JP2018018324A - IC card and portable electronic device - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide an IC card and a portable electronic device that can implement personal authentication with high security.SOLUTION: According to an embodiment, an IC card includes a communication unit, a storage unit, and a control unit. The communication unit communicates with an external device. The storage unit stores plural pieces of biometric authentication data on registrants corresponding to plural types of biometric authentication systems. When a command to request authentication is received from the external device, the control unit randomly selects at least one biometric authentication system from the plural types of biometric authentication systems, and carries out biometric authentication by using the selected biometric authentication system.SELECTED DRAWING: Figure 1

Description

  Embodiments described herein relate generally to an IC card and a portable electronic device.

There are various types of biometric authentication, such as fingerprints, veins, irises, voiceprints, faces, and handwriting. Some IC cards hold biometric authentication data of any type and perform personal authentication by biometric authentication. For example, some ATMs that perform financial transactions using an IC card such as a cash card perform vein authentication. However, biometric authentication based on specific biometric information has the following risks.
(1) Authentication by a specific biometric authentication method may be disabled due to temporary injury or the like.
(2) There are cases in which biometric authentication is successful with replicated data even if the person is not present due to various replication techniques.
(3) Authentication may be made regardless of the intention of the person due to threats, and the person may be harmed.
(4) Biometric information is information unique to each individual and cannot be changed. For this reason, there is a high risk that biometric information that has been successfully authenticated even once will be illegally used again.
There is a demand for an IC card that can realize biometric authentication with high security by reducing the risk as described above.

JP 2010-117971 A

  In order to solve the above problems, the present invention provides an IC card and a portable electronic device capable of realizing personal authentication with high security.

  According to the embodiment, the IC card includes a communication unit, a storage unit, and a control unit. The communication unit communicates with an external device. The storage unit stores a plurality of biometric authentication data of registrants corresponding to a plurality of types of biometric authentication methods. When receiving a command requesting authentication from the external device, the control unit randomly selects at least one biometric authentication method from the plurality of types of biometric authentication methods, and executes biometric authentication using the selected biometric authentication method To do.

FIG. 1 is a diagram illustrating a first configuration example of the IC card according to the embodiment. FIG. 2 is a diagram illustrating a second configuration example of the IC card according to the embodiment. FIG. 3 is a diagram illustrating a configuration example of the IC card processing system according to the embodiment. FIG. 4 is a diagram illustrating an example of data stored in the nonvolatile memory of the IC card according to the embodiment. FIG. 5 is a flowchart for explaining a first transaction process including a first authentication procedure by the IC card according to the embodiment. FIG. 6 is a flowchart for explaining a first transaction process including a first authentication procedure by the IC card according to the embodiment. FIG. 7 is a flowchart for explaining first transaction processing by ATM as an external device for the IC card according to the embodiment. FIG. 8 is a flowchart for explaining first transaction processing by ATM as an external device for the IC card according to the embodiment. FIG. 9 is a sequence showing a first operation example as a processing example in the normal mode in the first transaction processing by the IC card processing system according to the embodiment. FIG. 10 is a sequence showing a second operation example as a processing example in the restriction mode in the first transaction processing by the IC card system according to the embodiment. FIG. 11 is a flowchart for explaining a second transaction process including a second authentication procedure by the IC card according to the embodiment. FIG. 12 is a flowchart for explaining a second transaction process by ATM as an external device for the IC card according to the embodiment. FIG. 13 is a sequence showing a third operation example as a processing example in the normal mode in the second transaction processing by the IC card processing system according to the embodiment. FIG. 14 is a sequence showing a fourth operation example as a processing example in the restriction mode in the second transaction processing by the IC card processing system according to the embodiment. FIG. 15 is a flowchart for explaining a third transaction process including a third authentication procedure by the IC card according to the embodiment. FIG. 16 is a flowchart for explaining a third transaction process including a third authentication procedure by the IC card according to the embodiment. FIG. 17 is a flowchart for explaining a third transaction process by ATM as an external device for the IC card according to the embodiment. FIG. 18 is a flowchart for explaining a third transaction process by ATM as an external device for the IC card according to the embodiment. FIG. 19 is a sequence showing a fifth operation example as a processing example in the emergency mode in the third transaction processing by the IC card processing system according to the embodiment.

Hereinafter, embodiments will be described with reference to the drawings.
FIG. 1 is a block diagram schematically showing a first configuration example of an IC card 1 according to the embodiment.
An IC card (portable electronic device) 1 according to the embodiment constitutes an IC card processing system together with an external device 2 as an IC card processing device. The external device 2 is a device that performs processing that requires personal authentication. As the IC card processing system, any system that performs personal authentication by biometric authentication may be used. For example, the IC card processing system is assumed to be a transaction processing system that performs financial transactions such as cash deposits and withdrawals and transfers. When the IC card processing system according to the present embodiment is applied to a transaction processing system, the IC card 1 is a portable electronic device used as a cash card or a credit card, and the external device 2 uses the IC card 1 as a card. It may be an automatic transaction apparatus (ATM) that uses and performs transactions. In addition, the processing system according to the present embodiment is applied to an entry / exit management system for managing entry / exit, a POS system for adjusting the purchase price of goods, a lock control system for opening / closing keys of cars, buildings, and the like. Anyway.

  The IC card 1 is a portable electronic device that is activated (becomes operable) by power supplied from the external device 2. The IC card 1 is also referred to as a smart card. The IC card 1 is roughly classified into a contact type IC card and a non-contact type IC card. For example, the contact type IC card 1 is activated by receiving an operation power supply and an operation clock from the external device 2 through a contact unit as a communication interface. The non-contact type IC card 1 receives a radio wave from the external device 2 via an antenna as a communication interface, a modulation / demodulation circuit, and the like, generates an operation power source and an operation clock from the radio wave, and is activated.

  As shown in FIG. 1, the IC card 1 has a main body C. The main body C is formed in a card shape from plastic or the like. The IC card 1 has a module M in the main body C. The module M is integrally formed in a state where one or a plurality of IC chips Ca and an external interface (interface) for communication are connected, and is embedded in the main body C. The module M of the IC card 1 includes a processor 11, a ROM 12, a RAM 13, a nonvolatile memory 14, a communication control unit 15, an interface 16, and the like as shown in FIG.

  The processor 11 includes a circuit that executes various processes. The processor 11 is, for example, a CPU (Central Processing Unit). The processor 11 controls the entire IC card 1. The processor 11 implements various processing functions by executing programs stored in the ROM 12 or the nonvolatile memory 14. However, some or all of various functions executed by the processor 11 to be described later may be realized by a hardware circuit.

  The ROM 12 is a non-volatile memory that functions as a program memory. The ROM 12 stores a control program and control data in advance. The ROM 12 is incorporated in the IC card 1 in a state where a control program, control data, and the like are stored at the manufacturing stage. That is, the control program and control data stored in the ROM 12 are incorporated according to the specifications of the IC card 1 in advance. For example, the ROM 12 stores a program for the processor 11 to execute processing according to a command received from the external device 2.

  The RAM 13 is a volatile memory that functions as a working memory. The RAM 13 also functions as a buffer for temporarily storing data being processed by the processor 11. For example, the RAM 13 functions as a communication buffer that temporarily stores data transmitted to and received from the external device 2 via the communication control unit 15 and the interface 16.

  The nonvolatile memory 14 is a nonvolatile memory in which data can be written and rewritten. The nonvolatile memory 14 is composed of, for example, an EEPROM (registered trademark) (Electrically Erasable Programmable Read Only Memory) or a flash ROM. The nonvolatile memory 14 is written with programs and various data according to the usage of the IC card 1. Program files or data files are defined in the nonvolatile memory 14, and control programs and various data are written in these files. For example, the nonvolatile memory 14 stores various types of authentication data, user data, application programs such as an authentication processing program, and the like. The nonvolatile memory 14 also stores data for network authentication for communicating with an external network. In addition, the non-volatile memory 14 has tamper resistance in part or all of the area, and can store data securely.

  The communication control unit 15 is connected to the interface 16. The interface 16 is an interface for communication connection to an external device. The communication control unit 15 and the interface 16 constitute a communication unit. The communication control unit 15 and the interface 16 realize a communication function by a communication method corresponding to the interface of the external device 2. Further, the communication control unit 15 and the interface 16 may be configured to support a plurality of communication methods (for example, contact communication and non-contact communication).

  When the IC card 1 is realized as a contact-type IC card, the communication control unit 15 and the interface 16 constitute a communication unit that contacts and communicates with the external device 2. In this case, the interface 16 is configured by a contact unit that is in physical and electrical contact with a contact unit provided on the card reader / writer of the external device 2, and the communication control unit 15 transmits and receives signals via the contact unit. It is composed of a circuit to be controlled.

  When the IC card 1 is realized as a non-contact type IC card, the communication control unit 15 and the interface 16 constitute a communication unit that communicates with the card reader / writer of the external device 2 in a non-contact (wireless) manner. In this case, the interface 16 is configured by an antenna that transmits and receives radio waves, and the communication control unit 15 is configured by a modulation circuit for generating radio waves to be transmitted and a demodulation circuit for generating signals from the received radio waves. The

FIG. 2 is a block diagram schematically showing a second configuration example of the IC card according to the embodiment.
An IC card (portable electronic device) 1 ′ as a second configuration example is obtained by further providing a fingerprint sensor 17 for reading a person's fingerprint on the IC card 1 of the first configuration example shown in FIG. is there. The fingerprint sensor 17 reads a fingerprint as one piece of biometric information used for one piece of biometric authentication that can be executed by the IC card, and functions as a biometric information acquisition unit that acquires biometric information.

