JP4300778B2 - Personal authentication system, server device, personal authentication method, program, and recording medium. - Google Patents

Description

[0001]
BACKGROUND OF THE INVENTION
The present invention relates to a personal authentication system, a server device, a personal authentication method, a program, a recording medium, and the like, and more particularly, to a personal authentication system that performs personal authentication based on a user's biometric information.
[0002]
[Prior art]
In recent years, it has become possible to access networks such as the Internet anytime and anywhere due to the ubiquitous environment. In order to ensure the safety of such an environment, personal authentication is indispensable.
[0003]
Conventional personal authentication methods include, for example, a token method (a method that authenticates the person by possessing it), a biometric information method (biometrics), a knowledge base method (information that only the user can know) For example).
[0004]
Such safer personal authentication can be realized by combining a safe information communication function such as PKI and a reliable personal identification function based on biometric information, for example. In this case, devices necessary for personal identification such as biometric information (templates), sensors, and determination functions serving as references can be personally identified by, for example, secure communication using PKI, even if they are arbitrarily arranged on the network. it can.
[0005]
[Problems to be solved by the invention]
However, in the conventional system, absolute safety is not necessarily guaranteed. For example, if a template that is invariant personal information is leaked, there is a problem that the safety of the system is destroyed. It was. Conventionally, as a solution means for such a template outflow, there is no solution means other than personal authentication by a terminal device having a template.
[0006]
Accordingly, an object of the present invention is to provide a new and improved personal authentication system and the like that can effectively prevent unauthorized access (template outflow) to a template existing on a network.
[0007]
[Means for Solving the Problems]
In order to solve the above problems, in the first aspect of the present invention, a plurality of terminal devices that can be used by personally authenticating the user's biometric information, and a reference for biometric information for personally authenticating the user A personal authentication system in which a template and a personal authentication system server device are connected via a public line network, and a registry registered by selecting and registering a terminal device used by the user in the public line network. The personal authentication server device determines whether the accessed terminal device is registered in the registration list, and the accessed terminal device is added to the registration list. Individuals that are allowed to download the template only when it is determined that it is registered. Authentication system is provided.
[0008]
In the above-described invention, since the template placed on the network is restricted from access from other terminal devices, a personal authentication system that is highly secure and easy to use can be realized. Furthermore, it is possible to reject the reference of the template due to unauthorized access from an unnecessary place. Since the registered terminal device can download the template from the server device, personal authentication can be easily performed.
[0009]
In addition, if the personal authentication system is configured to be tamper resistant and secure communication protection is performed, for example, the PKI authentication function can be used for mutual authentication with a communication partner to provide secure information. Exchange is ensured and template outflow is more effectively prevented.
[0010]
  The registration list includes at least a terminal device that can access the template and personal information of the user who registered the terminal device.It is recorded.
[0011]
The personal authentication system server device further includes a rejection list for registering a terminal device that refuses to download the template, and the accessed terminal device is registered in the rejection list. If the configuration is such that the downloading of the template is rejected, access to the template from a terminal device having a high probability of unauthorized access can be more effectively prevented.
[0012]
In addition, the terminal device registered in the registration list can change the contents of the registration list or the rejection list. When the terminal device is registered or deleted, the terminal device can be changed. , The safety of the system is ensured and the convenience of the user is improved.
[0013]
  Further, the terminal device is identified by the public key management number of the terminal device or the public address of the IPv6 terminal device.by.
[0014]
In order to solve the above problems, in a second aspect of the present invention, a personal authentication system server connected via a public line network to a plurality of terminal devices that can be used by personal authentication of user biometric information. The personal authentication server device includes at least a database storing a registration list registered by selecting a terminal device used by the user, and the accessed terminal device is registered in the registration list. And a biometric unit for personally authenticating the user connected to the public network only when it is determined that the accessing terminal device is registered in the registration list. An individual characterized by having permission means for permitting downloading of a template as a reference of information Proof server device is provided.
[0015]
The invention described above provides a personal authentication system server device that is highly secure and easy to use because it can restrict access from other terminal devices to templates placed on the network. can do.
[0016]
Further, if the server device is tamper-resistant and can be safely protected, it can exchange information safely by mutual authentication with a communication partner using, for example, a PKI authentication function. Is secured, and the outflow of the template is more effectively prevented.
[0017]
  The registration list includes at least a terminal device that can access the template and personal information of the user who registered the terminal device.It is recorded.
[0018]
In addition, the personal authentication server device further includes a rejection list for registering a terminal device that refuses to download the template and, if the accessed terminal device is registered in the rejection list, downloading the template. If the terminal is configured to have a rejecting means for rejecting, it is possible to more effectively prevent access to the template from a terminal device having a high probability of unauthorized access.
[0019]
The personal authentication server device may be configured to have permission means for permitting only the terminal device registered in the registration list to change the contents of the registration list or the rejection list. Since the contents of the registration list or the rejection list can be changed only from a reliable terminal device, the security of the system can be further improved.
[0020]
  Further, the terminal device is identified by the public key management number of the terminal device or the public address of the IPv6 terminal device.by.
[0021]
In order to solve the above-described problem, in the third aspect of the present invention, a plurality of terminal devices that can be used by personally authenticating the user's biometric information, and a reference for biometric information for personally authenticating the user A template, a personal authentication system server device, and a database storing a registration list registered by selecting a terminal device used by the user are connected via a public network, and the personal authentication server device , Determine whether the accessed terminal device is registered in the registration list, and permit the download of the template only when determining that the accessed terminal device is registered in the registration list, A personal authentication method is provided.
[0022]
In the above-described invention, the template placed on the network is restricted in access from other terminal devices, and can refer to the template by unauthorized access from an unnecessary place. Individual authentication can be easily performed. On the other hand, the registered terminal device can download the template from the server device and can easily perform personal authentication.
[0023]
In addition, if the personal authentication system is configured to be tamper resistant and secure communication protection is performed, for example, the PKI authentication function can be used for mutual authentication with a communication partner to provide secure information. Exchange is ensured and template outflow is more effectively prevented.
[0024]
  The registration list includes at least a terminal device that can access the template and personal information of the user who registered the terminal device.It is recorded.
[0025]
The personal authentication system server device further includes a rejection list for registering a terminal device that refuses to download the template, and the accessed terminal device is registered in the rejection list. If the configuration is such that the downloading of the template is rejected, access to the template from a terminal device having a high probability of unauthorized access can be more effectively prevented.
[0026]
In addition, the terminal device registered in the registration list can change the contents of the registration list or the rejection list. When the terminal device is registered or deleted, the terminal device can be changed. , The safety of the system is ensured and the convenience of the user is improved.
[0027]
  Further, the terminal device is identified by the public key management number of the terminal device or the public address of the IPv6 terminal device.by.
[0028]
In order to solve the above-described problem, in a fourth aspect of the present invention, a terminal device that accesses a computer having a database that stores a registration list in which a user selects a terminal device that can be used is registered. A determination means for determining whether or not the information is registered in a registration list, and the terminal device connected through the public network only when it is determined that the accessed terminal device is registered in the registration list. A computer program for functioning as a permission means for permitting download of a template serving as a reference for biometric information for personal authentication of a user.
