KR101853270B1 - Authentication method for portable secure authentication apparatus using fingerprint - Google Patents

Authentication method for portable secure authentication apparatus using fingerprint Download PDF

Info

Publication number
KR101853270B1
KR101853270B1 KR1020150022978A KR20150022978A KR101853270B1 KR 101853270 B1 KR101853270 B1 KR 101853270B1 KR 1020150022978 A KR1020150022978 A KR 1020150022978A KR 20150022978 A KR20150022978 A KR 20150022978A KR 101853270 B1 KR101853270 B1 KR 101853270B1
Authority
KR
South Korea
Prior art keywords
fingerprint
moc
smart card
image
information
Prior art date
Application number
KR1020150022978A
Other languages
Korean (ko)
Other versions
KR20160101249A (en
Inventor
나경필
길용석
김문철
김명하
Original Assignee
에코스솔루션(주)
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 에코스솔루션(주) filed Critical 에코스솔루션(주)
Priority to KR1020150022978A priority Critical patent/KR101853270B1/en
Publication of KR20160101249A publication Critical patent/KR20160101249A/en
Application granted granted Critical
Publication of KR101853270B1 publication Critical patent/KR101853270B1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3234Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
    • G06K9/00013
    • G06K9/00067
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3231Biological data, e.g. fingerprint, voice or retina
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Health & Medical Sciences (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Biodiversity & Conservation Biology (AREA)
  • Biomedical Technology (AREA)
  • General Health & Medical Sciences (AREA)
  • Collating Specific Patterns (AREA)

Abstract

The present invention relates to a security authentication method of a portable security authenticator employing a fingerprint authentication method, and more particularly, to a security authentication method of a portable security authenticator using a bio registration / authentication manager program, On-card match fingerprint recognition algorithm of the smart card is performed on the inputted fingerprint information to authenticate the user and personal information and stored data can be used through the wired / wireless interface with the smartphone / tablet for the authenticated user To a security authentication method of a portable security authenticator employing a fingerprint recognition method.
A security authentication method of a portable security authenticator having a fingerprint sensor, an MOC smart card, an arithmetic processing unit, and a memory unit, wherein the operation processing unit receives a fingerprint image through a fingerprint sensor, A fingerprint detection and feature extraction step of extracting information; A fingerprint matching step of performing user authentication by comparing the feature information of the fingerprint received from the operation processing unit with the user fingerprint information stored in advance in the MOC smart card by the MOC smart card; And if the user authentication is successful at the fingerprint matching step, the operation processing unit transmits the data including the password from the memory unit to the mobile terminal, the POS terminal or the terminal of the computer. . If the user authentication is successful at the fingerprint matching step, the MOC smart card may be an OTP applet, a PKCS applet, an eID applet, an HPTP applet, a payment applet, an e-cash stored in an MOC smart card, And a service step according to user authentication for driving one of the applets.

Figure R1020150022978

Description

[0001] The present invention relates to a security authentication method for a portable security authenticator employing a fingerprint authentication method,

The present invention relates to a security authentication method of a portable security authenticator employing a fingerprint authentication method, and more particularly, to a security authentication method of a portable security authenticator using a bio registration / authentication manager program, On-card match fingerprint recognition algorithm of the smart card is performed on the inputted fingerprint information to authenticate the user and personal information and stored data can be used through the wired / wireless interface with the smartphone / tablet for the authenticated user To a security authentication method of a portable security authenticator employing a fingerprint recognition method.

In the market where existing biometric technology is applied, physical access control such as access and time attendance management is the most important part, and it is mainly used in public parts such as logical access control and identification for access control of other devices and systems . However, recently, bio-recognition technology has been applied to mobile devices and its application area is expanding.

Fingerprint biometrics has been widely adopted for access control in places requiring high security level such as laboratory. By attaching a fingerprint scanner to mobile devices, it can be used for security related to mobile phones. In case of mobile phone, it is not possible to acquire accurate fingerprint image with the basic input device, so a separate fingerprint image scanner is needed.

In recent years, the rapid development of information communication infrastructures such as computers, the Internet and mobile phones has urgently necessitated the security of personal information and corporate information, and the demand for Internet banking, credit card payment, mobile payment As a result, there is a need for a unique authentication means for individuals.

