 7 in which customer information such as a financial institution code, a customer account number, and a name is stored. It has a function of reading out information, and has a function of instantaneously (about 0.2 seconds or so) for confirming the presence of the card, authentication, reading, determination, writing, confirmation of writing and the like. The IC cash card 7 is inserted through a card insertion / return port 22a (not shown) connected to the front side of the IC card processing unit 22, and returned at the end of the transaction.

23 is a statement slip processing unit that prints transaction details and issues a transaction statement slip (receipt) 23a (not shown) issued to the customer 6a according to the procedure described later. Reference numeral 24 denotes a passbook processing unit, which performs a printing process on a passbook 24b (not shown) inserted from a passbook insertion / return port 24a (not shown). Further, a mechanism for reading and updating recorded information and detecting a printed page line by a mechanism (not shown). Means and page break means.
A deposit / withdrawal unit 25 authenticates and counts the money deposited by the customer 6a, conveys it and stores it in a money storage safe (not shown), or pays the money paid to the customer 6a from the money storage safe. It is something to be issued.

  Reference numeral 26 denotes a control unit that controls each of the above units. The storage unit 27 includes a RAM, a ROM, a hard disk, or the like in which a control program is stored, and an interface unit (not shown) that is a connection port with the authentication server 3. Have. In addition, in order to satisfy the functions of ATM2, there are a number of other functions and configurations including a power supply unit 29 that supplies power to each unit, but the description is omitted because it is not related to the present invention.

With reference to the biometric information collection flowchart of the biometric authentication terminal of the present invention shown in FIG. 5 and the display screen example of the biometric authentication terminal shown in FIG. Note that S means an operation step.
S1. When the customer 6d approaches the biometric authentication terminal 1, an approach detector (not shown) detects this.
S2. The control unit 17 displays on the operation display unit 11 a screen for selecting the type of biological information to be collected. An example of this display screen is shown in FIG. 6A. In the display screen 120, an iris selection button 131, a fingerprint selection button 141, a palm vein button 151, a finger vein button 161, and biometric information are registered. An unregistered button 121 to be selected when not present is displayed. By lightly touching this button part (finger touch; touch), the control unit 17 recognizes that the biological type to be collected has been selected and input.

S3. When the customer (becomes 6c) selects the palm vein button 151 from the collected living body type selection screen of the operation display unit 11, the touch panel detects the input position, and the control unit 17 enables only the palm vein recognition unit 15 . At this time, only the display unit 12a is lit in green, and a part for reading the palm vein is guided to the screen as shown in FIG. 6 (b).
S4. The customer 6c holds the palm over the palm vein recognition unit 15. The control unit 17 collects vein information from the palm in a predetermined procedure. Note that the collection timing and the analysis method are not related to the present invention, and thus the description thereof is omitted.
S5. It is determined that the collected palm vein information is a predetermined amount of data that can be used as biometric information. If it is satisfactory as digital data, the display 12a is turned off and the process proceeds to the next step. If the digital data is defective, the sampling is automatically executed again. At this time, when it is estimated that the customer 6c does not extend the palm, the indicator 12a is turned on in red and a caution wording is displayed on the operation display unit 11.

S6. The control unit 17 transmits the collected palm vein information (digital data) to the authentication server 3.
S7. The authentication server 3 searches whether the received palm vein information exists in the authentication database 4 stored in advance. If there is a match with the palm vein information stored in the authentication database 4, the process proceeds to the next step. If there is no match, the process proceeds to step S10 described later.
It should be noted that due to the nature of biometric information, there is almost no case of complete match, and it is needless to say that “match” is determined when the feature points match or when the similarity is extremely high.

S8. The authentication server 3 identifies the customer 6c who has visited the store from the palm vein information determined to match, reads the account information (number) of the customer 6c stored in correspondence with the biometric information, and receives the reception order and the current time. The information is added and accepted and registered in a memory 3a (not shown) in the authentication server 3.
When the registration is completed, the collected palm vein information is deleted.
Further, the operation display unit 11 is notified of the end of the collection as shown in FIG. 6C and the approximate waiting time, the fact that the collected biological information has been deleted, the validity period of the reservation, and the like. The waiting time is calculated by multiplying the waiting number by a certain value (average transaction time).

The concept of data stored in the memory 3a is shown in FIG.
The customer 6a currently trading is “account information A received at 9:23”, and if there are three customers 6a currently trading, the customer 6b of “account information D received at 9:25” Will be at the head of the queue. Therefore, the customer 6c who operated the biometric authentication terminal 1 is, for example, “account information J received at 9:29” if there are six waiting customers. Then, the received storage data of the customer who has finished the transaction is erased under the control of the authentication server 3.

