JP6056577B2 - Biometric authentication apparatus, biometric authentication method, and biometric authentication computer program - Google Patents

Description

  The present invention relates to a biometric authentication apparatus, a biometric authentication method, and a biometric authentication computer program that determine whether or not to authenticate an individual based on data representing the biometric information of the individual.

  In recent years, biometric authentication technology has been developed that determines whether or not to authenticate an individual using human biometric information such as a fingerprint, palm print, vein pattern, iris, face, or voice. Biometric authentication technology is a device used by a specific individual such as a computer or mobile terminal from a large-scale system with a large number of registered users, such as an entrance / exit management system, a border control system, or a system using a national identification number. Until widely used.

  For example, when a fingerprint of any finger is used as biometric information, the biometric authentication device acquires a biometric image representing the fingerprint as an input biometric image. Then, the biometric authentication device collates the input biometric information that is the fingerprint of the user represented in the input biometric image with the registered biometric information that is the fingerprint represented in the biometric image of the registered user registered in advance. If the biometric authentication device determines that the input biometric information and the registered biometric information match based on the result of the verification process, the biometric authentication device authenticates the user as a registered user having a legitimate authority. The biometric authentication device permits an authenticated user to use a device in which the biometric authentication device is incorporated or another device connected to the biometric authentication device.

  In general, the state of a part including biometric information may be changed or the environment for acquiring biometric information may be different between biometric information registration and verification. Therefore, even if the registered user himself / herself is going to be authenticated, the input biometric information and the registered biometric information do not completely match. Therefore, for example, the biometric authentication device calculates the similarity between the input biometric information and the registered biometric information, and determines that the input biometric information matches the registered biometric information when the similarity is equal to or greater than a predetermined authentication threshold. . The higher the authentication threshold, the lower the probability that a person who is not a registered user will be mistakenly authenticated as a registered user, so-called acceptance of others, but authentication fails if the registered user is a user. The probability of the so-called refusal of the person is high. On the other hand, the lower the authentication threshold is, the lower the probability that an individual will be rejected, but the probability that another person will be accepted increases. Therefore, the authentication threshold is set so that either the probability of accepting another person or the probability of rejecting the person does not become too high. Therefore, there is a slight possibility that others will be accepted. Thus, an unauthorized user who is not a registered user may attempt biometric authentication multiple times with the intention of unauthorized authentication. In order to prevent such unauthorized authentication, for example, the biometric authentication device is set to reject authentication of the user when authentication fails for a predetermined number of times or more. However, when the registered user himself / herself is a user and the rejection of the user occurs continuously, the registered user cannot use the biometric authentication device. Therefore, when the biometric information when the authentication has failed and the biometric information when the authentication has failed in the past do not have the same identity, the counter value of the number of authentication processing failures is added, and the counter value becomes equal to or greater than a predetermined value. Then, the technique which does not authenticate a user is proposed (for example, refer patent document 1).

JP 2006-79537 A

However, an unauthorized user may be able to acquire a similarity value (hereinafter referred to as a matching score for convenience) calculated at the time of matching by some method. In such a case, an unauthorized user attempts to improve the matching score by changing the value of any pixel of the input biometric image or the coordinates of the feature point little by little and confirming the matching score. Try to get certified. This is called a hill climbing attack.
In addition, an unauthorized user illegally obtains data representing the biometric information of a registered user, such as an input biometric image when authentication has succeeded in the past by some method, and inputs the data to the biometric authentication device. In some cases, authentication is attempted illegally. This is called a replay attack.

In the hill climbing attack, a biometric authentication process is performed on the biometric authentication device while slightly modifying the input biometric image so that the input biometric image at the previous verification and the input biometric image at the next verification have the same identity. Can be repeated. Therefore, in the above technique, the biometric authentication device may erroneously authenticate an unauthorized user before the count value of the number of failures reaches the threshold value.
Further, since data that has been successfully authenticated in the past is used in the replay attack, the biometric authentication device may erroneously authenticate an unauthorized user.

  Accordingly, in one aspect, an object of the present invention is to provide a biometric authentication apparatus that can suppress unauthorized user authentication by mistake even when a replay attack or a hill climbing attack is performed.

  According to one embodiment, a biometric authentication device is provided that determines whether to authenticate a user as a registered user based on the biometric information of the user. This biometric authentication device includes a storage unit that stores past state information representing the characteristics of biometric information or the state of an acquisition environment when past data representing biometric information of a user is acquired at the time of past biometric authentication, and a user From the biometric information acquisition unit for acquiring data representing the biometric information of the user and the data representing the biometric information of the user, the current state information representing the characteristics of the biometric information of the user at the time of data acquisition or the state of the acquisition environment is extracted. A state information extraction unit, a reproducibility calculation unit for calculating a reproducibility representing the degree of similarity between the current state information and the past state information, and data representing the user's biometric information has modified the past data itself or a part of the past data A reproducibility is compared with a threshold estimated to be a thing, and when the reproducibility is equal to or higher than the threshold, an unauthorized access determination unit that does not authenticate the user is provided.

The objects and advantages of the invention will be realized and attained by means of the elements and combinations particularly pointed out in the appended claims.
It should be understood that both the foregoing general description and the following detailed description are exemplary and explanatory and are not restrictive of the invention as claimed.

  Even if a replay attack or a hill climbing attack is performed, it is possible to prevent unauthorized users from being mistakenly authenticated.

It is a schematic block diagram of the biometrics apparatus by 1st Embodiment. It is a functional block diagram of a processing part. It is a figure showing the frequency distribution of the reproducibility when the hill climbing attack or replay attack by an unauthorized user is performed, and the frequency distribution of the reproducibility when the registered user is a user. It is a figure which shows the operation | movement flowchart of the biometrics authentication process by 1st Embodiment. It is a figure showing an example of the list of the past feature information memorized by the storage part about one registered user. It is a figure which shows the operation | movement flowchart of the biometrics authentication process by 2nd Embodiment. It is a functional block diagram of the process part by 3rd Embodiment. It is a schematic structure figure of an example of a biometrics system by an embodiment or its modification.

Hereinafter, biometric authentication devices according to various embodiments will be described with reference to the drawings.
As described above, the biometric information represented in the biometric image when the hill climbing attack or the replay attack is performed is very similar to the biometric information represented in the biometric image used for matching the same person in the past. Yes. On the other hand, even when the registered user himself / herself requests authentication as a user, every time data representing biometric information is generated, the state of the part including the biometric information is different, or The state of the environment during shooting, such as posture, is different. Therefore, the biometric information represented in the biometric image acquired at the time of the latest collation is somewhat different from the biometric information represented in the biometric image used for collation in the past.

  Therefore, when the biometric authentication device acquires data representing the biometric information of the user, the biometric authentication device obtains feature information representing the characteristics of the biometric information from a biometric image representing the biometric information. The biometric authentication device calculates a reproducibility that is a degree of similarity between the feature information extracted from the biometric image acquired at the time of past matching and the feature information at the time of the current matching. When the reproducibility is higher than a preset threshold, the biometric authentication apparatus determines that an attempt to authenticate illegally, such as a hill climbing attack or a replay attack, and does not authenticate the user.

In this embodiment, the biometric authentication device uses the fingerprint of any finger as biometric information used for biometric authentication.
Further, in this specification, the term “collation process” is used to indicate a process of calculating an index representing the degree of difference or the degree of similarity between the biometric information of the user and the biometric information of the registered user. In addition, the term “biometric authentication process” is used to indicate the entire authentication process including not only the verification process but also the process of determining whether to authenticate the user using the index obtained by the verification process. used.

