JP2013015955A - Personal authentication method and system - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a personal authentication technique capable of avoiding phishing without installing a computer program for generating a one-time ID (OID) in at least one of a user device and second-step authentication means.SOLUTION: When a first-step personal authentication is succeeded, first-step authentication means issues a first and a second OID to a user device. The second-step authentication means accepts an input of one of the OIDs from the user device and determines whether the ID matches the one OID stored therein. When the determination result is affirmative, the second-step authentication means transmits the other OID to the user device, and the user or the user device determines whether the other OID matches the issued other OID or not. When the determination result is affirmative, the user device inputs a user's second authentication key to the second-step authentication means, and the second-step authentication means performs the second-step personal authentication.

Description

  The present invention electronically confirms whether or not a person is a legitimate person who can perform the action when the person tries to perform an action such as credit card settlement or server logon. Related to personal authentication technology.

  As this type of technology, there is a technology described in a patent publication (Patent Document 1) acquired by the present applicant.

  Patent Document 1 discloses the following. That is, personal authentication is performed by the first stage authentication means and the second stage authentication means. The first stage authentication means accepts the input of the first authentication key from the user, and collates the input first authentication key with the first authentication key stored in advance, so that the first stage personal Authenticate. When the first stage personal authentication is successful, the first stage authentication means issues a one-time ID to the user. The second stage authentication means accepts the input of the second authentication key and the one-time ID from the user, and whether or not the input second authentication key matches the second authentication key stored in advance, and It is checked whether or not the inputted one-time ID matches the one-time ID of the user who has succeeded in personal authentication in the first stage authentication means. If both the input second authentication key and the one-time ID match, the personal authentication is successful.

  The second stage authentication means is, for example, a means included in the system of “credit company Y” in the embodiment, and the first stage authentication means is, for example, a means included in the system of “authentication support company X” in the embodiment. It is.

  Here, if there is a system impersonating the second stage authentication means, the person inputs the second authentication key and the one-time ID into the system. That is, so-called phishing is performed.

  As a technique for avoiding phishing fraud, for example, there is a technique disclosed in Patent Document 2. Patent Document 2 discloses the following. The authentication server device distributes the sub sheet data to the client device and the service server device. Each of the client device and the service server device generates a one-time ID based on the distributed sub-sheet data. Thereafter, mutual authentication is performed. That is, the client device transmits the generated wine time ID to the service server device, and the service server device compares the one-time ID with the one-time ID generated by itself. Similarly, the service server device transmits the generated wine time ID to the client device, and the client device compares the one-time ID with the one-time ID generated by itself. If mutual authentication is successful, personal authentication is successful.

Japanese Patent No. 4587346 Japanese Patent No. 4344783

  Although Patent Document 2 can be expected to avoid phishing, there is a trouble that a computer program for generating a one-time ID must be installed in both the client device and the service server device. In recent years, a person generally owns a plurality of client devices (for example, a stationary personal computer at home and a portable information processing terminal (for example, a smartphone)), and a predetermined computer program is installed on each client device. If you have to do it, it takes more time.

  Moreover, it is not preferable from the viewpoint of reliability to install the same program on both the client device and the service server device. This is because if the program is illegally analyzed from one device, a one-time ID for successful authentication can be created for the other device based on the result of the analysis.

  Accordingly, an object of the present invention is to provide a personal authentication technique capable of avoiding phishing without installing a computer program for generating a one-time ID in at least one of the user device and the second stage authentication means. is there.

  There are first stage authentication means and second stage authentication means. The first stage authentication means stores the user's first authentication key and the user's management master ID, but does not store the user's second authentication key. On the other hand, the second stage authentication means stores the second authentication key and the management master ID, but does not store the first authentication key.

  According to the first aspect, when the first stage of personal authentication is successful (the result of the determination whether the first authentication key input from the user device matches the stored first authentication key is positive) The first stage authentication means issues first and second one-time IDs and transmits the first and second one-time IDs to the user apparatus. The second stage authentication means receives the input of the first one-time ID from the user device and determines whether the one-time ID matches the stored first one-time ID. If the result of this determination is affirmative, the second stage authentication means transmits the second one-time ID to the user device. The user or user device determines whether or not the second one-time ID matches the second one-time ID received from the first stage authentication means. If the result of this determination is affirmative, the user apparatus inputs the user's second authentication key to the second stage authentication means, and the second stage authentication means performs the second stage personal authentication.

  For example, the first one-time ID may be a one-time ID for personal authentication, and the second one-time ID may be, for example, a one-time ID for avoiding phishing.

  According to the second aspect, the second one-time ID is issued by the user device instead of the first stage authentication means. Specifically, for example, the first stage authentication means receives the second one-time ID from the user device at the timing of receiving the input of the first authentication key or at a different timing. If the first-stage personal authentication is successful, the first-stage authentication means issues a first one-time ID and transmits the first one-time ID to the user device. Further, the first-stage authentication means sends the second-stage authentication means to the management master ID of the user who has succeeded in the first-stage personal authentication, the issued first one-time ID, and the second one-time received from the user device. ID is notified. The second stage authentication means receives the input of the first one-time ID from the user device, and determines whether the first one-time ID matches the stored first one-time ID. If the result of the determination is affirmative, the second stage authentication means transmits the stored second one-time ID to the user device. The user or user device determines whether or not the second one-time ID matches the second one-time ID input to the first stage authentication means. If the result of the determination is affirmative, the user apparatus inputs the user's second authentication key to the second-stage authentication means, and the second-stage authentication means uses the second-stage authentication means, as in the first aspect. Authentication is performed.

  According to the third aspect, the second one-time ID is issued by the second stage authentication means instead of the first stage authentication means. Specifically, for example, the second stage authentication unit issues a second one-time ID associated with the user's management master ID, and transmits the second one-time ID to the first stage authentication unit. If the first-stage personal authentication is successful, the first-stage authentication means issues a first one-time ID, and the user apparatus receives the issued first one-time ID and the second-stage authentication means received from the second-stage authentication means. Send a one-time ID. Thereafter, the same processing as in the first aspect is performed.