[0029]
In order to solve the above-described problem, in a fifth aspect of the present invention, a terminal device that accesses a computer having a database that stores a registration list in which a user selects a terminal device that can be used is registered. A determination means for determining whether or not the information is registered in a registration list, and the terminal device connected through the public network only when it is determined that the accessed terminal device is registered in the registration list. A computer program readable recording medium for functioning as permission means for permitting download of a template serving as a reference for biometric information for personal authentication of a user is provided.
DETAILED DESCRIPTION OF THE INVENTION
Hereinafter, preferred embodiments of the present invention will be described in detail with reference to the accompanying drawings. In the present specification and drawings, components having substantially the same functional configuration are denoted by the same reference numerals, and redundant description is omitted.
[0030]
(First embodiment)
First, based on FIG. 1, the structure of the personal authentication system concerning this embodiment is demonstrated. FIG. 1 is a block diagram showing the configuration of the personal authentication system according to this embodiment.
[0031]
First, as shown in FIG. 1, the personal authentication system according to the present embodiment includes a plurality of terminal devices 100, 100 ′, 100 ″ (home terminal device 100, net cafe terminal device A 100 ′, net cafe terminal device B 100 ″). , Personal authentication system server apparatus 200, shop side server apparatus 300, external institution server apparatus (financial institutions such as banks and credit companies) 400, providers 600, 600 ', 600 ", communication carriers 700, 700', 700", domains A name server 800 or the like is connected via a network 500 such as the Internet. The terminal devices 100, 100 ', 100 "are connected via the providers 600, 600', 600" and the communication carriers 700, 700 ', 700 ".
[0032]
The domain name server 800 executes mutual conversion between the domain name and the IP address, searches for the IP address from the URL or the like transmitted from the terminal device 100, 100 ′, 100 ″, and sends it to the terminal device 100, 100 ′, 100 ″. Return it.
[0033]
The providers 600, 600 ′, 600 ″ logically connect the terminal devices 100, 100 ′, 100 ″ connected via the communication carriers 700, 700 ′, 700 ″ and the network 500 to the terminal devices 100, 100. It is possible to transmit information between “, 100” and the network 500.
[0034]
The communication carrier 700 corresponds to a transmission medium provided by a communication service company such as NTT, and enables connection and information transmission between the terminal devices 100, 100 ′, 100 ″ and the provider 600.
[0035]
Next, based on FIG. 2, the structure of the terminal device concerning this embodiment is demonstrated. Since the configuration of the net cafe terminal device 100 ′, 100 ″ is the same as that of the home terminal device 100, the home terminal device 100 will be described as an example.
[0036]
(Home terminal device)
This is a terminal device that is normally used by the user, and is initially registered by the user so that personal authentication can be performed using a biometric information template. Thereafter, the use of other terminal devices can be set by the home terminal device. This is because the user's home terminal (or portable terminal device) is used only by the user himself as a rule, so safety and user convenience are very high.
[0037]
(Internet cafe terminal device)
For example, a terminal device located in an Internet cafe in a town can be used for personal authentication using a biometric information template by a user registering in a registration list of a personal system authentication system server device to be described later. In the present embodiment, an explanation will be given by taking a net cafe terminal device as an example, but all terminal devices that can be connected to the Internet other than the home terminal device initially registered by the user are included.
[0038]
First, as shown in FIG. 2, the home terminal device 100 includes a communication control device 110 that controls communication with the personal authentication system server device 200 and display means (display) that displays content transmitted from the personal authentication system server device 200. ) 120, an input unit 130 for inputting various data such as information data, a storage unit 140 for storing information transmitted from the personal authentication system server device 200, and the like. Further, the terminal device 100 has a PKI function 150 for enabling secure communication, and a personal identification function 160 for comparing the input biometric information and the template to confirm the identity. Further, the terminal device 100 is connected with a sensor 170 for inputting personal biometric information.
[0039]
The terminal device 100 includes a desktop computer, a notebook personal computer, a portable terminal device, etc., as well as a mobile phone having a browser function such as i-mode (trade name) and a terminal having a communication function such as a palm. The sensor 170 is a sensor device for personal authentication of biometric information (biometrics). The biometric information includes not only fingerprints, faces, retinas, irises, palm prints, and voice prints as physical features, but also handwriting. Behavioral attributes that do not change over the years are included. In the present embodiment, an example in which the user's venous blood vessel data is used as biometric information will be described.
[0040]
The terminal device is provided with client software for safely transmitting / receiving data to / from the personal authentication system server device 200. This software is configured to be downloaded from the personal authentication system server device, and the user downloads this software and installs it on the terminal device. Alternatively, it can be attached to the sensor as an accessory. Such software includes a sensor driver and is designed to function as a browser plug-in. Further, when the user connects the terminal device to the personal authentication system server device and enters the personal authentication process, the biometric information from the sensor can be safely transmitted to the personal authentication system server device. Thus, since the terminal device has a sensor for personal authentication of biometric information, it can be connected to the shop side server device and the personal authentication system server device to perform personal authentication.
[0041]
In the present embodiment, a plurality of terminal devices (for example, home terminal devices, net cafe terminal devices) can be connected to the Internet. First, the home terminal device is registered as a terminal device that can access the template, and then, The Internet cafe terminal device is provisionally registered as a terminal device that can access the template. Thereafter, the temporarily registered net cafe terminal device is registered as an official terminal in the home terminal device. Thereafter, the registered net cafe terminal device can access the template.
[0042]
Next, the configuration of the personal authentication system server device according to the present embodiment will be described with reference to FIG. FIG. 3 is a block diagram showing the configuration of the personal authentication system server device according to the present embodiment. Note that the present embodiment has a registration list database for selecting and registering a terminal device that can access a template, unlike the prior art.
[0043]
First, as shown in FIG. 3, the personal authentication system server device 200 includes a CPU 210, a communication unit 220, a memory 230, a content database 240, a personal identification information database (template) 250, a registration list database 260, an authentication system manager 270, and the like. Consists of Furthermore, the personal authentication system server device 200 has a PKI function 280 for executing secure communication.
[0044]
The CPU 210 executes overall control of the personal authentication system server device 200. The communication unit 220 is a unit that controls communication with the outside via a telephone line or communication with the outside via, for example, the Internet. The memory 230 stores programs and data to be accessed by the CPU 210.
[0045]
The content database 240 stores contents such as HTML files, graphical icon files (such as GIF files) provided by the personal authentication system server device 300, hypertext objects such as audio and image objects, and the like, for example, via the Internet. , These objects are provided to the terminal device 100.
[0046]
The personal identification information database 250 is a database that stores a template that is a reference for personal authentication of personal biometric information.
[0047]
The registration list database 260 is a database that stores a registration list including data in which personal information of a user who uses a terminal device is associated with information on the terminal device that can access the template. Details of the registration list will be described later.
[0048]
The authentication system manager 270 manages registration, deletion, change, and the like in the registration list of the terminal device.
[0049]
As shown in FIG. 4, the registration list 2600 according to the present embodiment includes a number (NO) 2602, a user name 2604, an address 2606, a name 2608, a credit number 2610, a template 2612, a registration terminal device 2614, and a temporary registration terminal device. 2616, etc.
[0050]
The number (NO) 2602 is a serial number determined in the order of registration. A user name 2604 is a name that can be freely set for identifying a user who uses the personal authentication system according to the present embodiment. An address 2606 is an address of a user who uses the personal authentication system according to the present embodiment. A name 2608 is the name of a user who uses the personal authentication system according to the present embodiment. The credit number 2610 is a credit card number used by the user. The template 2612 is a number that identifies a template that is the basis for personal authentication of the user. The registered terminal device 2614 is a terminal device officially registered as a terminal device used by the user. The temporary registration terminal device 2616 is a terminal device temporarily registered as a terminal device used by the user.