  FIG. 1 is a schematic configuration diagram of a biometric authentication apparatus according to one embodiment. As illustrated in FIG. 1, the biometric authentication device 1 includes a display unit 2, an input unit 3, a biometric information acquisition unit 4, a storage unit 5, and a processing unit 6. The display unit 2, the input unit 3, and the biological information acquisition unit 4 may be provided separately from the housing in which the storage unit 5 and the processing unit 6 are accommodated. Or the display part 2, the input part 3, the biometric information acquisition part 4, the memory | storage part 5, and the process part 6 may be accommodated in one housing like what is called a notebook personal computer or a tablet-type terminal. The biometric authentication device 1 further includes a storage medium access device 7 that accesses a storage medium 8 such as a magnetic disk, a semiconductor memory card, and an optical storage medium. The biometric authentication device 1 reads, for example, a computer program for biometric authentication processing executed on the processing unit 6 stored in the storage medium via the storage medium access device, and performs biometric authentication processing according to the computer program. May be executed.

  The biometric authentication device 1 performs biometric authentication processing by using the biometric image representing the user's fingerprint generated by the biometric information acquisition unit 4 and collating the fingerprint with the registered user's fingerprint. When the biometric authentication device 1 authenticates the user as one of the registered users as a result of the biometric authentication process, the biometric authentication device 1 permits the user to use the device on which the biometric authentication device 1 is mounted. Alternatively, the biometric authentication device 1 transmits a signal indicating that the user has been authenticated to another device (not shown), thereby permitting the user to use the other device.

  The display unit 2 includes a display device such as a liquid crystal display, for example. The display unit 2 then displays, for example, a message indicating a part (any finger) used for collation, or a guidance message for placing the part at a position where the biological information acquisition unit 4 can acquire a proper biological image. Display to users. Further, the display unit 2 displays a message representing the result of the biometric authentication process executed by the processing unit 6 or various information related to the application.

  The input unit 3 has a user interface such as a keyboard, a mouse, or a touch pad, for example. Then, the user name or command or data input by the user via the input unit 3 is passed to the processing unit 6.

The biological information acquisition unit 4 includes, for example, a fingerprint sensor using an area sensor. This fingerprint sensor can be, for example, a sensor that employs any one of an optical type, a capacitance type, an electric field type, and a thermal type. The biometric information acquisition unit 4 generates a biometric image representing a fingerprint by photographing the surface of the finger while the user places the finger on the sensor surface of the fingerprint sensor. This biological image is an example of data representing biological information.
The biometric information acquisition unit 4 may have a slide type fingerprint sensor. In this case, the biometric information acquisition unit 4 sequentially generates partial images at predetermined time intervals while sliding a finger on the fingerprint sensor. In the partial image, a part of the fingerprint on the surface of the finger is copied. By connecting a plurality of partial images in order of generation time, a biometric image in which the entire fingerprint of the finger is captured is synthesized.

  The biometric information acquisition unit 4 passes the biometric image to the processing unit 6 every time a biometric image is generated.

  The storage unit 5 includes, for example, a nonvolatile semiconductor memory and a volatile semiconductor memory. And the memory | storage part 5 memorize | stores the application program used with the biometrics authentication apparatus 1, the user name of at least one registered user, a user identification number, personal setting information, various data, etc. The storage unit 5 stores a program for executing biometric authentication processing. Further, for each registered user, the storage unit 5 stores registered feature information representing the fingerprint characteristics of a specific finger, which is biometric information of the registered user, and the registered user's user name, user identification number, and the like. Store with identification information. The registered feature information is, for example, a biometric image of the registered user itself, a part of the biometric image, or a feature of biometric information extracted from the biometric image (for example, coordinates of branch points and end points of ridges, ridges Direction).

In addition, the storage unit 5 extracts, for each registered user, feature information representing the characteristics of the biometric information captured in the biometric image extracted from the biometric image acquired in the past for the registered user. Are stored together with the registered user identification information and the biometric image acquisition time. In the following, feature information extracted from a biometric image acquired at the time of biometric authentication processing performed in the past is referred to as past feature information for convenience. The past feature information is an example of past state information.
Further, the storage unit 5 may temporarily store the biological image received from the biological information acquisition unit 4.

  The processing unit 6 includes one or a plurality of processors and their peripheral circuits. The processing unit 6 executes biometric authentication processing based on the biometric image acquired from the biometric information acquisition unit 4.

  FIG. 2 is a functional block diagram of the processing unit 6. As illustrated in FIG. 2, the processing unit 6 includes a feature information extraction unit 11, a reproducibility calculation unit 12, an unauthorized access determination unit 13, a verification unit 14, and an authentication determination unit 15. Each of these units included in the processing unit 6 is a functional module implemented by a computer program executed on a processor included in the processing unit 6. Alternatively, these units included in the processing unit 6 may be implemented in the biometric authentication device 1 as firmware.

  The feature information extraction unit 11 is an example of a state information extraction unit, and extracts feature information representing features of biological information from a biological image. In the present embodiment, the feature information is used for the above-described reproducibility calculation and collation processing.

  The feature information extraction unit 11 obtains, for example, the position of the minutia which is a characteristic fingerprint structure such as a branch point and an end point of a fingerprint ridge as feature information. For this purpose, the feature information extraction unit 11 binarizes the luminance value of each pixel of the biological image, for example, and distinguishes between a pixel representing a ridge and a pixel representing a valley. The threshold value for binarization can be, for example, an average value of luminance values of a biological image. Next, the feature information extraction unit 11 performs a thinning process on a pixel having a luminance value corresponding to a ridge with respect to a binarized biological image, thereby obtaining a line in which pixels representing the ridge are connected. For example, the line is thinned into a line having a width of one pixel. Then, the feature information extraction unit 11 scans the thinned biological image using a plurality of mask patterns having binary patterns corresponding to branch points or end points of the ridges, thereby matching any mask pattern. The position on the biological image is detected. The feature information extraction unit 11 sets the center pixel of the detected position as the minutiae, and sets the type of minutia (that is, the branch point or the end point) represented by the matched mask pattern as the type of the detected minutiae.

Note that the feature information extraction unit 11 may extract the minutia from the biological image by using another known method for obtaining the end point or branch point of the ridge as the minutia. The feature information extraction unit 11 uses the total number of extracted minutiae, the type of each minutiae, and the position coordinates on the biological image as feature information.
Alternatively, the feature information extraction unit 11 may cut out a part of the biometric image itself or a part of the biometric image including a region where a fingerprint is captured from the biometric image and use it as the feature information.

The feature information extraction unit 11 stores the obtained feature information as past feature information in the storage unit 5 together with the user identification information input via the input unit 3 and the biometric image acquisition time.
Note that the storage unit 5 may delete the past feature information after a certain period of time has elapsed from the acquisition time of the biological image associated with the past feature information in order to suppress the amount of calculation required to calculate the reproducibility. . For example, the certain period is set to one month, three months, six months, or one year.

  The reproducibility calculation unit 12 calculates the reproducibility between the feature information extracted from the biometric image obtained for the latest collation processing and the past feature information extracted from the biometric image obtained at the past collation. To do. In the following, for convenience of explanation, feature information extracted from a biological image obtained for the latest collation process is referred to as current feature information.