  In any of the first to third aspects, after a match is obtained for the first and second one-time IDs, the second authentication key of the user is input from the user device to the second stage authentication unit. Instead, the second authentication key is the same timing as the timing at which the first one-time ID is input from the user device to the second stage authentication means, the timing before that timing, or after that timing. Alternatively, the second one-time ID may be input from the user device to the second-stage authentication unit at a timing prior to being sent from the second-step authentication unit to the user device.

FIG. 1 shows a basic configuration of a personal authentication system according to the first embodiment of the present invention. FIG. 2 shows a part of the flow of the personal authentication method according to the first embodiment of the present invention. FIG. 3 shows a continuation of FIG. FIG. 4 shows a continuation of FIG. FIG. 5 shows a continuation of FIG. FIG. 6 shows a part of the flow of the personal authentication method according to the second embodiment of the present invention. FIG. 7 shows a part of the flow of the personal authentication method according to the third embodiment of the present invention. FIG. 8 shows a part of the flow of the personal authentication method according to the fourth embodiment of the present invention. FIG. 9 shows a part of the flow of the personal authentication method according to the fifth embodiment of the present invention. FIG. 10 shows a part of the flow of the personal authentication method according to the sixth embodiment of the present invention. FIG. 11 shows a part of the flow of the personal authentication method according to the seventh embodiment of the present invention. FIG. 12 shows a modification of the configuration of data including the first and second one-time IDs.

  Hereinafter, several embodiments of the present invention will be described with reference to the drawings.

  FIG. 1 shows a basic configuration of a personal authentication system according to the first embodiment of the present invention.

  The computer system of the organization Y provides a specific service provided from the organization Y to a certain user 1 (for example, when the organization Y is a credit company and provides a credit payment service, or When Y is a system operating company and is logged on to the company's server, etc.), the user 1 is personally authenticated.

  The organization Y that requires the personal authentication of the user 1 in this way is referred to as “authentication company” in this specification. The computer system 6 of the authentication company Y is hereinafter referred to as “authentication system 6”. The authentication system 6 may include, for example, a communication interface device for communicating with the mobile phone 2 and the authentication support system 3, a storage device that stores the database 7, a memory, and a processor connected thereto. By executing the computer program, the processor can perform the processing described below performed by the authentication system 6 while appropriately using the memory and / or the communication interface device. The storage device that stores the database 7 may exist outside the authentication system 6 and may be communicably connected to the authentication system 6.

  The organization X is an organization for supporting personal authentication by the authentication company Y. The organization X may be a company different from the certification company Y. The organization X for authentication support is referred to as “authentication support company” in this specification. The computer system 3 of the authentication support company X is hereinafter referred to as “authentication support system 3”. The authentication support system 3 is communicably connected to the authentication system 6. The authentication support system 3 may include, for example, a communication interface device for communicating with the mobile phone 2 and the authentication system 6, a storage device that stores the database 4, a memory, and a processor connected thereto. By executing the computer program, the processor can perform the processing described below performed by the authentication support system 3 while appropriately using the memory and / or communication interface device. The storage device that stores the database 4 may exist outside the authentication support system 3 and may be communicably connected to the authentication support system 3.

  The authentication support system 3 and the authentication system 6 can communicate with a user device that is an information processing device used by the user 1. The user device may be a stationary device or a portable device. In this embodiment, it is assumed that the user device is the mobile phone 2. Instead of the mobile phone 2, other types of mobile communication terminals such as a smartphone, a laptop personal computer, or a car navigation device may be used.

  Next, a method for registering the personal information of the user 1 with respect to the authentication company Y (authentication system 6) and the authentication support company X (authentication support system 3) will be described.

  There are a first authentication key 11 and a second authentication key 12 as user 1 authentication keys. An example of the first authentication key 11 is a member ID 11, and an example of the second authentication key 12 is a password 12. At least one of the authentication keys 11 and 12 may be an authentication key unique to the user. The user 1 usually keeps the member ID 11 and the password 12 secret from others. The member ID 11 and the password 12 are different from a mobile phone number 21 described later. The mobile phone number 21 is an ID unique to the mobile communication terminal 2. As the ID unique to the mobile communication terminal 2, another type of ID (for example, a MAC address or a serial number for the mobile communication terminal 2) may be adopted instead of the mobile phone number 21.

  In step 101 (hereinafter referred to as S101), the user 1 uses his / her mobile phone 2 to call the authentication system 6 of the desired authentication company Y (or to send a document or to a WWW (World Wide Wave) service. Communicate via another appropriate method, etc.) and apply for membership registration. At the time of this application, the user 1 gives his / her mobile phone number 21 (phone number of the mobile phone 2) and password 12 in addition to his normal membership registration items such as his / her address, name, date of birth and service he / she wants to use. Notify the authentication system 6 (in addition, if a call is made from the mobile phone 2, the call number 21 is usually automatically notified to the authentication system 6).

  The authentication system 6 assigns a unique ID (hereinafter referred to as a management master ID) 13 to the user 1 so as to register the user 1 as a member if the application contents of the user 1 satisfy a necessary condition for becoming a member. The management master ID 13, the mobile phone number 21, the password 12, and the normal member registration items are registered in the database 7 as member data unique to the user 1. The management master ID 13 is different from the first authentication key such as the member ID 11 and the second authentication key such as the password 12. It is desirable that the management master ID 13 is known only by the authentication support system 3 and the authentication system 6, and does not know other than the systems 3 and 6 (for example, the user). The first and second authentication keys are not assigned to a user device such as the mobile phone 2 but are assigned to individual users.

  Subsequently, in S102, the authentication system 6 registers the management master ID 13 and the mobile phone number 21 of the registered user 1 and the information necessary for authentication support, preferably the minimum information such as the name, among the normal member registration items. Only (that is, personal information other than the name, for example, address and contact information are not included for the confidentiality of the personal information) is notified to the authentication support system 3 of the authentication support company X. Here, the password 12 of the user 1 is kept secret in the authentication system 6 and is not notified to the authentication support system 3.

