JP5977846B2 - Biometric authentication platform system, biometric authentication information management apparatus, biometric authentication information management method, and biometric authentication information management program - Google Patents

Description

  The present invention relates to a biometric authentication platform system, a biometric authentication information management apparatus, a biometric authentication information management method, and a biometric authentication information management program.

  In the security system based on the conventional ID (for example, ID registered in the IC card) and the password system, there are many cases where damage such as theft, impersonation, and information leakage cannot be prevented, and the number of damages is increasing year by year. In addition, in the future, the society is rapidly moving toward a super-aging society, and it is suggested that an increase in the number of people requiring care and the population with dementia will be examined as the population ages (Ministry of Health, Labor and Welfare, June 11, 2014) The 102nd Social Security Council Nursing Benefit Subcommittee “Response to Dementia”).

  In recent years, biometric authentication systems have been improved in recognition accuracy due to technological advances, and commercial introduction examples have been increasing in ATM terminals and the like of banks. This biometric authentication system has the advantage that it is not forgotten like an IC card or a password, and forgery is difficult. For example, Patent Document 1 discloses a technique related to a biometric authentication system.

JP 2011-154415 A

  Considering an increase in security damage and an increase in the digital divide (information gap) due to a super-aging society, it is thought that the demand for a biometric authentication system to become a social platform system will be rapidly realized. However, in the current biometric authentication system, the system is completed for each service provided by a company or the like, and presents a so-called silo type individual optimization mode oriented to a single purpose. For this reason, an overview of the entire social system is uneconomical and an impediment to dissemination as a social platform system. Furthermore, there is a problem in safety because the original information for biometric authentication as personal identification information is scattered in a multiple manner. As described above, in the current biometric authentication system, it is difficult to promote the spread of the biometric authentication system and realize a situation where it is recognized as a social platform system and operated safely.

  The present invention has been made in view of the circumstances described above, and provides a biometric authentication platform system, a biometric authentication information management apparatus, a biometric authentication information management method, which provides a biometric authentication service that is economical, popular, and safe. Another object is to provide a biometric information management program.

  One aspect of the present invention is a management unit that manages original correspondence information corresponding to an original of biometric information used when performing biometric authentication of a user with a plurality of services, and user biometric information received from the plurality of services, Based on the original correspondence information managed by the management unit, an authentication unit that performs an authentication process, and whether to permit the authentication unit to execute the authentication process for each of the plurality of services A biometric authentication platform system including an authentication permission unit to be controlled.

  In one aspect of the present invention, the biometric authentication platform system includes information indicating an individual application system that provides an individual service, and information indicating a first platform system to which a plurality of the individual application systems are connected. A receiving unit that receives from the first platform system, wherein the authentication permission unit permits the authentication unit to execute the authentication process for each piece of information indicating the individual application system and information indicating the first platform system Control whether or not.

  Further, according to one aspect of the present invention, the biometric authentication platform system includes information indicating an individual application system that provides an individual service, information indicating a first platform system to which a plurality of the individual application systems are connected, and the user. A receiving unit that receives information indicating the type of biometric information from the first platform system, wherein the authentication permission unit includes information indicating the individual application system, information indicating the first platform system, and the original Whether or not to permit execution of the authentication process by the authentication unit is controlled for each type of correspondence information.

  Further, according to an aspect of the present invention, in the biometric authentication platform system, when the authentication permission unit is registered in advance to permit the authentication unit to execute the authentication process, the authentication unit performs the authentication. When it is registered in advance that the execution of the process is permitted and the execution of the authentication process by the authentication unit is not permitted, and when the execution of the authentication process by the authentication unit is not registered in advance In addition, execution of the authentication process by the authentication unit is not permitted.

  Further, according to one aspect of the present invention, the biometric authentication platform system includes a receiving unit that receives user biometric information transmitted from each of the plurality of services, and information indicating a result of the authentication process performed by the authentication unit. A transmission unit for transmitting, and the configurations of the management unit, the authentication unit, the authentication permission unit, the reception unit, and the transmission unit are configured independently for the plurality of services, Interface specifications relating to communication between the reception unit and the transmission unit and the plurality of services are provided for the plurality of services.

  In one embodiment of the present invention, in the biometric authentication platform system, the authentication unit includes user biometric information received from any one of the plurality of services, and the original managed by the management unit. Information indicating the probability of identity with the corresponding information is transmitted to the one service.

  In addition, according to one aspect of the present invention, a management unit that manages original correspondence information corresponding to an original of biometric information used when performing biometric authentication of a user with a plurality of services, and user biometric information received from the plurality of services And whether to permit the authentication unit to execute the authentication process for each of the plurality of services based on the original correspondence information managed by the management unit A biometric authentication information management device comprising an authentication permission unit for controlling the above.

  Another aspect of the present invention is a biometric information management method in a biometric information management apparatus, in which a management unit supports original data corresponding to an original biometric information used when performing biometric authentication of a user with a plurality of services. A management process for managing information, an authentication process for executing an authentication process based on the biometric information of the user received from the plurality of services, and the original correspondence information managed by the management unit; The biometric authentication information management method includes: an authentication permission process for controlling whether or not the permission unit permits the authentication unit to execute the authentication process for each of the plurality of services.

  According to another aspect of the present invention, there is provided a management procedure for managing original correspondence information corresponding to an original of biometric information used when performing biometric authentication of a user with a plurality of services in a computer as a biometric authentication information management device, Based on the user's biometric information received from a plurality of services and the original correspondence information, an authentication procedure for executing an authentication process, and whether to permit the execution of the authentication process for each of the plurality of services An authentication permission procedure for controlling the biometric authentication information management program.

  ADVANTAGE OF THE INVENTION According to this invention, the biometrics authentication service which has economical efficiency, pervasiveness, and safety can be provided.

Explanatory drawing explaining the positioning of the biometrics PF system which concerns on this embodiment. Explanatory drawing which made the positioning of the biometrics PF system concerning this embodiment more concrete. The figure which shows the usage example of the biometrics PF system which concerns on this embodiment. Explanatory drawing explaining the characteristic of the connection structure of the biometrics PF system which concerns on this embodiment. Explanatory drawing explaining the example of a connection structure of the biometrics PF system which concerns on this embodiment. Explanatory drawing explaining the characteristic of the structure of the biometrics PF system which concerns on this embodiment. The block diagram which shows an example of a structure of the biometrics PF system which concerns on this embodiment. The figure which shows an example of a user information table. The figure which shows an example of an original information table. The figure which shows an example of a biometrics authentication function table. The operation | movement figure which shows an example of the registration process of biometrics original information. The operation | movement figure which shows an example of the process of the first half in a biometrics authentication process. The operation | movement figure which shows an example of the process of the latter half in a biometrics authentication process. It is an image figure of an authentication process. Explanatory drawing explaining the independence and safety | security of a biometrics PF system. The 1st explanatory view explaining the outline of the use scene of a biometrics PF system. Explanatory drawing explaining the example which prohibits the use other than the objective of an authentication process. Explanatory drawing explaining the other example which prohibits the utilization other than the objective of an authentication process. The flowchart which shows an example of the process which controls whether execution of an authentication process is permitted according to a utilization purpose. Explanatory drawing explaining the double registration prohibition process of biometrics original information. The flowchart which shows an example of the double registration prohibition process of biometrics original information. Explanatory drawing explaining the management method of biometrics original information. Explanatory drawing explaining an example of the division | segmentation fragmentation of a 2 division system. Explanatory drawing explaining an example of the division | segmentation fragmentation of a 3 division | segmentation system. Explanatory drawing explaining the high safety | security by triple of biometrics original information. The 2nd explanatory view explaining the outline of the use scene of a biometrics PF system. Explanatory drawing explaining the flow of the prevention process of the impersonation at the time of original registration and replacement | exchange of biometric information.

Hereinafter, an embodiment of the present invention will be described with reference to the drawings.
[Outline of biometric authentication platform system]
The biometric authentication platform system according to the present embodiment is not a system that is completed for each service provided by a company or the like, but is provided as a social platform system that can be shared by a plurality of services. Here, the platform system is a shared use type system having a basic function. The platform system can share and use various types of information and functions within the system, but it is affected by being able to guarantee independence from others other than those registered with the system and other systems that are not compatible with the system. Can not be. In addition, the platform system can receive a connection access for use from a front system or a host system corresponding to the system, and can stably provide a predetermined function or service. For example, the platform system may be constructed as one of ICT (Information and Communication Technology) systems. The social platform system is a platform system having a basic function that enables a plurality of organizations, companies, individuals, groups, communities, local governments, etc. to share information and use services. For example, “Social IT-PF system ( Social information technology platform system) ”.

The biometric authentication platform system according to the present embodiment provides a biometric authentication service by sharing and using biometric information in a plurality of services as a social platform system. For example, the biometric authentication platform system according to the present embodiment has the following characteristics.
(1) Since it can be shared by a plurality of companies, etc., the biometric authentication function can be changed from individual optimization to centralization, and from single-purpose to multi-purpose. And multipurpose use).
(2) It is not necessary to have original correspondence information corresponding to the original biometric information for authentication for each use system, and originality can be guaranteed. In other words, the biometric authentication function can be unified and multi-purpose oriented, and guarantee of original unity can be realized (original unity guarantee). Here, the original correspondence information may be bare information (for example, uncoded image information) of biometric information that is the original, or may be information in which the biometric information that is the original is encoded. Alternatively, it may be information converted into other information associated with the biometric information as the original. In the following description, this original correspondence information is also referred to as “biometric authentication original information”, or simply “original” or “original information”.
(3) A platform system that is separate and independent from the usage system, and is equipped with multiple layers of safety measures to ensure the safety of original storage (safety of original storage).
(4) When a company or organization without capital power wants to improve safer system operation, the biometric authentication function can be easily implemented by connecting to this biometric authentication platform system. In addition, it can be handled in a centralized manner regardless of the type of authentication such as face authentication, fingerprint authentication, vein authentication, etc., and has social spread (social spread). In the following description, the biometric authentication platform system is also abbreviated as “biometric authentication PF system”.

  FIG. 1 is an explanatory diagram for explaining the positioning of the biometric PF system according to the present embodiment. In this figure, it is divided into a user (user) layer, an individual service layer, and a social platform system layer. The individual service is a service (hereinafter also referred to as “individual service”) provided by each of a plurality of organizations, companies, individuals, groups, communities, local governments, and the like used by the user. For example, individual services are divided into individual services provided by government agencies (countries, local governments, etc.), industry (private companies, etc.), schools (education, research institutions, etc.), and others (individuals, communities, etc.). It is done. The biometric authentication PF system according to the present embodiment is a part of the social platform system, and the individual services can be regarded as the same or the same. For example, in the biometric authentication PF system, the biometric authentication service is provided from each individual service so that the biometric authentication service can be similarly provided to any of the individual services belonging to government agencies, industry, schools, and others. It has functions necessary for shared use (through function).

  In addition, the social platform system is widely useful when the three of the social IT-PF system, social behavior system, and social system are in harmony, and the positioning of the biometric authentication PF system here. The social platform system is a social IT-PF system. For example, a function is provided in which a user performs pre-registration of biometric authentication original information to a social IT-PF system (biometric authentication PF system) via an individual service. In addition, when the user performs biometric authentication in the individual service, a function is provided for notifying the user of the authentication result from the social IT-PF system (biometric authentication PF system) via the individual service. Since it is a platform system, it is a business model in which individual services exist with users. In other words, there are both a case where an end user uses an intermediate service between a platform system and an end user, and a case where an end user directly uses the platform system (details will be described later).

  FIG. 2 is an explanatory diagram showing more specifically the positioning of the biometric authentication PF system according to the present embodiment. In this figure, the user layer, the individual service layer, the platform layer, the network layer, and the terminal layer are shown separately. The network layer shows a communication network NW that is a base (infrastructure) of information transmission in this configuration. The terminal layer shows the terminal 50 used by the user.

  The platform layer includes a business platform layer including a business platform system 200 for each business area (an example of a first platform system; hereinafter, abbreviated as “business PF system 200”), and the present embodiment. The biometric authentication PF system 300 is further divided into two layers: a biometric authentication platform layer including the biometric authentication PF system 300. The business PF system 200 is equipped with a necessary business service function specialized for a target market or a target individual service. On the other hand, the biometric PF system 300 does not specialize in the market and individual services, and is equipped with general-purpose functions, so-called subordinate functions. For example, the biometric authentication PF system 300 is configured as one logical server device (an example of a biometric authentication information management device) by combining a plurality of computer devices using cloud computing. The biometric authentication PF system 300 may be configured as a single logical server device (an example of a biometric authentication information management device) by a single computer device.