  The reproducibility calculation unit 12 reads the past feature information associated with the identification information of the registered user that matches the identification information input through the input unit 3 from the storage unit 5. Then, the reproducibility calculation unit 12 calculates the reproducibility by comparing the current feature information with the past feature information.

  When the feature information includes the position of the minutiae extracted from the biological image, the reproducibility calculation unit 12 calculates the reproducibility by minutia matching. For example, the reproducibility calculation unit 12 aligns the noticed minutia among the minutiae included in the current feature information with any of the minutiae included in the past feature information. Then, the reproducibility calculation unit 12 obtains the number of minutiae that matches the minutia included in the past feature information among the minutiae included in the current feature information. Note that the reproducibility calculation unit 12 determines that the two minutiae match if the distance between the two minutiae is equal to or less than the ridge spacing, for example. In addition, the reproducibility calculation unit 12 may determine that the two minutiae match only when the two minutiae types match.

  The reproducibility calculation unit 12 obtains the number of matching minutiae while changing the set of minutiae to be aligned. The reproducibility calculation unit 12 sets the reproducibility as the ratio of the number of matching minutiae to the total number of minutiae included in the current feature information when the number of matching minutiae is maximized. In this case, the reproducibility takes any value from 0 to 1.

  Further, when the feature information includes the biological image itself or a part of the biological image, the reproducibility calculation unit 12 may calculate the reproducibility by pattern matching. In this case, the reproducibility calculation unit 12 calculates the normalized cross-correlation value while changing the relative position between the biological image included in the current feature information and the biological image included in the past feature information. Then, the reproducibility calculation unit 12 sets the maximum value of the normalized cross-correlation value as the reproducibility. Since the normalized cross-correlation value takes any value from -1 to 1, in this case, the reproducibility also takes any value from -1 to 1. However, the reproducibility calculation unit 12 may normalize the reproducibility value so that the reproducibility value is included in the range of 0 to 1.

The reproducibility calculation unit 12 notifies the unauthorized access determination unit 13 of the calculated reproducibility.
When there are a plurality of past feature information associated with the identification information of the registered user that matches the identification information input via the input unit 3, the reproducibility calculation unit 12 calculates the reproducibility for each past feature information. calculate. Then, the reproducibility calculation unit 12 obtains the maximum value of the reproducibility for each past feature information, and notifies the unauthorized access determination unit 13 of the maximum reproducibility value.

The unauthorized access determination unit 13 compares the reproduction degree notified from the reproduction degree calculation unit 12 with an unauthorized determination threshold value. The unauthorized access determination unit 13 determines that an unauthorized access such as a hill climbing attack or a replay attack is attempted on the biometric authentication device 1 when the reproducibility is equal to or greater than the unauthorized determination threshold. Then, the unauthorized access determination unit 13 refuses to continue the biometric authentication process. The unauthorized access determination unit 13 notifies the processing unit 6 that the continuation of the biometric authentication process has been refused. In this case, the processing unit 6 does not authenticate the user and refuses to use the device on which the biometric authentication device 1 is mounted or the device to which the biometric authentication device 1 is connected. The processing unit 6 may cause the display unit 2 to display a warning message indicating that unauthorized access has been attempted. Further, the processing unit 6 executes the biometric authentication process for the registered user specified by the identification information input via the input unit 3 until the administrator of the biometric authentication device 1 permits or for a certain period. May not be accepted. The certain period can be set to one day or one week, for example.
On the other hand, when the reproducibility is less than the fraud determination threshold, the unauthorized access determination unit 13 determines that unauthorized access has not been performed, and notifies the processing unit 6 of the determination result.

  FIG. 3 is a diagram illustrating a frequency distribution of reproducibility when a hill climbing attack or a replay attack by an unauthorized user is performed, and a frequency distribution of reproducibility when the registered user is a user. In FIG. 3, the horizontal axis represents the reproducibility, and the vertical axis represents the frequency. A graph 301 represents a frequency distribution of reproducibility when a hill climbing attack or a replay attack is performed by an unauthorized user. A graph 302 represents the frequency distribution of the reproducibility when the registered user is a user. Since the current feature information and the past feature information when the replay attack is performed are the same, the reproducibility is 1. In addition, since the difference between the current feature information and the past feature information when a hill climbing attack is performed is very small, the reproducibility is close to 1. Therefore, as shown in the graph 301, the reproducibility is distributed near the maximum value (1 in the present embodiment) that can be taken. On the other hand, when the registered user himself / herself is a user, unauthorized access such as a hill climbing attack was performed as shown in the graph 302 due to variations in the state of a part including biometric information. It is distributed around a lower value than the time, for example, 0.6 to 0.7. Therefore, the fraud determination threshold is estimated, for example, that the biometric image used to extract the current feature information is a modification of the past biometric image itself or a part of the past biometric image used to extract the past feature information. Is set to the lower limit of reproducibility. That is, the fraud determination threshold is set to, for example, 0.8 between the above two distributions. Alternatively, the fraud determination threshold is the average value of the reproducibility when an unauthorized access such as a replay attack is performed, the Mahalanobis distance between the fraud determination threshold, and the average value of the reproducibility when the registered user is a user. And the Mahalanobis distance between the fraud determination thresholds may be set to be equal.

When the unauthorized access determination unit 13 determines that unauthorized access has not been performed, the processing unit 6 continues the biometric authentication process. For this purpose, the processing unit 6 reads, from the storage unit 5, registered feature information representing the feature of the registered user's biometric information specified by the identification information input via the input unit 3. The registered feature information is extracted from the biometric image representing the biometric information of the registered user acquired by the biometric authentication device 1 at the time of registration, as with the current feature information.
The processing unit 6 passes the current feature information and the registered feature information to the matching unit 14.

  The matching unit 14 compares the current feature information with the registered feature information to calculate the similarity between the user's biometric information and the registered user's biometric information.

For example, when the current feature information and the registered feature information include coordinates of minutiae such as ridge end points and branch points, the matching unit 14 calculates a similarity value by minutia matching. Alternatively, when the current feature information and the registered feature information each include the biological image itself or a part of the biological image, the matching unit 14 may calculate the similarity by pattern matching between the biological images. .
The procedure for minutia matching and pattern matching is the same as the procedure described in the reproducibility calculation unit 12.

  The collation unit 14 passes the similarity to the authentication determination unit 15 together with the identification information of the registered user.

  The authentication determination unit 15 determines whether the similarity is equal to or higher than an authentication determination threshold value. When the similarity is equal to or greater than the authentication determination threshold value, the authentication determination unit 15 determines that the user's biometric information matches the biometric information of the registered user specified by the identification information received from the verification unit 14. Then, the authentication determination unit 15 authenticates the user as the registered user. When authenticating the user, the authentication determination unit 15 notifies the processing unit 6 of the authentication result. Then, the processing unit 6 permits the authenticated user to use the device in which the biometric authentication device 1 is mounted or the device to which the biometric authentication device 1 is connected.

  On the other hand, when the similarity is less than the authentication determination threshold, the authentication determination unit 15 determines that the user's biometric information does not match the registered user's biometric information. Therefore, the authentication determination unit 15 does not authenticate the user. The authentication determination unit 15 notifies the processing unit 6 that the authentication has failed. In this case, the processing unit 6 refuses to use a device on which the biometric authentication device 1 is mounted or a device to which the biometric authentication device 1 is connected by an unauthenticated user. The processing unit 6 may cause the display unit 2 to display a message indicating that the authentication has failed. Unlike the case where the execution of the biometric authentication process is denied due to the detection of unauthorized access, the biometric authentication device 1 re-reads the biometric information and executes the biometric authentication process again for the registered user who has failed the authentication. Also good.

