JP4900578B2 - Authentication apparatus and authentication method - Google Patents

Description

  The present invention relates to an authentication device and an authentication method, for example, a device in which a user wears a portable authentication device and the authentication device authenticates the user.

2. Description of the Related Art In recent years, electronic devices have been miniaturized, and for example, a user wears an electronic device on his / her body like a wristwatch.
Some of such wearable (wearable) electronic devices have a personal authentication function for authenticating whether or not the user wearing the device is a registered person.
For example, “electronic device and authentication method” in the following document discloses a technique for authenticating a user by using biometric information (fingerprint, iris, facial contour, etc.) of the user who wears it.
JP 2005-71225 A

In this technology, an electronic device is formed in a wristwatch shape and a user wears it on an arm.
This electronic device detects that the user has been worn on the body by the wearing sensor, and further authenticates the user based on biometric information such as a fingerprint.
When the user removes the electronic device from the body, the electronic device detects this with a wearing sensor and resets the authentication state.

However, in the electronic device disclosed in this technology, a mounting sensor is simply installed on the back side of the electronic device to detect mounting, and there is no guarantee that it is always detected that it is in a mounted state. It was.
For this reason, there is a possibility that a malicious user having knowledge or the like takes it out in an unauthenticated authentication state.

  Accordingly, an object of the present invention is to ensure that the authentication processing device is attached to the user during authentication and that the authentication device cannot be removed from the body in an authenticated state after authentication.

In order to achieve the above object, according to the first aspect of the present invention, in the first aspect of the present invention, a first living body that authenticates the wearing person from the wearing means to be worn on the body and the body of the wearing person. First biological information detecting means for detecting information; second biological information detecting means for detecting second biological information for authenticating a part of the worn body from the body of the worn wearer; and the wearing First authentication for provisionally authenticating that the wearer is a pre-registered person using the wearing information detecting means for detecting the wearing information for authenticating the wearing state and the detected first biological information. A second authenticating means for authenticating that the part is a pre-registered part using the detected second biological information, and a mounting state by the mounting means using the detected mounting information With the pre-registered wearing state A third authentication means for authenticating the Rukoto, said wearer in the first authentication means is provisionally authenticated, and the site of mounting with the second authentication means is authenticated, and the third authentication When the wearing state is authenticated by the means, a set of personal authentication means for authenticating the person who has registered the wearer in advance, first biometric information, second biometric information, and wearing information Authentication information storage means for storing a plurality of authentication information, and a pair specifying means for specifying any one of the stored sets of authentication information , wherein the first biometric information used for the authentication, The second biometric information and the mounting information are detected simultaneously in at least a part of the detection period, and the personal authentication means includes the first biometric information, the second biometric information, and the mounting that belong to the specified set. sure, characterized in that performing identity authentication using the information, the To provide a device.
According to a second aspect of the present invention, there are mounting means for wearing on the body, and first biological information detecting means for detecting first biological information for authenticating the wearing wearer from the body of the wearing wearer. , Detecting second biological information detecting means for detecting second biological information for authenticating a part of the worn body from the body of the worn wearer, and detecting the wearing information for authenticating the wearing state from the wearing means. Using the detected first biometric information, the first authentication means for temporarily authenticating that the wearer is a registered person, and the detected second biometric information. And using the second authentication means for authenticating that the part is a pre-registered part and the detected mounting information, authenticating that the mounting state by the mounting means is a pre-registered mounting state. A third authentication means; Wherein in serial first authentication means wearer is provisionally authenticated, and the portion mounted in the second authentication means is authenticated, and if the mounted state is authenticated by the third authentication means, wherein A personal authentication unit that authenticates the wearer as a person who has previously registered the wearer, wherein the first biological information, the second biological information, and the wearing information used for the authentication are at least First biological information is detected by the first biological information detecting means from the body of the wearer who is simultaneously detected and registered during a part of the detection period, and the second biological information is detected by the second biological information detecting means. Detecting the information, detecting the mounting information by the mounting information detecting means, and storing the detected first biological information, the second biological information, and the mounting information as a set. Registration to register the wearer Comprising means for providing an authentication apparatus characterized by.
According to a third aspect of the present invention, there is provided the authentication apparatus according to the second aspect, wherein the registration unit performs registration when a registration request is received from a predetermined information processing apparatus.
According to a fourth aspect of the present invention, there are mounting means for wearing on the body, and first biological information detecting means for detecting first biological information for authenticating the wearing wearer from the body of the wearing wearer. , Detecting second biological information detecting means for detecting second biological information for authenticating a part of the worn body from the body of the worn wearer, and detecting the wearing information for authenticating the wearing state from the wearing means. Using the detected first biometric information, the first authentication means for temporarily authenticating that the wearer is a registered person, and the detected second biometric information. And using the second authentication means for authenticating that the part is a pre-registered part and the detected mounting information, authenticating that the mounting state by the mounting means is a pre-registered mounting state. A third authentication means; Wherein in serial first authentication means wearer is provisionally authenticated, and the portion mounted in the second authentication means is authenticated, and if the mounted state is authenticated by the third authentication means, wherein A personal authentication unit that authenticates the wearer as a person who has previously registered the wearer, wherein the first biological information, the second biological information, and the wearing information used for the authentication are at least Detected at the same time during a part of the detection period, the attachment means is attached integrally with the annular member surrounding the wearer's arm and the annular member, and the electrical characteristics change depending on the length of the annular member. An authentication device is provided , wherein the mounting information is electrical characteristics of the conductive member .
In the invention described in claim 5, after the identity authentication means authenticates the wearer, a release detection means for detecting that the wearing state of the wearing means is released, and release of the wearing state are detected. The authentication apparatus according to any one of claims 1 to 4 , further comprising: an authentication canceling unit that cancels the personal authentication by the personal authentication unit. To do.
According to a sixth aspect of the present invention, there is provided an authentication status request receiving means for receiving an authentication status transmission request indicating whether or not the wearer has been authenticated from a predetermined information processing device, and an authentication status transmission request. The authentication apparatus according to claim 5 , further comprising: an authentication state transmitting unit configured to transmit an authentication state to the predetermined information processing apparatus when accepted.
In a seventh aspect of the present invention, the second biological information detecting means includes a first heartbeat signal detection electrode that is in contact with one hand arm portion of the wearer and a second heart contact that is in contact with the other hand arm portion of the wearer. The second biological information is a heartbeat signal detected via the first heartbeat signal detection electrode and the second heartbeat signal detection electrode. An authentication device according to any one of claims 1 to 6 is provided.
According to an eighth aspect of the present invention, the first biological information detecting means includes a fingerprint reading surface for reading the fingerprint of the wearer, and the first biological information is a fingerprint read by the fingerprint reading surface. The first heart rate signal detection electrode is formed within a range in which a peripheral portion of the fingerprint is in contact with the fingerprint when the wearer contacts the fingerprint reading surface. 7 is provided.
In the invention according to claim 9 , the mounting means includes an annular member surrounding the wearer's arm in an annular shape and a conductive member attached integrally with the annular member, and the release detecting means. 6. The authentication apparatus according to claim 5 , wherein the release of the mounted state is detected by detecting disconnection of the electrical connection of the conductive member.
In the tenth aspect of the present invention, a wearing means for wearing on the body, a first biological information detecting means, a second biological information detecting means, a wearing information detecting means, a first authentication means, a second authentication means, Authentication means, third authentication means, personal authentication means, first biometric information, second biometric information, authentication information storage means for storing a plurality of sets of mounting information, and set identification means And a first biological information detecting step of detecting first biological information for authenticating the worn wearer from the body of the worn wearer by the first biological information detecting means. A second biological information detecting step of detecting second biological information for authenticating a part of the worn body from the body of the worn wearer by the second biological information detecting means; and the wearing information By the detecting means, the wearing hand From the mounting information detection step of detecting the mounting information to authenticate the mounted state, by the first authentication means, using the first biometric information the detected, said wearer is person registered in advance A first authentication step for temporary authentication; a second authentication step for authenticating that the part is a pre-registered part by using the second biometric information detected by the second authentication unit; A third authentication step for authenticating that the mounting state by the mounting unit is a pre-registered mounting state by using the detected mounting information by the third authentication unit; and the wearer is provisionally authenticated, and in one of the authentication means, the portion mounted in the second authentication means is authenticated, and if the mounted state is authenticated by the third authentication means, said mounting If it is the person registered in advance and authentication step of authentication, by said set identifying means, and the set specifying step of specifying any of a set of stored authentication information, it is composed of, use the authentication The first biometric information, the second biometric information, and the wearing information are detected simultaneously in at least a part of the detection period, and the identity authentication step includes the first biometric information belonging to the specified set, The authentication method is characterized in that the personal authentication is performed using the biometric information of 2 and the mounting information .
In the invention according to claim 11, a wearing means for wearing on the body, a first biological information detecting means, a second biological information detecting means, a wearing information detecting means, a first authentication means, a second authentication means, In the computer comprising the authentication means, the third authentication means, the identity authentication means, and the registration means for registering the wearer, the first biological information detection means detects the wearer's body from the wearer's body. The first biometric information detecting step for detecting the first biometric information for authenticating the worn wearer and the second biometric information detecting means, from the worn wearer's body, from the worn wearer's body. A second biological information detecting step for detecting second biological information for authenticating a part; a mounting information detecting step for detecting mounting information for authenticating a mounting state from the mounting means by the mounting information detecting means; The first authentication means, using the first biometric information the detected, a first authentication step of temporarily authenticating said wearer is person registered in advance, by the second authentication means, wherein the detection Using the second biometric information, the second authentication step for authenticating that the part is a part registered in advance, and the mounting means detected by the third authenticating unit using the detected mounting information. A third authenticating step for authenticating that the wearing state by is a pre-registered wearing state, and the wearer is provisionally authenticated by the first authenticating means by the identity authenticating means, and the second authentication is performed A person authentication step of authenticating the person who has previously registered the wearer when the wearing part is authenticated by the third authentication means and the wearing state is authenticated by the third authentication means. First biological information used for the authentication, the second biometric information, and the mounting information is detected simultaneously at least part of the detection period, it said by the registration means, from the wearer's body to be registered, the first The first biological information is detected by the second biological information detection means, the second biological information is detected by the second biological information detection means, the wearing information is detected by the wearing information detection means, and the registration means is And a registration step of registering the wearer by storing the detected first biological information, second biological information, and wearing information as a set. Provide a method.
In the invention described in claim 12, a mounting means for wearing on the body, a first biological information detecting means, a second biological information detecting means, a mounting information detecting means, a first authentication means, and a second In the computer comprising the authentication means, the third authentication means, and the person authentication means, the first biological information detection means authenticates the worn wearer from the worn wearer's body. The first biological information detecting step for detecting the first biological information and the second biological information for authenticating the part of the worn body from the body of the worn wearer by the second biological information detecting means. A second biometric information detecting step for detecting the wearing information, a mounting information detecting step for detecting mounting information for authenticating a mounting state from the mounting means by the mounting information detecting unit, and the first authenticating unit for Using the first biometric information issued, a first authentication step of temporarily authenticating said wearer is person registered in advance, by the second authentication means, the second biological information the detected And a second authentication step for authenticating that the part is a part registered in advance, and a mounting state by the mounting part is registered in advance using the detected mounting information by the third authentication part. A third authenticating step for authenticating that the wearer is in the state; and the person authenticating means authenticates the wearer temporarily by the first authenticating means and authenticates the part worn by the second authenticating means. And a person authentication step of authenticating the wearer as a person who has registered the wearer in advance when the wearing state is authenticated by the third authentication means, and the wearing means comprises the wearing Person An annular member that surrounds the arm portion annularly, and a conductive member that is integrally attached to the annular member, and whose electrical characteristics change according to the length of the annular member. The authentication method is characterized in that the first biometric information, the second biometric information, and the mounting information used for the authentication are simultaneously detected in at least a part of the detection period.

