JP4984838B2 - IC card, IC card control program - Google Patents

Description

  The present invention relates to an IC card, an IC card authentication device, an IC card authentication system, and an IC card control program that use a plurality of biometric authentication functions and secret authentication functions.

In the personal authentication method using an IC card, authentication by verification of an identification card printed on a password, paper, etc., may result in the person being unable to authenticate due to loss or forgetting, or others being authenticated due to theft, forgery or leakage May end up. Therefore, biometric information such as fingerprints, retinal capillary patterns, iris patterns, facial shapes, vein patterns such as palms, backs of fingers or fingers, voiceprints, DNA information, etc. are considered to have low risk as described above. It is used as an authentication means in a security area, passport or the like that needs to prevent intrusion of outsiders such as a cash card, a credit card, a condominium or a company (see, for example, Patent Document 1 and Patent Document 2).
JP 2001-351507 A JP 2006-85251 A

  However, the authentication using the biometric information stored in the IC card may not be able to obtain sufficient accuracy for the authentication due to the physical condition, injury, dirt, etc. of the person, resulting in an authentication error. As a means to cope with this, a method of lowering the threshold value of authentication judgment in order to succeed in authentication can be considered, but if this method is taken, the probability of successful authentication increases, but authentication of others with similar biometric information succeeds. Authentication or when authentication is attempted using copy information.

Also, when authenticating with an IC card having a biometric authentication function, if biometric authentication fails a plurality of times, it is determined that the card has been illegally used and the IC card is automatically collected or authentication is invalidated. In some cases, revalidating the IC card requires a cumbersome human procedure by visiting the issuance window. However, since these are situations that can occur frequently in consideration of the uncertainties of biometric authentication as described above, the burden on the user is large and it cannot be said that they can be used easily.
The present invention has been made in view of such a situation, and an object of the present invention is to provide an IC card having an authentication function considering both convenience and security.

In order to solve the above-described problems, the present invention provides an IC card having biometric authentication means and secret authentication means using secret information, and indicates information indicating whether or not the biometric authentication means is invalidated. Biometric authentication lock information storage means to be stored, authentication error lock count storage means for storing the number of times the information to be invalidated by the biometric lock information storage means is stored as numerical information, and whether the biometric authentication means is completely invalidated Biometric authentication complete lock information storage means for storing information representing the above, and information for invalidating biometric authentication in the biometric authentication lock information storage means when biometric authentication processing is performed using the biometric authentication means and an authentication error is determined. And storing the information for enabling the biometric authentication in the biometric lock information storage unit when the secret authentication process is performed using the secret authentication unit and it is determined that the authentication is successful. Comprising a body authentication lock information control unit, the biometric authentication unit, numerical information error lock count storage means stores exceeds the predefined threshold, the biometric authentication to the biometric authentication complete lock information storage means When the information to be completely invalidated is stored, the biometric authentication process is performed and it is determined that the authentication is successful, the numerical information stored in the error lock number storage means is reset .

In addition, the present invention generates authentication acceptance information when performing biometric authentication processing using biometric authentication means and determining an authentication error, and then performing secret authentication processing using secret authentication means and determining that authentication is successful. It comprises personal authentication control means.

Further, the present invention is authentication acceptance information, characterized in that it is a restricted authentication acceptance information.

According to the present invention, the above-described IC card includes a plurality of biometric authentication means, and the personal authentication control means performs biometric authentication processing using at least one biometric authentication means among the plurality of biometric authentication means and performs an authentication error. After the determination, the biometric authentication unit different from the biometric authentication unit determined to be an authentication error is used to determine that the authentication is successful, and the authentication is performed using the secret authentication unit to determine that the authentication is successful. when, characterized in that that generates an authentication acceptance information.

Further, the present invention is an IC card control program for causing a computer to function as the above-described IC card.

  As described above, according to the present invention, it is possible to provide an IC card having an authentication function considering both convenience and security.

Hereinafter, an IC card authentication system according to an embodiment of the present invention will be described with reference to the drawings.
In the present embodiment, IC card authentication is assumed when transaction processing is performed using an ATM (Automated Teller Machine) installed in a bank. However, the embodiment of the present invention is not limited to the IC card transaction in the bank, and may be a scene that requires personal authentication, such as credit card settlement, entry / exit to a specific room, and presentation of a passport.

  In the description of the present embodiment, when “authentication error” is indicated, the information input by the user is compared with the information stored in the IC card in advance, and as a result, information matching that satisfies a predetermined range by the system administrator is recognized. It means the judgment that it was not possible. In this embodiment, since the user is given multiple authentication opportunities, the authentication is not rejected with a single authentication error. “Authentication rejection” refers to a final determination that a user is not authenticated as a legitimate IC card user when an authentication error occurs exceeding a predetermined allowable range set by the system administrator.

  Further, in the description of the present embodiment, when “authentication is successful”, as a result of comparing the information input by the user with information stored in advance in the IC card, it exceeds a certain threshold preset by the system administrator. This means that the information matches. In the present embodiment, authentication is accepted when authentication is successful at least once according to a predetermined procedure. “Authentication acceptance” refers to final determination of authenticating a user as a valid user of an IC card.