[0051]
The shop-side server device 300 is a server device that provides a commonly used Internet shopping site. The shop-side server device 300 displays product information on the Web page, and the user can select and order products. In addition, the site provided by the shop-side server device 300 secures a secure communication path using SSL and encrypts personal information such as product order information, address, name, and credit card number through a browser. Can be sent to the site.
[0052]
The external institution server device 400 is a server device of a financial institution such as a bank or a credit company, and for example, when a user purchases a product using a shopping site, the server device performs settlement of a product price or the like It is.
[0053]
A mutual authentication flow employed in the personal authentication system according to the present embodiment will be described. In the personal authentication system according to the present embodiment, a mutual authentication flow that is generally implemented can be used. In the present embodiment, a mutual authentication flow executed between the server device and the terminal device will be described as an example.
[0054]
First, the terminal device generates a random number Ra and transmits it to the server device.
[0055]
Next, the server device generates Rs and SK. Sv is generated by multiplying the base point by SK, a server signature is attached to the connection of Rs, Ra, and Sv, and a public key certificate is further attached to the terminal device, which is transmitted. (Authentication request)
[0056]
Thereafter, the terminal device verifies the signature of the public key certificate of the server using the public key of the terminal device of the terminal device. Next, the signature of the message is verified with the public key of the certificate authority, and further, it is checked whether or not the first transmitted Ra is the same (one-way authentication is completed). Thereafter, a random number Ak is generated, and Av is generated by multiplying the base point by Ak. Furthermore, the signature of the terminal device and the public key certificate of the terminal device are attached to the concatenation of Ra, Rs, and AV, and transmitted to the server device.
[0057]
The server device verifies the signature of the public key certificate of the terminal device using the public key of the terminal device. Next, the signature of the message is verified with the public key of the certificate authority, and further, it is checked whether or not the Rs transmitted first is the same (mutual authentication completed). A session key (SkAv = Aksv) is generated from the random numbers transmitted to each other.
[0058]
As described above, mutual authentication between the terminal device and the server device is executed. Note that such a mutual authentication process can be generally applied between any entities.
[0059]
Next, an outline of a conventional personal authentication method using biometric information will be described with reference to FIG. Note that this personal authentication method is also employed in this embodiment.
[0060]
First, in the conventional personal authentication method, a user's biometric information is input from the sensor 170, and the biometric information (template) 250 of the user registered in advance is compared with the personal identification function 160 to determine whether or not the user is a preregistered user. (Personal identification) As a result, when it is determined that the user is the user himself / herself, the processing execution function 290 uses the personal information 260 such as a credit card number to make payments at the external settlement organization 400, orders to the shop, etc. Perform the function.
[0061]
These functions are usually stored in a single server device. However, as long as personal authentication is performed on the network and the security of each function is ensured, each function is located anywhere on the network. Also good. For example, the template may be arranged on another server device on the network and downloaded every time the individual is identified.
[0062]
In order to ensure the safety of each function, for example, authentication or encryption using PKI (Public Key Infrastructure) can be used. Since each functional device has PKI authentication and encryption functions, mutual authentication is performed when information is exchanged. In addition, by using the shared encryption key to encrypt and transmit information, it is possible to prevent unauthorized tapping and alteration of the information.
[0063]
In practice, however, the exchange of information is not absolutely guaranteed to be secure. For example, cryptographic algorithms have only been evaluated for computational security, and the future security will not be guaranteed. There is no guarantee. For example, if a key is leaked, there is a risk of information leaking. In addition, since the biological information is semi-permanently invariant information, the biological information itself cannot be changed even if the reference biological information flows out. For this reason, the user may have anxiety about storing biometric information in the server device.
[0064]
In order to solve such a problem, the personal authentication system according to the present embodiment adopts a configuration in which only the terminal device registered by the user can access the biometric information on the server device. In this way, by imposing restrictions on the access to the biometric information on the server device, it is possible to achieve compatibility with being able to authenticate anywhere in a ubiquitous environment.
[0065]
Hereinafter, based on FIG. 6, the access restriction to the template on the server device in the personal authentication system according to the present embodiment will be described. FIG. 6 is an explanatory diagram showing the concept of access restriction in the personal authentication system according to the present embodiment.
[0066]
As shown in FIG. 6, a personal authentication system server device 200 having two terminal devices, personal identification information (template) 250 and a registration list 2600 is connected to the network 500. The template 250 is downloaded from the user's home terminal device 100 and stored in the database.
[0067]
Among the terminal devices, the terminal device A (for example, the net cafe terminal device 100 ′) is registered as a terminal device that can access the template 250 by the user's selection. In this embodiment, for example, an ID number of a terminal device or a public key certificate of PKI is described in the registration list 2600, so that it can be set as an accessible terminal device. Therefore, the terminal device A can access the template 250 and perform personal authentication. This is intended to improve the convenience of the user by making it possible to refer to the template 250 in a city cafe or the like frequently used by the user rather than making the template accessible only to the home terminal device 100. is there.
[0068]
On the other hand, since the terminal device B (for example, the net cafe terminal device 100 ″) is not registered in the registration list, the terminal device B cannot access the template 250. The user is usually a general unspecified number of users. Since the user does not access the template 250 from the terminal device, the user does not register, so access from the unregistered terminal device is denied.
[0069]
Thus, only the terminal device registered in the registration list 2600 can download the template 250. The terminal device can be identified using an IPv6 code.
[0070]
Next, an example of the personal authentication system according to the present embodiment will be described with reference to FIGS. In this embodiment, (1). Registration in registration list of home terminal device, (2). Temporary registration in the registration list of the net cafe terminal device, (3). Official registration to registration list of Internet cafe terminal device (by home terminal device), (4). The description will be divided into four steps: online shopping using a registered terminal device.
[0071]
FIG. 7 is a flowchart showing a registration process to the registration list of the home terminal device according to the present embodiment. FIG. 8 is a flowchart showing a provisional registration process in the registration list of the net cafe terminal device according to the present embodiment. FIG. 9 is a flowchart showing a formal registration process to the registration list of the net cafe terminal device according to the present embodiment. FIG. 10 is a flowchart showing an online shopping process using the registration terminal device. FIGS. 11 to 46 are explanatory diagrams showing screens displayed on the terminal device in the above four steps according to the present embodiment. In the following, it is assumed that the shopping site and the personal authentication system server device are operated by different entities, and each can communicate by a secure method such as PKI.
[0072]
In order to use the personal authentication system, a sensor for personal authentication based on biometric information is prepared and connected to a terminal device, or a device such as a PDA (Personal Digital Data Assistant) with a built-in sensor is required. The user can purchase the sensor from the operating company of the personal authentication system according to the description of the site provided by the personal authentication system. Such sensors have tamper resistance so that the data in the hardware cannot be tampered with or eavesdropped, and safety is guaranteed by the operating company of the personal authentication system. Together with client plug-in software distributed by a personal authentication system company, biometric information can be acquired and transmitted safely. The user connects this sensor to his / her terminal device and accesses the personal authentication system server device.