  According to the present invention, by authenticating the person, the wearing part, and the wearing state, and monitoring the wearing state after authentication, the user can be surely put on the authentication processing device at the time of authentication, and the authentication device is kept in the authenticated state after authentication. Can not be removed from.

(1) Outline of Embodiment The authentication device 1 (FIG. 1) is a wearable portable authentication device having a wristwatch shape, and is a user who previously registers a user wearing the authentication device 1 on the body. Authenticate that.
For example, the user fixes the authentication device 1 to the left wrist with the bands 5a and 5b, and places the right index finger on the fingerprint sensor 2 and the heartbeat signal detection electrode 3a to cause the authentication device 1 to perform authentication processing.
At the time of authentication, the authentication device 1 uses the fingerprint sensor 2 for the fingerprint (biological information for authenticating the person), the heartbeat signal detection electrodes 3a and 3b for the heartbeat signal (biological information for authenticating the worn part), and the band 5 From this, the wearing state of the band 5 is detected so that at least a part of these detection periods overlap.

The authentication device 1 authenticates the user by the fingerprint detected by the fingerprint sensor 2, authenticates the body part on which the authentication device 1 is worn by the heartbeat signal detected by the heartbeat signal detection electrodes 3a and 3b, and the connection state of the band 5, The length is measured and the wearing state of the band 5 is individually authenticated.
Then, when all of these three items are authenticated, the authentication device 1 authenticates the user as a registered user.

As described above, the authentication device 1 includes at least a part of the detection period of the biometric information for authenticating the identity, the biometric information for authenticating the worn part, and the information for authenticating the wearing state of the authentication device 1 By overlapping and detecting at the same time during the detection period, the authentication apparatus 1 can be surely attached to the user and the user can be authenticated.
Further, the authentication device 1 monitors the coupled state and length of the band 5 after the personal authentication, thereby preventing the authentication device 1 from being removed from the body while the user is authenticated.

(2) Details of Embodiments Each drawing of FIG. 1 is a diagram illustrating an appearance of an authentication device according to the present embodiment. Among these, Fig.1 (a) shows the top view and FIG.1 (b) has shown the side view.
The authentication device 1 is a portable authentication device that has a wristwatch shape and is wearable on the body.
The main body 10 is formed flat so that it can be easily attached to the wrist, and an electronic circuit for authenticating the user is accommodated therein.

A fingerprint sensor 2, a heartbeat signal detection electrode 3 a, and a display unit 4 are formed on the surface of the main body 10.
The fingerprint sensor 2 is a fingerprint sensor that reads a user's fingerprint (first biological information) with an optical or semiconductor fingerprint reading device, and exposes a rectangular fingerprint reading surface on the surface of the main body 10. Yes.

The heartbeat signal detection electrode 3 a is a first heartbeat signal detection electrode for detecting a heartbeat signal (second biological information), and is formed so as to surround the fingerprint reading surface of the fingerprint sensor 2.
Since the fingerprint sensor 2 and the heartbeat signal detection electrode 3a are provided close to each other, when the user places the fingertip on the fingerprint reading surface, the user's fingertip simultaneously contacts the fingerprint sensor 2 and the heartbeat signal detection electrode 3a.

The display unit 4 displays various messages to the user using a display device such as a liquid crystal.
The user can operate the main body 10 according to the message displayed on the display unit 4 to cause the authentication device 1 to execute user authentication processing.

