JP6535548B2 - Biometric authentication apparatus and method - Google Patents

Description

  The present invention relates to an apparatus and method for authenticating an individual using human biometric information.

  In recent years, wristband type information devices such as wearable information terminals and terminals for healthcare, which are wound around arms and attached, have attracted attention. Such a wristband type device can easily collect, record, manage and utilize information related to the privacy of the individual, such as health information and mobility information using GPS because of the characteristics that the individual wears constantly. In addition, since it is an electronic device that is integrated with an individual and is always in operation, electronic means such as wireless communication can be used to facilitate electronic money without performing special operations while being worn. It is possible to check payment and electronic tickets. Therefore, the application as a highly convenient personal ID transmitter which proves an individual's right is also expected.

  On the other hand, devices that are closely related to such personal information require the installation of security technology that protects the information. Among the above-mentioned applications, it is important to prevent the access to personal information except for the person to handle the privacy information of the former, so that transmission of the latter's ID can not be performed unintentionally by the person. There is a need to. Therefore, when performing information access or information transmission, it is required that the device be equipped with an identification method that can confirm that the person has the intention with certainty.

  In addition, in the case of a small, easy-to-carry device such as a wristband, there is a high risk of being lost or stolen, so that a mechanism that can lock the operation of the device immediately when removed from the person's hand It is also important. Furthermore, when considering use in large-scale commercial services such as electronic tickets, it is not desirable for the ticket issuing party to use it for unauthorized resale, so the person who purchased the ticket must wear it securely. It is desirable to be able to guarantee that it is more strictly. In the case of illegal resale, in particular, it is necessary to assume that the person will be involved in fraudulently.

Patent Document 1: Japanese Patent Application Laid-Open No. 2002-312324

  The method of using the vein pattern of the wrist presented in Patent Document 1 has room for improvement in terms of performance as a biometric means. Specifically, in Patent Document 1, a vein pattern is observed by a line sensor provided on the back side of a band, but such a method can not observe a pattern of an area sufficient to identify an individual.

  In general, in vein pattern authentication, authentication is performed by focusing on the individuality of a mesh pattern woven by running lines of a plurality of veins, but within a band width range, if only a few veins cross, the mesh pattern is It is difficult to extract personal features from it. It is necessary to measure at least the entire wrist to form a mesh pattern.

  In order to solve the above problems, the biometric device according to the present invention widens the inside of the ring formed by the band portion and the light source portion that emits light of a predetermined wavelength band toward the inside of the ring formed by the band portion. An imaging unit for capturing an image, a storage unit for storing a feature amount of a vein pattern, and an extracted feature amount of a vein pattern from an image captured at a wide angle by the imaging unit, and an extracted feature amount and a feature stored in the storage unit And a CPU that executes control to activate the biometric device if the comparison result shows that the degree of similarity exceeds a predetermined value as a result of comparison.

  According to the present invention, it is possible to capture an area sufficient for a vein of the wrist to form a mesh pattern, and to improve authentication accuracy.

FIG. 2 shows the appearance of a wristband device. It is a figure which shows the outline of a wristband type | mold device. It is a figure which shows an example of the utilization form of a wristband type | mold device. It is a figure which shows the structure of the wristband at the time of mounting | wearing and in a steady state. It is a figure which shows an example of the utilization form of a wristband type | mold device. It is a figure which shows an example of the utilization form of a wristband type | mold device. It is a flowchart which shows the process which the calculating part of a wristband type | mold device performs. It is a figure for demonstrating the process which removes noise information from the imaged image. It is a figure which shows an example of the utilization form of a wristband type | mold device. It is a figure which shows an example of the utilization form of a wristband type | mold device. It is a figure which shows an example of the service using a wristband type | mold device. It is a figure which shows an example of the service using a wristband type | mold device.

  Hereinafter, an example of an embodiment of the present invention will be described using the drawings.

  In this embodiment, an example of a biometric authentication method in which the control authority of the main body can be extended and invalidated only when the person wears correctly by the person authentication means using the vein pattern of the wrist wearing the wristband type device will be described. . FIG. 1 is an example of the appearance of a wristband type device that implements the present invention, and FIG. 2 is a schematic view of the configuration of the device of FIG.

  FIG. 1 shows an example of a wristband type device in a form resembling a wristwatch, which, like the wristwatch, is roughly composed of two parts, a main body 100 and a band 103.

  A display 101 capable of touch panel operation is mounted on the main body 100, and a button 102 capable of physically instructing operation can also be prepared as necessary. An arithmetic unit is mounted inside the main body 100, and can execute an application, present information, communicate, etc. like a general smart phone.

  In the band 103, the camera 104 and the light source 105 are disposed in a portion corresponding to the palm side surface of the wrist. In order to photograph a vein of the wrist, a combination of a green wavelength band and a camera for visible light, or a camera sensitive to near infrared light having a wavelength of about 700 nm to 1000 nm and a light source in that wavelength range is preferable. When near-infrared light is used, the camera can be equipped with a filter that cuts off light of wavelengths other than the near-infrared region, whereby unnecessary information other than the vein pattern can be prevented from being reflected in the captured image.