[0073]
In the personal authentication system according to the present embodiment, it is assumed that a PKI infrastructure is provided. That is, a certificate authority (not shown) exists, and an ID number and a key are set for each apparatus using a highly reliable PKI function, and a public key certificate and a registration list are issued. In the present embodiment, each terminal device and server device has a PKI function that functions based on the PKI infrastructure.
[0074]
In this embodiment, the user has already applied for the use registration of the personal authentication system, the area of the server device used by the user is secured, and the ID number and temporary access accessible only by the user himself / herself are provided. It is assumed that a password has been issued. On the setting screen, the server device URL, user ID number, user temporary password, name (handle name), and mail address are entered. Thereafter, the authentication system manager confirms the input ID number and temporary password, performs PKI mutual authentication, and secures a secure communication path between the terminal device and the server device. This will be described below.
[0075]
(1) Registration of home terminal device (initial registration)
In this embodiment, first, a terminal device at home is initially registered so that personal authentication can be performed using the biometric information template 250. As a result, the home terminal device can set whether or not other terminal devices can be used. This is because the user's home terminal (or portable terminal) is basically used only by the user himself / herself, and thus safety and user convenience are very high. Hereinafter, based on FIG. 7, the registration method of the home terminal device concerning this embodiment is demonstrated.
[0076]
First, as shown in FIG. 7, in step S100, the home terminal device 100 is connected to the personal authentication system server device (step S100).
[0077]
Next, in step S102, mutual authentication is performed between the home terminal device 100 and the personal authentication system server device 200 (step S102).
[0078]
That is, when the home terminal device 100 is connected to the personal authentication system server device 200 using a browser, an html file is transmitted, a Java (registered trademark) plug-in is operated, and personal authentication initial registration guidance by Java script is provided. A screen is displayed. FIG. 11 shows such an initial registration guidance screen. The user clicks the initial registration button in the initial registration guide screen on the screen.
[0079]
When the user clicks the initial registration button in the guidance screen, the personal authentication client software is activated from Java and requests the personal authentication system server device 200 for mutual authentication. The personal authentication returns Ack, and the mutual authentication process described above is executed. The screen shown in FIG. 12 is displayed. If mutual authentication is not established, a message (not shown) such as “unusable” is displayed. Note that the mutual authentication process is the same process as described above, and a description thereof will be omitted.
[0080]
Next, when Ack is returned from the personal authentication system server device 200 in step S104, a biometric information registration screen is displayed on the screen of the terminal device 100, and the biometric information of the user is acquired (step S104). .
[0081]
That is, when the mutual authentication is completed, a user registration screen is displayed as shown in FIG. On the user registration screen, a user name (handle name) input screen is displayed. The user inputs the user name and clicks the OK button.
[0082]
Then, as shown in FIG. 14, a biometric information acquisition screen is displayed. On the biometric information acquisition screen, a message is displayed so that the user's finger is placed on the biometric information sensor and any key is pressed. When the user places a finger on the sensor 170 and presses any key on the keyboard, the driver of the sensor 170 is activated to capture biometric data (for example, venous blood vessel pattern data) from the sensor and store it in the storage unit 140. Further, the user name and the acquired biometric data (for example, venous blood vessel pattern data) are encrypted using the session key generated in the mutual authentication and transmitted to the personal authentication system server device 200.
[0083]
At this time, as shown in FIG. 15, a message such as “Transferring to personal authentication site” is displayed on the screen. Upon receipt of this data, the personal authentication system server device 200 temporarily stores it in the memory 230, executes predetermined image processing, data processing, etc., and stores it again in the memory 230. When the processing is completed, a completion notification is returned to the terminal device 100.
[0084]
Next, as shown in FIG. 16, in order to acquire the second data, a message “Please release your finger and place it on the sensor again” is displayed. The user repositions the finger according to the instruction and presses any key. The above processing is repeated to transmit biometric data (for example, venous blood vessel pattern data) to the personal authentication system server device 200, and the personal authentication system server device 200 stores the same in the memory 230 in the same manner. These processes are repeated three times.
[0085]
Thereafter, in step S106, a template is created (step S106). In other words, the personal authentication system server device 200 adds the user's three biometric data (for example, three venous blood vessel pattern data), performs average or suitable image processing, feature extraction, and data processing, A template 250 is created. The template 250 is stored in the memory 230, and the home terminal apparatus 100 is notified that the generation of the template is completed and that the process proceeds to the template confirmation process.
[0086]
The template confirmation screen is for confirming whether or not the user can be authenticated by the created template 250. On the screen, as shown in FIG. 17, an instruction “Place your finger again for confirmation” is displayed. When the user again places a finger on the sensor 170 and presses any key, the driver of the sensor 170 is activated and the user's biometric data is captured in the same manner as described above.
[0087]
The user's biometric data is encrypted and transmitted to the personal authentication system server device 200 as shown in FIG. The personal authentication system server device 200 decrypts the transmitted biometric information encryption data, performs predetermined data processing, compares it with the template 250 already created, and is the same as the data of the template 250. Determine whether or not. If the result of the comparison is within a predetermined difference, it is determined that the generated template 250 is identifiable, and the home terminal apparatus 100 is notified that the template has been correctly generated. Further, when the template confirmation is not established, the fact is notified.
[0088]
If the confirmation of the template is not established, the user is again instructed to place the finger and press the key, and the acquired data is encrypted again and transmitted to the personal authentication system server device 200. The personal authentication system server device 200 again performs comparison with the template 250 and confirms the result. If it is not established again, the personal authentication system server device 200 notifies the home terminal device 100 that the template could not be generated. Such re-registration can be performed, for example, three times from the beginning.
[0089]
On the other hand, when template generation is established, registration and association of personal information is executed and biometric data is registered in the subsequent steps.
[0090]
That is, if the template is correctly generated, personal information is input to the personal information input screen in step S108 (step S108).
[0091]
That is, as shown in FIG. 19, the personal information input screen includes “user name”, “postal number”, “address”, “name”, “date of birth”, “phone number”, “credit card number”, It consists of input items for personal information such as “expiration date”. The user clicks an OK button after entering predetermined input items. Note that a password (or Q & A) may be input for insurance when the biometric personal authentication fails.
[0092]
When the “OK button” is clicked, a personal information confirmation screen is displayed as shown in FIG. If there is no mistake after confirming the personal information, the user clicks the “OK button”, and this information is encrypted using the PKI system and transmitted to the personal authentication system server device 200.
[0093]
The personal information data and the unique data of the home terminal device that the user has initially registered are encrypted and transmitted to the personal authentication system server device 200. Further, when the public key of the client software is used for identification of the home terminal device 100, the public key has already been transferred in the mutual authentication and may not be transmitted.
[0094]
Finally, in step S110, the user's personal information is registered (step S110). Upon receiving these pieces of information, the personal authentication system server device 200 receives the user name, the number for identifying the previously generated biometric information template 250, the personal information, and the identification information of the home terminal device 100 (downloaded to this terminal). The software PKI public key, the ID number unique to the biometric information sensor, and information such as an IP address such as IPv6 set in this terminal) are associated and registered in the registration list 2600 of the personal authentication system server device 200. Thereafter, the temporary password becomes unnecessary, and access becomes possible by performing personal identification based on biometric information.
[0095]
When registration is completed, a completion notice is returned to the home terminal device 100. On the screen of the home terminal apparatus 100, a message indicating completion of initial registration is displayed as shown in FIG.