  Thereafter, in S103, the user 1 makes a call to the authentication support system 3 using his / her mobile phone 2 (or responds to a call received from the authentication support system 3 to the mobile phone 2 of the user 1). In addition to confirming the authentication company Y and the normal member registration items, the mobile phone 2 notifies the authentication support system 3 of the mobile phone number 21 (phone number of the mobile phone 2) and the member ID 11 (note that When the user 1 makes a call from the mobile phone 2 to the authentication support system 3, the calling number is usually automatically notified to the authentication support system 3, while the authentication support system 3 calls the mobile phone 2. If the person who responds to the call is confirmed to be one user, the mobile phone number 21 is also confirmed by itself).

  When the authentication support system 3 can confirm that the normal member registration items and the mobile phone number are correct by telephone communication with the user 1, the authentication support system 3 is connected to the mobile phone number 21 of the user 1 to register the user 1 as a member. The member ID 11, the management master ID 13, and the normal member registration items are registered in the database 4 as member data unique to the user 1. Here, the member ID 11 of the user 1 is kept secret in the authentication support system 3 and is not notified to the authentication system 6.

  The member ID 11 is shared by the user 1 and the authentication support system 3. The person who knows the member ID 11 is only the authentication support system 3 except for the user 1. The password 12 is shared between the user 1 and the authentication system 6. The person who knows the password 12 is only the authentication system 6 except for the user 1.

  Accordingly, the authentication support system 3 knows the member ID 11 of the user 1 but does not know the password 12. On the other hand, the authentication system 6 knows the password 12 but does not know the member ID 11. Thus, only the user 1 knows both of the two authentication keys unique to the user 1 (member ID 11 and password 12).

  The member ID 11 and the password 12 are individually managed in a state of being separated from each other by separate systems (organizations) called the authentication support system 3 and the authentication support system 6. The authentication support system 3 and the authentication system 6 separately manage the member ID 11 and the password 12 separately, and one system (organization) does not teach the key to the other system (organization).

  As described above, since the two authentication keys (member ID 11 and password 12) unique to the user 1 are separated and secretly managed, the reliability of the personal authentication of the user 1, that is, the safety, as will be described in detail later. Improves. The third key is used to associate the two authentication keys managed in this way. This third key is a key that can be used temporarily or once, and is referred to as a “one-time ID” in this specification. There are first and second one-time IDs as one-time IDs. The first and second one-time IDs are issued from the authentication support system 3 to the user 1 and the authentication system 6, for example. Note that at least one of the first and second one-time IDs may be displayed, and when displayed, as at least one of a plurality of types of objects such as numbers, characters, codes, graphics, images, and photographs. It may be displayed. That is, at least one of the first and second one-time IDs may be at least one of a plurality of types of objects such as numbers, characters, codes, graphics, images, and photographs.

  In FIG. 1, information sent from the mobile phone 2 to the authentication system 6 (for example, information sent in S <b> 101) is preferably sent to the authentication system 6 without going through the authentication support system 3. Similarly, in FIG. 1, information (for example, information sent in S103) sent from the mobile phone 2 to the authentication support system 3 is preferably sent to the authentication support system 3 without going through the authentication system 6.

  The method for registering information in at least one of the authentication support system 3 and the authentication system 6 is not limited to the above method, and other types of methods may be employed. For example, when the mobile phone 2 accesses the system 3 or 6 through a communication network such as the Internet, the user inputs information into a GUI (Graphical User Interface) displayed on the screen of the mobile phone 2 in response to the access. Information may be registered. That is, communication (transmission / reception of information) according to a predetermined communication protocol such as HTTP (Hypertext Transfer Protocol) is adopted for communication between the mobile phone 2 and at least one of the systems 3 and 6 instead of or in addition to voice communication. May be.

  The user device that registers information in the authentication support system 3 and the user device that registers information in the authentication system 6 may be the same or different.

  Hereinafter, with reference to FIGS. 2 to 5, a procedure of personal authentication performed in the present embodiment will be described. Although only one company is shown in FIGS. 2 to 5 for the authentication company Y, there are usually a plurality of companies. Even in that case, there may be only one authentication support company X (of course, there may be a plurality of companies, but this specification focuses only on personal authentication performed with the support of one authentication support company X). To explain)

  First, as shown in FIG. 2, the user 1 calls the authentication support system 3 from his mobile phone 2. The authentication support system 3 automatically responds to the incoming call and compares the mobile phone number 21 from the mobile phone 2 with the member phone number list registered in the database 4. As a result of the collation, if the call number 21 matches a registered member's telephone number, the authentication support system 3 displays a service menu (for example, voice guidance) prepared for the member by the mobile phone of the user 1. Send to phone 2.

  The user 1 first selects a desired service of a desired authentication company Y (for example, a credit settlement service of a desired credit company) using the numeric keypad (or voice recognition function) of the mobile phone 2 according to the service menu. Subsequently, the member ID 11 is input. The cellular phone 2 sends this member ID 11 to the authentication support system 3 (S1). Note that the unique ID of the mobile phone 2 may be input at the same timing as or later than the input of the member ID 11.

  The authentication support system 3 determines whether or not the received member ID 11 matches the member ID 11 of the matched member registered in the database 4 (S2). This is the first stage authentication. The positive result of the determination in S2 means that the first-stage authentication is successful. In the description of this specification, “match” is not limited to a perfect match, and may be a substantial match. For example, when one of the one-time IDs to be compared is hashed, the other is also hashed, the hash values are compared, and a match as a result of the comparison may be used.

  Next, as shown in FIG. 3, the authentication support system 3 sets the first and second one-time IDs 31 and 32 when the determination result of S2 is affirmative (that is, when the first-stage authentication is successful). Issue. The authentication support system 3 notifies the one-time IDs 31 and 32 to the mobile phone 2 of the user 1 and also notifies the authentication system 6 of the desired authentication company Y selected by the user 1 in the service menu (S3). The one-time IDs 31 and 32 may be unique codes different from any other one-time IDs handled (or possibly handled) by the authentication support system 3 and the authentication system 6.

