JP5509769B2 - Biometric authentication device and biometric authentication method - Google Patents

Description

  The present invention relates to a biometric authentication device and a biometric authentication method for performing personal authentication by comparing registered biometric information with input biometric information.

  In recent years, biometric authentication technology has been developed for authenticating a user of an apparatus or system using a biometric image representing biometric information such as a fingerprint or a palm print. A biometric authentication device using such a biometric authentication technology acquires, for example, a biometric image representing biometric information of a user who intends to use the biometric authentication device as an input biometric image. Then, the biometric authentication device collates the user's input biometric information represented in the input biometric image with the preregistered registered biometric information of the registered user represented in the registered biometric image. If the biometric authentication device determines that the input biometric information and the registered biometric information match based on the result of the verification process, the biometric authentication device authenticates the user as a registered user having a legitimate authority. Then, the biometric authentication device permits the authenticated user to use the biometric authentication device or another device connected to the biometric authentication device.

  For authentication of fingerprints, palm prints, etc., there are a plurality of authentication methods such as a feature point method, a pattern matching method, and a frequency method.

  The feature point method is a method for performing authentication by using the position and direction of feature points including the end points and branch points of fingerprint ridges, the relationship between fingerprint feature points, and the like. Specifically, for example, there are a method using a connection relation of feature points, a method using the number of ridges between feature points, and the like. The pattern matching method is an authentication method that uses encoded image information based on fingerprint image information or shape, and various techniques have been proposed for this pattern matching method. The frequency method is an authentication method that uses encoded information based on frequency analysis of a fingerprint image.

  When more users can use the biometric authentication function, there is a technology to perform identity authentication by a hybrid authentication method that combines multiple authentication methods in order to reduce the acceptance rate of others and reduce the rejection rate of identity. Proposed.

  In the hybrid authentication method, generally, a final authentication result is determined by combining with AND (logical product) or OR (logical sum) based on the authentication result of each authentication method.

  In general, in the case of AND combination, since it is necessary to achieve authentication success (OK) in all authentication methods, an effect of lowering the acceptance rate of others (probability of accepting others as a principal) is expected. On the other hand, in the case of OR connection, since it is only necessary to determine authentication success (OK) by any authentication method, an effect of increasing the person acceptance rate (probability to reject the person by mistake) is expected.

  For example, in Patent Document 1, the pattern matching method and the feature point method are collated as the authentication method, and the result of the collation is OR-coupled so that if either one of the methods is successful, the authentication is successful. On the other hand, a method of increasing the person acceptance rate (probability of rejecting the person by mistake) has been proposed.

Further, Patent Document 2 proposes a method that conditionally ORs a feature point method and a pattern matching method. (See FIG. 1) As for the authentication process of Patent Document 2, a feature point method with a fast authentication speed is arranged in the preceding stage, and a pattern matching method with a high performance but a slow processing speed is arranged in the latter stage. For users who do not need high-performance processing, a method has been proposed to reduce the acceptance rate (probability of accepting another person as a person by mistake) while shortening the processing time by ending in the previous stage. ing.
JP 2004-192633 A JP 2006-107340 A

  As the number of fingerprint authentication operational cases increases, the operational conditions are diversified. Specifically, in a large-scale authentication system with a large number of users, security (acceptance rate of others) is emphasized, so there are strict restrictions on the fingerprint acquisition range at the time of fingerprint input (characteristics such as a wide acquisition area and fingerprint center). Area acquisition) is required. A limited input example is shown in FIG. 2A shows a vortex type, FIG. 2B shows a flow type, and FIG. 2C shows a waveform. A cross mark is added to the center position of the fingerprint.

  For users who are difficult to learn, such as elderly people and children, users whose finger joints are bent and their fingers cannot be stretched straight, and users who are unconsciously entering a fingerprint and the input position is not fixed, fingerprint input It may be irregular (rough) and the fingerprint acquisition range may be narrowed. An example of irregular (rough) input is shown in FIG. FIG. 3 shows an example of a fingerprint obtained by taking the vortex shape of FIG. 2A as an example. 3A shows an example in which only the tip side of the finger is input, FIG. 3B shows an example in which only the base side of the finger is input, and FIG. 3C shows an example in which only the right side of the finger is input. Each of FIGS. 3A to 3C is provided with a cross mark at a position corresponding to the fingerprint center of FIG.