Further, the processor 11 of the IC card 1 ′ executes a program stored in the nonvolatile memory 14, thereby acquiring a fingerprint image from an image read by the fingerprint sensor 17, acquired from an image read by the fingerprint sensor 17. It also has a function of performing fingerprint authentication using a fingerprint image.
Since the configuration other than the fingerprint sensor 17 in the IC card 1 ′ can be realized by the same configuration as the first configuration example, detailed description thereof is omitted. Further, the IC card according to the present embodiment is not limited to the one having the fingerprint sensor as shown in FIG. 2, but has a biological information acquisition unit that acquires biological information other than the fingerprint. Also good.

Next, the configuration of the external device 2 as an IC card processing device will be described.
FIG. 3 is a block diagram schematically illustrating a configuration example of the external apparatus 2 as the IC card processing apparatus according to the embodiment.
In the configuration example illustrated in FIG. 3, the external device 2 includes a control unit 21, a display unit 22, an operation unit 23, a processing unit 24, a card reader / writer 25, a camera 26, a fingerprint sensor 27, and a vein sensor 28.

  The control unit 21 performs various types of processing and control, and is configured by a personal computer (PC), for example. Connected to the control unit 21 are a display unit 22, an operation unit 23, a processing unit 24, a card reader / writer 25, a camera 26, a fingerprint sensor 27, a vein sensor 28, and the like. In the configuration example shown in FIG. 3, the control unit 21 includes a processor (CPU) 31, a ROM 32, a RAM 33, a nonvolatile memory 34, a communication unit 35, an I / F 36, an I / F 37, and the like.

  The processor 31 is, for example, a CPU. The processor 31 executes various processes by executing a program. The ROM 32 is a non-volatile memory that stores programs, control data, and the like. The RAM 33 functions as a working memory that temporarily holds data. The nonvolatile memory 34 is a rewritable nonvolatile memory. With these configurations, the control unit 21 implements various processes by causing the processor 31 to execute programs stored in the ROM 32 or the nonvolatile memory 34 using the RAM 33.

  The communication unit 35 is a communication interface for communicating with an external device. The I / F 36 is an interface for connecting the card reader / writer 25. The I / F 37 is an interface for connecting a biological information acquisition unit for acquiring various types of biological information. In the example illustrated in FIG. 3, a camera 26, a fingerprint sensor 27, and a vein sensor 28 are connected to the I / F 37.

  For example, the control unit 21 has a function of transmitting a command to the IC card 1 by the card reader / writer 25 and a function of performing various processes based on data received from the IC card 1. For example, the control unit 21 performs control to write data in the nonvolatile memory in the IC card 1 by transmitting a data write command to the IC card 1 via the card reader / writer 25. In addition, the control unit 21 performs control to read data from the IC card 1 by transmitting a read command to the IC card 1.

  The control unit 21 has a function of executing a plurality of applications. The application executed by the control unit 21 includes an application that requires authentication by the IC card 1. In addition, the control unit 21 has a function of communicating with an external device on an external network that can communicate via the communication unit 29. The control unit 21 also has a function of transmitting information acquired from the IC card 1 in response to a request from an external device (for example, authentication status information described later) by the communication unit 29.

  The display unit 22 is a display device that displays various information under the control of the control unit 21. The operation unit 23 includes a touch panel, a keyboard, a numeric keypad, a pointing device, and the like. The operation unit 23 is for an operator to input an operation instruction. For example, when the external device 2 is an ATM, the user inputs an operation instruction to an operation button or the like displayed on the display unit 22 by a touch panel as an operation unit. The processing unit 24 executes processing according to control by the control unit 21. For example, when the external device 2 is an ATM, the processing unit 24 may be a deposit / withdrawal processing unit that performs a cash deposit / withdrawal process.

  The card reader / writer 25 is an interface device for performing communication with the IC card 1. The card reader / writer 25 is configured by an interface corresponding to the communication method of the IC card 1. For example, when the IC card 1 is a contact type IC card, the card reader / writer 25 is configured by a contact portion for physically and electrically connecting to the contact portion of the IC card 1. When the IC card 1 is a non-contact type IC card, the card reader / writer 25 includes an antenna for performing wireless communication with the IC card 1 and communication control. The card reader / writer 25 performs power supply, clock supply, reset control, and data transmission / reception with respect to the IC card 1. The card reader / writer 25 performs activation (activation) of the IC card 1, transmission of various commands, reception of responses to the transmitted commands, and the like based on control by the control unit 21.

  The camera 26, the fingerprint sensor 27, and the vein sensor 28 are biometric information acquisition units for acquiring biometric information from an operator (person). The camera 26 acquires an image including biological information. For example, the camera 26 functions as a face image acquisition unit that acquires a face image of a person as one piece of biological information. The camera 26 also functions as an iris acquisition unit that acquires an iris image of a person's eyes as one piece of biological information. The fingerprint sensor 27 functions as a fingerprint acquisition unit that acquires a fingerprint image of a person's finger as one piece of biometric information. The vein sensor 28 functions as a vein pattern acquisition unit that acquires a vein pattern in the palm of a person as one piece of biological information.

  The biometric information acquisition unit included in the external device 2 is not limited to the camera 26, the fingerprint sensor 27, and the vein sensor 28, and may be any unit that acquires biometric information used for biometric authentication. For example, when performing biometric authentication using a voiceprint as one of biometric authentication, the external device 2 is provided with a microphone or the like that acquires a user's voice as a biometric information acquisition unit. In addition, as in the second configuration example illustrated in FIG. 2, when the IC card 1 ′ is assumed to have a fingerprint sensor (biological information acquisition unit), the external device 2 may not include the fingerprint sensor. .

Next, data used for biometric authentication held by the IC card 1 according to the embodiment will be described.
FIG. 4 is a diagram illustrating an example of data used for biometric authentication stored in the nonvolatile memory 14 of the IC card 1.
As shown in FIG. 4, the IC card 1 includes a control code (biometric authentication program) 41 for performing biometric authentication, and biometric authentication data (first biometric data, second biometric data) corresponding to various types of biometric authentication. Authentication data... 42 (42a, 42b,...) Is stored in the nonvolatile memory 14. Note that the control code may be stored in the ROM 12 if updating is not required.

  The control code 41 is a biometric authentication program for the processor 11 to execute biometric authentication processing using a plurality of types of biometric information. The control code 41 includes a program for performing various types of biometric authentication using various types of biometric information. Furthermore, the control code 41 includes a program for realizing a function for generating a random number, a program for selecting a biometric authentication method based on a random number, a program for returning a response according to the authentication result to the external device 2, and the like. Functions such as biometric authentication processing realized by the processor 11 executing a program as the control code 41 will be described in detail later.

  The biometric authentication data 42 (42a, 42b,...) Is collation biometric authentication data (registrant's biometric information) registered by the owner of the IC card 1, 1 ′. In the present embodiment, since it is assumed that biometric authentication using a plurality of types of biometric information can be performed, a plurality of types of biometric authentication data are registered as the biometric authentication data 42 in the nonvolatile memory 14 of the IC card 1.

  For example, if it is assumed that four types of biometric authentication can be performed as a biometric authentication method using a face image, fingerprint, iris, and vein pattern, the first biometric authentication data is a fingerprint image for verification of the owner (or fingerprint fingerprint). Feature data) is registered, a face image (or facial feature data) for the owner's verification is registered as the second biometric authentication data, and an iris pattern for the owner's verification (or as the third biometric authentication data) (Iris pattern feature data) may be registered, and the vein pattern (or vein pattern feature data) for the owner's verification may be registered as the fourth biometric authentication data.

  Moreover, even if it is one type of biometric information, a plurality of biometric authentication data may be registered for one registrant. For example, as biometric authentication data for fingerprints, fingerprint data (for example, a fingerprint image) may be registered for every ten fingers for one registrant. As iris biometric authentication data, right eye iris data and left eye iris data may be registered for one registrant. Further, as biometric authentication data of the palm vein pattern, the right hand vein pattern data and the left hand vein pattern data may be registered for one registrant. Furthermore, as the biometric authentication data of the face image, face image data in a plurality of states (meditating one eye, meditating both eyes, opening the mouth, etc.) may be registered for one registrant.

Next, an example of transaction processing using biometric authentication in the IC card 1 according to the present embodiment will be described.
In each transaction process described below, the external device 2 is assumed to be an ATM that performs financial transactions such as deposit and withdrawal and transfer using the IC card 1. Further, the IC card 1 performs biometric authentication using a plurality of biometric authentication methods in response to an authentication request from an ATM (external device) 2.

First, the first transaction process including the first authentication procedure will be described.
5 and 6 are flowcharts for explaining an example of the first transaction process including the first authentication procedure in the IC card 1. FIG. 6 is a flowchart for explaining an example of the first transaction process in the ATM (external device) 2 corresponding to the first authentication procedure by the IC card 1.
First, the IC card 1 is activated upon receiving power supply from an ATM as the external device 2. The processor 11 of the activated IC card 1 receives a command from the ATM 2 via the communication control unit 15 and the interface 16 and executes a process according to the received command. Here, when an authentication command is received from the ATM 2 (S111, YES), the processor 11 performs an authentication process according to the received authentication command. Here, it is assumed that the processor 11 of the IC card 1 activates a biometric authentication program and executes biometric authentication according to an authentication command.

  As a first authentication procedure in the first transaction process, the processor 11 of the IC card 1 performs a process of selecting a biometric authentication method (first biometric authentication method) to be executed among a plurality of biometric authentication methods. The processor 11 generates a random number to randomly select one biometric authentication method (S112). When the random number is generated, the processor 11 selects the first biometric authentication method based on the generated random number (S113). The biometric authentication method may be selected as long as an arbitrary biometric authentication method can be selected at random.