  In addition, the wristband is equipped with a conductor so as to go around the band, and conduction can be confirmed by supplying a minute current. When the wrist band type device is attached and detached, the fitting portion 106 for opening and closing the band portion is also a joint portion of the conducting wire, and when the band portion is closed, it becomes conductive and becomes open when it is opened. This conduction state can be electrically checked by the computing device of the wrist band type device body. The length of the band is adjustable according to the thickness of the individual's wrist, and at the time of initial setting, it is adjusted so as not to easily come off the arm. By using a material having resistance as the material of the wire, the resistance value increases according to the length of the wire, and by utilizing this characteristic, it is possible to electrically measure the entire circumferential length of the band portion. . If the resistance value is stored at the time of registration of the authentication data, it is possible to extend the band portion after the registration and make it easy for the user to easily pull out from the arm, thereby preventing lending to an unauthorized third party. Specifically, when there is a change in resistance value confirmation, authentication can not be performed.

  FIG. 2 is a schematic diagram of the device configuration of FIG.

  The operation unit 200 built in the device body is further composed of a CPU 201, a memory 202, a secret storage area 203, and an interface (I / F) 204, which are mutually connected by an internal bus. These may be mutually connected by a dedicated bus for the purpose of speeding up and the like.

  The CPU 201 is an arithmetic device that executes a program. The CPU also executes an authentication process described later.

  The memory 202 stores the processing program main body and data necessary for the processing. Although data to be held permanently is not described in the drawing, it can also be connected to a recording medium such as a flash memory to perform writing and reading.

  The secret storage area 203 is a special memory that can not be read from outside without knowing a special authority, typically a special access method using an encryption key, etc., and stores information with high protection priority such as vein pattern data of the user. Or, it is used for device authentication by the service provider described later.

The interface 204 is for connecting the arithmetic unit and various other functional blocks to exchange data. For example, when connected to the communication unit 205, various types of communication can be performed from the arithmetic unit. As the type of communication, data may be exchanged with a device set as a parent device such as a smartphone, or information may be obtained by directly connecting to the Internet. Also, communication may be performed with a security device that can communicate wirelessly. For example, if you adopt a process such as Public Key Infrastructure (PKI), using a secret key hidden in the device to prove that this device has the right to access PKI protected information and services. Can make reliable transactions. Specifically, at the time of shopping, just by bringing the wristband type device closer, it is possible to securely complete a transaction based on the payment authority associated with the device. It is desirable that the key in the above-mentioned PKI is strictly managed in the secret storage area 203 and can not be easily modified even by the owner of the device.
A functional block for performing personal authentication using the vein pattern of the wrist is connected to the calculation unit 200 via the interface 204.

  The image input unit 206 is connected to the camera 104, captures the vein pattern of the wrist 300, and transmits the image as digital data to the computing unit.

  The image input unit 206 has a function of converting the output signal of the camera into a format that can be easily handled by the operation unit. The photographed image is stored in the memory 202, and the CPU 201 processes it. At this time, the light source 105 connected to the light amount control unit 207 irradiates light to the wrist, and a program executed by the CPU 201 performs feedback control of the output of the light source so that the vein pattern becomes clearest in the photographed image.

  The light amount control unit 207 has a function of adjusting the amount of electrical energy to be output by PWM (Pulse Width Modulation) control or the like so that the light source emits light at an intensity corresponding to the designated value.

  Further, the above-mentioned band fitting portion 106 is similarly connected via the interface 204 so that the wearing state on the wrist can be constantly monitored from the calculation portion.

  FIG. 2 also shows various sensors for detecting the mounting state more diversely and accurately. The touch sensor 208 detects contact of the band with the wrist, and the distance sensor 209 detects how far away from the wrist it is. A biometric sensor 210 for use in another embodiment is also described herein.

  The touch display 101 is used to input an instruction from the wristband type device wearing user and to present information.

  FIG. 3 is a view showing an example of a use form of the present invention. Specifically, it is assumed that the user authentication is performed in the operation of attaching the wristband type device to the wrist, and the arm 300 is drawn with the palm side facing upward.

Line 301 represents a vein, which extends across the wrist to form a large mesh pattern throughout. It is known that this mesh pattern has individual differences, and individual identification is possible by the difference in pattern shape. However, the veins at this site are thick, the distance between multiple veins is several millimeters to several centimeters, the curvature radius of the veins is large, and it is not uncommon for the distance between branches to be several centimeters as well. Therefore, simply observing the vein pattern in the range of about the width of the band portion does not sufficiently include information such as the positional relationship between veins characterizing the individual, bending, and bifurcation. Therefore, in order to obtain sufficient accuracy, it is necessary to image a relatively wide range of vein patterns as indicated by 302 in the figure.
Therefore, in order to capture a vein pattern in a wide range, the distance from the wrist is taken and captured by a wide-angle camera. The camera itself has been miniaturized in recent years, and can be accommodated in a wristband type device as shown in FIG. In addition, by selecting a wide-angle camera lens, the entire wrist can be photographed even if the distance from the wrist is several centimeters or so.