  In the example of FIGS. 3A to 3C, the fingerprint acquisition range is narrow, and a characteristic region such as the center of the fingerprint indicated by the cross mark cannot be acquired, and the fingerprint needs to be re-input. Or, if it is used for authentication as it is, the rejection rate increases. It is a problem that convenience for users is impaired.

  Therefore, in an operation that places importance on security, even when an irregular (rough) input is performed that narrows the acquisition range at the time of fingerprint input, it is a problem to improve the convenience of the user of the authentication system.

  Therefore, when an irregular (rough) fingerprint is input, the following measures are required.

  In the case of the limited input shown in FIGS. 2A to 2C, since registration can be performed in advance using the fingerprint center position of the registered data and the collation data at the time of authentication, the search range can be reduced in subsequent processing. . However, since irregular (rough) inputs such as those shown in FIGS. 3A to 3C do not clearly show the features such as the center of the fingerprint, it is necessary to enlarge the search range for comparison.

  The fingerprint pattern on the tip side of the finger is similar even if the pattern is different. FIG. 4 shows an input example of the finger tip side in each fingerprint pattern. 4A shows a vortex type, FIG. 4B shows a flow type, and FIG. 4C shows a wave type. When comparing only the finger tip side of each type, the shapes are very similar, and the pattern matching method tends to increase the similarity score.

  Furthermore, there are few feature points acquired from fingerprints of small areas that are partially acquired, and the score of similarity increases by comparing with registered fingerprint data using feature points with small areas, and the acceptance rate of others (false authentication) It is also predicted that the establishment of

  Therefore, it is necessary to reduce the occurrence frequency of erroneous verification even when a fingerprint is input irregularly (roughly) and a partial region of the fingerprint is acquired.

  Even when only a partial region of the fingerprint is input, the problem of reducing erroneous matching and improving the convenience for the user is not disclosed in the above-mentioned Patent Document 1 and Patent Document 2, and can be solved. Absent.

  An object of the present invention is to solve the above-described problems and to improve the convenience of a fingerprint authentication user by reducing the frequency of occurrence of erroneous verification even when an irregular fingerprint is input.

  An authentication device according to the present invention includes a storage unit that stores registered biometric data, a biometric information acquisition unit that acquires biometric information, and a plurality of authentication units that are used for authentication with different characteristics from one biometric information acquired by the biometric information acquisition unit. A biometric feature data generation unit that generates biometric feature data of the first and second biometric feature data that is one of a plurality of biometric feature data generated by the biometric feature data generation unit. A first authentication unit that performs comparison and collation with second biometric feature data different from the first biometric feature data among the plurality of biometric feature data generated by the registered biometric data and the biometric feature data generation unit. 2 for each of the first authentication unit, the first authentication unit, and the second authentication unit by acquiring and comparing the positional relationship between the registered biometric data and the biometric feature data when the collation result is obtained. And an authentication result comparison / determination unit that determines whether there is a contradiction in authentication between the authentication unit and the second authentication unit.

  With the above configuration, the biometric authentication device of the present application evaluates not only the authentication result of the input biometric information and the registered biometric information but also the alignment result of the input biometric information and the registered biometric information, and the position can be determined even when the authentication is successful. The result of the combination is evaluated to determine whether the authentication reliability is high. If it is determined that the reliability is low, the authentication is not successful.

  In addition, when the alignment result reliability is high, the authentication is successful, thereby reducing the re-input and improving the convenience of the user.

  Hereinafter, a computer to which the biometric authentication device or the biometric authentication method disclosed in this specification is applied will be described with reference to the drawings.

  A computer to which a biometric authentication device or a biometric authentication method according to an embodiment applies a user's biometric information as input biometric information when a user who wants to use the computer logs in to the computer. And this computer collates input biometric information with the registration biometric information of the registered user corresponding to the identification information input by the user among the users previously registered into the computer. If it is determined that the input biometric information matches the registered biometric information based on the result of the verification process, the computer authenticates the user as a registered user. The computer then allows an authenticated user to log into the computer.