Here, a case where a customer who desires a plurality of transactions performs a reception registration operation a plurality of times will be described.
For example, a customer who conducts a withdrawal transaction from a plurality of accounts or a withdrawal transaction and a transfer transaction may perform a plurality of acceptance registration operations. When the biometric information types are different, acceptance registration is required for each biometric information type. However, if the biometric information types are collected multiple times for the same biometric information type (for example, palm vein authentication), it is determined to be very similar, that is, “same”. What can be stored data. Even in such a case, the authentication server 3 does not associate the biometric information with each other. However, when there are a plurality of accounts with the same biometric information, for example, “account information K and account information L received at 9:30” It becomes.

S9. When the proximity detector detects that the customer 6c has left the biometric authentication terminal 1, the control unit 17 displays the display screen of the operation display unit 11 as a standby screen (for example, guidance on financial products or display of regional information). To end the processing.
S10. When the unregistered button 121 is touched at step S3 and when there is no coincidence information at step S7, only the reception rank and the current time information are shown in the authentication server 3 as the customer cannot be specified. Register in the memory 3a. For example, it is stored as “09: 29 *” shown in FIG. Needless to say, the biometric information does not match when the biometric information type is collected by mistake, for example, when the customer 6c to be finger vein-authenticated performs palm vein authentication.

Next, a withdrawal transaction by operating an ATM will be described. FIG. 8 is a withdrawal operation flowchart, and FIG. 9 is an example of a display screen displayed on the ATM customer operation display unit.
S11. When the customer 6b approaches ATM2, an approach detector (not shown) detects this, and the control unit 26 displays a transaction item selection screen on the customer operation display unit 21 by the processing program stored in the storage unit 27. Furthermore, the control part 26 makes each part transaction mode.
In the following description, the display content is selected and input by touching an operation key displayed on the customer operation display unit 21 because of a touch panel type.
S12. When the customer (becomes 6a) touches a “payment” key (not shown) on the transaction selection screen of the customer operation display unit 21, the touch panel detects the touch position, and the control unit 26 starts a withdrawal transaction. To do.

S13. The control unit 26 displays on the customer operation display unit 21 a prompt to insert the IC cash card 7, and activates the IC card processing unit 22.
S14. When the customer 6a inserts the IC cash card 7 through the card insertion / return port 22a, the customer information is taken into the IC card processing unit 22 and stored customer information (in the following description, account information) is read.
S15. The control unit 26 transmits the account information to the authentication server 3.
S16. The authentication server 3 searches the account information stored in the memory 3a. Specifically, it is searched whether there is storage data that matches the account information read in step S14 in the storage data 40a to 40x that is the reception registration account information shown in FIG.

S17. If there is matching account information, the authentication server 3 determines that the identity of the account is “identified by biometric authentication”.
S18. The authentication server 3 transmits the transaction amount information etc. to the ATM 2 as the transaction permission information.
S19. The control unit 26 of the ATM 2 displays a display screen for requesting input of the transaction amount on the customer operation display unit 21. An example of the display screen at this time is shown in FIG. On the display screen shown in FIG. 9A, the customer 6a touches the numeric button of the amount numeric key 211 to input the desired withdrawal amount. If the correction button 212 is touched when there is an erroneous input, the control unit 26 deletes the input money amount information. When the desired withdrawal amount is input from the amount keypad 211 and then the confirmation button 213 is touched, the input is completed.

S20. In step S17, when there is no matching account information, the authentication server 3 displays that the biometric information cannot be confirmed as shown in FIG. 9B, and the personal identification number can be confirmed. A password numeric keypad 214 and a cancel button 215 are displayed.
The password number (information) input here is transmitted to the authentication server 3 together with the account information read in step S14, and the password information is confirmed based on the account number stored in the authentication database 4. The authentication server 3 that has confirmed the match of the personal identification number transmits the transactionable amount information as transaction permission information to the ATM 2 as “identification confirmed by personal identification number”.

S21. When the desired withdrawal amount input from the amount numeric keypad 211 is equal to or less than the transaction possible amount, the control unit 26 enters the money dispensing mode. In addition, when the amount that can be traded is desired, a message such as “I cannot pay more than the limit amount” is displayed, and when the confirmation key 213 is touched, the display returns to the display screen of FIG. .
S22. The customer 6a touches the amount numeric key 211 on the display screen of FIG. 9 (a) to newly input a correction for the desired withdrawal amount.
S23. The control unit 26 operates the deposit / withdrawal unit 25 in accordance with the desired withdrawal amount, pays out a predetermined number of coins of a predetermined denomination, and conveys them to a money dispensing port (not shown). At this time, since the shutter of the money dispensing slot is in a closed state, it is not possible to withdraw money.