  The individual service layer indicates each individual service provided by the individual application system 100 (hereinafter also abbreviated as “individual AP system 100”) from each individual service provider. The individual AP system 100 includes “medical care, nursing care, and health care (for elderly and late elderly)”, “for theme parks”, “for educational institutions”, “for electronic administration”, “IT operator authentication”, Provide individual services by government agencies, industry, schools, and others, such as “for robots”, “identification”, “shopping for daily necessities and foods (for elderly and late elderly)”, etc.

  The user layer shows users who use the above-mentioned individual services. For example, those who receive administrative services, those who receive care, those who receive medical care, those who receive medical care, those who receive health care, those who are healthy, There are various people, such as those who study, those who are unidentified. In addition, since a user needs user registration with respect to biometrics PF system 300 in order to use the biometric authentication service which concerns on this embodiment, below, the user who uses biometrics PF system 300 is "registered." Sometimes referred to as "person".

  From the viewpoint of the biometric authentication PF system 300, both the business PF system 200 and the individual AP system 100 are treated as similar upper layer systems, and there is no difference. The biometric authentication PF system 300 handles various types of biometric authentication information in an integrated manner and performs operations related to biometric authentication information.

  FIG. 3 is a diagram illustrating a use case of the biometric PF system according to the present embodiment. There are various individual services that can use the biometric authentication PF system 300. In this figure, the horizontal axis indicates “public use (use by government offices)” or “private use (use by private companies)”, and the vertical axis shows “pursuit of a safe society” or “pursuit of a convenient and friendly society”. 11 use cases and respective use cases are shown at positions corresponding to the horizontal axis and the vertical axis, respectively. It should be noted that the biometric authentication PF system 300 can be used for many other individual services due to the market trend, the progress of services, the interaction of technological progress, and the like.

  FIG. 4 is an explanatory diagram for explaining the characteristics of the connection configuration of the biometric PF system according to the present embodiment. For example, “A-1 system, A-2 system,... An system”, “B-1 system, B-2 system,... Bn system”, “Z-1 system, Z- system” 2 systems,... Z-n system "(n is a positive integer. N may be different depending on the system) is a plurality of individual services. For each individual service, it is necessary to register each biometric authentication original information and provide each biometric authentication function (face authentication function, palm vein authentication function, etc.). In the present embodiment, the biometric PF system 300 includes biometric authentication original information and each biometric authentication function in a unified manner, and provides a biometric authentication service in common to each individual service. In other words, in the present embodiment, the biometric authentication PF system 300 is configured so that each biometric authentication original information and each biometric authentication original information and each of the individual biometric authentication original information of a specific person, even when there are a plurality of individual services (systems to be used) to be used. The biometric authentication function can be integrated and managed without duplication. In the present embodiment, since the biometric authentication PF system 300 provides biometric authentication as a platform system, there is no difference between public use and private use, and convenience and pursuit of safety. It can be used for multiple purposes.

  FIG. 5 is an explanatory diagram illustrating a connection configuration example of the biometric PF system according to the present embodiment. For example, since the biometric PF system 300 is a platform system, it has a powerful position under the edge and cooperates with the business PF system 200. The business PF system 200 has a business function to be shared in a certain business area and a certain market. The individual AP system 100 has a function for a specific company to execute the business purpose of the company on the business PF system 200. In the following, three examples of form 1, form 2, and form 3 will be described as connection configuration examples.

  In the form 1, the biometric authentication PF system 300 is connected to the business PF system 200 via the communication network NW, and is further connected to the individual AP system 100 via the communication network NW. In the form 2, the biometric authentication PF system 300 is connected to the individual AP system 100 via the communication network NW. Note that, in both cases of forms 1 and 2, the individual service provided from the individual AP system 100 is used by the user in the terminal 50 connected to the individual AP system 100 via the communication network NW (for example, Registration of biometric original information, notification of biometric authentication results, etc.). In the form 3, the biometric authentication PF system 300 is directly connected to the user terminal 50 via the communication network NW. In this case, it is assumed that the terminal 50 is loaded with an application program for providing an individual service.

  The terminal 50 may be a device owned by an individual user, or may be a device installed in a facility of the individual AP system 100. The terminal 50 includes an input device that can input biometric information at the time of authentication, a registration device that can register biometric authentication original information, and a display device that displays an authentication result. Note that the terminal 50 may be a single device in which the input device, the registration device, and the display device are integrated, or may be a device in which each device is configured separately. .

FIG. 6 is an explanatory diagram for explaining the characteristics of the configuration of the biometric authentication PF system according to the present embodiment. The biometric authentication PF system 300 includes an authentication service management function unit 310, a user management function unit 320, an authentication data management function unit 330, and an authentication function library function unit 340.
The authentication service management function unit 310 is positioned to manage the biometric authentication PF system 300 as a whole, and controls and manages operations of the user management function unit 320, the authentication data management function unit 330, and the authentication function library function unit 340. The authentication service management function unit 310 has a function of a communication interface that connects to the business PF system 200, the individual AP system 100, or the terminal 50 via the communication network NW. Receive biometric information and send biometric authentication results. As the communication interface, for example, an API (application interface) used for communication with the individual AP system 100 and the business PF system 200, a DI (data interface) used for transferring biological information, and direct communication with the end user terminal 50 are performed. A minimum necessary interface is defined for a UI (user interface) used when performing the process. However, as a general rule, the interface of the installed biometric authentication function should not be changed. In other words, either one that is not subject to regulation or one that takes encapsulation means is employed.

  The user management function unit 320 includes personal information (address, name, age, gender, company name, etc.), communication connection ID, as registrant information of a user (ie, registrant) registered in the biometric PF system 300. (IP address etc.), contract information, service information, etc. are managed. The authentication data management function unit 330 safely manages the registered biometric original information by a plurality of mechanisms. The authentication function library function unit 340 includes various biometric authentication function vendor products as a library, and selects a corresponding authentication function in the library according to the content of the authentication request. These various biometric authentication functions may be prepared and installed independently in the biometric PF system 300, but there are a plurality of the latest functions of each vendor of development and provision of the biometric authentication function. By installing various types, it is possible to improve the general versatility, convenience, economy, social spread, and authentication accuracy of the system.

[Configuration of biometric PF system]
Next, a specific configuration of the biometric authentication PF system 300 according to the present embodiment will be described in detail with reference to FIG. FIG. 7 is a block diagram illustrating an example of a configuration of the biometric PF system 300 according to the present embodiment. As described with reference to FIG. 6, the biometric authentication PF system 300 includes an authentication service management function unit 310, a user management function unit 320, an authentication data management function unit 330, and an authentication function library function unit 340. .

  The authentication service management function unit 310 includes a communication processing unit 311, a registration unit 314, an authentication permission unit 315, an authentication result acquisition unit 316, and a control information storage unit 318. The communication processing unit 311 includes a reception unit 312 and a transmission unit 313, and transmits and receives information to and from the terminal 50, the individual AP system 100, and the business PF system 200 according to a prescribed communication interface.

  For example, the receiving unit 312 receives user registration information for using the biometric PF system 300 from any of a plurality of individual services. The user registration information includes user identification information, user personal information (address, name, age, gender, etc.) and other information related to the user. The receiving unit 312 receives the biometric information of the user and the identification information of the user transmitted from each of the plurality of individual services when registering the biometric authentication original information and performing biometric authentication. The receiving unit 312 also includes information indicating the individual AP system 100 that provides the individual service (hereinafter also referred to as “individual APsysID”), and information indicating the business PF system 200 to which the plurality of individual AP systems 100 are connected (hereinafter referred to as “individual AP system ID”). , Also referred to as “business PFsysID”). The receiving unit 312 receives these pieces of information from the terminal 50, the individual AP system 100, or the business PF system 200. The transmission unit 313 transmits the authentication result for the user biometric information received by the reception unit 312. For example, the transmission unit 313 transmits the authentication result to the terminal 50, the individual AP system 100, or the business PF system 200 that has received the biometric information of the user who performed the authentication process.

  When the receiving unit 312 receives the user registration information, the registration unit 314 acquires the user registration information and passes it to the user management function unit 320. For example, the registration unit 314 performs registration permission determination based on whether or not the acquired user registration information is incomplete, and passes the registered user registration information to the user management function unit 320. This user registration information is stored and managed in the user management function unit 320. The user registration information includes user identification information, personal information, and the like.

  Further, when the receiving unit 312 receives the biometric information of the user for original registration, the registration unit 314 acquires the biometric information for original registration and passes it to the authentication data management function unit 330. Here, in the following description, the biometric information of the user for original registration is also referred to as “original information biometric information”. On the other hand, the biometric information input when performing biometric authentication in each individual service is also referred to as “authentication biometric information”. Each of the biometric information for original registration and the biometric information for authentication is associated with user identification information and type information indicating the type of biometric information.

The authentication permission unit 315 controls whether or not to permit execution of biometric authentication processing for each of the plurality of individual services. For example, in the biometric authentication PF system 300, the purpose of use of biometric authentication processing (in other words, the purpose of use of biometric authentication original information) is managed for each user and for each type of biometric authentication, and unauthorized use is prohibited. . The authentication permission unit 315 permits the biometric authentication process to be executed if the request for the authentication process from the individual service is used within the intended purpose, and prohibits the execution of the biometric authentication process if the request is not intended. The process for prohibiting the use outside the purpose will be described in detail later. For example, when the authentication permission unit 315 determines that the use is within the purpose, the authentication permission unit 315 permits the biometric authentication process to be executed, and the authentication biometric information received by the receiving unit 312 is received together with the biometric authentication process execution request. Delivered to the functional unit 330.
The control information storage unit 318 stores information necessary for processing of each unit included in the authentication service management function unit 310. For example, the control information storage unit 318 stores information related to the communication interface, management information related to the purpose of use of biometric authentication for each user, and the like.

  The user management function unit 320 includes a user information management unit 321 and a user information storage unit 322. The user information management unit 321 acquires user registration information transferred from the authentication service management function unit 310 to the user management function unit 320. Then, the user information management unit 321 stores and manages the acquired user registration information in the user information storage unit 322 as user information of a user (registrant) registered in the biometric authentication PF system 300.

  FIG. 8 is a diagram illustrating an example of the user information table TBL 321 stored in the user information storage unit 322. In the illustrated user information table TBL321, a user ID (external), a user ID (internal), personal information, an original information pointer, a contract information pointer, and a credit information pointer are stored in association with each other. The user ID (external) is user identification information included in the user registration information. The user ID (internal) is obtained by converting the user ID (external) into an ID different from the user ID (external), or issued in association with the user ID (external). In the following, the user ID (internal) converted from the user ID (external) and the user ID (internal) paid out in association with the user ID (external) are referred to as the user corresponding to the user ID (external). Also called ID (inside). In the illustrated example, the user ID (internal) corresponding to the user ID (external) of “U1” is “X1”. In the biometric authentication PF system 300, safety is enhanced by performing management of biometric authentication original information and authentication processing using a user ID (internal). The personal information is information such as the user's address, name, age, and sex. The original information pointer is information indicating a storage location of the biometric original information of the user. The contract information pointer is information indicating a storage location of contract information in the communication contract of the user. The credit information pointer is information indicating the storage location of the credit information of the user.

Returning to FIG. 7, the authentication data management function unit 330 includes an original information management unit 331 (an example of a management unit), an authentication management unit 332, and an original information storage unit 333.
The original information management unit 331 acquires the biometric information for original registration transferred from the authentication service management function unit 310 to the authentication data management function unit 330. The original information management unit 331 stores the acquired original registration biometric information as biometric authentication original information in the original information storage unit 333 so as to be distinguishable for each type of biometric information and for each user. The original information storage unit 333 stores and manages biometric authentication original information for each type of biometric information and for each user as original information.

  FIG. 9 is a diagram illustrating an example of the original information table TBL 331 stored in the original information storage unit 333. In the original information table TBL331, biometric original information is managed for each authentication type (for each type of biometric information). For example, the original information table TBL331 includes an original master pointer table TBL3311, and a biometric original table for each authentication type (face authentication original table TBL3312A, fingerprint authentication original table TBL3312B,...). In the original master pointer table TBL3311, a biometric information type ID, an authentication type, and a table pointer are stored in association with each other. The biometric information type ID is type information indicating the type of biometric information. The authentication type is information indicating the type of authentication processing. In the illustrated example, S1, S2, S3 are biometric information type IDs of face authentication, fingerprint authentication, finger vein authentication, palm vein authentication, iris authentication, tooth type authentication, voiceprint authentication, and DNA (deoxyribonucleic acid) authentication. , S4, S5, S6, S7, and S8 are predetermined. The table pointer is information indicating a biometric authentication original table used in authentication processing of each authentication type (type of biometric information). For example, the face authentication table pointer “Pointer-1” includes information indicating the face authentication original table TBL3312A, and the fingerprint authentication table pointer “Pointer-2” includes information indicating the fingerprint authentication original table TBL3312B.