<Embodiment 1>
FIG. 1 is a block diagram showing this embodiment.
The IC card 1 includes a finger vein authentication unit 2a (first biometric authentication unit), a password authentication unit 4 (secret authentication unit), a data storage unit 14, and an IC card control unit 15 (personal authentication control unit). . The IC card may be of a contact type, a non-contact type, or a contact / non-contact shared type as long as a CPU and a memory are mounted.

  The finger vein authentication unit 2 a determines whether or not authentication is possible by comparing the finger vein information transmitted from the finger vein information input unit 21 with the finger vein information stored in advance in the finger vein information storage unit 8. The finger vein authentication unit 2a is provided in the authentication device 20, and the authentication device 20 communicates with the IC card control unit 15 to read the finger vein information stored in the finger vein information storage unit 8 and collate the information. Authentication may be performed.

  The password authentication unit 4 receives the password information input by the user, determines whether the password information stored in advance in the password information storage unit 11 matches, and generates authentication propriety information. For password authentication, encryption technology may be used, or a random number table created in advance is used to determine the password by, for example, a reading method such as what number column in what row and how many characters in the vertical direction. Authentication may be performed.

  In this embodiment, password authentication is used as the secret authentication means. However, the secret authentication means may be a certificate using a public key technology, a common key technology, or an electronic certificate. Authentication using a time password issuing machine or the like, an authentication method using a plurality of passwords or security codes, or other personal authentication techniques may be used.

The IC card control unit 15 transmits / receives information to / from the external terminal control unit 26 and controls the operation of each unit of the IC card 1 according to the acquired information.
The data storage unit 14 includes a finger vein information storage unit 8, an error counter storage unit 10, and a password information storage unit 11.
The finger vein information storage unit 8 stores the finger vein information of the user stored electronically. The user stores the finger vein information in the finger vein information storage unit 8 in advance by performing a procedure at a card issuing window or the like. This finger vein information may be encrypted or hashed finger vein information.

  The error counter storage unit 10 stores the number of times an authentication error has been determined as determination error number information. In the present embodiment, it is not convenient to reject the authentication by determining the authentication error once, so that the determination error is allowed up to the number of times determined by the system administrator. The system administrator stores an initial value for this information at the time of shipment of the IC card 1. In this embodiment, the initial value is set to 3, and the value is decreased by 1 each time authentication fails (decrement). ) In the description of this embodiment, “reset error counter” or “initialize error counter” means setting the error counter to 3 which is an initial value. The initial value does not necessarily have to be 3. Alternatively, the initial value may be set to 0, and the numerical value may be incremented by 1 (increment) each time authentication fails.

  Further, a plurality of error counter storage units 10 may be provided, and an error counter may be associated with each of finger vein authentication and password authentication. In this embodiment, the counter is reset for each authentication. However, the counter may not be reset so that the number of errors can be shared by a plurality of external terminals. In this case, for example, for an IC card in which authentication errors frequently occur in a plurality of external terminals and authentication is attempted in another external terminal, authentication is rejected with the total number of errors in the plurality of terminals. You may perform processes, such as.

The password information storage unit 11 stores password information used for password authentication as secret information. The password information may be a password consisting of a character string of a plurality of digits, may be information obtained by encrypting them, or a plurality of passwords may be stored. In this embodiment, a password is used as the secret information. However, an electronic certificate, a secret key using a public key technology, a common key using a common key technology, or the like may be used as the secret information.
The external terminal control unit 26 transmits / receives information to / from the IC card control unit 15 and controls the operation of each unit of the authentication device 20 according to the acquired information.

The authentication device 20 includes a finger vein information input unit 21, a password input unit 24, and an external terminal control unit 26.
When the user holds the finger over the finger vein information input unit 21, the finger vein pattern is captured and image-processed using near infrared rays, and the extracted information is created as finger vein information.
For example, in the present embodiment, the password input unit 24 prepares a touch panel that can input any numerical value from 0 to 9 to four digits, and creates password information corresponding to the input.

In this embodiment, the finger vein authentication unit 2 is provided as a biometric authentication function and the finger vein information storage unit 8 is provided as biometric information. However, iris, face, voiceprint, and other biometric information (biometrics) are used. A biometric authentication function and biometric information may be provided.
In the present embodiment, the IC card 1 includes the finger vein authentication unit 2, but the authentication device 20 may include the finger vein authentication unit 2.

The IC card authentication according to the present invention will be described below with reference to FIG.
First, the user places the IC card 1 in a state that the authentication device 20 can read. For example, an IC card insertion slot is provided in the authentication device 20, and the user inserts the IC card 1 here. Then, the finger vein information input unit 21 starts accepting input, and the user holds the finger over the finger vein information input unit 21. The finger vein information input unit 21 captures the finger vein pattern of the user using near infrared rays, and acquires information obtained by extracting the characteristics of the finger vein pattern as finger vein information (step S1100).