  Here, this computer acquires the biological information of the user by the sensor. And this computer calculates the collation score showing the similarity degree of input biometric information and registration biometric information, and determines whether a user is authenticated with the principal.

  In this embodiment, the computer uses a fingerprint as biometric information to be biometrically authenticated. However, it can be applied not only to fingerprint authentication but also to biometric authentication technology using spatial information such as image data.

  FIG. 5 is a schematic configuration diagram of a computer that executes biometric authentication processing. As illustrated in FIG. 5, the computer includes an input unit 1, a display unit 2, a biological information acquisition unit 3, a storage unit 4, a processing unit 5, and a path 6 that connects the units. In the biometric authentication process in this configuration, when the user attempts to log in, the biometric authentication process is executed using a fingerprint image representing the user's fingerprint. Then, as a result of the biometric authentication process, this biometric authentication device executes a login process when the user is authenticated as one of registered users registered in advance in the computer. The computer then allows the user to use the computer.

  Details of each component will be described below.

  The input unit 1 includes an input device such as a keyboard, a mouse, or a touch pad, for example. The input unit 1 is used for a user to input commands, data, and the like. The input unit 1 functions as an identification information input unit for inputting user identification information to a computer. The identification of the user can be, for example, a character string including alphanumeric characters or symbols or the name of the user. The command, data, or user identification information input via the input unit 1 is passed to the processing unit 5.

  The display unit 2 includes a display device such as a liquid crystal display or a CRT monitor, for example. The display unit 2 displays commands, data, or user identification information input to the computer via the input unit, or various types of information related to applications executed by the processing unit.

  When a legitimate user is registered in the computer, the biometric information acquisition unit 3 generates a registered fingerprint image representing the user's fingerprint, which is a reference for biometric authentication processing. The biometric information acquisition unit 3 generates an input fingerprint image representing the fingerprint of the user when the user attempts to log in to the computer. Therefore, the biometric information acquisition unit 3 includes, for example, a sweep type fingerprint sensor. This fingerprint sensor can be, for example, a sensor that employs any one of an optical type, a capacitance type, an electric field type, and a thermal type. The biometric information acquisition unit 3 may include any contact-type fingerprint sensor that uses an area sensor. The biometric information acquisition unit 3 passes the generated fingerprint image to the processing unit 5. The input unit 1 and the biological information acquisition unit 3 may be formed integrally.

  When the user performs an operation for requesting login via the input unit 1, for example, the computer places a message on the display unit 2 to prompt the user to input identification information of the user and a finger on the biometric information acquisition unit 3. And a message prompting you to do so. When the computer acquires the user's input fingerprint image via the biometric information acquisition unit 3, the computer associates the input fingerprint image with the user identification information input via the input unit 1. When the user performs an operation of registering with the computer via the input unit, the computer, for example, displays a message prompting the user to input the identification information of the user on the display unit 2 and a finger on the biometric information acquisition unit 3. A message prompting the user to place the message is displayed. When the computer acquires the registered fingerprint image of the user via the biometric information acquisition unit 3, the computer associates the registered fingerprint image with the user identification information input via the input unit 1.

  The storage unit 4 includes, for example, at least one of a semiconductor memory, a magnetic disk device, and an optical disk device. The storage unit 4 stores application programs used in the computer, identification information and personal setting information of at least one registered user, various data, and the like. The storage unit 4 stores a program for executing biometric authentication processing. Furthermore, the storage unit 4 stores registration feature data representing the fingerprint of a specific finger of the registered user for each registered user.

  The processing unit 5 includes one or a plurality of processors and their peripheral circuits. Then, the processing unit 5 executes commands or various applications input via the input unit 1. The processing unit 5 executes processes such as user login and logout to the computer and user registration. Here, when the processing unit 5 is requested to execute login processing from the user to the computer via the input unit 1, the input obtained from the biometric information acquisition unit 3 and representing the user's fingerprint is displayed. A biometric authentication process using a fingerprint image is executed. Further, when the processing unit 5 is requested to execute registration processing to the computer from the user via the input unit 1, the processing unit 5 obtains the user's fingerprint image acquired from the biometric information acquisition unit 3 by processing. The obtained data is stored in the storage unit 4 as registered biometric data.