On the back surface of the main body 10, a heartbeat signal detection electrode 3b and a pulse sensor 8 are formed. The heartbeat signal detection electrode 3 b is a second heartbeat detection electrode for detecting a heartbeat signal, and slightly protrudes from the back surface of the main body 10.
When the user wears the authentication device 1, the heartbeat signal detection electrode 3b comes into contact with the surface of the user's wrist. The heartbeat signal is detected as a potential difference between the heartbeat signal detection electrode 3a and the heartbeat signal detection electrode 3b.
In this way, in the authentication device 1, when the user places the fingertip on the fingerprint reading surface, the fingertip contacts the heartbeat signal detection electrode 3a at the same time, so the authentication device 1 detects the fingerprint from the fingertip and the potential of the fingertip. Can be done simultaneously.

A switch 7 is provided on the side surface of the main body 10.
The authentication device 1 accepts an operation from the user by the switch 7 and performs various processes such as accepting an intention to start the user authentication process or accepting an input of a user ID during the user authentication process. .

Bands 5a and 5b are attached to two opposite side surfaces of the main body 10 where the switch 7 is not provided, and fasteners 6a and 6b are attached to the ends of the bands 5a and 5b, respectively. It has been. Hereinafter, the band 5 and the fastener 6 are simply referred to unless otherwise distinguished.
The band 5 is formed of a member that deforms along the shape around the wrist, such as resin, leather, or cloth, and conforms to the shape of the wrist.
One end side of the band 5 is connected to the main body 10 by a connection mechanism (not shown), and the fastener 6 on the other end side is fixed to the band 5.
Although details will be described later, a conductor (for example, a resistor, a capacitor, a coil, or a combination thereof) is integrally attached to the inside of the band 5 by being embedded therein.
One end side of the conductor is connected to an electronic circuit inside the main body 10, and the other end side is connected to the fastener 6.

FIG.1 (c) has shown the side view of the authentication apparatus 1 in the state with which the user mounted | worn the authentication apparatus 1 on the wrist. However, the figure of the wrist is omitted in the figure.
In the authentication device 1, the band 5 is wound around the wrist of the user, and is fixed to the wrist by connecting (locking) the fastener 6.
Since the wrist has a constricted shape, if the authentication device 1 is attached to the wrist, the authentication device 1 cannot be slid to the hand side while the fastener 6 is connected and removed.
For this reason, after authenticating the user by the authentication device 1, it is impossible to remove the authentication device 1 and attach it to a third party.

The fastener 6 has not only a function of physically connecting the band 5 but also a function of electrically connecting conductors attached to the band 5 to each other. A closed circuit (loop) is formed by 10 and a conductor.
Thus, since the fastener 6 performs both physical connection and electrical connection of the band 5, the authentication device 1 monitors the conductivity of the conductor to thereby connect the bands 5a and 5b. Can be monitored.

Further, since the authentication device 1 cannot be removed from the wrist while the fastener 6 is locked, the authentication device 1 monitors the conductivity of the conductor so that the user maintains the wearing of the authentication device 1. Can be confirmed.
In the present embodiment, a resistor is used as the conductor. Using the property that the resistance value of the resistor is proportional to the length, the authentication device 1 of the present embodiment also monitors the length of the band 5 based on the resistance value, thereby enhancing the security.
Thus, the band 5 and the fastener 6 function as a mounting means for mounting the authentication device 1 on the body, and an annular member (band 5) surrounding the wearer's arm in an annular shape and the annular member are integrated. And a conductive member whose electrical characteristics change depending on the length of the annular member.

FIG. 2 is a diagram for explaining the posture of the user when the authentication device 1 detects a heartbeat signal.
The user wears the authentication device 1 on the wrist of one arm 12 and places the fingertip of the other arm 13 (fingertip with registered fingerprint, for example, index finger) on the heartbeat signal detection electrode 3a.
Then, a closed circuit (loop) including the main body 10, the heartbeat signal detection electrode 3b, the one arm 12, the other arm 13, the fingertip, and the heartbeat signal detection electrode 3a is formed as shown by a thick line in FIG. The device 1 can detect the heartbeat signal of the user by detecting the potential difference between the fingertip and the wrist by this closed circuit.

FIG. 3 is a block diagram illustrating an example of a hardware configuration of the authentication device 1.
Among these elements, except for the bands 5a and 5b and the host computer 35, the main body 10 is formed.
The processing unit 21 is configured by connecting, for example, a CPU (Central Processing Unit), a ROM (Read Only Memory), a RAM (Random Access Memory), and the like. A user registration process and user authentication described later are performed according to a predetermined program. Various information processing such as processing, attachment release detection processing, authentication state transmission / reception processing, and the like, and control of the entire main body 10 are performed.

The ROM is a read-only memory, and stores basic programs and parameters for the CPU to operate.
The RAM is a readable / writable memory and provides a working memory when the CPU performs information processing or control.

The fingerprint detection unit 22 operates in accordance with a command from the processing unit 21 and executes fingerprint detection by the fingerprint sensor 2 or digitally converts the detected fingerprint into fingerprint data and outputs the fingerprint data to the processing unit 21. The fingerprint detection unit 22 and the fingerprint sensor 2 function as first biological information detection means.
The heartbeat detection unit 24 operates in accordance with a command from the processing unit 21 and executes detection of a heartbeat signal based on a potential difference between the heartbeat signal detection electrodes 3a and 3b, or digitally converts the detected heartbeat signal into heartbeat signal data. To 21. The heartbeat detection unit 24 and the heartbeat signal detection electrodes 3a and 3b function as second biological information detection means (in this case, a heartbeat sensor).
The band characteristic detection unit 26 operates according to a command from the processing unit 21, conducts a weak current through a closed circuit made of a conductor of the bands 5 a and 5 b to detect (measure) a resistance value, and digitally outputs the detected resistance value. The data is converted and output to the processing unit 21. The band characteristic detection unit 26 and the band 5 function as mounting information detection means for detecting the resistance value as mounting information.

The storage device 30 includes a nonvolatile storage device such as an EEPROM (Electrically Erasable and Programmable ROM). An authentication data storage unit 23, an authentication state storage unit 25, a program storage unit (not shown), and the like are provided in a predetermined internal area. Is formed.
The authentication data storage unit 23 is an area for storing authentication data for authenticating a user, and authentication data for each user of a plurality of users is given an ID (ID1, ID2,... IDn) and stored. Has been.

Each authentication data is composed of a set of fingerprint authentication data, heart rate authentication data, and band characteristic authentication data.
The fingerprint authentication data is authentication data generated from fingerprint data detected at the time of user registration. The fingerprint authentication data is data unique to the user, and the authentication device 1 can authenticate whether or not the user is registered by the fingerprint authentication data (first authentication means).

Heartbeat authentication data is authentication data generated from heartbeat signal data detected at the time of user registration. The heart rate authentication data is unique to the body part to which the authentication device 1 is attached, and the authentication device 1 authenticates whether or not the user wears the authentication device 1 on the site where the authentication device 1 is registered based on the heart rate authentication data. (Second authentication means).
In general, since the shape and intensity of the heartbeat signal vary depending on the part, the authentication apparatus 1 can confirm whether or not the authentication apparatus 1 is attached to the registered part by analyzing the heartbeat signal.

The band characteristic authentication data is authentication data generated from the resistance value of the conductor detected at the time of user registration.
The authentication device 1 detects whether or not the band 5 is connected by the fastener 6 by detecting the resistance value of the conductor, and whether or not the length of the band 5 is the same as that at the time of registration. Authentication can be performed (third authentication means).
As described above, the authentication data storage unit 23 functions as an authentication information storage unit.

The authentication state storage unit 25 is an area for storing the current authentication state of the authentication device 1.
The authentication status storage unit 25 stores flag information indicating whether or not the user currently wearing the authentication device 1 has been authenticated, and the ID of the user.
The program storage unit stores a program for the CPU of the processing unit 21 to perform various information processing and control.