Accordingly, there is a demand for a fingerprint authentication-based security authentication device that can be conveniently used by an individual, and in particular, a biometric authentication using an on-card match (MOC) Based portable security authentication device is desired.

Generally, a biometric system is basically divided into a registration / enrollment process, a verification process (1: 1), and an identification process (1: N) . Authentication and recognition are selectively used depending on the application area, and the configuration of the system is also different from each other. The five components of registration, authentication, and biometric identification systems are Capture, Storage, Processing, Matching, and Decision.

The portable security authenticator employing the fingerprint recognition method of the present invention is a system utilizing fingerprint recognition, smart card, and MoC based technology.

As a conventional method of embedding encryption technology in a USB storage device and encrypting data to thereby prevent leakage of information stored when a storage device is lost, a method of inputting a logon password when using a secure USB is applied. There is a possibility that information stored in the USB storage device may be leaked when a password leakage due to leakage or hacking occurs. Accordingly, there is a need for a biometric authentication method capable of uniquely recognizing a user who is not a password system Do.

In general, Bio security tokens and secure USB memory require encryption / decryption technology, user authentication and identification, random copy protection of stored data, and deletion function to protect data in the event of lost or stolen.

It is a technology that encrypts data when transferring data to USB memory and decrypts it automatically when verifying data of USB memory. It is divided into hardware type and software type and it is provided with dedicated security chip type .

In the user authentication and identification function, it is used as a security function that incorporates a password setting function or a fingerprint recognition function in a memory area of a user and is interlocked with other functions.

In the random copy protection function of stored data, access to data in the storage memory is disabled without user authentication, thereby making data replication impossible to the outside.

In case of lost smartphone or security authentication device, it deletes memory data so that other users can not access data in personal information area. And deletion of data.

In relation to the technology of biometric authentication USB memory that uses fingerprint authentication, the existing method is mainly extracting / matching on the PC S / W due to the large amount of computation in minutiae extraction / matching operation of the data read from the fingerprint sensor I need skills to work on. The personal fingerprint information captured by the fingerprint sensor must be transmitted to the PC through the USB. At this time, privacy problems such as exposure of the living body and the security information of the individual may occur, so that extraction / matching of the fingerprint is performed in the USB memory device Structure.

Recent authentication processing methods include a form (SOC, System On Card) that performs the entire process of fingerprint capture / feature point extraction / matching in the smart card and a form (MOC, Matching On Card) Respectively.

The SOC smart card has a drawback in that a high performance CPU and a large capacity memory must be used because the fingerprint sensor and the fingerprint processing algorithm must be processed in the smart card. On the other hand, since the MOC smart card processes only the matching algorithm, it can be processed by a commercial smart card. The code used for card matching is less than 10 kbytes. RAM memory size is less than 5 kbytes, and processing speed is less than 5 seconds.

Recently, the market for mobile financial services using smart phones is increasing. Space and time constraints can be greatly reduced. In addition, financial information such as credit cards, account information, and related service information such as coupons and points can be managed through a single smartphone. However, with the concentration of personal information in mobile devices and the use of open wireless networks, the risk of information leakage, forgery and tampering by loss, theft, eavesdropping and eavesdropping also increased. Accordingly, there is a demand for a new authentication technique that has higher stability than existing authentication means and can satisfy the convenience of use.

Although biometrics can satisfy high security and ease of use due to the fact that the nature of the information can not be separated from individuals, there is no universal mobile terminal that can support sensor and hardware performance yet, It does not meet the exact recognition rate that can be used for authentication.

As a prior art, there are a portable security authentication device and system of Korean Patent Laid-Open Publication No. 2001-0095788 and an operation method thereof.

Korean Patent Laid-Open Publication No. 2001-0095788 discloses a method and apparatus for recognizing a pattern of a biometric feature (fingerprint and voice) possessed by a user and determining whether or not the user is an authorized user. In accordance with the determination result, And allows the system to be used and accessed to be opened and the system to be opened remotely.

However, in the case of the present invention, it is not compact, requires too much time for operation processing, is exposed to information, is hacked from a malicious user, is recognized by using a user information DB and a user fingerprint DB. There is a possibility that the security is not easy.