  The finger vein information input unit 21 transmits the created finger vein information to the external terminal control unit 26, and the external terminal control unit 26 transmits this finger vein information to the IC card control unit 15. The IC card control unit 15 determines that the received information is finger vein information, and transmits this finger vein information to the finger vein authentication unit 2. When receiving the finger vein information, the finger vein authentication unit 2 reads the finger vein information stored in the finger vein information storage unit 8 as information to be compared with the finger vein information. The finger vein authentication unit 2 compares the received finger vein information input by the user with the finger vein information read from the finger vein information storage unit 8.

  When the finger vein authentication unit 2 determines that the information matches the threshold value determined by the system administrator in advance as a result of the comparison, the finger vein authentication unit 2 creates authentication acceptance information. If it does not match, authentication error information is created. If the authentication error is determined as described above, the finger vein authentication unit 2 reads the numerical information stored in the error counter storage unit 10 and decrements it by one, and stores the reduced numerical information in the error counter storage unit 10 (step S1200). ). If the numerical information becomes 0 as a result of decrementing by 1, the finger vein authentication unit 2 resets the error counter to store 3, and generates password request information to start emergency authentication.

  At this time, the IC card 1 is provided with a storage unit for storing information on the number of times that the error count information has become 0. If the number of times exceeds a certain number determined by the system administrator, the biometric authentication is locked. A function may be provided. Alternatively, if this number information exceeds a certain number determined by the system administrator, a function may be provided in which authentication acceptance information used for authentication acceptance in password authentication performed later is used as restricted authentication acceptance information.

  Then, the finger vein authentication unit 2 transmits the authentication result information and, if generated, the password request information to the IC card control unit 15 (step S1300). The external terminal control unit 26 receives the information and reads the authentication result information. If the authentication result information is authentication acceptance information, the external terminal control unit 26 performs authentication acceptance (step S1400). Then, for example, the authentication device 20 displays a transaction menu screen on the display device in order to start transaction processing. Alternatively, if the authentication result information is authentication error information, the finger vein information input unit 21 accepts input again (step S1100).

  Alternatively, if the received information includes password request information, the external terminal control unit 26 transmits the password request information to the password input unit 24. When the password input unit 24 receives the password request information, for example, authentication is performed. The description of the input method is displayed on the display device of the device 20, and input acceptance of password information is started.

  The password input unit 24 receives a password number input by the user from the touch panel (step S1800), and transmits it to the external terminal control unit 26. The external terminal control unit 26 transmits the received information to the IC card control unit 15 as password information. At this time, encrypted information may be transmitted to transmit password information. The IC card control unit 15 determines that the received information is password information, and transmits this to the password authentication unit 4.

  When the password information is received, the password authentication unit 4 reads the password information stored in the password information storage unit 11 and compares the read password information with the password information input by the user. If these password informations match completely, the password authentication unit 4 generates authentication acceptance information as authentication result information, and if they do not match, generates authentication error information as authentication result information. When it is determined that the password information is an authentication error, the password authentication unit 4 decreases the numerical value stored in the error counter storage unit 10 by 1 and causes the error counter storage unit 10 to store the reduced numerical information. Here, if the numerical information of the error counter becomes 0, the password authentication unit 4 generates authentication rejection information and uses it as authentication result information (step S1900).

Then, the password authentication unit 4 transmits the generated authentication result information to the IC card control unit 15. In response to this, the IC card control unit 15 transmits the authentication result information to the external terminal control unit 26.
The external terminal control unit 26 receives the authentication result information, and if the authentication result information is the authentication acceptance information, transmits the authentication acceptance to the authentication device 20, and the authentication device 20 starts a transaction (step S2100). Alternatively, if the received authentication result information is authentication error information, the password input unit 24 again starts accepting password information (step S1800). If the received authentication result information is authentication rejection information, the external terminal control unit 26 transmits the authentication rejection information to the authentication device 20, and the authentication device 20 stops the transaction (step S2200).

  As described above, even if a biometric authentication is a valid user, an authentication error may continue due to changes in physical condition such as injury or illness. However, according to the first embodiment, even if biometric authentication fails, authentication is accepted by password information. Therefore, it is not necessary to lower the security level by taking measures such as lowering the threshold of biometric authentication itself.

<Embodiment 2>
Next, limited transaction authentication using an IC card according to Embodiment 2 of the present invention will be described. The IC card according to the second embodiment has the same configuration as that of the first embodiment, and the description of the same configuration and processing is omitted. Only the configuration and processing unique to the second embodiment will be described below.

  In the IC card authentication described in the first embodiment, password authentication is performed for emergency authentication to enable authentication acceptance. This emergency authentication is an emergency authentication acceptance that does not depend on biometric authentication. For such transactions, for example, in order to set a limit for lowering the upper limit of the transaction amount as compared with normal authentication acceptance, in such a case, limited authentication acceptance information different from the authentication acceptance information is generated and transmitted.