In the biometric original table (face authentication original table TBL3312A, fingerprint authentication original table TBL3312B,...), A user ID (internal), a sequence ID, an original number, and biometric authentication original information are stored in association with each other. Is done. The original number is a management number uniquely assigned to each biometric original information. Biometric authentication original information of each user for each authentication type is stored in the biometric authentication original information. In the illustrated example, the face authentication original information indicated by the user ID (internal) “X1” is stored with the original number “S1ORG101” in the face authentication original table TBL3312A. For example, the biometric authentication original information of this table stores the file name of each biometric authentication original information, and the actual data of each biometric authentication original information is stored in the original information storage unit 333 with each file name attached. ing. The sequence ID is information that can distinguish the plurality of different biometric authentication original information when the authentication process is performed using the plurality of different biometric authentication original information. For example, the fingerprint authentication original table TBL3312B shows an example in the case where three fingers are registered in the fingerprint authentication, and the sequence ID “1” for each biometric original information of the three fingers of each user. , “2”, “3” are stored in association with each other.
Note that all types of biometric original information described above may not be stored. That is, only registered biometric authentication original information is stored, and unregistered biometric authentication original information is not stored.

  Returning to FIG. 7, when the authentication management unit 332 acquires the biometric authentication processing execution request and the authentication biometric information passed from the authentication service management function unit 310 to the authentication data management function unit 330, the authentication function library function unit Instruct 340 to execute biometric authentication processing. Specifically, when the authentication management unit 332 acquires the biometric authentication processing execution request and the authentication biometric information, the authentication management unit 332 obtains a user ID (internal) corresponding to the user ID (external) associated with the authentication biometric information. Obtained from the user management function unit 320. And the authentication management part 332 extracts the biometric information for original registration linked | related with the acquired user ID (internal) with reference to the original information table TBL330 of the original information storage part 333, and extracted biometrics for original registration The information and the biometric information for authentication are transferred to the authentication function library function unit 340. When the authentication management unit 332 acquires the authentication result from the authentication function library function unit 340, the authentication management unit 332 passes the acquired authentication result to the authentication result acquisition unit 316 of the authentication service management function unit 310.

  The authentication function library function unit 340 includes an authentication unit 341 and an authentication function storage unit 342. When the authentication unit 341 acquires the biometric information for original registration and the biometric information for authentication passed from the authentication data management function unit 330 to the authentication function library function unit 340, the authentication unit 341 executes authentication processing. Specifically, the authentication unit 341 selects one of the biometric authentication functions from the library of biometric authentication functions stored in the authentication function storage unit 342, and uses the selected biometric authentication function to acquire the original The biometric information for registration and the biometric information for authentication are compared and verified.

  The authentication function storage unit 342 stores a library of biometric authentication functions provided by each vendor. For example, a biometric authentication function program capable of executing a biometric authentication function is provided from each vendor to the biometric authentication PF system 300, and each provided biometric authentication function program is stored in the authentication function storage unit 342. Yes. Here, the provided biometric authentication function program may be registered in the authentication function library function unit 340 from each vendor, or registered in the authentication function library function unit 340 from each vendor via the authentication service management function unit 310. May be. Each biometric function program provided by each vendor is a program created based on an algorithm that realizes each biometric function of each vendor. In addition, when a part of a biometric authentication function program is changed (for example, part of an algorithm is changed), the biometric authentication function program before the change and the biometric authentication function program after the change are different product version numbers (versions). It is managed so as to be distinguishable by an example of information). For example, the authentication function storage unit 342 stores each biometric authentication function program provided by each vendor (in other words, for each biometric authentication function algorithm), and further each version of each biometric authentication function program (in other words, biometric authentication). For each functional algorithm).

  FIG. 10 is a diagram illustrating an example of the biometric authentication function table TBL 341 stored in the authentication function storage unit 342. In the biometric authentication function table TBL341, a biometric information type ID, a vendor ID, a library ID, and an authentication function program are stored in association with each other. The biometric information type ID is type information indicating the type of biometric information for which each authentication function program performs biometric authentication. The vendor ID is identification information of a vendor who has developed and provided an authentication function program. The library ID is a management ID assigned to each authentication function program. For example, this library ID is a number uniquely assigned to each authentication function program, for example, “product number + product version number”. Each library function ID can be identified by this library ID. The authentication function program stores the file name of each authentication function program. Note that the actual data of each authentication function program is stored separately in the authentication function storage unit 342 with each file name.

  For example, a biometric authentication function to be applied for each individual service is determined in advance, and the authentication unit 341 selects a biometric authentication function according to which individual service the biometric authentication is from and the type of biometric authentication. Execute authentication process. For example, which vendor's biometric authentication function is used can be specified by associating the biometric information for authentication received by the authentication service management function unit 310 with the library ID or the vendor ID and biometric information type ID. Note that vendor information to be applied to each individual service may be stored in the authentication function library function unit 340. In that case, which vendor's biometric authentication function is used can be specified by associating the individual APsysID and the biometric information for authentication with the biometric information for authentication received by the authentication service management function unit 310. In addition, the authentication unit 341 returns an authentication result to the authentication management unit 332 of the authentication data management function unit 330.

[Operation of biometric PF system]
Next, processing operations in the biometric authentication PF system 300 will be described.
(Biometric authentication original information registration process)
First, a registration process for registering biometric authentication original information in the biometric authentication PF system 300 will be described with reference to FIG. FIG. 11 is an operation diagram illustrating an example of biometric authentication original information registration processing. Here, an example of processing in the case of performing user registration processing and biometric authentication original information registration processing at the same time will be described, but user registration processing is performed first, and then biometric authentication original information registration processing is performed. Also good. Here, a case where the individual AP system 100 or the business PF system 200 mediates information between the terminal 50 and the biometric authentication PF system 300 is shown as an example.

  In step S100, when the user inputs user registration information (for example, user ID (external), password, personal information, etc.) and biometric information for original registration in the terminal 50, the terminal 50 receives the input user registration information. And the biometric information for original registration is transmitted to the individual AP system 100 or the business PF system 200.

  In step S102, the individual AP system 100 or the business PF system 200 receives the user registration information and the biometric information for original registration transmitted from the terminal 50, and the biometric authentication PF system receives the received user registration information and the biometric information for original registration. To 300.

  In step S104, the authentication service management function unit 310 of the biometric authentication PF system 300 receives the user registration information and the biometric information for original registration transmitted from the individual AP system 100 or the business PF system 200. At this time, the authentication service management function unit 310 confirms the validity of the server or terminal 50 of the connected individual AP system 100 or business PF system 200 and the communication line (communication network NW). The authentication service management function unit 310 confirms the identity and validity of the received user registration information and original registration biometric information. For example, the authentication service management function unit 310 confirms the identity and validity based on the difference between the shooting date and time and the transmission date and time of biometric information, user credit information, contract information, and the like. The confirmation of the identity and validity will be described in detail later.

  The authentication service management function unit 310 passes the user registration information whose identity and validity have been confirmed to the user management function unit 320. The authentication service management function unit 310 passes the biometric information for original registration whose identity and validity are confirmed to the authentication data management function unit 330.

  In step S <b> 106, when the user management function unit 320 acquires user registration information from the authentication service management function unit 310, the acquired user registration information is used as user information of a user (registrant) registered in the biometric PF system 300. Store and manage (see FIG. 8). Here, the user management function unit 320 converts the user ID (external) included in the acquired user registration information into a user ID (internal) (converts from the external ID to the internal ID), encapsulates the converted user ID, and the like The safety process is performed and stored.

  In step S108, when the authentication data management function unit 330 acquires the biometric information for original registration from the authentication service management function unit 310, the acquired biometric information for original registration is used as biometric authentication original information for each type of biometric information and for each user. Are stored and managed in a distinguishable manner (see FIG. 9). The authentication data management function unit 330 performs encoding, encryption, encapsulation, etc. on the acquired biometric information for original registration, and stores and manages it as biometric original information. In addition, when already transmitted at the time of transmission from the terminal 50, the authentication data management function unit 330 may perform double encryption, or here, it may be single without being encrypted. . Further, if the data has already been encoded when transmitted from the terminal 50, the authentication data management function unit 330 may not perform the double encoding. The coding here includes so-called vectorization. In addition, when a coding function is installed in the authentication function managed by the terminal 50 or the authentication function library function unit 340, the function may be coded using the function of the terminal 50 or the authentication function library function unit 340. Further, the authentication data management function unit 330 may store and manage biometric original information by dividing and fragmenting. The authentication data management function unit 330 may multiplex (for example, triple) and store and manage biometric authentication original information. Details of the management method of the biometric original information will be described later.

(Biometric authentication process)
Next, a biometric authentication process in the biometric PF system 300 will be described with reference to FIGS. FIG. 12 is an operation diagram illustrating an example of the first half of the biometric authentication process (the process before the authentication biometric information is transmitted from the terminal 50 to the biometric PF system 300 and the authentication process is performed).

  In step S200, when the user inputs the user ID (external) and the biometric information for authentication to the user authentication screen for performing user authentication in terminal 50, terminal 50 receives the input user ID (external ) And biometric information for authentication are transmitted to the individual AP system 100 or the business PF system 200.

  In step S202, the individual AP system 100 or the business PF system 200 receives the user ID (external) and authentication biometric information transmitted from the terminal 50, and biometrically authenticates the received user ID (external) and authentication biometric information. Transmit to the PF system 300.

  In step S204, the authentication service management function unit 310 of the biometric authentication PF system 300 receives the user ID (external) and authentication biometric information transmitted from the individual AP system 100 or the business PF system 200, and the individual AP system 100 individually. APsysID or business PFsysID of business PF system 200 is received. The authentication service management function unit 310 determines whether or not the authentication process is used for the purpose, and if it is determined that the use is not intended, the authentication process is prohibited and the authentication is prohibited. Information is transmitted to the terminal 50 via the individual AP system 100 or the business PF system 200. On the other hand, if the authentication service management function unit 310 determines that the use is within the purpose, it passes the received user ID (external) and biometric information for authentication to the authentication data management function unit 330.

In step S206, when the authentication data management function unit 330 acquires the user ID (external) and the biometric information for authentication from the authentication service management function unit 310, the authentication data management function unit 330 passes the acquired user ID to the user management function unit 320, and the user ID (external ) Is acquired from the user management function unit 320. At this time, the authentication data management function unit 330 cancels the security process such as encapsulation and acquires the original user ID (internal). Note that the conversion from the user ID (external) to the user ID (internal) may be performed by the authentication service management function unit 310 passing the user ID (external) to the user management function unit 320. In that case, the authentication data management function unit 330 acquires a user ID (internal) and biometric information for authentication from the authentication service management function unit 310. And the authentication data management function part 330 specifies the biometrics original information used for an authentication process from the biometrics original information registered based on user ID (internal). The authentication data management function unit 330, when managing multiple types of biometric authentication original information for biometric authentication, includes a biometric information type ID associated with the biometric information for authentication and a user ID (internal). Based on the above, the biometric authentication original information used for the authentication process is specified from the registered biometric authentication original information. In addition, the authentication data management function unit 330 restores the identified biometric authentication original information from a state in which it has been encoded, encapsulated, encrypted, fragmented, or the like.
And the authentication data management function part 330 performs the authentication process with the acquired biometric information for authentication using the authentication function of the authentication function library function part 340. Specifically, the authentication data management function unit 330 delivers the specified biometric authentication original information and the acquired biometric information for authentication to the authentication function library function unit 340.

