JP2014119830A - Biometric authentication system, biometric authentication method and biometric authentication program - Google Patents

Abstract

PROBLEM TO BE SOLVED: To enable a terminal not having a biological sensor to perform accurate biometric authentication by coordinating with a terminal having a biological sensor.SOLUTION: The biometric authentication system includes: a first terminal that has an information input part for inputting biological information on a user, a first authentication process part for calculating first similarity between registered data and collated data by collating the registered data registered in advance with the collated data generated from the biological information, and a first data generation part for generating first data to be used for communication on the basis of the first similarity; and a second terminal that has a second authentication process part for receiving the registered data and the collated data from the first terminal and calculating second similarity between the registered data and the collated data by collating the registered data with the collated data, and a second data generation part for generating second data to be used for communication on the basis of the second similarity. The authentication succeeds when the first data and the second data coincide with each other.

Description

  The present embodiment relates to a biometric authentication system, a biometric authentication method, and a biometric authentication program.

  In recent years, biometric authentication has attracted attention as a technique for identity verification in information terminal devices. In addition, attempts have been made to improve the reliability of the entire authentication process. It is known that information necessary for authentication is transmitted via another information terminal device connected to one information terminal device, and the biometric authentication is verified by a verification device dedicated to the verification.

In addition, an attempt has been made to provide an authentication device that ensures anonymity. A biometric authentication object having a biometric template, biometric information for verification, and a verification program as one piece of electronic data is generated and converted based on a predetermined calculation rule. An ID that uniquely identifies the user is generated using the converted data, and a different ID is issued for each authentication. Thereby, the action history of the person to be authenticated is not tracked.
(For example, see Patent Documents 1 and 2)

JP 2006-11768 A JP 2006-350683 A

  However, in the technology described in the background art, a verification device dedicated to verification is necessary, and in order to implement an authentication system, the verification device must be introduced or connected to a network. In the technology described in the background art, an ID is generated from all of the information used for authentication. For this reason, since it is necessary to send a biometric template or a collation program to be confidential in the terminal every time authentication is performed, the confidentiality is not sufficient and the amount of information to be communicated is large.

  According to the disclosed technology, even a terminal that does not have a biosensor is intended to perform reliable biometric authentication in cooperation with a terminal that has a biosensor.

  According to one aspect of the disclosed biometric authentication system, the information input unit that inputs biometric information related to a user, preregistered registration data and verification data generated from the biometric information are collated, A first authentication processing unit for obtaining a first similarity with the verification data, and a first data generating unit for generating first data used for communication based on the first similarity. A first terminal having the registration data and the collation data received from the first terminal, collating the registration data and the collation data, a second between the registration data and the collation data; A second terminal having a second authentication processing unit for obtaining a similarity and a second data generation unit for generating second data used for communication based on the second similarity. The first data and the second Providing biometric authentication system authentication is successful when the the over data match.

  According to the disclosed technology, even a terminal that does not have a biosensor can perform reliable biometric authentication in cooperation with a terminal that has a biosensor.

It is a figure which shows the structural example of a biometrics authentication system. It is a figure which shows the hardware structural example of a 1st terminal. It is a figure which shows the hardware structural example of a 2nd terminal. 1 is a functional block diagram of a biometric authentication system in Embodiment 1. FIG. 6 is a flowchart of a biometric information registration process according to the first embodiment. 5 is a flowchart of biometric information authentication processing according to the first embodiment. It is a figure which shows the example of the registration data in Example 1, and verification data. The functional block diagram of the biometrics authentication system in Example 2 is shown. 9 shows an authentication processing flowchart of a biometric authentication system in Embodiment 2. It is a figure which shows the example of the collation data in Example 2, and verification data. The functional block diagram of the biometrics authentication system in Example 3 is shown. 9 shows an authentication processing flowchart of a biometric authentication system in Embodiment 3. 10 is a diagram illustrating an example of an encryption key history in Embodiment 3. FIG. The functional block diagram of the biometrics authentication system in Example 4 is shown. 10 shows an authentication processing flowchart of a biometric authentication system in Embodiment 4. 10 shows a re-authentication process flowchart of a biometric authentication system according to a fourth embodiment.

Hereinafter, embodiments will be described in detail with reference to the drawings. In all the drawings for explaining the embodiments, the same reference numerals are used for those having the same function, and repeated explanation is omitted.
[Example 1]
<Outline of biometric authentication system>
FIG. 1 shows a configuration example of a biometric authentication system in the first embodiment. With reference to FIG. 1, the biometric authentication system in Example 1 contains the 1st terminal 1, the 2nd terminal 2, and the communication path 5 which connects these.

  The first terminal 1 and the second terminal 2 are, for example, a personal computer (PC), a smartphone, a mobile phone, a computer installed in a car, a door locking / unlocking device for a house or a condominium, and the like.

  The communication path 5 is wired or wireless, and various systems such as the Internet, a local area network, Wi-Fi (registered trademark), and Bluetooth (registered trademark) can be used.

  FIG. 2 shows a hardware configuration example of the first terminal 1. With reference to FIG. 2, the hardware configuration of the first terminal 1 includes a CPU 101, a ROM 102, a RAM 103, a storage device 104, a communication interface 105, a power source 106, a display 107, a keyboard 108, a biosensor 110, and the like.

  The biosensor 110 may be any sensor that can exhibit the identification function for collecting the biometric information of the user (human) and uniquely identifying the user. Examples of the biosensor 110 include a fingerprint sensor 111 and a palm vein sensor 112, which may include a plurality of types or a plurality of types of sensors.

  The hardware configuration of the first terminal 1 is not limited to the above, and for example, a touch panel may be provided instead of the keyboard 108 and the display 107, or a mouse may be included in addition to the keyboard 108.

  FIG. 3 shows a hardware configuration example of the second terminal 2. With reference to FIG. 3, the hardware configuration of the second terminal 2 includes a CPU 201, a ROM 202, a RAM 203, a storage device 204, a communication interface 205, a power source 206, a display 207, a keyboard 208, and the like.

  The hardware configuration of the second terminal 2 is not limited to the above, and for example, a touch panel may be provided instead of the keyboard 208 and the display 207, or a mouse may be included in addition to the keyboard 208.

  One of the differences between the first terminal 1 and the second terminal 2 is that the biometric sensor included in the first terminal 1 is not included in the second terminal 2.

In the biometric authentication system according to the first embodiment, in the biometric authentication process in the first terminal 1 that acquires and authenticates biometric information, the biometric information registration data acquired and registered in advance by the user and acquired from the user during authentication The collation data of the biometric information is collated. Verification data is generated using the similarity of the matching results as a matching score 136 (see FIG. 4 described later). In addition to the verification data and the user identification information, the verification data is collectively transmitted to the second terminal 2, and a verification score 236 that is the similarity of the verification result obtained by the second terminal 2 (see FIG. 4 described later). ) To generate verification data separately. The verification data transmitted from the first terminal 1 and received by the second terminal 2 is compared with the verification data separately generated by the second terminal 2, and the verification data matches as the verification data match. The authenticity of the user in one terminal 1 is guaranteed.
<Functions of biometric authentication system>
The function of the biometric authentication system will be described with reference to the drawings.

  FIG. 4 shows a functional block diagram of the biometric authentication system in the first embodiment. The first terminal 1 includes an information input unit 121, a registration data generation unit 122, a registration data transmission unit 123, a verification data generation unit 124, a verification data transmission unit 125, a communication control unit 126, a registration unit 127, and a registration data storage unit. 128, an authentication processing unit 131, and a verification data generation unit 141 are included. The second terminal 2 includes a verification unit 220, a registration data reception unit 223, a verification data reception unit 225, a communication control unit 226, a registration unit 227, a registration data storage unit 228, an authentication processing unit 231, and a verification data generation unit 241. Is included.

  FIG. 5 is a flowchart of biometric information registration processing according to the first embodiment. Registration processing of the biometric authentication system according to the first embodiment will be described with reference to FIGS. 4 and 5.

  First, biometric information is input by the information input unit 121 of the first terminal 1 (step S101). The biometric information is a fingerprint, a palm vein, or the like. When the biological information is a fingerprint, the fingerprint information is input by the fingerprint sensor 111 (see FIG. 2), and when the biological information is a palm vein, the biological information is input by the palm vein sensor 112 (see FIG. 2).

  Next, the registration data generation unit 122 generates registration data by extracting characteristic information from the biometric information input above (step S102). The registration data generated by the registration data generation unit 122 is stored in the registration data storage unit 128 of the first terminal 1 by the registration unit 227 (step S103).

