JP2011087306A - Authentication information registration method of mobile information terminal device - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a mobile information terminal device capable of effectively protecting privacy or security of a user. <P>SOLUTION: In the case where authentication is failed when starting a PIM (Personal Information Manager) lock application (No, in step S104) which is lock-set, settings are changed to perform authentication processing (step S106) not only for the PIM lock application which is already lock-set, but also for a PIM lock application which is not lock-set. Thus, any other person who illegally uses a cellular phone 1 and tries to start the PIM lock application, but fails in authentication, can not start all PIM lock applications, thereby effectively protecting user privacy or security. <P>COPYRIGHT: (C)2011,JPO&INPIT

Description

  The present invention relates to a portable information terminal device, and more particularly to an improvement of a portable information terminal device that performs an authentication process based on a captured image.

  Some portable information terminal devices such as cellular phones include a camera that captures a subject and generates image data. In this type of portable information terminal device, recently, it is urged to capture a face image by the camera during operation, and feature information such as the shape and size of eyes, nose, mouth and contour extracted from the captured face image, Some of them are designed to perform authentication processing (so-called face authentication) by comparing with user feature information stored in advance as registered feature information in a memory provided in the portable information terminal device. As a result of the authentication process, only when the degree of coincidence between the feature information extracted from the captured image and the feature information of the user exceeds the recognition threshold, it is determined that the person who is operating at that time is a true user, By permitting execution of subsequent processing, security can be improved and privacy can be protected (see, for example, Patent Document 1).

  On the other hand, in the portable information terminal device, when starting an application program for executing various functions such as an e-mail function, the application program is executed only when authentication is performed by inputting a personal identification number or the like and the authentication is successful. There is something that can be started. In this type of portable information terminal device, for example, for each of a plurality of types of application programs, setting (whether so-called PIM (Personal Information Manager) lock setting) as to whether or not to perform authentication processing when the application programs are activated may be performed. The authentication process is performed only when an application program preset by the user is activated.

JP 2000-278658 A

  In a conventional portable information terminal device, an application that is set to perform authentication processing by PIM lock setting when someone other than the user tries to use it illegally, such as when the portable information terminal device is stolen. As for the program, the authentication cannot succeed and the application program cannot be started. However, there is a problem that an application program that is set not to perform authentication processing by the PIM lock setting can be activated without any restriction by anyone other than the user.

  Usually, since the operation of the authentication process is troublesome for the user, the user tends to set the authentication process to be executed only for an application program corresponding to a function that is not desired to be used by others, among application programs for which PIM lock setting is possible. It is in. However, all the functions executed by the application program that can set the PIM lock are highly confidential functions, and are functions that the user has set not to perform authentication processing in consideration of his / her operability. However, it is usually a function that the user does not want to be used by others.

  Therefore, when another person tries to use the portable information terminal device illegally, an application program that is set not to perform authentication processing by the PIM lock setting is activated, and the corresponding function can be used by another person. There is a problem of lack of protection of user privacy and security.

  This invention is made | formed in view of said situation, and it aims at providing the portable information terminal device which can protect a user's privacy or security effectively.

  A portable information terminal device according to a first aspect of the present invention includes an authentication processing means for performing an authentication process, and a setting variable program storage for storing an application program that can be changed by a user operation as to whether or not to perform the authentication process upon activation. Means, an authentication execution setting means for setting whether or not to perform the authentication process when each application program is started, and the authentication execution when the authentication process fails in the authentication process. Authentication setting changing means for changing the setting by the setting means.

  According to such a configuration, the setting by the authentication execution setting unit can be changed when the authentication fails when starting the application program that is set to perform the authentication process. For example, when another person tries to start an application program by illegally using a portable information terminal device, if authentication fails in the authentication process performed when the application program is started, the authentication execution setting means performs the authentication process. If the setting is changed so that the authentication processing is performed even for the application program that is set not to perform the authentication, other persons cannot start all the application programs whose settings can be changed by the authentication execution setting means. Therefore, the privacy or security of the user can be effectively protected.

  In the portable information terminal device according to the second aspect of the present invention, the authentication setting change unit is configured to set the authentication execution setting unit not to perform the authentication process when authentication fails in the authentication process. Then, the setting is changed to perform the authentication process.

  According to such a configuration, if authentication fails when starting an application program that is set to perform authentication processing, only the application program that is already set to perform authentication processing by the authentication execution setting means at that time. First, it is possible to change the setting so that authentication processing is performed even for an application program that is set not to perform authentication processing by the authentication execution setting means. Therefore, the privacy or security of the user can be effectively protected.

  According to a third aspect of the present invention, there is provided a portable information terminal device comprising: a setting non-variable program storage means for storing an application program whose setting cannot be changed by a user operation as to whether or not to perform the authentication process upon activation. Changes the setting of the application program stored in the setting non-variable program storage means to perform the authentication process when the authentication process fails in the authentication process.

  According to such a configuration, in the case of an application program whose setting cannot be changed whether or not the authentication execution setting means performs the authentication process when the authentication fails when starting the application program set to perform the authentication process. In addition, the setting can be changed to perform the authentication process. Therefore, the privacy or security of the user can be further effectively protected.