  The wide-angle camera in the present invention means a camera capable of photographing a wide range even if the distance between the camera and the subject is short, that is, capable of wide-angle photographing. By attaching a lens suitable for wide-angle shooting to the camera, it becomes a wide-angle camera. However, a lens that can shoot a wide range with a short subject distance adversely affects the image quality such as distortion of the captured image and lack of brightness around, so the entire wrist can be photographed and the operation with the wrist is performed without inconvenience. It is necessary to adopt an appropriate lens that can reduce the distance. In addition, a dedicated light source is prepared around the camera and illuminated toward the wrist in order to clearly capture the vein pattern. Hemoglobin in the blood flowing through veins has the property of absorbing near infrared rays, and when the near infrared rays are applied to the wrist, light penetrates from the epidermis to the skin subcutaneously and light is returned by back scattering. It is attenuated by absorption and appears relatively dark. This characteristic makes it possible to capture a vein pattern with good contrast. In the case of such a reflected light imaging method, not only return light that penetrates and backscatters inside the living body, but also light that is reflected by the epidermis and returns regardless of the presence of veins, which is the contrast of the vein pattern In some cases, the accuracy of authentication may be affected by lowering The veins on the wrist are thicker than veins on the palms and fingers of the tip and the skin is relatively thin, so the backscattered light is strong and it is easy to obtain high contrast even with the reflected light method. For example, the influence of reflected light may be suppressed by combining polarization filters. In addition, when intense light strikes like a spot, the light spot may adversely affect the extraction of vein pattern features, so a diffusion plate is placed between the light source and the wrist so that the light is emitted dispersed throughout the wrist. It is good to arrange etc.

  FIG. 4 is a view showing the structure of the wristband type device at the time of wearing and in a steady state.

  As described above, FIG. 3 assumes a case where personal identification is performed when the wristband type device is worn on the wrist. In this case, at the time of wearing, as shown in FIG. 4, first, one side (here, the side with the main body 100) of the band portion 103 is in close contact with the back side of the wrist, and then the fitting on the palm side A procedure is taken to recombine the band parts separated in the part 106. At this time, the material of the portion 401 in the wrist band type device with a built-in camera has a hardness that does not break its shape, and the camera built-in portion is designed to operate with the joint 402 in the band as a fulcrum It is desirable to do. By doing so, it is possible to create a situation in which the camera portion is located directly above the wrist at the time of wearing and at the same time the distance between the wrist and the camera is secured. By performing authentication at the moment of installation, the user using the wristband type device can incorporate the authentication operation into the natural operation at the time of installation without any extra operation for performing authentication.

At this time, with the band portion opened to the maximum, the camera is directed to the wrist, focused, and the direction of the light source is specified so that the light is correctly emitted there (from the camera and the light source shown in FIG. By extending the arrow, it is possible to obtain a vein photographed image of the same distance and the same angle of view by simply opening the band portion at the maximum at the time of wearing. At this time, if a mechanism for temporarily locking the rotation of the band portion at the maximum position is provided, the shake of the camera unit at the time of authentication can be suppressed, more stable photographing can be performed, and highly accurate authentication can be performed. .

  When the authentication is successful, the touch sensor 400 provided on the main body side of the band unit determines the contact state with the arm. If the band is closed while this contact state is maintained, and conduction can be detected due to the joining of the fitting portion 106, it is considered that the user has correctly installed the device, and the control authority of the wristband type device is expanded. Do.

  Here, confirmation by the touch sensor 400 is necessary because the possibility of illegally lending to a third party is taken into consideration after the person wears and authentication is successful. That is, the touch sensor 400 is used to detect attachment / detachment of the device from the arm that occurs when the wristband device is lent. At this time, with only one touch sensor with a small area as shown in the figure, for example, place the finger of a third person on the touch sensor, make it appear as if touching the arm, and authenticate with the registrant's own wrist vein. There is a possibility that it will be an escape route in a way that a third party leaves it with the finger on. Therefore, a plurality of touch sensors or a large-area touch sensor capable of detecting contact in the form of a surface is equipped all over the band portion of the wristband type device, and it is illegal to strictly detect that it is wound around the wrist. Risk can be further reduced.

  In addition to this, it is possible to combine the sensors in various ways, or confirm that the wrist vein pattern captured by the camera for authentication is continuously captured and continued until the band is closed, etc. It is possible to accurately detect that the device has not moved from the arm.

  Here, the expansion of the control authority of the device body is specifically a mode switching that extends the service that the device can support (sometimes called activation). For example, at the time of settlement such as shopping, only a small amount of prepaid can be used, but in this extended state, it is possible to make an expensive settlement using a credit function. By performing the authority expansion as a result of the person authentication, even for a service that is not desired to be executed by persons other than the person, it is possible to use the service safely and without trouble just by wearing the device.

  When the device enters the control authority expansion state, the display 101 displays an indicator indicating that the authority is expanded, and the user can confirm the state of the control authority at any time. On the other hand, when the wrist band type device is removed, the touch sensor 400 can not detect the arm, and the fitting portion 106 is also disconnected. Therefore, one or both of them are detected to immediately invalidate the control authority expansion. . By this, even if the wristband device is stolen by someone, the control authority is immediately revoked, and the damage can be minimized.

  FIG. 5 is a modification of the wrist vein authentication shown in FIG. In the configuration of FIG. 3, it is assumed that the mounting operation and the authentication are integrated, and if authentication is successful once at the time of mounting, the state in which the control authority is expanded is maintained during the mounting. In this way, special operations related to the extension of authority are omitted, and convenient usability is provided.

  However, depending on the application, there are also cases where it is desired to be able to extend or revoke the authority at any time at the discretion of the user. The form of FIG. 5 makes it possible, and in the state of wearing the wristband type device, the operation of pulling on a part of the band part enables the authentication and the authority extension by the vein pattern of the wrist to be performed at any time.

  In the configuration example shown in FIG. 5, a part of the band part is constituted by the expandable member 500, and when the part of the band part is pinched and pulled from the mounted steady state, the camera part is separated from the wrist; A distance suitable for imaging a vein pattern is reached.