  For example, if the password authentication by the emergency authentication is successful, the password authentication unit 4 generates restricted authentication acceptance information as the authentication result information and transmits it to the IC card control unit 15. The IC card control unit 15 receives the authentication result information and transmits it to the external terminal control unit 26 (step S2000). After receiving the authentication result information, the external terminal control unit 26 recognizes the authentication result information as restricted authentication acceptance information and performs restricted authentication acceptance (step S2100). In the subsequent transaction processing, for example, in the first embodiment, Processing such as setting the upper limit of the transaction amount lower than when receiving the authentication acceptance information.

<Embodiment 3>
Next, limited transaction authentication using an IC card according to Embodiment 3 of the present invention will be described. The IC card according to the third embodiment has the same configuration as that of the first embodiment, and the description of the same configuration and processing is omitted. Only the configuration and processing unique to the third embodiment will be described below.

FIG. 2 is a block diagram showing this embodiment.
The IC card 1 includes a finger vein authentication unit 2a (first biometric authentication unit), a password authentication unit 4 (secret authentication unit), a data storage unit 14, an IC card control unit 15 (personal authentication control unit), An authentication lock control unit 17 (biometric authentication lock information control unit). The finger vein authentication unit 2 may be included in the authentication device 20 (finger vein authentication unit 2b). FIG. 9 shows a block diagram when the authentication device 20 includes the finger vein authentication unit 2b. The biometric authentication lock control unit 17 receives biometric authentication lock control information from the biometric authentication unit, and causes the biometric authentication lock information storage unit 12 to store either ON information or OFF information.

The data storage unit 14 includes a finger vein information storage unit 8, an error counter storage unit 10, a password information storage unit 11, and a biometric lock information storage unit 12.
The biometric authentication lock information storage unit 12 is a storage unit for biometric authentication lock ON / OFF information. When this lock information is ON, the biometric authentication function of the IC card 1 is locked, and the user cannot use the biometric authentication function of the IC card 1. For example, when receiving an authentication request from the authentication device 20, the IC card control unit 15 reads out the biometric authentication lock information, and if it is ON, generates authentication rejection information without performing authentication determination processing. Since the lock information can be turned off again (unlocked) by the biometric authentication unlocking unit 6 provided in the IC card 1, the biometric authentication fails for some reason even though the user is a valid user. Even when the IC card 1 is in the biometric authentication locked state, for example, when the password authentication unit 4 subsequently accepts the authentication, the lock may be released to enable the card again.
The biometric authentication lock control unit 17 receives biometric authentication lock control information from the biometric authentication unit, and causes the biometric authentication lock information storage unit 12 to store either ON information or OFF information.

Next, a lock / unlock function provided in the IC card according to the present invention will be described with reference to FIG.
Through the same process as in the first embodiment, finger vein information is transmitted to the IC card control unit 15 (step S1100). Here, when the IC card control unit 15 receives the finger vein information, it reads the information in the biometric lock information storage unit 12.

  Here, if the read biometric authentication lock information is ON information, for example, the IC card control unit 15 generates authentication rejection information without transferring control to the finger vein authentication unit 2, and this authentication error information is used as authentication result information. To the external terminal control unit 26. That is, when the biometric authentication lock information is ON, the IC card control unit 15 always returns authentication error information, so that the biometric authentication function is disabled. Alternatively, if the biometric authentication lock information read out by the IC card control unit 15 is OFF information, the IC card control unit 15 transmits the received finger vein information to the finger vein authentication unit 2.

  In response to this, the finger vein authentication unit 2 executes a finger vein authentication determination process, and generates authentication result information of either authentication acceptance information or authentication error information. Here, as in the second embodiment, the finger vein authentication unit 2 reads the error counter information from the error counter storage unit 10, decrements this numerical information by 1, and stores the error counter information in the error counter storage unit 10 again (step S1200). At this time, if the stored error counter information is 0, the finger vein authentication unit 2 transmits biometric authentication lock command information to the biometric authentication lock control unit 17. Upon receiving the biometric authentication lock command information, the biometric authentication lock control unit 17 stores ON information in the biometric authentication lock information storage unit 12 (step S1250). That is, when the biometric authentication error continues more than the number of times determined in advance by the system administrator, the biometric authentication is locked and invalidated. Other processes are the same as those in the second embodiment.

  Thereafter, as in the second embodiment, the IC card control unit 15 transmits the authentication result information to the external terminal control unit 26, and the external terminal control unit 26 transmits the password input by the user to the IC card control unit 15 (step S1800). ). Through the same process as in the second embodiment, when the password authentication unit 4 executes password authentication processing and generates authentication success information, the password authentication unit 4 sends biometric authentication unlock command information to the biometric authentication lock control unit 17. Send. When receiving the biometric authentication unlock command information, the biometric authentication lock control unit 17 stores the OFF information in the biometric authentication lock information storage unit 12 (step S1950). That is, when a biometric authentication error continues beyond the number of times determined by the system administrator, ON information is stored in the biometric lock information storage unit 12 and the biometric authentication function is invalidated, but password authentication is performed thereafter. If the authentication is successful, the lock is released (unlocked).