  In this case, if all the application programs stored in the setting variable program storage unit and the setting non-variable program storage unit are configured to change the setting so as to perform authentication processing, for example, another person can use the portable information terminal. If authentication fails when trying to start an application program by using the device illegally, no application program can be started after that, and the user's privacy or security can be protected to the maximum. it can.

  According to a fourth aspect of the present invention, there is provided a portable information terminal device comprising: an authentication setting content storage means for storing setting contents before the change by the authentication setting changing means; and authentication performed after the setting change by the authentication setting changing means. When authentication is successful in the process, the authentication setting content storage means reads out the setting contents before change from the authentication setting contents storage means, and comprises authentication setting return means for returning the settings.

  According to such a configuration, even if it is a true user, the authentication fails, and even if the setting is changed, if the authentication succeeds in the subsequent authentication processing, Settings can be restored. Therefore, when authentication fails even though the user is a true user and the setting is changed, it is not necessary to perform the setting operation again to restore the setting contents, and convenience is improved.

  According to a fifth aspect of the present invention, there is provided a portable information terminal device comprising: imaging means for photographing a subject; and feature information storage means for previously storing feature information extracted from a face image as registered feature information. The processing means performs authentication processing based on the photographed image by the imaging means, using the registered feature information.

  According to such a configuration, when authentication fails in the authentication process based on the photographed image, the setting by the authentication execution setting unit can be changed.

  The portable information terminal device according to the sixth aspect of the present invention controls the image pickup means and the authentication processing means to take a picture again when authentication fails in the authentication process, and performs an authentication process based on the photographed image. Thus, a continuous authentication unit that performs a series of authentication processes is provided, and the authentication setting change unit changes the setting by the authentication execution setting unit when the authentication fails in the series of authentication processes.

  According to such a configuration, when authentication fails in the authentication process, the authentication process can be automatically performed again. Therefore, when a true user performs an operation, even if the authentication fails in the first authentication process, the authentication process is performed again without the user performing a shooting operation thereafter. In other words, since the authentication process is automatically and repeatedly performed until it is determined that the user is a true user, the labor required for the authentication process can be reduced and the time required for the authentication process can be shortened.

  In addition, since the setting is changed when authentication fails in a series of authentication processes, it is possible to prevent the setting from being changed immediately when the user himself / herself fails in the first authentication process. Accordingly, when authentication fails even though the user is a true user, the setting is immediately changed to prevent the user from feeling complicated.

  According to the portable information terminal device of the present invention, the setting by the authentication execution setting means can be changed when the authentication fails when the application program set to perform the authentication process is started. If authentication fails when starting an application program that has been set to perform authentication processing, then not only the application program that has already been set by the authentication execution setting means but also authentication by the authentication execution setting means For application programs that are set not to be processed, the user's privacy or security can be effectively protected by changing the setting so that the authentication process is performed.

  In addition, when authentication fails when starting an application program that is set to perform authentication processing, authentication processing is also performed for an application program whose setting cannot be changed by the authentication execution setting means. If the setting is changed as described above, the privacy or security of the user can be further effectively protected.

  According to the portable information terminal device of the present invention, even though it is a true user, the authentication fails, and even if the setting is changed, if the authentication succeeds in the authentication process performed thereafter, The settings before the change can be restored. Therefore, when authentication fails even though the user is a true user and the setting is changed, it is not necessary to perform the setting operation again to restore the setting contents, and convenience is improved.

BRIEF DESCRIPTION OF THE DRAWINGS It is the external view which showed an example of the portable information terminal device by Embodiment 1 of this invention, and the mobile telephone is shown as an example of a portable information terminal device. FIG. 2 is a block diagram showing an example of an internal configuration of the mobile phone shown in FIG. 1. FIG. 3 is a block diagram illustrating a configuration example of an imaging unit drive control unit in FIG. 2. FIG. 3 is a block diagram illustrating a configuration example of an authentication processing unit in FIG. 2. It is the figure which showed the example of a display of the main display part at the time of setting regarding face authentication. It is the figure which showed the example of a display of the image registration screen for face authentication. It is the figure which showed the example of a display of a security level setting screen. It is the figure which showed the example of a display of an error history screen. It is the figure which showed the example of a display of the main display part at the time of performing face authentication. It is the figure which showed the example of a display of a PIM lock setting screen. It is the flowchart which showed an example of the application starting process. It is the flowchart which showed an example of the application starting process by Embodiment 2 of this invention.

Embodiment 1 FIG.
FIG. 1 is an external view showing an example of a portable information terminal device according to Embodiment 1 of the present invention. A mobile phone 1 is shown as an example of the portable information terminal device. The mobile phone 1 is a so-called foldable mobile phone, in which a display housing 100 and an operation housing 200 are connected via a hinge part 300, and are folded with one surface of the display housing 100 and the operation housing 200 facing each other. be able to.

  In the display housing 100, a main display unit 101, a receiver for receiver 103, and a sub camera 105 are disposed on the inner housing surface when folded, and a sub display portion and a main camera 104 are disposed on the outer housing surface. . In addition, the operation casing 200 has a large number of operation keys 201 and a microphone for transmitting 203 arranged on the inner casing surface when folded. Such a foldable mobile phone 1 can be carried in a compactly folded state, and if the casing is unfolded, the operation key 201 can be pressed while viewing the display on the main display unit 101. . That is, main information display is performed using the main display unit 101, and main operation input is performed using the operation keys 201.