  For example, it is assumed that the IC card 1 can perform biometric authentication by four biometric authentication methods using a fingerprint, a face image, an iris, and a vein pattern. When “0” to “3” are set as identification numbers for these four biometric authentication methods, the processor 11 may select the biometric authentication method based on the remainder obtained by dividing the generated random number by four. good. As a specific example, when the remainder of dividing the generated random number by 4 is 0, if the fingerprint is set to the identification number “0”, the processor 11 selects biometric authentication by fingerprint as the biometric authentication method. The selection of the biometric authentication method is not limited to the above selection method.

When one biometric authentication method is selected, the processor 11 transmits a selection result of the biometric authentication method (first biometric authentication method) (or a request for the first biometric information) as a response to the external device 2 in response to the authentication command. (S114). After transmitting the selection result of the first biometric authentication method, the processor 11 of the IC card 1 receives biometric information (first biometric information) corresponding to the first biometric authentication method from the ATM 2 (S115).
For example, when biometric authentication using “fingerprint” is selected as the first biometric authentication method, the processor 11 requests the fingerprint image as the first biometric information of the person to be authenticated from the ATM 2. The ATM 2 acquires a fingerprint image as first biometric information from the person to be authenticated according to the selection result of the first biometric authentication method from the IC card 1. The ATM 2 transmits a fingerprint image as first biometric information acquired from the person to be authenticated to the IC card 1. The IC card 1 receives a fingerprint image as first biological information from the ATM 2.

  When the IC card 1 itself is configured to obtain biometric information corresponding to the selected biometric authentication method, the processor 11 corresponds to the biometric authentication method selected from the authentication target person instead of the processing of S114 and S115. A process of acquiring biometric information is executed. For example, in the case of an IC card 1 ′ having a fingerprint sensor 17 as shown in FIG. 2, the processor 11 selects a fingerprint image of the person to be authenticated by the fingerprint sensor 17 when the biometric authentication method using “fingerprint” is selected. Execute the acquisition process.

  When the first biometric information is received (or acquired), the processor 11 uses the first biometric authentication method that collates the received first biometric information with the first biometric information stored in the nonvolatile memory 14. An authentication process is performed (S116). When the authentication by the first biometric authentication method is successful (S117, YES), the processor 11 notifies the ATM as the external device 2 that the authentication by the first biometric authentication method is successful (S118). If the authentication is successful, the processor 11 executes a process corresponding to the transaction process in the normal operation mode in ATM 2 (S119).

  Further, when the authentication by the first biometric authentication method has failed (S117, NO), the processor 11 notifies the ATM as the external device 2 that the authentication by the first biometric authentication method has failed (S121). When the authentication fails, the processor 11 receives a second authentication request (second authentication request) from the ATM 2 (S122). Here, when there is no second authentication request from ATM 2 (S122, NO), the processor 11 ends the process.

  When the second authentication request is received from ATM 2 (S122, YES), the processor 11 generates a random number (second random number) again (S123). When the second random number is generated, the processor 11 selects the second biometric authentication method based on the generated second random number (S124). The selection of the second biometric authentication method is not limited to selecting the biometric authentication method according to a specific law. As a specific example, when the identification numbers “0” to “3” are set in four biometric authentication methods of fingerprint, face image, iris, and vein pattern, the processor 11 has a remainder obtained by dividing the second random number by four. In this case, biometric authentication using the iris with the identification number “2” may be selected as the second biometric authentication method.

  The selection of the second biometric authentication method is not limited to the selection method described above. For example, the selection of the second biometric authentication method may be a method of selecting one biometric authentication method from the biometric authentication methods that can be simply selected, similar to the selection of the first biometric authentication method described above. The second biometric authentication method may be selected from other biometric authentication methods other than the first biometric authentication method. However, even in the latter case, the processor 11 randomly selects a biometric authentication method other than the first biometric authentication method based on the second random number.

When the second biometric authentication method is selected, the processor 11 transmits the selection result of the second biometric authentication method (or the request for the second biometric information) as a response to the external device 2 with respect to the authentication command (S125). After transmitting the selection result of the second biometric authentication method, the processor 11 of the IC card 1 receives biometric information (second biometric information) corresponding to the second biometric authentication method from the ATM 2 (S126).
For example, when biometric authentication by “iris” is selected as the second biometric authentication method, the processor 11 requests the iris image as the second biometric information of the person to be authenticated from the ATM 2. The ATM 2 acquires an iris image as second biometric information from the person to be authenticated in accordance with the selection result of the second biometric authentication method from the IC card 1. The ATM 2 transmits the iris image as the second biological information acquired from the authentication subject to the IC card 1. The IC card 1 receives the second biological information from the ATM 2.

  When the IC card 1 itself can acquire the second biometric information corresponding to the selected second biometric authentication method, the processor 11 replaces the processing of S125 and S126 with the second person to be authenticated. The process which acquires biometric information of is performed. For example, in the IC card 1 ′ having the fingerprint sensor 17 as shown in FIG. 2, when the processor 11 selects the “fingerprint” biometric authentication method as the second biometric authentication method, the fingerprint sensor 17 The process of acquiring the fingerprint image of the person is executed.

  When the second biometric information is received (or acquired), the processor 11 uses the second biometric authentication method that collates the received second biometric information with the second biometric information stored in the nonvolatile memory 14. An authentication process (second authentication process) is performed (S127). When the second authentication by the second biometric authentication method has failed (S128, NO), the processor 11 notifies the ATM 2 that the second authentication by the second biometric authentication method has failed (S129). If the second authentication fails, the processor 11 ends the process.

  If the second authentication by the second biometric authentication method is successful (S128, YES), the processor 11 informs the ATM as the external device 2 that the second authentication by the second biometric authentication method is successful. Notification is made (S130). When the second authentication succeeds after the authentication by the first biometric authentication method (first authentication) fails, the ATM 2 executes a transaction process in a restriction mode that enables a transaction within a predetermined restriction range. It shall be. In this case, the processor 11 of the IC card 1 executes a process corresponding to the transaction process in the restriction mode in ATM 2 (S131).

Next, the 1st transaction processing by ATM2 corresponding to the 1st authentication procedure in IC card 1 mentioned above is explained.
7 and 8 are flowcharts for explaining an example of the first transaction process in the ATM (external device) 2 corresponding to the first authentication procedure by the IC card 1.
ATM2 accepts an IC card such as a cash card used for transaction processing possessed by the user. When the user presents the IC card to the card reader / writer 25, the control unit 21 of the ATM 2 supplies power to the IC card via the card reader / writer 25. Further, the control unit 21 of the ATM 2 receives an operation instruction from the user by the operation unit 23. When the user instructs the operation unit 23 to start transaction processing that requires authentication by the IC card 1 (S151, YES), the control unit 21 issues an authentication command by the card reader / writer 25 in order to authenticate the user. The data is transmitted to the IC card 1 (S152).

  In the IC card 1 that has received the authentication command, the first biometric authentication method is selected by the first authentication procedure described above, and a response indicating the selected first biometric authentication method (or a response requesting the first biometric information). ) To ATM2. Thereby, the control part 21 of ATM2 receives the response which shows the 1st biometric authentication system from IC card 1 (S153). When the response indicating the first biometric authentication method is received, the control unit 21 guides the user to input the first biometric information. The control unit 21 acquires the first biological information from the user (the person to be authenticated) using the biological information acquisition unit that acquires the first biological information together with the input guidance of the first biological information (S154). . When the first biometric information is acquired, the control unit 21 transmits the acquired first biometric information (an authentication command including the first biometric information) to the IC card 1 (S155).

  As a specific example, when the response indicating that the first biometric authentication method is “fingerprint” is received from the IC card 1, the control unit 21 of the ATM 2 displays the fingerprint input guidance on the display unit 22 and the fingerprint sensor 27. Blinks to guide the user to input a fingerprint. While providing guidance for inputting fingerprints, the control unit 21 executes fingerprint reading by the fingerprint sensor 27. When the fingerprint image of the user is read by the fingerprint sensor 27, the control unit 21 transmits a fingerprint authentication command including the read fingerprint image to the IC card 1.

  When the IC card 1 itself can acquire the first biological information, the IC card 1 acquires the first biological information and performs authentication (first authentication) using the first biological information. Therefore, the processing of S153, S154, and S155 is omitted. For example, when the IC card 1 ′ having the fingerprint sensor 17 as shown in FIG. 2 transmits the authentication result by the first authentication as a response to the authentication command transmitted in S152, the control unit 21 of the ATM 2 performs S153, The processing of S154 and S155 may be omitted and the first authentication result may be received from the IC card 1 ′.

  After transmitting the first biometric information, the control unit 21 waits to receive an authentication result from the IC card 1 and receives a response indicating the result of the first authentication by the first biometric information from the IC card 1. (S156). When the response from the IC card 1 is received, the control unit 21 determines whether or not the first authentication in the IC card 1 is successful based on the received response (S157). When the response indicating that the first authentication is successful is received from the IC card 1 (S157, YES), the control unit 21 executes the transaction process in the normal transaction mode for the user who has succeeded in the first authentication. (S158).

  When receiving a response indicating that the first authentication has failed from the IC card 1 (S157, NO), the control unit 21 determines whether or not to execute the second authentication by the second biometric authentication method. The guidance is displayed on the display unit 22 (S160). When the guidance on whether or not to execute the second authentication is displayed, the control unit 21 receives an instruction on whether or not to execute the second authentication on the operation unit 23 by the user. When there is no instruction to execute the second authentication (S161, NO), the control unit 21 ends a series of transaction processes.