S24. The control unit 26 activates the statement slip processing unit 23, prints the transaction statement slip 23a, and conveys it to the discharge port. In parallel with this operation, the IC cash card 7 is also transported to the card insertion / return port 22a. On the other hand, the customer operation display unit 21 displays “Please remove the IC card”.
It is monitored that the customer 6a extracts the IC cash card 7 and the transaction statement slip 23a. If the customer 6a does not remove these media during the monitoring time, it is processed as “medium forgetting”, but the description is omitted.

S25. When a detector (not shown) detects that the IC cash card 7 and the transaction statement slip 23a have been extracted, a display screen as shown in FIG. 9C is displayed and the shutter of the money dispensing slot is opened. . As a result, it is possible to take out the money accumulated in the money withdrawal port and pay to the customer 6a.
When money is extracted, the shutter is returned to the closed state. When there is a residue in the money withdrawal port, it is assumed that a part of the money is left and is taken out, and a screen for prompting confirmation is displayed on the customer operation display unit 21.
S26. When detecting the completion of the closing operation of the shutter, the control unit 26 transmits a signal indicating the end of the withdrawal transaction to the authentication server 3. The authentication server 3 updates the customer information (at least the deposit and saving balance amount information) in the authentication database 4.

S27. On the other hand, the control unit 26 monitors whether or not the customer 6a touches the continuation button 216 on the display screen shown in FIG. 9C. This monitoring is performed until the proximity detector (not shown) detects that the customer 6a has left the ATM2.
Here, when the continuation button 216 is touched, transaction guidance from step S11 is started. Therefore, various financial transactions can be continuously performed while the account information specified based on the biometric information collected by the biometric authentication terminal 1 is retained. In addition, an IC cash card 7 with different account information may be inserted, but there is no problem if it is processed as another transaction.
S28. When it is detected that the customer 6a has left the ATM 2 in step S27 as no continuing transaction, it is determined that the transaction has ended, and the authentication server 3 stores the transaction history in the transaction history information file in the authentication database 4. At the same time, the account information after the transaction is deleted from the stored data shown in FIG.

As described above, since the customer sets and registers in advance from a plurality of types of biometric information and collects them at the time of reception according to the stored biometric identification species, there is no need to provide a biometric information recognition unit in the ATM body. This will not increase the size and price of ATMs. Further, since the collected biometric information is deleted after the account information can be specified, even if there is a customer (account) who has left without making a transaction, the risk that the biometric information itself is known to the outside can be reduced.
In the first embodiment described above, an example of a withdrawal transaction by an ATM of a financial institution has been described. However, in a large-scale financial institution having sales offices in various parts of the country, an authentication database is not provided for each sales store and a large office center is provided. A system in which a computer is arranged and a communication line is used may be used.

A second embodiment will be described with reference to a control block diagram of the biometric authentication terminal shown in FIG. 10, a conceptual diagram of an IC cash card shown in FIG. 11, and a biometric information collection flowchart of the biometric authentication terminal of the present invention shown in FIG.
The difference from the first embodiment is that biometric type information and biometric information (described as palm vein information) are stored in the IC cash card, and the biometric authentication terminal can read the biometric type information. Biometric information is collated (determined) by the controller in the IC cash card.

  In the figure, reference numeral 1a denotes a biometric recognition terminal as a personal authentication terminal that recognizes biometric information for identity verification. Reference numeral 19 denotes an IC card reading unit as a customer information reading unit, which is a customer identification medium (hereinafter referred to as an IC cash card, in which reading and writing are wirelessly performed) storing customer information such as a financial institution code, a customer account number, and a name. The communication method has a function of instantaneously (about 0.2 seconds) confirming existence, authentication, reading, determination, writing, writing, etc. of 7a, specifically customer information and registered biometric type Read information etc. Other operation display unit 11, display 12, biometric recognition unit 10 (iris recognition unit 13, fingerprint recognition unit 14, palm vein recognition unit 15, finger vein recognition unit 16), control unit 17, storage unit 18 1 is the same as each part described in FIG.

