JP2008065604A - Mobile type biological information storage device, biological information storage method, program, storage medium, and biometric authentication system and method - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide an IC card capable of updating efficiently stored biological information. <P>SOLUTION: The IC card 2 having a nonvolatile memory for storing a reference data (biological information) in biometric authentication is constituted to execute a step SC1 for authenticating a principal based on input collation information and the stored biological information, a step SC5 for determining the propriety of satisfying a prescribed updating condition when determined to be authenticated, a step SC6 for outputting immediately a determination result allowing authentication when determined not to satisfy the updating condition, a step SC7 for updating the stored biological information, using the input collation information, when determined to satisfy the updating condition, and a step SC9 for outputting the determination result allowing the authentication. <P>COPYRIGHT: (C)2008,JPO&INPIT

Description

  The present invention relates to a portable biometric information storage device, a biometric information storage method, a program and a storage medium, and a biometric authentication system and method suitable for storing biometric information used in biometric authentication.

In biometric authentication, which uses biometric information such as fingerprints and palm prints to confirm that the subject of authentication is a pre-registered person, biometric information registered at the time of reference (reference data) and biometric information (matching data) ) Is not an exact match but an approximation, and authentication is determined. For this reason, biometric data that may change from day to day must be able to cope with changes over time. Such aging of biological information can be dealt with by updating registered biological information (reference data) in a timely manner (for example, Patent Document 1).
JP 2006-85265 A

  In the prior art, reference data, which is registered biometric information, is generally updated only by a registration scheme that is selected for the first time or manually by a user. At present, the reference data can be changed manually, but the number of registration procedures is increased, which is a burden on the user.

  In addition, since a device for acquiring biometric information is relatively large, it is often provided separately from a small portable information storage device (portable information terminal) such as an IC card. In such a case, in order to store biological information in a portable information storage device (portable information terminal) such as an IC card, a process for transmitting the biological information from an external device to the IC card is required. Become. Therefore, for example, when biometric information is updated, there is a problem of shortening the transmission time of biometric information.

  The present invention has been made in consideration of the above circumstances, and a portable biological information storage device, a biological information storage method, a program, and a program capable of efficiently updating biological information stored in a portable information storage device It is an object to provide a storage medium and a biometric authentication system and method.

  In order to solve the above-mentioned problem, the invention described in claim 1 includes a storage unit that stores biometric information, an authentication unit that performs personal authentication based on the input verification information and the biometric information stored in the storage unit, When the authentication unit determines that authentication is possible, the determination unit determines whether or not a predetermined update condition is satisfied, and when the determination unit determines that the update condition is not satisfied, the authentication unit determines whether authentication is possible. If the determination means determines that the update condition is satisfied, the biometric information stored in the storage means is updated using the input collation information, and the determination result indicating that the authentication means can authenticate is displayed. Update means for outputting.

  The invention according to claim 2 further includes an integration unit that integrates the number of times of authentication by the authentication unit, and the determination unit determines that the update condition is satisfied when the number of integrations by the integration unit exceeds a predetermined number. The updating means updates biometric information and initializes the number of integrations of the integration means.

  The invention according to claim 3 further comprises random number generating means for generating a random number, and the determining means determines that the update condition is satisfied when the random number generated by the random number generating means is a predetermined value. It is characterized by being.

  The invention according to claim 4 is characterized in that the determination means determines that the update condition is satisfied when the similarity in authentication by the authentication means is a value within a predetermined range. To do.

  The invention according to claim 5 further includes an update time information storage means for storing information indicating an update time by the update means, wherein the determination means is based on the update time information stored in the update time information storage means. It is characterized in that the update condition is determined to be satisfied when the time from the previous update process exceeds a predetermined value.

