JPH0363865A - Device for preventing unauthorized use of password - Google Patents
Device for preventing unauthorized use of passwordInfo
- Publication number
- JPH0363865A JPH0363865A JP1201644A JP20164489A JPH0363865A JP H0363865 A JPH0363865 A JP H0363865A JP 1201644 A JP1201644 A JP 1201644A JP 20164489 A JP20164489 A JP 20164489A JP H0363865 A JPH0363865 A JP H0363865A
- Authority
- JP
- Japan
- Prior art keywords
- password
- correlation
- correlation value
- pin
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000001514 detection method Methods 0.000 claims abstract description 14
- 230000002265 prevention Effects 0.000 claims description 7
- 230000001186 cumulative effect Effects 0.000 claims description 6
- 238000012795 verification Methods 0.000 claims description 2
- 238000009825 accumulation Methods 0.000 abstract 1
- 238000010586 diagram Methods 0.000 description 4
- 238000004891 communication Methods 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 1
- 238000000034 method Methods 0.000 description 1
Landscapes
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
Description
【発明の詳細な説明】
〔産業上の利用分野〕
本発明は、暗証番号の照合と、不正使用を防止する暗証
番号防止装置に関する。DETAILED DESCRIPTION OF THE INVENTION [Field of Industrial Application] The present invention relates to a password prevention device that verifies a password and prevents unauthorized use.
従来、暗証番号の不正使用防止装置は、誤った暗証番号
が入力された回数により判断し、1回の使用当たりの誤
入力回数制限、又は1日当たりの誤入力回数制限と累計
の誤入力回数制限により不正使用と判断し、暗証番号の
効力を無効としていた。Conventionally, devices to prevent unauthorized use of PIN numbers determine the number of incorrect PIN entries, and limit the number of incorrect entries per use, or limit the number of incorrect entries per day, and limit the total number of incorrect entries. It was determined that the password had been used fraudulently, and the PIN was invalidated.
上述した従来の暗証番号の不正使用防止装置では、誤入
力の累計制限があるため、正規の使用者の記憶違いや、
キータッチミスといった軽度な誤入力を累計してしまい
、正規の使用者に対しても暗証番号の効力を失わせてし
まうという欠点があった。With the conventional PIN unauthorized use prevention device described above, there is a limit on the cumulative number of incorrect inputs, so it is possible for the authorized user to misremember,
This system has the drawback of accumulating minor input errors such as key touch errors, making the password invalid even for authorized users.
本発明の目的は、ががる欠点を解消する暗証番号の不正
使用防止装置を提供するものである。SUMMARY OF THE INVENTION An object of the present invention is to provide a device for preventing unauthorized use of a personal identification number, which eliminates the disadvantage of being lost.
本発明の暗証番号の不正使用防止装置は、入力された暗
証番号の照合結果が不一致である回数が一定回数に達す
ることにより不正使用と判断し、前記暗証番号の効力を
無効とする暗証番号の不正使用防止装置において、入力
される前記暗証番号と登録番号とを照合する照合手段と
、正しい番号と誤り番号との相関値を求める相関検出回
路と、この相関値の大小により不一致回数の累計を調整
する手段とを備え構成される。The device for preventing unauthorized use of a PIN number of the present invention determines that the PIN number has been used fraudulently when the number of times that the verification results of the input PIN number do not match reaches a certain number of times, and sets the PIN number to invalidate the effectiveness of the PIN number. The unauthorized use prevention device includes a collation means for collating the entered PIN number and the registration number, a correlation detection circuit for determining the correlation value between the correct number and the erroneous number, and a correlation detection circuit that calculates the cumulative number of discrepancies based on the magnitude of the correlation value. and means for adjusting.
次に、本発明について図面を参照して説明する。 Next, the present invention will be explained with reference to the drawings.
第1図は本発明の第1の実施例を示す暗証番号の不正使
用防止回路のブロック図である。この暗証番号の不正使
用防止回路は、同図に示すように、CPU4にバス形式
で接続されるキーバッド1とカードリーダ2と相関検出
回路3と、CPU4に通信回線で接続されるホストコン
ピュータ5とで構成される。FIG. 1 is a block diagram of a circuit for preventing unauthorized use of a personal identification number, showing a first embodiment of the present invention. As shown in the figure, this PIN number unauthorized use prevention circuit includes a keypad 1, a card reader 2, a correlation detection circuit 3, and a host computer 5 connected to the CPU 4 via a communication line. Consists of.