  When the user is operating the operation key 201 while viewing the display on the main display unit 101, the cellular phone 1 captures the user's face image by the sub camera 105 and extracts feature information extracted from the face image. As a result of performing the authentication process based on the above, it has a function (so-called face authentication function) that permits the execution of the subsequent process only when it is determined that the person who is operating at that time is a true user Yes. By performing authentication processing when executing a highly confidential function, security can be improved and privacy can be protected.

  FIG. 2 is a block diagram showing an example of the internal configuration of the mobile phone 1 shown in FIG. The control unit 400 is a processor that controls main operations of the mobile phone 1, and includes an imaging unit drive control unit 401, an authentication processing unit 402, a continuous authentication unit 403, an authentication execution setting unit 404, an authentication setting change unit 405, and an authentication. A setting return unit 406 is provided. An operation signal from the operation key 201 is input to the control unit 400, and a memory 410, an image input / output unit 430, an audio input / output unit 440, and a communication unit 450 are connected to be able to input / output.

  The image input / output unit 430 includes a main display unit 101, a sub display unit 102, a main camera 104, and a sub camera 105. The main camera 104 and the sub camera 105 are each unitized as an imaging unit. These imaging units include a photoelectric conversion element such as a CCD (Charge-Coupled Device) or a CMOS (Complementary Metal Oxide Semiconductor) image sensor and a control. A circuit is provided. Here, a photoelectric conversion element that needs to perform initialization processing such as adjustment of offset and gain after power-on of the imaging unit is used.

  The voice input / output unit 440 is provided with a receiving receiver 103 and a transmitting microphone 203. The communication unit 450 transmits / receives audio data, image data, and the like by transmitting / receiving radio waves to / from a base station (not shown).

  The imaging unit drive control unit 401 controls driving of the main camera 104 and the sub camera 105 by transmitting a signal to the image input / output unit 430. In this embodiment, the imaging unit drive control unit 401 controls the driving of the sub camera 105, so that the sub camera 105 captures a face image of a person who operates the operation key 201 while looking at the main display unit 101. The authentication process is performed based on the feature information extracted from the face image. However, the configuration may be such that authentication processing is performed by photographing a face image with the main camera 104.

  The authentication processing unit 402 compares the feature information extracted from the captured image with the feature information (registered feature information) of the user stored in advance in the memory 410, so that the person who is operating at that time is true It is determined whether or not the user is a user. The continuous authentication unit 403 controls the imaging unit drive control unit 401 and the authentication processing unit 402 to perform imaging again when authentication fails, and performs authentication processing based on the captured image.

  The authentication execution setting unit 404 is used to set whether or not to perform authentication processing. The setting contents in the authentication execution setting unit 404 can be changed by the processing of the authentication setting changing unit 405. The authentication setting return unit 406 performs processing for returning the setting content of the authentication execution setting unit 404 changed by the processing of the authentication setting changing unit 405 to the setting content before the change.

  The mobile phone 1 according to the present embodiment can execute two or more application programs, and can perform processing such as displaying a corresponding display screen on the main display unit 101 based on the execution of each application program. . Of these application programs, a predetermined application program determined in advance can be set by a user operation to determine whether or not the authentication processing unit 402 performs authentication processing upon activation (so-called PIM (Personal Information Manager) lock setting). It is like that.

  As an application program capable of setting PIM lock (hereinafter referred to as “PIM lock application”), an application program for executing a highly confidential function such as a telephone directory function, a schedule function, and an e-mail function is set. Yes. The authentication execution setting unit 404 sets whether or not to perform authentication processing when each PIM lock application is activated based on a user setting operation using the operation keys 201.

  The memory 410 includes a display screen data storage unit 411, an image data storage unit 412, a feature information storage unit 413, an error history information storage unit 414, a PIM lock application storage unit 415, a non-PIM lock application storage unit 416, and an authentication setting storage unit. 417 is assigned. The display screen data storage unit 411 stores screen data to be displayed on the main display unit 101 and the sub display unit 102. The image data storage unit 412 stores image data captured by the main camera 104 and the sub camera 105, image data received from the outside via the communication unit 450, and the like.

  The feature information storage unit 413 stores feature information of face images used for authentication processing. The feature information storage unit 413 can store feature information extracted from two or more face images as registered feature information up to a predetermined maximum number (for example, seven) for each face image. By performing face authentication based on registered feature information extracted from two or more face images, the probability (authentication acceptance rate) of successful authentication when a true user performs face authentication can be increased. It is possible to prevent authentication failure due to subtle differences such as facial expressions and the angle of light. However, the registered feature information used for face authentication is not limited to a configuration that is extracted from seven face images, but is a configuration that performs face authentication based on registered feature information extracted from one face image, for example. There may be.

  The user's face image is previously captured by the user using the main camera 104 or the sub camera 105, and the image data is stored in the image data storage unit 412 of the memory 410. Since face authentication is performed based on registered feature information extracted from these image data and stored in the feature information storage unit 413 of the memory 410, the image data itself is not necessary for face authentication. If it is stored in 410, the user can read the image data and check the face image, so that convenience is improved.