  According to the sixth aspect of the present invention, the storage means for storing the biometric information, the authentication means for performing the identity authentication based on the input collation information, and the biometric information stored in the storage means, A determination means for determining whether or not a predetermined update condition is satisfied when the determination is made; and a determination result indicating that authentication is possible by the authentication means when the determination means determines that the update condition is not satisfied; Updating the biometric information stored in the storage means using the input collation information, and then outputting the determination result that authentication is possible by the authentication means. Information processing apparatus for generating collation information from the acquired biological information storage device and outputting it to the portable biological information storage device and inputting an authentication result from the portable biological information storage device. Characterized in that it comprises a device.

  The invention according to claim 7 is a biometric information storage method executed in the portable biometric information storage device, wherein the input collation information and the biometric information stored in the storage means in the portable biometric information storage device Based on the authentication process for authenticating the user, a determination process for determining whether or not a predetermined update condition is satisfied in the authentication process, and a determination process that determines that the update condition is not satisfied. If it is determined that the authentication process is successful in the authentication process, the biometric information stored in the storage means is used as the input verification information. And an update process for outputting a determination result indicating that the authentication is possible in the authentication process.

  The invention according to claim 8 is a biometric information storage program executed in the portable biometric information storage device, and the input collation information and the biometric information stored in the storage means in the portable biometric information storage device Based on the authentication process for authenticating the user, a determination process for determining whether or not a predetermined update condition is satisfied in the authentication process, and a determination process that determines that the update condition is not satisfied. If it is determined that the authentication process is successful in the authentication process, the biometric information stored in the storage means is used as the input verification information. It is characterized by including a command for executing by the computer an update process for outputting a determination result indicating that the authentication is possible in the authentication process after updating by using.

  The invention according to claim 9 is a medium in which a biological information storage program executed in the portable biological information storage device is recorded, and the program stores the input collation information and the portable biological information storage device. An authentication process for performing identity authentication based on biometric information stored in the storage means, a determination process for determining whether or not a predetermined update condition is satisfied when it is determined that authentication is possible in the authentication process, and a determination process When it is determined that the update condition is not satisfied, the determination result that authentication is possible in the authentication process is immediately output, and when it is determined that the update condition is satisfied in the determination process, biometric information stored in the storage unit And an update process for outputting a determination result indicating that the authentication is possible in the authentication process after updating using the input verification information.

  According to the tenth aspect of the present invention, an authentication process for performing identity authentication based on the input verification information and the biometric information stored in the storage means in the portable biometric information storage device, and determining that authentication is possible in the authentication process. If the determination process determines whether or not the predetermined update condition is satisfied, and if it is determined that the update condition is not satisfied in the determination process, the determination result that authentication is possible in the authentication process is immediately output, When it is determined that the update condition is satisfied in the determination process, the biometric information stored in the storage unit is updated using the input verification information, and then a determination result indicating that authentication is possible in the authentication process is output. A process for generating collation information from the acquired information related to the living body and outputting it to the portable biological information storage apparatus, and a portable biological information storage. Authentication result from the device Characterized in that the step of inputting portable biometric information storage device contains as being performed within an information processing apparatus connected.

  According to the first and sixth to tenth aspects of the present invention, in the portable information storage device configured as an IC card, a mobile phone terminal or the like, the biometric information is stored in the storage means in the device, and the collation information inputted And the biometric information stored in the storage means, and further verifying whether the biometric information stored in the storage means is input based on the result of determining whether or not a predetermined update condition is satisfied. I use it to update it. That is, since the biometric information is updated using the verification information used for the authentication process, it is not necessary to transmit new biometric information for the update. In addition, it is automatically determined whether or not to update. As a result, the time required for the update is shortened and no special operation is required from the user. In addition, when the update process is performed, a determination result indicating that the authentication is possible is output after the update is completed, so that the information processing apparatus side such as a personal computer or ATM (automatic expenditure apparatus) connected to the portable information storage device Then, as in the case of not performing the update process, it is possible to know the end of all the processes on the portable information storage device side by confirming the transmission of the authentication result. For example, a standby time in consideration of the update time is provided. There is no need to change the process.