次に、この暗証番号の不正使用防止回路の動作を説明す
る。まず、使用者は、カードリーダ2にカードを挿入し
、キーバッド1で暗証番号を入力する。カードリーダ2
はカードに入っている暗証番号と累積不一致回数を読み
取りCPU4に送る、または、カードリーダ2はカード
に入っている識別番号を読み取り、CPU4がホストコ
ンピュータ5へ識別番号を送信し、ホストコンピュータ
5に登録された暗証番号と累積不一致回数とCPU4に
より受信する。CPU4はカードにより得られた暗証番
号と、キーバッド1で入力された暗証番号とを、相関検
出回路3に送り、相関検出回路3は両者の相関値を算出
し、CPU4へ送る。CPU4は相関値が1.0、つま
り全く同じであれば、正規の使用者と判断し、相関値が
1.0未満であれば不正使用者か正規の使用者の誤操作
と判断して、1.0から相関値を減じた値を不一致回数
として累積し、累積された不一致回数をカード、又は、
ホストコンピュータ5に記憶させ、使用者に対し再度の
キー人力を要求する。使用者は再び前述の操作を行い、
装置は同様の動作をする。ここで、相関値の求め方は、
例えば、入力される暗証番号及び登録番号を二値化して
、登録番号のビット数を分母とし、入力された正しい暗
証番号部分のビット数を分子として相関値を求める方法
を採用しているが、数字キーの配列により、登録番号に
近い数字については重みを付け、相関値が高くなるよう
にし、キー操作ミスによる暗証番号の入力ミスをカウン
トすることを軽くすることを加味している。このように
、相関値の累積値の所定値を求め、その相関値を調整す
ることによって使用者の記憶違いや、ミス操作による入
力暗証番号での無効となることを救済し得た。尚、相関
検出回路は、ソフトウェアで実現することも可能である
。Next, the operation of this PIN number unauthorized use prevention circuit will be explained. First, the user inserts the card into the card reader 2 and inputs the password using the keypad 1. card reader 2
reads the PIN code on the card and the cumulative number of discrepancies and sends it to the CPU 4, or the card reader 2 reads the identification number on the card, and the CPU 4 sends the identification number to the host computer 5. The CPU 4 receives the registered password and the cumulative number of discrepancies. The CPU 4 sends the password obtained from the card and the password input using the keypad 1 to the correlation detection circuit 3, and the correlation detection circuit 3 calculates a correlation value between the two and sends it to the CPU 4. If the correlation value is 1.0, that is, they are exactly the same, the CPU 4 determines that the user is an authorized user, and if the correlation value is less than 1.0, it determines that it is an unauthorized user or an erroneous operation by the authorized user. The value obtained by subtracting the correlation value from .0 is accumulated as the number of disagreements, and the accumulated number of disagreements is displayed on the card or
The key is stored in the host computer 5 and the user is requested to manually enter the key again. The user performs the above operation again,
The devices operate similarly. Here, how to find the correlation value is
For example, a method is adopted in which the input PIN and registration number are binarized and a correlation value is calculated using the number of bits of the registration number as the denominator and the number of bits of the correctly input PIN as the numerator. The arrangement of the numeric keys gives weight to numbers close to the registration number so that the correlation value becomes high, thereby reducing the number of errors in entering the password due to key operation errors. In this manner, by determining a predetermined cumulative value of correlation values and adjusting the correlation value, it is possible to relieve the user from remembering incorrectly or inputting a password that is invalid due to an erroneous operation. Note that the correlation detection circuit can also be realized by software.
第2図は本発明の第2の実施例を示す暗証番号の不正使
用防止装置のブロック図である。この暗証番号の不正使
用防止装置は、キーバッド1とカードリーダ2と相関検
出回路3と判定回路6はバス形式でCPU4に接続され
、相関検出回路3の出力は判定回路6に接続され、CP
U4は通信回線でホストコンピュータ5に接続されてい
る。FIG. 2 is a block diagram of a device for preventing unauthorized use of a personal identification number, showing a second embodiment of the present invention. In this PIN unauthorized use prevention device, a keypad 1, a card reader 2, a correlation detection circuit 3, and a judgment circuit 6 are connected to a CPU 4 in the form of a bus, and the output of the correlation detection circuit 3 is connected to a judgment circuit 6.
U4 is connected to the host computer 5 via a communication line.
この実施例では、判定回路6により相関度の高さを判定
し、相関度の高い不一致(例えば相関度0195以上)
については不一致として扱わない事が可能になり、正規
の使用者の単純な誤入力に対する保護能力がより向上す
るという利点がある。In this embodiment, the determination circuit 6 determines the degree of correlation, and a mismatch with a high degree of correlation (for example, a degree of correlation of 0195 or more) is determined.
This has the advantage that it is not treated as a mismatch, and the ability to protect against simple erroneous input by authorized users is further improved.
尚、判定回路は、ソフトウェアで実現することも可能で
ある。Note that the determination circuit can also be realized by software.
以上説明したように本発明は、誤りと正しさとの相関値
を求める相関検出回路を設けることによって、使用者の
記憶違いや、キータッチミスといった軽度の誤入力によ
る暗証番号の失効を救済する暗証番号の不正使用防止装
置が得られるという効果がある。As explained above, the present invention provides a PIN code that can save a PIN number from being invalidated due to a user's misremembering or a minor erroneous input such as a key touch error by providing a correlation detection circuit that finds a correlation value between errors and correctness. This has the effect of providing a device for preventing unauthorized use of numbers.