  In the error history information storage unit 414, when authentication fails, information at the time of authentication is stored as error history information. The PIM lock application storage unit 415 stores a predetermined PIM lock application. The non-PIM lock application storage unit 416 stores application programs other than the PIM lock application, that is, application programs incapable of setting the PIM lock (hereinafter referred to as “non-PIM lock application”). The authentication setting storage unit 417 stores the setting content before the change by the authentication setting change unit 405, and the authentication setting return unit 406 stores the setting content before the change from the authentication setting storage unit 417. By reading, the setting contents of the authentication execution setting unit 404 can be restored.

  However, the facial image feature information and facial image image data used for the authentication process are stored in a storage medium (not shown) that is detachable from the mobile phone 1 such as a SIM (Subscriber Identity Module) card. Such a configuration may be used.

  FIG. 3 is a block diagram illustrating a configuration example of the imaging unit drive control unit 401 in FIG. The imaging unit drive control unit 401 includes an imaging unit activation unit 407, an imaging control unit 408, and an imaging unit stop unit 409. The imaging unit activation unit 407 transmits control signals to the main camera 104 and the sub camera 105 to activate them. The imaging unit 106 (the main camera 104 or the sub camera 105) is activated based on a user operation. Are provided with a power-on unit 407A for turning on power and an initialization processing unit 407B for executing initialization processing.

  The imaging control unit 408 controls the imaging operation of the main camera 104 or the sub camera 105 based on the input signal from the initialization processing unit 407B or the imaging operation by the user, and thereby the main camera 104 or the sub camera 105 at that time. Still image data of a subject for is generated. The imaging unit stop unit 409 stops driving the imaging units 106 by stopping the power supplied to the main camera 104 or the sub camera 105.

  FIG. 4 is a block diagram illustrating a configuration example of the authentication processing unit 402 in FIG. The authentication processing unit 402 includes a feature extraction unit 402A, a matching degree calculation unit 402B, and a matching degree determination unit 402C. When the authentication process is started, feature information such as shape and size of each part of the face such as eyes, nose, mouth and contour is extracted from the face image taken by the sub camera 105 by the feature extraction unit 402A. .

  When the photographed image is a landscape image that is not a face image, or when the surroundings are dark, feature information cannot be extracted from the photographed image, and authentication fails. On the other hand, when the feature information is successfully extracted from the photographed image, the feature information is compared with the registered feature information stored in the feature information storage unit 413 of the memory 410 by the coincidence degree calculation unit 402B. The degree of matching is calculated.

  The coincidence determination unit 402C compares the coincidence calculated by the coincidence calculation unit 402B with a predetermined threshold (authentication threshold), and outputs the comparison result. At this time, if the degree of coincidence exceeds the authentication threshold, it is determined that the user is a true user and the authentication is successful. If the degree of coincidence is smaller than the authentication threshold, the user is not determined to be a true user. Authentication fails. Here, the degree of coincidence is a ratio (%) occupied by the matched feature information among all the compared feature information, and the authentication threshold is usually set to a predetermined value of 90% or more.

  FIG. 5 is a diagram illustrating a display example of the main display unit 101 when setting related to face authentication is performed. When the user reads the security setting screen by operating the operation key 201 (see FIG. 5A) and selects and operates the “face authentication setting” item from the items displayed on the security setting screen, the mobile phone A screen that prompts the user to input a terminal security code assigned to the telephone 1 is displayed on the main display unit 101 (see FIG. 5B). When the clear key included in the operation key 201 is operated on this display screen, the display on the main display unit 101 returns to the security setting screen shown in FIG.

  The terminal security code is composed of, for example, an arbitrary character string of 4 to 8 digits, and is set in advance when the mobile phone 1 is purchased, but can be changed by the user operating the operation key 201. When the character string input by operating the operation key 201 does not match the terminal security code set in advance on the terminal security code input screen of FIG. 5B, a message to that effect is displayed on the main display unit 101. (See FIG. 5C). When the character string input on the terminal security code input screen is 3 digits or less, a message indicating that a 4 to 8 character string should be input is displayed on the main display unit 101 (FIG. 5D). reference).

  After the display as shown in FIG. 5C or 5D is displayed on the main display unit 101, a predetermined time elapses or a time-out occurs, or any key included in the operation key 201 is displayed. When operated, the display on the main display unit 101 returns to the security setting screen shown in FIG.

  When the character string input on the terminal personal identification number input screen in FIG. 5B matches the terminal personal identification number set in advance, the display on the main display unit 101 is turned on / off in the mode for performing face authentication. The screen is switched to a face authentication use setting screen for setting OFF (see FIG. 5E). When the clear key included in the operation key 201 is operated on this display screen, the display on the main display unit 101 returns to the terminal security code input screen shown in FIG. When the face authentication is turned off by operating the operation key 201 on the face authentication use setting screen, the display on the main display unit 101 returns to the security setting screen shown in FIG.

  When face authentication is turned on by operating the operation key 201 on the face authentication use setting screen of FIG. 5E, the display of the main display unit 101 is switched to a face authentication setting screen for performing settings related to face authentication ( (Refer FIG.5 (f)). In the face authentication setting screen of FIG. 5F, items associated with images (face authentication images) representing the user from which registered feature information is extracted, and authentication threshold values at the time of face authentication (security) The item associated with (level setting) and the item associated with the error history are included.