  In the invention according to claim 2, since it is determined whether to update or not according to the number of times of authentication, it is updated by a simple process such as an authentication number integration process and a comparison process between the integration number and a predetermined reference number. Since it can be determined whether or not to do so, the configuration relating to determination and update can be simplified.

  In the invention described in claim 3, since the update process is performed when the random number generated by the random number generation means is a predetermined value, the update interval can be randomly changed and the update time is used. It is possible to prevent the person from being conscious.

  In the invention described in claim 4, since the update process is performed when the degree of similarity at the time of authentication by the authentication means is a value within a predetermined range, the update process is performed at a minimum number of times according to aged deterioration or the like. Can be stopped.

  According to the fifth aspect of the present invention, the update process is performed when the time from the previous update process exceeds a predetermined value based on the update time information stored in the update time information storage means. The update process can be performed by a simple process called calculation.

  Embodiments of the present invention will be described below with reference to the drawings. FIG. 1 is a system diagram showing a first embodiment of the present invention. The biometric authentication system shown in FIG. 1 includes an information processing device 1 and a portable information storage device 2.

  The information processing apparatus 1 is configured as a personal computer (PC), a POS terminal (point-of-sale information management system terminal), an ATM (automatic teller machine), or the like, and includes a CPU (central processing unit), a RAM (random access memory). , ROM (read only memory), storage devices such as hard disk drives, input devices such as mice and keyboards, output devices such as monitors, IC cards, read / write devices (reader / writers) of storage devices built in mobile phone terminals, etc. A scanner for inputting information related to a living body such as a fingerprint and a palm print, and other various input / output devices are provided. The information processing apparatus 1 executes a program for performing biometric authentication processing on a predetermined OS (operating system) according to a user operation.

  The portable information storage device 2 is configured as an IC card (ICC), a mobile phone terminal or the like, and includes a volatile memory such as a CPU and a RAM, a read-only nonvolatile memory such as a ROM, and an EEPROM (electrically rewritable nonvolatile memory). A rewritable non-volatile memory such as a memory, a dedicated signal processing device for encryption processing, a wireless or wired input / output device or an input / output terminal for connection to the information processing device 1, and the like. The portable information storage device 2 is connected to the information processing device 1 by wire or wirelessly, and communicates various signals encrypted by performing public key encryption processing or the like.

  When the portable information storage device 2 is configured as a non-contact type IC card, a power source that operates each unit is driven by a magnetic field generated by a reader / writer provided in the information processing device 1. In the portable information storage device 2, an authentication process using a storage device such as a RAM or an EEPROM is performed by starting a predetermined OS stored in a ROM or EEPROM and executing a predetermined biometric authentication program on the OS. Biometric information update processing is performed.

  In the present embodiment, biometric data (hereinafter, referred to as a reference for comparison in biometric authentication) in a predetermined non-volatile memory (storage means for storing biometric information in claims) formed of an EEPROM or the like in the portable information storage device 2. Reference data (biological information in claims)) is stored. Further, biometric data (hereinafter referred to as verification data (verification information in the claims)) to be compared with reference data at the time of identity verification, which is used in the authentication process executed in the portable information storage device 2, is information processing. When input from the device 1, it is stored in a storage device (storage means) such as a volatile memory such as a RAM or a non-volatile memory such as EEEPOM.

  In the following description, fingerprint information is used as the biometric information, the information processing apparatus 1 is assumed to be PC1, and the portable information storage device 2 is assumed to be ICC2. In the first embodiment shown in FIG. 1, fingerprint reference data can be updated automatically at intervals determined at the time of initial registration after identity verification. That is, when the fingerprint reference data or the like is registered in the ICC 2 for the first time, the update interval is set in advance by the user, the IC card issuer, etc. (stored in a predetermined nonvolatile memory).

  When performing personal authentication, fingerprint data is first captured on the PC 1 (step SP1), and processing such as extraction of predetermined feature points from the captured data is performed, whereby the data is converted into collation data. Conversion is performed (step SP2). Then, the collation data is sent from the PC 1 to the ICC 2 (step SP3). A signal flow between the PC1 and the ICC2 is indicated by a broken-line arrow (hereinafter the same).