  When there is an instruction to execute the second authentication (S161, YES), the control unit 21 transmits an authentication command (second authentication command) requesting the second authentication (S162). In the IC card 1 that has received the second authentication command, the second biometric authentication method is selected by the above-described first authentication procedure, and a response (or second biometric information) indicating the selected second biometric authentication method is selected. Requested response) is sent to ATM2. Thereby, the control part 21 of ATM2 receives the response which shows the 2nd biometric authentication system from IC card 1 (S163).

  When receiving the response indicating the second biometric authentication method, the control unit 21 provides guidance for causing the user to input the second biometric information. The control unit 21 acquires the second biological information from the user (the person to be authenticated) using the biological information acquisition unit for acquiring the second biological information together with the input guidance of the second biological information ( S164). When the second biological information is acquired, the control unit 21 transmits the acquired second biological information (an authentication command including the second biological information) to the IC card 1 (S165).

  As a specific example, when a response indicating that the second biometric authentication method is “iris” is received from the IC card 1, the control unit 21 of the ATM 2 displays guidance or the like that turns the eyes in the shooting direction of the camera 26. The information is displayed on the unit 22 to guide the user to input the iris. The control unit 21 reads the iris of the user using the camera 26 while performing input guidance of the iris. When the user's iris is read by the camera 26, the control unit 21 transmits an iris authentication command including the read iris data to the IC card 1.

  When the IC card 1 itself can acquire the second biometric information, the IC card 1 acquires the second biometric information and authenticates with the second biometric information (second authentication). Therefore, the processes of S163, S164, and S165 are omitted. For example, the IC card 1 ′ having the fingerprint sensor 17 as shown in FIG. 2 transmits the result of the second authentication to the ATM 2 as a response to the authentication command in S 162 if the second authentication is authentication by fingerprint. In this case, the control unit 21 of the ATM 2 omits the processes of S163, S164, and S165 and receives the second authentication result from the IC card 1 ′.

  After transmitting the second biometric information, the control unit 21 waits for reception of the authentication result from the IC card 1 and receives a response indicating the result of the second authentication for the second biometric information from the IC card 1. (S166). When the response from the IC card 1 is received, the control unit 21 determines whether or not the second authentication in the IC card 1 is successful based on the received response (S167). When a response indicating that the second authentication has failed from the IC card 1 is received (S167, NO), the control unit 21 displays that the transaction is impossible on the display unit 22 (S168), and a series of transaction processes Exit.

When a response indicating that the second authentication is successful is received from the IC card 1 (S167, YES), the control unit 21 executes a transaction process in a restricted mode for a user who succeeds in the second authentication. (S169). The restriction mode enables transactions within a predetermined restriction (for example, a restriction on a transaction limit lower than that in the normal mode) for a user who has failed the first authentication. Thereby, even if it is a case where 1st authentication fails, if 2nd authentication is successful, a user will be able to perform transaction processing within a limit range.
Next, a processing example of the first transaction processing by the IC card processing system will be described.
FIG. 9 is a sequence showing a first operation example as a process in the normal mode in the first transaction process by the IC card processing system. The processing example shown in FIG. 9 describes the flow of processing when the first biometric authentication is successful in the first transaction processing as a specific example.
The user inserts the IC card 1 possessed by the user into the ATM 2 as an external device (A1). When the control unit 21 of the ATM 2 receives the IC card 1 inserted by the user, the control unit 21 supplies an authentication request to the IC card 1 (A2).
The processor 11 of the IC card 1 that has received the authentication request from the ATM 2 generates a random number and selects a biometric authentication method (first biometric authentication method) according to the generated random number (A3). When the biometric authentication method is selected, the processor 11 of the IC card 1 notifies the selected biometric authentication method to the ATM 2 (A4). For example, when the fingerprint authentication is selected, the processor 11 of the IC card 1 notifies the ATM 2 that the fingerprint authentication is selected as the biometric authentication method.
When the notification of the biometric authentication method selected by the IC card 1 is received, the control unit 21 of the ATM 2 guides the user to input biometric information used for the biometric authentication method selected by the IC card 1 (A5). Further, the control unit 21 of the ATM 2 accepts input of biometric information from a biometric information acquisition unit (for example, the camera 26, the fingerprint sensor 27, and the vein sensor 28) according to the biometric information together with the biometric information input guidance. Biometric information is acquired by the acquisition unit (A6). When the biometric information is acquired from the user by the biometric information acquisition unit, the control unit 21 of the ATM 2 transmits the acquired biometric information to the IC card 1 (A7).
For example, when the biometric authentication method selected by the IC card 1 is fingerprint authentication, the control unit 21 of the ATM 2 displays on the display unit 22 a guidance that the finger is touched by the fingerprint sensor 27, and the fingerprint by the fingerprint sensor 27 is displayed. Start reading. When the fingerprint sensor 27 reads the fingerprint of the user, the control unit 21 of the ATM 2 transmits the read fingerprint information (for example, a fingerprint image) to the IC card 1.
When receiving the biometric information from the ATM 2, the processor 11 of the IC card 1 executes biometric authentication processing using the received biometric information (A8). For example, when fingerprint authentication is selected, the processor 11 of the IC card 1 receives fingerprint information as biometric information to be verified from the ATM 2. When the user's fingerprint information is received from the ATM 2, the processor 11 of the IC card 1 matches the received fingerprint information with the fingerprint information (registrant's biometric information) stored in the IC card 1. Execute authentication process. When the result of the biometric authentication process is obtained, the IC card 1 notifies the ATM 2 of the result of the biometric authentication process. Here, in the processing example shown in FIG. 9, it is assumed that the authentication by the biometric authentication process is successful. When the authentication by the biometric authentication process is successful, the processor 11 of the IC card 1 transmits a notification that the authentication is successful to the ATM 2 (A9).
When the control unit 21 of the ATM 2 receives notification from the IC card 1 that the authentication is successful, the control unit 21 permits the transaction in the normal mode by the IC card 1. When the transaction in the normal mode is permitted, the control unit 21 of the ATM 2 displays a normal transaction menu for selecting a transaction to be executed from transactions that can be performed in the normal mode on the display unit 22 (A10). In a state where the normal transaction menu is displayed on the display unit 22, the control unit 21 of the ATM 2 accepts a transaction content selection instruction (transaction instruction) from the user using the operation unit 23 (A11). After ATM2 accepts the transaction instruction from the user, the IC card processing system including ATM2 and IC card 1 executes the transaction (transaction sequence) selected by the user.
FIG. 10 is a sequence showing a second operation example as a processing example in the restriction mode in the first transaction processing by the IC card processing system. The processing example shown in FIG. 10 shows the flow of processing (transaction processing in the restriction mode) when authentication with the second biometric information succeeds after authentication with the first biometric information fails in the first transaction processing. It will be described as an example.
In the sequence shown in FIG. 10, the processing (B1-B8) from when the user inserts the IC card 1 into the ATM 2 until the authentication processing is executed is the same as the processing of A1-A8 shown in FIG. For this reason, detailed description of the processing from B1 to B8 will be omitted. Here, the biometric authentication process by the biometric authentication method (first generation authentication method) that is first selected by the IC card 1 is referred to as a first biometric authentication process. In the processing example illustrated in FIG. 10, it is assumed that authentication by the first biometric authentication process has failed. When the authentication by the first biometric authentication process fails, the processor 11 of the IC card 1 transmits a notification that the authentication has failed to the ATM 2 (B9).
When the notification that the authentication by the first biometric authentication process has failed from the IC card 1 is received, the control unit 21 of the ATM 2 determines whether to execute the authentication by another biometric information (second biometric authentication process). (B10). For example, since the authentication by the first biometric authentication method (fingerprint in the example shown in FIG. 10) has failed, the control unit 21 of ATM2 determines whether or not to perform authentication with another biometric information (second biometric information). Selection guidance for causing the user to select is displayed on the display unit 22. Furthermore, the control part 21 of ATM2 is restricted compared with the above-mentioned selection guidance, even if it is a case where it can authenticate with 2nd biometric information (for example, it restrict | limits compared with normal mode). A guide indicating transaction details) may be displayed on the display unit 22.
The control part 21 of ATM2 receives the selection instruction | indication by the operation part 23 in the state which displayed selection guidance. Here, it is assumed that the user has instructed execution of authentication (second biometric authentication process) using different biometric information. When the user instructs execution of the second biometric authentication process (B11), the control unit 21 of the ATM 2 performs a biometric authentication method other than the first biometric authentication method on the IC card 1 (second biometric authentication). (Authentication method) is supplied (B12).
When receiving an authentication request in the second biometric authentication method from the ATM 2, the processor 11 of the IC card 1 generates a random number, and a biometric authentication method that can be implemented other than the first biometric authentication method according to the generated random number. The second biometric authentication method is selected from the list (B13). When the second biometric authentication method is selected, the processor 11 of the IC card 1 notifies the ATM 2 of the selected second biometric authentication method (B14). For example, when the processor 11 of the IC card 1 selects the authentication by the iris as the second biometric authentication method other than the fingerprint as the first biometric authentication method, it indicates that the iris authentication has been selected as the second biometric authentication method. Notify ATM2.
When the notification of the second biometric authentication method selected by the IC card 1 is received, the control unit 21 of the ATM 2 stores biometric information (second biometric information) used for the second biometric authentication method selected by the IC card 1. The input is guided to the user (B15). Moreover, the control part 21 of ATM2 receives the input of the biometric information by the biometric information acquisition part (for example, the camera 26 in the case of an iris) according to the second biometric information, together with the input guidance of the second biometric information ( B16). When acquiring the second biological information from the user, the control unit 21 of the ATM 2 transmits the acquired second biological information to the IC card 1 (B17).
For example, when the second biometric authentication method selected by the IC card 1 is iris authentication, the control unit 21 of the ATM 2 displays a guidance that the camera 26 reads eyes, and the camera 26 reads the iris. Run. When the user's fingerprint is read by the camera 26, the control unit 21 of the ATM 2 transmits the read iris information (iris image) to the IC card 1.
When receiving the second biometric information from the ATM 2, the processor 11 of the IC card 1 executes a second biometric authentication process based on the received second biometric information (B18). For example, when the second biological information is an iris, the processor 11 of the IC card 1 receives iris information as biological information to be collated from the ATM 2. When the user's iris information is received from the ATM 2, the processor 11 of the IC card 1 compares the received iris information with the iris information (registrant's biometric information) stored in the IC card 1. An authentication process (second biometric authentication process) is executed. When the authentication result by the second biometric authentication process is obtained, the IC card 1 notifies the ATM 2 of the authentication result. In the processing example illustrated in FIG. 10, it is assumed that the second biometric authentication processing is successful. When the second biometric authentication process is successful, the processor 11 of the IC card 1 transmits a notification that the authentication is successful to the ATM 2 (B19).
When the control unit 21 of the ATM 2 receives a notification from the IC card 1 that the authentication by the second biometric authentication process has succeeded, the control unit 21 permits the transaction in the restricted mode by the IC card 1. The control part 21 of ATM2 does not implement a part of transactions that can be executed in the normal mode in the restriction mode. In the restriction mode, the upper limit of the transaction amount may be restricted. In the transaction in the restriction mode, the ATM 2 processor 31 displays a restriction transaction menu for selecting a transaction to be executed from the transactions that can be executed in the restriction mode on the display unit 22 (B20). In a state where the restricted transaction menu is displayed on the display unit 22, the control unit 21 of the ATM 2 receives a transaction content selection instruction (transaction instruction) from the user using the operation unit 23 (B21). When the ATM 2 receives a transaction instruction from the user, the IC card processing system including the ATM 2 and the IC card 1 executes the transaction processing (transaction sequence) selected by the user.