  In the present embodiment, since the password authentication is an emergency measure for releasing the biometric lock state, authentication acceptance information is not generated when the authentication is successful by the password authentication. In addition, it is good also as a structure which produces | generates authentication acceptance information by the authentication success by the said password authentication, and after the IC card control part 15 transmits the said authentication success information to the external terminal control part 26, it restrict | limits in the process of the subsequent authentication apparatus 20 You may comprise so that an attached procedure may be performed.

When the password authentication ends with an authentication error, the biometric authentication lock information storage unit 12 is locked with the ON information stored therein, and the user cannot make a transaction using the IC card. . Further, when the biometric authentication fails due to a temporary physical condition change or the like and the IC card is locked, the user can perform a transaction by receiving authentication again after the physical condition returns.
As described above, according to the present embodiment, an IC card in which an authentication error has occurred in biometric authentication exceeding a certain number of times determined by the system administrator can be invalidated and canceled by password authentication. If the failed user is a legitimate user, the IC card can be revalidated without going through troublesome procedures such as going to an issuance window.

<Embodiment 4>
Next, limited transaction authentication using an IC card according to Embodiment 4 of the present invention will be described. The IC card according to the fourth embodiment has the same configuration as that of the first embodiment, and the description of the same configuration and processing is omitted. Only the configuration and processing unique to the fourth embodiment will be described below.

FIG. 3 is a block diagram showing this embodiment.
The IC card 1 includes a finger vein authentication unit 2a (first biometric authentication unit), a password authentication unit 4 (secret authentication unit), a data storage unit 14, an IC card control unit 15 (personal authentication control unit), An authentication lock control unit 17 (biometric authentication lock information control unit) and a biometric authentication complete lock control unit 18 (biometric authentication complete lock control unit) are provided. The finger vein authentication unit 2 may be included in the authentication device 20. FIG. 10 shows a block diagram when the authentication device 20 has the finger vein authentication unit 2. The biometric authentication complete lock control unit 18 receives the biometric authentication complete lock control information from the biometric authentication unit, and stores the ON information in the biometric authentication lock information storage unit 12.

  The data storage unit 14 includes a finger vein information storage unit 8, an error counter storage unit 10, a password information storage unit 11, a biometric authentication lock information storage unit 12, a biometric authentication complete lock information storage unit 13, and a lock counter storage. Section 16 (authentication error lock count storage section). The biometric authentication complete lock information storage unit 13 is a storage unit for biometric authentication complete lock ON / OFF information. When the lock information is ON, the biometric authentication function of the IC card 1 is locked, and the biometric authentication function of the IC card 1 is invalidated. The IC card 1 has a function of turning this information into ON information, but does not have a function of turning it into OFF information. Therefore, even if the user is a normal user, the user cannot release the lock. In this embodiment, when emergency authentication is used beyond the number of times registered in advance by the system administrator, complete locking is performed.

  The lock counter storage unit 16 stores the number of times the number of locks is stored in the biometric lock information storage unit 12. In the present embodiment, the IC card control unit 15 monitors the number of locks, and stores the ON information in the biometric authentication complete lock information storage unit 13 when the information exceeds a threshold predetermined by the system administrator.

Next, the biometric authentication complete lock function provided in the IC card according to the present invention will be described.
According to the third embodiment, the biometric authentication can be locked / unlocked, but this is an emergency measure, and the situation where the unlocking by the emergency password authentication continues many times is an abnormal situation. Therefore, in such a case, the biometric authentication is completely locked by executing the following processing.

Through the same process as in the third embodiment, finger vein information is transmitted to the IC card control unit 15 (step S1100). Here, when the IC card control unit 15 receives the finger vein information, the IC card control unit 15 reads information in the biometric authentication complete lock information storage unit 13.
Here, if the read biometric authentication complete lock information is ON information, for example, the IC card control unit 15 generates authentication error information without transferring control to the finger vein authentication unit 2, and the authentication error information is used as an authentication result. Information is transmitted to the external terminal control unit 26. Alternatively, if the biometric authentication lock information read out by the IC card control unit 15 is OFF information, the IC card control unit 15 transmits the received finger vein information to the finger vein authentication unit 2.

In response to this, the finger vein authentication unit 2 executes finger vein authentication processing in the same manner as in the third embodiment, and when the error counter becomes 0 here, ON information is stored in the biometric lock information storage unit 12. The finger vein authentication unit 2 reads the numerical information (lock count) from the lock counter storage unit 16. Then, the finger vein authentication unit 2 decrements the numerical information by 1, stores the numerical information in the lock counter storage unit 16 again, and resets the error counter.
In addition, when the finger vein authentication unit 2 determines the authentication success as described above, the counter of the lock counter storage unit 16 is reset. That is, the finger vein authentication unit 2 does not perform biometric authentication complete lock when biometric authentication errors do not continue.

<Embodiment 5>
Next, limited transaction authentication using an IC card according to Embodiment 5 of the present invention will be described. The IC card according to the fifth embodiment has the same configuration as that of the first embodiment, and the description of the same configuration and processing is omitted. Only the configuration and processing unique to the fifth embodiment will be described below.