  When the verification data input from the PC 1 is input, the ICC 2 compares the reference data stored in a non-volatile memory such as an EEPROM and authenticates the user (step SC1). In the personal authentication, the similarity between the collation data and the reference data is obtained, and if a similarity greater than a predetermined value is obtained, it is determined that the authentication is OK (authentication is possible) (step SC2). If the authentication is not successful (authentication is not possible), error information is sent to the PC 1 (step SC3). The PC 1 receives the error information (step SP4), and performs a predetermined process to acquire a fingerprint again, for example.

  On the other hand, if authentication is possible in step SC2, ICC2 performs a process of accumulating the number of times authentication was possible and stores the result in a predetermined area of the nonvolatile memory (step SC4). Next, the ICC 2 determines whether or not a predetermined update condition is satisfied by determining whether or not the number of integrations when the authentication result is OK exceeds a predetermined value (for example, 10 times). (Step SC5). When it is determined that the update condition is not satisfied, the ICC 2 sends the normal end information to the PC 1 and immediately outputs the determination result that the authentication result is OK (step SC6, step SP4). On the other hand, when it is determined that the update condition is satisfied, the ICC 2 updates the reference data stored in a predetermined area of the non-volatile memory using the verification data stored in the non-volatile memory such as RAM or EEPROM. (Step SC7). In the data update process, for example, data may be overwritten in the same storage area, or when reference data is stored in a nonvolatile memory such as an EEPROM at the time of input from the PC 1 You may make it perform the process which rewrites an address to the storage location of collation data. Next, the number of authentications accumulated in the nonvolatile memory is reset (initialized to “0” (step SC8), and then normal end information is sent to the PC 1 as in step SC6. Then, the determination result that the authentication result is OK is output (step SC9, step SP4).

  As described above, in the present embodiment, since reference data (biological information) is updated using collation data (collation information) used for authentication processing, new biometric information is transmitted for updating. do not need. In addition, it is automatically determined whether or not to update. That is, the time required for the update is shortened, and no special operation is required from the user. Further, since the determination result indicating that the authentication is possible is output after the update is completed, the PC 1 connected to the ICC 2 need only wait for the transmission of the normal end information, and it is necessary to change the process depending on the presence or absence of the update process. Absent. However, it is possible to add and send information indicating whether update processing has been performed for confirmation.

  Furthermore, since whether or not to update is determined according to the number of times of authentication, it is determined whether or not to update by a simple process such as an authentication number integration process and a comparison process between the number of authentication times and a predetermined reference number. And the configuration related to determination and update can be simplified.

  In the above description, fingerprint data is used as the biometric data. However, other biometric data such as a face pattern, an iris, a voiceprint, a handwriting, or the like is used in addition to a palm print or a combination thereof. It is also possible.

  Next, a second embodiment of the present invention will be described with reference to FIG. The embodiment shown in FIG. 2 is a modification of the first embodiment described with reference to FIG. 1, and the contents of the conditions for determining whether or not to update compared to the first embodiment are as follows. Is different.

  The hardware configuration of the ICC 2 in FIG. 2 is the same as that in FIG. 1, but the software (program) configuration is partially different. Specifically, an update probability information acquisition process (step SC4a) is provided in place of the authentication count integration process in step SC4 in FIG. 1, and the update condition determination process is modified (step SC5a). The reset processing of the number of integrations in step SC8 is deleted. In the second embodiment, the update probability is set by the user, the issuer of the IC card, etc. (stored in a predetermined non-volatile memory) when the fingerprint reference data is registered in the ICC 2 for the first time. ). It should be noted that the same processes as those described with reference to FIG.

