JP2015055989A - Personal authentication method - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a personal authentication method for allowing a person who has no authentication card to be authenticated, namely empty-handed authentication.SOLUTION: An image stored by a person who is an authentication target uniquely is registered as original information in advance, and an image which is not stored by the person uniquely is displayed as no-original information with the original information. When the person selects and inputs only the original information on a display screen there are the original information and no-original information, the person is authenticated as original with a condition that only the original information is selected and inputted. On the display screen there are the original information and no-original information, the plural images forming the screen are moved in the screen for constant time, and only when the images are moving, the image can be selected and inputted.

Description

  The present invention relates to a personal authentication method using an image uniquely stored by the person.

  As a personal authentication method, password authentication combining characters such as numerals and alphabets, and biometrics authentication for identifying a fingerprint, an iris, or a person's face are generally used.

  Password authentication is regarded as “reproduction” in cognitive psychology, and the amount of information that one person can reproduce is limited. For this reason, most combinations of numbers and alphabets of 4 to 8 digits and alphabets are used, and in many cases, your password is left as a memo so that you can't forget it. This memo is often lost or stolen. There are security problems.

  On the other hand, in the case of biometric authentication, the problem of password authentication is solved, but there is a problem of misrecognition. That is, when the registered fingerprint or iris is compared with the person's fingerprint or iris, if a high degree of accuracy is required, the person will be judged as someone else, but the accuracy will be low. If it is enough, even if you are not the person, you will be authenticated.

  In order to compensate for the disadvantages of both, Non-Patent Document 1 proposes to use an image instead of numbers and letters. In cognitive psychology, images are “recognition” rather than “reproduction”, and humans can instantly select specific images from a lot of similar information.

  Patent Document 1 is a further development of the above-described features. In Patent Document 1, a specific image stored by the person as an image is mixed with an image unrelated to the person's memory, and displayed. The user authentication is performed by selecting a specific image stored by the user from the plurality of mixed images.

Japanese Patent No. 4706817

USABILITY AND USER AUTHENTICATION: PICTORIAL PASSWORDS VS.PIN / Antonelia De Angeli, Lynne Coventry, Graham Johnson & Mike Coutts

  By using the above-mentioned unique image stored only by the person as an element of personal authentication, it is possible to perform safe authentication without forgetting the person, compared to password authentication, and the problem of biometric authentication The difficulty of setting the threshold, which is a point, is also eliminated.

  However, in Patent Document 1, it is necessary to use a recording medium that records connection information given to the person, and so-called “hand-held” ATM cannot be used.

  In addition, even if the identity information stored only by the principal and the non-identity information not related to the identity of the principal are mixed and displayed, the position where the identity information is always displayed on the display panel is the same. By looking at the movement of the finger from the side or analyzing the image, it is possible to know where the touch panel is touched. In particular, since there is no card when performing “hand-blanked” authentication, if the person's name and the position touched by the finger are known, impersonation can be easily performed.

  In order to solve the above-mentioned problems, the present invention registers in advance an image that is uniquely stored by the person who is the object of authentication as the person information, and uses the person information that is not stored by the person as non-person information. A personal authentication method for authenticating the person on the condition that only the personal information is selected and input from a display screen in which the personal information and the non-personal information are mixed, the personal information and the non-personal information. A plurality of images constituting the screen are moved on the display screen for a certain period of time on the display screen where the images are mixed, and the images can be selected and input only during the time when the images are moving.

  The moving speed of the image does not need to be increased. If the image is moving, even if it is viewed from the side or analyzed, it is impossible to determine which image is the identity information unless the positions of the image and the finger are known at the same time.

  The mode of movement may be regular or random. The time during which the image is moving is defined as the input time. Even if the moving time is short, the image is not “reproduced” but “recognized”, so that the person can be instantly distinguished from other images, and it does not take time to select and touch the person information. Therefore, by shortening this moving time, it becomes practically impossible to input other than the person himself / herself.

Further, as a premise that the authentication side displays a screen in which the personal information and the non-personal information are mixed, the condition is that the authentication side has access to the authentication side. In this case, there may be a user with the same surname and the same name.
Therefore, it is preferable to require entry of information unique to the principal in addition to the name of the principal at the time of access. As information unique to the person, the date of birth or nickname may be considered.
Also, even if it is an executable environment to enter a nickname in addition to the name, it feels troublesome for the user, it is difficult to execute depending on the operational environment such as there are other people nearby or a long queue behind Or it may be inappropriate.
Therefore, when the user requests the authentication device to specify the user by typing or reading out his / her name, the authentication device uses a single image (user) registered in advance by the user for the purpose of specifying the user. (Confirmation image) is displayed, and when the user confirms that the image is a registered image, the user selects the image by tapping and clicking. Then, the authentication device displays a user authentication screen unique to the user and requests a user authentication operation on the screen.
When there are a plurality of users having the same name and the same name, a plurality of user confirmation images may be displayed, and the user may visually check and tap / click an image registered by the user.

  According to the personal authentication method of the present invention, the problems of password authentication and biometrics authentication can be solved at the same time, and the security in so-called “hand-held” authentication without a card can be ensured. The characteristics are greatly improved.