  FIG. 6 is a functional block diagram of the processing unit 5 showing functions realized for executing the biometric authentication process in the present invention. The processing unit 5 includes a biometric feature data generation unit 51, a first authentication unit 52, a second authentication unit 53, a contradiction possibility detection unit 54, an authentication control unit 55, and an authentication result comparison determination unit 56. . Each of these units included in the processing unit 5 is a functional module implemented by a computer program executed on a processor included in the processing unit 5. Alternatively, these units included in the processing unit 5 may be implemented on a computer as firmware. Further, the processing unit 5 may include a module for executing a login process or a logout process and a module for executing various applications. However, since modules other than each unit shown in FIG. 6 such as a module for executing a login process or a logout process are not directly related to the biometric authentication process, only each unit shown in FIG. 6 will be described here.

  FIG. 7 shows an authentication processing procedure in the present invention.

At the start of authentication, the biometric information acquisition unit 3 acquires a fingerprint image of the user. (S101)
The biometric feature data generation unit 51 obtains a plurality of different input biometric feature data used for authentication by each of the first authentication unit and the second authentication unit from one fingerprint image of the user acquired by the biometric information acquisition unit 3. Generate. (S102)
That is, the registered biometric data registered in advance and the input biometric feature data generated by the biometric feature data generation unit 51 are configured from input biometric feature data corresponding to the authentication unit included in the processing unit 5. Input biometric feature data includes feature points (such as the positions and directions of fingerprint ridge end points and branch points), ridge patterns (images themselves, images subjected to arbitrary image processing, etc.), frequency information, and the like. For example, when a feature point method is used in the matching process, branch points and end points of ridges are extracted as minutiae (feature points). In order to extract branch points and end points of the ridges from the input fingerprint image, the input fingerprint image is binarized using, for example, a local threshold method. Next, thinning processing is performed on the binarized input fingerprint image. Thereafter, the partial area of the input fingerprint image that has been thinned using a plurality of mask patterns is scanned to detect the position on the input fingerprint image when it matches any mask pattern. The central pixel at the detected position is extracted as a feature point. The mask pattern is represented by 3 × 3 pixels, for example, and has a binary pattern corresponding to a branch point or an end point of a ridge. Further, the position of the extracted feature point and the ridge direction near the feature point are obtained as information representing the feature point. In order to obtain the ridge direction in the vicinity of the feature point, any known method for obtaining the ridge direction can be used. Note that the feature points may be extracted from the input fingerprint image and the registered fingerprint image by using another known method for obtaining the end points or branch points of the ridges as the feature points. On the other hand, when the pattern matching method is used for the collation processing, the entire acquired fingerprint image or an image obtained by cutting out a predetermined region is acquired as input biometric feature data.

  Hereinafter, the registered biometric information registered in the storage unit is referred to as preregistered biometric data, and the feature data generated by the biometric feature data generation unit 51 is referred to as input biometric feature data.