  In the present embodiment, the ICC2 performs a process of acquiring update probability information when authentication is possible in step SC2 (step SC4a). For example, a calculation for generating a predetermined pseudo-random number is performed to generate any integer from 0 to 9. The coefficient used in the calculation is stored in a non-volatile memory, and the next random number calculation is performed using the coefficient as an initial value.

  Next, the ICC 2 determines whether or not the update condition is satisfied by determining whether or not the random number is a predetermined value corresponding to a preset probability (step SC5a). For example, when the update probability is set to ½, it is determined that the update condition is satisfied when the random number is an odd number, and is not satisfied when the random number is an even number. When the update probability is set to 1/5, it is determined that the update condition is satisfied when the random number value is 0 or 1, and is determined not to be satisfied when the update probability is 2 or more.

  The processes after step SC6 are the same as those described with reference to FIG. However, since the process of storing the progress of random number calculation is performed in step SC4a, the present embodiment does not require the process corresponding to step SC8 in FIG.

  According to the second embodiment, since the update process is performed when the random value generated by the random number generation process is a predetermined value, the update interval can be changed at random, and the update time can be changed. It is possible to prevent users from being conscious.

  Next, a third embodiment will be described with reference to FIGS. The embodiment shown in FIG. 3 is a modification of the first embodiment described with reference to FIG. 1, and the content of the condition for determining whether or not to update is compared with the first embodiment. Is different. The hardware configuration of the ICC 2 in FIG. 3 is the same as that in FIG. 1, but the configuration of the software (program) is partially different. Specifically, an update threshold information acquisition process (step SC4b) is provided instead of the authentication count integration process in step SC4 in FIG. 1, and the update condition determination process is modified (step SC5b). The reset processing of the number of integrations in step SC8 is deleted. It should be noted that the same processes as those described with reference to FIG.

  In the present embodiment, the ICC 2 performs a process of acquiring update threshold information when authentication is possible in step SC 2 (step SC 4 b). For example, an “update reference value” to be compared with the similarity indicating the comparison result between the collation data and the reference data obtained in the authentication process in step SC3 is acquired from a predetermined storage area. As shown in FIG. 4, the update reference value has a value between the similarity in the case of a complete match and the determination reference value for authentication OK. Next, in step SC5b, it is determined that the update condition is satisfied when the similarity (value of the comparison result) obtained in the authentication process of step SC1 is a value within a predetermined range. In this case, the value within the predetermined range means a value exceeding the update reference value. That is, as shown in FIG. 4, when the degree of similarity is a value within the range between the complete match and the update reference value, a process of updating the fingerprint data of the reference data is performed. On the other hand, when the similarity is between the update reference value and the determination reference value for authentication OK, the fingerprint data of the reference data is not updated. However, authentication is OK. If the similarity is less than the “authentication OK judgment reference value”, the fingerprint data of the reference data is not updated. Further, authentication is impossible (NG).

  The processes after step SC6 are the same as those described with reference to FIG. However, since the similarity to be compared in step SC5b becomes a different value every time the authentication process is performed, in the present embodiment, the process corresponding to step SC8 in FIG. 1 is unnecessary.

  According to the third embodiment, since the update process is performed when the similarity obtained during the authentication process is a value within a predetermined range, the minimum number of times corresponding to aged deterioration, etc. The update process can be stopped.

  Next, a fourth embodiment will be described with reference to FIG. The embodiment shown in FIG. 5 is a modification of the first embodiment described with reference to FIG. 1, and includes the contents of the conditions for determining whether or not to update compared to the first embodiment. The difference is that a configuration for transmitting date information from the PC 1 to the ICC 2 is added as information used in the determination. The hardware configurations of the PC 1 and the ICC 2 in FIG. 5 are the same as those in FIG. 1, but the software (program) configuration is partially different. Specifically, the processing after transmitting the collation data is changed on the PC1 side (step SP4 is changed to steps SP4c1 to SP3), and the ICC2 side replaces the authentication count integration processing in step SC4 in FIG. A process for requesting date information from the PC 1 (step SC4c1) and a process for calculating the update interval between the previous update (step SC4c2) are provided, and the contents of the update condition determination process are modified (step SC5c). In place of the reset process of the accumulated number of times, a process of storing update date information (step SC8c) is provided.