第1図は本発明の第1の実施例を示す暗証番号の不正使
用防止装置のブロック図、第2図は本発明の第2の実施
例を示す暗証番号の不正使用防止装置のブロック図であ
る。
1・・・キーバッド、2・・・カードリーダ、3・・・
相関検出、
4・・・CPU、
5・・・ホストコンピュータ、
・・・判定回路。FIG. 1 is a block diagram of a device for preventing unauthorized use of a PIN number showing a first embodiment of the present invention, and FIG. 2 is a block diagram of a device for preventing unauthorized use of a PIN number showing a second embodiment of the present invention. be. 1...Keypad, 2...Card reader, 3...
Correlation detection, 4...CPU, 5...Host computer,...Judgment circuit.
Claims (1)
定回数に達することにより不正使用と判断し、前記暗証
番号の効力を無効とする暗証番号の不正使用防止装置に
おいて、入力される前記暗証番号と登録番号とを照合す
る照合手段と、正しい番号と誤り番号との相関値を求め
る相関検出回路と、この相関値の大小により不一致回数
の累計を調整する手段とを備えることを特徴とする暗証
番号の不正使用防止装置。The PIN that is input in a PIN unauthorized use prevention device that determines that the PIN has been used fraudulently when the number of times that the input PIN does not match the verification result reaches a certain number of times, and invalidates the validity of the PIN. and a registration number; a correlation detection circuit for determining a correlation value between a correct number and an error number; and a means for adjusting the cumulative number of discrepancies based on the magnitude of the correlation value. Device to prevent unauthorized use of numbers.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP1201644A JPH0363865A (en) | 1989-08-02 | 1989-08-02 | Device for preventing unauthorized use of password |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP1201644A JPH0363865A (en) | 1989-08-02 | 1989-08-02 | Device for preventing unauthorized use of password |
Publications (1)
Publication Number | Publication Date |
---|---|
JPH0363865A true JPH0363865A (en) | 1991-03-19 |
Family
ID=16444504
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
JP1201644A Pending JPH0363865A (en) | 1989-08-02 | 1989-08-02 | Device for preventing unauthorized use of password |
Country Status (1)
Country | Link |
---|---|
JP (1) | JPH0363865A (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPH0799489A (en) * | 1993-05-11 | 1995-04-11 | Nec Corp | Method and device for controlling password |
JP2003067686A (en) * | 2001-08-29 | 2003-03-07 | Toppan Forms Co Ltd | Authentication method, authentication system and reader-writer system for ic card and ic card used in them |
WO2004066159A1 (en) * | 2003-01-20 | 2004-08-05 | Fujitsu Limited | Authentication information processing method |
-
1989
- 1989-08-02 JP JP1201644A patent/JPH0363865A/en active Pending
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPH0799489A (en) * | 1993-05-11 | 1995-04-11 | Nec Corp | Method and device for controlling password |
JP2003067686A (en) * | 2001-08-29 | 2003-03-07 | Toppan Forms Co Ltd | Authentication method, authentication system and reader-writer system for ic card and ic card used in them |
WO2004066159A1 (en) * | 2003-01-20 | 2004-08-05 | Fujitsu Limited | Authentication information processing method |
US7480932B2 (en) | 2003-01-20 | 2009-01-20 | Fujitsu Limited | Authentication information processing method, program, and device |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
KR100440372B1 (en) | Secure system using continuously-changing features of a body part as a key | |
JP4395263B2 (en) | Apparatus and method for biometric identification of a person | |
US7877612B2 (en) | System and method for controlling user access to an electronic device | |
EP0157303A2 (en) | Data processing device | |
JP2001344213A (en) | Living body certification system | |
WO2001042938A1 (en) | Personal authentication system and portable electronic device having personal authentication function using body information | |
US6775398B1 (en) | Method and device for the user-controlled authorisation of chip-card functions | |
US10805290B1 (en) | Compliance and audit using biometric tokenization | |
US20100115583A1 (en) | Method for fault-tolerant user information authentication | |
CA2105404A1 (en) | Biometric token for authorizing access to a host system | |
JPS6310839A (en) | System and method for data communication | |
JPH0619568A (en) | Data input controller | |
US20040264746A1 (en) | System and method for performing personal identification based on biometric data recovered using surface acoustic waves | |
CN100412840C (en) | User identification with improved password input method | |
JP2002512409A (en) | Electronic device and method for authenticating a user of the device | |
US20040218789A1 (en) | Fingerprint reader using surface acoustic wave device | |
JPH0363865A (en) | Device for preventing unauthorized use of password | |
JPH1115900A (en) | Password authentication system and recording medium recording processing procedure of the system | |
JP2002230553A (en) | Individual authentication device | |
JP4868643B2 (en) | Authentication system for input operation of personal authentication data recording medium | |
JP2002091921A (en) | Method and device for authentication | |
US20070047776A1 (en) | Authentication method, authentication system, program and computer readable information recording medium | |
JPH09212458A (en) | Password authenticating method | |
JP2008146138A (en) | Biometrics device, biometrics system, and biometrics method | |
JPH03204769A (en) | Collating method for identification number |