Schematic configuration diagram of a system for implementing a personal authentication method according to the present invention The figure which shows an example of the flowchart of the personal authentication method which concerns on this invention The figure which shows the state before operation of the input screen for personal authentication The figure which shows the state during operation of the input screen for personal authentication

The best mode for carrying out the present invention will be described below with reference to the drawings. An example of a system for carrying out the personal authentication method according to the present invention is composed of a terminal 1 such as an ATM and an authentication unit 2 such as a bank server. The terminal 1 is provided with a display unit 3 that can be input.

An example in which a user withdraws cash, for example, from an ATM using the personal authentication method according to the present invention will be described below with reference to FIGS.
First, the user's name and date of birth are input from the display unit 3 that can be input. By entering the date of birth, the problem of registrants with the same family name will be almost eliminated, but a nickname or the like may be entered to make sure.

Upon receiving the name and date of birth information transmitted from the terminal 1, the authentication unit 2 determines whether the name and date of birth are stored in the memory. If the name and date of birth are not stored, the operation ends. .

When the name and date of birth are stored in the memory, the personal information and non-personal information registered in advance of the corresponding registrant are transmitted to the terminal 1.
Here, the identity information is an image related to a unique memory that is part of the registrant's life, and the non-identity information is an image that is not in the registrant's memory.

In the embodiment, one's own pet image (photo), parent's image, one's child's image, and an image of the scenery around the home are selected one by one as the personal information. Then, three images of pets, persons, children, and scenery that are not stored in the person's memory are mixed as non-person information, transmitted to the terminal 1 together with the person information, and displayed on the display unit 3 that can be input.

FIG. 2 shows an example of display on the display unit 3. In this example, four pet images 4 are displayed in the first column, four human face images 5 are displayed in the second column, and children are displayed in the third column. 4 images 6 are displayed, and 4 landscape images 7 are shown in the fourth column. In addition, although the number is attached to the upper right of each image, it is for making the explanation easy to understand, and the number is not actually required.

Here, the cat 4a of No. 3, the face 5a of No. 6, the child 6a of No. 12, and the scenery 7a of No. 13 are their own cat, parent's face, daughter's face, and scenery near the home, respectively. Is the personal information that is uniquely stored.
In the example shown in the figure, the first default display arrangement is the pet image in the first column, the face image in the second column, the child image in the third column, and the landscape image in the fourth column. You may arrange at random from a screen.

Next, once the first default display arrangement is displayed, each image 4-7 immediately starts random or regular movement. Then, input for authentication is performed until this movement stops. For example, when the time during which each image is moving is set to 5 seconds, the operation ends unless all the personal information is selected and input during this 5 seconds. Here, selecting and inputting four images in 5 seconds is easy for the person who has memorized them, so there will be no shortage of time. It is preferable to make it adjustable.

As can be seen from the comparison between FIG. 3 and FIG. 4, in the embodiment, the 12 images on the outside are moved clockwise and the 4 images on the inside are moved counterclockwise, but this is not limitative. Moreover, the number of images is also arbitrary. Furthermore, the color of the image may be changed according to the movement or according to the position.

The authentication unit 2 determines whether the information input within the predetermined time by the above operation matches the registered information, specifically, whether all the selected and input images are personal information.

If at least one input image is non-personal information, the operation ends. If all the information is personal information, it becomes accessible and the process proceeds to a normal cash withdrawal or deposit operation.

In the above embodiment, if the user's name and date of birth are entered, the authentication unit sends an image that contains both personal information and non-personal information to the terminal and displays it on the display unit of the terminal. However, if only the first name is used as an input condition, and there are multiple names with the same name, the image containing one person's personal information of all of the same information with the same name will be sent to the terminal and sent. The person selects one image stored only by himself / herself from a plurality of images and transmits it to the authentication unit 2, and in response to this, the authentication unit 2 determines the person from the specific person information, and the person Data obtained by mixing all the personal information and non-personal information may be transmitted to the terminal 1.

  The personal authentication method according to the present invention is not limited to cash withdrawals or deposits at ATMs, but can be replaced with all of the conventional password authentication and biometrics authentication such as entering and exiting buildings and rooms, and starting up computers. it can.

DESCRIPTION OF SYMBOLS 1 ... Terminal, 2 ... Authentication part, 3 ... Display part, 4, 5, 6, 7 ... Image, 4a, 5a, 6a, 7a ... Identity information.

Claims (2)

  Images that are uniquely stored by the person who is the subject of authentication are registered in advance as person information, and images that are not uniquely stored by the person are displayed together with the person information as non-person information. A personal authentication method for authenticating a person on the condition that only the personal information is selected and input from a display screen in which information is mixed, and the display screen includes a mixture of the personal information and non-personal information for a certain period of time. A personal authentication method characterized in that a plurality of images constituting the screen are moved within the screen, and the images can be selected and input only during the time during which the images are moving.   2. The personal authentication method according to claim 1, wherein, as a condition for displaying a screen on which the personal information and non-personal information are mixed on the authentication side, information unique to the principal is entered in addition to the name of the principal. A personal authentication method characterized in that registration information on the authentication side matches.