The switch 7 and the display unit 4 are user interfaces, and the processing unit 21 detects a user's intention display by the number of times the switch 7 is pressed and long presses, and notifies the user by the display unit 4.
The authentication information transmission / reception unit 31 has a communication function for performing wireless communication with the host computer 35, and is an interface for connecting the host computer 35 and the authentication device 1 via a wireless line.

Through this wireless communication, the host computer 35 and the authentication device 1 can mutually perform device authentication, or the authentication device 1 can transmit authentication status data and a user ID to the host computer 35.
The communication between the host computer 35 and the authentication device 1 may be performed via a wired line.
The host computer 35 and the authentication information transmission / reception unit 31 do not need to perform direct wireless communication, and the authentication information transmission / reception unit 31 communicates with a wireless device provided in a terminal connected to the host computer 35, and the host computer 35 is connected via this terminal. The authentication information transmitting / receiving unit 31 may communicate with each other.

The host computer 35 is a computer that manages and detects the state of the authentication device 1 such as causing the authentication device 1 to perform user registration processing and acquiring the user authentication state from the authentication device 1.
The host computer 35 can acquire the authentication status and ID of the authentication device 1 worn by the user and determine whether the user exists or not, and recognizes the user login request based on the determination result. Or you can refuse.
When login processing is performed by the host computer 35, the user can use an information processing service provided by a predetermined computer system, for example.

FIG. 4A is a diagram for explaining the arrangement (layout) of the fingerprint sensor 2 and the heartbeat signal detection electrode 3a. The dotted line shows the outline of the user's fingertip.
As shown in FIG. 4A, since the heartbeat signal detection electrode 3a is formed so as to surround the periphery of the fingerprint reading surface of the fingerprint sensor 2, when the user's fingerprint comes in contact with the fingerprint sensor 2, the fingerprint signal is detected. The surrounding portion is simultaneously in contact with the surface of the heartbeat signal detection electrode 3a.
For this reason, the user can simultaneously detect both the fingerprint and the heartbeat signal by placing the fingertip on the fingerprint sensor 2.

FIGS. 4B to 4E are diagrams showing other arrangement examples of the fingerprint sensor 2 and the heartbeat signal detection electrode 3a.
FIG. 4B shows an example in which a heartbeat signal detection electrode 3a is arranged on the fingertip side with respect to the fingerprint sensor 2, and FIG. 4C shows a heartbeat signal detection electrode on the finger base side with respect to the fingerprint sensor 2. This is an example in which 3a is arranged.
On the other hand, FIGS. 4D and 4E are examples in which the heartbeat signal detection electrode 3 a is arranged on the side surface of the finger with respect to the fingerprint sensor 2.
In any example, when the user places the fingertip on the fingerprint sensor 2, the user's fingertip simultaneously contacts the surface of the heartbeat signal detection electrode 3 a.
As described above, in the present embodiment, the heartbeat signal detection electrode 3a is formed in a range in which the peripheral portion of the fingerprint comes into contact with the fingerprint reading surface of the fingerprint sensor 2 when the user makes contact with the fingerprint. Detection and heartbeat signal detection can be performed simultaneously.

FIG. 5A is a diagram for explaining the configuration of the conductor formed in the band, and shows the band 5a as an example. The configuration of the band 5b is the same as that of the band 5a.
The resistor 41 is attached to the band 5a so as to be integrated with a member of the band 5a, for example, by being embedded inside.
A contact 36 is provided on one end side of the resistor 41, and the band 5 a is connected to the band characteristic detection unit 26 of the main body 10 through the contact 36.
On the other hand, a contact 37 is provided on the other end side of the resistor 41, and the band 5 a is connected to the fastener 6 a by the contact 37.

Since the resistance value of the resistor 41 is proportional to the length of the resistor 41, the relationship is as shown in FIG. In FIG. 7A, the vertical axis represents the resistance value [Ω], and the horizontal axis represents the band length [cm].
The resistor 41 is integrally attached to the band 5a, and similarly, the resistor is also integrally attached to the band 5b.
Therefore, the authentication apparatus 1 can detect the combined length of the bands 5a and 5b by detecting the combined resistance value of the bands 5a and 5b when the bands 5a and 5b are combined.
For example, in the case of FIG. 7A, when the resistance value is a [Ω], the length of the band 5 is x [cm].

  Since the length of the circumference of the arm varies from user to user, a plurality of bands 5 are prepared and replaced for each user, or, for example, the band 5a can be cut and the fastener 6a is re-attached. Further, the contact point 37 on the other end side of the band 5a can be slid so that the fastener 6a can be slid relative to the band 5a (the contact point 37 also slides on the resistor 41). Can also be configured.

FIG. 5B is a diagram showing a modification in which the conductor of band 5 is a capacitor.
In this modification, a capacitor 42 in which a plurality of capacitors are connected in series is used as a conductor.
Since the electric capacity of the capacitor 42 and the length of the band 5a have a correspondence relationship, the band characteristic detecting unit 26 detects the connection state and the length of the band 5 by detecting the combined electric capacity of the bands 5a and 5b. Can do.
Alternatively, the band characteristic detection unit 26 may be configured to detect the impedance by conducting an alternating current to the capacitor 42.

FIG. 5C is a diagram showing a modification in which the conductor of the band 5 is a coil.
Since the inductance of the coil 43 and the length of the band 5a have a corresponding relationship, the band characteristic detection unit 26 can detect the connection state and length of the band 5 by detecting the combined inductance of the bands 5a and 5b. .
Or you may comprise so that the band characteristic detection part 26 may conduct an alternating current to the coil 43, and may detect an impedance.
The example in which the conductor is configured by a resistor, a capacitor, and a coil has been described above. For example, a conductor is configured by combining different elements such as a combination of a resistor and a coil, or the conductor is configured by a distributed constant circuit. It may be configured.

FIG. 6A is a diagram for explaining a modification in the case where the band 5 is formed of frames.
The band 5a is configured by connecting a plurality of pieces 51, 51,... With connecting members 52, 52,.
Each piece 51 is connected by a connecting member 52 so as to be pivotable in the direction around the user's arm by a hinge or the like, so that the user can wind the band 5 around the arm.
A resistor is attached to each piece 51, and each resistor is electrically connected via a connecting member 52.
When the fastener 6a and the fastener 6b (not shown) are coupled, the band 5a and the resistor of the band 5b (not shown) are electrically connected.
Since the combined resistance values of the bands 5a and 5b are proportional to the number of frames as shown in FIG. 7B, the authentication device 1 combines the bands 5a and 5b when the bands 5a and 5b are combined. By detecting the resistance value, it is possible to detect whether or not the bands 5a and 5b are combined and the length.

FIG. 6B is a modification in which a capacitor is attached to the top 51.
Each capacitor is connected in series by a connecting member 52. When the fastener 6a and the fastener 6b (not shown) are coupled, the capacitors of the band 5a and the band 5b are electrically connected.
Therefore, when the bands 5a and 5b are combined, the authentication device 1 detects whether or not the bands 5a and 5b are combined and the length by detecting the combined capacitance of the bands 5a and 5b. be able to.

FIG. 6C shows a modification in which a coil is attached to the frame 51. When the fastener 6a and the fastener 6b (not shown) are coupled, the band 5a and the coil of the band 5b are electrically connected.
Therefore, when the bands 5a and 5b are coupled, the authentication device 1 detects whether or not the bands 5a and 5b are coupled and detects the length by detecting the combined inductance of the bands 5a and 5b. Can do.

FIG. 6D shows a modification in which a frame ID that is an ID (identification information) is assigned to the frame 51.
In each frame 51, for example, a storage medium that stores a frame ID configured by a semiconductor memory, an IC chip, or the like is embedded.
Each frame 51 is provided with a wiring for reading the frame ID by the main body 10 via the connecting member 52 and the fastener 6a.