FIG. 13 is an operation diagram illustrating an example of the latter half of the biometric authentication process (a process in which the authentication process is performed in the biometric PF system 300 and the authentication result is transmitted to the terminal 50).
In step S300, the authentication function library function unit 340 uses the biometric authentication function in the biometric authentication function library to compare and collate the acquired original registration biometric information and authentication biometric information. Note that the biometric authentication PF system 300 supports a one-to-one comparison authentication method and a one-to-N comparison (N is a positive integer) authentication method as a biometric authentication function. The one-to-one comparison authentication method is an authentication method in which one authentication biometric information and one biometric authentication original information are compared and checked for matching. The one-to-N comparison authentication method compares one authentication biometric information with N pieces of biometric authentication original information, and determines whether or not there is biometric authentication original information that matches among the N pieces of biometric authentication original information. This is an authentication method to be verified. Any one of these authentication methods is used depending on the provided authentication function. The authentication function library function unit 340 then passes the authentication result to the authentication data management function unit 330.

  Here, the authentication process will be specifically described. For example, in the authentication process, the authentication function library function unit 340 verifies the probability of identity between the authentication biometric information and the biometric authentication original information, and uses the information indicating the probability of identity as the authentication result as the authentication data management function unit 330. Pass to. FIG. 14 is an image diagram of authentication processing. The biometric authentication original information is registered, added, and deleted from the biometric authentication PF system 300 from a plurality of individual services, and the biometric authentication PF system 300 manages the biometric authentication original information. Then, the biometric PF system 300 verifies the probability of identity between the authentication biometric information of the user received from any one of the plurality of individual services and the managed biometric original information, and the authentication result Information is transmitted to the service at the location. The verification of the probability of identity may be verification of one type of biological information or verification by a combination of a plurality of types of biological information. In verification using a combination of a plurality of types of biometric information (for example, a combination of face authentication and palm vein authentication, etc.), authentication accuracy can be increased and authentication safety can be increased. In addition, the probability of identity may be, for example, percentage, M level in L level (for example, 9th level in 10 levels), high, medium or low, etc. Depends on request.

For example, a specific example of verification of the probability of identity by a combination of face authentication and palm vein authentication will be described. The following cases 1 to 1 are assumed: the identity authentication acceptance probability by face authentication = 98%, the identity misrecognition rejection probability = 2%, the identity authentication acceptance probability by palm vein authentication = 99%, and the identity misrecognition rejection probability = 1%. 5 will be described. Here, the identity authentication acceptance probability indicates a rate of correctly accepting the principal, and the identity misrecognition rejection probability indicates a rate of the identity being rejected erroneously, that is, FRR (False Rejection Rate). Also, in each of face authentication and palm vein authentication, the case where it is determined that the same biometric authentication original information as the authentication biometric information exists is represented as “positive”, and the same biometric authentication original information as the authentication biometric information does not exist. Is determined as “false”.
Case 1: When face authentication is positive and palm vein authentication is positive, “0.98 × 0.99 = 0.9702”, and the identity authentication acceptance probability is 97.2%.
Case 2: If face authentication is wrong and palm vein authentication is correct, “0.02 × 0.99 = 0.198” is obtained, and the identity authentication acceptance probability is 1.98%.
Case 3: If the face authentication is correct and the palm vein authentication is incorrect, “0.98 × 0.01 = 0.008” and the probability of accepting the identity authentication is 0.98%.
Case 4: If the face authentication is wrong and the palm vein authentication is wrong, “0.02 × 0.01 = 0.0002” and the identity authentication acceptance probability is 0.02%.
Case 5: If either one of the face authentication and palm vein authentication is positive, the result is “1−0.02 × 0.01 = 0.998”, and the identity authentication acceptance probability is 99.98. Become.

  Returning to FIG. 13, in step S <b> 302, the authentication data management function unit 330 acquires the authentication result from the authentication function library function unit 340. Further, the authentication data management function unit 330 performs multiple comparison (for example, triple comparison) with biometric authentication original information managed by multiplexing (for example, triple), and each authentication result is an authentication function library function. Acquired from the unit 340. The authentication data management function unit 330 passes the authentication result to the authentication service management function unit 310.

  In step S <b> 304, the user management function unit 320 extracts user information of the user who has been subjected to the authentication process, and passes it to the authentication service management function unit 310. This user information is user information of a user ID (external) associated with the authentication biometric information subjected to the authentication process, and is, for example, a user name.

  Next, in step S <b> 306, the authentication service management function unit 310 authenticates the terminal 50 with the authentication result acquired from the authentication data management function unit 330 and the user information acquired from the user management function unit 320. Authentication result information for notifying is generated. Then, the authentication service management function unit 310 transmits the generated authentication result information to the individual AP system 100 or the business PF system 200.

  In step S <b> 308, the individual AP system 100 or the business PF system 200 receives the authentication result information transmitted from the authentication service management function unit 310 and transmits the received authentication result information to the terminal 50.

  In step S310, the terminal 50 receives the authentication result information transmitted from the individual AP system 100 or the business PF system 200, displays the authentication result based on the received authentication result information, and performs processing according to the authentication result. Do. For example, when the authentication result is authentication OK, information indicating the authentication OK and the user name are displayed, and the individual service is started. On the other hand, when the authentication result is authentication NG, information indicating authentication NG is displayed, and the user authentication screen is displayed again without starting the individual service.

  As described above, the biometric authentication PF system 300 receives user biometric information transmitted from each of a plurality of individual services, and transmits authentication processing result information for the received biometric information to each individual service. Each functional configuration (authentication service management function unit 310, user management function unit 320, authentication data management function unit 330, and authentication function library function unit 340) included in the biometric authentication PF system 300 includes a plurality of individual service terminals 50. Or the individual AP system 100 and the business PF system 200.

FIG. 15 is an explanatory diagram illustrating independence and safety of the biometric PF system 300. The biometric PF system 300 is not dependent on the individual service but is independent. As described above, interface specifications (API, DI, and UI specifications) related to communication between the biometric authentication PF system 300 and the terminal 50, the individual AP system 100, and the business PF system 200 are defined. Provided for service. Further, the user ID is divided into two different IDs for the outside and inside of the biometric authentication PF system 300. Therefore, the biometric PF system 300 is configured to be unaffected by changes in individual services (terminal 10, individual AP system 100) that use the biometric authentication service.
Therefore, the biometric authentication PF system 300 is almost unaffected because it is independent even when a change, malfunction, or failure occurs in the terminal 50, the individual AP system 100, or the business PF system 200. high.

  As described above, the biometric authentication PF system 300 is separated and independent from the individual service (terminal 10 and individual AP system 100) used by the user and the biometric authentication PF system 300 that relays the individual service. It is independent and unaffected by data formats, operations, investments, and management of users. Therefore, the biometric authentication PF system 300 can provide a biometric authentication service having both independence and safety by the platform system.

[Overview of usage scenes]
Next, an outline of a usage scene of the biometric PF system 300 will be described.
FIG. 16 is an explanatory diagram for explaining an outline of a usage scene of the biometric authentication PF system 300.
(1) At the time of registration of biometric authentication original information In principle, biometric authentication original information is registered in the biometric PF system 300 based on the voluntary intention of the user. This principle is important because biometric information is immutable personal information and personal identification information. In addition, when there is validity in social customs, such as confirmation of an unidentified person such as a deceased person due to dementia, the case of registering biometric original information at the discretion of a family member or an administrative institution is exceptionally permitted.
(2) When using a biometric authentication service When a biometric authentication reason (such as commercial transaction, medical care healthcare, confirmation of unidentified person, issuance of a certificate in electronic administration) occurs, the biometric authentication PF system 300 is registered in advance. The biometric authentication original information and the biometric information for authentication (user's own biometric information) sent from the authentication request source at the time of the occurrence of the event are collated, and the probability of identity or inconsistency is obtained. (Evaluation result information) is notified to the authentication request source. How the received probability value is handled depends on the contents (contents determined by business model, contract, law, etc.) defined in the received business PF system 200, individual AP system 100, or terminal 50.

[Prohibition of unintended use]
As described above, in principle, biometric original information is registered based on the user's own intention. Here, in the biometric authentication PF system 300 according to the present embodiment, the purpose of use of the authentication process based on the registered biometric authentication original information can be limited by the desire of the user himself / herself. In addition, authentication processing using registered biometric authentication original information can be made available to a plurality of individual services at the request of the user himself / herself. For example, the biometric authentication PF system 300 manages the purpose of use of authentication processing for each user and for each type of biometric information, and prohibits unintended use.

  Specifically, the authentication permission unit 315 of the authentication service management function unit 310 controls whether or not to permit the execution of authentication processing for each of a plurality of individual services. Here, management information related to the purpose of use of biometric authentication processing for each user is stored in the control information storage unit 318. By referring to this management information, the authentication permission unit 315 permits execution of the authentication processing. Control whether to do. For example, in this management information, it is registered in advance that the authentication process within the purpose of use is permitted to be executed.

  For example, the user registers an individual service that permits the execution of authentication processing using the biometric authentication original information when registering his or her biometric authentication original information or as a purpose of use after registration. The registration unit 314 of the authentication service management function unit 310 stores control information for associating biometric authentication original information with information (permitted service information) indicating an individual service that permits execution of authentication processing based on the biometric authentication original information. Store in the unit 318.

  The authentication permission unit 315 refers to the control information storage unit 318 and permits the execution of the authentication process when permission to execute the authentication process is registered in advance. On the other hand, the authentication permission unit 315 does not permit the execution of the authentication process when permission to execute the authentication process is not registered in advance. For example, in the control information storage unit 318, an individual AP sysID indicating the individual AP system 100 that permits the execution of the authentication process and a business PF sys ID indicating the business PF system 200 are registered in advance. Then, the authentication permission unit 315 controls whether or not to permit the execution of the authentication process for each individual APsysID indicating the individual AP system 100 that transmits the biometric information for authentication and for each business PFsysID that indicates the business PF system 200.

In the control information storage unit 318, the type of biometric original information that permits the execution of the authentication process is registered in advance. And the authentication permission part 315 permits execution of an authentication process for every kind of individual APsysID which shows the individual AP system 100 which transmits biometric information for authentication, business PFsysID which shows the business PF system 200, and biometrics original information. It may be controlled whether or not.
In the control information storage unit 318, it may be registered in advance that the execution of the authentication process is not permitted. In this case, the authentication permission unit 315 does not permit the execution of the authentication process when it is registered in advance that the execution of the authentication process is not permitted.

  FIG. 17 is an explanatory diagram for explaining an example of prohibiting use other than the purpose of authentication processing. In this figure, an example will be described in which authentication processing using one piece of biometric authentication original information is limited to the use of one individual service. The use information setting table TBL 318A is stored in the control information storage unit 318 of the authentication service management function unit 310. The usage purpose setting table TBL 318A includes a user ID (internal) for identifying a user, an individual AP sysID indicating the individual AP system 100 that permits the execution of the authentication process, and a business that indicates the business PF system 200 that permits the execution of the authentication process. The PFsysID and the biometric information type ID indicating the type of biometric authentication original information that permits the execution of the authentication process are stored in association with each other. The information stored in the use purpose setting table TBL 318A is management information related to the use purpose of the above-described biometric authentication process for each user, and is set at the time of registration of biometric authentication original information according to an instruction from the user himself, for example. After that, changes such as addition and deletion can be made.

  In the example shown in this figure, face authentication processing based on face authentication original information (biometric information type ID “S1”) of a user whose user ID (internal) is “X1” (hereinafter also referred to as “user X1”) It is shown that only the individual AP system 100 whose APsys ID is “E2” (hereinafter also referred to as “individual AP system E2”) is permitted to execute. That is, use of the face authentication process for the user X1 is permitted for the individual AP system E2 (a contract relationship is established), and use for other individual services is restricted. Thereby, the biometric authentication PF system 300 permits the individual AP system E2 to execute the face authentication process of the user X1 (authentication execution) and prohibits the other individual AP system 100 (authentication rejection). ).

  FIG. 18 is an explanatory diagram for explaining another example of prohibiting use outside the purpose of authentication processing. In this figure, an example will be described in which authentication processing based on one piece of biometric authentication original information is set to be usable by a plurality (here, two) of individual services. In this example, a use purpose setting table TBL 318B is stored in the control information storage unit 318 of the authentication service management function unit 310. In the usage purpose setting table TBL318B, as in the usage purpose setting table TBL318A of FIG. 17, it is indicated that the face authentication process based on the face authentication original information of the user X1 is permitted to be executed by the individual AP system E2. Further, in this use purpose setting table TBL 318B, the face authentication process based on the face authentication original information of the user X1 is performed by using the individual AP system 100 whose individual APsys ID is “E3” (hereinafter also referred to as “individual AP system E3”) and the business PFsysID. Indicates that the business PF system 200 of “F3” (hereinafter also referred to as “business PF system F3”) is permitted to execute. That is, the face authentication process for the user X1 is permitted to be used by both the individual AP system E2 and the individual AP system E3 via the business PF system F3 (a contract relationship is established), and other individual Use of services is restricted. Thereby, the biometric authentication PF system 300 permits the individual AP system E2 and the individual AP system E3 to execute the face authentication process of the user X1 (authentication execution), and does not perform any other individual AP system 100. Prohibited (authentication denied).