  The database 4 of the authentication support system 3 includes, as the data of each member, in addition to the above-described mobile phone number 21 and member ID 11, an ID uniquely assigned to the member by the authentication system 6 to identify the member. (Hereinafter referred to as “management master ID 13”) is also registered. When the authentication support system 3 notifies the authentication system 6 of the one-time IDs 31 and 32 issued to the user 1, the management master ID 13 of the user 1 (that is, the member who has obtained success in the first-stage authentication) is also included. To the authentication system 6. Accordingly, the authentication system 6 can recognize to which member the notified one-time IDs 31 and 32 are issued.

  The authentication system 6 stores the notified one-time IDs 31 and 32 in the database 7 as the one-time IDs 31 and 32 of the members who received the issuance. Specifically, the authentication system 6 associates the notified one-time IDs 31 and 32 with the management master ID in the database 7 that matches the notified management master ID 13. In the database 7 of the authentication system 6, a password is associated with the management master ID for each member who can use the authentication system 6.

  Next, as shown in FIG. 4, the user 1 uses the mobile phone 2 to send the user's first one-time ID 31 from the mobile phone 2 to the authentication system 6 (S4). In the database 7 shown in FIG. 4, the part surrounded by a dotted line is information received from the authentication support system 3 and the other part is information stored in advance.

  The authentication system 6 receives the first one-time ID 31 from the mobile phone 2 and searches the database 7 for a first one-time ID that matches the received first one-time ID 31 (S4B).

  As a result, when a first one-time ID that matches the received first one-time ID 31 is found from the database 7 (that is, when a match for the first one-time ID is obtained in the authentication system 6), the authentication system 6 As shown in FIG. 5, the mobile phone 2 is notified of the second one-time ID 32 (S5).

  When the mobile phone 2 receives the second one-time ID 32, does the mobile phone 2 (or the user 1 visually) match the second one-time ID 32 with the second one-time ID 32 notified from the authentication support system 3? It is determined whether or not (S6).

  When the result of the determination in S6 is affirmative, the user 1 notifies the password 12 from the mobile phone 2 to the authentication system 6 (S7).

  The authentication system 6 determines whether or not the password 12 notified from the mobile phone 2 matches the password 12 of the user 1 stored in the database 7 (S8). That is, the second stage authentication is performed. If the result of the determination in S8 is affirmative (when a match with the password 12 of the user 1 is obtained), the authentication system 6 determines that the user 1 is a member. That is, the second stage authentication of the user 1 is successful.

  According to the present embodiment, if the mobile phone 2 is not the authentication system 6 but the computer system of the person (organization or individual) who is attempting to acquire specific information from the user 1 illegally by phishing, the second one-time ID 32 is obtained. Is received, the result of the determination in S6 is negative (that is, the mobile phone 2 cannot obtain a match for the second one-time ID). In this case, the user 1 can avoid inputting the password 12 from the mobile phone 2 to the computer system. That is, phishing can be avoided.

  Further, according to the present embodiment, the mobile phone 2 and the authentication system 6 determine whether or not a match is obtained for the one-time ID, respectively, but the first and second one-time IDs are the authentication support system 3. Issued (generated). For this reason, the trouble of installing a computer program for generating a one-time ID in both the mobile phone 2 and the authentication system 6 is unnecessary.

  In a series of personal authentication flows, information (for example, a member ID) sent from the mobile phone 2 to the authentication system 6 is preferably sent to the authentication system 6 without going through the authentication support system 3. Information (for example, password) sent from the mobile phone 2 to the authentication support system 3 is preferably sent to the authentication support system 3 without going through the authentication system 6.

  Information (for example, the first one-time ID) transmitted from the authentication support system 3 to the mobile phone 2 may be sent to the mobile phone 2 without going through the authentication system 6. Information (for example, the second one-time ID) transmitted from the authentication system 6 to the mobile phone 2 may be sent to the mobile phone 2 without going through the authentication support system 3.

  In addition, a user device (for example, a user device that transmits a member ID) used in the first stage personal authentication and a user device (for example, a user device that transmits a password) used in the second stage personal authentication. ) May be the same or different. For example, the first stage of personal authentication may be performed using the mobile phone 2, and the second stage of personal authentication may be performed using a personal computer.

  Communication between the mobile phone 2 and at least one of the systems 3 and 6 employs communication (transmission / reception of information) according to a predetermined communication protocol such as HTTP (Hypertext Transfer Protocol) instead of or in addition to voice call. May be. For example, as a method of selecting the authentication company Y using the mobile phone 2, a method of inputting a number corresponding to the authentication company desired by the user with free guidance may be used, or a WEB screen (typically, A list of authentication companies may be displayed on the WEB screen from the authentication support system 3, and an authentication company desired by the user may be selected from the list. Note that, for example, the following method may be employed as a method for creating the list of authentication companies displayed on the WEB screen. That is, the system 6 of each authentication company stores the ID (for example, a mobile phone number) of the user device, and when the user registers information with respect to the system 6, the user enters the system 3 of the authentication support company. It may be approved that the user may notify that the information has been registered in the system 6 of the authentication company. The authentication system 6 that has obtained the approval may notify the authentication support system 3 of the user device ID (or management master ID) of the user and the name of the authentication company. When the authentication support system 3 associates the name of the authentication company or the like with the user device ID or management master ID and accepts the selection of the authentication company from the user, the authentication support system 3 is associated with the user device ID or management master ID of the user. A WEB screen of a list of authentication company names and the like may be provided to the user's mobile phone 2. Thereby, the user can select a plurality of authentication companies in one procedure.

  Further, at least one of the first authentication key and the second authentication key may be one for each authentication system 6 or may be the same for a plurality of authentication systems 6.

  In addition, the first one-time ID may be a combination of at least one of letters, numbers, and codes that can be input by the user through a key operation, and the second one-time ID is different from the first one-time ID. It may be an ID of a type, that is, an ID that cannot be input by key operation (for example, an image or a photograph). In the determination of the coincidence of the second one-time ID, for example, the image or photo A as the second one-time ID from the authentication support system 3 and the second one-time ID from the authentication system 6 are displayed on the screen of the mobile phone 2. Or the image B may be displayed at the same time. The user compares the image or photograph A with the image or photograph B, and can determine that the authentication system 6 is valid if they are the same.