  At this time, the registration data generation unit 122 sends the registration data to the registration data transmission unit 123, and the registration data transmission unit 123 transmits the registration data to the second terminal 2 via the communication control unit 126 (step S104). The registration data transmitted to the second terminal 2 is received by the registration data receiving unit 223 via the communication control unit 226 of the second terminal 2. The registration unit 227 of the second terminal 2 stores the received registration data in the registration data storage unit 228 (step S105).

  Here, since the second terminal 2 does not include a biological sensor, the second terminal 2 does not input biological information independently. Therefore, the second terminal 2 does not generate registration data. The first terminal 1 stores the registration data generated by the registration data generation unit 122 in the registration data storage unit 128 of the first terminal 1 and transmits it to the second terminal 2. The second terminal 2 that has received the registration data stores the registration data in the registration data storage unit 228.

  FIG. 6 is a flowchart of the biometric information authentication process according to the first embodiment. An authentication process of the biometric authentication system in the first embodiment will be described with reference to FIGS. 4 and 6.

  First, biometric information is input by the information input unit 121 of the first terminal 1 (step S201). The biometric information is a fingerprint, a palm vein, or the like. When the biological information is a fingerprint, the fingerprint information is input by the fingerprint sensor 111 (see FIG. 2), and when the biological information is a palm vein, the biological information is input by the palm vein sensor 112 (see FIG. 2).

  Next, the collation data generation part 124 produces | generates collation data by extracting characteristic information from the biometric information input above (step S202).

  Next, the authentication processing unit 131 compares the verification data with the registration data stored in the registration data storage unit 128 of the first terminal 1. In the authentication processing unit 131, the collation data is collated with the registration data according to the authentication algorithm 135, and if the collation data matches the registration data within a predetermined range (the collation score 136 is a predetermined value or more), the collation is successful (YES). If not, it is determined that the verification has failed (NO) (step S203). In the case of collation failure, the authentication failure is notified to the user by the display 107 or the like (step S212).

  Generally speaking, in biometric authentication, even if biometric data is from the same person, there are multiple factors such as positional deviation when inputting biometric information, the state of the living body, and the external environment. Similarity (similarity between a plurality of data is hereinafter referred to as “collation score”) may be different.

If the collation is successful in step S203 (YES), the verification data generation unit 141 generates verification data from the collation score 136 obtained as a result of collation of the collation data with the registered data (step S204). If the contents of the authentication algorithm 135 differ, the collation score 136 also changes. Therefore, even if the same collation data is collated with the same registered data, if the contents of the authentication algorithm 135 are different, a different collation score 136 is obtained.
Here, a case where the contents of the authentication algorithm 135 are different includes a case where the version number of the authentication algorithm 135 is different.

  An example in which the version number of the authentication algorithm 135 is different will be described with reference to FIG. FIG. 7 is a diagram illustrating an example of registration data and verification data. The first and third lines in FIG. 7 are the same in that the registration data is “41EFE7FEE5BCB52F” and the collation data is “C43808B63353F182”, but the authentication algorithm 135 is different. In the first line in FIG. 7, the version number of the authentication algorithm 135 is “1.0” in the first line and “1.1” in the third line. As a result, the matching score 136 is “128” in the first line and “130” in the third line, which is approximate but different. The verification data is generated as “j1 & / is9−qq% (1v69)” in the third line, and is different from “4 # + o89zg9_y & b & 5g” in the first line.

  The first and second lines in FIG. 7 have different registration data, the collation data is “C43808B63353F182”, and the authentication algorithm 135 is “1.0”. As a result, the matching score 136 is significantly different from “128” in the first line to “1” in the second line. The verification data is different as “4 # + o89zg9_y & b & 5g” in the first line and “x% 3w7 (_jad1) & t53” in the second line.

  Therefore, when collation data is collated with registered data by the authentication processing unit 131 according to the authentication algorithm 135, the collation score is, for example, “128” in the first line of FIG. If the value is equal to or greater than a preset value such as 100, the collation data and the registered data coincide with each other within a predetermined range, and the collation is successful (YES). Otherwise, the collation failure (NO) may be performed (step S203). .

  The verification data generated by the verification data generation unit 141 of the first terminal 1 and the verification data generated by the verification data generation unit 124 are sent to the verification data generation unit 141 and the verification data transmission unit 125 via the communication control unit 126, respectively. It transmits to the second terminal 2 (step S205). Hereinafter, the verification data generated by the verification data generation unit 141 of the first terminal 1 is referred to as “verification data A”.

  The second terminal 2 receives the verification data A and the verification data transmitted from the first terminal 1 at the verification data receiving unit 225 via the communication control unit 226.

  Next, the verification data is verified in the authentication processing unit 231 with the registration data stored in the registration data storage unit 228 of the second terminal 2. In the authentication processing unit 231, the collation data is collated with the registration data in accordance with the authentication algorithm 235, and if the collation data matches the registration data within a predetermined range (the collation score 236 is a predetermined value or more), the collation is successful (YES). On the other hand, if the collation data does not match the registered data within the predetermined range, collation failure (NO) is determined (step S206).

  If collation fails in the second terminal 2 in step S206 (NO), the first terminal 1 is notified of the authentication failure (step S211), and the second terminal 2 notifies the user via the display 207 or the like. An authentication failure is notified (step S212).

  If the collation is successful in step S206 (YES), the verification unit 120 generates verification data B from the collation score 236 obtained as a result of collation of the collation data with the registered data (step S207). The verification unit 120 compares whether the verification data A received by the verification data reception unit 225 matches the verification data B generated as described above (step S208). If they match (YES), the first terminal 1 is notified of successful authentication (step S209). In the second terminal 2, the authentication success is notified to the user through the display 207 or the like (step S210). On the other hand, if they do not match (NO), the first terminal 1 is notified of the authentication failure (step S211), and the second terminal 2 notifies the user of the authentication failure via the display 207 or the like (step S212). ). In this way, the biometric information authentication ends.

With the above configuration, the first terminal 1 and the first terminal 1 can be used without using a mutual authentication between the first terminal 1 and the second terminal 2 or a verification server for guaranteeing an authentication result. The second terminal 2 is linked. In the second terminal 2 that does not have a biometric sensor, it is possible to further guarantee the authenticity of the user who is authentic in the first terminal 1, and in terms of information security of a terminal that does not have a biometric authentication device such as a biometric sensor. Safety is improved. Further, since only the verification data and the verification data are used for user authentication, the protocol between the first terminal 1 and the second terminal 2 is simplified. For this reason, even when the first terminal 1 and the second terminal 2 are provided by different vendors, it is possible to improve the interoperability between the first terminal 1 and the second terminal 2 and It is easy to add a biometric authentication system. For example, when a biometric authentication device such as a biosensor is mounted on an automobile, the biometric authentication device may be exposed outside the vehicle. In this case, the durability of the biometric authentication device, the cost of changing the design for another vehicle type, and the like become issues. According to the first embodiment, for example, by using a mobile phone with a biometric authentication device as the first terminal 1 and an automobile as the second terminal 2, user authentication can be performed without installing a biometric authentication device in the automobile. Can do. Thereby, when both the first terminal 1 and the second terminal 2 are successfully authenticated, it is determined that the authentication is successful, and the authenticity of the user in both the first terminal 1 and the second terminal 2 is determined. And thus the security of information security in both the first terminal 1 and the second terminal 2 is improved.
[Example 2]
A second embodiment will be described. FIG. 8 is a functional block diagram of the biometric authentication system according to the second embodiment. FIG. 9 shows an authentication processing flowchart of the biometric authentication system in the second embodiment. The second embodiment further handles version number information and registration data update of the authentication algorithm 135 as compared to the first embodiment.

  Referring to FIG. 8, the first terminal 1 includes an information input unit 121, a registration data generation unit 122, a registration data transmission unit 123, a verification data generation unit 124, a verification data transmission unit 125, a communication control unit 126, a registration. In addition to the unit 127, the registration data storage unit 128, the authentication processing unit 131, and the verification data generation unit 141, a user ID input unit 129, a version number information addition unit 142, and a registration data update notification unit 143 are further included. The difference from the first embodiment is that a user ID input unit 129, a version number information addition unit 142, and a registered data update notification unit 143 are included. The second terminal 2 is the same as that in the first embodiment, and includes a verification unit 220, a registration data reception unit 223, a verification data reception unit 225, a communication control unit 226, a registration unit 227, a registration data storage unit 228, an authentication processing unit 231, A verification data generation unit 241 is included.

  With reference to FIG. 9, the authentication process of the biometric authentication system in Example 2 is demonstrated. The version number of the authentication algorithm 135 and the update information of the registration data are transmitted from the first terminal 1 to the second terminal 2. Prior to the authentication process of the biometric authentication system, it is confirmed whether the same authentication algorithms 135 and 235 and registration data are used. When the registration data in the first terminal 1 is updated, the registration data of the second terminal 2 is updated as described above, and the latest version number of the authentication algorithm 235 matches the latest version number of the authentication algorithm 135. Be made.