When the fastener 6a and the fastener 6b (not shown) are coupled, the storage medium of the band 5a and the band 5b and the wiring are electrically connected, and the authentication device 1 reads the connection of the bands 5a and 5b and the frame ID of each frame 51. Can be done.
Alternatively, the authentication apparatus 1 may be configured to recognize the connection order of the frames 51 by wiring or the like.

The authentication device 1 performs registration of the bands 5a and 5b by storing each frame ID of the frame 51, and performs authentication by confirming that all the frame IDs of the registered frames 51 are available.
When the connection order of the frames 51 can also be recognized, the authentication apparatus 1 performs registration of the bands 5a and 5b by storing each frame ID and connection order of the frames 51, and the order in which all the frames 51 that have registered authentication are registered. This is done by confirming that the connection is established.

8A and 8B are diagrams for explaining detection timings of fingerprint data, heartbeat signal data, and band characteristic data in the user authentication process.
The authentication device 1 detects at least a part of these three pieces of data at the same time, thereby reliably ensuring that the user has indeed installed and authenticated the authentication device 1.
For this purpose, it is sufficient that at least a part of these three data detection periods overlap.

In the example of FIG. 8A, the detection period is shortened in the order of the fingerprint detection period, the heartbeat signal detection period, and the band characteristic detection period.
Therefore, the authentication device 1 starts detection with a time difference in this order, so that the band characteristic detection period is included in the heartbeat signal detection period, and the heartbeat signal detection period is included in the fingerprint detection detection period. It has a part that overlaps.
In the example shown in the figure, the band characteristic detection period is an overlap period, and in this period, the authentication apparatus 1 detects fingerprint data, heartbeat signal data, and band characteristic data simultaneously.

On the other hand, the fingerprint data authentication determination, the heartbeat signal data authentication determination, and the band characteristic data authentication determination do not have to be performed at the same time, and may be performed at individual timings.
In the example shown in the figure, the authentication process is distributed in time by providing a time difference in the order of band characteristic data authentication, heartbeat signal data authentication, and fingerprint data authentication. Is reduced.

FIG. 8B is a diagram for explaining another example of the detection timing.
In this example, part of the fingerprint detection period, part of the heartbeat signal detection period, and part of the band characteristic detection period overlap in the overlap period.
During this overlapping period, the authentication device 1 detects fingerprint data, heartbeat signal data, and band characteristic data at the same time, so that it is ensured that the user is authenticated by wearing the authentication device 1. can do.

As described above, the authentication device 1 can independently set the detection periods of these three data under the condition that at least a part of the detection periods overlap.
For this reason, when the detection of certain data fails and the other two data are in the detection period, the authentication device 1 may have an overlap period by immediately starting the re-detection of the failed data. it can. For this reason, the authentication apparatus 1 does not need to redo detection of three data, and can shorten a detection period.
Note that the detection periods of fingerprint data, heartbeat signal data, and band characteristic data shown in FIGS. 8A and 8B are examples, and various detection start timings and detection periods are possible.

FIG. 9 is a diagram illustrating an example of a logical configuration of the authentication state storage unit 25.
The authentication status storage unit 25 includes authentication status data and usage ID data.
The authentication status data is flag data indicating whether or not the user who currently wears the authentication device 1 has been authenticated by the authentication device 1 and is “authenticated” (for example, 1) by the processing unit 21. It is set to any value of “not authenticated” (for example, 0).
The authentication state is set to “authenticated state” by the processing unit 21 during a period in which the user is authenticated after the authentication device 1 is mounted and the user is authenticated, and the processing unit 21 during other periods. Is set to “unauthenticated”.
The use ID data is an ID of a user who has been authenticated. This ID is set when the processing unit 21 authenticates the user.

Next, the operation of the authentication device 1 configured as described above will be described with reference to the flowchart of FIG.
The following processing is performed by the CPU of the processing unit 21 of the authentication device 1 according to a predetermined program stored in the storage device 30.
In addition, it is assumed that the user wears the authentication device 1 on a predetermined part of the body (for example, the left wrist).

First, the authentication device 1 determines whether there is a registration processing request from the host computer 35 (step 5).
This request is determined, for example, when the administrator of the authentication apparatus 1 operates the host computer 35 to transmit a registration request from the host computer 35 to the authentication apparatus 1 and the authentication apparatus 1 receives this registration request.

In this way, the authentication device 1 is configured to perform registration when a registration request is received from a predetermined information processing device (host computer 35), whereby a third party performs unauthorized registration with the authentication device 1. Can be prevented.
Alternatively, the administrator of the authentication device 1 can input a password preset by the switch 7 to the authentication device 1 so as to make a registration request to the authentication device 1. This technique can also prevent unauthorized registration by a third party.

When there is a registration process request (step 5; Y), the authentication device 1 performs a user registration process described later (step 10).
When there is no registration processing request (step 5; N), or after performing user registration processing (step 10), the authentication device 1 determines whether there is a request for authentication processing (step 15).
This request is made, for example, when the user presses the switch 7 and displays an intention to request the authentication apparatus 1 to perform an authentication process.

If the authentication device 1 determines that there is a request for authentication processing (step 15; Y), the authentication device 1 performs user authentication processing described later (step 20).
After performing the user authentication process (step 20), or when there is no authentication process request (step 15; N), the authentication device 1 performs a mounting release detection process.
Next, the authentication device 1 determines whether or not there is an authentication status transmission / reception request from the host computer 35 (step 30).
When there is an authentication state transmission / reception request (step 30; Y), the authentication device 1 performs an authentication state transmission / reception process described later (step 35).
After transmitting the authentication status (step 35) or when there is no authentication status transmission / reception request (step 30), the authentication device 1 returns to step 5.
While the power is on, the authentication device 1 repeats a loop composed of step 5 to step 35.

Next, the user registration process in step 10 (FIG. 10) will be described using the flowchart of FIG.
First, the user puts the fingertip on which the fingerprint of the other arm 13 is registered on the heartbeat signal detection electrode 3a (FIG. 1) while wearing the authentication device 1 on the wrist of one arm 12 (FIG. 2) to be registered. .
The authentication device 1 detects the user's fingerprint by the fingerprint sensor 2 and stores the fingerprint data in the RAM (step 50).
If the fingerprint detection is not successful (step 55; N), the authentication device 1 displays that the registration has failed on the display unit 4 (step 60), and performs registration failure processing such as updating or closing the file. (Step 65), and the registration process is terminated.

When the fingerprint detection is successful (step 55; Y), the authentication apparatus 1 detects the heartbeat signal of the user using the heartbeat signal detection electrodes 3a and 3b, and stores the detected heartbeat signal data in the RAM (step 70). ).
When the detection of the heartbeat signal is not successful (step 75; N), the authentication device 1 performs steps 60 and 65 and ends the registration process.

When the detection of the heartbeat signal is successful (step 75; Y), the authentication device 1 detects the band characteristic (here, resistance) of the band 5 and stores the detection data in the RAM (step 80).
When the detection of the band characteristics is not successful (step 85; N), the authentication device 1 performs steps 60 and 65 and ends the registration process.

When the detection of the band characteristics is successful (step 85; Y), the authentication apparatus 1 associates the fingerprint data, heartbeat signal data, and band characteristic data stored in the RAM into a set, sets the ID, and converts the data into authentication data. . This ID may be configured to be designated by the administrator from the host computer 35, or may be configured to automatically assign an ID that is not used by the authentication apparatus 1.
Then, the authentication device 1 stores the authentication data including the fingerprint authentication data, the heartbeat authentication data, and the band characteristic authentication data obtained by the conversion in the authentication data storage unit 23 and stores them (step 90). As described above, the authentication device 1 includes a registration unit.
Next, the authentication device 1 displays on the display unit 4 that the registration has been successful and the ID assigned to the user (step 95).
Then, the authentication device 1 performs a registration success process such as updating or closing a file (step 100), and ends the registration process.