FIG. 19 is a flowchart illustrating an example of processing in which the authentication permission unit 315 controls whether to permit execution of authentication processing according to the purpose of use. The process shown in this figure is a part of the process performed in step S204 shown in FIG.
In step S1010, the authentication permission unit 315 acquires the biometric information for authentication received by the receiving unit 312 as a biometric authentication request from the individual service. The biometric information for authentication is associated with a user ID (external), a biometric information type ID, an individual AP sysID, and a business PFsys ID. When the business PF system 200 is not passed, the business PFsysID is not associated with the authentication biometric information. Also, when the receiving unit 312 directly receives from the terminal 50, the individual APsysID corresponding to the individual service using the biometric authentication service in the terminal 50 is associated with the authentication biometric information.

  In step S1012, the authentication permission unit 315 refers to the original information table TBL331, and whether biometric authentication original information is registered based on the user ID and biometric information type ID associated with the authentication biometric information. Determine whether or not. When the corresponding biometric authentication original information is not registered (step S1021: NO), the process proceeds to step S1018, and the authentication permission unit 315 prohibits the execution of the authentication process. On the other hand, when the corresponding biometric authentication original information is registered (step S1021: YES), the process proceeds to step S1014, and the authentication permission unit 315 determines whether or not the authentication processing for the authentication biometric information is permitted (that is, Whether it is within the purpose of use) or not. Specifically, the authentication permission unit 315 refers to management information (for example, usage purpose setting tables TBL318A and TBL318B) that is stored in the control information storage unit 318 and related to the usage purpose of biometric authentication processing for each user. Authentication processing for the authentication biometric information based on the user ID (external) (corresponding user ID (internal)), biometric information type ID, individual APsysID, business PFsysID, etc. associated with the biometric information for authentication It is determined whether or not execution is permitted.

  If the authentication permission unit 315 determines that the execution of the authentication process is permitted (step S1014: YES), the authentication permission unit 315 determines that the use is within the purpose, and proceeds to step S1016 to permit the execution of the authentication process. On the other hand, if the authentication permission unit 315 determines that the execution of the authentication process is not permitted (step S1014: NO), the authentication permission unit 315 determines that the use is not intended, and proceeds to step S1018. Prohibit execution of processing. For example, the authentication permission unit 315 transmits information indicating the prohibition of authentication to the individual service of the biometric authentication request source via the transmission unit 313 and notifies it.

  As described above, the biometric authentication PF system 300 according to the present embodiment restricts the authentication processing using the biometric original information registered by the user to the use within the purpose by prohibiting the use for the purpose other than the purpose. Can do. For example, since only individual services contracted in advance with the biometric PF system 300 accept biometric authentication, it is safe without reference to one's own biometric information during non-notification, unknowingness, or disapproval. . Further, the biometric authentication PF system 300 can use one piece of biometric authentication original information for biometric authentication in a plurality of individual services based on the desire of the user. For example, the biometric authentication PF system 300 associates one piece of biometric authentication original information with the individual AP system 100 or the business PF system 200 used for biometric authentication even if the user does not register a plurality of pieces of biometric authentication original information. Since one piece of biometric authentication original information can be used for biometric authentication in a plurality of individual services, multiple registration of biometric authentication original information can be avoided.

[Prohibition of double registration of original biometrics information]
As described above, the biometric authentication PF system 300 according to the present embodiment can register one piece of biometric authentication original information and use the one piece of biometric authentication original information for biometric authentication in a plurality of individual services. It is. Therefore, the biometric authentication PF system 300 performs control so that the same type of biometric information of the same user is not registered twice as biometric authentication original information.

  FIG. 20 is an explanatory diagram for explaining double registration prohibition processing of biometric authentication original information. The biometric authentication PF system 300 includes biometric information for original registration and biometric authentication original information (biometric authentication original information-1, biometric authentication original information-2, ..., the process of verifying the probability of identity with biometric authentication original information-m) (identity check) is performed using the biometric authentication function of the authentication function library function unit 340. If it is determined that the same biometric original information exists with high probability, the biometric authentication PF system 300 does not register the biometric information for original registration as biometric original information (cannot register original). On the other hand, if the biometric authentication PF system 300 determines that the same biometric original information does not exist with high probability, the biometric authentication PF system 300 permits registration of the original biometric information for biometric authentication as biometric original information (possible to register original data). ). Here, for example, when the probability of identity is equal to or higher than a first threshold (for example, 95%), the biometric authentication PF system 300 determines that the biometric authentication original information is the same with high probability. Further, for example, when the probability of identity is less than a second threshold (for example, 10%), the biometric authentication PF system 300 determines that the biometric authentication original information is not the same with high probability. Thereby, the biometric authentication PF system 300 can avoid the same biometric authentication original information of the same user being registered twice.

FIG. 21 is a flowchart illustrating an example of a double registration prohibition process for biometric authentication original information. The process shown in this figure is a part of the process performed in step S104 and step S108 shown in FIG.
In step S2010, when the receiving unit 312 receives the biometric information for original registration, the registration unit 314 of the authentication service management function unit 310 acquires the received biometric information for original registration. A user ID (external) and a biometric information type ID are associated with the biometric information for original registration.

  In step S2012, the registration unit 314 passes the acquired biometric information for original registration, the user ID (external), and the biometric information type ID to the authentication data management function unit 330. The authentication data management function unit 330 uses the biometric authentication function of the authentication function library function unit 340 to correspond to the biometric information for original registration and the user ID (external) among the registered biometric original information managed. The identity is verified by comparing the user ID (internal) and the biometric authentication original information associated with the biometric information type ID (one-to-one comparison). The authentication data management function unit 330 compares the biometric information for original registration with the biometric authentication original information of all the users associated with the biometric information type ID among the registered biometric authentication original information managed. Then, the identity may be verified (1 to N comparison). For example, the authentication data management function unit 330 passes information indicating the probability of identity to the registration unit 314 of the authentication service management function unit 310 as the identity verification result.

  In step S2014, the registration unit 314, based on the verification result of the identity from the authentication data management function unit 330, registers the biometric information for original registration registered in the authentication data management function unit 330. When it is determined that the original information is identical (high probability and identical) (step S2014: YES), the process proceeds to step S2016 and biometric authentication original information based on the original registration biometric information is not registered (original registration). Impossible). On the other hand, if it is determined that the biometric information for original registration is not identical to any of the registered biometric original information managed by the authentication data management function unit 330, the registration unit 314 proceeds to step S2018. The biometric authentication original information based on the biometric information for original registration is registered (original registration is possible).

  As described above, in the biometric authentication PF system 300 according to the present embodiment, when the receiving unit 312 receives the user's original registration biometric information, the authentication service management function unit 310 receives the received original registration biometric information and the authentication. To provide a highly secure authentication system because the same biometric information of the same user is not registered twice as biometric original information based on the registered biometric original information managed by the data management function unit 330. Can do.

In addition, the registration unit 314 obtains user's original registration biometric information received from a plurality of individual services. For example, it is assumed that the registration unit 314 registers the biometric information for original registration acquired from a certain individual service as the biometric authentication original information. In this case, the registration unit 314 acquires the same original registration biometric information for the same user (information for registering as biometric authentication original information) from another individual service even if it is acquired from another individual service. The biometric information for original registration is not registered as biometric original information.
Thereby, the biometric authentication PF system 300 can avoid the biometric authentication original information already registered from a certain individual service being double-registered by registration from another individual service.

  The registration unit 314 registers the same original registration biometric information (biometric authentication original) of the same user after elapse of a predetermined period or more after registering the original registration biometric information acquired from an individual service as biometric authentication original information. Information for registration as information) is acquired from any individual service. In that case, the registration unit 314 may re-register the acquired biometric information for original registration as biometric authentication original information. Thereby, the biometric authentication PF system 300 allows the user to re-register biometric authentication original information when a change occurs in the user's biometric information after a long time (for example, 20 years) has elapsed since registration. The authentication process can be appropriately executed.

  For example, the registration unit 314 registers biometric information for original registration acquired from an individual service as biometric authentication original information, and registers the same original biometric information for original registration (biometric authentication original information for the same user). ) Is obtained from any individual service. In this case, the registration unit 314 re-registers the acquired original registration biometric information as biometric authentication original information. Accordingly, the biometric authentication PF system 300 can limit the type of biometric authentication that can re-register biometric authentication original information to a specific biometric authentication (for example, face authentication) when a long time has elapsed since registration. Can increase the sex.

  The biometric authentication PF system 300 performs double registration of biometric information for original registration through one or more duplication checks such as a user ID (internal), biometric information type ID, vendor ID, library ID, version information, sequence ID, and the like. Processing to prohibit may be added. In this case, the biometric authentication PF system 300 may omit the process of verifying the probability of identity between the biometric information for original registration and the registered biometric original information.

[Biometric authentication original information management method (encoding, encryption, encapsulation, and fragmentation)]
The biometric authentication PF system 300 manages biometric authentication original information that has been encoded, encrypted, encapsulated, and divided and fragmented. Note that some of coding, encryption, encapsulation, and fragmentation may be applied.

FIG. 22 is an explanatory diagram for explaining a management method of biometric authentication original information.
Encoded and encrypted biometric original information (code information) is encapsulated and divided into fragments. Divided and fragmented biometric original information (code information that has been fragmented and fragmented) is stored and managed in the original information storage unit 333. For example, the following forms 1, 2 and Any form 3 may be used, and any form can be adopted depending on the design conditions of a specific project.

  (Mode 1) The original information storage unit 333 is composed of one storage device, and the original information management unit 331 stores and manages each piece of information obtained by dividing biometric authentication original information into the same storage device. To do.

  (Mode 2) The original information storage unit 333 may be configured by a plurality of storage devices, and the original information management unit 331 distributes each piece of information obtained by dividing the biometric original information into a plurality of storage devices. It may be stored and managed.

  (Mode 3) The original information storage unit 333 may be configured by a plurality of storage devices, and the plurality of storage devices may be distributed and installed in a plurality of data centers. Then, the original information management unit 331 may distribute and store each piece of information obtained by dividing the biometric original information into multiple data centers for management. A data center is a facility that installs and operates various computer devices (such as servers) and communication devices such as the Internet and telephone lines.

Next, coding will be described. For example, when the received biometric information for original registration is bare information, the biometric authentication PF system 300 performs encoding when registering as biometric original information. On the other hand, the biometric authentication PF system 300 does not perform double encoding when the received biometric information for original registration is encoded code information. The biometric authentication PF system 300 does not perform double encoding even when the received biometric information for original registration is encoded and encrypted information.
Here, when the biometric information for original registration is bear information, a recoverable coding is adopted according to the specification. Specifically, it is determined according to design requirements. As a coding method, a known technique (for example, a stable method) can be used. The encoding function is often provided with an authentication function provided by a vendor, and in that case, the function may be used.

  Next, encryption will be described. As for encryption, the biometric authentication PF system 300 appropriately determines a known technique and applies it to all biometric information for original registration in principle. For example, if the received biometric information for original registration is bare information, the biometric authentication PF system 300 encrypts the biometric authentication original information when registering it as biometric original information. The biometric authentication PF system 300 is also encrypted when the received biometric information for original registration is encoded code information (unencrypted code information or unencrypted code information). Turn into. Further, the biometric authentication PF system 300 also performs double encryption even when the received biometric information for original registration is encoded and encrypted code information.

  The biometric authentication PF system 300 determines whether or not to permit double encryption depending on which biometric authentication biometric information to be registered as biometric authentication original information is used for the biometric authentication function. Thus, it may be controlled whether or not to perform double encryption. For example, the biometric PF system 300 includes a double encryption permission table in which a library ID is associated with information indicating whether or not double encryption is permitted. For example, in general, information indicating that double encryption is permitted is generally set, but when the security is sufficiently secured and the performance target (for example, the authentication speed target) is desired to be cleared, Information indicating that encryption is not permitted is set. When the biometric authentication PF system 300 receives the biometric information for original registration, the biometric authentication PF system 300 refers to the double encryption permission table to determine whether or not to permit double encryption, and according to the determination result. Controls whether or not to perform double encryption. The biometric authentication PF system 300 refers to the biometric authentication function table TBL 341 and associates the biometric information type ID with the biometric information type ID and the vendor ID when the received biometric information for original registration is associated with the vendor ID. A library ID is specified based on the vendor ID. Further, a library ID may be associated with the received biometric information for original registration. In this case, the biometric authentication PF system 300 is based on the library ID associated with the received biometric information for original registration. It is determined whether or not double encryption is permitted. Accordingly, the biometric authentication PF system 300 can improve performance (for example, authentication speed) by allowing the double encryption not to be performed, for example, when safety is sufficiently ensured. it can.