  In the present embodiment, the one-time IDs 31 and 32 may be as follows.

  That is, the first one-time ID 31 may be a one-time ID for personal authentication, and the second one-time ID may be a one-time ID for avoiding phishing. The one-time ID may be an object such as a medium that associates the first authentication key with the second authentication key.

  Further, when a match is obtained in the comparison between the one-time IDs, the mobile phone 2 or the authentication system 6 gives a status indicating “used” to the one-time ID 31 (32) used in the authentication, and It may be reported to the authentication support system 3 that the one-time ID 31 (32) is “used”. The one-time ID 31 (32) that has become “used” may not be used for personal authentication again.

  In addition, when a match is not obtained in the comparison between the one-time IDs, the mobile phone 2 or the authentication system 6 may not give the “used” status to the one-time ID 31 (32).

  Further, when the one-time ID 31 (32) has an expiration date, even if the one-time ID 31 (32) is not used for personal authentication, the mobile phone 2 and the authentication system 6 are used when the expiration date has passed. May give a status indicating "expired" to the one-time ID 31 (32). Then, the mobile phone 2 or the authentication system 6 may report to the authentication support system 3 that the one-time ID 31 (32) has expired.

  The one-time ID 31 (32) that has become “used” and the one-time ID 31 (32) that has become “expired” may not be used again for personal authentication until the predetermined period has passed.

  Therefore, the one-time ID 31 (32) used for personal authentication may be the one-time ID 31 (32) that is “unused” and not “expired”. However, the one-time ID 31 (32) that has become “used” and the one-time ID 31 (32) that has become “expired” are used for the purpose of detecting unauthorized double use of the one-time ID 31 (32). It may be done.

  The second embodiment of the present invention will be described below. At that time, the difference from the first embodiment will be mainly described, and the description of the common points with the first embodiment will be omitted or simplified (this is the case after the third embodiment later). Is the same).

  In the second embodiment, the mobile phone 2 issues a second one-time ID instead of the authentication support system 3.

  FIG. 6 shows a part of the flow of the personal authentication method according to the second embodiment of the present invention.

  The mobile phone 2 inputs the second one-time ID to the authentication support system 3 when inputting the member ID or when the first stage personal authentication is successful (S1A). There are several possible input methods. For example, the mobile phone 2 may issue a second one-time ID in response to an operation from the user and transmit the second one-time ID to the authentication support system 3. Alternatively, the mobile phone 2 displays a GUI (Graphical User Interface) screen from the authentication support system 3, and the user performs a specific operation on the GUI screen, so that the authentication support system 3 has a second one-time ID. May be entered.

  The authentication support system 3 transmits the first one-time ID generated when the first-stage personal authentication is successful to the mobile phone 2 (S3A), and the first one-time ID and the mobile phone 2 The second one-time ID and the management master ID are transmitted to the authentication system 6 (S3).

  Further, S6 ′ is performed instead of S6 of the first embodiment. That is, when the mobile phone 2 receives the second one-time ID 32, the mobile phone 2 (or the user 1 visually confirms), and the second one-time ID 32 is input to the authentication support system 3 by the mobile phone 2 in S1A. It is determined whether or not it matches the one-time ID 32 (S6).

  In the third embodiment, the authentication system 6 issues a second one-time ID instead of the authentication support system 3.

  FIG. 7 shows a part of the flow of the personal authentication method according to the third embodiment of the present invention.

  If the member ID 11 of the user 1 matches the member ID 11 in the database 4 in S2, the authentication support system 3 issues a management master ID 13 and a first one-time ID 31 to the authentication system 6 (S3 ′).

  The authentication system 6 receives the first one-time ID 31 and the master management ID 13 from the authentication support system 3, generates a second one-time ID 32 for the user 1, and sends the second one-time ID 32 to the authentication support system 3. Issue (S42). The authentication system 6 stores the first one-time ID 31 from the authentication support system 3 and the second one-time ID 32 issued to the authentication support system 3 in the database 7 as the one-time IDs 31 and 32 of the user 1.

  The authentication support system 3 stores the first one-time ID 31 and the second one-time ID 32 in the database 4 as the one-time IDs 31 and 32 of the user 1, and the first one-time ID 31 and the second one-time ID for the mobile phone 2. The time ID 32 is transmitted (S3).

  As described above, in the third embodiment, the second one-time ID 32 is generated by the authentication system 6 and transmitted to the mobile phone 2 via the authentication support system 3. The second one-time ID is a one-time ID for avoiding phishing. In the third embodiment, although the trouble of installing a computer program for generating a one-time ID in the authentication system 6 occurs, the trouble of installing such a computer program in the mobile phone 2 still does not arise.

  FIG. 8 shows a part of the flow of the personal authentication method according to the fourth embodiment of the present invention.

  In the fourth embodiment, S7 in the first embodiment is executed at the same timing as S4 in the first embodiment, before S4, or after S4 but before S5. .

  Specifically, for example, after S3, the user 1 notifies the authentication system 6 of the password 12 using the mobile phone 2 (S31). The authentication system 6 receives the password 12, and searches the database 7 for a password 12 that matches the received password 12 (S32).

  As a result, if such a password 12 is found from the database 7, the authentication system 6 notifies the mobile phone 2 of the second one-time ID 32 (or the first one-time ID 31) (S33). The mobile phone 2 receives the one-time ID 32 (or 31) from the authentication system 6, and the mobile phone 2 or the user 1 receives the received one-time ID 32 (or 31) from the authentication support system 3. 31) is determined (S34).

  If the result of the determination in S34 is affirmative, the user 1 notifies the authentication system 6 of the one-time ID 31 (or 32) not notified from the authentication system 6 from the mobile phone 2 (S35). The authentication system 6 determines whether the one-time ID 31 (or 32) notified from the mobile phone 2 matches the one-time ID 31 (or 32) corresponding to the management master ID of the user 1 registered in the database 7. Is determined (S36).

  If the result of the determination in S36 is also affirmative, the authentication system 6 determines that the user 1 is a member. That is, personal authentication is successful.