A problem to be solved by the present invention is to store and manage the fingerprint information of the user in the secure memory area of the smart card through the bio registration / authentication manager program and to provide the on-card match fingerprint recognition algorithm of the smart card for the inputted fingerprint information A portable security authenticator employing a fingerprint recognition method that authenticates a user by performing authentication using a fingerprint authentication method, and grants an access right to use personal information and stored data through a wired / wireless interface connected to a smartphone / The security authentication method of the present invention.

Another object of the present invention is to provide an image processing apparatus and a method for processing a fingerprint image by incorporating a fingerprint recognition unit and an on-card match (MOC) smart card, receiving a fingerprint image through a fingerprint sensor, The user authentication is performed by comparing the stored user information with the password stored in the card through the biometric matching program installed in the card. If the user authentication is successful, access to the data stored in the memory is permitted, The present invention provides a security authentication method for a portable security authenticator employing a fingerprint recognition method, which transmits the authentication result to a mobile terminal through a wired / wireless communication interface, and authenticates the user and performs a necessary operation with the mobile terminal.

Another problem to be solved by the present invention is to extract the feature information of the fingerprint image and to provide various services installed in the MOC smart card such as OTP One-time password, one-time password), a PKCS (Public-Key Cryptography System), eID, payment, etc. will be.

Another object of the present invention is to provide a biometric authentication method in which authentication is performed by comparing biometric information stored in a smart card with externally inputted biometric information and then an authenticated user uses a mobile phone or various services, And a security authentication method of a portable security authenticator employing a fingerprint authentication method, which is configured to store biometric information in a smart card using a biosafety authentication platform and a biometric authentication solution, and to process user authentication in a smart card .
Another object of the present invention is to provide a fingerprint detection and feature extraction step, a MOC smart card, a preprocessing step of thinning a fingerprint image of a received fingerprint image, and a MOC smart card, And a post-processing step of removing the pseudo minutiae from the minutiae extracted in the minutiae point extracting step, wherein the MOC smart card is provided with a security authentication method of the portable security authenticator.
Another object of the present invention is to provide a MOC smart card in which a preprocessing step divides a fingerprint image into blocks of a predetermined size, determines a direction indicating a ridge flow for each block, Binary images are displayed in black and white only. Binary images are subjected to smoothing processing to remove noise and emphasize fusion, and portable security authentication And a security authentication method of the machine.
Another object of the present invention is to provide a MOC smart card, in which the minutiae point extracting step is a step of extracting, from the thinning image received from the preprocessing step, a disadvantage that a change in ridge flow occurs, And a security authentication method of the machine.
Another object of the present invention is to provide a security authentication method of a portable security authenticator which is configured to determine the similarity between two fingerprint images using extracted minutia information and pre-stored user fingerprint information in a fingerprint matching step .

According to an aspect of the present invention, there is provided a security authentication method for a portable security authenticator including a fingerprint sensor, an MOC smart card, an arithmetic processing unit, and a memory unit, wherein the arithmetic processing unit receives a fingerprint image through a fingerprint sensor, A fingerprint detection and feature extraction step of extracting feature information of the fingerprint from the fingerprint image; A fingerprint matching step of performing user authentication by comparing the feature information of the fingerprint received from the operation processing unit with the user fingerprint information stored in advance in the MOC smart card by the MOC smart card; And if the user authentication is successful at the fingerprint matching step, the operation processing unit transmits the data including the password from the memory unit to the mobile terminal, the POS terminal or the terminal of the computer. .

According to another aspect of the present invention, there is provided a security authentication method for a portable security authenticator including a fingerprint sensor, an MOC smart card, an arithmetic processing unit, and a memory unit, wherein the operation processing unit receives a fingerprint image through a fingerprint sensor, A fingerprint detection and feature extraction step of extracting feature information of the fingerprint image; A fingerprint matching step of performing user authentication by comparing the feature information of the fingerprint received from the operation processing unit with the user fingerprint information stored in advance in the MOC smart card by the MOC smart card; If the user authentication is successful at the fingerprint matching step, the MOC smart card can be used to activate one of the OTP applet, PKCS applet, eID applet, HPTP applet, Payment applet, or E-cash applet stored in the MOC smart card And a service step according to the user authentication.

In the user fingerprint information, the operation processing unit receives the fingerprint information of the user through the fingerprint sensor at the beginning of use and stores the fingerprint information in the MOC smart card.