  As an encryption method, an appropriate method is adopted after ascertaining safety, stability, and performance from among known techniques. Known encryption methods include a common key method (secret key method), a public key method, a hybrid encryption method, and the like. The common key method (secret key method) includes a block encryption method and a stream encryption (sequential encryption) method. Examples of block ciphers include DES (Data Encryption Standard), FEAL (Fast Data Encryption Algorithm), and MULTI2. Examples of stream encryption (sequential encryption) methods include RC4, A5, MULTI-S01, and the like. Examples of the public key method include an RSA method, a DSA (Digital Signature Algorithm) method, and an ECDSA (elliptic curve DSA) method. The hybrid encryption method is a method in which the public key method and the common key method are combined, and is a method that complements the disadvantages of both the processing overhead of the public key method and the key transfer difficulty of the common key method. This is a method in which plaintext is encrypted by a common key method, and the “common key itself” used for the encryption is encrypted by a public key method.

  Next, encapsulation will be described. The above encoded and encrypted information is further encapsulated. In the case where the authentication function provided by the vendor has a coding function, it is effective to perform encapsulation in order to increase safety in view of the possibility that the specification is specified. Encapsulation may be specified information and fixed length method, or TLV format (Tag + Length + Value), and any of specific character & specific capsule length method (tag length 2 bytes for character A, tag length 3 bytes for character B, etc.), etc. This method may be used. The specific implementation is determined by the design requirements. Note that encapsulation may be further performed after the fragmentation.

Next, division fragmentation will be described. Split fragmentation does not take an overly complex scheme. For example, when adopting a two-division method, a simple recombination process in which the first fixed length (128 bytes, 256 bytes, etc.) is the first file and the remaining variable length part is the second file. Take. In addition, when adopting a three-division method, a method that allows easy recombination processing such as a fixed length for the first file, a fixed length for the second file, and a variable length for the third file is adopted.
Each divided fragmented file is also encapsulated.

  Hereinafter, specific examples of encapsulation and divided fragmentation will be described with reference to FIGS. FIG. 23 is an explanatory diagram for explaining an example of division fragmentation in the two-division method. When biometric authentication PF system 300 receives encoded and encrypted biometric information (hereinafter also referred to as “encoded / encrypted biometric information”) as biometric information for original registration (first step), capsule information (header) And the footer) are added to encapsulate the entire “encoded / encrypted biometric information” (second step). The capsule information (header) is information added to the head of “encoded / encrypted biometric information”, and includes information such as a tag (TAG) and a data length (Length). Here, the tag includes identification information for identifying the capsule (here, “A1”), biometric information type ID (here, “S1”), vendor ID (here, “B1”), and the like. The data length is information indicating the data length of “encoded / encrypted biometric information” (here, “L1”). On the other hand, capsule information (footer) is information added to the end of “encoded / encrypted biometric information” and includes information such as check bits and tags. The check bit is a bit error detection bit. The tag of capsule information (footer) includes frame end identification information (here, “FE”) indicating the end of data.

Next, the biometric authentication PF system 300 performs “capsule information (header)” and “previous stage of encoded / encrypted biometric information” that have a predetermined fixed length for the encapsulated data generated in the second step. The combined data is used as the first file, and the remaining variable-length "following stage of encoded / encrypted biometric information" and "capsule information (footer)" are used as the second file, divided into two pieces and re-encapsulated. (3rd step).
At this time, each capsule information (header and footer) is added to the first file and the second file. The capsule information (footer) added to each file includes information such as check bits and tags (here, “FE”).

  Each capsule information (header) of the first file and the second file includes information such as a tag and a data length. The tag of each file indicates information that uniquely indicates both of the divided fragments (here, “Y1”), the number of divided fragments (here, “2”), and whether it is a start frame or an end frame. Information (here, “S” as information indicating a start frame in the first file and “E” as information indicating an end frame in the second file) is included. In addition, the data length of the first file (here, “L2-1”) is the sum of “capsule information (header)” added in the second step and “previous stage of encoded / encrypted biometric information”. This is information indicating the data length (fixed length). The data length of the second file (here, “L2-2”) is the total data length (variable length) of “encoded / encrypted biometric information” and “capsule information (footer)”. It is information which shows.

  FIG. 24 is an explanatory diagram illustrating an example of division fragmentation in the three-division method. In the three-division method shown in this figure, only the third step is different from the two-division method shown in FIG. The biometric authentication PF system 300 combines the encapsulated data generated in the second step with “capsule information (header)” and “previous stage of encoded / encrypted biometric information” having a predetermined fixed length. Is the first file, “middle level of encoded / encrypted biometric information” having a predetermined fixed length among the remaining data is set as the second file, and the last “encoded / encrypted biometric” having a variable length is left. The “second stage of information” and “capsule information (footer)” are divided into three pieces as a third file and re-encapsulated (third step). Each capsule information (header and footer) is added to the first file, the second file, and the third file. The capsule information (footer) added to each file includes information such as check bits and tags (here, “FE”).

  Each capsule information (header) of the first file, the second file, and the third file includes information such as a tag and a data length. The tag of each file includes information indicating uniquely both of the divided fragments (here, “Y1”), the number of divided fragments (here, “3”), start frame, intermediate frame, or end frame. (In this case, “S” as information indicating the start frame in the first file, “M” as information indicating the intermediate frame in the second file, and “E” as information indicating the end frame in the third file) ]) And the like. The data length of the first file (here, “L2-1”) is the total data of “capsule information (header)” added in the second step and “previous stage of encoded / encrypted biometric information”. This is information indicating the length (fixed length). The data length of the second file (here, “L2-2”) is information indicating the data length (fixed length) of “middle of the encoded / encrypted biometric information”. Further, the data length of the third file (here, “L2-3”) is the total data length (variable length) of “encoded / encrypted biometric information” and “capsule information (footer)”. It is information which shows.

  Note that the method of division fragmentation is not limited to the above-described method, and if there is a specific method with a high recombination processing speed established, that method may be adopted. In a specific implementation, it is determined by a request (the size of biometric authentication original information, the processing time allowed for authentication processing, the hardware to be installed, the performance of software, etc.). For example, in the above-described example, the example in which the capsule information of the header and footer is added at the time of encapsulation has been described, but only the capsule information of the header may be added at the time of encapsulation. In addition, the biometric PF system 300 may perform only one or both of the encapsulation and the fragmentation.

For example, in the biometric authentication PF system 300, the original information management unit 331 of the authentication data management function unit 330 further encodes and encrypts a plurality of types of biometric authentication original information for each type of biometric information and for each user. Manage by performing either or both of encapsulation and split fragmentation. For example, when biometric authentication function programs are provided from a plurality of vendors, biometric authentication function programs with different algorithms may be used as a library. Therefore, the original information management unit 331 further encodes and encrypts multiple types of biometric authentication original information for each algorithm of the biometric authentication function, and further performs either or both of encapsulation and division fragmentation. May be managed. In addition, the original information management unit 331 further encapsulates or divides a plurality of types of biometric authentication original information by further encoding and encrypting each version of the biometric authentication function algorithm (each program version). Either one or both may be managed. The original information management unit 331 may manage a plurality of types of biometric authentication original information encoded and encrypted for each vendor by further performing either or both of encapsulation and divided fragmentation. .
As described above, the biometric authentication PF system 300 does not hold the biometric authentication original information as bare information, but encodes and encrypts an irreversible one, and further encapsulates or divides and / or divides the fragmented information. Therefore, it is possible to construct a database of original biometric information with high safety and reliability. In order to construct a database of original biometric authentication information with higher safety and reliability, for example, all of the above encoding, encryption, encapsulation, and division fragmentation are applied.

  The original information management unit 331 encodes, encrypts, and encapsulates the biometric authentication original information, further divides the encapsulated information into fragments, and encapsulates and manages each piece of divided information. The safety and reliability of biometric original information can be further increased.

  The original information management unit 331 acquires a plurality of types of user biometric information received from a plurality of individual services, and compares the acquired biometric information with the biometric authentication original information for at least one type of biometric information, Based on the collation result, the biometric authentication original information obtained by adding other types of acquired biometric information to the biometric authentication original information is encoded and encrypted, and either encapsulated or divided fragmented or You may manage by doing both. Accordingly, for example, when the user has already registered biometric authentication original information for fingerprint authentication, and the user subsequently requests registration of biometric authentication original information for fingerprint authentication and palm vein authentication, the biometric authentication PF system 300 The biometric authentication original information for palm vein authentication can be additionally registered on condition that the identity is confirmed by fingerprint authentication. In this case, to confirm the identity in fingerprint authentication, the original information management unit 331 may cause the authentication function library function unit 340 to perform authentication processing.

[Authentication process by multiplexing biometric authentication original information]
A defect in biometric authentication original information (for example, data destruction, falsification, etc.) occurs probabilistically by hardware, software, operation, etc., and it is difficult to make it zero. In order to avoid the possibility that data destruction / falsification etc. occurs and the authentication process cannot be performed correctly, and the possibility that correct authentication process cannot be performed without being able to recognize the destruction / falsification etc., the biometric authentication PF system 300 Biometric original information may be multiplexed and held.

  For example, in the biometric authentication PF system 300, the original information management unit 331 of the authentication data management function unit 330 generates a plurality of pieces of the same biometric original information based on the user's original registration biometric information received from a plurality of individual services. to manage. Here, the plurality of identical biometric authentication original information is a plurality of pieces of biometric authentication original information obtained by multiplexing the same user and the same type of biometric information. Multiplexed identical biometric authentication original information may be generated by duplicating from one authentication biometric information or one biometric authentication original information, or obtaining a plurality of authentication biometric information of the same type from the same user May be generated. The authentication unit 341 of the authentication function library function unit 340 uses majority logic based on user authentication biometric information received from a plurality of individual services and a plurality of the same biometric original information managed by the original information management unit 331. Thus, the authentication result of the authentication process between the biometric information for authentication and the biometric authentication original information is determined. For example, the authentication unit 341 performs an authentication process based on biometric information for user authentication received from a plurality of individual services and each of a plurality of identical biometric authentication original information managed by the original information management unit 331. An authentication result is determined using majority logic for each authentication result. Here, a case where biometric authentication original information is tripled will be described as an example.

  Note that determining the authentication result using the majority logic means adopting the majority authentication result. For example, in the case of triple, when the three authentication results comparing the biometric information for authentication with each of the three pieces of biometric authentication original information are three-party match, the authentication result is selected, and in the case of two-to-one Selects the authentication result of the second.

  FIG. 25 is an explanatory diagram for explaining the high safety due to the triple of the biometric authentication original information. In this figure, an example of triple of biometric authentication original information and an example of duplex for comparison are shown. In the triple example, three pieces of biometric authentication original information “A”, “B”, and “C” are managed as a plurality of pieces of the same biometric authentication original information, and authentication results with each of the three pieces of biometric authentication original information are displayed. Show. If the managed biometric original information is normal, the identity authentication is accepted (correct authentication result), and if the managed biometric original information is defective, the identity is rejected false (incorrect authentication result). Then, either a correct authentication result or an incorrect authentication result is selected using majority logic. On the other hand, in the example of duplication, two pieces of biometric authentication original information “A” and “B” are managed as a plurality of identical biometric authentication original information, and the authentication result with each of the two pieces of biometric authentication original information is shown. Yes. In duplexing, if one of them is misidentified, it is impossible to determine which one is correct. Therefore, in both cases, the identity authentication is accepted only when the identity authentication is accepted.

  Here, assuming that the identity authentication acceptance probability = 0.999 (99.9%) and the identity misidentification rejection probability = 0.001 (0.1%) (so-called Three9), it is erroneous in the case of the duplex method. The probability of guiding the selection is “1−0.9999 × 0.999 = 1.999E-03”. On the other hand, in the case of the triple method, the probability of inducing an incorrect selection is “1−0.9999 × 0.999 × 0.999−3 × (0.001 × 0.999 × 0.999) = 2. 998E-06 ". Further, if the identity authentication acceptance probability = 0.9999 (99.99%) and the identity misrecognition rejection probability = 0.0001 (0.01%) (so-called Four9), an incorrect selection is made in the case of the duplex method. The probability of inducing is “1-0.9999 × 0.9999 = 1.9999E-04”. On the other hand, in the case of the triple method, the probability of inducing an incorrect selection is “1−0.9999 × 0.9999 × 0.9999−3 × (0.0001 × 0.9999 × 0.9999) = 2. .9998E-08 ".