FIG. 4 is a block diagram showing this embodiment.
The IC card 1 includes a finger vein authentication unit 2a (first biometric authentication unit), an iris authentication unit 3a (second biometric authentication unit), a password authentication unit 4 (secret authentication unit), and a data storage unit 14. IC card control unit 15 (personal authentication control unit). The finger vein authentication unit 2 may be authenticated by reading the finger vein information storage unit 8 from the IC card 1 and collating the information, as the authentication device 20 has. FIG. 11 shows a block diagram when the authentication apparatus 20 has the finger vein authentication unit 2 as the finger vein authentication unit 2b.

  The iris authentication unit 3 receives the iris information transmitted from the iris information input unit 22, collates this with the iris information stored in advance in the iris information storage unit 9, and determines whether authentication is possible. The iris authentication unit 3 may be authenticated by reading the iris information storage unit 9 from the IC card 1 and collating the information, as the authentication device 20 has. FIG. 11 shows a block diagram when the authentication apparatus 20 has the iris authentication unit 3 as the iris authentication unit 3b.

  The data storage unit 14 includes a finger vein information storage unit 8, an iris information storage unit 9, an error counter storage unit 10, and a password information storage unit 11. The iris information storage unit 9 stores the user's iris information stored in an electronic form, and the user stores the iris information in the iris information storage unit 9 in advance by performing a procedure at a card issuing window or the like. This iris information may be encrypted or hashed iris information.

The authentication device 20 includes a finger vein information input unit 21, an iris information input unit 22, a password input unit 24, and an external terminal control unit 26. The iris information input unit 22 captures the user's iris, extracts the iris pattern, and creates the feature information as iris information.
In this embodiment, the finger vein authentication unit 2 and the iris authentication unit 3 are provided as the biometric authentication function, and the finger vein information storage unit 8 and the iris information storage unit 9 are provided as the biometric information. A biometric authentication function using biometric information (biometrics) and biometric information may be provided.

Next, with reference to FIG. 7, IC card authentication will be described in which authentication is accepted after successful authentication of both iris authentication and password authentication after failure of finger vein authentication.
When performing finger vein authentication as in the first embodiment and the finger vein authentication unit 2 performs authentication error determination, the numerical information in the error counter storage unit 10 is decremented and stored again. If the error counter information is 0 as a result of the decrementing, the finger vein authentication unit 2 generates iris information input request information. Also, the numerical information in the error counter storage unit 10 is reset and the numerical value 3 is stored.

  The IC card control unit 15 transmits the authentication result information generated as in the first embodiment and the created iris information input request information to the external terminal control unit 26. The external terminal control unit 26 transmits an operation start request to the iris information input unit 22 when the iris information input request information is received. When the iris information input unit 22 receives the operation start request, the iris information input unit 22 starts receiving an input (step S1710). When the user approaches the iris information input unit 22, the iris information input unit 22 captures the user's iris and analyzes it to create iris information that extracts the features of the iris pattern. The iris information input unit 22 transmits the iris information created above to the external terminal control unit 26, and the external terminal control unit 26 transmits this to the IC card control unit 15.

  When receiving the iris information, the IC card control unit 15 transmits the iris information to the iris authentication unit 3. The iris authentication unit 3 receives the iris information, reads the iris information stored in advance in the iris information storage unit 9, and compares the received iris information with the iris information read here. When the iris authentication unit 3 compares the received iris information with the iris information stored in the iris information storage unit 9 in advance, and determines that they match beyond a certain threshold determined by the system administrator, Create authentication success information. The iris authentication unit 3 further generates password request information when an authentication success determination is made for iris authentication. Or the iris authentication part 3 produces | generates authentication error information, when the iris information which received user input and the iris information read from the iris information storage part 9 do not correspond.

  When the iris authentication unit 3 generates the authentication error information (in the case of an authentication error), the iris information storage unit 9 decrements the numerical information stored in the error counter storage unit 10 and stores it again. . Further, when the result of decrementing the numerical information is 0, the authentication rejection information is set as the authentication result information. The iris authentication unit 3 sends the authentication result information of the authentication success information, the authentication error information, and the authentication rejection information, and the password request information when the password request information is generated as described above, to the IC card control unit. 15 to send. When receiving this, the IC card control unit 15 transmits the authentication result information and the password request information to the external terminal control unit 26.

  The external terminal control unit 26 receives the authentication result information and the password request information. When the external terminal control unit 26 detects the password request information from the received information, the external terminal control unit 26 transmits a password reception start request to the password input unit 24. In response to this, the password input unit 24 receives the user's input, creates password information, and transmits it to the external terminal control unit 26 (step S1800). The external terminal control unit 26 transmits the received password information to the IC card control unit 15.

Then, the IC card control unit 15 receives the password information and executes password authentication processing as in the first embodiment.
The password authentication unit 4 transmits authentication result information indicating whether the authentication is successful or an authentication error based on the determination to the IC card control unit 15. The IC card control unit 15 reads the error counter information from the error counter storage unit 10 and transmits this and the received authentication result information to the external terminal control unit 26 (step S2000).