In the above example, the authentication apparatus 1 performs detection in the order of fingerprint, heartbeat signal, and band characteristics. However, it is not necessary to perform the detection in this order, and these may be performed simultaneously or in different orders. May be.
In other words, the order may be arbitrary as long as the user can acquire these data while wearing the authentication device 1.
If these three pieces of data are detected so that at least a part of the detection period overlaps, it is possible to increase the assurance that the detected data belongs to the user.

Next, the user authentication process of step 20 (FIG. 10) will be described using the flowchart of FIG.
First, the user presses the switch 7 and inputs his / her ID to the authentication device 1. Accordingly, the authentication device 1 specifies authentication data used for authentication in the authentication data storage unit 23 (set specifying unit).
After inputting the ID, the user puts the fingertip of the other registered arm 13 on the heartbeat signal detection electrode 3a (FIG. 1) while wearing the authentication device 1 on the wrist of the registered one arm 12 (FIG. 2). Put on.
Next, the authentication apparatus 1 starts detection of fingerprints by the fingerprint sensor 2, detection of heartbeat signals by the heartbeat signal detection electrodes 3a and 3b, and detection of band characteristics, and performs these processes in parallel (step 110).

  When these processes are started, the authentication apparatus 1 performs detection of the user's fingerprint (step 115), detection of the user's heartbeat signal (step 120), and detection of the band characteristics (step 125) simultaneously at least during a certain period. The fingerprint data, heartbeat signal data, and band characteristic data thus stored are stored in the RAM.

Next, the authentication device 1 authenticates the user's fingerprint using the fingerprint data stored in the RAM.
The authentication device 1 performs this authentication process as follows, for example.
First, the authentication device 1 reads out the fingerprint authentication data associated with the user ID from the authentication data storage unit 23, compares it with the fingerprint data stored in the RAM, and quantifies the degree to which they match. To do.
Then, if this numerical value is greater than or equal to a predetermined threshold value (if both match at a predetermined level or more), the authentication device 1 succeeds in fingerprint authentication, and if this numerical value is less than the predetermined threshold value (both match) Fingerprint authentication fails. Successful fingerprint authentication proves that the authenticating user is indeed a registered user.

When fingerprint authentication fails (step 130; N), the authentication apparatus 1 performs authentication failure processing such as updating or closing a file (step 135), and stores the result in the authentication state storage unit 25 (FIG. 3). (Step 140). By saving the result, the authentication state data in the authentication state storage unit 25 is set to “not authenticated”, and the ID of the user is set as the use ID data.
After saving the result, the authentication device 1 displays a message notifying that the authentication has failed on the display unit 4 (step 145).

On the other hand, when the fingerprint authentication is successful (step 130; Y), the authentication device 1 authenticates the user's heartbeat signal (that is, the portion on which the authentication device 1 is worn) using the heartbeat signal data stored in the RAM.
The authentication device 1 performs this authentication process as follows, for example.
First, the authentication device 1 reads out the heart rate authentication data associated with the user ID from the authentication data storage unit 23, compares it with the heart rate signal data stored in the RAM, and determines the degree to which they match. Turn into.
Then, if this numerical value is equal to or greater than a predetermined threshold (when both are equal to or greater than a predetermined level), the authentication device 1 determines that the heartbeat authentication is successful, and if this numerical value is less than the predetermined threshold (matches both ), The heart rate authentication fails. The success of heart rate authentication proves that the authenticating user wears the authentication device 1 on the body part registered in advance.

  When the heart rate authentication fails (step 150; N), the authentication device 1 performs an authentication failure process (step 135), stores the result in the authentication state storage unit 25 (step 140), and the display unit 4 performs authentication. A message notifying the failure is displayed (step 145).

On the other hand, when the heart rate authentication is successful (step 150; Y), the authentication device 1 authenticates the wearing state of the band 5 worn by the user using the band characteristic data stored in the RAM.
Here, the mounted state means, for example, whether or not the bands 5 a and 5 b are coupled by the fastener 6 and the length of the band 5.

The authentication device 1 performs this authentication process as follows, for example.
First, the authentication device 1 reads the band characteristic authentication data (resistance value) associated with the user ID from the authentication data storage unit 23 and collates it with the band characteristic data (resistance value) stored in the RAM. Then, the difference between the two is calculated.
The authentication device 1 determines that the band characteristic authentication is successful when the difference is less than the predetermined threshold and fails as the band characteristic authentication when the difference is equal to or greater than the predetermined threshold.
By the band characteristic authentication, the user who is authenticating the authentication apparatus 1 in the band wearing state registered in advance (in this case, the fastener 6 is connected and the length of the registered band 5). It is proved to be wearing.

When the band characteristic authentication fails (step 155; N), the authentication device 1 performs an authentication failure process (step 135), stores the result in the authentication state storage unit 25 (step 140), and authenticates the display unit 4. A message notifying that has failed has been displayed (step 145).
On the other hand, when the band characteristic authentication is successful (step 155; Y), the authentication device 1 performs an authentication success process such as updating or closing the file (step 160), and the result is sent to the authentication status storage unit 25 (FIG. 3). Is stored (step 165). ).
In this way, the authentication apparatus 1 authenticates the wearer by the first authentication means (fingerprint authentication), and authenticates the site worn by the second authentication means (heartbeat signal authentication), and When the wearing state is authenticated by the third authentication means (band characteristic authentication), a personal authentication means is provided for authenticating the wearer as a person who has registered in advance.

By saving the result, the authentication state data in the authentication state storage unit 25 is set to “authenticated state”, and the ID of the user is set as the use ID data.
After storing the result, the authentication device 1 displays a message notifying that the authentication has been successful on the display unit 4 (step 170).

As described above, in the user authentication process, the fingerprint is surely attached (fingerprint) to the registered body part (heartbeat signal) by simultaneously performing fingerprint detection, heartbeat signal detection, and band characteristic detection. It is possible to guarantee that personal authentication has been performed in the registered wearing state (band characteristics), and it is possible to prevent impersonation by a third party and other unauthorized authentication.
In the above procedure, fingerprint authentication, heart rate authentication, and band characteristic authentication are performed in this order. However, they need not be performed in this order, and may be performed simultaneously or in a different order. Good.

Next, the mounting release detection process in step 25 (FIG. 10) will be described using the flowchart of FIG.
First, the authentication device 1 detects a band characteristic by conducting a weak current through the resistor 41 (FIG. 5A) of the band 5 to detect a resistance value, and the detected value (resistance value) is stored in the RAM. Store (step 180).
Next, the authentication device 1 reads out the band characteristic authentication data (resistance value) associated with the user ID from the authentication data storage unit 23 and collates it with the band characteristic data (resistance value) stored in the RAM. Then, the difference between the two resistance values is calculated.

  If the difference is less than a predetermined threshold, the authentication device 1 determines that the user is wearing the authentication device 1 in a pre-registered wearing state. If the difference is equal to or greater than the predetermined threshold, the user It is determined that the wearing of 1 is released. As described above, the authentication device 1 includes a release detection unit that detects that the wearing unit (band 5) is released after the user authentication unit authenticates the wearer.

If the authentication device 1 determines that the user is wearing the authentication device 1 (step 185; Y), the processing ends.
In this case, since the authentication device 1 does not rewrite the data in the authentication state storage unit 25, the authentication state data in the authentication state storage unit 25 (FIG. 9) is maintained in the “authenticated state”, and the use ID data is the user ID. ID is set.