  Here, the reason for matching the version numbers is as follows. As described above, the first and third lines in FIG. 7 are the same in that the registration data is “41EFE7FEE5BCB52F” and the collation data is “C43808B63353F182”, but the authentication algorithm 135 is different. In the first line in FIG. 7, the version number of the authentication algorithm 135 is “1.0” in the first line and “1.1” in the third line. As a result, the matching score 136 is approximated as “128” in the first line and “130” in the third line. The verification data is generated as “j1 & / is9−qq% (1v69)” in the third line, whereas “4 # + o89zg9_y & b & 5g” is generated in the first line, and the verification data does not match and authentication is not normally performed. Because there are cases.

  The update of the registration data of the second terminal 2 when the registration data in the first terminal 1 is updated, and the match between the latest version number of the authentication algorithm 235 and the latest version number of the authentication algorithm 135 will be described. The biometric information registration process is the same as that described in the first embodiment, but when the registration data is generated by the first terminal 1 in step S102 of FIG. If there is a difference from the registration data already existing in the registration data storage unit 128, it is updated to the most recently generated registration data. The registration data is stored in the registration data storage unit 128 for each user by the registration data generation unit 122, and is updated and stored for each user when updating to the most recently generated registration data ( Step S103).

  As described above, when the registration data for each user ID is updated, the registration data update notification unit 143 updates the registration data for each user ID with respect to the second terminal 2 and the generation date or generation of registration data. Along with the contents and the like, it is transmitted via the communication control unit 126 (step S104). Hereinafter, the update of the registration data for each user ID, the generation date of the registration data, the generation contents, etc. are referred to as “registration data update information”. In the second terminal 2, the registration information update information for each user ID is received by the communication control unit 226. The registration unit 227 stores the received registration data update information in the registration data storage unit 228.

  Further, the version number of the authentication algorithm 135 used in the authentication processing unit 131 of the first terminal 1 is different from the version number of the authentication algorithm 135 already used in the authentication processing unit 131 of the first terminal 1. May be the latest version. In this case, the version number information adding unit 142 transmits the latest version number of the authentication algorithm 135 to the second terminal 2 as well as the update information of the registration data. In the second terminal 2 that has received this, the latest version number of the authentication algorithm 235 that is the same as the latest version number of the authentication algorithm 135 is stored in the authentication processing unit 231.

  Next, when the authentication process of the biometric authentication system is started, first, a user ID is input to the user ID input unit 129, and biometric information is input from the information input unit 121 of the first terminal 1 (step S301). . The biometric information is a fingerprint, a palm vein, or the like. When the biological information is a fingerprint, the fingerprint information is input by the fingerprint sensor 111 (see FIG. 2), and when the biological information is a palm vein, the biological information is input by the palm vein sensor 112 (see FIG. 2).

  Next, the collation data generation part 124 produces | generates collation data by extracting characteristic information from the biometric information input above (step S302).

  Next, the verification data is verified in the authentication processing unit 131 with the registration data stored in the registration data storage unit 128 of the first terminal 1. In the authentication processing unit 131, the verification data is verified with the registration data according to the authentication algorithm 135. As a result, if the collation data matches the registered data within a predetermined range (the collation score 136 is equal to or greater than a predetermined value), the collation is successful (YES). If the collation data does not match the registered data within the predetermined range, collation failure (NO) is determined (step S303). In the case of collation failure, the authentication failure is notified to the user via the display 107 or 207 (step S319).

  If the collation is successful in step S303 (YES), the verification data generation unit 141 generates verification data A from the collation score 136 obtained as a result of collation of the collation data with the registered data (step S304).

  Next, the version number information adding unit 142 adds the version number of the authentication algorithm 135 to the verification data A generated by the verification data generating unit 141 of the first terminal 1 (step S305). The registration data update notification unit 143 adds the update information of the registration data corresponding to the user ID that has been successfully authenticated to the verification data A (step S306). Here, the update information of the registration data is, for example, a registration update date. The verification data generation unit 141 transmits the verification data A to which the version number of the authentication algorithm 135 and the update information of the registration data are added to the second terminal 2 via the communication control unit 126 (step S307). The verification data transmission unit 125 transmits the verification data generated by the verification data generation unit 124 to the second terminal 2 via the communication control unit 126 (Step S307). The second terminal 2 receives the verification data A and the verification data transmitted from the first terminal 1 in the verification data receiving unit 225 via the communication control unit 226.

  FIG. 10 is a diagram illustrating examples of collation data and verification data according to the second embodiment. Referring to FIG. 10, in step S <b> 307, verification data A to which the user ID, verification data, authentication algorithm 135, and registration data update information are added is transmitted to the second terminal 2. As described above, the user ID is input in step S301, and the collation data is generated in step S302. In addition, the authentication algorithm 135 is added to the verification data A generated in step S304 in step S305, and update information of registration data is added in step S306.

  Next, the verification data is verified in the authentication processing unit 231 with the registration data stored in the registration data storage unit 228 of the second terminal 2. In the authentication processing unit 231, the verification data is verified with the registration data according to the authentication algorithm 235. If the collation data matches the registered data within a predetermined range (the collation score 236 is equal to or greater than a predetermined value), the collation is successful (YES), and otherwise, the collation is failed (NO) (step S308).

  It should be noted that the predetermined range of the verification score 136 that the verification processing unit 131 determines that the verification data matches the registration data and the predetermined range of the verification score 236 that the verification processing unit 231 determines that the verification data matches the registration data may be the same. Different predetermined ranges may be used. By doing so, it is possible to change the strictness of the authentication standards of the first terminal 1 and the second terminal 2 and bring diversity to the authentication of the biometric authentication system.

  When collation fails in step S308 (NO), the authentication failure is notified to the second terminal 2 together with the cause of the authentication failure (others) (step 313). As the cause (others) of the authentication failure, for example, when the collation score is less than a predetermined value, the cause of “the input biometric information does not match at the specified level” is notified. Here, since the collation is successful at the first terminal, notification for performing the registration process again may be made.

  When the collation is successful in step S308 (YES), the verification unit 120 generates verification data B from the collation score 236 obtained as a result of collation of the collation data with the registered data (step S309). The verification unit 120 compares whether the verification data A received by the verification data reception unit 225 matches the verification data B generated as described above (step S310). If they match (YES), the authentication processing unit 231 notifies the first terminal 1 of successful authentication via the communication control unit 226 (step S311). Further, the second terminal 2 notifies the user of successful authentication through the display 207 or the like (step S312). On the other hand, if the verification data A and the verification data B do not match in step S310 (NO), the version of the authentication algorithm 235 of the second terminal 2 and the received version of the authentication algorithm 135 of the first terminal 1 are received. The number is compared (step S314). If the version numbers do not match (NO), the version number mismatch is notified to the user through the display 207 or the like as a cause of the authentication failure, and also to the first terminal 1 (step S316). Note that the comparison of the version number of the authentication algorithm 135 and the version number of the authentication algorithm 235 is not limited to the timing during the authentication process, and may be any timing before, during, or after the authentication process.

  On the other hand, if the version numbers match (YES), the update information (for example, the registration update date) of the registered data of the user successfully verified in the second terminal 2 and the received update information of the first terminal 1 Are compared (step S315).

  If the update information does not match (NO), the update information mismatch is notified to the user through the display 207 or the like as a cause of the authentication failure, and is also notified to the first terminal 1 (step S317). On the other hand, if the update information also matches (YES), the second terminal 2 is notified of the authentication failure as well as the cause (others) of the authentication failure (step 313). The cause (others) of the authentication failure in this case is, for example, “software failure or difference in verification data generation algorithm”. Note that the comparison between the update information of the user registration data in the first terminal 1 and the update information of the user registration data in the second terminal 2 is not limited to the timing during the above authentication process, It may be any timing before, during, or after.

  In the case of steps S313, S316, and S317, the authentication processing unit 231 notifies the first terminal 1 of the authentication failure via the communication control unit 226 (step S318). Further, the second terminal 2 notifies the user of the authentication failure through the display 207 or the like (step S319). In this way, the biometric information authentication ends.