  Note that S35 and S36 may be performed prior to S33 and S34. For example, if the matching password 12 is found in S32, the authentication system 6 transmits predetermined information to the mobile phone 2, and the mobile phone 2 may start S35 when the predetermined information is received.

  FIG. 9 shows a part of the flow of the personal authentication method according to the fifth embodiment of the present invention.

  In the first to fourth embodiments, the authentication support system 3 actively transmits the management master ID 13 and the one-time ID 31 (and 32) to the authentication system 6 without an inquiry from the authentication system 6 in S3. In the sixth embodiment, when receiving an inquiry from the authentication system 6 (S21), the authentication support system 3 transmits the management master ID 13 and the one-time ID 31 (and 32) to the authentication system 6 (S3). .

  FIG. 10 shows a part of the flow of the personal authentication method according to the sixth embodiment of the present invention.

  If the first stage personal authentication is successful, the authentication support system 3 notifies the authentication system 6 of the mobile phone number 21 in addition to the first one-time ID 31 (and the second one-time ID 32) and the management master ID 13 ( S3 ').

  The mobile phone 2 transmits the mobile phone number 21 to the authentication system 6 in addition to the first one-time ID 31 (S4 ′). In addition to determining whether or not the first one-time ID 31 matches the stored first one-time ID 31, the authentication system 6 determines that the mobile phone number 21 from the mobile phone 2 is stored in the stored mobile phone number. Judgment is made whether or not 21 is matched.

  If a positive result is obtained for both of these determinations, the authentication system 6 transmits the second one-time ID 32 to the mobile phone 2.

  In the present embodiment, the mobile phone 2 may transmit the mobile phone number 21 to the authentication system 6 at a timing different from the timing at which the first one-time ID 31 is transmitted.

  FIG. 11 shows a part of the flow of the personal authentication method according to the seventh embodiment of the present invention.

  In S3 of the first embodiment, the one-time unit 311 that is data including the first and second one-time IDs 31 and 32 is transmitted from the authentication support system 3 to the mobile phone 2 (S3).

  User 1 operates mobile phone 2 to obtain one-time IDs 31 and 32 from one-time unit 311. Specifically, for example, the user 1 divides the one-time unit 311 into two (S52). One of the divided parts is a one-time ID 31, and the remaining part is a one-time ID 32. Therefore, for example, the one-time ID 31 transmitted in S4 is one part divided from the one-time unit 311, and the one-time ID 32 compared in S6 is the remaining divided part.

  In the present embodiment, the one-time unit 311 may be transmitted from the authentication support system 3 to the authentication system 6, or the already divided one-time IDs 31 and 32 may be transmitted. The division may be performed by the authentication support system 3.

  In the present embodiment, one of the divided parts may be the one-time ID 32 and the remaining part may be the one-time ID 31.

  In this embodiment, the user 1 may operate the mobile phone 2 to divide the one-time unit 311 at an arbitrary position of the user 1 in the unit 311. In that case, the mobile phone 2 transmits to the authentication support system 3 and / or the authentication system 6 division position information (for example, information indicating the number of bytes from the head of the one-time unit 311) that is information indicating the divided position. good. One of the systems 3 and 6 may notify the division position information to the other of the systems 3 and 6. At least one of the systems 3 and 6 can know the division position in the one-time unit 311 by receiving the division position information from the mobile phone 2 or the other of the systems 3 and 6. For example, the authentication support system 3 may divide the one-time unit 311 based on the division position information and transmit the divided IDs 31 and 32 to the authentication system 6. Alternatively, for example, the authentication system 6 may receive the one-time unit 311 from the authentication support system 3 and divide the one-time unit 311 based on the division position information.

  Although several embodiments of the present invention have been described above, the present invention is not limited to these embodiments.

  For example, in the above embodiment, the user 1 transmits and receives data to and from the authentication support system 4 of the authentication support company X and the authentication system 6 of the authentication company Y using the mobile phone 2 owned by the user 1. It can also be performed using a user device other than the mobile phone 2. As the user device, for example, when the user 1 is going to shop by credit settlement at a certain store, the point-of-sale terminal (POS) terminal of the store or the user 1 is his personal computer. If you are trying to log on to a server from, you indicate that personal computer.

  In addition, for example, the user device that transmits the first one-time ID to the authentication system 6 and the user device that receives the second one-time ID from the authentication system 6 may be different user devices used by the same user. . For example, one one-time ID may be transmitted from a mobile phone and the other one-time ID may be received by a personal computer.

  Further, for example, the authentication support system 3 may provide the mobile phone 2 with a screen (hereinafter, divided screen) that divides the one-time unit 311 into n (n is an integer of 2 or more) data portions. The user 1 can determine to divide the one-time unit 311 into n by inputting a value to be substituted for the variable n of the divided screen displayed on the mobile phone 2. When the value of n is input by the user 1 (for example, n = 5, see FIG. 12) and the one-time unit 311 is divided into n pieces, the one-time ID is set in a part of the divided n data portions. The remaining one-time ID 32 is configured. The size of the n data portions may be uniform or non-uniform. Further, a part and the rest of the n data portions may be determined by the user 1 or may be determined by the authentication support system 3. Information indicating the divided positions (division position information) in the one-time unit 311 may be transmitted from the mobile phone 2 or the authentication support system 3 to the authentication system 6.

  Further, for example, in the one-time unit 311, at least one of the one-time IDs 31 and 32 may be distributed.

  Further, for example, the authentication support system 3 and the authentication system 6 may be integrated.

  For example, the authentication support system 3 and the authentication system 6 may be in different hardware or in the same hardware. Specifically, for example, the authentication support system 3 and the authentication system 6 may be logically separated in one server system (for example, a blade server system including a plurality of blade servers (hardware)).