  When an item associated with the face authentication image is selected on this display screen, a screen (face authentication image registration screen) for overwriting registration and confirmation of the face authentication image is displayed. When an item associated with the security level setting is selected, a screen (security level setting screen) for setting an authentication threshold for face authentication is displayed. When an item associated with the error history is selected, a screen for displaying the error history (error history screen) is displayed.

  After performing these various settings, when the operation key 201 is operated to complete the face authentication setting, the display on the main display unit 101 is changed to a display as shown in FIG. 5 (g) or FIG. 5 (h). Switch. That is, if at least one face authentication image is registered, the main display unit 101 displays that face authentication is performed based on the feature information extracted from the face authentication image (see FIG. 5G). ) When the confirmation key 111 included in this screen is selected, the display of the main display unit 101 returns to the security setting screen shown in FIG. On the other hand, if no face authentication image has been registered, the main display unit 101 displays that the face authentication image should be registered (see FIG. 5H), and the confirmation included in this screen. When the key 112 is selected, the display on the main display unit 101 returns to the face authentication setting screen shown in FIG.

  FIG. 6 shows a display example of the face authentication image registration screen. When any item associated with the face authentication image is selected on the face authentication setting screen of FIG. 5 (f), the main display unit 101 displays the face authentication as shown in FIG. 6 (a). The screen is switched to the face authentication image registration screen corresponding to the image for use. The face authentication image registration screen includes an “overwrite registration” item and a “registration data confirmation” item.

  When the “overwrite registration” item is selected and operated from the items displayed on the face authentication image registration screen in FIG. 6A, the sub camera 105 is activated and the sub camera 105 is ready for photographing. After that, an image of the subject with respect to the sub camera 105 is displayed on the main display unit 101 in real time (see FIG. 6B). At this time, the main display unit 101 functions as a finder of the sub camera 105, and the face of the person who is performing the operation while viewing the main display unit 101 is displayed on the finder screen configured by the main display unit 101. It becomes.

  When the user performs registration operation by operating the enter key included in the operation key 201 after the user performs position alignment of the user's face on the finder screen in FIG. 6B, the feature extraction unit of the control unit 400 402A performs a process of extracting feature information from the image photographed by the sub camera 105 at that time.

  At this time, if the user's face is properly aligned, feature information such as the shape and size of the eyes, nose, mouth and contour can be extracted. However, the alignment is appropriately performed. If the user's face is not displayed on the main display unit 101, the feature information cannot be extracted. When the feature information is successfully extracted, the feature information is stored in the feature information storage unit 413 of the memory 410, and the face image at that time is used as a face authentication image in the image data storage unit 412 of the memory 410. Stored in

  When the feature information is successfully extracted, the fact that the feature information based on the face image is stored (registered) in the memory 410 is displayed on the main display unit 101 (see FIG. 6C). When the user selects the confirmation key 113 included in this display screen, the display on the main display unit 101 returns to the face authentication setting screen shown in FIG. On the other hand, if the feature information extraction fails, the fact and the cause of the feature information extraction failure are displayed on the main display unit 101 (see FIG. 6D), and the confirmation key 114 included in this display screen is displayed. When the user selects, the display on the main display unit 101 returns to the viewfinder screen shown in FIG. 5B, and a face image can be taken again by the sub camera 105.

  When the item “Registered data confirmation” is selected and operated from the items displayed on the face authentication image registration screen of FIG. 6A, the corresponding face authentication for use stored in the image data storage unit 412 of the memory 410 is displayed. An image is read and displayed on the main display unit 101 (see FIG. 6E). The user can confirm the registered face authentication image on the face authentication image confirmation screen shown in FIG. When the clear key included in the operation key 201 is operated on this display screen, the display on the main display unit 101 returns to the face authentication image registration screen shown in FIG.

  When the user performs an operation of deleting the corresponding face authentication image by operating the operation key 201 on the face authentication image confirmation screen in FIG. 6E, the display on the main display unit 101 is the face authentication. The screen is switched to a deletion confirmation screen for confirming whether or not to delete the image for use (see FIG. 6F). This display screen includes a “Yes” key 115 for instructing that the face authentication image should be deleted, and a “No” key 116 for instructing not to delete the face authentication image. When the “No” key 116 is selected by operating the operation key 201 on the deletion confirmation screen in FIG. 6F, the display on the main display unit 101 is the face authentication image shown in FIG. Return to the confirmation screen.

  When the “Yes” key 115 is selected by operating the operation key 201 on the deletion confirmation screen in FIG. 6F, the corresponding face authentication image is stored in the image data storage unit 412 and the feature information storage unit 413 of the memory 410. In addition, a process for deleting the registered feature information is started and a message indicating that the feature is being deleted is displayed on the main display unit 101 (see FIG. 6G). Then, when the processing for deleting the face authentication image and the registered feature information is completed, a message to that effect is displayed on the main display unit 101 (see FIG. 6 (h)), and a predetermined time elapses or a timeout occurs, or In response to any one of the keys included in the operation key 201 being operated, the display on the main display unit 101 returns to the face authentication setting screen shown in FIG.