  If the cause of the authentication failure in the second terminal 2 is update information (step S317), the registration data update unit (not shown) converts the registration data of the first terminal 1 into the second information as described above. The data may be transmitted to the terminal 2 (step S104) and stored in the registration data storage unit 228 in order to update the registration data (step S105). In this way, if the above-mentioned authentication is performed again after storing the updated registration data in the registration data storage unit 228, the verification data A and the verification data B match with a relatively high verification score in step S310, and as a result Success can be notified to the user (step S312). By configuring in this way, it is possible to prevent the occurrence of unauthenticated events despite the identity of the user due to inconsistencies such as biometric information being updated or not being updated among a plurality of linked terminals. Thus, the reliability of the biometric authentication system can be improved.

  In the second embodiment, the first terminal 1 connected to the wireless LAN and having the biometric sensor 110 and the second terminal 2 connected to the wired LAN and not having the biometric sensor 110 cooperate to input from the first terminal 1. You may perform an authentication process with the 1st terminal 1 using biometric information. Then, the verification data used in the authentication process and the verification data A generated from the verification score 136 are transmitted to the second terminal 2, and the second terminal 2 performs the same authentication process. It is an example.

  As described above, the first terminal 1 includes the version number information adding unit 142 that adds the version number information of the authentication algorithm 135 to the verification data, and before, during, or after the authentication process, It is compared whether the authentication algorithms 135 and 235 of the second terminal 2 match (step S314). If the version number of the authentication algorithm 135 and the version number of the authentication algorithm 235 do not match as a result of the comparison, the version number mismatches when the authentication result is notified from the first terminal 1 to the second terminal 2. This is notified (step S316). By doing so, the cause of the authentication failure is clarified, and it is possible to prevent omission of update when the authentication algorithms 135 and 235 are updated in the first terminal 1 and the second terminal 2. Moreover, it can be set as the opportunity which synchronizes an authentication algorithm between several terminals which mutually cooperate. For example, when deploying a highly accurate authentication algorithm to a plurality of terminals, it is possible to prevent deployment failure. In this way, consistency between terminals can be ensured.

As described above, the first terminal 1 includes the registration data update notification unit 143 that adds the update information (for example, the registration update date) of the registered data of the user who has been successfully verified with the verification data. Whether the registration data in the first terminal 1 and the registration data in the second terminal 2 are the same or later are verified (step S315). As a result of the verification, if the update information of the registration data does not match, when the authentication result is notified from the second terminal 2 to the first terminal 1, the fact that the registration data has been updated is notified. (Step S317). By doing this, it becomes possible to clarify the cause of the authentication failure. In addition, it is possible to detect that some of the terminals that are linked with each other have been updated to newer registration data.
[Example 3]
A third embodiment will be described. FIG. 11 is a functional block diagram of the biometric authentication system according to the third embodiment. FIG. 12 shows an authentication processing flowchart of the biometric authentication system in the third embodiment. The third embodiment uses an encryption key instead of the verification data as compared with the first embodiment.

  Referring to FIG. 11, the first terminal 1 includes an information input unit 121, a registration data generation unit 122, a registration data transmission unit 123, a verification data generation unit 124, a verification data transmission unit 125, a communication control unit 126, a registration. In addition to the unit 127, the registration data storage unit 128, and the authentication processing unit 131, the user ID input unit 129, the terminal key generation unit 151, the stored data encryption unit 152, the external authentication linkage unit 153, the encryption key designation unit 154, An encryption key history holding unit 155, an external data generation cooperation unit 156, an encryption key generation unit 157, and an external storage medium 170 are included. The authentication processing unit 131 and the encryption key generation unit 157 are stored in the external storage medium 170.

  The difference from the first embodiment is that the verification data generation unit 141 does not exist, the user ID input unit 129, the user ID input unit 129, the terminal key generation unit 151, the stored data encryption unit 152, the external authentication linkage unit 153, the encryption A key designation unit 154, an encryption key history holding unit 155, an external data generation cooperation unit 156, an encryption key generation unit 157, and an external storage medium 170 are included. Here, the external storage medium 170 is, for example, a tamper resistant device.

  In addition to the registration data receiving unit 223, the verification data receiving unit 225, the communication control unit 226, the registration unit 227, the registration data storage unit 228, and the authentication processing unit 231, the second terminal 2 further includes a terminal key generation unit 251. A stored data encryption unit 252, an external authentication linkage unit 253, an encryption key designation unit 254, an encryption key history holding unit 255, an external data generation linkage unit 256, and an encryption key generation unit 257. The authentication processing unit 231 and the encryption key generation unit 257 are stored in the external storage medium 270. Here, the external storage medium 270 is a tamper resistant device, for example.

  The difference from the first embodiment is that the verification unit 220 and the verification data generation unit 141 do not exist, but the terminal key generation unit 251, the stored data encryption unit 252, the external authentication linkage unit 253, the encryption key designation unit 254, the encryption key A history holding unit 255, an external data generation cooperation unit 256, and an encryption key generation unit 257 are included.

  With reference to FIG. 12, the authentication process of the biometric authentication system in Example 3 is demonstrated.

  When the authentication process of the biometric authentication system is started, first, a user ID is input by the user ID input unit 129, and biometric information is input by the information input unit 121 of the first terminal 1 (step S401). The biometric information is a fingerprint, a palm vein, or the like. When the biometric information is a fingerprint, the biometric information is input by a fingerprint sensor 111 (see FIG. 2). When the biometric information is a palm vein, the biometric information is input by a palm vein sensor 112 (see FIG. 2).

  Next, the collation data generation part 124 produces | generates collation data by extracting characteristic information from the biometric information input above (step S402). The generated collation data is input to the authentication processing unit 131 of the external storage medium 170 and is classified (step S403). The registration data in the registration data storage unit 128 may be encrypted (confidentialized) with a terminal key in advance by the storage data encryption unit 152 and stored. The terminal key is an encryption key generated by the terminal key generation unit 151 from information unique to the first terminal 1, for example, and is a common key that uses the same key for encryption and decryption, for example. Therefore, the registration data corresponding to the user ID input in step S401 is read from the registration data storage unit 128 and decrypted with the terminal key (step S404).

  Next, the verification data is verified in the authentication processing unit 131 with the decrypted registration data. In the authentication processing unit 131, the verification data is verified with the registration data according to the authentication algorithm 135. If the collation data matches the registered data within a predetermined range (the collation score 136 is equal to or greater than the predetermined value), the collation is successful (YES), and otherwise, the collation is failed (NO) (step S405). In the case of collation failure, the authentication failure is notified to the user by the display 107 or the like (step S418).

  When the collation is successful in step S405 (YES), the encryption key generation unit 157 generates the encryption key A from the collation score 136 obtained as a result of the collation data being collated with the registered data (step S406). The generated encryption key A is given a generation number and is stored in the encryption key history storage unit 155 (step S407).

  FIG. 13A is a diagram illustrating an example of the history of the encryption key A in the third embodiment. In the encryption key history holding unit 155 of the first terminal 1, the user ID, the generation number of the encryption key A, and the encryption key A are associated and arranged in the order of generation number.

  The verification data transmission unit 125 transmits the user ID input by the user ID input unit 129 and the verification data generated by the verification data generation unit 124 to the second terminal 2 via the communication control unit 126 (step S408). The second terminal 2 receives the user ID and verification data transmitted from the first terminal 1 in the verification data receiving unit 225 via the communication control unit 226.

  Next, the collation data corresponding to the user ID is input to the authentication processing unit 231 stored in the external storage medium 270 of the second terminal 2 (step S409).

  Registration data in the registration data storage unit 228 may be encrypted (confidentialized) with a terminal key in advance by the storage data encryption unit 252 and stored. The terminal key is an encryption key generated by the terminal key generation unit 251 from information unique to the second terminal 2, for example, and is a common key that uses the same key for encryption and decryption, for example. Therefore, the registration data corresponding to the user ID is read from the registration data storage unit 228 and decrypted with the terminal key (step S410).

  Next, collation data corresponding to the user ID is collated with the decrypted registration data in the authentication processing unit 231. In the authentication processing unit 231, the verification data is verified with the registration data according to the authentication algorithm 235. If the collation data matches the registered data within a predetermined range (the collation score 236 is equal to or greater than a predetermined value), the collation is successful (YES) (step S411). If the collation data does not match the registered data within the predetermined range (the collation score 236 is not less than the predetermined value), the collation failure (NO) is determined (step S411). In the case of collation failure, the first terminal 1 is notified of the authentication failure (step S417), and the second terminal 2 notifies the user via the display 107 or the like (step S418).

  If the verification is successful in step S411 (YES), the encryption key generation unit 257 generates the encryption key B from the verification score 236 obtained as a result of the verification data being verified with the registered data (step S412). The generated encryption key B is held in the encryption key history holding unit 255 after being given a generation number (step S413). Next, the encryption key specifying unit 254 randomly selects one of the assigned generation numbers (step S414).