In the fingerprint detection and feature extraction step, the MOC smart card includes a preprocessing step of thinning the fingerprint image of the received fingerprint image; The MOC smart card is a feature point extraction step for extracting candidate feature points from a thinned fingerprint image in a preprocessing step; The MOC smart card includes a post-processing step of removing pseudo minutiae from the minutiae extracted at the minutiae extraction step.

In the preprocessing step, in the MOC smart card, the fingerprint image is divided into blocks of a predetermined size, and a direction indicating the flow of the ridges is determined for each block. Then, the image is converted into a directional image for each block and then binarization is performed. And the binary image is transformed into a thinning image by smoothing the image by eliminating the noise and emphasizing the fusion, and expressing the image by the line of 1 pixel thickness.

In the feature point extraction step, in the MOC smart card, the disadvantages and branch point information that change in the ridge flow from the thinning image received from the preprocessing step are stored.

In the fingerprint matching step, the MOC smart card determines the similarity between the two fingerprint images using the extracted feature point information and pre-stored user fingerprint information.

In the fingerprint matching step, the MOC smart card calculates an amount of rotation and transition in which the feature information of the fingerprint received from the operation processing unit and the feature points of the two fingerprint images of the previously stored user fingerprint information are overlapped to the maximum, An alignment step of transforming the coordinates of the feature points so as to match the alignment reference points and then determining the corresponding pair of feature points; The MOC smart card includes a registration step of calculating a similarity vector (Measure Vector) using coordinates, kind, and angle information of a pair of corresponding feature points determined in the alignment step; A score acquiring step of outputting, as a score, the degree of coincidence between the feature information of the fingerprint received from the operation processing unit and the two fingerprint images of the stored user fingerprint information from the similarity of the corresponding pair of feature points to the arithmetic processing unit according to predetermined rule data; .

The fingerprint sensor is a swipe sensor.

The secure data transmission step is performed through one of the blue pitcher communication unit, the WiFi communication unit, the NFC communication unit, and the USB connector unit.

According to the security authentication method of the portable security authenticator employing the fingerprint authentication method of the present invention, the fingerprint information of the user is stored and managed in the security memory area of the smart card through the bio registration / authentication manager program, It authenticates the user by performing the smart card's On-Card Match fingerprint recognition algorithm, and grants the authorized user access to the personal information and stored data through the wired / wireless interface with the smartphone / tablet .

According to the present invention, a fingerprint recognition unit and an on-card match (MOC) smart card are built in. A fingerprint image is received through a fingerprint sensor, and the feature information extracted by processing the fingerprint image is transmitted to the MOC smart card, The user authentication is performed by comparing the user information stored in the card with the user information stored in the card through the biometric matching program installed in the card, and if the user authentication is successful, access to the data stored in the memory is permitted, To the mobile terminal, and authenticates the mobile terminal to perform a necessary operation with the mobile terminal.

In addition, the present invention extracts feature information of a fingerprint image, and provides various services installed in the MOC smart card, such as OTP (One Time Password, One-time password), PKCS (Public Key Cryptography System), eID, payment, and so on.

In addition, the present invention compares the biometric information stored in the smart card with the biometric information input from the outside, performs authentication, and allows the authenticated user to use a mobile phone or various services. On-card match technology and biometric security authentication The biometric information is stored in the smart card using the platform and the biometric authentication solution, and the user authentication is processed in the smart card.

Therefore, the present invention is compact, fast, and more stable in information security.

INDUSTRIAL APPLICABILITY The present invention is applicable to various application systems such as a car, a POS, an ATM, a mobile phone, a personal computer, a card reader, and the like.
The MOC smart card may include a preprocessing step of thinning a fingerprint image of the received fingerprint image, a MOC smart card extracting a candidate feature point from the thinned fingerprint image in the preprocessing step, And the MOC smart card includes a post-processing step of removing pseudo minutiae from the minutiae extracted in the minutiae point extraction step.
In the MOC smart card, the preprocessing step divides the fingerprint image into blocks of a predetermined size, determines a direction indicating the ridge flow for each block, converts the image into a directional image for each block, The image is expressed only in black and white, and the binary image is smoothed to remove noise and emphasize the fusion, and converted into a thin image by expressing the image with a line of thickness of 1 pixel. ≪ / RTI >
Further, the present invention is characterized in that the minutiae point extracting step comprises: storing, in the MOC smart card, the disadvantages and branch point information of a change in ridge flow from the thinning image received from the preprocessing step; ≪ / RTI >
In the fingerprint matching step, the MOC smart card provides a security authentication method of a portable security authenticator configured to determine the similarity between two fingerprint images using extracted minutia information and pre-stored user fingerprint information.