  FIG. 7 is a view showing a display example of the security level setting screen. When an item associated with the security level setting is selected on the face authentication setting screen shown in FIG. 5F, the display on the main display unit 101 sets an authentication threshold for face authentication as shown in FIG. Switches to the security level setting screen. As the security level, “level 3” having the highest authentication threshold, “level 2” having an authentication threshold lower than “level 3”, and “level 1” having an authentication threshold lower than “level 2” are set in advance. Any security level can be selected on the security level setting screen.

  FIG. 8 is a diagram showing a display example of the error history screen. When the item associated with the error history is selected on the face authentication setting screen of FIG. 5F, the display of the main display unit 101 is displayed on the error history screen for displaying the error history as shown in FIG. Switch. On the error history screen, time information indicating the date and time when authentication failed is displayed as a list of error history information for a predetermined number of times (for example, nine times). When the authentication history is newly failed while the error history information for the predetermined number of times is stored in the error history information storage unit 414 of the memory 410, the oldest error history information is deleted, and the new error history information is stored in the memory. 410 and updated so that the new error history information is displayed on the error history screen.

  FIG. 9 is a diagram illustrating a display example of the main display unit 101 when performing face authentication. In this example, face authentication is performed when the secret mode included in the management function of the mobile phone 1 is switched on / off. When incognito mode is on, not only normal data but also data registered in advance as secret data is displayed. When incognito mode is off, secret data is not displayed and only normal data is displayed. Will be displayed.

  In the management function screen for setting the management function of the mobile phone 1 as shown in FIG. 9A, when the “secret mode” item is selected and operated from the items displayed on the management function screen, the sub camera 105 is activated. After the sub camera 105 is ready for shooting, an image of the subject with respect to the sub camera 105 is displayed on the main display unit 101 in real time (see FIG. 9B), and automatic authentication is started. At this time, when the initialization process of the sub-camera 105 is completed and the camera is ready for shooting, a face image for authentication is shot without the user performing a shooting operation. Is extracted. Then, the extracted feature information is compared with the user feature information stored in advance in the feature information storage unit 413 of the memory 410, whereby authentication processing is automatically performed.

  In this authentication process, when the degree of coincidence between the feature information of the extracted face image and the user feature information stored in the memory 410 exceeds an authentication threshold set in advance on the security level setting screen, It is determined that the operator is a true user. In this case, the user's face image displayed on the main display unit 101 is highlighted by so-called action focus, thereby informing that the authentication has been successful by a visual effect.

  Thereafter, a message indicating that the authentication has succeeded is displayed on the main display unit 101 (see FIG. 9C), and after a predetermined time has elapsed, the screen is switched to a screen for switching on / off the secret mode (FIG. 9D). reference). On the other hand, when the degree of coincidence of the feature information is smaller than the authentication threshold and the authentication fails, the feature information is automatically extracted again from the image photographed by the sub camera 105 at that time, and the feature information is stored in the memory 410. Is compared with the feature information of the user stored in.

  As described above, in this embodiment, when the authentication fails, the authentication process is repeatedly performed continuously until a predetermined time (for example, 3 seconds) elapses and a timeout occurs, and the authentication process ends when the authentication is successful. To do. That is, a series of authentication processes is performed until the end condition is satisfied, with the end condition being successful authentication or timeout.

  For example, when the timeout time is set to 3 seconds, the authentication process is performed about 7 times at the maximum. That is, the time required for one authentication process is about 0.4 seconds, and if the authentication is successful in the first authentication process, the process proceeds to the next process with almost no waiting time after the initialization process of the sub camera 105 is completed. Can do. While the authentication process is being performed repeatedly, a finder screen is displayed on the main display unit 101, and an image of the subject with respect to the sub camera 105 is displayed in real time.

  When the authentication process is repeatedly performed, each time the authentication process is performed a plurality of times, a display corresponding to the matching degree of the feature information is displayed on the main display unit 101 as a comparison result of the feature information in the authentication process. More specifically, the color of the frame 117 of the finder screen displayed on the main display unit 101 is displayed in a color corresponding to the matching degree of the feature information. As a result, since the comparison result of the degree of coincidence of the feature information at the time of the authentication process is displayed, based on the display, whether or not the user's own face image taken at the time of the authentication process is an easily recognizable image Can be confirmed.

  However, the present invention is not limited to such a configuration, and a configuration in which the degree of coincidence of the feature information is level-displayed on the main display unit 101 using a numerical value or a graph may be used. Further, the present invention is not limited to the configuration in which the comparison results are displayed for all authentication processes, and may be any display that displays the comparison results for at least one authentication process.

  When a predetermined time elapses after the start of automatic authentication and a timeout occurs, a message indicating that the authentication has failed is displayed on the main display unit 101 (see FIG. 9E). When the user selects the re-authentication key 118 included in this display screen, the display on the main display unit 101 returns to the finder screen shown in FIG. 9B, and automatic authentication is started again. On the other hand, when the user selects the terminal security code input key 119 displayed on the main display unit 101 in FIG. 9E, the display of the main display unit 101 is switched to the terminal security code input screen that prompts the user to enter the terminal security code. (Refer FIG.9 (f)).

  When the character string input on the terminal personal identification number input screen of FIG. 9F matches the terminal personal identification number set in advance, the display on the main display unit 101 switches on / off of the secret mode. The screen is switched to the screen for the purpose (see FIG. 9D).