Subsequently, the first authentication unit 52 acquires the registered biometric data registered in advance of the user from the storage unit, compares the input biometric feature data with the registered biometric data registered in advance, and compares the collation score with the collation score. The registration result of the registered biometric data and the input biometric feature data is calculated. (S103)
Success / failure of authentication is determined by comparing the calculated verification score with a preset verification determination threshold value. (S104)
In the first authentication unit 52, a method with a small processing load such as a feature point method is desirable. As an example of the feature point method, an arbitrary feature point of registered biometric data registered in advance is selected as the first reference feature point. One of the feature points of the input biometric feature data is selected as the second reference feature point. Then, the input biometric feature data is translated so that the second reference feature point coincides with the first reference feature point. Thereafter, while rotating the input biometric feature data, the number of feature points of the input biometric feature data that matches the feature points of the registered biometric data registered in advance is obtained. The above processing is repeated while changing the combination of the first reference feature point and the second reference feature point, and the maximum number of feature points of the input biometric feature data that matches the feature points of the registered biometric data registered in advance is maximized. Find the value. Finally, a value obtained by dividing the maximum value of the number by the total number of feature points extracted from the input biometric feature data is obtained as a matching score. Therefore, in this case, the collation score has a value of 0 to 1, and the collation score value approaches 1 as the degree of similarity between the input biometric feature data and the registered biometric data registered in advance increases. In order to detect the feature point of the input biometric feature data that matches the feature point of the registered biometric data registered in advance, the registered biometric registered in advance within a predetermined range from the position of the target feature point of the input biometric feature data. Check whether a feature point of data exists. Here, the predetermined range can be a value corresponding to an average interval between two adjacent ridges, for example. When there are feature points of pre-registered biometric data within a predetermined range from the position of the feature point of interest, an angular difference in the ridge direction in the vicinity of these feature points is obtained. When the absolute value of the angle difference in the ridge direction is included within the predetermined angle range, it is determined that the feature point of the registered biometric data registered in advance matches the target feature point of the input biometric feature data. The predetermined angle range is a value corresponding to an allowable limit that can be considered that the ridge direction in the vicinity of the feature point of interest and the ridge direction in the vicinity of the feature point of the registered biometric data registered in advance correspond to each other. It can be 10 degrees. It should be noted that the feature point of the input biometric feature data matches the feature point of interest in advance only when there is a feature point of pre-registered biometric data of the same type as the feature point of interest within a predetermined range from the position of the feature point of interest. You may determine with the feature point of the registered biometric data registered. Moreover, you may utilize the other well-known method of calculating | requiring the number of the feature points of the registered biometric data previously registered which correspond with the feature point of the partial area | region of input biometric feature data.

Specifically, the registered biometric data and the input biometric feature data that are registered in advance are superimposed as the alignment result, and the coordinate difference between the reference positions of the respective data is maximized in the state where the matching score between the overlapping portions is the highest. Vector (dx, dy) is calculated. (S105)
The contradiction possibility detection unit 54 is executed when the authentication is successful as a result of the authentication performed by the first authentication unit. Using the registration result of the registered biometric data and the input biometric feature data registered in advance by the first authentication unit, the possibility of contradiction in the authentication result is detected. (S106)
Specifically, the norm of the coordinate difference vector (dx1, dy1) output by the first authentication unit is calculated, and if it is equal to or greater than a predetermined threshold, it is determined that there is a possibility of inconsistency. As an example of the determination result of the contradiction possibility detector, FIG. 8 shows an example where the possibility of contradiction is low, and FIG. 9 shows an example where the possibility of contradiction is high. FIGS. 8 and 9 respectively show (a) registered biometric data, (b) input biometric feature data, and (c) registration results of registered biometric data and input biometric feature data. 8 and 9, the center of gravity of the entire image region is used as a reference position for registered biometric data and input biometric feature data, and is used when obtaining a coordinate difference vector. 8 and 9, a solid cross mark is added to the center of gravity of the registered biometric data, and a dotted cross mark is added to the center of gravity of the input biometric feature data.

  The centroid distance when the centroid of the registered biometric data in FIG. 8A and the centroid of the input biometric feature data in FIG. 8B are superimposed as shown in FIG. 8C is the norm of the coordinate difference vector (dx1, dy1). Calculate as 9 also calculates the distance between the centroid of the registered biometric data and the centroid of the input biometric feature data as the norm of the coordinate difference vector (dx1, dy1) as in FIG.

  As an example of the threshold value, when the image size of the fingerprint image is 300 × 300 pixels and the resolution is 500 dpi, it is determined that the possibility of inconsistency is high when the norm of the coordinate difference vector is 100 pixels or more.

The authentication control unit 55 performs authentication in the second authentication unit when the contradiction possibility detection unit determines that the authentication result by the first authentication unit is likely to be inconsistent. On the other hand, if it is not determined that a contradiction is likely to occur, the second authentication unit does not execute and ends with successful authentication. (S106: NO)
Similar to the first authentication unit 52, the second authentication unit 53 compares the input biometric feature data with the registered biometric data to determine success / failure of the authentication. Similarly, a coordinate difference vector (dx2, dy2) is output. (S107)
However, the system has a characteristic different from that of the first authentication unit. For example, a pattern matching method and a frequency method are used. An example when the pattern matching method is used will be described. While changing the relative position of the image information of the input biometric feature data and the image information of the registered biometric data registered in advance, using the following formula, the image information of the input biometric feature data and the image information of the registered biometric data Correlation value c (i, j) between is calculated.