Reference numeral 71 shown in FIG. 11 (a) denotes a communication antenna embedded in the IC cash card 7a, which generates an electromotive force by electromagnetic induction from the IC card processing unit 22 or the IC card reading unit 19. is there. Reference numeral 72 denotes a controller, which performs various controls by electric power supplied from the antenna 71, and is a microcomputer.
Reference numeral 73 denotes a memory which stores various storage information and can be electrically updated. Note that the controller 72 and the memory 73 are integrated circuits (ICs), and do not have the shape and arrangement shown in the figure, and are embedded in the card base.
FIG. 11B shows a part of the customer information stored in the memory 73 in the IC cash card 7a. The customer name information 74, the financial institution code 75, the branch code 76, and the customer account number information 77 are shown. It is. Reference numeral 78 denotes biometric type information indicating the type of biometric information such as palm vein or iris information. For example, “01” is an iris, “02” is a fingerprint, “03” is a palm vein, and “04” is a finger. It is as a vein. Reference numeral 79 denotes biological information itself, and the amount of information differs depending on whether it is palm veins or iris information. Reference numeral 80 denotes a storage area for transaction history information, but this is not relevant in the embodiment.

A case where a withdrawal transaction is reserved at a biometric authentication terminal by using an IC cash card will be described. Note that S means an operation step.
S31. When the customer 6d approaches the biometric authentication terminal 1a, an approach detector (not shown) detects this.
S32. The control unit 17 displays a screen prompting the operation display unit 11 to place the IC cash card 7a. According to this display screen (not shown), the customer (becomes 6c) places the IC cash card 7a on the IC card reading unit 19 as a customer information reading unit.
S33. The control unit 17 controls the IC card reading unit 19 to read the customer information of the IC cash card 7a. This includes biometric type information 78 which is information indicating a registered biometric type (palm vein).

S34. If the customer 6c does not place the IC cash card 7a even though the IC cash card 7a is urged to be placed in step S32, it is processed as a timeout (TO). That is, the acceptance process is performed as a customer without an IC cash card.
S35. The control unit 17 enables only the palm vein recognition unit 15 based on the biometric type information 78 read from the IC cash card 7a. At this time, only the display unit 12a is lit in green, and the part for reading the palm vein is guided to the screen as shown in FIG.
S36. When the customer 6c holds the palm over the palm vein recognition unit 15, the control unit 17 collects vein information from the palm in a predetermined procedure. Note that the collection timing and the analysis method are not related to the present invention, and thus the description thereof is omitted.

S37. The collected palm vein information is transmitted to the IC cash card 7a, and it is determined by the controller 72 that the amount of data is a predetermined data that can be used as biometric information. Notify the end. The control unit 17 turns off the display 12a and proceeds to the next step.
Further, if the digital data is defective, the control unit 17 is instructed to automatically perform the sampling again. At this time, when it is estimated that the customer 6c does not extend his / her palm, the indicator 12a is lit in red and the caution wording is displayed on the operation display unit 11 as in the first embodiment.
The IC cash card 7a determines whether or not the received biometric information (palm vein information) matches. When it matches the palm vein information stored in the IC cash card 7a, the process proceeds to the next step, and when it does not match, the process proceeds to step S40 described later.

S38. The controller 72 determined to match the biometric information transmits account information (for example, account number information 77) to the control unit 17 via the antenna 71. The control unit 17 specifies the customer 6 c that has visited the store as the customer of the account number information 77 and transmits it to the authentication server 3. The authentication server 3 adds the reception order and the current time information and receives and registers them in the memory 3a. When the controller 72 receives a registration end notification, the collected palm vein information is deleted.
Further, the operation display unit 11 is notified of the end of the collection and the approximate waiting time, that the collected biological information has never been recorded, and the valid time of the transaction reservation.

S39. When the proximity detector detects that the customer 6c has left the biometric authentication terminal 1a, the control unit 17 changes the display screen of the operation display unit 11 to a standby screen (for example, guidance for financial products or display of regional information). To end the processing.
S40. If they do not match in step S37, only the acceptance rank and the current time information are registered in the memory 3a (not shown) in the authentication server 3 as a customer mismatch. For example, as shown in FIG. 7, it is stored as “09: 29 *”. Since the biometric type information is read from the IC cash card 7a, it goes without saying that the display screen shown in FIG. 6A is not displayed. If there is no biometric information in the IC cash card 7a, only the unregistered key 121 is displayed and touched.

In this way, acceptance registration is performed using the biometric authentication terminal 1a. Then, the ATM 2 is operated and the withdrawal transaction is performed in the same manner as in the first embodiment described above with reference to FIG.
As described above, since the biometric type information is read from the IC cash card, the display screen shown in FIG. 6A is not displayed. Accordingly, since the customer 6 only has to operate according to the screen instruction guided by the biometric authentication terminal, even the customer who does not understand the biometric type does not get lost in the operation.
Furthermore, the collected biometric information is not stored in the biometric authentication terminal but is checked by the controller in the IC cash card, so that it does not leak outside.