  On the other hand, when the character string input by the operation of the operation key 201 does not match the terminal security code set in advance on the terminal security code input screen of FIG. Is displayed (see FIG. 9G). When the character string input on the terminal security code input screen is 3 digits or less, a message indicating that a 4 to 8 character string should be input is displayed on the main display unit 101 (FIG. 9 (h)). reference). Then, after the display as shown in FIG. 9G or FIG. 9H is performed, a predetermined time elapses and a time-out occurs, or any key included in the operation key 201 is operated. And the display of the main display part 101 returns to the management function screen shown to Fig.9 (a).

  According to the configuration in which the authentication process is automatically performed again when the authentication process fails in the authentication process as in the present embodiment, the true authentication is performed by the first authentication process when the true user performs an operation. Even if it is not determined that the user is the user, the authentication process is performed again without the user performing a shooting operation. In other words, since the authentication process is automatically and repeatedly performed until it is determined that the user is a true user, the labor required for the authentication process can be reduced and the time required for the authentication process can be shortened.

  FIG. 10 is a diagram showing a display example of the PIM lock setting screen. The user can cause the main display unit 101 to display a display screen (PIM lock setting screen) for performing the PIM lock setting as illustrated in FIG. 10 by operating the operation key 201. The PIM lock setting screen displays a list of function names corresponding to each PIM lock application such as a telephone directory function, a schedule function, and an e-mail function.

  The user operates the operation key 201 on the PIM lock setting screen to arbitrarily check the check column 120 associated with each function name, thereby supporting the checked function among all the PIM lock applications. It is possible to set (lock setting) so that the authentication process is performed only when the PIM lock application to be started is started. In this embodiment, it is assumed that face authentication including a series of authentication processes as described with reference to FIG. 9 is performed when a locked PIM lock application is activated.

  FIG. 11 is a flowchart illustrating an example of the application activation process. When the user operates the operation key 201 to instruct activation of the application program (step S101), it is determined whether or not the application program is a PIM lock application set to be locked (step S102).

  At this time, if the application program instructed to start is not a PIM lock application that is set to be locked (No in step S102), the instructed application program is started as it is (step S109). On the other hand, if the application program instructed to start is a PIM lock application that is set to be locked (Yes in step S102), an authentication process is performed (step S103).

  If authentication fails in the authentication process (No in step S104), the setting contents of the PIM lock setting at that time are stored in the authentication setting storage unit 417 (step S105), and all of the authentication setting changing unit 405 The PIM lock application is set to be locked (step S106).

  As a result, when the authentication fails when starting the locked PIM lock application, the authentication process is performed not only for the PIM lock application that is already locked but also for the PIM lock application that is not locked. You can change the settings to do.

  For example, when another person tries to activate the PIM lock application by using the mobile phone 1 illegally, if authentication fails in the authentication process performed when the PIM lock application is activated, the PIM that is not locked is set. Since the setting of the lock application is changed so as to perform the authentication process, other persons cannot start all the PIM lock applications. Therefore, the privacy or security of the user can be effectively protected.

  In the present embodiment, since the setting content of the PIM lock setting is changed when authentication fails in face authentication consisting of a series of authentication processes, the setting is changed immediately when the user himself fails in the first authentication process. Can be prevented. Accordingly, when authentication fails even though the user is a true user, the setting is immediately changed to prevent the user from feeling complicated.

  On the other hand, if authentication is successful in the authentication process (Yes in step S104), if the setting content of the PIM lock setting has been changed by the authentication setting change unit 405 before that (Yes in step S107), the authentication setting return unit 406 Reads the setting contents before the change of the PIM lock setting stored in the authentication setting storage unit 417, restores the PIM lock setting to the setting contents before the change (step S108), and then starts the application program. (Step S109).

  As a result, even if the authentication fails even though the user is a true user and the PIM lock setting is changed, if the authentication is successful in the subsequent authentication processing, the PIM lock setting before the change is set. Can be restored. Therefore, when authentication fails even though the user is a true user and the PIM lock setting is changed, it is not necessary to perform a setting operation again to restore the setting contents, and convenience is improved.

Embodiment 2. FIG.
In the first embodiment, the configuration has been described in which the setting is changed so that the authentication process is performed for the PIM lock application that is not locked when authentication fails when starting the PIM lock application that is locked. However, in the second embodiment, the authentication setting changing unit 405 performs the all lock by changing the setting so that the authentication process is performed not only for the PIM lock application that is not locked but also for the non-PIM lock application. It is like that.

  FIG. 12 is a flowchart showing an example of application activation processing according to Embodiment 2 of the present invention. When the user operates the operation key 201 to instruct activation of the application program (step S201), it is determined whether or not all lock is performed at that time (step S202). At this time, if not all-locked (No in step S202), it is determined whether or not the application program is a PIM lock application that is set to be locked (step S203).

  If it is all locked (Yes in step S202), or if the application program instructed to start is a PIM lock application that is set to lock (Yes in step S203), an authentication process is performed (step S204). ). On the other hand, if the application program instructed to start is not a PIM lock application that is set to be locked (No in step S203), the instructed application program is started as it is (step S210).