  The authentication determination threshold is preferably set to a value such that the authentication determination unit 15 succeeds in authentication only when the registered user is a user. The authentication determination threshold is preferably set to a value that causes the authentication determination unit 15 to fail authentication when another person different from the registered user is the user. For example, the authentication determination threshold value can be a value obtained by adding a value obtained by multiplying the difference between the maximum value and the minimum value of similarity by 0.6 to the minimum value of similarity.

  Further, when the reproducibility and the similarity are calculated based on the same type of feature information, it is preferable that the authentication determination threshold is set lower than the fraud determination threshold in order to reduce the probability of identity rejection. When the reproducibility and similarity are calculated based on the same type of feature information, the reproducibility distribution shape and the similarity distribution shape are similar. Therefore, when the authentication determination threshold is set to be greater than or equal to the fraud determination threshold, when the degree of reproduction is equal to or less than the fraud determination threshold, the similarity is likely to be equal to or less than the authentication determination threshold.

FIG. 4 is an operation flowchart of biometric authentication processing according to this embodiment.
The processing unit 6 acquires the identification information of the registered user to be verified through the input unit 3 (Step S101). Moreover, the process part 6 acquires a user's biometric image from the biometric information acquisition part 4 (step S102).

  The feature information extraction unit 11 of the processing unit 6 extracts the current feature information from the biological image and stores it in the storage unit 5 (step S103). The feature information extraction unit 11 notifies the current feature information to the reproducibility calculation unit 12 of the processing unit 6. The reproducibility calculation unit 12 calculates the maximum reproducibility value between the past feature information of the registered user specified by the current feature information and the identification information (step S104). Then, the reproducibility calculation unit 12 notifies the unauthorized access determination unit 13 of the processing unit 6 of the maximum value.

  The unauthorized access determination unit 13 determines whether or not the maximum reproducibility value is equal to or greater than an unauthorized determination threshold (step S105). When the maximum value of the reproducibility is equal to or greater than the fraud determination threshold (step S105—Yes), the unauthorized access determination unit 13 determines that an unauthorized access such as a replay attack or a hill climbing attack has been performed. Then, the unauthorized access determination unit 13 does not authenticate the user and refuses to continue the biometric authentication process (step S106). Then, the unauthorized access determination unit 13 notifies the processing unit 6 to that effect. The processing unit 6 interrupts the biometric authentication process.

On the other hand, when the maximum value of the reproducibility is less than the fraud determination threshold (No in step S105), the unauthorized access determination unit 13 determines that unauthorized access has not been performed, and notifies the processing unit 6 of the determination result. . In this case, the matching unit 14 of the processing unit 6 calculates the similarity between the current feature information and the registered feature information of the registered user (step S107). Then, the collation unit 14 notifies the similarity to the authentication determination unit 15 of the processing unit 6.
The authentication determination unit 15 determines whether or not the similarity is greater than or equal to the authentication determination threshold (step S108). When the similarity is equal to or greater than the authentication determination threshold (step S108—Yes), the authentication determination unit 15 determines that the biometric information of the user matches the biometric information of the registered user. And the authentication determination part 15 authenticates a user (step S109).
On the other hand, when the similarity is less than the authentication determination threshold (No in step S108), the authentication determination unit 15 determines that the biometric information of the user does not match the biometric information of the registered user. And the authentication determination part 15 does not authenticate a user (step S110).
After step S109 or S110, the processing unit 6 ends the biometric authentication process.

  Note that the order of steps S101 and S102 may be interchanged. Or the process part 6 may perform the process of step S104-S106, only when a similarity degree is more than an authentication determination threshold value in step S108.

  As described above, this biometric authentication device calculates the reproducibility between the current feature information and the past feature information separately from the similarity between the current feature information and the registered feature information, and based on the reproducibility. To determine whether unauthorized access has been made. Therefore, this biometric authentication device can suppress the acceptance of others by unauthorized access such as a hill climbing attack without increasing the authentication determination threshold value, that is, without increasing the probability of rejecting the identity.

  Next, a biometric authentication device according to the second embodiment will be described. In the biometric authentication device according to the second embodiment, the reproducibility calculation unit changes the past feature information that is a reproducibility calculation target between when detecting a hill climbing attack and when detecting a replay attack.

  The biometric authentication device according to the second embodiment differs from the biometric authentication device according to the first embodiment in some functions of the processing unit. Therefore, different points among the functions of the processing unit will be described below. For details of other components of the biometric authentication device according to the second embodiment, refer to the description of the corresponding components of the biometric authentication device according to the first embodiment.

  In the present embodiment, the storage unit 5 succeeds in biometric authentication processing using past feature information in addition to the identification information of the registered user and the acquisition time of the biometric image from which the past feature information is extracted. It is stored together with a flag indicating whether or not it has been done.

  The reproducibility calculation unit 12 has succeeded in biometric authentication processing among past feature information of the registered user corresponding to the identification information acquired via the input unit 3 in order to determine whether or not a replay attack has been made. The past feature information with a flag indicating that is read from the storage unit 5. The reproducibility calculation unit 12 calculates the reproducibility between each of the read past feature information and the current feature information. And the reproducibility calculation part 12 makes the maximum value of those reproducibility reproducibility for replay attack determination.

  If the replay attack determination reproducibility is equal to or greater than the fraud determination threshold, the unauthorized access determination unit 13 determines that unauthorized access has been performed by the replay attack. Then, the unauthorized access determination unit 13 stops the biometric authentication process.

  On the other hand, when the replay attack determination reproducibility is less than the fraud determination threshold value and the authentication fails, the reproducibility calculation unit 12 failed to authenticate among the past feature information included in the same session as the current feature information. The reproducibility between each of the past feature information and the current feature information is calculated. And the reproducibility calculation part 12 makes the maximum value of those reproducibility the reproducibility for hill climbing attack determination.

  In the present embodiment, a “session” represents a series of biometric authentication processes that are repeated after the user starts a biometric authentication trial until the current feature information is acquired. In the present embodiment, when the interval between the acquisition times of two consecutively acquired biological images is less than a predetermined time, the reproducibility calculation unit 12 stores past feature information corresponding to the two biological images in the same session. It is determined that it is included. The predetermined time is set to 1 minute, for example.

  In the hill climbing attack, the biometric authentication process is repeatedly performed until the authentication is successful while repeatedly changing a part of the image or the characteristic information on which the biometric information is represented. Therefore, as described above, the processing unit 6 determines whether or not a hill climbing attack has been performed by calculating the reproducibility between the current feature information and the past feature information when authentication fails in the same session. Can be accurately determined.

FIG. 5 is a diagram illustrating an example of a list of past feature information stored in the storage unit 5 for one registered user. The relationship between past feature information and sessions will be described using this list 500.
Each past feature information is stored in each row of the list 500 in the order stored in the storage unit 5. Each column at the left end of the list 500 stores past feature information numbers. Each column in the second column from the left of the list 500 stores the acquisition time of the biological image from which past feature information has been extracted. Each column in the third column from the left of the list 500 stores a flag indicating whether or not biometric authentication has been successful. In this example, if the flag is “1”, it indicates that the authentication has succeeded, and if the flag is “0”, it indicates that the authentication has failed. In each column of the rightmost column of the list 500, past feature information is stored. Hereinafter, the acquisition time of the biological image from which past feature information has been extracted is simply referred to as acquisition time. In this example, since the difference between the acquisition time of the first past feature information and the acquisition time of the second past feature information is longer than one minute, the first past feature information is the second and subsequent past feature information. Belong to another session. On the other hand, the difference between the acquisition time of the second past feature information and the acquisition time of the third past feature information, and the difference between the acquisition time of the third past feature information and the acquisition time of the fourth past feature information Is less than 1 minute, the second to fourth past feature information belongs to the same session. Therefore, for example, when the fourth past feature information is obtained, the reproducibility calculation unit 12 calculates the reproducibility for hill climbing attack determination with respect to the second and third past feature information in the list 500.