13 is a conceptual diagram of data stored in the IC cash card shown in FIG. 13, a biometric information collection flowchart of the biometric authentication terminal shown in FIG. 14, a screen display example of the biometric authentication terminal shown in FIG. 15, and an automatic transaction apparatus shown in FIG. The third embodiment will be described with reference to the dispensing operation flowchart in FIG.
The difference from Example 2 is that, in addition to the result of personal authentication based on biometric information at the time of transaction using an automatic transaction apparatus (ATM), double verification is performed in which confirmation is performed using a one-time password, and biometric authentication is performed using an IC cash card. A case where a withdrawal transaction is reserved on a terminal will be described. Note that S means an operation step.

The IC cash card 7b is provided with a one-time password storage area shown in FIG. A one-time password (hereinafter referred to as a one-time password) can be stored in this portion, and the financial transaction is effectively controlled only once by the controller 72.
S41. When the customer 6d approaches the biometric authentication terminal 1a, an approach detector (not shown) detects this.
S42. The control unit 17 displays a screen prompting the operation display unit 11 to place the IC cash card 7b. According to this display screen, the customer (becomes 6c) places the IC cash card 7b on the IC card reading unit 19 as a customer information reading unit.
S43. The control unit 17 controls the IC card reading unit 19 to read the customer information of the IC cash card 7b. This includes biometric type information 78 that means a registered biotype (palm vein).

S44. If the customer 6c does not place the IC cash card 7b even though the IC cash card 7b is urged to be placed in step S42, it is processed as a timeout (TO). That is, the acceptance process is performed as a customer without an IC cash card.
S45. Based on the biometric information 78 read from the IC cash card 7b, the control unit 17 validates only the palm vein recognition unit 15. At this time, only the display device 12a is lit in green, and the part for reading the palm vein is guided to the screen as shown in FIG.
S46. The customer 6c holds the palm over the palm vein recognition unit 15. The control unit 17 collects vein information from the palm in a predetermined procedure. Note that the collection timing and the analysis method are not related to the present invention, and thus the description thereof is omitted.

S47. The controller 72 determines that the collected palm vein information is a predetermined amount of data that can be used as biometric information, and if it is satisfactory as digital data, notifies the control unit 17 to turn off the display 12a, Proceed to the next step. If the digital data is defective, the sampling is automatically executed again. At this time, when it is estimated that the customer 6c does not extend his / her palm, the indicator 12a is turned on in red and the caution wording is displayed on the operation display unit 11 as in the above embodiment.
The controller 72 determines whether the collected palm vein information (digital data) and the biological information (palm vein information) 79 match. When it coincides with the palm vein information stored in the IC cash card 7b, the process proceeds to the next step, and when it does not coincide, the process proceeds to step S49 described later.

S48. The control unit 17 displays an operation screen on which the one-time password can be registered as shown in FIG. When the customer 6c touches the button 122 for registering the personal identification number, the screen is switched to the one-time personal identification input screen shown in FIG. Further, when a button 123 that is not registered is touched by customer judgment from the transaction type or the like, the control unit 17 proceeds to step S51 described later.
S49. If they do not match in step S47, only the acceptance rank and the current time information are registered in the memory 3a (not shown) in the authentication server 3 because the customer cannot be specified. For example, as shown in FIG. 7, it is stored as “09: 29 *”. Since the biometric type information 78 is read from the IC cash card 7b, it goes without saying that the display screen shown in FIG. 6A is not displayed. If there is no biometric information in the IC cash card 7b, only the unregistered key 121 is displayed and touched.

S50. The control unit 17 causes the customer to input numerical information (one-time password) that the customer himself / herself will not forget, using the password numeric keypad 124 in FIG. When a predetermined number of digits (for example, about 4 to 8 digits) are entered and the confirmation button 126 is touched, the screen shown in FIG. 15 (c) is displayed, and the same one-time password information is again displayed. Require input. If the initial one-time password information and the re-input one-time password information are the same, the process proceeds to step S51. In FIG. 15, the password is a numeric keypad, but it is also possible to display English character keys and input a specific language.
S51. The controller 72 identifies the customer 6c who has visited the store from the palm vein information determined to match, reads the stored account information (number) 77 of the customer 6c, and transmits it to the authentication server 3. The authentication server 3 adds the reception order and the current time information and receives and registers them in the memory 3a.

Further, the operation display unit 11 is notified of the end of the collection and the waiting time as shown in FIG. 6C, the fact that the collected biological information has been deleted, the validity period of the transaction reservation, and the like.
S52. The control unit 17 stores the one-time password information input in step S50 in the memory 73 in the IC cash card 7b by the operation of the IC card reading unit 19. This is the one-time password 81.
S53. When the proximity detector detects that the customer 6c has left the biometric authentication terminal 1a, the control unit 17 changes the display screen of the operation display unit 11 to a standby screen (for example, guidance for financial products or display of regional information). To end the processing.