  The extension length of the member 500 is adjusted so that the member 500 does not extend when the camera portion reaches the proper position, so that the user does not pass through the proper position even if pulled by force. In addition, a handle 501 can be attached to part of the band portion so that the user can easily understand where to pull in the band portion. The use of the handle 501 has the effect of making it easier for the user to grasp the band portion, and by arranging the handle near the camera portion, it is possible to match the portion grasped with a finger with the camera portion It is possible to more accurately match the limit distance and the proper shooting distance on the camera side.

  On the other hand, by making the member 500 an elastic material such as a spring, if the authentication is completed, it can also be returned to the original position autonomously. In this way, authentication can be performed by a simple operation such as pulling the band with a finger to perform authentication, and then releasing the finger.

  In the above-mentioned form, when the band portion is pulled, the ring spreads, and at that moment, the wrist band type device can be easily pulled out from the arm. Therefore, during authentication, stillness detection is performed based on the basic principle of confirming that there is no significant change in the captured image by the above-described touch detection by the touch sensor 400 or continuous shooting of the authentication camera, and It is desirable to set so that control authority extension is not performed if extraction is permitted.

  The switching of the control authority extension state is not necessarily synchronized with the authentication operation. That is, once in the expanded state and then the continuous mounting is confirmed, the expansion and the release may be mutually transferred only by the button operation while the mounting is continued. As a result, the user can freely and easily set the usage permission period of the wristband type device as the personal identification means.

  FIG. 6 is an example of a form further derived from FIG. The band portion has a two-layer structure so that only the camera portion is separated independently so that when the camera portion is pulled from the band portion, the ring is expanded and the device can not physically be pulled out from the arm. In order to form a two-layer structure, a single layer 600 of the band is left on the wrist, making it difficult to remove the band portion from the arm, and whether or not wearing is continued can be confirmed by conduction.

  On the other hand, the presence of the first layer member may adversely affect the imaging of the vein pattern on the wrist. Specifically, if the material 600 is an opaque material, the vein pattern will be hidden by the thickness of the band portion. Accurate authentication is difficult when part of the pattern is largely lost.

  Therefore, the first layer 600 is made of a transparent material so that a vein pattern can be seen. Alternatively, by configuring the first layer 600 with a very thin wire or the like, the area of the pattern to be hidden is minimized, and the deterioration of the authentication accuracy is suppressed. Alternatively, by setting the wire portion to a special color or pattern, it is possible to easily detect the wire portion using a specific color or pattern when taking a vein pattern, and the portion is selected from the pattern matching target at the time of authentication. The explicit exclusion can further improve the accuracy.

  The same process is also effective when the first layer 600 is made of a transparent material, and even the transparent material is excluded as it is likely to appear as a line at the end portion. If the rigidity of the member connecting the first layer and the second layer is high enough, the first layer seen in the captured image of the camera always looks the same position, so remember the part where the border of the transparent material is reflected in advance By setting, it is possible to detect the part that hits the boundary by calculation. It is also possible to detect the wire portion in the same manner.

  FIG. 7 is an example of a flowchart of an authentication program executed by the operation unit of the wristband type device for realizing the usage mode described above. In particular, the flow of processing conforms to the usage form of FIG. 3.

  A process 701 indicates a start point of the authentication program, and initialization is performed in a process 702. In the initialization process, the terminal's operation system is activated, applications and various functional blocks are initialized, and the terminal's original functions other than authentication can be executed.

  In the process 703, during or after the initialization process of the process 702, a self-check is performed as to whether the hardware or software of the device has been modified with respect to the state of the terminal involved in the authentication. As described above, for example, the band length of the band portion is extended while the power of the terminal is off, and activation is performed in a state in which it is easily removed from the arm. The purpose is to prevent unauthorized modification such as making it easier to hand over the device. Specifically, the continuity is checked with a wire whose resistance value changes according to the length, and the change is detected by storing the resistance value. Alternatively, at least one of a pair of joint parts joined to each other by the fitting portion 106 of FIG. 1 is movable on the band portion, thereby adjusting the size of the ring formed by the band portion. Uses a resistance value determined by the circumferential length of the wheel determined by the position of the joint component. In addition to this band length, the direction of the camera for authentication is reversed, and it may not be facing the outside of the band part, etc. Improper remodeling that the authentication may be successful even if it is not attached to the wrist of the person. Check

  In step 704, when the integrity of the device can not be confirmed as a result of step 703, the device activation itself and the authentication function are invalidated, and the user's biometric information is urged to be re-registered.

  Operation 705 checks if the device is worn on the arm. In the check, it is used for determination that the band portion forms a ring and there is conduction, that the touch sensor 400 is at a close distance to the arm, or the like. Since these checks always consume power and reduce the battery life of the device, they should be spaced in such a range that they do not overlook unauthorized attachment or detachment of the band, such as every second. Set up. If it is detected in the wearing check performed in this way that the band part is worn on the arm, nothing is done to return to the standby state, and the process 705 is repeated at a predetermined cycle.

  Although the example in FIG. 7 describes that the process 705 is performed after the process 703, the process 705 can be omitted under predetermined conditions. That is, the process 705 may be performed only when the control authority of the device is in the expanded activation state.

  In process 706, when it is detected in the process 705 that the device is not in the attached state, the authority expansion of the device in the control authority expansion state is invalidated immediately. At this time, a process of changing the authority state displayed on the display 101 to one indicating an invalid state may be performed together.