[0096]
Note that a terminal device that can be referred to a template can be added, deleted, or changed using the terminal device authenticated by the personal authentication system according to the present embodiment. For example, as in the initial setting described above, a setting screen can be entered from an application, and a terminal device can be added, changed, or deleted from the registration list.
[0097]
Thus, the initial registration of the home terminal device 100 for using the personal authentication system is completed. When the initial registration of the home terminal device is completed, the user can select a terminal device that can access the template. In order to allow other terminal devices to access the template, the terminal device is provisionally registered in the registration list as a candidate for registration in the other terminal device, and then the home terminal device in which initial registration has already been completed. It is necessary to formally register the terminal device. The following will be described in order.
[0098]
(2) Temporary registration of Internet cafe terminal device
When the initial registration of the home terminal device is completed, a terminal device candidate that can access the template is provisionally registered by the user's selection. In the following, an explanation will be given by taking a net cafe terminal device as an example. Since frequently used Internet cafes can be trusted to some extent, they are set so that the personal authentication system can be used from the terminal device. Hereinafter, the provisional registration method of the network cafe terminal device according to the present embodiment will be described with reference to FIG.
[0099]
First, in step S200, the network cafe terminal device 100 'is connected to the personal authentication system server device 200 (step S200).
[0100]
That is, the user logs in to the network cafe terminal device 100 ′ who wishes to use the personal authentication system, starts up a browser, inputs the URL of the personal authentication system server device 200, and connects to the site. An html file is transferred from the personal authentication system server device 200, and a personal authentication guidance screen as shown in FIG. 22 is displayed. When the user clicks the “set terminal registration candidate” button, the terminal registration candidate screen is displayed.
[0101]
On the terminal registration candidate setting screen, as shown in FIG. 23, registration conditions (for example, sensor installation and installation of client software are necessary) are specified. When the user presses the confirmation button (OK button), the client software is activated by the Java plug-in function, confirms that the sensor operates using the driver software, and requests mutual authentication to the personal authentication system server device 200 To do. If the client software does not exist, the message “This terminal cannot be set as a registration candidate” is displayed.
[0102]
Next, in step S202, a mutual authentication process is executed (step S202). That is, the personal authentication system server device 200 returns Ack, and the mutual authentication process is started as shown in FIG. Since the mutual authentication process has already been described, its description is omitted.
[0103]
Thereafter, when mutual authentication is established, in step S204, terminal device registration candidates are set from the terminal device registration candidate input screen (step S204).
[0104]
As shown in FIG. 25, the terminal registration candidate input screen is for temporarily registering a terminal device that can use a template, and includes “user name”, “terminal description (explanation that can be identified by the user. For example, , Where in the town, what kind of network cafe terminal, etc.) ”, the user inputs predetermined items and clicks the“ OK button ”.
[0105]
When the “OK button” is pressed, a confirmation screen for terminal device registration candidates is displayed as shown in FIG. If the information of the terminal device registration candidate is correct, the user clicks the “OK button”, and the data is encrypted and transmitted to the personal authentication system server device 200.
[0106]
Finally, in step S206, provisional registration of the net cafe terminal device 100 'is performed (step S206).
[0107]
That is, when the personal authentication system server device 200 receives these pieces of information, it temporarily registers the information of the network cafe terminal device 100 ′ as a registration candidate in the registration list 2600 corresponding to the user name. At this time, all data is recorded in the registration list 2600 having the same user name, and the user can select and specify a terminal device to be used from among the data.
[0108]
When the provisional registration is completed, as shown in FIG. 27, it is notified that the provisional registration of the network cafe terminal device 100 'is completed.
[0109]
Thus, the provisional registration of the terminal device registration candidate selected by the user as the terminal device that can access the template is completed. In order for the user to actually use the template as a terminal device that can access the template, it is necessary to formally register the terminal device. Hereinafter, the user sets from the home terminal device 100 (a terminal device that can already use personal authentication) so that the network cafe terminal device 100 ′ can use personal authentication. The process will be described below.
[0110]
(3) Official registration of Internet cafe terminal device (by home terminal device)
Next, the formal registration method of the net cafe terminal device according to the present embodiment will be described with reference to FIG. The terminal device will be described assuming that personal authentication application software and a device for personal authentication are provided as standard.
[0111]
First, as shown in FIG. 9, the home terminal apparatus 100 is connected to the personal authentication system server apparatus 200 in step S300 (step S300).
[0112]
That is, the user logs in to the home terminal device 100 that has performed initial registration, starts up a browser, and connects to the personal authentication system server device 200. An html file is transmitted from the personal authentication system server device 200, and a personal authentication guidance screen is displayed as shown in FIG. The user clicks the “personal authentication menu button” on the personal authentication guidance screen, and the personal authentication screen is displayed.
[0113]
Next, in step S302, mutual authentication is performed between the home terminal apparatus 100 and the personal authentication server apparatus 200 (step S302).
[0114]
That is, after the Java is activated by the script on this page and the client software is activated to confirm that the sensor is mounted and operated, the personal authentication system server device 200 is requested to perform mutual authentication. For example, the driver software may be used to send a command to check whether a predetermined code is returned, or to perform mutual authentication if the device has a PKI function. can do. The personal authentication system server device 200 returns Ack, and the mutual authentication process is started as shown in FIG. Since the mutual authentication process has already been described, its description is omitted.
[0115]
Thereafter, when mutual authentication is established, biometric information is acquired in step S304 (step S304), and then personal authentication is executed in step S306 (step S306).
[0116]
That is, as shown in FIG. 30, the user inputs the user name on the user name input screen and clicks the “OK button”. In addition, when the personal authentication system server apparatus 200 can identify a user with brute force, it can be omitted.
[0117]
Next, as shown in FIG. 31, a biometric information acquisition screen is displayed. On the biometric information acquisition screen, a message is displayed so that the user's finger is placed on the sensor 170 and any key is pressed. When the user places his finger on the sensor 170 and presses any key on the keyboard, the user's biometric information is captured and personal authentication is performed.
[0118]
Next, as shown in FIG. 32, the data acquired by the sensor 170 is encrypted and transmitted to the personal authentication system server device 200. When the personal identification is performed on the terminal device side, the user name is transmitted to the personal authentication system server device 200. After confirming the terminal device, the personal authentication system server device 200 transmits a template corresponding to the user name. It encrypts and transmits to the home terminal device 100.
[0119]
In step S308, the Internet cafe terminal device to be registered is designated. (Step S308).
[0120]
That is, the personal authentication system server device 200 identifies the terminal device by mutual authentication, and confirms whether the user name and the template are associated with the terminal device. If it is determined that they are associated with each other, the biometric information from the sensor 170 is compared with the template, and personal identification is executed. If it is determined that the biometric information from the sensor 170 matches the template, the result of personal authentication completion is returned, and at the same time, the screen shifts to the user's menu page. If it is determined that they do not match, it is notified that they cannot enter the menu page.
[0121]
As shown in FIG. 33, the user's menu page includes “personal information change”, “usable terminal setting”, “usable terminal release”, “link to shopping site A”, and “link to shopping site B”. , “Link to shopping site C”, and the like. The user clicks the “available terminal settings” button.
[0122]
When the “useable terminal setting” button is clicked, the personal authentication system server device 200 searches the database from the user name of the template that matches the identification, selects a terminal registration candidate that is temporarily registered, and is shown in FIG. In this way, the terminal candidates that can be referred to the template corresponding to the user name are displayed on the screen. The user selects a terminal device to be registered from the list of registration candidates displayed on the screen and clicks an “OK button”.