  As described above, the IC card related to the first transaction process stores a plurality of biometric authentication data of registrants corresponding to a plurality of types of biometric authentication methods in a memory, and is based on a random number generated for each authentication process. The biometric authentication method to be executed at random is selected, and the authentication result by the selected biometric authentication method is notified to the external device. In the external device, if authentication by a randomly selected biometric authentication method using an IC card is successful, transaction processing is executed.

  Thereby, according to the 1st transaction processing, since the biometrics method used for authentication is chosen at random, the risk that a 3rd person can authenticate illegally can be reduced. For example, in order for a third party to copy another person's biometric authentication data and execute transaction processing on an external device, duplicate data of a plurality of biometric information corresponding to a plurality of biometric authentication methods that may be selected at random Therefore, it is possible to reduce the risk of unauthorized transactions due to authentication by unauthorized third parties.

  In addition, the IC card related to the first transaction process described above, when the first authentication by the first biometric authentication method selected at random fails, the second by the second biometric authentication method selected again at random. Authentication is performed, and the result of the second authentication is notified to the external device. In the external device, when the first authentication with the IC card is successful, transaction processing in the normal mode is executed, and when the first authentication with the IC card fails and the second authentication is successful, Execute transaction processing in restricted mode.

  According to such a first transaction process, even if the person himself / herself is injured or the like cannot be authenticated by a specific biometric authentication method, the second biometric can be performed even if authentication by the first biometric authentication method fails. If authentication by the authentication method is successful, transaction processing in restricted mode can be performed. As a result, for example, even a person who has an injured hand is likely to succeed in biometric authentication using a biometric authentication method other than the hand, such as an iris or a face. There is a high possibility that it can be done, and convenience is high.

Next, the second transaction process including the second authentication procedure using the IC card will be described.
FIG. 11 is a flowchart for explaining an example of the second transaction process including the second authentication procedure in the IC card 1.
First, the IC card 1 is activated upon receiving power supply from the external device 2. When receiving the authentication command from the external device 2 (S211, YES), the processor 11 performs an authentication process according to the second authentication procedure in accordance with the received authentication command. Here, it is assumed that the processor 11 of the IC card 1 activates the biometric authentication program and executes authentication according to the second authentication procedure. In the second authentication procedure, the processor 11 of the IC card 1 randomly selects a plurality of biometric authentication methods to be executed among the plurality of biometric authentication methods. Here, the processor 11 will be described as selecting two types of biometric authentication methods.

  The processor 11 generates a random number to randomly select two types of biometric authentication methods (S212). When the random number is generated, the processor 11 selects two types of biometric authentication methods based on the generated random number (S213). The two types of biometric authentication methods may be selected as long as an arbitrary biometric authentication method can be selected at random. For example, there are 4C2 = 6 combinations for selecting two types that do not overlap from four types of authentication methods. For this reason, when there are four types of biometric authentication methods that can be executed, the processor 11 may select one combination from six combinations based on the generated random number.

  As a specific example, identification numbers “0” to “5” may be assigned to six combinations, and one combination may be selected according to the number of remainders obtained by dividing the generated random number by six. For example, the first combination (identification number “0”) is fingerprint and vein, the second combination (identification number “1”) is fingerprint and iris, and the third combination (identification number “2”) is fingerprint and face matching. The fourth combination (identification number “3”) is a vein and iris, the fifth combination (identification number “4”) is a vein and face matching, and the sixth combination (identification number “5”) is an iris and face matching. And In this case, if the remainder obtained by dividing the generated random number by 6 is 0, the processor 11 selects the first combination (fingerprint authentication and vein authentication) whose identification number is “0”. When the first combination is selected, the processor 11 adds information indicating that the two types of biometric authentication methods are “fingerprint authentication” and “vein authentication” to the response to the authentication command, and transmits to the ATM 2.

  When the two types of biometric authentication methods are selected, the processor 11 selects the two types of biometric authentication methods (first and second biometric authentication methods) as responses to the ATM 2 in response to the authentication command (or the first and second types). Request for biometric information) is transmitted (S214). After transmitting the selection results of the two types of biometric authentication methods, the processor 11 of the IC card 1 uses the first biometric information and the second biometric information corresponding to the first biometric authentication method acquired from the person to be authenticated (user). The second biometric information corresponding to the biometric authentication method is received from ATM 2 (S215). For example, the IC card 1 receives from the ATM 2 an authentication command that requests authentication by the first and second biometric authentication methods including the first biometric information and the second biometric information.

  When the first biometric information and the second biometric information are received, the processor 11 performs the authentication process by the first biometric authentication method using the first biometric information and the second biometric information using the second biometric information. An authentication process based on the authentication method is executed (S216). For example, when “fingerprint” data as the first biometric information and “vein” data as the second biometric information are received, the processor 11 performs fingerprint authentication and vein authentication. The processor 11 collates the received fingerprint data of the person to be authenticated with the fingerprint data of the registrant stored in the nonvolatile memory 14. Further, the processor 11 collates the vein data received from the ATM 2 and vein data of the registrant stored (registered) in the nonvolatile memory 14 as vein authentication.

  When the authentication process by the first and second biometric authentication methods is executed, the processor 11 transmits a response indicating the authentication result by the first biometric authentication method and the authentication result by the second biometric authentication method to the ATM 2. When all the authentications (both two types of biometric authentication) are successful (S217, YES), the processor 11 notifies the ATM 2 that the authentication by the first and second biometric authentication methods is successful (S218). . When all the authentications are successful, the ATM 2 executes the transaction process in the normal mode on the assumption that the user authentication is completely successful. On the other hand, the processor 11 of the IC card 1 executes a process corresponding to the transaction process in the normal mode in ATM 2 (S219).

  Further, when a part of the authentication (authentication by one biometric authentication method) succeeds and the other authentication (authentication by the other biometric authentication method) fails (S220, YES), the processor 11 performs the partial authentication. A response to the effect is transmitted to ATM 2 (S221). When one authentication succeeds and the other authentication fails, the ATM 2 executes the transaction process in the restricted mode, assuming that the user authentication is partially successful. On the other hand, the processor 11 of the IC card 1 executes a process corresponding to the transaction process in the restriction mode in the ATM 2 (S222).

  Further, when all the authentications (both two types of biometric authentication) have failed (S220, NO), the processor 11 notifies the ATM 2 that the authentication by the first and second biometric authentication methods has failed (see FIG. S223). If all authentications fail, ATM2 terminates the transaction process assuming that user authentication has completely failed.

Next, the second transaction process at ATM 2 corresponding to the authentication process by the second authentication procedure in the IC card 1 described above will be described.
FIG. 12 is a flowchart for explaining an example of the second transaction process in the ATM (external device) 2 corresponding to the second authentication procedure by the IC card 1.
When the user presents the IC card 1 to the card reader / writer 25 of the ATM 2, the control unit 21 of the ATM 2 supplies power to the IC card 1 via the card reader / writer 25, and an operation instruction from the user by the operation unit 23. Accept. When the user instructs the operation unit 23 to start transaction processing that requires authentication using the IC card 1 (S251, YES), the control unit 21 uses the card reader / writer 25 to authenticate the user. An authentication command for requesting authentication is transmitted to the IC card 1 (S252).

  In the IC card 1 that has received the authentication command, two types of biometric authentication methods (first and second biometric authentication methods) are selected by the above-described second authentication procedure, and the selected first and second biometric authentication methods are selected. (Or a response requesting the first and second biometric information) is transmitted to ATM2. Thereby, the control part 21 of ATM2 receives the response which shows the 1st and 2nd biometrics system from IC card 1 (S253).