  Therefore, in the case of triple, the possibility of inducing incorrect selection is about 1/1000 compared to the case of double, which is effective for the validity of the original and the validity of the authentication result. The multiplexing is not limited to triple, and more multiplexing is also possible. Increasing the number of multiplexes reduces the likelihood of inducing incorrect selections and increases the effect. In the case of not multiplexing, if a defect occurs in one piece of biometric authentication original information, the selection is incorrect by 100%.

  Note that the multiplexing process increases the overhead of authentication processing. In order to reduce this overhead, for example, hardware and software systems and specifications for executing authentication processing are selected with emphasis on processing speed. For example, hardware for executing the authentication process employs a high-speed CPU and a large capacity memory, and a data storage method is basically an in-memory database. The storage device (storage) is basically SSD / flash storage. Specifically, depending on the number of multiplexing, the required processing speed, and the like, it is selected as appropriate so as to satisfy the required specifications, and if low specifications are acceptable, it is acceptable. In addition, with respect to the mounting locations of the multiplexed files of biometric original information stored in the original information storage unit 333, in consideration of safety against occurrence of hardware problems, (1) different storage devices are used. (2) When the storage device is distributed in a plurality of cases, the case is different. (3) When the storage device is in one case, the memory components and members in the case are different. A method such as, for example, can be considered. For example, one of the methods is selected in the priority order of (1), (2), and (3).

  In addition, the biometric authentication PF system 300 executes authentication processing by multiplexing for each transaction in principle, but even if it is executed at regular intervals (every hour, every 12 hours, every 24 hours (nighttime), etc.). Good. For example, the biometric authentication PF system 300 may execute the authentication process at regular intervals depending on the purpose of the authentication process, required specifications, and the like.

  Thus, the biometric authentication PF system 300 according to the present embodiment multiplexes (for example, triples) the biometric authentication original information and determines the authentication result using the majority logic. And the validity of the authentication result can be improved, and a highly secure and reliable biometric authentication service can be provided.

  As described above, the number of multiplexing can be set to an arbitrary number of 3 or more depending on required specifications, hardware specifications, etc. However, it is desirable to use an odd number in order to use majority logic. However, for example, if the number of authentication results is “correct” and “incorrect” and the number is the same, by predetermining a rule such as “correct”, the majority logic is used with an even number of multiplexing. Is also possible.

  Further, the biometric authentication PF system 300 may manage a plurality of the same biometric original information or one biometric original information that is multiplexed according to the type of biometric authentication. Then, the biometric PF system 300 may execute an authentication process based on a plurality of the same biometric original information or one piece of biometric original information multiplexed according to the type of biometric authentication. Here, the type of biometric authentication may be based on the authentication accuracy for each type of biometric authentication. In other words, the biometric PF system 300 can execute the authentication process based on a plurality of identical biometric original information or one biometric original information multiplexed according to the accuracy of each type of biometric authentication. Good. Thereby, the biometric authentication PF system 300 can provide an authentication service of an authentication method suitable for each type of biometric authentication.

  The biometric PF system 300 may manage a plurality of identical biometric original information or one biometric original information in response to requests from a plurality of individual services. Then, the biometric authentication PF system 300 can execute authentication processing based on a plurality of identical biometric original information or one biometric original information in response to requests from a plurality of individual services. Good. Thereby, the biometric authentication PF system 300 can provide an authentication service of an authentication method suitable for each individual service.

Further, when the biometric authentication PF system 300 multiplexes and holds the biometric authentication original information, the biometric authentication PF system 300 performs a matching process between the multiplexed biometric authentication original information, thereby obtaining a plurality of multiplexed biometric authentication original information. An original check of whether or not each is normal (that is, whether or not there is identity) may be performed.
Specifically, the original information management unit 331 executes a matching process for matching each of a plurality of identical biometric authentication original information at a predetermined opportunity, and whether or not each biometric authentication original information is identical. Determine. For example, the original information management unit 331 performs the matching process using an authentication function by the authentication unit 341. Then, the original information management unit 331 uses majority logic for the determination result to determine that the majority biometric authentication original information is normal and to determine that the minority biometric original information is abnormal. Here, the predetermined trigger for executing the matching process between the multiplexed biometric authentication original information is, for example, every hour, every 12 hours, every 24 hours (nighttime), every transaction, or the like. For example, the trigger for performing the matching process is set in consideration of the balance of the transaction amount, transaction frequency, ICT device performance, software performance, and the like. In this manner, the biometric PF system 300 can construct a database of biometric original information with high safety and reliability by performing an original check on the multiplexed biometric original information.

  For example, the original information management unit 331 uses the biometric authentication original information determined to be abnormal in the matching process or the plurality of identical biometric original information including the biometric original information determined to be abnormal for the authentication process. Use is prohibited. Thereby, the biometric authentication PF system 300 can increase the validity of the original and the validity of the authentication result, and provide a biometric authentication service with high safety and reliability.

  The original information management unit 331 may replace the minority biometric original information with the majority biometric original information based on the determination result of the matching process. Thereby, the biometric authentication PF system 300 can restore the biometric authentication original information database by replacing the biometric authentication original information determined to be abnormal in the matching process with the biometric authentication original information determined to be normal.

  The original information management unit 331 manages biometric authentication original information by converting it into a predetermined code that can be compared, and whether or not each of the plurality of identical biometric original information is identical at a predetermined opportunity. Is compared with a predetermined code that can be compared, and majority determination logic is used for the determination result to determine that the majority biometric authentication original information is normal, and that the minority biometric authentication original information is abnormal. You may judge. The original information management unit 331 may have a function of performing comparison using a predetermined code that can be compared. When comparing with a predetermined code that can be compared, for example, comparison of binary data may be performed, or comparison of data by an algorithm unique to each vendor may be performed. As a result, the biometric PF system 300 can increase the processing speed of the original check rather than using the authentication function by the authentication unit 341.

  In addition, when the original information management unit 331 assigns and manages index information to each of the biometric authentication original information, and determines whether or not each of the plurality of identical biometric authentication original information is identical, the index information The biometric authentication original information to be determined may be specified using. For example, in the example of the original information table TBL331 shown in FIG. 9, when biometric authentication original information is multiplexed and stored, an original number is assigned to each of the plurality of multiplexed and stored biometric authentication original information. For example, when three identical face authentication original information is stored as the face authentication original information of the original number “S1ORG101” shown in FIG. 9, “S1ORG101-1”, “S1ORG101-2”, “ S1ORG101-3 "is given. Thereby, the biometric PF system 300 can perform index search of each biometric original information, and can increase the processing speed.

In the case where the biometric authentication PF system 300 performs the original check by the matching process between the biometric authentication original information, at least one biometric authentication original information determined to be normal among a plurality of the same biometric original information, You may perform the authentication process with the biometric information for authentication. In this case, the processing speed can be increased and the processing load can be reduced as compared with the case where authentication processing is performed for each piece of multiplexed biometric authentication original information.
As described above, the biometric authentication PF system 300 according to the present embodiment holds the biometric authentication original information multiplexed (for example, triple) and determines the authentication result using the majority logic directly or indirectly. Therefore, it is possible to increase the validity of the original and the validity of the authentication result, and provide a biometric authentication service with high safety and reliability.

[Personality and validity of original biometric information registration]
Next, the identity and validity of original registration of biometric information will be described.
In biometrics original registration, strictness is required in terms of identity and validity so as not to cause an operation error or illegal registration during registration. However, considering the spread of the biometric authentication PF system 300, it is also important that the biometric information original registration is easy. FIG. 26 is a second explanatory diagram for explaining the outline of the usage scene of the biometric authentication PF system 300.

  (A) In order to ensure the widespread use of the biometric PF system 300 and the strictness of original registration, socially trusted places, stores, etc. that satisfy the conditions such as the number of stores, convenient location, reliability, and communication facilities ( For example, biometric information for original registration is acquired in principle at stores and offices of telecommunications carriers nationwide. For example, the user himself / herself visits a telecommunications carrier's store, government office, etc., and the biometric information is registered on the terminal 50 in accordance with the instructions of the reception staff (operator, witness, etc.) Perform (form 1). Here, when acquiring biometric information with the terminal 50, it acquires by the sensor for acquiring each biometric information. For example, in the case of face authentication, it is acquired by a sensor (camera) that captures the face of the registered user. A sensor (sensor function) for acquiring the biological information is provided in the terminal 50, for example. Note that this sensor may be provided in an input device different from the terminal 50, and biological information acquired by the input device may be sent to the terminal 50. In addition, as a method of original registration that guarantees the strictness of original registration, a driver's license is assumed on the premise that it does not conflict with the permission of relevant government agencies (Ministry of Land, Infrastructure, Transport and Tourism) and related organizations (educational institutions such as universities) and the law. Photographic data such as a certificate (form 2) and student card (form 3) may be used as biometric information for original registration. In the case of form 2 and form 3, it is not necessary to take another user's photograph.

  For example, the biometric authentication PF system 300 can identify the terminal 50 that acquired the user's original registration biometric information in order to determine whether or not the terminal 50 that acquired the biometric information for original registration is a trusted place. Whether or not to register biometric original information based on the biometric information for original registration of the user may be determined based on such identification information. The identification information that can identify the terminal 50 includes a terminal physical ID, a terminal logical ID, and the like (hereinafter also referred to as “terminal ID”). This terminal ID is transmitted from the terminal 50 in association with the biometric information for original registration. Here, the function of this determination processing is a function provided in the registration unit 314, for example. Thereby, the biometric authentication PF system 300 can ensure the strictness (identity and validity) of original registration, and can provide an authentication system with high spread and safety. When the terminal 50 is a mobility terminal such as a smartphone, it is determined whether biometric authentication original information is to be registered by confirming the coincidence of the physical line ID and the logical line ID (Internet address, etc.). May be.

  Furthermore, the biometric authentication PF system 300 may perform biometric authentication of a person in charge of reception when acquiring biometric information for original registration at the terminal 50. Specifically, the registration unit 314 determines the user's original registration biometric information based on the biometric information of the person in charge who receives the input of each of the terminals 50 (an example of input devices) of the individual services. Whether or not to register biometric original information based on the biometric information for original registration may be determined. For example, if the registration unit 314 determines that the biometric information for authentication of the receptionist is identical to the biometric original information corresponding to the receptionist managed by the original information management unit 331, the registration unit 314 Biometric authentication original information based on the user's original registration biometric information received by the person is registered. On the other hand, when it is determined that there is no identity, the registration unit 314 does not register the biometric authentication original information based on the user's original registration biometric information received by the reception staff. Thereby, the biometric authentication PF system 300 registers the biometric original information after confirming the credibility of the person in charge of reception, so that a highly secure authentication system can be provided. In addition, at the time of original registration, the identity verification (presentation of photo identification such as a driver's license, passport, etc.), which is carried out by financial institutions, is also conducted in principle.

  (B) In order to ensure the strictness of the original registration, the biometric authentication PF system 300 executes a conversion function from the external ID to convert the user ID into the internal ID. Further, when considering strictness, the biometric authentication PF system 300 performs encryption. Note that if the conversion function implementation is considered to have substantially the same effect as the encryption, the encryption may be omitted again. For the conversion function and encryption, a known and stable method (such as a method using a hash function) can be applied.

  (C) Personal information (address, name, age (date of birth), gender, etc.) of the original registered user shall be provided on the assumption that the original registration will not be violated in order to ensure the strictness of the original registration. It collates with credit information used at financial institutions, etc., and communication contract information at communication carriers, etc., and confirms that it is not impersonation and that it is a person who exists.

  Specifically, when the registration unit 314 acquires biometric information for user's original registration, the biometric information based on the user's original registration biometric information is obtained based on the user's credit information or the user's communication contract information. It is determined whether or not authentication original information is registered. For example, when the registration unit 314 acquires biometric information for user original registration, the registration unit 314 collates the user information of the user with the credit information of the user or the communication contract information of the user, and the identity of the user, When the validity or the like is confirmed, biometric authentication original information based on the user's original registration biometric information is registered. Thereby, the biometric authentication PF system 300 can ensure the strictness (personality and validity) of original registration and provide a highly secure authentication system.