When receiving this, the external terminal control unit 26 performs processing according to the authentication result information. That is, if the authentication result information is successful, authentication is accepted (S2100). If it is an authentication error, the error counter information is determined. If the error counter information is 1 or more, the input of password information is accepted again (step S1800). If the error counter information is 0, authentication is rejected as authentication failure (step S2200).
As described above, according to the fourth embodiment, even if biometric authentication fails, preliminary authentication can be performed by other means, and the preliminary authentication is successful in both biometric authentication and password authentication. Otherwise, authentication will not be accepted and security will not be compromised.

  Further, by using the present invention, IC card authentication for starting a transaction may be performed only when authentication is successful for all of a plurality of biometric authentications and password authentications. Finger vein authentication is performed, and if successful, iris authentication is performed. If successful, password authentication is performed. If successful, authentication is accepted. If an error occurs three or more times during any of the authentications, the authentication is immediately rejected.

  The biometric information to be authenticated in biometric authentication is the only one, and even if the biometric information is copied by some method, the biometric information cannot be changed. However, the IC card authentication performs a plurality of biometric authentications, Even if the password information is variable, the authentication is not accepted unless the authentication is successful, so that high security can be maintained even if the biometric information may be copied.

<Embodiment 6>
Next, limited transaction authentication using an IC card according to Embodiment 6 of the present invention will be described. The IC card according to the sixth embodiment has the same configuration as that of the first embodiment, and the description of the same configuration and processing is omitted. Only the configuration and processing specific to the sixth embodiment will be described below.

FIG. 8 is a block diagram showing this embodiment.
The IC card 1 includes a password authentication unit 4 (secret authentication unit), a data storage unit 14, and an IC card control unit 15 (personal authentication control unit). The data storage unit 14 includes a finger vein information storage unit 8, an error counter storage unit 10, and a password information storage unit 11.

  The authentication device 20 includes a finger vein information input unit 21, a password input unit 24, an external terminal control unit 26, and a finger vein authentication unit 2b (first biometric authentication unit). The authentication process of the finger vein authentication unit 2b is the same as the process described in the first embodiment.

Hereinafter, IC card authentication according to the present invention will be described with reference to FIG.
First, the user places the IC card 1 in a state that the authentication device 20 can read. For example, an IC card insertion slot is provided in the authentication device 20, and the user inserts the IC card 1 here. Then, the finger vein information input unit 21 starts accepting input, and the user holds the finger over the finger vein information input unit 21. The finger vein information input unit 21 captures the user's finger vein pattern with near infrared rays, and acquires information obtained by extracting the feature as first finger vein information (step S1100).

  Also, the external terminal control unit 26 transmits finger vein information request information to the IC card control unit 15. When receiving the finger vein information request information, the IC card control unit 15 reads the information stored in the finger vein information storage unit 8 as second finger vein information. Further, the IC card control unit 15 reads the error count information from the error counter storage unit 10 and transmits the error count information and the second finger vein information to the external terminal control unit 26.

When receiving the second finger vein information and the error count information, the external terminal control unit 26 transmits this to the finger vein authentication unit 2b. The finger vein authentication unit 2b compares the first finger vein information with the second finger vein information.
If the finger vein authentication unit 2b compares the first finger vein information with the second finger vein information and determines that the information matches a threshold value determined in advance by the system administrator, the finger vein authentication unit 2b creates authentication acceptance information. To do. If it does not match, authentication error information is created. If it is determined as an authentication error, the finger vein authentication unit 2 decrements the received error count information by 1 and transmits it to the IC card control unit 15. The IC card control unit 15 stores the received error count information in the error counter storage unit 10 (step S1200). If the received error count information is 0, the IC card control unit 15 resets the error counter storage unit 10.

  Also, if the result of decrementing the error count information by 1 as described above is 0, the finger vein authentication unit 2 starts accepting password information (step S1800). At this time, the authentication device 20 is provided with a storage unit for storing information on the number of times the error count information has become 0. If the number information exceeds a certain number determined by the system administrator, the biometric authentication is locked. A function may be provided. Alternatively, if this number information exceeds a certain number determined by the system administrator, a function may be provided in which authentication acceptance information used for authentication acceptance in password authentication performed later is used as restricted authentication acceptance information. The processing after password authentication is the same as that described in the first embodiment. If the password authentication succeeds, the authentication is accepted, and if the authentication fails, the authentication is rejected.

As described above, according to the present invention, IC card authentication is performed by combining a plurality of biometric authentication means and secret authentication, so even if authentication fails due to personal physical condition or injury, etc. As a simple measure, authentication can be succeeded by secret authentication.
Moreover, even if the biometric authentication fails several times in the above case and the IC card is invalidated, it can be validated again by the secret authentication. Therefore, if the state of physical condition or injury returns to normal, a troublesome procedure is taken. You can resume using it without any problems.