  FIG. 13B is a diagram illustrating an example of the history of the encryption key B in the third embodiment. In the encryption key history holding unit 255 of the first terminal 1, the user ID, the generation number of the encryption key B, and the encryption key B are arranged in association with each other.

  The authentication processing unit 231 transmits the success of the authentication process in the second terminal 2 and the randomly selected generation number to the first terminal 1 via the communication control unit 226 (step S415). At this time, the generation number is transmitted without transmitting the encryption key corresponding to the generation number. By doing so, the confidentiality of the encryption key is maintained. In the first terminal 1, the communication control unit 126 receives the generation number selected in this way. Next, the second terminal 2 notifies the user of successful authentication through the display 207 or the like (step S416). In this way, the biometric information authentication ends.

  The next communication between the first terminal 1 and the second terminal 2 is performed using the encryption key corresponding to the generation number transmitted in step S415. In this way, for example, an encryption key can be used as a session key that differs for each communication.

  In the above description, the first terminal 1 and the second terminal 2 using the encryption key designated by the encryption key designation unit 254 using the generation number among the plurality of encryption keys held in the encryption key history holding unit 255. Establish communication between the two. The third embodiment is not limited to this, and without using the encryption key history holding unit 255 and the encryption key designating unit 254, using the encryption key most recently generated by the encryption key generating units 157 and 257, collating with the user ID Transmission may be performed while encrypting data and maintaining confidentiality (step 408).

  As described above, in the third embodiment, the encryption key is generated instead of the generation of the verification data in the first embodiment. What is transmitted from the first terminal 1 to the second terminal 2 in the first embodiment is the verification data and the verification data, but is transmitted from the first terminal 1 to the second terminal 2 in the third embodiment. Is obtained by encrypting the verification data with the encryption key. The encryption key itself is not transmitted for confidentiality. The second terminal 2 securely shares the encryption key between the first terminal 1 and the second terminal 2 by generating an encryption key from the received verification data in the same manner as the first terminal 1. be able to. For example, by using this encryption key, communication that maintains confidentiality can be established in the next communication. In the next communication, when the encryption and decryption can be performed by the common key method using the encryption key (communication is established), the verification unit 220 in the first embodiment successfully authenticates (YES in step S208). Similarly, authentication may be successful.

  As described above, the third embodiment includes encryption key generation units 157 and 257 instead of the verification data generation units 141 and 241 in the biometric authentication system of the first embodiment. With this configuration, the encryption key can be shared between the first terminal 1 having the biosensor 110 and the second terminal 2 not having the biosensor. The encryption key is generated based on the verification scores 136 and 236, and since the verification scores 136 and 236 are concealed by the authentication processing units 131 and 231, the confidentiality when the encryption key is shared can be improved.

  As described above, the encryption key history holding units 155 and 255 manage the generation of the encryption key every time the encryption key is generated, and the encryption key specifying units 154 and 254 can select and use the encryption key later. It is configured. Here, the use of the encryption key is not limited. For example, when used as a communication common key, communication can be established by specifying an encryption key used for the next communication. Thereby, even if the past collation data is not held, the encryption key can be used only between the first terminal 1 and the second terminal 2 once successfully authenticated. In this way, since a terminal that is not used for authentication cannot generate an encryption key, confidentiality can be improved. In addition, one of a plurality of encryption keys held in common among a plurality of terminals can be selected by designating a generation number and used between the plurality of terminals.

  Further, as described above, the terminal key generation units 151 and 251 that generate a terminal key that is an encryption key from information unique to the terminal, and the stored data encryption units 152 and 252 that perform encryption using the terminal key are provided. Encryption is performed using a terminal key when holding registration data in each terminal, and decryption is performed using a terminal key when using registration data. The terminal key need only be generated dynamically using the unique information of the terminal when the terminal is activated, and need not be saved. By doing so, even if the registration data is the same, the terminal key is different if the terminal is different, so that it is possible to prevent an illegal act of copying the stored registration data and using it in another terminal.

  In the first terminal 1, the authentication processing unit 131 can be stored in the external storage medium 170. In this case, the external storage medium 170 is connected to the external authentication cooperation unit 153. When the external storage medium 170 is a tamper resistant device, the authentication algorithm 135 used during the authentication process in the first terminal 1 can be highly confidential. Similarly, in the second terminal 2, the authentication processing unit 231 can be stored in the external storage medium 270. In this case, the external storage medium 270 is connected to the external authentication cooperation unit 253. When the external storage medium 270 is a tamper resistant device, the authentication algorithm 225 used during the authentication process in the second terminal 2 can be highly confidential. Thereby, the duplication of the authentication algorithms 135 and 235 and the encryption key generation units 157 and 257 can be prevented, and unauthorized use can be prevented.

In the first terminal 1, the encryption key generation unit 157 and verification data generation software (not shown) may also be stored in the external storage medium 170. In this case, the encryption key generation unit 157 is connected to the external data generation cooperation unit 156. When the external storage medium 170 is a tamper resistant device, the encryption key generation unit 157 and the verification data generation software used during the authentication process in the first terminal 1 can be highly confidentialized. Similarly, in the second terminal 2, the encryption key generation unit 257 and verification data generation software (not shown) may also be stored in the external storage medium 270. In this case, the encryption key generation unit 257 is connected to the external data generation cooperation unit 256. When the external storage medium 270 is a tamper resistant device, the encryption key generation unit 257 and the verification data generation software used during the authentication process in the second terminal 2 can be highly confidentialized. As a result, the encryption key generation units 157 and 257 and the verification data generation software can be prevented from being duplicated and unauthorized use can be prevented.
[Example 4]
Example 4 will be described. FIG. 14 is a functional block diagram of the biometric authentication system according to the fourth embodiment. FIG. 15 shows an authentication processing flowchart of the biometric authentication system in the fourth embodiment. The fourth embodiment realizes authentication processing without inputting a user ID, as compared with the first embodiment. In the fourth embodiment, it is not necessary to input a user ID at the first terminal 1. In addition, since the biometric information once input is held until a certain period elapses or the first terminal 1 stops moving, whichever comes first, the biometric information is stored in the terminal 1 until then. There is no need to enter.

  Referring to FIG. 14, the first terminal 1 includes an information input unit 121, a registration data generation unit 122, a registration data transmission unit 123, a verification data generation unit 124, a verification data transmission unit 125, a communication control unit 126, a registration. In addition to the unit 127, the registration data storage unit 128, the authentication processing unit 131, and the verification data generation unit 141, an identifier determination unit 146, an identifier transmission unit 147, a verification data operation unit 161, a verification data deletion unit 162, a terminal-mounted device A detection unit 163 and a collation data storage unit 164 are included. The difference from the first embodiment is that an identifier determination unit 146, an identifier transmission unit 147, a collation data operation unit 161, a collation data deletion unit 162, a terminal-mounted device detection unit 163, and a collation data storage unit 164 are included.

  The second terminal 2 includes a verification unit 220, a registration data reception unit 223, a collation data reception unit 225, a communication control unit 226, a registration unit 227, a registration data storage unit 228, an authentication processing unit 231, a verification data generation unit 241, An identifier receiving unit 247 is included. The difference from the first embodiment is that an identifier receiving unit 247 is included.

  The registration process of the biometric authentication system is the same as that in the first embodiment. However, it is assumed that registration data is registered in advance in the registration data storage unit 128 for a plurality of users corresponding to user IDs. The user ID has a one-to-one correspondence with an identifier described later, and the other can be specified from either one.

  With reference to FIG. 15, the authentication process of the biometric authentication system in Example 4 is demonstrated. FIG. 15 shows an authentication processing flowchart of the biometric authentication system in the fourth embodiment.

  First, biometric information is input by the information input unit 121 of the first terminal 1 (step S501). The biometric information is a fingerprint, a palm vein, or the like. When the biological information is a fingerprint, the fingerprint information is input by the fingerprint sensor 111 (see FIG. 2), and when the biological information is a palm vein, the biological information is input by the palm vein sensor 112 (see FIG. 2).

  Next, the collation data generation part 124 produces | generates collation data by extracting characteristic information from the biometric information input above (step S502). Next, all the registration data in the registration data storage unit 128 of the first terminal 1 are collated with the collation data (step S503).

  Next, the verification data is verified in the authentication processing unit 131 with the registration data stored in the registration data storage unit 128 of the first terminal 1. In the authentication processing unit 131, the collation data is collated with the registration data according to the authentication algorithm 135, and if the collation data matches the registration data within a predetermined range (the collation score 136 is a predetermined value or more), the collation is successful (YES). If not, it is determined that the verification has failed (NO) (step S504). In the case of collation failure, the authentication failure is notified to the user by the display 107 or the like (step S514).