[0123]
As a result, in step S310, the registration list 260 of the personal authentication system server device 200 includes unique information for identifying the network cafe terminal device 100 ′ by the authentication system manager 270, such as the user name, template, and personal information. Is officially registered in association with (step S310).
[0124]
When registration of the net cafe terminal device 100 'is completed, a completion message is displayed as shown in FIG.
[0125]
As described above, the terminal device of the net cafe is formally registered as a terminal device that can refer to the template. From then on, the Internet cafe terminal registered in the registration list can download and use the templates arranged in the server device. Therefore, online shopping using personal authentication from this terminal device becomes possible. Similarly, the terminal device can set the terminal device to be used by transmitting the public key certificate of the other terminal device. The registration of the terminal device can be canceled by canceling the registration on the database after the personal authentication.
[0126]
Thus, for example, when the user goes to the first Internet cafe and frequently uses it in the future, the user authenticates the user's own home terminal device and can access the server device, and then the desired network. By setting the IP address, ID number, public key certificate, and the like of the cafe terminal device, it can also be accessed from the net cafe terminal device.
[0127]
Further, in the personal authentication system according to the present embodiment, when another terminal device that is not set as described above tries to use the personal authentication system, the personal authentication is rejected. That is, when an unspecified terminal device enters, for example, a shopping site and clicks on the use of a personal authentication system, after a secure communication path is established by PKI mutual authentication, information unique to the terminal is sent to the personal authentication system server device 200. Sent. In this case, since the terminal device is not set, the template cannot be referred from the terminal device. Therefore, template reference is restricted. In this way, impersonation from an unspecified number of terminal devices and wiretapping of template data can be prevented.
[0128]
(Method of online shopping with Internet cafe terminal device)
Next, based on FIG. 10, the net shopping method in the net cafe terminal device concerning this embodiment is demonstrated. It is assumed that the user registration of the shopping site has been performed in advance.
[0129]
First, in step S400, the registered network cafe terminal device 100 'is connected to the shop side server device 300 (step S400).
[0130]
That is, as shown in FIG. 36, the user logs in to the network terminal device 100 'and inputs the URL of the shopping site or accesses the shopping site using a search engine or the like.
[0131]
Next, in step S402, a purchase desired product is determined (step S402).
[0132]
That is, as shown in FIGS. 37 and 38, the user browses products on a shopping site, determines a product desired to be purchased, and clicks on a screen displaying a list of product specifications, quantities, and prices. Enter the quantity on the product page you wish to purchase and click the OK button. A confirmation screen for product name, product specifications, price, quantity, etc. is displayed on the screen.
[0133]
In step S404, the network cafe terminal device 100 'is connected to the personal authentication system server device 200 (step S404).
[0134]
That is, as shown in FIG. 39, an input page for delivery information and settlement information is displayed. The user has a button “use personal authentication system”, and when using the personal authentication system, clicking the button shifts to a personal authentication input screen. Click that button.
[0135]
The “use personal authentication system” button is set to redirect to the personal authentication system server device 200, and at the same time a cookie for specifying the user's browser is set, the personal authentication system server device Redirected to 200. The cookie is stored in the browser and used for association when returning to the shopping site after the personal authentication is completed. Alternatively, when redirecting, association is performed by simultaneously transmitting the ID number of the shopping site to the personal authentication system server device 200. That is, as shown in FIG. 40, the user inputs the user name from the user name input screen and clicks the “OK button”. When the “OK button” is clicked, after mutual authentication is executed, the process proceeds to a personal authentication process using biometric information.
[0136]
That is, mutual authentication is executed in step S406 (step S406).
[0137]
When connected to the personal authentication system server device 200, a button (not shown) for performing personal authentication is clicked. After the client software is activated and the sensor operation is confirmed, the personal authentication system server device 200 is requested to perform mutual authentication. The personal authentication system server device 200 returns Ack and proceeds to the mutual authentication process as shown in FIG. Since the mutual authentication process has already been described, its description is omitted.
[0138]
Next, in step S408, the user's biological information is acquired (step S408).
[0139]
That is, as shown in FIG. 42, a message biometric information acquisition screen is displayed by placing a user's finger on the biometric information sensor and pressing any key. When the user places a finger on the sensor and presses a key on the keyboard, the driver of the sensor is activated, and biological information (for example, venous blood vessel pattern data) is captured from the sensor.
[0140]
Furthermore, in step S410, confirmation of the registered terminal device and personal identification are executed (step S410).
[0141]
That is, as shown in FIG. 43, the net cafe terminal device 100 ′ encrypts the data from the sensor 170 and transmits it to the personal authentication system server device 200.
[0142]
The personal authentication system server device 200 identifies a terminal device by mutual authentication, and checks whether the user name and the template are associated with the terminal device. If it is determined that they are associated with each other, after downloading the template, the biometric information from the sensor is compared with the template to perform personal identification. At this time, the personal authentication system server device 200 confirms the handle name of the user of the terminal device making the inquiry, the ID number of the terminal device, the public key certificate, and the like.
[0143]
When personal identification is performed on the net cafe terminal device 100 ′ side, the user name is transmitted to the personal authentication system server device 200, and the personal authentication system server device 200 confirms the net cafe terminal device 100 ′, The template corresponding to the user name is encrypted and transmitted to the net cafe terminal device 100 ′.
[0144]
If it is determined that the biometric information matches the template, as shown in FIG. 44, a message indicating that the user is authenticated is displayed on the screen of the net cafe terminal device 100 'and displayed on the shopping site. Return. Thereafter, the terminal device functions as a terminal device used by the user. If they do not match, a message indicating that authentication is not possible is displayed and the original product confirmation screen is displayed again.
[0145]
Thereafter, mutual authentication is executed in step S412 (step S412).
[0146]
That is, the personal authentication system server device 200 requests mutual authentication from the shop side server device 300 at the same time. The shop-side server device 300 returns Ack and proceeds to the mutual authentication process. Since the mutual authentication method has already been described, its description is omitted.
[0147]
Further, when the mutual authentication is completed, in step S414, personal information (“delivery destination”, “settlement information”, etc.) is transferred to the shop side server device 300 together with the authentication result (step S414).
[0148]
That is, the personal authentication system server device 200 encrypts and transfers the personal information of the user (along with the ID number corresponding to the order of the shopping site) to the shop side server device 300. As a result, the shop-side server device 300 can obtain personal information for the order.
[0149]
Finally, in step S416, as shown in FIG. 45, the shop-side server device 300 completes the order by associating the personal information transmitted from the personal authentication system server device 200 with the order associated with the cookie. (Step S416).
[0150]
As shown in FIG. 46, the shop-side server device 300 displays an order completion message and a thank-you message, ships the product based on the address information in the personal information, and uses the credit card number in the personal information. The external organization server apparatus 400 performs settlement.
[0151]
The internet shopping by the internet cafe terminal device 100 ′ is thus completed.
[0152]
In the present embodiment, since the template access restriction is provided, it is possible to realize a personal authentication system that is highly secure and easy to use. Furthermore, since the templates arranged on the network are restricted from access from other terminal devices, it is possible to refuse the reference of the template due to unauthorized access from an unnecessary place. Moreover, since the registered terminal device can also download a template from the personal authentication system server device, personal authentication can be easily performed.