  DESCRIPTION OF SYMBOLS 1 ... User, 2 ... Mobile telephone, 3 ... Authentication support system, 6 ... Authentication system

Claims (17)

First-stage authentication means storing the first authentication key of the user and the management master ID of the user, but not storing the second authentication key of the user, the second authentication key, and the management A personal authentication method performed by a second stage authentication unit that stores a master ID but does not store the first authentication key,
(A) The first stage authentication means receives a first authentication key input from a user device which is an information processing device used by the user, and stores the input first authentication key and the stored information. Performing a first stage personal authentication by collating with a first authentication key;
(B) when the first stage personal authentication is successful, the first stage authentication means issues first and second one-time IDs;
(B ′) the first stage authentication means transmitting the first and second one-time IDs to the user device;
(C) The first-stage authentication unit notifies the second-stage authentication unit of the management master ID of the user who has succeeded in the first-stage personal authentication and the first and second one-time IDs. Steps,
(D) The second-stage authentication unit stores the first and second one-time IDs notified from the first-stage authentication unit as the one-time ID of the user corresponding to the notified management master ID. And steps to
(E) The second stage authentication means receives the input of the first one-time ID transmitted in the (b ′) from the user device, and the first one-time ID becomes the management master ID of the user. Correspondingly determining whether the first one-time ID stored in (d) matches,
(F) If the result of the determination in (e) is affirmative, the second stage authentication means transmits the stored second one-time ID to the user device;
(G) the user or the user device determining whether the second one-time ID transmitted in (f) matches the second one-time ID issued in (b);
(H) If the result of the determination in (g) is affirmative, the user device inputs a second authentication key of the user to the second stage authentication means;
(I) The second-stage authentication unit receives an input of a second authentication key from the user device, and collates the input second authentication key with the stored second authentication key. A personal authentication method comprising: performing a second stage personal authentication. First-stage authentication means storing the first authentication key of the user and the management master ID of the user, but not storing the second authentication key of the user, the second authentication key, and the management A personal authentication method performed by a second stage authentication unit that stores a master ID but does not store the first authentication key,
(A) The first stage authentication means receives a first authentication key input from a user device which is an information processing device used by the user, and stores the input first authentication key and the stored information. Performing a first stage personal authentication by collating with a first authentication key;
(A ′) receiving a second one-time ID from the user device at a timing when the first stage authentication means receives the input of the first authentication key or at a different timing;
(B) if the first stage personal authentication is successful, the first stage authentication means issues a first one-time ID;
(B ′) the first stage authentication means transmitting the first one-time ID to the user device;
(C) The first-stage authentication unit notifies the second-stage authentication unit of the management master ID of the user who has succeeded in the first-stage personal authentication and the first and second one-time IDs. Steps,
(D) The second-stage authentication unit stores the first and second one-time IDs notified from the first-stage authentication unit as the one-time ID of the user corresponding to the notified management master ID. And steps to
(E) The second stage authentication means receives the input of the first one-time ID transmitted in the (b ′) from the user device, and the first one-time ID becomes the management master ID of the user. Correspondingly determining whether the first one-time ID stored in (d) matches,
(F) If the result of the determination in (e) is affirmative, the second stage authentication means transmits the stored second one-time ID to the user device;
(G) the user or the user device determining whether the second one-time ID transmitted in (f) matches the second one-time ID input in (a ′);
(H) If the result of the determination in (g) is affirmative, the user device inputs a second authentication key of the user to the second stage authentication means;
(I) The second-stage authentication unit receives an input of a second authentication key from the user device, and collates the input second authentication key with the stored second authentication key. A personal authentication method comprising: performing a second stage personal authentication. First-stage authentication means storing the first authentication key of the user and the management master ID of the user, but not storing the second authentication key of the user, the second authentication key, and the management A personal authentication method performed by a second stage authentication unit that stores a master ID but does not store the first authentication key,
(A) The first stage authentication means receives a first authentication key input from a user device which is an information processing device used by the user, and stores the input first authentication key and the stored information. Performing a first stage personal authentication by collating with a first authentication key;
(A ′) the second stage authentication means issuing a second one-time ID associated with the user's management master ID, and transmitting the second one-time ID to the first stage authentication means;
(B) if the first stage personal authentication is successful, the first stage authentication means issues a first one-time ID;
(B ′) the first stage authentication means transmitting the first and second one-time IDs to the user device;
(C) the first stage authentication means notifying the second stage authentication means of the management master ID of the user who has succeeded in the first stage personal authentication and the first one-time ID;
(D) the second stage authentication means storing the first one-time ID notified from the first stage authentication means as the one-time ID of the user corresponding to the notified management master ID; ,
(E) The second stage authentication means receives the input of the first one-time ID transmitted in the (b ′) from the user device, and the first one-time ID becomes the management master ID of the user. Correspondingly determining whether the first one-time ID stored in (d) matches,
(F) If the result of the determination in (e) is affirmative, the second stage authentication means transmits the stored second one-time ID to the user device;
(G) the user or the user device determining whether the second one-time ID transmitted in (f) matches the second one-time ID transmitted in (b ′);
(H) If the result of the determination in (g) is affirmative, the user device inputs a second authentication key of the user to the second stage authentication means;
(I) The second-stage authentication unit receives an input of a second authentication key from the user device, and collates the input second authentication key with the stored second authentication key. A personal authentication method comprising: performing a second stage personal authentication. The personal authentication method according to any one of claims 1 and 3,
The first and second one-time IDs are one-time IDs obtained by dividing a one-time unit that is one one-time ID.
Personal authentication method. The personal authentication method according to claim 4,
The one-time unit is divided at a user arbitrary position,
Personal authentication method. The personal authentication method according to claim 4 or 5,
At least one of the first and / or second one-time ID is a one-time ID composed of a plurality of data elements that are discrete in the one-time unit.
Personal authentication method. A personal authentication method according to any one of claims 1 to 7,
The first one-time ID is a one-time ID for personal authentication,
The second one-time ID is a one-time ID for avoiding phishing.
Personal authentication method. The personal authentication method according to any one of claims 1 to 8,
In addition to the user's first authentication key and the user's management master ID, the first step authentication means stores a user device ID unique to the user device, and the user device ID is stored in the second step. Sent to the authentication means,
At the timing (e) or at a different timing, the second stage authentication means receives the user device ID of the user device from the user device,