  If the collation is successful in step S504 (YES), the verification data generation unit 141 generates the verification data A from the collation score 136 obtained as a result of the collation data being collated with the registered data. At this time, the verification data A is generated by associating the user ID related to the authentication success with the verification data A (step S505). The collation data operation unit 161, the identifier determination unit 146, and the authentication processing unit 131 cooperate to associate the collation data, the verification data, the user ID corresponding to the registration data that has been successfully authenticated, and the recognition time information. The collation data operation unit 161 stores the associated collation data and the recognition time information in the collation data storage unit 164 (step S506). The collation data transmission unit 125 and the identifier transmission unit 147 transmit the collation data, the verification data A, the user ID, and the recognition time information associated with each other to the second terminal 2 (step S507). The second terminal 2 receives the collation data transmitted from the first terminal 1, the verification data A, the user ID, and the recognition time information at the collation data receiving unit 225 via the communication control unit 226.

  Next, the collation data associated with the user ID as described above is collated with the registration data stored in the registration data storage unit 228 of the second terminal 2 in the authentication processing unit 231. In the authentication processing unit 231, the collation data is collated with the registration data corresponding to the user ID in accordance with the authentication algorithm 235, and the collation is successful if the collation data matches the registration data within a predetermined range (the collation score 236 is equal to or greater than a predetermined value). YES), otherwise, the collation failure (NO) is determined (step S508).

When the collation is successful in step S508 (YES), the verification unit 120 generates verification data B from the collation score 236 obtained as a result of collation of the collation data with the registered data (step S509). The verification unit 120 compares whether the verification data A received by the verification data reception unit 225 matches the verification data B generated as described above (step S510). If they match (YES), the first terminal 1 is notified of successful authentication (step S511). Further, the second terminal 2 notifies the user of successful authentication through the display 207 or the like (step S512). On the other hand, if they do not match (NO), the first terminal 1 is notified of the authentication failure (step S513), and the second terminal 2 notifies the user of the authentication failure via the display 207 or the like (step S514). . In this way, the biometric information authentication ends.
<Re-authentication process>
Next, re-authentication processing of the biometric authentication system in the fourth embodiment will be described. FIG. 16 shows a re-authentication process flowchart of the biometric authentication system according to the fourth embodiment. The re-authentication process compares the time indicated by the time information corresponding to the collation data in the first terminal 1 with the current time, and discards the collation data if the time difference is larger than a preset value, The verification data is transmitted and authenticated again.

  Referring to FIG. 16, first terminal 1 acquires the time indicated by the time information corresponding to the collation data stored in collation data storage unit 164 and the current time (step S601). Next, the collation data operation unit 161 determines whether the time difference is within a predetermined time (step S602).

  If the time difference is not within the predetermined value (NO), the collation data deletion unit 162 discards the stored data (step S602). In that case, the authentication process is performed in the above-described procedure of FIG.

  If the time difference is within a predetermined value (YES), the verification data transmission unit 125 transmits the verification data stored in the verification data storage unit 164 to the second terminal 2 (step S603). The second terminal 2 receives the collation data.

  Next, the verification data is verified in the authentication processing unit 231 with the registration data stored in the registration data storage unit 228 of the second terminal 2. In the authentication processing unit 231, the collation data is collated with the registration data in accordance with the authentication algorithm 235. If not, collation failure (NO) is determined (step S604).

  If the collation fails in step S604 (NO), the first terminal 1 is notified of the authentication failure (step S609), and the second terminal 2 notifies the user of the authentication failure via the display 207 or the like ( Step S610).

  If collation is successful in step S604 (YES), the verification unit 120 generates verification data C from the collation score 236 obtained as a result of collation data being collated with registered data (step S605). The verification unit 120 compares whether the verification data A received by the verification data reception unit 225 matches the verification data C generated as described above (step S606).

  If the verification data A and the verification data C match (YES), the first terminal 1 is notified of successful authentication (step S607). The second terminal 2 notifies the user of the success of authentication through the display 207 or the like (step S608). On the other hand, if they do not match (NO), the first terminal 1 is notified of an authentication failure (step S609), and the second terminal 2 notifies the user of the authentication failure via the display 207 or the like (step S610). . In this way, the biometric information re-authentication process ends.

  As described above, the authentication process in the first terminal 1 uses the identifier of the identifier determination unit 146 and the second terminal 2 instead of specifying the biometric information input from the biometric sensor 110 using the user ID. An identifier transmitting unit 147 for transmitting, and an identifier receiving unit 247 in the second terminal 2 are further included. By configuring in this way, even if the user omits the input of ID at the first terminal 1, the second terminal 2 can receive the identifier of the collation data from the first terminal 1. Thus, the burden on the user can be reduced by the amount that the input of the ID is omitted.

  When the authentication process is performed on the first terminal 1, one-to-N authentication (ID-less authentication) is performed by comparing all registration data stored in the first terminal 1 with the verification data in step S503. Running. By transmitting the identifier obtained as a result to the second terminal 2, the second terminal 2 performs one-to-one authentication. By doing so, the user can be authenticated without inputting the user ID. At the same time, since the one-to-one authentication is performed in the second terminal 2, even if registration data of a large number of users is stored in the second terminal 2, the user ID can be easily identified by the identifier, so that the authentication process You can save time.

  Further, as described above, the collation data storage unit 164 that stores the collation data for a predetermined period (between the time indicated by the time information corresponding to the collation data and the current time), and the collation data deletion for deleting the collation data after the predetermined period Part 162.

  By comprising in this way, it can authenticate with the 2nd terminal 2, without inputting biometric information only for a fixed period from the input of previous biometric information.

For example, when there is a third terminal in addition to the second terminal 2 as a plurality of terminals that do not include a biosensor, the verification of the first terminal 1 before transmitting the verification data to the second terminal 2 The data storage unit 164 stores the verification data, and transmits the stored verification data from the first terminal 1 to the third terminal automatically or manually. By doing so, authentication processing can be performed between the first terminal 1 and the third terminal without inputting biometric information for a predetermined period. After the elapse of the predetermined period, the verification data deletion unit 162 deletes the verification data stored in the verification data storage unit 164 of the first terminal 1. By doing so, convenience when using a plurality of terminals that do not include a biometric sensor together with the first terminal 1 is improved.
<Discard verification data>
In addition to the re-authentication procedure described above, when it is detected that the first terminal 1, which is a portable electronic device or the like, is placed on a desk, for example, the verification held by the first terminal 1 Discard the data. For this reason, you may include the terminal mounting detection part which detects that the 1st terminal 1 was set | placed. The terminal placement detection unit uses, for example, an acceleration sensor. If it is a three-axis acceleration sensor, it is determined that the first terminal 1 is placed if the value of each axis is within a predetermined range (for example, ± 2 degrees) within a preset time (for example, 30 seconds). can do. When measuring the acceleration every 5 seconds, it may be determined that the first terminal 1 is placed when the measurement values for six times are within a predetermined range. When it is detected that the data is placed, the verification data held in the first terminal 1 is discarded. Even before the predetermined period has elapsed, when it is detected that the data has been placed, the verification data held in the first terminal 1 is discarded.

By configuring in this way, authentication can be performed by the second terminal 2 or the third terminal without inputting biometric information until the first terminal 1 is placed or during a predetermined period. Moreover, the confidentiality in the case of using a portable terminal that can be carried as the first terminal 1 that performs the authentication process together with the second terminal 2 or the third terminal is improved. Further, when using a dedicated authentication device that can be carried as the first terminal 1, the confidentiality is also improved.
[Other Examples]
Further, as another embodiment, there is the following configuration.

  An information input unit adding unit for newly adding the information input unit 121, an authentication processing adding unit for newly adding the authentication processing unit 131, an authentication processing transmitting unit for transmitting authentication processing, and an authentication for receiving authentication processing A processing reception unit is provided, and a new type of biometric authentication is added to the first terminal 1 during system maintenance, and an authentication algorithm 235 can be added to the second terminal 2.

  With this configuration, a new type of biometric authentication can be added to the biometric authentication system to improve the accuracy of the user's authenticity and enhance security.

  A verification value at the second terminal 2 is provided when the biometric authentication system is implemented, and includes a predetermined value changing unit that changes a predetermined value when determining whether the verification score 236 is equal to or greater than a predetermined value in the authentication process at the second terminal 2. The predetermined value of 236 can be changed. In this way, the quality level of biometric information required for personal authentication can be controlled for each terminal. For example, when the second terminal 2 is used for entrance / exit management of an important facility, high-quality biological information can be requested.

  With this configuration, it is possible to change a predetermined value that determines the success or failure of authentication in accordance with the nature of the terminal and the environment in which it is placed.