When receiving the responses indicating the first and second biometric authentication methods, the control unit 21 guides the user to input the first biometric information and the second biometric information. The control unit 21 acquires the first biological information from the user (the person to be authenticated) while guiding the input of the first biological information, and the second from the user while guiding the input of the second biological information. Biometric information is acquired (S254). When the first and second biological information is acquired, the control unit 21 transmits the acquired first and second biological information (authentication command including the first and second biological information) to the IC card 1 (S255). )
As a specific example, when a response indicating that the first biometric authentication method is “fingerprint” and the second biometric authentication method is “vein pattern” is received from the IC card 1, the control unit 21 of the ATM2 receives the response from the user. The “fingerprint” acquisition process and the “vein pattern” acquisition process are executed. The “fingerprint” acquisition process and the “vein pattern” acquisition process may be executed in a predetermined order or may be executed in an arbitrary order.

  In the fingerprint acquisition process, the control unit 21 displays the fingerprint input guidance on the display unit 22 and guides the fingerprint input by blinking the fingerprint sensor 27, and uses the fingerprint sensor 27 while performing the fingerprint input guidance. Perform reading of the person's fingerprint. As the vein pattern acquisition process, the control unit 21 displays the vein input guidance on the display unit 22 and also guides the vein pattern input by blinking the vein sensor 28, and performs the vein pattern input guidance. The vein pattern is read by the vein sensor 28. When the fingerprint image and the vein pattern are acquired by the fingerprint sensor 27 and the vein sensor 28, the control unit 21 transmits an authentication command including the acquired fingerprint image and the vein pattern to the IC card 1.

  In addition, when the IC card 1 itself can acquire any biological information, the acquisition of the biological information that can be acquired by the IC card itself does not need to be executed by the ATM 2. That is, when a biometric authentication method using biometric information that can be acquired by the IC card 1 itself is selected, the processor 11 acquires biometric information and biometric authentication within the IC card without notifying the external device of the biometric authentication method. And the executed authentication result may be returned to the external device.

After transmitting the first and second biological information acquired from the user to the IC card 1, the control unit 21 waits for reception of the authentication result from the IC card 1, and the first and second information from the IC card 1 are received. A response indicating the result of authentication by the biometric authentication method is received (S256). When the response from the IC card 1 is received, the control unit 21 determines whether both of the two authentication results based on the first and second biometric authentication methods in the IC card 1 have succeeded based on the received response, or only one of them. It is determined whether or not both have succeeded (S257, S259). When a response indicating that both authentications are successful is received from the IC card 1 (S257, YES), the control unit 21 executes transaction processing in the normal transaction mode for the user for which both authentications are successful (S258). ).
When receiving a response indicating that both biometric authentications have failed from the IC card 1 (S259, NO), the control unit 21 displays on the display unit 22 that transaction processing is not possible (S261), and End transaction processing.

When receiving a response indicating that one biometric authentication has succeeded (one biometric authentication has succeeded and the other biometric authentication has failed) from the IC card 1 (S259, YES), the control unit 21 performs one authentication. The transaction processing in the restricted mode is executed for the user who succeeded (S260). In the restriction mode, transactions within a predetermined restriction (for example, a restriction on the transaction limit lower than that in the normal mode) are allowed for a user who has succeeded in biometric authentication on one side. As a result, even a user who succeeds in only one biometric authentication can execute transaction processing within the limited range. Depending on the operation mode, if either biometric authentication succeeds, the transaction processing in the normal mode may be performed. If both biometric authentications are not successful, all transactions cannot be performed. May be.
Next, a processing example of the second transaction processing by the IC card processing system will be described.
FIG. 13 is a sequence showing a third operation example as a processing example in the normal mode in the second transaction processing by the IC card processing system. The processing example shown in FIG. 13 describes the flow of processing when both types of biometric authentication are successful in the second transaction processing as a specific example.
The user inserts the IC card 1 possessed by the user into the ATM 2 as an external device (C1). When the control unit 21 of the ATM 2 receives the IC card 1 inserted by the user, the control unit 21 supplies an authentication request to the IC card 1 (C2).
The processor 11 of the IC card 1 that has received the authentication request from the ATM 2 selects two types of biometric authentication methods at random in order to execute two types of biometric authentication. That is, when the processor 11 of the IC card 1 receives an authentication request from the ATM 2, the processor 11 generates a random number and selects two types of biometric authentication methods (first and second biometric authentication methods) according to the generated random number ( C3). When two types of biometric authentication methods are selected, the processor 11 of the IC card 1 notifies the ATM 2 of the two types of selected biometric authentication methods (first and second biometric authentication methods) (C4). For example, when fingerprint authentication and vein authentication are selected, the processor 11 of the IC card 1 notifies the ATM 2 that fingerprint authentication and vein authentication have been selected as two types of biometric authentication methods.
When the notification of the two types of biometric authentication methods selected by the IC card 1 is received, the control unit 21 of the ATM 2 uses the first biometric authentication method among the two types of biometric authentication methods selected by the IC card 1. The biometric information is input to the user (C5). Along with the input guidance of the first biological information, the control unit 21 of the ATM 2 receives the input of the first biological information by the biological information acquisition unit corresponding to the first biological information, and receives the first biological information from the user. Is acquired (C6). For example, when the first biometric authentication method selected by the IC card 1 is fingerprint authentication, the control unit 21 of the ATM 2 displays on the display unit 22 a guidance for pointing the finger at the fingerprint sensor 27, and the fingerprint sensor 27 Start reading fingerprints at. Thereby, the control part 21 of ATM2 reads a user's fingerprint by the fingerprint sensor 27 (acquires 1st biometric information). The fingerprint information (for example, fingerprint image) read from the user is temporarily held in the RAM 33 or the like.
When the first biometric information is acquired, the control unit 21 of the ATM 2 guides the user to input the second biometric information used for the second biometric authentication method selected by the IC card 1 (C7). Along with the input guidance of the second biological information, the control unit 21 of the ATM 2 receives the input of the second biological information by the biological information acquisition unit corresponding to the second biological information, and receives the second biological information from the user. Is acquired (C8). For example, when the second biometric authentication method selected by the IC card 1 is vein authentication, the control unit 21 of the ATM 2 displays on the display unit 22 a guidance indicating that the palm is placed on the vein sensor 28, and the vein sensor 28. Start reading palm veins (vein pattern). Thereby, the control part 21 of ATM2 reads the vein pattern of a user's palm by the vein sensor 28 (acquires 2nd biometric information). The vein pattern information read from the user is temporarily stored in the RAM 33 or the like.
When the first and second biological information is acquired, the control unit 21 of the ATM 2 transmits the two types of acquired biological information (first and second biological information) to the IC card 1 (C9). In addition, the control part 21 of ATM2 implements the process (process of C5 and C6) which acquires 1st biometric information, and the process (process of C7 and C8) which acquires 2nd biometric information in parallel. Also good. Further, the control unit 21 of the ATM 2 may transmit the first biological information and the second biological information to the IC card 1 in order.
When two types of biometric information are received from the ATM 2, the processor 11 of the IC card 1 executes two types of biometric authentication processing using the received two types of biometric information (C10). For example, when fingerprint authentication and vein authentication are selected, the processor 11 of the IC card 1 stores information stored in the IC card 1 and fingerprint information (first biometric information) received from the ATM 2 as a verification target. A first biometric authentication process is performed by collating with the fingerprint information (registered information) of the person. Along with the first biometric authentication process, the processor 11 of the IC card 1 receives the vein pattern information (second biometric information) received from the ATM 2 and the vein of the registrant stored in the IC card 1. A second biometric authentication process is performed by matching with pattern information (registered information).
When the results of the first and second biometric authentication processes are obtained, the processor 11 of the IC card 1 notifies the ATM 2 of the results of the first and second biometric authentication processes. In the processing example shown in FIG. 13, it is assumed that both the first and second biometric authentication processes are successful. When the first and second authentications by the first and second biometric authentication processes are successful, the processor 11 of the IC card 1 transmits a notification to the ATM 2 that the first and second authentications are successful (C11). ).
When the control unit 21 of the ATM 2 receives notification from the IC card 1 that the first and second authentications have been successful, the control unit 21 permits the transaction in the normal mode by the IC card 1. When the transaction in the normal mode is permitted, the control unit 21 of the ATM 2 displays a normal transaction menu for selecting a transaction to be executed from transactions that can be performed in the normal mode on the display unit 22 (C12). In a state where the normal transaction menu is displayed on the display unit 22, the control unit 21 of the ATM 2 receives a transaction content selection instruction (transaction instruction) from the user using the operation unit 23 (C13). After ATM2 accepts the transaction instruction from the user, the IC card processing system including ATM2 and IC card 1 executes the transaction (transaction sequence) selected by the user.
FIG. 14 is a sequence showing a fourth operation example as a processing example in the restriction mode in the second transaction processing by the IC card processing system. In the second transaction process, the process example illustrated in FIG. 14 describes the flow of the process when one of the two types of biometric authentication processes succeeds and the other authentication fails as a specific example. It is.
In the sequence shown in FIG. 14, the process (D1-D10) from when the user inserts the IC card 1 into the ATM 2 until the two types of biometric authentication processes are executed is the same as the process of C1-C10 shown in FIG. It is. For this reason, detailed description of the processing of D1 to D10 will be omitted. Here, in the processing example shown in FIG. 14, the first authentication by the first biometric authentication process (for example, biometric authentication process by fingerprint) is successful, and the second biometric authentication process (for example, biometric authentication by vein) is performed. It is assumed that the second authentication in (Process) has failed. In this case, the processor 11 of the IC card 1 transmits to the ATM 2 a notification that the first authentication has succeeded and the second authentication has failed (D11). For example, when fingerprint authentication is successful and vein authentication is unsuccessful, the processor 11 of the IC card 1 transmits a notification to the ATM 2 that fingerprint authentication is successful and vein authentication has failed.
When the first authentication is successful from the IC card 1 and the notification that the second authentication is unsuccessful is received from the IC card 1, the control unit 21 of the ATM 2 permits the transaction in the restricted mode by the IC card 1. In the restriction mode, the control unit 21 of the ATM 2 disables a part of the transactions that can be performed in the normal mode or restricts the upper limit of the transaction amount. In the transaction in the restriction mode, the ATM 2 processor 31 displays a restriction transaction menu for selecting a transaction to be executed from the transactions that can be executed in the restriction mode on the display unit 22 (D12). In a state where the restricted transaction menu is displayed on the display unit 22, the control unit 21 of the ATM 2 receives a transaction content selection instruction (transaction instruction) from the user using the operation unit 23 (D13). When the ATM 2 receives a transaction instruction from the user, the IC card processing system including the ATM 2 and the IC card 1 executes the transaction processing (transaction sequence) selected by the user.