Next, the withdrawal transaction by the automatic transaction apparatus (ATM) will be described.
S61. When the customer 6b approaches ATM2, an approach detector (not shown) detects this, and the control unit 26 displays a transaction item selection screen on the customer operation display unit 21 by the processing program stored in the storage unit 27. Furthermore, the control part 26 makes each part transaction mode.
S62. When the customer 6a touches a “payment” operation key (not shown) on the transaction selection screen of the customer operation display unit 21, the touch panel detects the touch position, and the control unit 26 starts a withdrawal transaction.
S63. The control unit 26 displays on the customer operation display unit 21 a prompt to insert the IC cash card 7b and activates the IC card processing unit 22.

S64. When the customer 6a inserts the IC cash card 7b from the card insertion / return port 22a, the customer 6a takes it into the IC card processing unit 22 and reads the stored customer information (the customer information will be explained as account information in the following description). .
S65. The control unit 26 transmits the account information to the authentication server 3.
S66. The authentication server 3 searches the account information stored in the authentication database 4. Specifically, the stored data 40a to 40x that are stored account information shown in FIG. 7 is collated with the account information read in step S64.

S67. If there is matching account information, the authentication server 3 determines that the account is “identified by biometric authentication”.
S68. The control unit 26 displays an input screen for one-time password information on the customer operation display unit 21 and requests input of the one-time password information input at the time of the reception operation. The customer 6a inputs the same information as the one-time password input from the biometric authentication terminal 1a through the password numeric keypad 214.
S69. The one-time password information input from the customer operation display unit 21 is transmitted to the IC cash card 7b and compared with the one-time password 81 by the controller 72 in the card. If the result of this collation shows that the passwords do not match, re-input is requested.
If an erroneous input is made a predetermined number of times (for example, 3 times), the process proceeds to step S71.
When the one-time password match confirmation is performed, the controller 72 sends a one-time password match signal to the control unit 26, and the control unit 26 sends a customer verification signal to the authentication server 3.
S70. Upon receipt of the customer verification completed signal, the authentication server 3 transmits the transaction amount information as transaction permission information to the ATM 2.

S71. In step S67, when there is no matching account information, the authentication server 3 displays that the biometric information cannot be confirmed and uses a personal identification number (different from the one-time personal identification) as shown in FIG. 9B. A password numeric keypad 214 and a cancel button 215 are displayed so that identity verification is possible.
S72. The control unit 26 of the ATM 2 displays a display screen for requesting input of the transaction amount on the customer operation display unit 21. An example of the display screen at this time is shown in FIG. On the display screen shown in FIG. 9A, the customer 6a touches the numeric button of the amount numeric key 211 to input the withdrawal amount. In the case of an incorrect input, when the correction button 212 is touched, the control unit 26 deletes the input money amount information. When the withdrawal amount is input from the amount numeric keypad 211 and then the confirmation button 213 is touched, the input is completed.

S73. When the desired withdrawal amount input from the amount keypad 211 is equal to or less than the transactable amount, the control unit 26 sets the money payout mode. When the confirmation key 213 is touched, the display returns to the display screen of FIG. 9A.
S74. The control unit 26 operates the deposit / withdrawal unit 25 in accordance with the desired withdrawal amount, pays out a predetermined number of coins of a predetermined denomination, and conveys them to a money dispensing port (not shown). At this time, since the shutter of the money dispensing slot is in a closed state, it is not possible to withdraw money.
S75. The customer 6a touches the amount numeric key 211 on the display screen of FIG. 9 (a) and inputs a new desired withdrawal amount.

S76. When the control unit 17 starts the money feeding operation in step S74, the control unit 17 erases the one-time password 81 in the IC cash card 7b via the card processing unit 22.
S77. The control unit 16 activates the statement slip processing unit 23, prints the transaction statement slip 23a, and conveys it to the discharge port. In parallel with this operation, the IC cash card 7b is also transported to the card insertion / return port 22a. On the other hand, the customer operation display unit 21 displays “Please remove the IC card”.
It is monitored that the customer 6a extracts the IC cash card 7b and the transaction statement slip 23a. If the customer 6a does not remove these media during the monitoring time, it is processed as “medium forgetting”, but the description is omitted.