  The unauthorized access determination unit 13 determines that unauthorized access by a hill climbing attack has been performed when the hill climbing attack determination reproducibility is equal to or greater than the unauthorized determination threshold. Then, the unauthorized access determination unit 13 stops the biometric authentication process.

  On the other hand, if the hill climbing attack determination reproducibility is less than the fraud determination threshold, the unauthorized access determination unit 13 determines that unauthorized access has not been performed.

  Note that the fraud determination threshold for the hill climbing attack determination reproducibility may be set lower than the fraud determination threshold for the replay attack determination reproducibility. The replay attack has a reproducibility of 1 due to its characteristics, so the fraud determination threshold can also be set to 1 or a value very close to 1, for example, 0.99. On the other hand, in the hill climbing attack, there is a high possibility that the current feature information and a part of the past feature information are different, so the reproducibility is likely to be less than 1. Therefore, by setting the fraud determination threshold for the reproducibility for hill climbing attack determination lower than the fraud determination threshold for the replay attack reproducibility, the unauthorized access determination unit 13 determines whether or not each attack has been performed. It can be judged more appropriately.

  If the authentication determination unit 15 determines that unauthorized access due to the replay attack has not been performed, and if the authentication is successful, the authentication determination unit 15 adds a flag indicating that the authentication has been successful to the current feature information stored in the storage unit 5. . On the other hand, if the authentication determination unit 15 fails in authentication, the authentication determination unit 15 adds a flag indicating that the authentication has failed to the current feature information stored in the storage unit 5.

FIG. 6 is an operation flowchart of biometric authentication processing according to the second embodiment.
The processing unit 6 acquires the identification information of the registered user to be verified through the input unit 3 (Step S201). Moreover, the process part 6 acquires a user's biometric image from the biometric information acquisition part 4 (step S202).

  The feature information extraction unit 11 of the processing unit 6 extracts the current feature information from the biological image and stores it in the storage unit 5 together with the biological image acquisition time (step S203). The feature information extraction unit 11 notifies the current feature information to the matching unit 14 and the reproducibility calculation unit 12 of the processing unit 6.

The collation unit 14 calculates the similarity between the registered feature information of the registered user corresponding to the identification information input through the current feature information and the input unit 3 (step S204). Then, the collation unit 14 notifies the similarity to the authentication determination unit 15 of the processing unit 6.
The authentication determination unit 15 determines whether or not the similarity is greater than or equal to an authentication determination threshold (step S205). When the similarity is equal to or higher than the authentication determination threshold value (step S205—Yes), the authentication determination unit 15 determines that the user's biometric information matches the biometric information of the registered user, and notifies the reproducibility calculation unit 12 to that effect. Notice.

  The reproducibility calculation unit 12 calculates the maximum reproducibility value between the past feature information when the authentication is successful and the current feature information among the past feature information of the registered user specified by the identification information ( Step S206). Then, the reproducibility calculation unit 12 notifies the unauthorized access determination unit 13 of the processing unit 6 of the maximum value as the replay attack determination reproducibility.

  The unauthorized access determination unit 13 determines whether or not the replay attack determination reproducibility is greater than or equal to an unauthorized determination threshold (step S207). When the replay attack determination reproducibility is equal to or greater than the fraud determination threshold (step S207—Yes), the unauthorized access determination unit 13 determines that a replay attack has been performed. Then, the unauthorized access determination unit 13 refuses to continue the biometric authentication process (step S208). Then, the unauthorized access determination unit 13 notifies the processing unit 6 to that effect. The processing unit 6 interrupts the biometric authentication process and does not authenticate the user.

  On the other hand, when the replay attack determination reproducibility is less than the fraud determination threshold (No in step S207), the unauthorized access determination unit 13 determines that unauthorized access has not been performed, and the determination result is sent to the authentication determination unit 15. Notice. And the authentication determination part 15 authenticates a user (step S209). Further, the authentication determination unit 15 adds a flag indicating that the authentication is successful to the current feature information stored in the storage unit 5.

  On the other hand, when the similarity is less than the authentication determination threshold value in step S205 (step S205—No), the authentication determination unit 15 determines that the user's biometric information and the registered user's biometric information do not match, and This is notified to the reproducibility calculation unit 12. In this case, the reproducibility calculation unit 12 is included in the same session as the current feature information among the past feature information of the registered user specified by the identification information, and the past feature information and the current feature when authentication fails. Calculate the reproducibility between information. Then, the reproducibility calculation unit 12 calculates the maximum value of the reproducibility as the reproducibility for hill climbing attack determination (step S210).

  The unauthorized access determination unit 13 determines whether or not the hill climbing attack determination reproducibility is equal to or greater than an unauthorized determination threshold (step S211). When the reproducibility for hill climbing attack determination is equal to or greater than the fraud determination threshold (step S211—Yes), the unauthorized access determination unit 13 determines that a hill climbing attack has been performed. Then, the unauthorized access determination unit 13 refuses to continue the biometric authentication process (step S212). Then, the unauthorized access determination unit 13 notifies the processing unit 6 to that effect. The processing unit 6 interrupts the biometric authentication process and does not authenticate the user.

  On the other hand, when the reproducibility for hill climbing attack determination is less than the fraud determination threshold (No in step S211), the unauthorized access determination unit 13 determines that unauthorized access has not been performed, and the determination result is the authentication determination unit 15. Notify The authentication determination unit 15 attaches a flag indicating that the authentication has failed to the current feature information stored in the storage unit 5. The processing unit 6 displays a message indicating that the authentication has failed on the display unit 2 and prompts the user to re-enter biometric information (step S213). Thereafter, if the biometric information is re-input, the processing unit 6 repeats the processing from step S201.

  According to this embodiment, the biometric authentication device can distinguish and detect a replay attack and a hill climbing attack. In addition, since this biometric authentication device can individually set the fraud determination threshold for detecting a replay attack and the fraud determination threshold for detecting a hill climbing attack, it is possible to more appropriately determine whether or not each attack has been performed. Can be judged.

  Next, a third embodiment will be described. In the third embodiment, the biometric authentication device includes not only the similarity between the biometric information at the time of executing the latest biometric authentication process and the biometric information at the time of executing the past biometric authentication process, but also the environment at the time of acquiring each biometric information. The reproducibility is calculated in consideration of the similarity of conditions.

  The biometric authentication device according to the third embodiment differs from the biometric authentication device according to the first embodiment in some functions of the processing unit. Therefore, different points among the functions of the processing unit will be described below. For details of other components of the biometric authentication device according to the third embodiment, refer to the description of the corresponding components of the biometric authentication device according to the first embodiment.