  As described above, the IC card related to the second transaction process stores a plurality of biometric authentication data of registrants corresponding to a plurality of types (three or more types) of biometric authentication methods in a memory, and performs each authentication process. A plurality of (two types) biometric authentications to be executed at random are selected based on the random numbers to be generated, and an authentication result by each selected biometric authentication method is notified to the external device. The external device determines whether transaction processing is possible and the operation mode according to the results of authentication using a plurality of biometric authentication methods on the IC card, and executes transaction processing in the determined operation mode if transaction processing is possible To do.

  Thereby, according to the 2nd transaction processing, since authentication by a plurality of randomly selected biometric authentication methods is required, it is possible to reduce the risk that a third party can be authenticated illegally. For example, in order for a third party to copy biometric authentication data of another person and execute transaction processing on an external device, it is necessary to prepare duplicate data of a plurality of pieces of biometric information corresponding to a plurality of biometric authentication methods. Risk of fraudulent withdrawal of cash is reduced.

  In addition, if authentication by some biometric authentication methods among a plurality of biometric authentication methods selected at random is successful, transaction processing in the restricted mode is enabled, so that even if the person himself is injured or the like, Even in a state where authentication cannot be performed by the biometric authentication method, transaction processing in the restricted mode can be performed if authentication by some biometric authentication methods is successful. For example, even if a person has a hand injury, there is a high possibility of successful biometric authentication using a biometric authentication method on a part other than the hand, such as an iris or a face, so that transaction processing in the control mode may be possible. High and convenient.

Next, the third transaction process including the third authentication procedure in the IC card 1 will be described.
In the IC card 1 that implements the third authentication procedure, a plurality of types of biometric authentication data in different states of the registrant (each finger, left and right eyes, left and right hands, facial expressions, etc.) for each of a plurality of types of biometric authentication methods. Is registered in the nonvolatile memory 14. In other words, the non-volatile memory 14 has each biometric authentication data (first biometric authentication data, second biometric authentication data) corresponding to each biometric authentication scheme (first biometric authentication scheme, second biometric authentication scheme,...). ,...), A plurality of types of biometric authentication data with different registrants are registered. Furthermore, a security mode is set (registered) for each of a plurality of types of biometric authentication data in different states for each biometric authentication method stored in the nonvolatile memory 14.

  For example, the fingerprint data of each finger of the right hand and the fingerprint data of each finger of the left hand are registered as fingerprint data, the security mode is set to the normal mode for the fingerprint data of the right hand, and each finger of the left hand is registered. Set the security mode to emergency mode for the fingerprint data. In this case, the IC card determines whether the fingerprint data that has been successfully authenticated (verified) is the fingerprint of the finger of the right hand or the fingerprint of the finger of the left hand. This is notified to ATM2. ATM2 that has received such notification that it is in emergency mode can start operations with users, and can operate in emergency mode to display the account balance low and to make an emergency call to the police. It becomes.

  Even if the person is the same, there is a difference between the iris of the right eye and the iris of the left eye. For this reason, the iris data for the right eye and the iris data for the left eye can be registered in association with each security mode. The vein pattern of the palm also differs between the right hand and the left hand of the same person. For this reason, the vein pattern data of the right hand and the vein pattern data of the left hand can be registered in association with each security mode for the palm vein pattern. Furthermore, for face images, a plurality of face image data whose face states (open both eyes, meditate one eye, open mouth, close mouth, etc.) can be registered in association with each security mode.

FIGS. 15 and 16 are flowcharts for explaining an example of the third transaction process including the third authentication procedure in the IC card 1.
The third transaction process shown in FIGS. 15 and 16 determines whether or not it is an emergency mode when authentication is successful in the first transaction process shown in FIGS. 5 to 6. A process for notifying the external device from the IC card that the emergency mode has been established upon successful authentication is added. That is, in each process shown in FIGS. 15 and 16, the processes of S311 to S319 and S321 to S331 can be realized by the same processes as S111 to S119 and S121 to S131 shown in FIGS. For this reason, detailed description is abbreviate | omitted about the process of S311-S319 and S321-S331.

  15 and 16, when it is determined that the first authentication is successful (S317, YES), the processor 11 performs the emergency mode based on the first biometric information for which the biometric authentication (verification) is successful. It is determined whether or not there is (S341). In the process shown in FIG. 15, also when it is determined that the second authentication is successful (S328, YES), the processor 11 is in the emergency mode based on the second biometric information for which the biometric authentication (verification) is successful. It is determined whether or not there is (S342). The processor 11 determines whether the security mode associated with the biometric data for which biometric authentication (verification) has succeeded is the emergency mode.

  For example, in the case of fingerprint authentication, the processor 11 determines whether the collation with the fingerprint of the finger whose security mode is set to the emergency mode is successful. In the case of iris authentication, the processor 11 determines whether the left eye or the right eye iris has been successfully matched with the iris of the eye whose security mode is set to the emergency mode. Further, in the case of palm vein pattern authentication, the processor 11 determines whether the left hand or right hand vein pattern has been successfully verified with the palm vein pattern of which the security mode is set to the emergency mode. Further, in the case of face authentication, the processor 11 determines whether the face image in the state in which the security mode is set to the emergency mode among the plurality of registered face images has been successfully verified.

  If it is determined that the emergency mode is set based on the biometric authentication result (YES in S341 or YES in S342), the processor 11 sends a response indicating that the emergency mode is set together with the result of the first or second authentication to ATM2. (S343). The ATM 2 that has received the response indicating the emergency mode executes transaction processing in the emergency mode. In this case, the ATM 2 is controlled so that it is not realized by a third party such as a companion or a monitor that the emergency mode is in the emergency mode. For example, the ATM 2 executes processing such as reporting to the police while proceeding in the same manner as a normal transaction for the appearance of humans such as third parties and operators themselves. Further, the IC card 1 appropriately executes a process corresponding to the transaction process in the emergency mode by the ATM 2 (S344).

FIGS. 17 and 18 are flowcharts for explaining an example of the third transaction process in the ATM (external device) 2 corresponding to the third authentication procedure by the IC card 1.
ATM2 which concerns on this embodiment performs the process shown in FIG.17 and FIG.18 with respect to the process of IC card 1 shown in FIG.15 and FIG.16. That is, when the control unit 21 of the ATM 2 determines that the first authentication is successful based on the response indicating the first authentication result received from the IC card 1 (S357, YES), the emergency mode is further determined based on the response. Is determined (S371). Moreover, also when it is judged that the 2nd authentication was successful by the response from IC card 1 (S367, YES), the control part 21 judges whether emergency mode was notified based on the said response (S342). ).

  When it is determined that the emergency mode is set based on the response from the IC card 1 (YES in S371 or YES in S372), the control unit 21 executes transaction processing in the emergency mode (S373). As described above, the transaction process in the emergency mode is a process executed so that a third party such as a companion does not understand. Accordingly, the ATM 2 performs processing similar to that for a normal transaction in terms of human appearance, and also performs processing such as reporting to the police. In the transaction processing in the emergency mode, the control unit 21 may change and display the user's account information such as displaying the balance low. In the transaction process in the emergency mode, the control unit 21 may perform a transaction process using a special account (dummy account, ransom guarantee company account).