If the authentication device 1 determines that the user does not wear the authentication device 1 (step 185; N), the authentication device 1 sets the authentication state data in the authentication state storage unit 25 to “not authenticated”. The state is saved in the authentication state storage unit 25, and the process ends.
As described above, the authentication device 1 includes an authentication canceling unit that cancels the personal authentication performed by the personal authentication unit when the release of the mounting state of the mounting unit (band 5) is detected.

Since the flowchart of FIG. 10 forms a loop, the authentication device 1 can perform the demounting detection process every time the process proceeds to step 25, thereby monitoring the wearing state of the band 5.
Then, while the authentication device 1 is in the mounted state after the user authenticates the user, the data in the authentication state storage unit 25 is maintained in the authenticated state, and the authentication device 1 is unmounted. The authentication state of the authentication state storage unit 25 is released.

Next, the authentication state transmission / reception process of step 35 (FIG. 10) will be described using the flowchart of FIG.
First, the authentication device 1 confirms whether or not there is an authentication status transmission request from the host computer 35. If there is an authentication status transmission request, the authentication device 1 performs device authentication with the host computer 35 (step 200).
The device authentication is a process in which the authentication apparatus 1 authenticates the host computer 35 as a legitimate host computer and the host computer 35 authenticates the authentication apparatus 1 as a legitimate authentication apparatus.
The device authentication process can prevent impersonation of the host computer 35 and the authentication device 1.

When the device authentication is unsuccessful (that is, when at least one of the authentication by the authentication device 1 and the authentication by the host computer 35 is unsuccessful) (step 205; N), the authentication device 1 performs the authentication state transmission process. The authentication status is not transmitted.
On the other hand, when the device authentication is successful (that is, when both the authentication by the authentication device 1 and the authentication by the host computer 35 are successful) (step 205; Y), the authentication device 1 stores them in the authentication state storage unit 25. Certain authentication status data and usage ID data are transmitted to the host computer 35 (step 210), and the process is terminated.

  As described above, the authentication device 1 includes an authentication state request receiving unit that receives an authentication state transmission request indicating whether or not the wearer has been authenticated, from the predetermined information processing device (host computer 35), and the authentication And an authentication status transmission means for transmitting the authentication status stored in the authentication status storage unit 25 to the predetermined information processing apparatus when a status transmission request is received.

The host computer 35 can receive the authentication status data and the usage ID data from the authentication device 1 and acquire the authentication status and ID of the user wearing the authentication device 1.
Thereby, the host computer 35 performs the login process with the user ID when the user is authenticated, or does not perform the login process when the user is not authenticated. Processing can be performed.

Although the present embodiment has been described above, the following effects can be obtained.
(1) By detecting fingerprints, heartbeat signals, and band characteristics so that at least some of the detection periods overlap, the user can securely wear the authentication device 1 and perform personal authentication.
(2) The authentication device 1 can monitor the wearing state of the band 5 even after the personal authentication, and can prevent the authentication device 1 from being removed while the authentication device 1 is authenticated after the authentication. This can prevent a third party from misusing the authentication device 1 in an authenticated state.
(3) By instructing user registration from the host computer 35, it is possible to prevent a third party from operating the authentication device 1 and performing user registration processing illegally.
(4) By arranging the fingerprint sensor 2 and the heartbeat signal detection electrode 3a close to each other, it is possible to simultaneously detect the user's fingerprint and the heartbeat signal.

In the present embodiment, the authentication device 1 is formed in a wristwatch shape, but this does not limit the mounting portion of the authentication device 1 and has, for example, a neck shape, an ankle portion, a waist portion, and the like, After the band 5 is mounted, it may be a part where the authentication device 1 cannot be slid and removed.
In the present embodiment, the fingerprint is used as the biometric information for identifying the person. In addition to this, various types of biometric information such as an iris, a vein arrangement, a voice print, and a captured face image can be used.
Regarding the heartbeat signal, for example, the wearing part of the authentication device 1 may be authenticated using other biological information such as the vein arrangement of the wearing part.
Furthermore, in the present embodiment, the authentication device 1 is used as a key when logging in to the computer system. However, this does not limit the target of the authentication device 1 to the login process, but to a room where visitors are restricted. It can be used for various purposes such as entrance / exit management.

It is the figure which illustrated the external appearance of the authentication apparatus which concerns on this Embodiment. It is a figure for demonstrating the attitude | position at the time of a user detecting a heartbeat signal. It is the block diagram which showed an example of the hardware constitutions of an authentication apparatus. It is a figure for demonstrating arrangement | positioning of a fingerprint sensor and a heart rate signal detection electrode. It is a figure for demonstrating the structure of the conductor formed in the band. It is a figure for demonstrating the modification of a band. It is the figure which showed the relationship between the length of a band, and resistance value. It is a figure for demonstrating the detection timing of fingerprint data, heart rate signal data, and band characteristic data. It is the figure which showed an example of the logical structure of an authentication state memory | storage part. It is a flowchart for demonstrating operation | movement of an authentication apparatus. It is a flowchart for demonstrating a user registration process. It is a flowchart for demonstrating a user authentication process. It is a flowchart for demonstrating mounting | wearing release detection processing. It is a flowchart for demonstrating an authentication status transmission process.

Explanation of symbols

DESCRIPTION OF SYMBOLS 1 Authentication apparatus 2 Fingerprint sensor 3 Heartbeat signal detection electrode 4 Display part 5 Band 6 Fastener 7 Switch

Claims (12)