  Also, a registration data transmission unit 123 that transmits registration data necessary for performing registration processing in the first terminal 1 to the server, and registration data that receives registration data necessary for performing authentication processing from the server. And at least a second terminal 2 and a third terminal (a plurality of terminals that do not include a biometric sensor). When the registration data of the first terminal 1 is updated, the registration data on the server side only needs to be updated, and it is possible to improve maintainability particularly when using a plurality of terminals that do not include a biosensor.

  With this configuration, it is possible to improve the maintainability by sharing the storage source of registration data of a plurality of terminals that do not include one or more biometric sensors connected to the network.

  The second terminal 2 includes a terminal information acquisition unit that acquires terminal information, a terminal information transmission unit that transmits the terminal information, a system activation unit that enables all functions on the own terminal, and the system A system activation information receiving unit that receives information for activation is provided. The first terminal 1 includes a terminal information receiving unit that receives terminal information of the second terminal 2 and a system activation information transmitting unit that transmits system activation information. When using the second terminal 2 for the first time, if the first terminal 1 connects to the second terminal 2, the second terminal 2 transmits its own terminal information to the first terminal 1, and the first terminal 1 When it is determined that the second terminal 2 is a usable terminal, the system activation information is transmitted and the second terminal 2 becomes usable.

  With this configuration, for example, the system operation manager can set the use start time of the second terminal 2 when managing the activation information.

It has a terminal position detection unit that detects that the terminal has moved to the first terminal 1 and can detect the position thereof, and holds the position of the first terminal 1 when biometric information is input at the first terminal 1 In addition, the collation data held in the first terminal 1 is deleted when the movement of the preset distance from the position is detected even before the lapse of a fixed period of the above configuration. . The position of the first terminal may be detected by using a Global Positioning System (GPS) or the like as a generally known technique.
By doing so, the safety when using a portable mobile terminal or a dedicated authentication device as the first terminal 1 for authenticating a plurality of terminals not including a biometric sensor is improved. Further, it is possible to authenticate with a plurality of terminals that do not include a biometric sensor until a user having the first terminal 1 moves to a certain extent or without inputting biometric information for a certain period.

  In addition, the first terminal 1 includes a terminal connection network detection unit that detects that the first terminal 1 has moved from the network environment to which the first terminal is connected, and the first terminal when biometric information is input from the first terminal 1 1 is held at the first terminal 1 when a change from the saved network information is detected even before a predetermined period of time elapses. Delete the matching data. As the network information, for example, if the terminal is connected to a wireless LAN, the IP address information of the terminal may be used. By doing so, the safety when using a portable mobile terminal or a dedicated authentication device as the first terminal 1 for authenticating a terminal that does not include a plurality of biometric sensors is improved.

  By comprising in this way, it authenticates with the several terminal which does not contain a biometric sensor until the user with the 1st terminal 1 moves from a specific network environment, or does not input biometric information in a predetermined period. be able to.

  Although the embodiment has been described in detail above, the present invention is not limited to this embodiment, and various modifications and changes other than the above embodiment can be made within the scope described in the claims.

Further, the following supplementary notes are disclosed with respect to the above embodiments.
(Appendix 1)
A first authentication processing unit that obtains a first similarity by collating pre-registered registration data and collation data generated from input biometric information;
A first data generation unit that generates first data based on the first similarity, and a first terminal,
A second authentication processing unit that obtains a second similarity by collating the registered data registered in advance with the collation data acquired from the first terminal;
A second data generation unit that generates second data based on the second similarity, and a second terminal,
A biometric authentication system, wherein authentication is successful when the first data and the second data acquired from the first terminal match.
(Appendix 2)
In the biometric authentication system of appendix 1,
The second terminal further has a verification unit,
The first data generation unit generates first verification data as the first data and transmits the first verification data to the verification unit.
The second data generation unit generates second verification data as the second data and transmits the second verification data to the verification unit,
The verification unit is a biometric authentication system in which authentication succeeds when the first data and the second data match when the first verification data and the second verification data match.
(Appendix 3)
In the biometric authentication system of appendix 1,
The first terminal further includes a first communication control unit,
The second terminal further includes a second communication control unit connected to the first communication control unit via a communication path,
The first data generation unit generates a first encryption key as the first data,
The second data generation unit generates a second encryption key as the second data,
The content of communication between the first communication control unit and the second communication control unit is encrypted and decrypted using the first encryption key and the second encryption key,
A biometric authentication system in which authentication is successful when the first data and the second data coincide with each other by successfully decoding the content of the communication.
(Appendix 4)
In the biometric authentication system of appendix 3,
The first terminal further includes a first encryption key history holding unit that manages generations in the order in which the first encryption keys are generated, and a first terminal that specifies the first encryption key used for the communication by the generation. Having one encryption key designation part,
The second terminal further includes a second encryption key history holding unit that manages generations in the order in which the second encryption keys are generated, and a second encryption key that specifies the second encryption key used for the communication by the generation. Having two encryption key specification parts,
A biometric authentication system in which the first encryption key and the second encryption key can be used as a common key.
(Appendix 5)
In the biometric authentication system according to any one of appendices 1 to 4,
The first terminal further includes a version number information adding unit that adds version information of the first authentication software used in the first authentication processing unit to the verification data,
Matching the version information of the first authentication software with the version information of the second authentication software used in the second authentication processing unit of the second terminal at the time of authentication in the first authentication processing unit A biometric authentication system capable of detecting that the mismatch of the version information is the cause of the authentication failure by checking.
(Appendix 6)
In the biometric authentication system according to any one of appendices 1 to 5,
The first terminal further includes a registration data update notification unit for notifying the second terminal of update information indicating the update of the registration data,
The second terminal is a biometric authentication system capable of detecting that the registration data is updated.
(Appendix 7)
In the biometric authentication system according to any one of appendices 1 to 6,
The second terminal further includes a registration data update unit for updating the registration data,
The registration data update unit, when the update information is inconsistent between the first terminal and the second terminal during the authentication process by the second authentication processing unit, in the second terminal A biometric authentication system that updates registration data.
(Appendix 8)
In the biometric authentication system according to any one of appendices 1 to 7,
The first terminal uses a first terminal key generation unit that generates a first terminal key that is an encryption key from information unique to the first terminal, and at least the first terminal key using the first terminal key. A first stored data encryption unit for encrypting the registration data in one terminal,
The second terminal uses a second terminal key generation unit that generates a second terminal key that is an encryption key from information unique to the second terminal, and at least the second terminal key using the second terminal key. A biometric authentication system further comprising: a second stored data encryption unit that encrypts the registration data in one terminal.
(Appendix 9)
In the biometric authentication system according to any one of appendices 1 to 8,
The first terminal further includes a first external authentication cooperation unit capable of cooperation with a first external recording medium that stores the first authentication processing unit,
The biometric authentication system, wherein the second terminal further includes a second external authentication cooperation unit capable of cooperating with a second external recording medium that stores the second authentication processing unit.
(Appendix 10)
In the biometric authentication system of appendix 9,
The first terminal further includes a first external data generation cooperation unit that stores and cooperates with the first data generation unit in the first external recording medium,
The biometric authentication system, wherein the second terminal further includes a second external data generation cooperation unit that stores and cooperates with the second data generation unit in the second external recording medium.
(Appendix 11)
In the biometric authentication system according to any one of appendices 1 to 10,
The first terminal is
A biometric information input unit adding unit for further adding the biometric information input unit;
An authentication processing addition unit for newly adding the authentication processing unit;
An authentication process transmitter for transmitting the result of the authentication process;
The second terminal is
The biometric authentication system which further has an authentication process receiving part which receives the result of the said authentication process.
(Appendix 12)
In the biometric authentication system according to any one of appendices 1 to 11,
The first authentication processing unit, when the first similarity between the registration data and the verification data is a first predetermined value or more, the authentication process in the first terminal is successful,
A second authentication processing unit, when the second similarity between the registration data and the verification data is equal to or greater than a second predetermined value, the authentication process in the second terminal is successful,
The biometric authentication system, wherein the second terminal further includes a predetermined value changing unit that can be changed so that the second predetermined value is different from the first predetermined value.
(Appendix 13)
In the biometric authentication system according to any one of appendices 1 to 12,
The biometric authentication system further includes a server capable of storing the registration data;
A third authentication processing unit that compares the registration data with the verification data to obtain a similarity;
A third data generation unit that generates third data used for communication based on the obtained similarity;
A network connecting the server, the first terminal, the second terminal, and the third terminal;
The biometric authentication system in which the second terminal and the third terminal can use the registration data stored in the server via a network.
(Appendix 14)
In the biometric authentication system according to any one of appendices 1 to 13,
The second terminal is
A terminal information acquisition unit for acquiring terminal information of the second terminal;
A terminal information transmitter for transmitting terminal information of the second terminal;
A system activation part that makes all functions of the second terminal available;
A system activation information receiving unit for receiving system activation information for performing the system activation, and
The first terminal is
A terminal information receiving unit for receiving the terminal information;
A system activation information transmission unit for transmitting the system activation information,
When connecting from the first terminal to the second terminal, the second terminal transmits the terminal information to the first terminal and determines that the first terminal can use the second terminal. In this case, the first terminal transmits the system activation information to make the second terminal usable.
(Appendix 15)
In the biometric authentication system according to any one of appendices 1 to 14, the registration data is a plurality of registration data each corresponding to a user ID, each corresponding to a user ID uniquely,
The first authentication processing unit
An identifier determination unit that obtains a similarity between the plurality of registration data and the collation data, and determines a user ID corresponding to the registration data as an identifier when the similarity is a predetermined value or more;
An identifier transmitter for transmitting the identifier to a second terminal,
The biometric authentication system, wherein the second terminal includes an identifier receiving unit that receives the identifier.
(Appendix 16)
In the biometric authentication system according to any one of appendices 1 to 15, the first terminal is
A verification data storage unit for storing the verification data for a predetermined period;
A biometric authentication system further comprising: a verification data deletion unit that deletes the verification data after the predetermined period has elapsed.
(Appendix 17)
In the biometric authentication system of appendix 16,
The first terminal further includes a terminal placement detection unit that detects that the first terminal is placed;
The biometric authentication system, wherein the first terminal deletes the verification data when the first terminal is placed even before the predetermined period has elapsed.
(Appendix 18)
In the biometric authentication system of appendix 16,
The first terminal further includes a terminal position detection unit that detects that the first terminal has moved,
The biometric authentication system, wherein the first terminal deletes the verification data when the first terminal moves even before the predetermined period has elapsed.
(Appendix 19)
The first terminal
A first authentication processing step for collating preregistered registration data and collation data generated from input biometric information to obtain a first similarity;
Performing a first data generation step of generating first data based on the first similarity,
The second terminal
A second authentication processing step of collating the registered data registered in advance with the collation data acquired from the first terminal to obtain a second similarity between the registration data and the collation data; ,
Performing a second data generation step of generating second data based on the second similarity,
A biometric authentication method including an authentication step in which authentication is successful when the first data acquired from the first terminal matches the second data.
(Appendix 20)
On the first computer,
A first authentication processing step for collating preregistered registration data and collation data generated from input biometric information to obtain a first similarity;
A first data generation step of generating first data based on the first similarity,
On the second computer,
A second authentication processing step for obtaining a second similarity by collating the registered data registered in advance with the collation data acquired from the first terminal;
A second data generation step of generating second data based on the second similarity,
A biometric authentication program that executes an authentication step in which authentication is successful when the first data acquired from the first terminal matches the second data.