  Here, I (x, y) represents the pixel value of the pixel of the horizontal coordinate x and the vertical coordinate y included in the image information of the input biometric feature data. T (x-i, y-j) represents the pixel value of the pixel of the horizontal coordinate (x-i) and the vertical coordinate (y-j) included in the image information of the registered biometric data. Iav is an average pixel value of pixels included in the image information of the input biometric feature data, and Tav is an average pixel value of pixels included in the image information of the registered biometric data. Note that i and j represent the horizontal and vertical shift amounts of the image information of the input biometric feature data and the image information of the registered biometric data, respectively. Further, c (i, j) represents a correlation value when the image information of the input biometric feature data is shifted by i pixels in the horizontal direction and j pixels in the vertical direction with respect to the image information of the registered biometric data. The correlation value c (i, j) can take a value included between −1 and 1. When the image information of the input biometric feature data completely matches the image information of the registered biometric data, the correlation value c (i, j) is 1. On the other hand, when the image information of the input biometric feature data and the image information of the registered biometric data are completely inverted, the correlation value c (i, j) is -1.

The authentication result comparison / determination unit 56 compares the registration results of the registered biometric data and the input biometric feature data when both the first authentication unit and the second authentication unit are authenticated (S108), If there is a contradiction in the alignment results, the authentication result is rejected and determined as another person, and if there is no contradiction, the authentication result is adopted and the person is determined. (S110)
Specifically, the norm of the difference between the coordinate difference vector (dx1, dy1) of the first authentication unit and the coordinate difference vector (dx2, dy2) of the second authentication unit is calculated. When the calculated norm is equal to or greater than a predetermined threshold, it is clearly regarded that the first authentication unit and the second authentication unit have authenticated at different positions, and it is determined that there is a contradiction in the collation result. An example in which the alignment result of each authentication unit is different is shown in FIG.

  FIG. 10A shows an example of the collation result of the first authentication unit, where the solid line rectangular area indicates the data area of the registered biometric data, and the solid line shaded area indicates the registered biometric data. A dotted rectangular area indicates the data area of the input biometric feature data, and a dotted hatched area indicates the input biometric feature data. FIG. 10B shows an example of the collation result of the second authentication unit. A dotted rectangular area indicates the data area of the input biometric feature data, and a dotted hatched area indicates the input biometric feature data. In the example of FIG. 10A, the authentication result in the first authentication unit 52 indicates that the input biometric feature data and the authentication can be performed in the upper area of the registered biometric data, and the centroid of the registered biometric data and the input biometric feature data. The distance between the cross marks representing is detected as a coordinate difference vector (dx1, dy1). In the example of FIG. 10B, the authentication result in the second authenticating unit 53 indicates that authentication with the input biometric feature data has been performed in the central area of the registered biometric data, and the centroid of the registered biometric data and the input biometric feature data. Is detected as a coordinate difference vector (dx2, dy2). By calculating the norm of the difference between the coordinate difference vector (dx1, dy1) detected by the first authentication unit 52 and the coordinate difference vector (dx2, dy2) detected by the second authentication unit 53, the first authentication unit It is possible to determine the positional deviation between the collation position at 52 and the second authentication unit 53 collation position. That is, as described above, when the calculated norm is equal to or greater than a predetermined threshold, it is clearly considered that the first authentication unit and the second authentication unit have authenticated at different positions, and the verification result is inconsistent. Is determined.

  As an example of the threshold value, when the image size of the fingerprint image is 300 × 300 pixels and the resolution is 500 dpi, it is determined that the possibility of contradiction is high when the norm of the coordinate difference vector is 50 pixels or more.