[0153]
The preferred embodiment according to the present invention has been described above, but the present invention is not limited to such a configuration. A person skilled in the art can assume various modifications and changes within the scope of the technical idea described in the claims, and the modifications and changes are also within the technical scope of the present invention. It is understood that it is included in
[0154]
For example, in the above-described embodiment, the initial registration has been described by taking as an example a configuration that is performed on the Internet. However, for example, the user can go to a registration office that manages the server device. In addition, when a user goes to the registration office, registration can be performed from a terminal device directly connected to the personal authentication system server.
[0155]
In the above embodiment, a configuration using PKI is described as an example of a secure communication method. However, other methods such as authentication using a common key and an encryption method may be used. Can do.
[0156]
In addition, as a method of personal authentication process, (1). (2) A method in which the template that can be used by the terminal device is transmitted to all the terminal devices, and the software in the terminal device performs personal identification. (3) a method in which only the user name is transmitted, only the template corresponding to the user name is transmitted to the terminal device, and the software in the terminal device performs personal identification. A method may be considered in which data from a sensor is sent to a personal authentication system server device, and the personal authentication system server device performs comparison and identification with a template group that can be referred to by the terminal device. In any method, only a template that can be referred to by the terminal device is used, and personal identification can be performed in the terminal device or in the personal authentication system server device.
[0157]
In addition, if a plurality of biometric information identification functions can be used on this biometric information registration screen, the biometric information identification function to be used is selected, and then the biometric information is registered so that the sensor can read the site used by the selected biometric information. A screen that prompts the user to place the site can also be displayed.
[0158]
In the above-described embodiment, the configuration for specifying the terminal device that can refer to the template has been described as an example. However, for example, a configuration for specifying a route for accessing the template may be employed.
[0159]
In the above-described embodiment, the configuration having a registration list for registering a terminal device that can refer to a template has been described as an example. For example, a rejection list for registering a terminal device that rejects referencing a template is used. It is also possible to adopt a configuration having this. In this case, access to the template from a terminal device having a high probability of unauthorized access can be more effectively prevented.
[0160]
【The invention's effect】
Access restrictions are set for templates placed on the network, and reference to templates due to unauthorized access from unnecessary locations is rejected, thus realizing a personal authentication system that is highly secure and easy to use. be able to. Further, since the registered terminal device can download the template from the server device, personal authentication can be easily performed. Therefore, the user can perform ordering and settlement of merchandise without using another card or the like by performing personal authentication of biometric information from a registered terminal device such as an Internet cafe terminal device.
[Brief description of the drawings]
FIG. 1 is a block diagram showing a configuration of a personal authentication system according to a first embodiment.
FIG. 2 is a block diagram showing a configuration of a terminal apparatus according to the first embodiment.
FIG. 3 is a block diagram illustrating a configuration of a personal authentication system server device according to the first embodiment;
FIG. 4 is an explanatory diagram showing a registration list according to the first embodiment;
FIG. 5 is a block diagram showing an outline of a conventional personal authentication method using biometric information, which is employed in the first embodiment.
FIG. 6 is an explanatory diagram showing a concept of access restriction in the personal authentication system according to the first embodiment;
FIG. 7 is a flowchart showing a registration process to a registration list of the home terminal device according to the first embodiment;
FIG. 8 is a flowchart showing a provisional registration process in the registration list of the net cafe terminal device according to the first embodiment;
FIG. 9 is a flowchart showing a formal registration process to the registration list of the net cafe terminal device according to the first embodiment;
FIG. 10 is a flowchart showing an online shopping process using the registration terminal device according to the first embodiment;
FIG. 11 is an explanatory diagram showing a screen displayed on the terminal device in the registration process to the registration list of the home terminal device according to the first embodiment;
FIG. 12 is an explanatory diagram showing a screen displayed on the terminal device in the registration process to the registration list of the home terminal device according to the first embodiment;
FIG. 13 is an explanatory diagram showing a screen displayed on the terminal device in the registration process to the registration list of the home terminal device according to the first embodiment;
FIG. 14 is an explanatory diagram showing a screen displayed on the terminal device in the registration process to the registration list of the home terminal device according to the first embodiment;
FIG. 15 is an explanatory diagram showing a screen displayed on the terminal device in the registration process to the registration list of the home terminal device according to the first embodiment;
FIG. 16 is an explanatory diagram showing a screen displayed on the terminal device in the registration process to the registration list of the home terminal device according to the first embodiment;
FIG. 17 is an explanatory diagram showing a screen displayed on the terminal device in the registration process to the registration list of the home terminal device according to the first embodiment;
FIG. 18 is an explanatory diagram showing a screen displayed on the terminal device in the registration process to the registration list of the home terminal device according to the first embodiment;
FIG. 19 is an explanatory diagram showing a screen displayed on the terminal device in the registration process to the registration list of the home terminal device according to the first embodiment;
FIG. 20 is an explanatory diagram showing a screen displayed on the terminal device in the registration process to the registration list of the home terminal device according to the first embodiment;
FIG. 21 is an explanatory diagram showing a screen displayed on the terminal device in the registration process to the registration list of the home terminal device according to the first embodiment;
FIG. 22 is an explanatory diagram showing a screen displayed on the terminal device in the provisional registration registration process to the registration list of the net cafe terminal device according to the first embodiment;
FIG. 23 is an explanatory diagram showing a screen displayed on the terminal device in the provisional registration and registration process to the registration list of the net cafe terminal device according to the first embodiment;
FIG. 24 is an explanatory diagram showing a screen displayed on the terminal device in the provisional registration and registration process to the registration list of the net cafe terminal device according to the first embodiment;
FIG. 25 is an explanatory diagram showing a screen displayed on the terminal device in the provisional registration and registration process to the registration list of the net cafe terminal device according to the first embodiment;
FIG. 26 is an explanatory diagram showing a screen displayed on the terminal device in the provisional registration registration process to the registration list of the net cafe terminal device according to the first embodiment;
FIG. 27 is an explanatory diagram showing a screen displayed on the terminal device in the provisional registration registration process to the registration list of the net cafe terminal device according to the first embodiment;
FIG. 28 is an explanatory diagram showing a screen displayed on the terminal device in a formal registration process (using a home terminal device) in the registration list of the net cafe terminal device according to the first embodiment;
FIG. 29 is an explanatory diagram showing a screen displayed on the terminal device in a formal registration process (using a home terminal device) in the registration list of the net cafe terminal device according to the first embodiment;
FIG. 30 is an explanatory diagram showing a screen displayed on the terminal device in a formal registration (using a home terminal device) to the registration list of the net cafe terminal device according to the first embodiment;
FIG. 31 is an explanatory diagram showing a screen displayed on the terminal device in a formal registration (using a home terminal device) to the registration list of the net cafe terminal device according to the first embodiment;
FIG. 32 is an explanatory diagram showing a screen displayed on the terminal device in a formal registration (using a home terminal device) step in the registration list of the net cafe terminal device according to the first embodiment;
FIG. 33 is an explanatory diagram showing a screen displayed on the terminal device in a formal registration (using a home terminal device) to the registration list of the net cafe terminal device according to the first embodiment;
FIG. 34 is an explanatory diagram showing a screen displayed on the terminal device in a formal registration (using a home terminal device) to the registration list of the net cafe terminal device according to the first embodiment;
FIG. 35 is an explanatory diagram showing a screen displayed on the terminal device in a formal registration (using a home terminal device) step in the registration list of the net cafe terminal device according to the first embodiment;
FIG. 36 is an explanatory diagram showing a screen displayed on the terminal device in the net shopping process using the registered terminal device according to the first embodiment;
FIG. 37 is an explanatory diagram showing a screen displayed on the terminal device in the online shopping process using the registered terminal device according to the first embodiment;
FIG. 38 is an explanatory diagram showing a screen displayed on the terminal device in the online shopping process using the registered terminal device according to the first embodiment;