The second stage authentication means determines whether the user device ID matches the stored user device ID;
(F) is performed when the result of the determination is affirmative and a match is obtained for the first one-time ID;
Personal authentication method. A personal authentication method according to any one of claims 1 to 9,
The notification in (c) is performed in response to an inquiry from the second stage authentication means to the first stage authentication means.
Personal authentication method. A personal authentication method according to any one of claims 1 to 10,
(H) is performed before (e) or after (e) and before (f) during (e),
(H) is a personal authentication method that is started without the condition that the result of the determination in (g) is affirmative. A first stage authentication means storing a user's first authentication key and the user's management master ID, but not storing the user's second authentication key;
A second-stage authentication unit that stores the second authentication key and the management master ID but does not store the first authentication key;
(A) The first stage authentication means receives a first authentication key input from a user device which is an information processing device used by the user, and stores the input first authentication key and the stored information. By verifying with the first authentication key, the first stage personal authentication is performed,
(B) When the first stage personal authentication is successful, the first stage authentication means issues first and second one-time IDs;
(B ′) the first stage authentication means transmits the first and second one-time IDs to the user device;
(C) The first-stage authentication means notifies the second-stage authentication means of the management master ID of the user who has succeeded in the first-stage personal authentication and the first and second one-time IDs. ,
(D) The second-stage authentication unit stores the first and second one-time IDs notified from the first-stage authentication unit as the one-time ID of the user corresponding to the notified management master ID. And
(E) The second stage authentication means receives the input of the first one-time ID transmitted in the (b ′) from the user device, and the first one-time ID becomes the management master ID of the user. Correspondingly, determine whether the first one-time ID stored in (d) matches,
(F) If the result of the determination in (e) is affirmative, the second stage authentication means transmits the stored second one-time ID to the user device,
(G) The user or the user device determines whether the second one-time ID transmitted in (f) matches the second one-time ID issued in (b);
(H) If the result of the determination in (g) is affirmative, the user device inputs the second authentication key of the user to the second stage authentication means,
(I) The second-stage authentication unit receives an input of a second authentication key from the user device, and collates the input second authentication key with the stored second authentication key. Thus, a personal authentication system for performing the second stage personal authentication. A first stage authentication means storing a user's first authentication key and the user's management master ID, but not storing the user's second authentication key;
A second-stage authentication unit that stores the second authentication key and the management master ID but does not store the first authentication key;
(A) The first stage authentication means receives a first authentication key input from a user device which is an information processing device used by the user, and stores the input first authentication key and the stored information. By verifying with the first authentication key, the first stage personal authentication is performed,
(A ′) The first stage authentication means receives a second one-time ID from the user device at a timing when receiving the input of the first authentication key or at a different timing.
(B) When the first stage personal authentication is successful, the first stage authentication means issues a first one-time ID;
(B ′) the first stage authentication means transmits the first one-time ID to the user device;
(C) The first-stage authentication means notifies the second-stage authentication means of the management master ID of the user who has succeeded in the first-stage personal authentication and the first and second one-time IDs. ,
(D) The second-stage authentication unit stores the first and second one-time IDs notified from the first-stage authentication unit as the one-time ID of the user corresponding to the notified management master ID. And
(E) The second stage authentication means receives the input of the first one-time ID transmitted in the (b ′) from the user device, and the first one-time ID becomes the management master ID of the user. Correspondingly, determine whether the first one-time ID stored in (d) matches,
(F) If the result of the determination in (e) is affirmative, the second stage authentication means transmits the stored second one-time ID to the user device,
(G) The user or the user device determines whether the second one-time ID transmitted in (f) matches the second one-time ID input in (a ′);
(H) If the result of the determination in (g) is affirmative, the user device inputs the second authentication key of the user to the second stage authentication means,
(I) The second-stage authentication unit receives an input of a second authentication key from the user device, and collates the input second authentication key with the stored second authentication key. In this way, the second stage personal authentication is performed.
Personal authentication system. A first stage authentication means storing a user's first authentication key and the user's management master ID, but not storing the user's second authentication key;
A second-stage authentication unit that stores the second authentication key and the management master ID but does not store the first authentication key;
(A) The first stage authentication means receives a first authentication key input from a user device which is an information processing device used by the user, and stores the input first authentication key and the stored information. By verifying with the first authentication key, the first stage personal authentication is performed,
(A ′) the second stage authentication means issues a second one-time ID associated with the management master ID of the user, and transmits the second one-time ID to the first stage authentication means;
(B) When the first stage personal authentication is successful, the first stage authentication means issues a first one-time ID;
(B ′) the first stage authentication means transmits the first and second one-time IDs to the user device;
(C) The first stage authentication means notifies the second stage authentication means of the management master ID of the user who has succeeded in the first stage personal authentication and the first one-time ID,
(D) The second-stage authentication unit stores the first one-time ID notified from the first-stage authentication unit as the one-time ID of the user corresponding to the notified management master ID,
(E) The second stage authentication means receives the input of the first one-time ID transmitted in the (b ′) from the user device, and the first one-time ID becomes the management master ID of the user. Correspondingly, determine whether the first one-time ID stored in (d) matches,
(F) If the result of the determination in (e) is affirmative, the second stage authentication means transmits the stored second one-time ID to the user device,
(G) The user or the user device determines whether the second one-time ID transmitted in (f) matches the second one-time ID transmitted in (b ′);
(H) If the result of the determination in (g) is affirmative, the user device inputs the second authentication key of the user to the second stage authentication means,
(I) The second-stage authentication unit receives an input of a second authentication key from the user device, and collates the input second authentication key with the stored second authentication key. In this way, the second stage personal authentication is performed.
Personal authentication system. The personal authentication system according to any one of claims 12 to 14,
(H) is performed before (e) or after (e) and before (f) during (e),
(H) is started without the condition that the result of the determination in (g) is affirmative.
Personal authentication system. The personal authentication system according to any one of claims 12 to 15,
The first stage authentication means and the second stage authentication means are realized by different computer machines or the same computer machine.
Personal authentication system.   A computer program for causing a computer to function as the first stage authentication means of the personal authentication system according to any one of claims 12 to 16.   A computer program for causing a computer to function as the second stage authentication means of the personal authentication system according to any one of claims 12 to 16.

Images