  Based on the determination result of the contradiction possibility detection unit 54, the authentication result comparison determination unit 56 reduces the verification score of each of the authentication units 52 and 53 to make it difficult to be authenticated when the norm is large. For example, FIG. 11 shows an example of a weight table for reducing the matching score. Based on the determination result, by switching the weight to be multiplied by the verification score of each authentication, the verification score is reduced if the possibility of contradiction is high. As a result, when there is a high possibility of contradiction, authentication will be difficult, and reduction in acceptance of others can be expected. As another example, FIG. 12 shows an example of a threshold table for quantizing a matching score into a matching level. In FIG. 12, the collation score takes a value included in the range of 0 to 100, and approaches 100 as the degree of similarity increases. In accordance with the verification score of each authentication unit, the verification level to be converted is determined by the threshold value in FIG. For example, if the collation score is 65, the collation level is converted to 3 if the possibility of contradiction is high, and vice versa. That is, when the possibility of contradiction is high, the collation level is converted to a low level. The converted collation level is compared with a predetermined collation threshold level to determine success / failure of the authentication. By the above procedure, when there is a high possibility of contradiction (the norm is large), it becomes difficult to authenticate and reduction of acceptance of others can be expected. 12 is assumed to be used in both the first authentication unit and the second authentication unit, but a threshold table may be provided for each authentication unit.

  Furthermore, in the processing procedure of FIG. 7, the contradiction possibility detection unit 54 is executed only when the first authentication unit 52 has succeeded in authentication. As another embodiment, a threshold different from the collation determination threshold is used. May be provided to control the execution of the contradiction possibility detection unit 54. In this case, 0 <implementation determination threshold <matching determination threshold. If the first authentication unit 52 does not succeed in authentication, but a high collation score is calculated to some extent (it cannot be determined that the user is authentic but shows a certain degree of similarity), the possibility of contradiction is detected. If it is determined that the contradiction is likely to occur, the authentication control unit 55 determines that the authentication has failed and ends. On the other hand, if it is not determined that a contradiction is likely to occur, the second authenticating unit 53 performs authentication by regarding that there is a possibility of being determined as the principal. The authentication result comparison / determination unit 56 compares the alignment results of the first authentication unit 52 and the second authentication unit 53 when the second authentication unit 53 authenticates the person, and there is a discrepancy between the alignment results. If there is, the authentication result of the second authentication unit is rejected and determined as another person, and if there is no contradiction, the authentication result of the second authentication unit is adopted and determined as the person. As a result, when there is no contradiction in the alignment results of the first authentication unit 52 and the second authentication unit 53, an improvement in authentication performance is expected by OR combination of the authentication results of the first authentication unit 52 and the second authentication unit 53. it can.

  In the embodiment, an example using two types of authentication units has been described, but three or more types of authentication units may be provided, and the authentication control unit executes based on the determination result of the contradiction possibility detection unit. It is also possible to switch the type and number of authentication units. As the possibility of contradiction increases, the number of authentication units to be executed can be increased, whereby it is possible to strictly determine whether or not there is a contradiction in the alignment result, and as a result, it is possible to suppress the occurrence frequency of erroneous verification by others.

These are the schematic block diagrams which show the example of the existing hybrid authentication. FIG. 10 is a diagram for explaining an input example with restrictions. These are figures explaining the example of irregular input. These are the figures explaining the input example of the front end side of the finger in each fingerprint pattern. These are the schematic block diagrams of the computer which performs the biometrics authentication process by this invention. These are functional block diagrams of the present invention. These are figures which show the authentication processing procedure in this invention. These are figures which show Example 1 of the determination result of a contradiction possibility detection part. These are figures which show the example 2 of the determination result of a contradiction possibility detection part. These are figures which show the example from which the alignment result of each authentication part differs. These are figures which show the weight table for converting a collation score. These are figures which show the threshold value table for converting a collation score into a collation level.

DESCRIPTION OF SYMBOLS 1 Input part 2 Display part 3 Biometric information acquisition part 4 Memory | storage part 5 Processing part 6 Bus 51 Biometric characteristic data generation part 52 1st authentication part 53 2nd authentication part 54 Contradiction possibility detection part 55 Authentication control part 56 Authentication result comparison determination Part

Claims (8)