S78. When a detector (not shown) detects that the IC cash card 7b and the transaction statement slip 23a have been extracted, a display screen as shown in FIG. 9C is displayed and the shutter of the money dispensing slot is opened. . As a result, it is possible to take out the money accumulated in the money withdrawal port and pay to the customer 6a.
When money is extracted, the shutter is returned to the closed state. When there is a residue in the money withdrawal port, it is assumed that a part of the money is left and is taken out, and a screen for prompting confirmation is displayed on the customer operation display unit 21.
S79. When detecting the completion of the closing operation of the shutter, the control unit 26 transmits a signal indicating the end of the withdrawal transaction to the authentication server 3. The authentication server 3 updates the customer information (at least the deposit and saving balance amount information) in the authentication database 4.

S80. On the other hand, the control unit 26 monitors whether or not the customer 6a touches the continuation button 216 on the display screen shown in FIG. 9C. This monitoring is performed until the proximity detector (not shown) detects that the customer 6a has left the ATM2.
Here, when the continuation button 216 is touched, transaction guidance from step S61 is started. Accordingly, various kinds of financial transactions can be continuously performed while the biometric information collected by the biometric authentication terminal 1 is retained. However, since the one-time password 81 is deleted, transactions for which collation is set by the one-time password are limited, and transactions that are not set, such as various notifications and bookkeeping processes, are allowed.

  S81. When it is detected that the customer 6a has left the ATM 2 in step S27 as no continuing transaction, the transaction is determined to be terminated, and the authentication server 3 stores the transaction history in a transaction history information file in the authentication database 4. At the same time, the account information after the transaction is deleted from the stored data shown in FIG.

As described above, since identity verification is performed by one-time password at the time of ATM operation, even if the customer is switched within the waiting time after operating the biometric authentication terminal, only the customer who knows the one-time password information can make a transaction. There is an effect that the improvement can be achieved.
Note that the one-time one-time password information is not limited to information stored in the IC cash card. That is, the one-time password information may be stored in the authentication server or the authentication database together with the account number, or verification may be performed on the ATM side.
Furthermore, it may be input in advance from a personal computer in the home in advance. In this case, the one-time password cannot be stolen from other customers.

According to the inventions of the first to third embodiments described above, the reception information from the personal authentication terminal is deleted at the end of the transaction or when a predetermined time elapses, so the congestion situation does not increase the storage capacity of the stored data. And can be linked to the provision of appropriate services. In addition, when a continuous transaction is performed by an automatic transaction apparatus, the previous matching result is diverted, so that the number of reception operations for customers who wish to make multiple transactions can be reduced.
Further, by storing the biometric type information in the IC cash card, the operation guidance for only the biometric information to be collected is performed, so that the customer does not get lost. In addition, the security of customer confirmation is improved by the one-time password information in the IC cash card. In addition, since it is deleted by the end of the transaction, it is not known to others.

The present invention is not limited to a personal authentication system at the time of transaction by an automatic transaction apparatus, and for example, voter identification in an electronic voting system can be assumed. For example, voter's biometric information is stored in an authentication server together with the polling place admission ticket number, etc., biometric authentication is performed with a biometric authentication terminal provided near the entrance of the polling place, and the vote corresponding to the biometric authentication information Temporarily store and manage the entrance ticket number. When a voter inserts a voting ticket into an electronic voting machine (corresponding to the ATM in the embodiment) (number input may be performed), the voter matches the temporarily stored polling place admission ticket number and receives a vote if there is matching information. Thereafter, the polling place admission ticket number information is deleted when the voting (operation) is completed.
In the case of an electronic voting system, it goes without saying that voting status and results can be easily summed up by connecting the authentication server and the counting computer.

It is a system conceptual diagram of the personal authentication system in this invention. It is an external view of the biometric authentication terminal of the present invention. It is a control block diagram of the biometric authentication terminal of the present invention. It is a control block diagram of the automatic transaction apparatus of this invention. It is a collection flowchart of the biometric information in Example 1 of this invention. It is explanatory drawing which shows the example of a display screen of the biometrics authentication terminal in Example 1 of this invention. It is a conceptual diagram which shows the memory | storage data in the authentication server in Example 1 of this invention. It is an operation | movement flowchart of the automatic transaction apparatus in Example 1 of this invention. It is explanatory drawing which shows the example of a display screen of the automatic transaction apparatus in Example 1 of this invention. It is a control block diagram of the biometric authentication terminal in Example 2 of the present invention. It is a conceptual diagram of the IC cash card in Example 2 of the present invention. It is a collection flowchart of the biometric information in Example 2 of this invention. It is a conceptual diagram which shows the storage data in the IC cash card in Example 3 of this invention. It is a collection flowchart of the biometric information in Example 3 of this invention. It is explanatory drawing which shows the example of a display screen of the biometrics authentication terminal in Example 3 of this invention. It is an operation | movement flowchart of the automatic transaction apparatus in Example 3 of this invention.