  In and after step 707, authentication using the vein pattern of the wrist is performed. However, it is not necessary to keep trying authentication all the way while the band part is out, and it is only necessary to process at an appropriate timing. This can eliminate unnecessary power consumption and the waste of trying authentication when it is clear that no veins on the wrist are seen. Not performing authentication under unnecessary conditions also has the effect of improving authentication accuracy. Here, the appropriate timing specifically refers to a state in which a part of the wristband device is close to the arm and the band portion is maximally open as shown in the left side of FIG. In this state, the wrist vein can be photographed with an appropriate illumination direction without blurring. It can be easily detected by providing a mechanism in which the contact is made when the joint 402 is maximally rotated.

  In step 707, the vein pattern of the wrist is photographed. As described above, basically, the light source 105 illuminates the wrist and the camera 104 captures an image. In a photographing method using such light, in the case where authentication is performed outdoors under the sun, the image quality is easily deteriorated due to the influence of external light. At this time, if artificial light sufficiently stronger than external light is given, the influence of the artificial light becomes dominant in the photographed image. Of course, when the light is intensified, the power consumption increases, so the light source is flashed at very short intervals and shooting with a camera with a short exposure time (about 1/1000 seconds), the effect of external light Can be reduced. In addition, from the viewpoint of operability, it is desirable that authentication can be performed without separating the camera unit too far. Wide-angle shooting is essential to capture the wrist as wide as possible at close range. However, in the case of wide-angle shooting, it is likely that the photographed image is distorted (barrel distortion or the like) or darker in the periphery of the image. This means that even if a slight shift between the camera position and the wrist occurs, the way in which the image being taken is distorted differs significantly, and the image as it is when the same wrist is taken, It becomes difficult to match the features extracted from.

  A process 708 is a process of normalizing the above-described distortion and brightness unevenness and extracting features. This process enables stable authentication. Note that the feature extraction process can be handled by a general process used in vein authentication technology.

  Similarly, in the captured image, in addition to the target vein pattern, information that is noise such as wrinkles in the background or the surface of the wrist is reflected. In the process 708, the authentication can be further stabilized by additionally performing a filtering process to remove it. Among them, the reflection of the wrist band type device itself can be used as a simple and highly accurate method of separating the background and the wrist. Details will be described later with reference to FIG.

  In process 709, the obtained vein pattern feature is compared with the vein pattern feature of the user registered in advance to determine the similarity. Specifically, it is determined whether the similarity between the obtained vein pattern feature and the vein pattern feature registered in advance exceeds a predetermined value. In the process, if it exceeds the predetermined value, the process proceeds to the process 710, otherwise loops to the process 705.

  In process 710, the control authority of the device is expanded, and a display indicating the state is displayed on the display 101, and the process loops to process 705. Although the authentication process is performed only once in the flowchart of FIG. 7, the processes 707 to 709 may be repeated several times. By doing so, the probability of false rejection of the person can be reduced. In this case, the repetition should be completed within a fixed time of about 5 seconds to 10 seconds, and it will be judged that there is a high probability that a third party, not the person, will try to impersonate and that attempts will not be made continuously. It is good to do.

  In the above-described flowchart, although the description has been made on the assumption of the use form of FIG. 3 or FIG. 4, the basic flow is common to the use form of FIG. 5. For example, when the device is in the attached state, the authentication processes 707 to 710 may be executed at the timing when authentication is desired. Of course, it may be set that the authentication process starts by automatically detecting that the camera unit is pulled by the handle 501 or the like. In this case, the handle 501 may be provided with a switch function, or the extendable and contractible member 500 may be provided with a mechanism for detecting the extension of the band portion. In any case, the CPU 201 detects a state in which the camera unit is pulled and automatically executes the authentication program.

  In addition, although the example in which all the processing is executed in the operation unit 200 of the wristband type device has been described above, there may be cases where sufficient CPU performance can not be prepared that can be incorporated in a small device. . Therefore, part of the processing that is loaded may be performed, for example, on a server on a larger smartphone or cloud. However, since the biometric information is the information to be protected, when transmitting outside the device, encrypt the information or divide the data so that individual units can not be identified and then allocate to different servers. It is necessary to devise to execute and integrate at the end.

  FIG. 8 is a diagram for explaining the process of removing noise information using the reflection of the wrist band type device itself in the process 708 described above. This figure shows an example of a wrist and vein pattern taken from a camera of a wristband device.

  In the captured image of this example, an arm 300 appears at the center, and a vein pattern 301 is seen above it, and portions other than the arm are unnecessary backgrounds for authentication. The band portion 103 is shown in this image, and the fitting portion 106 is also visible. Since the band portion does not exist in the normal background, it is possible to accurately determine that the portion in which the band portion is present is a boundary between the arm and the background by using the special feature.

  Although the band part only covers a part of the arm, the contour of the arm draws a smooth and continuous arc, so it is possible to accurately trace the edge continuously from the boundary part with the band part The arm area can be divided. A vein pattern is extracted from the arm region thus cut out and used for authentication.

  In the shooting example shown in FIG. 8, in order to fit the band portion to the largest size, taking advantage of the fact that the shot image of the camera is generally horizontally long, the image is shot with the arm in the vertical position. Regardless of this point of view, when emphasis is placed on the possibility of wide-ranging imaging of the vein pattern of the arm, the arm occupies the largest area of the arm in the captured image while imaging so that the outline of the arm fits. You may shoot in a form that appears to the side.