Wearing means for wearing on the body;
First biological information detecting means for detecting first biological information for authenticating the worn wearer from the body of the worn wearer;
Second biological information detecting means for detecting second biological information for authenticating a part of the worn body from the worn wearer's body;
Mounting information detecting means for detecting mounting information for authenticating the mounting state from the mounting means;
First authentication means for temporarily authenticating that the wearer is a registered person in advance using the detected first biological information;
Second authentication means for authenticating that the part is a part registered in advance using the detected second biological information;
Third authentication means for authenticating that the mounting state by the mounting means is a pre-registered mounting state using the detected mounting information;
When the wearer is provisionally authenticated by the first authentication means, the part worn by the second authentication means is authenticated, and the wearing state is authenticated by the third authentication means, Identity authentication means for authenticating the identity of the wearer in advance,
Authentication information storage means for storing a plurality of sets of first biological information, second biological information, and mounting information;
A set specifying means for specifying any one of the stored sets of authentication information;
An authentication device comprising:
The first biometric information, the second biometric information, and the mounting information used for the authentication are simultaneously detected in at least a part of the detection period ,
The authentication apparatus characterized in that the personal authentication means performs personal authentication using first biometric information, second biometric information, and wearing information belonging to the specified set . Wearing means for wearing on the body;
First biological information detecting means for detecting first biological information for authenticating the worn wearer from the body of the worn wearer;
Second biological information detecting means for detecting second biological information for authenticating a part of the worn body from the worn wearer's body;
Mounting information detecting means for detecting mounting information for authenticating the mounting state from the mounting means;
First authentication means for temporarily authenticating that the wearer is a registered person in advance using the detected first biological information;
Second authentication means for authenticating that the part is a part registered in advance using the detected second biological information;
Third authentication means for authenticating that the mounting state by the mounting means is a pre-registered mounting state using the detected mounting information;
When the wearer is provisionally authenticated by the first authentication means, the part worn by the second authentication means is authenticated, and the wearing state is authenticated by the third authentication means, Identity authentication means for authenticating the identity of the wearer in advance,
An authentication device comprising:
The first biometric information, the second biometric information, and the mounting information used for the authentication are simultaneously detected in at least a part of the detection period ,
First biological information is detected by the first biological information detecting means from the body of the wearer performing registration, second biological information is detected by the second biological information detecting means, and the wearing information detecting means And registration means for registering the wearer by storing the detected first biological information, the second biological information, and the wearing information as a set. ,
An authentication apparatus characterized by that. The authentication apparatus according to claim 2 , wherein the registration unit performs registration when a registration request is received from a predetermined information processing apparatus. Wearing means for wearing on the body;
First biological information detecting means for detecting first biological information for authenticating the worn wearer from the body of the worn wearer;
Second biological information detecting means for detecting second biological information for authenticating a part of the worn body from the worn wearer's body;
Mounting information detecting means for detecting mounting information for authenticating the mounting state from the mounting means;
First authentication means for temporarily authenticating that the wearer is a registered person in advance using the detected first biological information;
Second authentication means for authenticating that the part is a part registered in advance using the detected second biological information;
Third authentication means for authenticating that the mounting state by the mounting means is a pre-registered mounting state using the detected mounting information;
When the wearer is provisionally authenticated by the first authentication means, the part worn by the second authentication means is authenticated, and the wearing state is authenticated by the third authentication means, Identity authentication means for authenticating the identity of the wearer in advance,
An authentication device comprising:
The first biometric information, the second biometric information, and the mounting information used for the authentication are simultaneously detected in at least a part of the detection period ,
The mounting means includes an annular member that surrounds the wearer's arm in an annular shape, and a conductive member that is integrally attached to the annular member, and whose electrical characteristics change depending on the length of the annular member, The mounting information is an electrical characteristic of the conductive member.
An authentication apparatus characterized by that. A release detecting means for detecting that the wearing state of the wearing means is released after the identity authenticating means authenticates the wearer;
An authentication canceling means for canceling the personal authentication by the personal authentication means when release of the wearing state is detected;
The authentication apparatus according to any one of claims 1 to 4, further comprising: Authentication state request accepting means for accepting an authentication state transmission request indicating whether or not the wearer has been authenticated, from a predetermined information processing device;
An authentication status transmission means for transmitting an authentication status to the predetermined information processing apparatus when receiving the authentication status transmission request;
The authentication apparatus according to claim 5 , further comprising: The second biological information detection means includes a first heartbeat signal detection electrode in contact with one hand / arm portion of the wearer and a second heartbeat signal detection electrode in contact with the other hand / arm portion of the wearer. ,
The second biological information is a heartbeat signal detected through the first heartbeat signal detection electrode and the second heartbeat signal detection electrode. The authentication device according to claim 1. The first biological information detection means includes a fingerprint reading surface for reading the fingerprint of the wearer,
The first biological information is a fingerprint read by the fingerprint reading surface,
The said 1st heart-rate signal detection electrode is formed in the range which the periphery part of the said fingerprint contacts when the said wearer contacts a fingerprint with the said fingerprint reading surface. Authentication device. The mounting means includes an annular member that annularly surrounds the wearer's arm, and a conductive member attached integrally with the annular member,
The authentication apparatus according to claim 5 , wherein the release detection unit detects release of the mounted state by detecting disconnection of the electrical connection of the conductive member. Wearing means for wearing on the body, first biological information detecting means, second biological information detecting means, wearing information detecting means, first authenticating means, second authenticating means, and third authenticating In a computer comprising: means, identity authentication means; authentication information storage means for storing a plurality of sets of first biometric information, second biometric information, and mounting information; and set identification means .
A first biological information detection step of detecting first biological information for authenticating the worn wearer from the worn wearer's body by the first biological information detection means;
A second biological information detecting step of detecting second biological information for authenticating the part of the worn body from the body of the worn wearer by the second biological information detecting means;
A mounting information detecting step of detecting mounting information for authenticating a mounting state from the mounting means by the mounting information detecting means;
A first authentication step of temporarily authenticating that the wearer is a pre-registered person using the detected first biometric information by the first authentication means;
A second authentication step of authenticating that the part is a part registered in advance by using the second biological information detected by the second authentication unit;
A third authentication step for authenticating that the mounting state by the mounting unit is a pre-registered mounting state by using the detected mounting information by the third authentication unit;
The wearer is provisionally authenticated by the first authenticator and the part worn by the second authenticator is authenticated by the identity authenticator, and the wearing state is authenticated by the third authenticator. A user authentication step of authenticating the wearer as a person who has previously registered the wearer,
A set specifying step for specifying any of the stored sets of authentication information by the set specifying means;
Consisting of
The first biometric information, the second biometric information, and the mounting information used for the authentication are simultaneously detected in at least a part of the detection period ,
The authentication method characterized in that the identity authentication step performs identity authentication using first biometric information, second biometric information, and wearing information belonging to the specified set . Wearing means for wearing on the body, first biological information detecting means, second biological information detecting means, wearing information detecting means, first authenticating means, second authenticating means, and third authenticating In a computer comprising means, identity authentication means, and registration means for registering a wearer ,
A first biological information detection step of detecting first biological information for authenticating the worn wearer from the worn wearer's body by the first biological information detection means;
A second biological information detecting step of detecting second biological information for authenticating the part of the worn body from the body of the worn wearer by the second biological information detecting means;
A mounting information detecting step of detecting mounting information for authenticating a mounting state from the mounting means by the mounting information detecting means;
A first authentication step of temporarily authenticating that the wearer is a pre-registered person using the detected first biometric information by the first authentication means;
A second authentication step of authenticating that the part is a part registered in advance by using the second biological information detected by the second authentication unit;
A third authentication step for authenticating that the mounting state by the mounting unit is a pre-registered mounting state by using the detected mounting information by the third authentication unit;
The wearer is provisionally authenticated by the first authenticator and the part worn by the second authenticator is authenticated by the identity authenticator, and the wearing state is authenticated by the third authenticator. A user authentication step of authenticating the wearer as a person who has previously registered the wearer,
Consisting of
The first biometric information, the second biometric information, and the mounting information used for the authentication are simultaneously detected in at least a part of the detection period ,
The first biometric information is detected by the first biometric information detection means and the second biometric information is detected by the second biometric information detection means from the body of the wearer who performs registration by the registration means , The wearing information is detected by the wearing information detecting means, and the first biological information, the second biological information, and the wearing information detected by the registration means are stored as a set. A registration step for registering the wearer;
An authentication method characterized by that. Wearing means for wearing on the body, first biological information detecting means, second biological information detecting means, wearing information detecting means, first authenticating means, second authenticating means, and third authenticating In a computer comprising means and identity authentication means,
A first biological information detection step of detecting first biological information for authenticating the worn wearer from the worn wearer's body by the first biological information detection means;
A second biological information detecting step of detecting second biological information for authenticating the part of the worn body from the body of the worn wearer by the second biological information detecting means;
A mounting information detecting step of detecting mounting information for authenticating a mounting state from the mounting means by the mounting information detecting means;
A first authentication step of temporarily authenticating that the wearer is a pre-registered person using the detected first biometric information by the first authentication means;
A second authentication step of authenticating that the part is a part registered in advance by using the second biological information detected by the second authentication unit;
A third authentication step for authenticating that the mounting state by the mounting unit is a pre-registered mounting state by using the detected mounting information by the third authentication unit;
The wearer is provisionally authenticated by the first authenticator and the part worn by the second authenticator is authenticated by the identity authenticator, and the wearing state is authenticated by the third authenticator. A user authentication step of authenticating the wearer as a person who has previously registered the wearer,
Consisting of
The mounting means includes an annular member that surrounds the wearer's arm in an annular shape, and a conductive member that is attached integrally with the annular member, and whose electrical characteristics change depending on the length of the annular member,
The mounting information is an electrical characteristic of the conductive member,
An authentication method, wherein the first biological information, the second biological information, and the mounting information used for the authentication are detected simultaneously in at least a part of the detection period.

Images