FIG. 7 is a functional block diagram of the processing unit 61 according to the third embodiment. As illustrated in FIG. 7, the processing unit 61 includes a feature information extraction unit 11, a reproducibility calculation unit 12, an unauthorized access determination unit 13, a matching unit 14, an authentication determination unit 15, and an environment information extraction unit 16. And have. Each of these units included in the processing unit 61 is a functional module implemented by a computer program executed on a processor included in the processing unit 61. Or these each part which the process part 61 has may be mounted in the biometrics apparatus 1 as firmware.
In FIG. 7, the same reference numerals as those of the corresponding components of the processing unit 6 shown in FIG. The processing unit 61 according to the third embodiment is different from the processing unit 6 according to the first embodiment in that it includes an environment information extraction unit 16.

  The environment information extraction unit 16 is another example of the state information extraction unit. Every time the processing unit 61 receives a biological image from the biological information acquisition unit 4, the environmental information extraction unit 16 obtains environmental information representing the environmental state at the time of reading the biological information. For example, when the biometric information used for biometric authentication is a fingerprint or a palm print, the average value of the width of the ridges captured in the biometric image is used as the environment information. In general, the width of the ridge becomes wider as the force of pressing the finger against the sensor surface of the biological information acquisition unit 4 becomes stronger. Therefore, the width of the ridge represents the degree of the force of pressing the finger. Thus, the width of the ridge represents the environmental state when reading biological information.

  The environment information extraction unit 16 binarizes the luminance value of each pixel of the biological image, for example, and distinguishes between a pixel representing a ridge and a pixel representing a valley line. Then, the environment information extraction unit 16 detects the vortex center on the binarized biological image, for example, by template matching between the binarized biological image and a template representing the vortex center of the fingerprint. Then, the environment information extraction unit 16 sets scanning lines radially from the vortex center. Generally, on the finger tip side from the vortex center, the ridges are substantially concentric circles centered on the vortex center. Therefore, the environment information extraction unit 16 calculates an average value of the number of consecutive pixels having luminance corresponding to the ridge along the scanning line, and sets the average value as the width of the ridge.

Alternatively, the environment information extraction unit 16 may obtain, as environment information, the area of the subject area, which is the area where the part including the biological information is captured, or the gravity center position of the subject area in the biological image. The area of the subject region and the position of the center of gravity of the subject region also represent information regarding how to place the finger on the sensor surface of the biological information acquisition unit 4.
Alternatively, the environment information extraction unit 16 may calculate the difference between the luminance average value of the pixel corresponding to the ridge and the luminance average value of the pixel corresponding to the valley line as the contrast, and use the contrast as the environmental information. This difference changes depending on, for example, the degree of dryness of the finger surface at the time of biometric image acquisition.
Alternatively, the environment information extraction unit 16 may obtain at least two of a plurality of feature amounts, for example, the width of the ridge, the position of the center of gravity of the subject area, and the contrast as the environment information.

The environment information extraction unit 16 stores the environment information in the storage unit 5 together with the feature information extracted by the feature information extraction unit 11, the user identification information input via the input unit 3, and the biometric image acquisition time. .
Note that the storage unit 5 may erase the feature information and the environment information after a certain period of time has elapsed since the feature information and the environment information have been stored in order to suppress the amount of computation required for calculating the degree of reproduction. For example, the certain period is set to one month, three months, six months, or one year.

The reproducibility calculation unit 12 calculates a reproducibility (hereinafter referred to as “reproducibility”) based on current feature information that is feature information at the time of the latest biometric authentication execution and past feature information that is feature information at the time of past biometric authentication execution. Reproducibility is referred to as biological reproducibility). The reproducibility calculation unit 12 calculates a reproducibility (hereinafter, referred to as the reproducibility calculated based on the current environment information that is environment information at the time of the latest biometric authentication execution and past environment information that is the environment information at the time of past biometric authentication execution) This reproducibility is called environment reproducibility). Then, the reproducibility calculation unit 12 calculates a value obtained by multiplying the biological reproducibility by the environment reproducibility as the reproducibility.
Or the reproducibility calculation part 12 is good also considering the average value of biological reproducibility and environmental reproducibility as reproducibility.

ここでCrは環境再現度を表す。x_m(n)は、現環境条件に含まれる、m番目の要素の値を表し、x_m(n-1)は、過去環境条件に含まれる、m番目の要素の値を表す。 Note that the reproducibility calculation unit 12 calculates the environment reproducibility according to the following equation, for example.

Here, Cr represents the environmental reproducibility. x _m (n) represents the value of the m th element included in the current environmental condition, and x _m (n−1) represents the value of the m th element included in the past environmental condition.

  The environment reproducibility Cr is 1 when all the elements included in the current environment condition coincide with all the elements included in the past environment condition, and decreases as the value difference between the corresponding elements increases.

  In general, the environment when biometric information is input, that is, when a biometric image is created varies every time biometric authentication is executed. Therefore, the environment reproducibility is a relatively low value, for example, 0.7. In addition, as described above, even if the registered user is a user, the living body reproducibility varies. Therefore, even if the registered user is a user, both the living body reproduction degree and the environment reproduction degree are not so high, and as a result, the reproduction degree is relatively low. For example, even if the registered user is a user, the living body reproducibility is 0.7, the environment reproducibility is 0.7, and the reproducibility is 0.49.

  On the other hand, in the hill climbing attack, a part of data (for example, biometric image) representing biometric information used in the past biometric authentication process or a part of the biometric information is changed is used in the latest biometric authentication process. The Therefore, not only the difference between the current feature information and the past feature information is very small, but also the difference between the current environment information and the past environment information is very small. Therefore, both the environment reproducibility and the biological reproducibility have values of 1 or close to 1. As a result, the reproducibility is 1 or a value close to 1. When a hill climbing attack is performed, for example, the living body reproducibility is 0.9, the environment reproducibility is 0.9, and the reproducibility is 0.81.

  Furthermore, in a replay attack, data representing biometric information when successful in past biometric authentication processing is used as it is in the latest biometric authentication processing, so that not only feature information required from such data but also environmental information It does not change. Therefore, both the environment reproducibility and the living body reproducibility are 1. As a result, the reproducibility is 1.

  In this way, by calculating the reproducibility by referring not only to the feature information but also the environment information, the reproducibility when a hill climbing attack or replay attack is performed, and the registered user himself / herself is the user The difference with the reproducibility of increases. Therefore, the biometric authentication device can improve the detection accuracy of unauthorized access such as hill climbing attack or replay attack.

  Note that according to the modification, the reproduction degree calculation unit may use the environment reproduction degree itself as the reproduction degree. As described above, when a hill climbing attack or a replay attack is performed, the difference between the current environment condition and the past environment condition is relatively small, and the current environment condition and the past environment condition when the registered user is a user are relatively small. This is because the difference is relatively large.

  According to another modification, the reproducibility calculation unit according to the second embodiment calculates the reproducibility based on the environment reproducibility and the biological reproducibility as in the reproducibility calculation unit according to the third embodiment. May be.

  According to still another modification, the feature information used for calculating the degree of reproduction may be different from the feature information used for the matching process. For example, when the reproducibility is calculated by minutia matching between the minutia included in the current feature information and the minutia included in the past feature information, the collation unit may determine the pattern between the biometric image of the user and the biometric image of the registered user. The similarity may be calculated by matching. Conversely, when the reproducibility is calculated by pattern matching between biological images included in the current feature information and the past feature information, the matching unit may calculate the similarity by minutiae matching.