In addition, although the example of the 3rd transaction processing mentioned above is an example which added processing (S341-344, S371-373), such as operation in emergency mode judgment and emergency mode, to the 1st transaction processing, Processing such as determination of the emergency mode and operation in the emergency mode may be added to the second transaction processing. That is, for the process of performing biometric authentication in the IC card, it is possible to add processes such as determination of the emergency mode and operation in the emergency mode.
Next, a processing example of third transaction processing by the IC card processing system will be described.
FIG. 19 is a sequence showing a fifth operation example as a process in the emergency mode in the third transaction process by the IC card processing system. The processing example shown in FIG. 19 describes the flow of processing when it is determined that the emergency mode is in the third transaction processing as a specific example.
The user inserts the IC card 1 possessed by the user into the ATM 2 as an external device (E1). When the control unit 21 of the ATM 2 receives the IC card 1 inserted by the user, the control unit 21 supplies an authentication request to the IC card 1 (E2).
The processor 11 of the IC card 1 that has received the authentication request from the ATM 2 generates a random number and selects a biometric authentication method (first biometric authentication method) according to the generated random number (E3). When the biometric authentication method is selected, the processor 11 of the IC card 1 notifies the ATM2 of the selected biometric authentication method (E4). For example, when the fingerprint authentication is selected, the processor 11 of the IC card 1 notifies the ATM 2 that the fingerprint authentication is selected as the biometric authentication method.
When the notification of the biometric authentication method selected by the IC card 1 is received, the control unit 21 of the ATM 2 guides the user to input biometric information used for the biometric authentication method selected by the IC card 1 (E5). Moreover, the control part 21 of ATM2 receives the input of the biometric information by the biometric information acquisition part according to the said biometric information with the input guidance of biometric information, and acquires biometric information by a biometric information acquisition part (E6). Here, the user who wants to make emergency mode makes the biometric information acquisition part acquire the biometric information of the part where the emergency mode is set among the selected biometric information. For example, when fingerprint authentication is selected, a user who has set the fingerprint of the left index finger in the emergency mode moves the index finger of the left hand to the fingerprint scanner 27 to set the emergency mode. Thereby, the control part 21 of ATM2 can acquire the biometric information in which emergency mode is set. That is, when the biometric information for which the emergency mode is set is acquired, the control unit 21 of the ATM 2 transmits the biometric information for which the emergency mode is set to the IC card 1 (E7).
When receiving the biometric information from the ATM 2, the processor 11 of the IC card 1 executes biometric authentication processing using the received biometric information (E8). Here, in the biometric authentication process in the third transaction process, the processor 11 of the IC card 1 collates the biometric information received from the ATM 2 with the biometric information registered in the IC card 1 and the biometric received from the ATM 2. Check information security mode (check whether it is emergency mode).
That is, when the biometric authentication process is successful, the processor 11 of the IC card 1 checks whether the registered biometric information that matches the biometric information received from the ATM 2 is set in the emergency mode. Accordingly, when it is determined that the emergency mode is set, the processor 11 of the IC card transmits to the ATM 2 that the biometric authentication is successful and the emergency mode is set (E9).
When the control unit 21 of the ATM 2 receives the notification of the successful authentication and the emergency mode from the IC card 1, it notifies the external device (for example, the police that it is urgent) that the biometric authentication in the emergency mode has been performed. (Emergency notification) (E10). This emergency notification is made so that the operator of the ATM 2 and the people around the ATM 2 are not aware of it. Moreover, the control part 21 of ATM2 displays the normal transaction menu similar to the process in the normal mode by the said IC card 1 on the display part 22 so that the operator of ATM2 etc. may not notice an emergency notification (E11). ).
When the emergency mode notification is received from the IC card 1, the control unit 21 of the ATM 2 changes the display content of the display unit 22 as a normal transaction menu that cannot be seen at first glance. Further, for example, when the control unit 21 of the ATM 2 receives an emergency mode notification from the IC card 1, the remaining amount of the user's account may be displayed in a small amount.
When such a normal transaction menu is displayed on the display unit 22, the control unit 21 of the ATM 2 executes a process in accordance with an operation instruction from the user for the displayed menu (E12). After ATM2 accepts the transaction instruction from the user, the IC card processing system including ATM2 and IC card 1 executes the transaction (transaction sequence) selected by the user. When the emergency mode notification is received, the IC card processing system including the ATM 2 and the IC card 1 is at least visually so that the operator and a third party around the ATM 2 are not aware of the emergency mode. Performs processing similar to normal transaction processing.

  The IC card related to the third transaction processing as described above registers the biometric authentication data of the registrant acquired in a specific state in association with the emergency mode, and if the biometric authentication is successful, the biometric authentication ( If the emergency mode is associated with the biometric authentication data that has been successfully verified, the external device is notified of the emergency mode when authentication is successful.

  As a result, according to the third transaction processing, in a situation where a transaction must be performed regardless of the intention of the person due to a threat from a third party, the biometric authentication is performed using the biometric information in which the emergency mode is set. By doing so, it is possible to perform operations such as an emergency call while performing a normal transaction in appearance. That is, according to the third transaction process, even if authentication is performed regardless of the intention of the principal, the risk of damage to the principal or the principal's property by the transaction process in the emergency mode is reduced. For example, by performing biometric authentication with fingers, eyes, hands, or facial expressions associated with the emergency mode, it is possible to make an emergency call together with a normal transaction.

  In the IC card according to the above-described embodiment, one or a plurality of biometric authentication methods are randomly selected from a plurality of types of biometric authentication methods that can be executed, and biometric authentication is performed using the randomly selected biometric authentication methods. Thereby, according to the IC card concerning this embodiment, since it authenticates by the biometrics method chosen at random, security can be made higher than processing which authenticates by a specific method.

  Further, in the transaction processing system according to the present embodiment, biometric authentication based on a biometric authentication method in which an IC card is randomly selected is executed in an IC card that has higher security than an external device. In addition, in the processing system including the IC card and the external device according to the present embodiment, biometric authentication is performed within the IC card, so that the biometric authentication data of the registered person stored (registered) in the IC card is output to the outside. It will not be done. As a result, the processing system according to the present embodiment can ensure high security.

  In addition, the IC card according to the present embodiment includes the biometric information of the person to be authenticated used for the selected biometric authentication method after responding with information indicating the biometric authentication method selected at random to the authentication command from the external device. An authentication command is acquired from the external device, and biometric authentication (collation) is performed based on the biometric information of the person to be authenticated acquired from the external device and the biometric information of the registrant stored in the nonvolatile memory. Thereby, the IC card according to the present embodiment can realize biometric authentication by the biometric authentication method selected from a plurality of types of biometric authentication methods by exchanging normal authentication commands and responses.

  Note that the IC card 1 according to the present embodiment may invalidate authentication by a specific biometric authentication method among a plurality of types of biometric authentication methods. For example, if there is biometric authentication data that is considered highly likely to be used illegally, the biometric authentication method based on the biometric authentication data may be invalidated. When a specific biometric authentication method is invalidated, the processor 11 selects a biometric authentication method to be executed from a biometric authentication method other than the biometric authentication method set to invalid when selecting a biometric authentication method in each transaction process. You should do it.

  The functions described in each of the above-described embodiments are not limited to being configured using hardware, and can be realized by causing a computer to read a program describing each function using software. Each function may be configured by appropriately selecting either software or hardware.

  Although several embodiments of the present invention have been described, these embodiments are presented by way of example and are not intended to limit the scope of the invention. These novel embodiments can be implemented in various other forms, and various omissions, replacements, and changes can be made without departing from the scope of the invention. These embodiments and modifications thereof are included in the scope and gist of the invention, and are included in the invention described in the claims and the equivalents thereof.

  DESCRIPTION OF SYMBOLS 1 ... IC card (portable electronic device), C ... Main body, Ca ... IC chip, M ... Module, 2 ... External device (ATM), 11 ... Processor, 12 ... ROM, 13 ... RAM, 14 ... Non-volatile memory, DESCRIPTION OF SYMBOLS 15 ... Communication control part, 16 ... Interface, 17 ... Fingerprint sensor, 21 ... Control part, 25 ... Card reader / writer, 26 ... Camera, 27 ... Fingerprint sensor, 28 ... Vein sensor

Claims (10)

A communication unit that communicates with an external device;
A storage unit for storing a plurality of biometric authentication data of registrants corresponding to a plurality of types of biometric authentication methods;
A control unit that randomly selects at least one biometric authentication method from the plurality of types of biometric authentication methods and executes biometric authentication using the selected biometric authentication method when receiving a command requesting authentication from the external device; ,
IC card having The control unit responds to the command requesting authentication from the external device with information indicating the selected biometric authentication method, and then transmits the biometric information of the person to be authenticated used for biometric authentication by the selected biometric authentication method. Biometric authentication is performed using the received biometric information of the person to be authenticated received from the external device and the biometric authentication data of the registrant stored in the storage unit.
The IC card according to claim 1. When the biometric authentication by the selected biometric authentication method fails, the control unit further randomly selects a second biometric authentication method used for second authentication from the plurality of types of biometric authentication methods, and selects the selected biometric authentication method. Performing second biometric authentication by the second biometric authentication method;
The IC card according to claim 1 or 2. When the second authentication by the second biometric authentication method is successful, the control unit executes processing corresponding to processing in a restriction mode different from the normal mode in the external device.
The IC card according to claim 3. The storage unit stores a plurality of biometric authentication data of registrants corresponding to three or more types of biometric authentication methods as the plurality of types of biometric authentication methods,
The control unit randomly selects a plurality of biometric authentication methods to be executed from the plurality of types of biometric authentication methods, executes biometric authentication by the selected plurality of biometric authentication methods, and obtains a result of biometric authentication by each biometric authentication method. Send to external device,
The IC card according to claim 1 or 2. When the biometric authentication by a plurality of biometric authentication methods is executed, the control unit succeeds in the biometric authentication by some biometric authentication methods, and the biometric authentication by other biometric authentication methods fails. Execute the processing corresponding to the processing in restricted mode different from
The IC card according to claim 5. The storage unit stores a plurality of types of biometric authentication data with different registrants for each of various biometric authentication methods, and further indicates information indicating a security mode in association with each biometric authentication data for each biometric authentication method. Remember,
If the security mode associated with the biometric data that has been successfully verified with the biometric information of the person to be authenticated is the emergency mode when the biometric authentication is successful, the control unit determines that the emergency mode is the emergency mode. Notify the device,
The IC card according to any one of claims 1 to 6. Furthermore, it has a fingerprint sensor that reads the fingerprint data of the person to be authenticated,
When the selected biometric authentication method is fingerprint authentication, the control unit compares fingerprint data read by the fingerprint sensor with registrant fingerprint data as registrant biometric authentication data stored in the storage unit. Perform biometric authentication,
The IC card according to any one of claims 1 to 7. A module having the communication unit, the storage unit, and the control unit;
A main body having the module.
The IC card according to any one of claims 1 to 8. A communication unit that communicates with an external device;
A storage unit for storing a plurality of biometric authentication data of registrants corresponding to a plurality of types of biometric authentication methods;
A control unit that randomly selects at least one biometric authentication method from the plurality of types of biometric authentication methods and executes biometric authentication using the selected biometric authentication method when receiving a command requesting authentication from the external device; ,
A portable electronic device.