FIG. 39 is an explanatory diagram showing a screen displayed on the terminal device in the net shopping process using the registered terminal device according to the first embodiment;
FIG. 40 is an explanatory diagram showing a screen displayed on the terminal device in the net shopping process using the registration terminal device according to the first embodiment;
FIG. 41 is an explanatory diagram showing a screen displayed on the terminal device in the net shopping process using the registered terminal device according to the first embodiment;
FIG. 42 is an explanatory diagram showing a screen displayed on the terminal device in the net shopping process using the registered terminal device according to the first embodiment;
FIG. 43 is an explanatory diagram showing a screen displayed on the terminal device in the net shopping process using the registration terminal device according to the first embodiment;
FIG. 44 is an explanatory diagram showing a screen displayed on the terminal device in the online shopping process using the registered terminal device according to the first embodiment;
FIG. 45 is an explanatory diagram showing a screen displayed on the terminal device in the online shopping process using the registered terminal device according to the first embodiment;
FIG. 46 is an explanatory diagram showing a screen displayed on the terminal device in the net shopping process using the registration terminal device according to the first embodiment;
[Explanation of symbols]
100 terminal device
150 PKI function
160 Personal identification function
170 Sensor
200 personal authentication system server device
250 Personal identification information database (template)
260 Registration List Database
270 Authentication System Manager
280 PKI function
300 Shop side server device
400 External engine server device
500 networks
600 providers
700 Communication carrier
800 domain name server
2600 Registration list

Claims (14)

A plurality of terminal devices that can be used by personally authenticating the user's biometric information, a template serving as a reference for biometric information for personally authenticating the user, and a personal authentication system server device via a public network A connected personal authentication system,
The public line network is further connected with a database for storing a registration list registered by selecting a terminal device used by the user,
The personal authentication server device determines whether the accessed terminal device is registered in the registration list, and only when determining that the accessed terminal device is registered in the registration list. to allow the download of,
The registration list includes at least a list of terminal devices that can access the template and personal information of the user who registered the terminal device,
The terminal device that has been accessed is identified by the public key management number of the terminal device or the public address of the terminal device of IPv6,
The personal authentication server device further accepts temporary registration from a terminal device not registered in the registration list, and then the temporary registration is officially registered by the terminal device already registered in the registration list. And registering the provisionally registered terminal device in a registration list .   The personal authentication system according to claim 1, wherein the personal authentication system has tamper resistance and secure communication protection.   The personal authentication system server device further includes a rejection list for registering a terminal device that refuses to download the template, and if the accessed terminal device is registered in the rejection list, The personal authentication system according to claim 1, wherein download of the template is rejected. The registration terminal registered in the list apparatus, personal authentication system of claim 1, wherein the registration is a list or can modify the content of the rejection click Chillon list, it is characterized. A personal authentication system server device connected via a public line network with a plurality of terminal devices that can be used by personally authenticating user biometric information,
The personal authentication server device is at least
A database for storing a registration list registered by selecting a terminal device used by the user;
Determining means for determining whether or not the accessed terminal device is registered in the registration list;
Only when it is determined that the accessed terminal device is registered in the registration list, downloading of a template serving as a reference for biometric information for personal authentication of the user connected to the public line network is permitted. and permission means for, the possess,
The registration list includes at least a list of terminal devices that can access the template and personal information of a user who has registered the terminal device,
The terminal device that has been accessed is identified by the public key management number of the terminal device or the public address of the IPv6 terminal device,
The provisionally registered terminal is received when the provisional registration from the terminal device not registered in the registration list is accepted, and then the provisional registration is officially registered by the terminal device already registered in the registration list. A personal authentication server device further comprising registration means for registering the device in a registration list . The server device has tamper resistance and can secure communication protection.
The personal authentication server device according to claim 5 , wherein: The personal authentication server device further includes:
A rejection list for registering terminal devices that refuse to download the template;
6. The personal authentication server device according to claim 5 , further comprising: rejection means for rejecting downloading of the template when the accessed terminal device is registered in the rejection list. The personal authentication server device includes:
Having permission means for permitting only the terminal device registered in the registration list to change the contents of the registration list or the rejection list;
The personal authentication server device according to claim 5 , wherein the personal authentication server device is a personal authentication server device. A plurality of terminal devices that can be used after personal authentication of the user's biometric information, a template that is a reference for biometric information for personal authentication of the user, a personal authentication system server device, and a terminal device used by the user Is connected to the database that stores the registration list registered by selecting
The personal authentication server device includes:
Determine whether the accessed terminal device is registered in the registration list;
Permit download of the template only when it is determined that the accessed terminal device is registered on the registration list,
The registration list includes at least a list of terminal devices that can access the template and personal information of the user who registered the terminal device,
The terminal device that has been accessed is identified by the public key management number of the terminal device or the public address of the terminal device of IPv6,
The personal authentication server device further accepts temporary registration from a terminal device not registered in the registration list, and then the temporary registration is officially registered by the terminal device already registered in the registration list. And registering the provisionally registered terminal device in a registration list . The personal authentication method according to claim 9 , wherein the personal authentication system has tamper resistance and secure communication protection. Further, the personal authentication system server device has a rejection list for registering a terminal device that refuses to download the template, and when the accessed terminal device is registered in the rejection list, The personal authentication method according to claim 9 , wherein the template download is rejected. The personal authentication method according to claim 9 , wherein the terminal device registered in the registration list can change the contents of the registration list or the rejection list. For a computer having a database for storing a registration list registered by selecting a terminal device usable by the user,
Determining means for determining whether the accessed terminal device is registered in the registration list;
Permission to permit downloading of a template serving as a reference for biometric information for personal authentication of the user connected to the public line network only when it is determined that the accessed terminal device is registered in the registration list Means,
The provisionally registered terminal is received when the provisional registration from the terminal device not registered in the registration list is accepted, and then the provisional registration is officially registered by the terminal device already registered in the registration list. Registration means for registering the device in the registration list;
A computer program for making it function ,
The registration list includes at least a list of terminal devices that can access the template and personal information of a user who has registered the terminal device,
The computer program for specifying the accessed terminal device by the public key management number of the terminal device or the public address of the IPv6 terminal device. For a computer having a database for storing a registration list registered by selecting a terminal device usable by the user,
Determining means for determining whether the accessed terminal device is registered in the registration list;
Permission to permit downloading of a template serving as a reference for biometric information for personal authentication of the user connected to the public line network only when it is determined that the accessed terminal device is registered in the registration list Means,
The provisionally registered terminal is received when the provisional registration from the terminal device not registered in the registration list is accepted, and then the provisional registration is officially registered by the terminal device already registered in the registration list. Registration means for registering the device in the registration list;
A computer program readable recording medium for enabling
The registration list includes at least a list of terminal devices that can access the template and personal information of a user who has registered the terminal device,
The computer program-readable recording medium is specified by specifying the accessed terminal device by the public key management number of the terminal device or the public address of the IPv6 terminal device .

Images