  If authentication fails in the authentication process (No in step S205), the setting contents of the PIM lock setting at that time are stored in the authentication setting storage unit 417 (step S206), and the authentication setting change unit 405 displays the PIM. All lock is performed by changing the setting so that authentication processing is performed for all application programs of the lock application and the non-PIM lock application (step S207).

  On the other hand, when the authentication is successful in the authentication process (Yes in step S205), if all locked at that time (Yes in step S208), the authentication setting return unit 406 stores the all stored in the authentication setting storage unit 417. The setting contents before the lock are read out, the PIM lock setting is restored to the setting contents before the all lock (step S209), and then the application program is started (step S210).

  In the present embodiment, when the authentication fails when another person illegally uses the mobile phone 1 to activate the PIM lock application, not only the PIM lock application but also the non-PIM lock application cannot be activated. Therefore, the privacy or security of the user can be protected more effectively.

  In particular, since the setting is changed so that authentication processing is performed for all the non-PIM lock applications stored in the non-PIM lock application storage unit 416, another person illegally uses the mobile phone 1 to execute the PIM lock application. If authentication fails when trying to start, it becomes an all-lock state in which no application program can be started thereafter, and the user's privacy or security can be protected to the maximum.

  It is preferable that the shutter sound is not generated when a face image is captured in the authentication process. With such a configuration, it is possible to prevent misunderstandings such as voyeurism due to the generation of shutter sound when authentication processing is performed in an environment where there are people around the train or the like. In the present embodiment, since the shooting operation is not performed during the authentication process, it is possible to prevent misunderstanding such as voyeurism by performing the shooting operation.

  However, when it is not determined that the user is a true user within a predetermined time, the configuration is not limited to a configuration in which a timeout occurs, and a configuration in which authentication processing is repeatedly performed until authentication is successful may be used. Further, the configuration is not limited to the configuration in which the authentication process is continuously performed, and a configuration in which the authentication process is performed only once after the sub camera 105 is activated and becomes ready for photographing.

  Face authentication is not limited to automatic authentication in which authentication is started without a user's photographing operation, and is configured such that photographing is performed according to the user's photographing operation and face authentication is performed based on the photographed image. Also good.

  The PIM lock application is not limited to an application program for executing a telephone directory function, a schedule function, an e-mail function, or the like, but may be an application program corresponding to another function having a high security level and a high privacy level.

  Further, the authentication process is not limited to face authentication performed based on the face image, and may be performed based on the fingerprint image of the user as long as the image represents the user. In this case, the authentication process can be performed by extracting and comparing the feature information of the fingerprint image.

  The present invention is not limited to the contents of the above-described embodiment, and various modifications can be made within the scope of the claims.

DESCRIPTION OF SYMBOLS 1 Cellular phone 101 Main display part 102 Sub display part 103 Receiver for receiver 104 Main camera 105 Sub camera 201 Operation key 203 Microphone for transmission 400 Control part 401 Imaging unit drive control part 402 Authentication process part 402A Feature extraction part 402B Concordance calculation Unit 402C coincidence degree determination unit 403 continuous authentication unit 404 authentication execution setting unit 405 authentication setting change unit 406 authentication setting return unit 407 imaging unit activation unit 407A power-on unit 407B initialization processing unit 408 imaging control unit 409 imaging unit stop unit 410 memory 411 Display screen data storage unit 412 Image data storage unit 413 Feature information storage unit 414 Error history information storage unit 415 PIM lock application storage unit 416 Non-PIM lock application storage unit 417 Authentication setting storage unit 450 Communication department

Claims (6)

An authentication processing means for performing authentication processing;
A setting variable program storage means for storing an application program whose setting can be changed by a user operation as to whether or not to perform the authentication process at the time of activation;
For each of the application programs, authentication execution setting means for setting whether to perform the authentication processing when starting the application programs,
A portable information terminal device comprising: an authentication setting changing unit that changes a setting by the authentication execution setting unit when authentication fails in the authentication process.   The authentication setting change unit changes the setting so that the authentication process is performed for an application program that is set not to perform the authentication process by the authentication execution setting unit when authentication fails in the authentication process. The portable information terminal device according to claim 1. A setting non-variable program storage means for storing an application program that cannot be changed by a user operation as to whether or not to perform the authentication process at the time of activation,
The authentication setting changing means changes the setting so that the authentication process is performed for the application program stored in the setting non-variable program storage means when authentication fails in the authentication process. The portable information terminal device according to claim 1 or 2. Authentication setting content storage means for storing the setting content before the change by the authentication setting changing means;
An authentication setting return means for reading the setting contents before the change from the authentication setting content storage means and returning the settings when authentication is successful in the authentication processing performed after the setting change by the authentication setting changing means; The portable information terminal device according to any one of claims 1 to 3. Imaging means for photographing the subject;
Feature information storage means for previously storing feature information extracted from the face image as registered feature information;
5. The portable information terminal device according to claim 1, wherein the authentication processing unit performs an authentication process based on a captured image by the imaging unit using the registered feature information. Continuous authentication means for performing a series of authentication processes by controlling the imaging means and the authentication processing means, and performing imaging again when authentication fails in the authentication processing, and performing authentication processing based on the captured image. Prepared,
6. The portable information terminal device according to claim 5, wherein the authentication setting changing unit changes the setting by the authentication execution setting unit when authentication fails in the series of authentication processes.

Images