  Further, biometric information used for biometric authentication is not limited to fingerprints. The biometric information used for biometric authentication may be a palm print, vein pattern, iris, face, or voice print. For example, when the biometric information used for biometric authentication is a palm print, the biometric authentication device can calculate the reproducibility, biometric reproducibility, and environment reproducibility by the same processing as described above. Also, even when the biometric information is a vein pattern, the biometric authentication device performs, for example, template matching using a template representing a characteristic portion of the vein pattern on the biometric image in which the vein pattern is captured. What is necessary is just to obtain | require a position as characteristic information. For example, a vein branch point can be used as a characteristic part of the vein pattern. Furthermore, the biometric authentication device may obtain the position of the center of gravity or area of the part (palm) including the vein pattern on the biometric image as environmental information. Similarly, even when the biometric information used for biometric authentication is a face, the biometric authentication device performs, for example, template matching using a template representing a feature point of the face on a biometric image showing the face. What is necessary is just to obtain | require the position of the feature point as feature information. Note that the facial feature points can be a part of a characteristic part on the face, such as the eyes, the corners of the eyes, the tip of the nose, and the corners of the mouth. Furthermore, the biometric authentication device may obtain the average luminance value of the area where the face appears on the biometric image or the face orientation as the environment information. Note that the orientation of the face is estimated based on, for example, the relative position of the nose tip with respect to the line connecting the midpoint between the eyes of both eyes and the midpoint of the mouth.

  Furthermore, when a voice print is used as the biometric information, the biometric authentication device may include a microphone as the biometric information acquisition unit. The biometric authentication device analyzes voice data, which is an example of data including biometric information, generated by collecting the user's voice via a microphone, and calculates a mel frequency cepstrum coefficient and the like as feature information. May be. Furthermore, the biometric authentication device may calculate the intensity of a noise component included in the audio data as environment information.

FIG. 8 is a schematic configuration diagram of an example of a biometric authentication system in which the biometric authentication device according to each of the above embodiments or modifications thereof is mounted.
For example, the biometric authentication system 100 includes at least one terminal 110 and a server 120. The terminal 110 and the server 120 are connected via a wired or wireless communication network 130. In FIG. 8, among the constituent elements of the biometric authentication system 100, the constituent elements corresponding to any of the constituent elements of the biometric authentication apparatus 1 shown in FIG. 1 are referred to the constituent elements of the biometric authentication apparatus 1. The same reference numbers as the numbers are attached.

In this system, the terminal 110 is a mobile terminal such as a mobile phone or a tablet terminal, or a terminal that is fixedly installed, and includes a display unit 2, an input unit 3, and a biological information acquisition unit 4. Further, the terminal 110 includes a storage unit 21, an image acquisition control unit 22, and an interface unit 23.
The storage unit 21 includes, for example, a semiconductor memory circuit, and temporarily stores a biological image generated by the biological information acquisition unit 4. The image acquisition control unit 22 includes one or a plurality of processors and peripheral circuits thereof, controls each unit of the terminal 110, and executes various programs that operate on the terminal 110. Then, the image acquisition control unit 22 sends the biometric image generated by the biometric information acquisition unit 4 together with the identification information of the terminal 110 via the interface unit 23 having an interface circuit for connecting the terminal 110 to the communication network 130. 120. Further, the image acquisition control unit 22 may also transmit user identification information input via the input unit 3 to the server 120.

  The server 120 includes a storage unit 5, a processing unit 6, and an interface unit 24 having an interface circuit for connecting the server 120 to the communication network 130. The processing unit 6 of the server 120 uses the biometric image received via the interface unit 24 to realize the function of each unit included in the processing unit according to any one of the above embodiments or a modification thereof, thereby biometric authentication. Execute the process. Then, the server 120 returns a determination result as to whether or not the authentication is successful to the terminal 110 via the interface unit 24.

  Alternatively, the image acquisition control unit 22 of the terminal 110 may execute the processing of the feature information extraction unit and / or the environment information extraction unit among the functions of the processing unit according to each of the above embodiments. In this case, the feature information and / or environment information extracted from the user's biological image, the user identification information, and the terminal 110 identification information may be transmitted from the terminal 110 to the server 120 to the server 120. On the other hand, the processing unit 6 of the server 120 executes only the processes of the reproducibility calculation unit, the unauthorized access determination unit, the verification unit, and the authentication determination unit among the functions of the processing units according to the above-described embodiments. Thereby, since the load of the server 120 is reduced, the biometric authentication system 100 can suppress the waiting time for the user even if a large number of biometric authentication processes are executed at the same time.

  In the system described above, the server 120 may store the identification information of the terminal 110 that has generated the biometric image from which the feature information is extracted together with the feature information in the storage unit 5. In this case, when it is determined that unauthorized access has been attempted, the processing unit 6 of the server 120 accepts a request for biometric authentication processing for a certain period of time for the terminal 110 that has requested the biometric authentication processing for which the determination has been made. It may not be possible.

  A computer program having instructions for causing a computer to realize the functions of the processing units according to the above embodiments is provided in a form recorded in a recording medium such as a magnetic recording medium, an optical recording medium, or a nonvolatile semiconductor memory. Also good. Note that the computer-readable recording medium does not include a carrier wave.

  All examples and specific terms listed herein are intended for instructional purposes to help the reader understand the concepts contributed by the inventor to the present invention and the promotion of the technology. It should be construed that it is not limited to the construction of any example herein, such specific examples and conditions, with respect to showing the superiority and inferiority of the present invention. Although embodiments of the present invention have been described in detail, it should be understood that various changes, substitutions and modifications can be made thereto without departing from the spirit and scope of the present invention.