Explanation of symbols

1,1a Personal authentication terminal (biometric authentication terminal)
2 Automatic transaction equipment (ATM)
3 Host device (authentication server)
4 Authentication database 5 Communication line 6 Customer 6a Customer (during operation)
6b Customer (waiting for turn)
6c Customer (during reception operation)
7, 7a, 7b Customer identification media (IC cash card)
10 Biometric information recognition unit 15 Palm vein recognition unit

Claims (10)

A customer authentication terminal that performs a reception process before the transaction,
An automatic transaction apparatus that requires customer information and identity verification when executing the transaction;
Prior to the transaction, for each customer registered in advance, in a personal authentication system in which customer information and a host device that stores and manages the customer's own biometric feature information in association with each other are connected via a communication line,
The personal authentication terminal is provided with a biometric information recognition unit capable of collecting the biometric feature information,
The host device retrieves the customer information from the biometric feature information collected by the personal authentication terminal, and accepts and registers in order of processing as a transaction customer for each corresponding customer information,
When customer information is input from the automatic transaction apparatus, search for the customer information registered and accepted,
When there is matching customer information, the person authentication system is characterized in that a transaction is executed on the assumption that the identity is confirmed by the biometric feature information. A customer authentication terminal that performs a reception process before the transaction,
An automatic transaction apparatus that requires customer information from the customer identification medium and identity verification when executing the transaction;
Prior to the transaction, in a personal authentication system in which a high-level device that stores and manages customer information for each customer registered in advance is connected via a communication line,
In addition to storing the customer information and biometric feature information of the person in advance for the customer and having a customer identification medium communicable with the identity authentication terminal,
The personal authentication terminal includes a biometric information recognition unit capable of collecting the biometric feature information, and a customer information reading unit capable of reading customer information from the customer identification medium,
When the biometric feature information collected by the biometric information recognition unit coincides with the stored biometric feature information, the customer identification medium is processed in the order of processing as a transaction customer to the host device for each corresponding customer information. Register for reception,
When the customer identification medium is taken into the automatic transaction apparatus, the customer information is read from the customer identification medium, and when the customer information matches the received and registered customer information, it is assumed that the identity verification based on the biometric feature information has been performed. A personal authentication system characterized by executing A customer authentication terminal that performs a reception process before the transaction,
An automatic transaction apparatus that requires customer information from the customer identification medium and identity verification when executing the transaction;
Prior to the transaction, in a personal authentication system in which a high-level device that stores and manages customer information for each customer registered in advance is connected via a communication line,
In addition to storing the customer information and biometric feature information of the person in advance for the customer and having a customer identification medium communicable with the identity authentication terminal,
The personal authentication terminal includes a biometric information recognition unit capable of collecting the biometric feature information, and a customer information reading unit capable of reading and writing customer information from the customer identification medium,
When the biometric feature information collected by the biometric information recognition unit and the stored biometric feature information match the customer identification medium,
From the personal authentication terminal, one-time password information for validating the transaction only once is input, and stored in the customer identification medium,
The host device accepts and registers in order of processing as a transaction customer for each corresponding customer information,
When the customer identification medium is taken into the automatic transaction apparatus, customer information is read out from the customer identification medium, and when the customer information matches the registered customer information, the one-time password information is further input, The person authentication system is characterized in that a transaction is executed on the assumption that the identity is confirmed when the one-time password information stored in the password matches. In the personal authentication system according to any one of claims 1 to 3,
The personal authentication system in which the reception process by the personal authentication terminal can also be performed without depending on the biometric feature information. In the personal authentication system according to any one of claims 1 to 3,
A personal authentication system in which at least one automatic transaction apparatus is connected to one personal authentication terminal. In the personal authentication system according to any one of claims 1 to 3,
The personal authentication terminal is a personal authentication system capable of collecting a plurality of types of biological feature information. In the personal authentication system according to claims 1 to 3,
At least the information received from the personal authentication terminal is a personal authentication system that deletes at the end of the transaction or when a predetermined time elapses. In the personal authentication system according to any one of claims 1 to 3,
A personal authentication system that uses a verification result based on the biometric feature information when a continuous transaction is performed by the automatic transaction apparatus. In the personal authentication system according to claim 2 or 3,
A personal authentication system in which biometric type information is also stored in the customer identification medium, and only the operation guidance of the biometric information recognition unit collected by the biometric type information read by the customer information reading unit is performed. In the personal identification system according to claim 3,
A personal authentication system in which the one-time password information stored in the customer identification medium is deleted by the end of the transaction.

Images