Furthermore, it is assumed that the above authentication is only an emergency measure, and there are restrictions on the use after authentication, or if there is a failure of emergency authentication several times, the authentication is completely invalidated, etc. Enables authentication that considers both convenience and security.
Furthermore, it is possible to perform authentication that is not considered successful unless all of the biometric authentications and password numbers are successful, and strict security authentication is realized.

  The program for realizing the function of the processing unit in FIG. 1 is recorded on a computer-readable recording medium, and the program recorded on the recording medium is read into a computer system and executed to perform IC card authentication. You may go. Here, the “computer system” includes an OS and hardware such as peripheral devices. The “computer system” includes a WWW system having a homepage providing environment (or display environment). The “computer-readable recording medium” refers to a storage device such as a flexible medium, a magneto-optical disk, a portable medium such as a ROM and a CD-ROM, and a hard disk incorporated in a computer system. Further, the “computer-readable recording medium” refers to a volatile memory (RAM) in a computer system that becomes a server or a client when a program is transmitted via a network such as the Internet or a communication line such as a telephone line. In addition, those holding programs for a certain period of time are also included.

  The program may be transmitted from a computer system storing the program in a storage device or the like to another computer system via a transmission medium or by a transmission wave in the transmission medium. Here, the “transmission medium” for transmitting the program refers to a medium having a function of transmitting information, such as a network (communication network) such as the Internet or a communication line (communication line) such as a telephone line. The program may be for realizing a part of the functions described above. Furthermore, what can implement | achieve the function mentioned above in combination with the program already recorded on the computer system, and what is called a difference file (difference program) may be sufficient.

It is a block diagram which shows one Embodiment of this invention. It is a block diagram which shows embodiment which performs an IC card lock / unlock process by this invention. It is a block diagram which shows embodiment which performs biometrics authentication complete lock by this invention. It is a block diagram which shows the structure which performs the composite authentication process of biometric authentication / secret authentication by this invention. It is an activity diagram which shows the process of one Embodiment of this invention. It is an activity figure which shows the IC card lock / unlock process by this invention. It is an activity figure which shows the composite authentication process of biometric authentication / secret authentication by this invention. It is a block diagram which performs biometric authentication with an authentication device. It is a block diagram which shows embodiment which performs biometrics authentication with an authentication apparatus and performs an IC card lock / unlock process. It is a block diagram which shows embodiment which performs biometric authentication with an authentication apparatus and performs biometrics authentication complete lock. It is a block diagram which shows the structure which performs biometric authentication with an authentication apparatus and performs the composite authentication process of biometric authentication / secret authentication. It is an activity diagram which shows the process which performs biometric authentication with an authentication apparatus.

Explanation of symbols

1 IC card 2 finger vein authentication unit 3 iris authentication unit 4 password authentication unit 8 finger vein information storage unit 9 iris information storage unit 10 error counter storage unit 11 password information storage unit 12 biometric authentication lock information storage unit 13 biometric authentication complete lock information Storage unit 14 Data storage unit 15 IC card control unit 16 Lock counter storage unit 17 Biometric authentication lock control unit 18 Biometric authentication complete lock control unit 20 Authentication device 21 Finger vein information input unit 22 Iris information input unit 24 Password input unit 26 External terminal Control unit

Claims (5)

An IC card having biometric authentication means and secret authentication means using secret information;
Biometric authentication lock information storage means for storing information indicating whether to invalidate the biometric authentication means;
An authentication error lock number storage means for storing the number of times the biometric authentication lock information storage means stores information to be invalidated as numerical information;
Biometric authentication complete lock information storage means for storing information indicating whether or not the biometric authentication means is completely invalidated;
When the biometric authentication process is performed using the biometric authentication unit and an authentication error is determined, information for invalidating the biometric authentication is stored in the biometric lock information storage unit, and the secret authentication unit is used to store the secret Biometric authentication lock information control means for storing information for validating biometric authentication in the biometric authentication lock information storage means when performing authentication processing and determining that the authentication is successful ,
The biometric authentication means stores information for completely invalidating biometric authentication in the biometric authentication complete lock information storage means when the numerical information stored in the error lock count storage means exceeds a predetermined threshold value. Then, when the biometric authentication process is performed and it is determined that the authentication is successful, the numerical information stored in the error lock number storage means is reset . Personal authentication control means for generating authentication acceptance information when performing biometric authentication processing using the biometric authentication means and determining an authentication error and then performing secret authentication processing using the secret authentication means and determining successful authentication The IC card according to claim 1, further comprising: The IC card according to claim 2 , wherein the authentication acceptance information is restricted authentication acceptance information. The IC card includes a plurality of biometric authentication means,
The personal authentication control means uses the at least one biometric authentication means of the plurality of biometric authentication means to perform biometric authentication processing and determines an authentication error, and then determines the authentication error as the biometric authentication means. when using another of the biometric authentication means judges that the authentication succeeds performs biometric authentication process, and was using the secret authentication means determines authentication was carried out successful authentication, that that generates an authentication acceptance information The IC card according to claim 2 or 3, wherein the IC card is characterized in that: As one of IC cards of claim 4 according to claims 1, IC card control program for causing a computer to function.

Images