  When the biometric authentication original information is registered, the registration unit 314 manages the management information related to the purpose of use of the biometric authentication process for each user described above (for example, the purpose of use setting table TBL318A in FIG. 17 and the purpose of use setting table TBL318B in FIG. 18). ). Specifically, when the registration unit 314 acquires the user information of the user, the biometric information for original registration, and the permission service information, the user information (personal information) and the credit information of the user or the communication contract information of the user And biometric authentication original information is registered based on the user's original registration biometric information. The registration unit 314 associates the biometric original information with the permitted service information.

  (D) In order to ensure the strictness of the original registration, the biometric authentication PF system 300 obtains the biometric information for original registration from the terminal 50 of the biometric information for original registration and the acquisition date of the biometric information for original registration from the terminal 50. Check that the difference between the date and time of transmission is within the reasonable time required for the transmission procedure. If the difference is not a reasonable time, the biometric authentication PF system 300 determines that there is a possibility that the biometric information for original registration has been replaced, and rejects the original registration.

FIG. 27 is an explanatory diagram for explaining the flow of processing for preventing spoofing and replacement of biometric information during original registration. A process for preventing spoofing and replacement of biometric information will be described with reference to FIG.
(1) The terminal 50 acquires biometric information for original registration using a sensor function. For example, when performing original registration for face authentication, the terminal 50 captures the face of the user for original registration and acquires it as biometric information for original registration.
(2) The terminal 50 transmits the acquired original registration biometric information to the biometric authentication PF system 300. The biometric authentication PF system 300 receives the biometric information for original registration transmitted from the terminal 50.

(3) Upon receipt of the biometric information for original registration, the biometric authentication PF system 300 performs impersonation determination and replacement determination. As described above, the impersonation determination is performed based on the terminal ID from which the user's original registration biometric information is acquired, the user's credit information, the user's communication contract information, and the like.
In addition, the biometric information replacement determination is performed based on the difference between the acquisition date and time (for example, the shooting date and time) of the biometric information for original registration and the transmission date and time when the biometric information for original registration is transmitted from the terminal 50. The biometric authentication PF system 300 determines whether or not replacement is performed based on whether or not the difference between the acquisition date and the transmission date and time of the biometric information for original registration is equal to or greater than a preset threshold (predetermined time). Here, this preset threshold value will be referred to as a “GAP limit value”.

  For example, the biometric authentication PF system 300 permits original registration when the difference between the acquisition date and the transmission date of the biometric information for original registration is less than the GAP limit value (for example, less than 1 minute). On the other hand, the biometric authentication PF system 300 rejects the original registration when the difference between the acquisition date and the transmission date and time of the biometric information for original registration is equal to or greater than the GAP limit value (for example, 1 minute or more). In the example shown in the drawing, when the transmission date and time (here, transmission date and time T1) is less than the GAP limit value with respect to the acquisition date and time (for example, the photographing date and time T0) of the biometric information for original registration, the original registration is permitted. When the transmission date / time (here, transmission date / time T2) is equal to or greater than the GAP limit value, the original registration is not permitted (registration refusal). Instead of the transmission date / time of the biometric information for original registration, the reception date / time when the biometric authentication PF system 300 received the biometric information for original registration may be used.

  Specifically, in the biometric PF system 300, the registration unit 314 registers biometric original information based on the received biometric information for original registration of the user based on the received time stamp of the biometric information for original registration of the user. It is determined whether or not. Here, the time stamp includes at least information indicating the acquisition date and time when the received biometric information for original registration of the user is acquired by the terminal 50 equipped with the sensor function.

  The registration unit 314 obtains the received date and time (for example, photographing date and time) of the biometric information for original registration of the user and the transmission date and time (for example, the terminal 50) that transmits the biometric information for original registration from any of a plurality of individual services. Whether or not biometric authentication original information based on the biometric information for original registration is to be registered based on the difference from the reception date and time received by the receiving unit 312 from any one of the plurality of individual services. judge.

(4) The registration unit 314 determines that the difference between the acquisition date (for example, photographing date) of the received user's original registration biometric information and the transmission date / time or the reception date / time is less than the GAP limit value (less than a predetermined time). In some cases, biometric authentication original information based on the biometric information for original registration is registered.
(5) On the other hand, the registration unit 314 determines that the difference between the acquisition date and time (for example, the shooting date and time) of the biometric information for original registration and the transmission date and time or the reception date and time is greater than or equal to the GAP limit value (a predetermined time or more). Does not register biometric original information based on the biometric information for original registration. In this case, the biometric authentication PF system 300 transmits notification information (original registration rejection notification) indicating that original registration is not permitted to the terminal 50.

  As described above, the biometric authentication PF system 300 according to the present embodiment determines the strictness (identity and validity) of biometric information original registration by determining whether or not impersonation and biometric information are replaced at the time of original registration. And a database of original biometric information with high safety and reliability can be constructed.

  The registration unit 314 may register biometric authentication original information for specific biometric information regardless of the time stamp of the original registration biometric information. Here, the specific biological information is, for example, highly reliable biological information.

  As described above, according to the biometric authentication PF system 300 according to the present embodiment, it is possible to provide a biometric authentication service that is economical, popular, and safe.

  In this embodiment, in the biometric authentication PF system 300, authentication services using a plurality of biometric information such as face authentication, fingerprint authentication, finger vein authentication, palm vein authentication, iris authentication, tooth type authentication, voiceprint authentication, and DNA authentication. Although an example of providing authentication has been described, an authentication service using one piece of biometric information may be provided. The biometric authentication PF system 300 may be applied to biometric authentication other than face authentication, fingerprint authentication, finger vein authentication, palm vein authentication, iris authentication, tooth type authentication, voiceprint authentication, and DNA authentication.

  Note that a part or all of the functions of the biometric authentication PF system 300 in the above-described embodiment may be realized by a computer. In that case, a program for realizing the above-described function is recorded on a computer-readable recording medium, and the program recorded on the recording medium is read into a computer system and executed to realize the above-described function. Also good. Here, the “computer system” is a computer system built in the terminal device, and includes an OS and hardware such as peripheral devices. The “computer-readable recording medium” refers to a storage device such as a flexible medium, a magneto-optical disk, a portable medium such as a ROM and a CD-ROM, and a hard disk incorporated in a computer system. Furthermore, the “computer-readable recording medium” is a medium that dynamically holds a program for a short time, such as a communication line when transmitting a program via a network such as the Internet or a communication line such as a telephone line, In this case, a volatile memory inside a computer system that serves as a server or a client may be included that holds a program for a certain period of time. The program may be a program for realizing a part of the functions described above, and may be a program capable of realizing the functions described above in combination with a program already recorded in a computer system.

  In addition, part or all of the biometric authentication PF system 300 in the above-described embodiment may be realized as an integrated circuit such as an LSI (Large Scale Integration). Each functional block of the biometric authentication PF system 300 may be individually made into a processor, or a part or all of them may be integrated into a processor. Further, the method of circuit integration is not limited to LSI, and may be realized by a dedicated circuit or a general-purpose processor. In addition, when an integrated circuit technology that replaces LSI appears due to the advancement of semiconductor technology, an integrated circuit based on the technology may be used.

  The embodiment of the present invention has been described in detail with reference to the drawings. However, the specific configuration is not limited to this embodiment, and includes design and the like within a scope not departing from the gist of the present invention.

  50 terminals, 100 individual AP system, 200 business PF system, 300 biometric authentication PF system, 310 authentication service management function unit, 311 communication processing unit, 312 reception unit, 313 transmission unit, 314 registration unit, 315 authentication permission unit, 316 authentication Result acquisition unit, 318 Control information storage unit, 320 User management function unit, 321 User information management unit, 322 User information storage unit, 330 Authentication data management function unit, 331 Original information management unit, 332 Authentication management unit, 333 Original information storage 340, authentication function library function unit, 341 authentication unit, 342 authentication function storage unit, TBL321 user information table, TBL331 original information table, TBL341 biometric authentication function table, TBL318A, TBL318B Fixed table

Claims (9)

A management unit that manages original correspondence information corresponding to the original biometric information used when performing biometric authentication of a user with a plurality of services;
Information indicating an individual application system that provides an individual service, information indicating a first platform system to which a plurality of individual application systems are connected, and biometric information of a user who uses each of the plurality of individual services A receiving unit for receiving from one platform system;
An authentication unit that performs an authentication process based on biometric information of a user received by the receiving unit from the plurality of first platform systems and the original correspondence information managed by the management unit;
An authentication permission unit that controls whether or not to permit execution of the authentication process by the authentication unit for each of the plurality of services;
Equipped with a,
The authentication permission unit controls whether or not to permit execution of the authentication process by the authentication unit for each information indicating the individual application system and information indicating the first platform system.
Biometric platform system.   A registration unit that registers the original correspondence information managed by the management unit based on biometric information of a user received by the reception unit from a plurality of the first platform systems;
  The biometric platform system according to claim 1. The receiver is
Further receives information indicating the type of the user's biometric information from said first platform system,
The authentication permission unit controls whether to permit the authentication unit to execute the authentication process for each type of information indicating the individual application system, information indicating the first platform system, and the original correspondence information. To
The biometric authentication platform system according to claim 1 or 2. The authentication permission unit includes:
When it is registered in advance to allow execution of the authentication process by the authentication unit, the execution of the authentication process by the authentication unit is permitted,
When it is previously registered that the authentication unit is not permitted to execute the authentication process, and when the authentication unit is not permitted to execute the authentication process, the authentication unit performs the authentication process. Do not allow execution of authentication process,
The biometric authentication platform system according to any one of claims 1 to 3. Transmitting unit that transmits information indicating the result of the authentication process by the pre-Symbol authentication unit,
With
Configurations of the management unit, the authentication unit, the authentication permission unit, the reception unit, and the transmission unit are configured independently for the plurality of services,
Interface specifications related to communication between the reception unit and the transmission unit and the plurality of services are provided for the plurality of services.
The biometric authentication platform system according to any one of claims 1 to 4 . The authentication unit is configured to receive information indicating a probability of identity between a user's biometric information received from any one of the plurality of services and the original correspondence information managed by the management unit. Send to service,
The biometric authentication platform system according to any one of claims 1 to 5. A management unit that manages original correspondence information corresponding to the original biometric information used when performing biometric authentication of a user with a plurality of services;
Information indicating an individual application system that provides an individual service, information indicating a first platform system to which a plurality of individual application systems are connected, and biometric information of a user who uses each of the plurality of individual services A receiving unit for receiving from one platform system;
An authentication unit that performs an authentication process based on biometric information of a user received by the receiving unit from the plurality of first platform systems and the original correspondence information managed by the management unit;
An authentication permission unit that controls whether or not to permit execution of the authentication process by the authentication unit for each of the plurality of services;
Equipped with a,
The authentication permission unit controls whether or not to permit execution of the authentication process by the authentication unit for each information indicating the individual application system and information indicating the first platform system.
Biometric information management device. A biometric authentication information management method in a biometric information management apparatus,
A management process in which the management unit manages original correspondence information corresponding to the original biometric information used when performing biometric authentication of a user with a plurality of services;
Information indicating an individual application system in which the receiving unit provides an individual service, information indicating a first platform system to which the plurality of individual application systems are connected, and biometric information of a user who uses each of the plurality of individual services Receiving from the first platform system;
An authentication process in which an authentication unit executes an authentication process based on biometric information of a user received by the reception unit from a plurality of the first platform systems and the original correspondence information managed by the management unit;
When the authentication permission unit controls whether each of the plurality of services is permitted to execute the authentication process by the authentication unit , information indicating the individual application system and the first platform system For each piece of information to be shown, an authentication permission process for controlling whether to permit execution of the authentication process;
A biometric authentication information management method. To a computer as a biometric information management device,
A management procedure for managing original correspondence information corresponding to the original biometric information used when performing biometric authentication of a user with a plurality of services;
Information indicating an individual application system that provides an individual service, information indicating a first platform system to which a plurality of individual application systems are connected, and biometric information of a user who uses each of the plurality of individual services Receiving procedure for receiving from one platform system;
An authentication procedure for executing an authentication process based on the biometric information of the user received from the plurality of first platform systems according to the reception procedure and the original correspondence information;
When controlling whether to permit execution of the authentication process for each of the plurality of services, the authentication process is performed for each piece of information indicating the individual application system and information indicating the first platform system. An authentication authorization procedure that controls whether or not to allow execution ;
Biometric information management program for executing

Images