DESCRIPTION OF SYMBOLS 1 1st terminal 2 2nd terminal 5 Communication path 101 CPU
102 ROM
103 RAM
DESCRIPTION OF SYMBOLS 104 Memory | storage device 105 Communication interface 106 Power supply 107 Display 108 Keyboard 110 Biosensor 111 Fingerprint sensor 112 Palm vein sensor 201 CPU
202 ROM
203 RAM
204 Storage Device 205 Communication Interface 206 Power Supply 207 Display 208 Keyboard 121 Information Input Unit 122 Registration Data Generation Unit 123 Registration Data Transmission Unit 124 Verification Data Generation Unit 125 Verification Data Transmission Unit 126 Communication Control Unit 127 Registration Unit 128 Registration Data Storage Unit 129 User ID input unit 131 Authentication processing unit 135 Authentication algorithm 136 Verification score 141 Verification data generation unit 142 Version information addition unit 143 Registration data update notification unit 146 Identifier determination unit 147 Identifier transmission unit 151 Terminal key generation unit 152 Stored data encryption unit 153 External authentication linkage unit 154 Encryption key designation unit 155 Encryption key history holding unit 156 External data generation linkage unit 157 Encryption key generation unit 161 Verification data operation unit 162 Verification data deletion unit 163 Terminal device detection Unit 164 verification data storage unit 170 external storage medium 220 verification unit 223 registration data reception unit 225 verification data reception unit 226 communication control unit 227 registration unit 228 registration data storage unit 231 authentication processing unit 235 authentication algorithm 236 verification score generation unit 241 verification data generation unit 247 Identifier reception unit 251 Terminal key generation unit 252 Stored data encryption unit 253 External authentication cooperation unit 254 Encryption key designation unit 255 Encryption key history storage unit 256 External data generation cooperation unit 257 Encryption key generation unit 270 External storage medium

Claims (10)

A first authentication processing unit that obtains a first similarity by collating pre-registered registration data and collation data generated from input biometric information;
A first data generation unit that generates first data based on the first similarity, and a first terminal,
A second authentication processing unit that obtains a second similarity by collating the registered data registered in advance with the collation data acquired from the first terminal;
A second data generation unit that generates second data based on the second similarity, and a second terminal,
Authentication succeeds when the first data and the second data acquired from the first terminal match,
A biometric authentication system characterized by that. The second terminal further has a verification unit,
The first data generation unit generates first verification data as the first data and transmits the first verification data to the verification unit.
The second data generation unit generates second verification data as the second data and transmits the second verification data to the verification unit,
2. The biometric authentication system according to claim 1, wherein when the first verification data and the second verification data match, the verification unit succeeds in authentication as the first data matches the second data. . The first terminal further includes a first communication control unit,
The second terminal further includes a second communication control unit connected to the first communication control unit via a communication path,
The first data generation unit generates a first encryption key as the first data,
The second data generation unit generates a second encryption key as the second data,
The content of communication between the first communication control unit and the second communication control unit is encrypted and decrypted using the first encryption key and the second encryption key,
The biometric authentication system according to claim 1, wherein the authentication is successful if the first data and the second data coincide with each other by successfully decoding the communication content. The first terminal further includes a first encryption key history holding unit that manages generations in the order in which the first encryption keys are generated, and a first terminal that specifies the first encryption key used for the communication by the generation. Having one encryption key designation part,
The second terminal further includes a second encryption key history holding unit that manages generations in the order in which the second encryption keys are generated, and a second encryption key that specifies the second encryption key used for the communication by the generation. Having two encryption key specification parts,
The biometric authentication system according to claim 3, wherein the first encryption key and the second encryption key can be used as a common key. The first terminal further includes a version number information adding unit that adds version information of the first authentication software used in the first authentication processing unit to the verification data,
Matching the version information of the first authentication software with the version information of the second authentication software used in the second authentication processing unit of the second terminal at the time of authentication in the first authentication processing unit The biometric authentication system according to any one of claims 1 to 4, wherein it is possible to detect that the mismatch of the version number information is a cause of authentication failure by checking. The first terminal further includes a registration data update notification unit for notifying the second terminal of update information indicating the update of the registration data,
The biometric authentication system according to any one of claims 1 to 5, wherein the second terminal can detect that the registration data is updated. The first terminal further includes a first external authentication cooperation unit capable of cooperation with a first external recording medium that stores the first authentication processing unit,
The said 2nd terminal further has a 2nd external authentication cooperation part which can be cooperated with the 2nd external recording medium which stores said 2nd authentication process part. Biometric authentication system. The first terminal further includes a first external data generation cooperation unit that stores and cooperates with the first data generation unit in the first external recording medium,
The living body according to any one of claims 1 to 7, wherein the second terminal further includes a second external data generation cooperation unit that stores and cooperates with the second data generation unit in the second external recording medium. Authentication system. The first terminal
A first authentication processing step for collating preregistered registration data and collation data generated from input biometric information to obtain a first similarity;
Performing a first data generation step of generating first data based on the first similarity,
The second terminal
A second authentication processing step for collating the registration data registered in advance with the collation data acquired from the first terminal to obtain a second similarity between the registration data and the collation data; ,
Performing a second data generation step of generating second data based on the second similarity,
A biometric authentication method including an authentication step in which authentication is successful when the first data acquired from the first terminal matches the second data. On the first computer,
A first authentication processing step for collating preregistered registration data and collation data generated from input biometric information to obtain a first similarity;
A first data generation step of generating first data based on the first similarity,
On the second computer,
A second authentication processing step for obtaining a second similarity by collating the registered data registered in advance with the collation data acquired from the first terminal;
A second data generation step of generating second data based on the second similarity,
A biometric authentication program that executes an authentication step in which authentication is successful when the first data acquired from the first terminal matches the second data.

Images