  In the first embodiment, a method is described in which the device is activated only when worn by the user by using biological information of the wrist that can be observed only when the wristband type device is worn. A method of determining that the person who wears the device is performing authentication will be described even if the information is not limited to the biological information of the part where the device is to be worn.

  In FIG. 9, in the wristband type device 100, authentication is performed using the information of the fingertip of another arm different from the worn arm.

  Although 102 in the drawing is a simple button switch at the time of the explanation of FIG. 1, an operation example is drawn on the assumption that the biometric authentication sensor 201 is embedded at that position. And this authentication sensor 201 will play the same role as the wrist vein authentication of the first embodiment.

  However, in this case, even if you are not the rightful owner of the wristband device, the person who wants to imitate wears the wristband device on his arm, and the right holder applies his fingertip to the authentication sensor for authentication. If successful, then the control authority extension will be maintained. In the case of an authentication method in which the right or wrong person does not take part in fraudulently, such as fingerprint authentication or the like which does not require life or death of the living body, there is a risk that the right holder's finger is cut off and stolen to make the authentication successful.

  Therefore, at the time of authentication by the authentication sensor 201, a mechanism capable of strictly determining whether the finger of the wearer is used is prepared.

  That is, in order to determine whether the wristband type device wearer is the finger or not, attention is paid to common biological information that can be observed anywhere on the individual's body. For example, heart rate and pulse can be detected from the change of the electric pulse and blood flow accompanying the beating of the heart, anywhere in the body from anywhere in the body. Therefore, when such biological information common to the body can be equally detected from the arm on which the wristband type device is attached and the fingertip used for authentication, it can be determined that the user is correctly authenticated. In particular, in the case of heart rate and pulse, it is necessary to be connected as a part of a living person, and even if a part of the living body is cut out, authentication is impossible.

  FIG. 10 is an example of the configuration of a wrist band type device for realizing the above. In addition to the touch sensor 400 already described, a heart rate and pulse sensor 1000 are provided on the surface of the band portion in contact with the arm. The sensor 1000 detects heart rate and pulse information from the worn arm.

  On the other hand, an authentication sensor 201 is incorporated on the front side of the device body. A sensor that can acquire heart rate and pulse at the same time as collecting biometric information that can identify an individual such as a fingerprint or a vein pattern is used. In the case of a fingerprint sensor, an optical sensor and a light emission source, which simplify the principle of pulse measurement of a pulse oximeter which is a medical measuring instrument, around or in part of a general capacitance sensor The pair may be compactly integrated. This allows fingerprints and pulse to be obtained simultaneously. Since this mounting method is different in measurement principle, there is an advantage that each biological information observation does not easily interfere with each other.

  Another authentication method is to use the vein pattern of the fingertip for authentication. The fingertip transmits or reflects near-infrared light, and the camera captures a vein pattern of the fingertip. Use this to authenticate your identity. At this time, since the near infrared light has a characteristic of absorbing hemoglobin in blood, the overall brightness of the photographed image of the fingertip changes in accordance with the amount of hemoglobin contained in the fingertip, that is, the blood volume. The blood flow is pulsated according to the pulsation of the heart, and the blood volume of the fingertip is similarly pulsated. Therefore, when the overall luminance of the photographed image of the fingertip is analyzed in time series, the pulse can be obtained.

  Therefore, if the vein of the fingertip is used for identity verification, the sensor for authentication and the sensor for pulse detection can be made common, and cost reduction can be achieved, and the pulse can be determined from the captured image itself used for identity verification. It is extremely reliable that the pulse information can be said to be that of the person.

  In this way, it is determined whether the heartbeat and pulse obtained from two places of the arm and the fingertip are detected from the same body. As a simple analysis method, there is a method of confirming that the pulses of two heartbeats are synchronized. In particular, in the case of a pulse, a delay occurs because the time of arrival of the blood is shifted due to the difference in distance from the heart depending on the site, but a cycle in which the blood volume increases or decreases is common. The waveform of the pulse can be further analyzed in detail, and information characterizing the individual can be extracted and collated to further confirm that it is information of the same physical body.

  The process flow is the same as the process flow described for the usage mode of the authentication process example 1, and only the specific method of the authentication process is different. Therefore, the attachment detection process of the band portion is common, and the control authority is expanded by performing the authentication process at the time of attachment, and the same applies to the point of being released when removed.

  With regard to the wristband type device described above, it is strictly determined whether the biometric information of the person who has the legitimate usage right of the device is correctly registered and further that the device is correctly associated with the information for identity verification output. Explain how to guarantee the system operation.

  The wristband type device of the present invention assumes that the device owner himself / herself performs registration of biometric information. However, in that case, it is difficult to guarantee that the information registered in the device is the user's own. More desirably, it is necessary for the service provider to deliver the process in which the user registers the biometric information and the identification information on the device one by one and guarantee the reliability of the information. If you do, it will take a lot of time and cost. There is a need for a method that can be checked more quickly and efficiently. Therefore, the registration of biometric information and personal identification information and the confirmation of their legitimacy are separated to improve efficiency.

  As described above, in the wristband type device of the present invention, when the device body is in the control authority expansion state, it can be determined with high probability that at least the person wearing the device has performed biometric registration. Therefore, when confirming the legitimacy, have the user set the control authority in advance in advance, and if it can be confirmed first, then general identity verification is carried out using a driver's license or an identification card such as a passport. It is only necessary to confirm that the information matches the identification information registered in the wristband device. Then, by writing a certified signature to the device, the destination can guarantee that the user is using it with two checks of the signature and the authority extension status, unless the device registration information is changed. Also for the authenticating side, it is not necessary to see registration work, and device authentication can be performed smoothly. At this time, if it is suspected that a fraudulent measure is taken, such as, for example, the wristband type device is adjusted to such a length as to easily come off the arm, authentication of the device may not be performed.