  In the fourth embodiment, when a fingerprint reference data or the like is registered in the ICC 2 for the first time, a specified number of days for setting an update interval is set by a user, an IC card issuer, or the like (in a predetermined nonvolatile memory). Remembered). It should be noted that the same processes as those described with reference to FIG.

  In this embodiment, the ICC 2 performs a process of requesting the PC 1 to provide the current date information when authentication is possible in step SC 2 (step SC 4 c 1). The PC 1 is in a standby state while performing processing for determining the content of the signal received from the ICC 2 after transmitting the collation data in step SP 3 (step SP 4 c 1), and when a date information request signal is received, the process proceeds to step SP 4 c 2. To send the date information. The date information is information representing the date. On the other hand, the ICC 2 receives the date information sent from the PC 1, and based on the information indicating the previous update date and time stored in the predetermined area (update information storage unit) of the nonvolatile memory at the previous update time. The update interval is calculated by obtaining the difference between the current date and the current date (step SC4c2).

  Next, in step SC5c, it is determined that the update condition is satisfied when the update interval calculated in step SC4c2 exceeds a preset specified number of days. If the update condition is satisfied, the reference data is updated (step SC7), and the current update date information is stored in a predetermined area (update information storage means) of the volatile memory (step SC8). . Then, normal end information is transmitted to the PC 1 (step SC9).

  The PC 1 performs a return information reception process when the error information transmitted from the ICC 2 at step SC3 is received and when the normal end information transmitted at step SC6 or SC9 is received (step SP4c3).

  According to the fourth embodiment, the update is performed when the time from the previous update process exceeds a predetermined value based on the update time information stored in the predetermined area (update time information storage means) of the nonvolatile memory. Since the process is performed, the update process can be performed by a simple process of time calculation.

  Note that the embodiment of the present invention is not limited to the above, and for example, a part of information stored in the ICC 2 may be stored on the PC 1 side or connected to the ICC 2 via a communication network or the like. Changes such as storing part or all of the information to be stored on the ICC 2 side in another device different from the PC 1 can be made as appropriate. The embodiment of the present invention can be constituted by a computer (CPU or the like) and a program executed by the computer, and the program can be distributed via a computer-readable recording medium or a communication line. it can.

  In addition, as an application or application field of the present invention, a PKI (public key infrastructure) system, a logon system, an entrance / exit management system, and the like can be considered.

1 is a system diagram showing a first embodiment of the present invention. The system diagram which shows the 2nd Embodiment of this invention. The system figure which shows the 3rd Embodiment of this invention. Explanatory drawing for demonstrating the 3rd Embodiment of this invention. The system figure which shows the 4th Embodiment of this invention.

Explanation of symbols

1 Personal computer (information processing equipment)
2 IC card (portable information storage device)
SC1 Authentication means SC5 Judgment means SC7 Update means SC4 Accumulation means SC4a Random number generation means

Claims (10)