The following supplementary notes are further disclosed regarding the embodiment described above and its modifications.
(Appendix 1)
A biometric authentication device that determines whether to authenticate the user as a registered user based on the biometric information of the user,
A storage unit for storing past state information representing the characteristics of the biometric information or the state of the acquisition environment when past data representing the biometric information of the user is acquired at the time of past biometric authentication;
A biometric information acquisition unit that acquires data representing the biometric information of the user;
A state information extraction unit that extracts, from data representing the biometric information of the user, current state information representing the characteristics of the biometric information of the user at the time of data acquisition or the state of the acquisition environment;
A reproducibility calculator that calculates a reproducibility representing the degree of similarity between the current state information and the past state information;
A fraud that does not authenticate the user if the reproducibility is equal to or greater than the threshold value when the reproducibility is compared with a threshold value that is estimated that the data is the past data itself or a part of the past data. An access determination unit;
A biometric authentication device.
(Appendix 2)
An authentication determination unit for determining whether the biometric information of the user matches the biometric information of the registered user;
The storage unit includes, together with the past state information, a flag indicating whether or not biometric authentication was successful when the past state information was obtained,
The reproducibility calculation unit
When the authentication determination unit determines that the biometric information of the user and the biometric information of the registered user match, the past state information with a flag indicating that biometric authentication has been successful among the past state information And the reproducibility between the current state information and
On the other hand, if the authentication determination unit determines that the biometric information of the user and the biometric information of the registered user do not match, a flag indicating that biometric authentication in the past state information has failed is attached, And the reproducibility is calculated between the past state information and the current state information at the time of biometric authentication repeated between the user starting the trial of biometric authentication and the acquisition of the current state information,
The biometric authentication device according to appendix 1.
(Appendix 3)
The storage unit stores, as the past state information, information representing characteristics of user biometric information at the time of past biometric authentication,
The biological information according to appendix 1 or 2, wherein the state information extraction unit extracts, as the current state information, information representing characteristics of the biological information of the user at the time of data acquisition from data representing the biological information of the user. Authentication device.
(Appendix 4)
The storage unit stores, as the past state information, information indicating the state of the user's acquisition environment at the time of past biometric authentication,
The said status information extraction part extracts the information showing the acquisition environment of the user's biometric information at the time of the said data acquisition from the data showing the said user's biometric information as said present status information, or 2 Biometric authentication device.
(Appendix 5)
The biometric information is a fingerprint or palm print,
The data representing the user's biometric information is a biometric image showing the user's biometric information,
The state information extraction unit extracts, as the current state information, the average value of the width of the fingerprint or palm print ridges captured in the biological image, and the information indicating the acquisition environment of the user's biological information at the time of acquiring the biological image The biometric authentication device according to appendix 4, wherein:
(Appendix 6)
The storage unit stores first past information representing characteristics of user's biometric information at the time of past biometric authentication and second past information representing a state of an acquisition environment of the user at the time of past biometric authentication. Memorize as past state information,
The state information extraction unit is configured to obtain, from data representing the user's biometric information, first current information representing characteristics of the user's biometric information at the time of the data acquisition, and user biometric information at the time of the data acquisition. Second current information representing an acquisition environment is extracted as the current state information;
The reproducibility calculating unit calculates a first similarity between the first current information and the first past information, and a second similarity between the second current information and the second past information. The biometric authentication device according to appendix 1 or 2, wherein the reproducibility is calculated so that the reproducibility becomes higher as both the first similarity and the second similarity become higher.
(Appendix 7)
The storage unit stores an acquisition time of data representing the biometric information of the user corresponding to the past state information together with the past state information, and the past state information is stored based on the acquisition time. The biometric authentication device according to any one of appendices 1 to 6, wherein the past state information after a predetermined period has elapsed is deleted.
(Appendix 8)
A terminal having the biological information acquisition unit;
A server having the storage unit and the processing unit;
The biometric authentication device according to any one of appendices 1 to 7, wherein the terminal and the server are connected via a communication network.
(Appendix 9)
Obtain data representing the user's biological information,
From the data representing the user's biometric information, extract the current state information representing the characteristics of the user's biometric information at the time of data acquisition or the state of the acquisition environment,
The degree of reproducibility representing the degree of similarity between the current state information and past state information representing the characteristics of the biometric information or the state of the acquired environment when past data representing the biometric information of the user is acquired at the time of past biometric authentication. And
The reproducibility is compared with a threshold that is estimated that the data is the past data itself or a part of the past data, and if the reproducibility is equal to or higher than the threshold, the user is not authenticated. ,
If the reproducibility is less than the threshold, determine whether to authenticate the user as a registered user;
A biometric authentication method.
(Appendix 10)
Obtain data representing the user's biological information,
From the data representing the user's biometric information, extract the current state information representing the characteristics of the user's biometric information at the time of data acquisition or the state of the acquisition environment,
The degree of reproducibility representing the degree of similarity between the current state information and past state information representing the characteristics of the biometric information or the state of the acquired environment when past data representing the biometric information of the user is acquired at the time of past biometric authentication. And
The reproducibility is compared with a threshold that is estimated that the data is the past data itself or a part of the past data, and if the reproducibility is equal to or higher than the threshold, the user is not authenticated. ,
If the reproducibility is less than the threshold, determine whether to authenticate the user as a registered user;
A computer program for biometric authentication for causing a computer to execute this.

DESCRIPTION OF SYMBOLS 1 Biometric authentication apparatus 2 Display part 3 Input part 4 Biometric information acquisition part 5 Storage part 6 Processing part 7 Storage medium access apparatus 8 Storage medium 11 Feature information extraction part 12 Reproduction degree calculation part 13 Unauthorized access determination part 14 Verification part 15 Authentication determination Unit 16 environment information extraction unit 100 biometric authentication system 110 terminal 120 server 130 communication network 21 storage unit 22 image acquisition control unit 23, 24 interface unit

Claims (5)

A biometric authentication device that determines whether to authenticate the user as a registered user based on the biometric information of the user,
A storage unit for storing a past state information historical data during past biometric representing the user's biometric information representing the state of the resulting environmental preparative of the biometric information when acquired,
A biometric information acquisition unit that acquires data representing the biometric information of the user;
From the data representing the biometric information of the user, the status information extraction section that extracts the current state information indicating the state of the resulting environmental preparative biometric information of the user when the data acquired,
A reproducibility calculator that calculates a reproducibility representing the degree of similarity between the current state information and the past state information;
A fraud that does not authenticate the user if the reproducibility is equal to or greater than the threshold value when the reproducibility is compared with a threshold value that is estimated that the data is the past data itself or a part of the past data. An access determination unit;
A biometric authentication device. An authentication determination unit for determining whether the biometric information of the user matches the biometric information of the registered user;
The storage unit includes, together with the past state information, a flag indicating whether or not biometric authentication was successful when the past state information was obtained,
The reproducibility calculation unit
When the authentication determination unit determines that the biometric information of the user and the biometric information of the registered user match, the past state information with a flag indicating that biometric authentication has been successful among the past state information And the reproducibility between the current state information and
On the other hand, if the authentication determination unit determines that the biometric information of the user and the biometric information of the registered user do not match, a flag indicating that biometric authentication in the past state information has failed is attached, And the reproducibility is calculated between the past state information and the current state information at the time of biometric authentication repeated between the user starting the trial of biometric authentication and the acquisition of the current state information,
The biometric authentication device according to claim 1. The storage unit stores first past information representing characteristics of user's biometric information at the time of past biometric authentication and second past information representing a state of an acquisition environment of the user at the time of past biometric authentication. Memorize as past state information,
The state information extraction unit is configured to obtain, from data representing the user's biometric information, first current information representing characteristics of the user's biometric information at the time of the data acquisition, and user biometric information at the time of the data acquisition. Second current information representing an acquisition environment is extracted as the current state information;
The reproducibility calculating unit calculates a first similarity between the first current information and the first past information, and a second similarity between the second current information and the second past information. 3. The biometric authentication device according to claim 1, wherein the biometric authentication apparatus calculates the reproducibility so that the reproducibility is higher as both the first similarity and the second similarity are higher. The computer obtains data representing the user's biological information,
By the computer, the data representing the biometric information of the user, extracts the current state information indicating the state of the resulting environmental preparative biometric information of the user when the data acquired,
Causing the computer to reproduce representing the degree of similarity of the current state information and the past state information indicating the state of the resulting environmental preparative of the biometric information when historical data representing the user's biometric information is acquired in the past when the biometric authentication Calculate the degree,
When the computer compares the reproducibility with a threshold that is estimated that the data is the past data itself or a part of the past data, and the reproducibility is equal to or higher than the threshold, a user Without authenticating
If the reproducibility is less than the threshold, determine whether to authenticate the user as a registered user;
A biometric authentication method. Obtain data representing the user's biological information,
From the data representing the biometric information of the user, it extracts the current state information indicating the state of the resulting environmental preparative user biometric information during the data acquisition,
Calculating a recall representing the degree of similarity of the past state information indicating the state of the resulting environmental preparative of the biometric information when the historical data representing user's biometric information at the time of current state information and historical biometric authentication is acquired ,
The reproducibility is compared with a threshold that is estimated that the data is the past data itself or a part of the past data, and if the reproducibility is equal to or higher than the threshold, the user is not authenticated. ,
If the reproducibility is less than the threshold, determine whether to authenticate the user as a registered user;
A computer program for biometric authentication for causing a computer to execute this.

Images