  Of course, there is no point in being able to easily rewrite registration information and signatures. As shown in the block diagram of FIG. 2, a secret storage area 203 is provided in the operation unit in the wristband type device. This storage area, like the widely used IC card, is physically and logically strictly protected, and some areas are set to require a special procedure that is not private to access Yes, encrypt and store data. By storing the biometric information and the identification information in the storage area 203, even if the main body is stolen, the biometric information can not be easily falsified or replaced. A part of the storage area 203 is provided with a storage area which can be read and written only by a specific service provider who intends to use the security function of the device, and the biometric information of the right person and the person representing the person for the device. If the operator confirms that the confirmation information is correctly linked, write a signature that proves that this device is trusted. This signature is protected from access by either the wristband device owner or any other third party. When the service provider who has made a signature provides a service that requires strict identity verification, in addition to whether or not the control authority has been expanded by identity authentication in the wristband type device, the service provider writes itself in the secret domain. We also check the signature. By authenticating the device itself in this way, it is possible to more effectively prevent impersonation of persons other than the person. This signature may be made individually by the service provider itself or may be signed by a publicly recognized certification body for the purpose of being shared by a plurality of providers.

  FIG. 11 is an example of an automatic ticket gate service using the device of the present invention. If the user wears this device and keeps the control authority expanded, communication is performed between the device and the ticket gate by the wireless circuit with secret, and there is no need to hold the card over the ticket gate. Pass through.

  Specifically, first, a request for a ticket check from the ticket gate arrives at the wristband type device, and the wristband type device checks whether it is a request from a service provider that has a contract. If so, the secret storage area 203 is accessed to read the signature written by the company corresponding to the service or the public certification organization commissioned by the company, and the device is in the control authority extended state. Together with the signature information indicating. The ticket gate analyzes the two pieces of signature information and provides services if both are recognized as legitimate. In this case, the user passes through without closing the gate, and charging is performed if it is necessary to charge the user.

  If identity verification is facilitated using such a wristband type device, there may be cases where identity verification can be used even in places or services that could not be applied because it takes a long time or an inconvenient operation can not be requested by the user. spread. In marketing, we collect various information indicating customer behavior and perform big data analysis, but the more reliable the information on who performed what kind of behavior, the more value-added analysis result may be obtained .

  In the above description, the wristband type device has been described as an example, but if the wristband type device is applied to the ankle or used in a more downscaled ring type device, etc., it is the same as the banded device. It goes without saying that it can be used.

  FIG. 12 is a schematic view of a ticketless entry service using a device according to the present invention. In this service, if you purchase tickets for trains and aircrafts and tickets for events at your home or store window in advance, you can get in and out just by wearing the wristband device of the present invention on the day of use. Becomes possible.

  Here, we will purchase an event ticket online at home and walk through an example of using a device to enter the venue. First, a user accesses a server 1202 of an internet site for purchasing tickets using a computer 1201 or a tablet terminal connected to the Internet at a window such as a home or a convenience store. The ticket purchase procedure basically conforms to a general method that is widely practiced at present. Next, from the home page screen, select the type of event you want to participate in, select the date and time of the event, decide the payment method such as credit card and transfer, and settle. At this time, it is possible to omit the input of personal information such as an address and an e-mail address by performing identity authentication using a wristband type device. If credit card information is linked to the device, input of payment information can be omitted. In this personal authentication, a communication means is provided between the wristband type device and the computer 1201 (a standard protocol such as Wi-Fi or Bluetooth (registered trademark) can be used), and data transfer is enabled through the application. Also, communication can be made directly or indirectly between the wristband device and the server 1202. In this state, the user performs the control authority expansion of the device by the method described above, whereby the most secure means is selected between the device 100 and the server 1202 and authentication is performed. For example, instead of transmitting the device ID information as it is, the unauthorized device can prevent the communication content from being intercepted or corrupted by encrypting it in some way or performing authentication using a challenge response method. In this way, if it is possible to confirm that the wristband type device is worn by the user and if it is possible to acquire the personal information authenticated by the wrist band type device, then the server is linked to it and issues a ticket corresponding to the requested event. . When the settlement is performed by the wristband device, a confirmation message is displayed on the device 100 so that the process is not performed regardless of the user's intention, and the confirmation operation is not performed on the message. It is possible to add a device to improve the security, such as not proceeding to settlement as much as possible.

  When ticket issuance is normally completed, the personal information authenticated by the wristband type device, ticket information (such as event type and date and time), and the identifier of the device are combined and stored in the database 1203 managed by the server 1202 . Since the personal information managed here only needs to be uniquely associated with the device 100, it is not necessary to include personal information itself such as a name and an address. In order to prevent inadvertent information leakage, it is recommended to limit the stored information to the minimum.