Storage means for storing biological information;
Authentication means for performing identity authentication based on the input verification information and biometric information stored in the storage means;
A determination unit that determines whether or not a predetermined update condition is satisfied when the authentication unit determines that authentication is possible;
When the determination unit determines that the update condition is not satisfied, the determination result that authentication by the authentication unit is possible is immediately output, and when the determination unit determines that the update condition is satisfied, the biological information stored in the storage unit A portable biometric information storage device comprising: an updating unit that outputs a determination result indicating that the authentication unit can authenticate after updating using the input collation information. Furthermore, an integration unit that integrates the number of times of authentication by the authentication unit is provided,
The determination unit determines that the update condition is satisfied when the number of integrations by the integration unit exceeds a predetermined number,
The portable biometric information storage device according to claim 1, wherein the updating unit updates the biometric information and initializes the number of integrations of the integrating unit. Furthermore, a random number generating means for generating a random number is provided,
The portable biometric information storage device according to claim 1, wherein the determination unit determines that the update condition is satisfied when the random number generated by the random number generation unit is a predetermined value. The portable type according to claim 1, wherein the determination unit determines that the update condition is satisfied when a similarity in authentication by the authentication unit is a value within a predetermined range. Biological information storage device. Furthermore, an update time information storage means for storing information indicating the update time by the update means is provided,
The determination means determines that the update condition is satisfied when the time from the previous update process exceeds a predetermined value based on the update time information stored in the update time information storage means. The portable biological information storage device according to claim 1, wherein Storage means for storing biological information;
Authentication means for performing identity authentication based on the input verification information and biometric information stored in the storage means;
A determination unit that determines whether or not a predetermined update condition is satisfied when the authentication unit determines that authentication is possible;
When the determination unit determines that the update condition is not satisfied, the determination result that authentication by the authentication unit is possible is immediately output, and when the determination unit determines that the update condition is satisfied, the biological information stored in the storage unit A portable biometric information storage device comprising: an update unit that outputs a determination result indicating that the authentication unit can authenticate, after updating using the input verification information;
An information processing device that generates collation information from the acquired information related to the living body and outputs the collation information to the portable biological information storage device, and inputs an authentication result from the portable biological information storage device. Authentication system. A biological information storage method executed in a portable biological information storage device,
An authentication process for performing identity authentication based on the input verification information and the biometric information stored in the storage means in the portable biometric information storage device;
A determination process for determining whether or not a predetermined update condition is satisfied when it is determined that authentication is possible in the authentication process;
If it is determined that the update condition is not satisfied in the determination process, the determination result that authentication is possible in the authentication process is immediately output, and if it is determined that the update condition is satisfied in the determination process, it is stored in the storage means. A biometric information storage method, comprising: updating an existing biometric information using the input collation information, and outputting a determination result indicating that authentication is possible in the authentication process. A biological information storage program executed in a portable biological information storage device,
An authentication process for performing identity authentication based on the input verification information and the biometric information stored in the storage means in the portable biometric information storage device;
A determination process for determining whether or not a predetermined update condition is satisfied when it is determined that authentication is possible in the authentication process;
If it is determined that the update condition is not satisfied in the determination process, the determination result that authentication is possible in the authentication process is immediately output, and if it is determined that the update condition is satisfied in the determination process, it is stored in the storage means. And updating the biometric information using the input verification information, and outputting a determination result indicating that authentication is possible in the authentication process. Biological information storage program. A medium that records a biological information storage program executed in a portable biological information storage device,
An authentication process for performing identity authentication based on the input verification information and the biometric information stored in the storage means in the portable biometric information storage device;
A determination process for determining whether or not a predetermined update condition is satisfied when it is determined that authentication is possible in the authentication process;
If it is determined that the update condition is not satisfied in the determination process, the determination result that authentication is possible in the authentication process is immediately output, and if it is determined that the update condition is satisfied in the determination process, it is stored in the storage means. And updating the biometric information using the input collation information, and outputting a determination result indicating that authentication is possible in the authentication process. A recording medium on which a biological information storage program is recorded. An authentication process for performing identity authentication based on the input verification information and the biometric information stored in the storage means in the portable biometric information storage device;
A determination process for determining whether or not a predetermined update condition is satisfied when it is determined that authentication is possible in the authentication process;
If it is determined that the update condition is not satisfied in the determination process, the determination result that authentication is possible in the authentication process is immediately output, and if it is determined that the update condition is satisfied in the determination process, it is stored in the storage means. And updating the biometric information using the input verification information, and outputting the determination result that authentication is possible in the authentication process.
A process of generating collation information from the acquired biological information and outputting it to the portable biological information storage device;
A biometric authentication method comprising: a step of inputting an authentication result from a portable biometric information storage device as executed in an information processing apparatus connected to the portable biometric information storage device.

Images