A storage unit for storing registered biometric data;
A biometric information acquisition unit for acquiring biometric information;
A biometric feature data generation unit that generates a plurality of biometric feature data used for authentication having different characteristics from one piece of biometric information acquired by the biometric information acquisition unit;
A first authentication unit for comparing and collating registered biometric data and first biometric feature data that is one of a plurality of biometric feature data generated by the biometric feature data generating unit;
A second authentication unit for comparing and collating second biometric feature data different from the first biometric feature data among the registered biometric feature data and the plurality of biometric feature data generated by the biometric feature data generating unit;
For each of the first authentication unit and the second authentication unit, the first authentication unit and the second authentication unit are obtained by acquiring and comparing the positional relationship between the registered biometric data and the biometric feature data when the authentication result is obtained. An authentication result comparison / determination unit that determines whether there is a contradiction in authentication in the authentication unit,
When both authentication results of the first authentication unit and the second authentication unit are successful, the authentication results of the first and second authentication units are adopted if there is no contradiction in the determination result of the authentication result comparison determination unit. A biometric authentication device. The biometric authentication device according to claim 1,
A contradiction possibility detection unit that acquires the positional relationship between the registered biometric data and the biometric feature data when the authentication result is obtained by the first authentication unit, and detects the contradiction of the authentication result of the first authentication unit;
An authentication control unit that performs authentication in the second authentication unit when it is determined by the contradiction possibility detection unit that a contradiction is likely to occur;
A biometric authentication device comprising:   The contradiction possibility detection unit is configured such that the coordinates between the reference positions of the registered biometric data and the biometric feature data based on the positional relationship between the registered biometric data and the biometric feature data when the authentication result is obtained by the first authentication unit. The biometric authentication device according to claim 2, wherein the possibility of contradiction is evaluated using a difference vector. The authentication result comparison / determination unit is configured to determine whether the registration biometric data and the biometric feature data are based on a positional relationship between the registered biometric data and the biometric feature data based on the positional relationship between the registered biometric data and the biometric feature data when the first authentication unit obtains the authentication result. Second coordinate between each reference position of the registered biometric data and the biometric feature data based on one coordinate difference vector and the positional relationship between the registered biometric data and the biometric feature data when the second authentication unit obtains the authentication result using the difference vector, the biometric authentication device according to one of the claims 1 to 3, characterized in that to determine whether there is inconsistency in the authentication result of the second authentication unit and the first authentication unit. The authentication result comparison and determination unit includes a table storing weighting for converting the matching score of the first authentication unit and the second authentication unit,
If it is determined that there is a possibility contradicted by the inconsistency possibility detection unit, according to claim 2 or claims, characterized in that reducing the matching score of the first authentication unit and second authentication unit in accordance with the table Item 4. The biometric authentication device according to Item 3 . The authentication result comparison / determination unit includes a table storing threshold values for quantizing the verification scores of the first authentication unit and the second authentication unit into verification levels,
Claims, characterized in that to convert the when it is determined that there is a possibility contradicted by contradiction possibility detection unit, a low level of matching score of the first authentication unit and second authentication unit in accordance with the table The biometric authentication device according to claim 2 or claim 3 . A storage unit for storing pre-registered registered biometric data;
A biometric information acquisition unit for acquiring biometric information;
A biometric feature data generating unit that generates biometric feature data from the biometric information acquired by the biometric information acquiring unit;
A first authentication unit for comparing and collating registered biometric data and biometric feature data generated by the biometric feature data generating unit;
A contradiction possibility detection unit that evaluates the possibility of contradiction based on the positional relationship between the registered biometric data and the biometric feature data when the verification result is obtained in the first authentication unit,
When the authentication result of the first authentication unit is successful, if it is determined that there is a possibility inconsistent evaluation results of the inconsistency possibility detection section that no successful authentication only the authentication result of the first authentication unit A biometric authentication device. A biological information acquisition step of acquiring biological information ;
A biometric feature data generation step for generating a plurality of biometric feature data used for authentication with different characteristics from the one biometric information acquired in the biometric information acquisition step;
A first authentication step for comparing and collating pre-registered registered biometric data and first biometric feature data that is one of a plurality of biometric feature data generated in the biometric feature data generating step;
A second authentication step of comparing and collating the registered biometric data registered in advance with the second biometric feature data different from the first biometric feature data among the plurality of biometric feature data generated in the biometric feature data generating step. When,
For each of the first authentication step and the second authentication step, by acquiring and comparing the positional relationship between the registered biometric data and the biometric feature data when the comparison result is obtained, the first authentication step and the second authentication step are performed. An authentication result comparison determination step for determining whether there is a contradiction in authentication in the authentication step;
A biometric authentication method comprising:

Images