  On the day of the event, when the user wearing the wristband type device and in the control authority extended state approaches the ticket gate installed at the event hall, the communication as described using FIG. 11 is performed, and the identity verification is performed. Be done. The ticket gate sends to the server 1202 the identity verification information read from the wristband type device, the open event information, and the identifier of the wristband device type device. The server collates the information stored in advance in the database 1203 to determine whether the ticket is an authentic ticket, and transmits the collation result to the ticket gate. However, in the case of a large-scale event where determination via a network requires a certain communication time and a large number of visitors are concentrated at one time, there is a possibility that a large matrix will be formed at the ticket gate without being able to be processed. In this case, it is common to carry out a ticket gate every event, and the number of visitors per event is far smaller than the total number of visitors to be managed by the server. Even the ability can be fully stored and processed. Therefore, from the server 1202, only the data of the visitors for each event is installed in the ticket gate or installed in the event hall and downloaded to a computer that can be connected to the ticket gate at high speed, and the ticket is validated by that computer. Perform determination processing. Data is replaced for each event and can be processed locally, and the determination is realized with high-speed throughput with reduced communication time.

  According to the above method, when it is determined that the ticket is valid by the server or the ticket gate, the ticket gate responds by displaying a message to that effect or notifying by a lamp, a sound, or the like. If it is determined to be invalid, an alarm is issued, and if necessary, a physical barrier such as a flapper gate prevents the user from passing. However, in the ticket gate according to the present invention, it is not necessary for the user to put on a conventional medium such as paper or card to a predetermined position. There is a problem that it is difficult to understand why the control authority of the band type device is not expanded or the reason why the wrist band type device itself is defective or invalidated. Therefore, the reason for the invalidity is more specifically notified using the screen of the ticket gate or the voice announcement.

  Various other functions can be provided using the device of the present invention. For example, it is possible to log in by simply holding a wristband device with expanded control authority over an office or home computer. If the device exists in close proximity to the computer in the control authority extended state, automatically connect to the various servers that require authentication from that computer during that time as well as connecting with the authority of the person. You may make it permit. In addition, the screen can be automatically locked when the device is separated from the computer by a predetermined distance or more, the system can log out of the system, and the system can automatically log in when approaching. The distance to the device can be measured, for example, by the communication radio wave strength between the wristband device and the computer.

  Similarly, the present invention is applicable not only to computers, but also to payment terminals of stores, automatic teller machines (ATMs) of banks, or applications such as automobiles and homes. If the control authority is in the expanded state, the electronic money function can be provided with a higher credit limit than the present, or if it approaches the ATM, cash can be dropped simply by entering the amount, and the convenience is enhanced. Be Of course, it can also be used as a key for cars and homes.

  As described above, according to the present invention, an ID transmitting device can be realized which can more accurately determine that the user is wearing the device, and such as inputting of a personal identification number as compared with the conventional ID card etc. It is possible to eliminate various troublesome procedures which have been forced on the user for the purpose of stricter identification.

103: Band unit 104: Imaging unit 105: Light source unit 201: CPU 202: Memory 203: Storage area

Claims (6)

In a biometric authentication device including a band unit attached to a wrist,
A light source unit that emits light of a predetermined wavelength band toward the inside of the ring formed by the band unit;
An imaging unit that performs wide-angle imaging of the inside of the ring formed by the band unit;
A storage unit that stores feature quantities of vein patterns;
The image processing unit extracts a feature of a vein pattern from the image captured at a wide angle, compares the extracted feature with the feature stored in the storage unit, and as a result of the comparison, the similarity has a predetermined value If it exceeds, a CPU that executes control to activate the biometric authentication device;
A moving mechanism for moving the imaging unit far from the wrist by a predetermined operation;
Equipped with
The movement mechanism includes a mechanism for temporarily restricting the movement of the imaging unit at a position at which the imaging unit is moved a predetermined distance away from the wrist.
The moving mechanism is formed by using the band portion as an elastic body,
The biometric authentication device according to claim 1, wherein the predetermined distance is set such that a limit distance of the expansion and contraction pad of the band unit is set such that a position of the imaging unit is an imaging appropriate position . In the biometric authentication device according to claim 1,
The band section further includes a mounting confirmation section for detecting whether or not the band section is closed by forming a ring on the outer edge of the wrist,
When the closed state is detected, the CPU executes control to maintain the activated state of the biometric device, and the band portion forms a ring at the outer edge of the wrist and is not closed. A biometric authentication apparatus characterized by executing control to release the activation state of the biometric authentication apparatus when it is detected. In the biometric authentication device according to claim 2 ,
The predetermined portion of the band portion forms a double structure,
The biometric authentication device according to claim 1, wherein the CPU extracts the image information of the band portion included in the captured image in the processing of extracting the feature of the vein pattern from the captured image. An entrance management system comprising the biometric authentication device according to claim 1, a server, and an entrance gate device,
The server stores a biometric authentication device identifier, and
A search unit for searching the DB for the identifier of the biometric authentication device received from the entrance gate device;
A transmitting unit for transmitting the result of the search to the entrance gate device;
The entrance gate device receives the identifier of the biometric authentication device from the biometric authentication device in the activated state, and transmits / receives the identifier to the server;
And a control unit configured to control opening and closing of the gate based on the information received from the server. An entrance management system comprising the biometric authentication device according to claim 1 and an entrance gate device.
The entrance gate device stores a identifier of a biometric authentication device;
A receiver for receiving an identifier of the biometric device from the activated biometric device;
A search unit configured to search the received identifier from the DB;
And a control unit that controls the opening and closing of the gate based on the result of the search. In an entrance management method using the biometric authentication device according to claim 1 and an entrance gate device,
The entrance gate device receives an identifier of the biometric device from the activated biometric device,
The received identifier is retrieved from the DB in which the identifier of the biometric device is stored,
Controlling the opening and closing of the gate based on the result of the search.

Images