1 is an example of the appearance of a portable security authenticator employing the fingerprint recognition method of the present invention.
2 is a schematic diagram for explaining the use of a portable security authenticator employing the fingerprint recognition method of the present invention.
3 is a block diagram schematically illustrating the configuration of the portable security authenticator of FIG.
4 is a schematic diagram schematically illustrating the configuration of the MOC smart card.
5 is a schematic diagram for explaining the concept of signal detection in the fingerprint sensor of FIG.
6 is a flowchart schematically illustrating a fingerprint recognition process in the portable security authenticator of the present invention.
7 is a flowchart illustrating the feature extraction step of FIG.

Hereinafter, a security authentication method of a portable security authenticator employing a fingerprint recognition method according to the present invention will be described in detail with reference to the accompanying drawings.

FIG. 1 is an example of the appearance of a portable security authenticator employing the fingerprint authentication method of the present invention, FIG. 2 is a schematic diagram for explaining use of a portable security authenticator employing the fingerprint authentication method of the present invention, and FIG. 3 FIG. 4 is a schematic diagram for explaining the configuration of the MOC smart card. As shown in FIG.

1, the portable security authenticator 10 incorporates a fingerprint sensor unit 150 and an MOC smart card 200 inside a security authenticator housing 20, and a security authenticator housing 20 The fingerprint sensor of the fingerprint sensor unit 150 is exposed to the outside. Although not shown in FIG. 1, the portable security authenticator 10 may further include a switch for starting operation or the like.

As shown in FIG. 2, the fingerprint image is received through the fingerprint sensor, the feature information is extracted, and the user authentication is performed by comparing the stored user information with the MOC smart card 200. If the user authentication is successful, And transmits the predetermined data (e.g., data (password, password, etc.) required for authentication) to the wired / wireless communication interface, that is, the blue pitcher communication unit 120, the WiFi A point of sale (POS) terminal, a terminal 530 of a computer via a communication unit 130, an NFC (Near Field Communication) communication unit 140, and a USB connector unit 110, And makes the terminal 530 perform a necessary operation such as OTP, PKCS, eID, payment, etc. in the mobile terminal 510, the POS terminal, and the computer.

3, the portable security authenticator 10 includes an operation processing unit 100, a fingerprint sensor unit 150, an MOC smart card 200, a memory unit 170, a battery unit 190, a blue pitcher communication unit 120, a WiFi communication unit 130, an NFC communication unit 140, and a USB connector unit 110.

The operation processing unit 100 is a means for taking charge of the overall control of the portable security authenticator 10 and may be constituted by a CPU. As the CPU of the arithmetic processing unit 100, an STM32F4 series processor of ST or SAMA5 series of Atmel can be used.

The operation processing unit 100 receives the fingerprint image through the fingerprint sensor unit 150, processes the fingerprint image to extract feature information of the fingerprint, and transmits the feature information of the extracted fingerprint to the MOC smart card 200 , The MOC smart card 200 receives the user authentication result, determines whether the user authentication is successful, and permits access to the data stored in the memory unit 170 if the user authentication is successful.

The fingerprint sensor unit 150 includes a fingerprint sensor, a fingerprint sensor driver, and the like.

The fingerprint sensor is means for acquiring image information of a fingerprint, and detects the fingerprint image and transmits the fingerprint image to the operation processing unit 100. [ The fingerprint sensor can use a SWIPE sensor. As the sweep sensor, a CMOS sensor capable of recognizing 128 x 8 pixels can be used.

Generally, a fingerprint sensor is divided into a plane sensor that recognizes the entire fingerprint at one time and a swipe sensor that recognizes the fingerprint by moving a finger to the sensor in the form of a line sensor. In the sweep sensor, the price is low and the area is small do.

The fingerprint sensor driving unit drives the fingerprint sensor according to the fingerprint sensing request signal of the operation processing unit 100 to detect the fingerprint image.

The MOC smart card 200 receives feature information of the fingerprint received from the operation processing unit 100 and transmits the fingerprint feature information to the MOC smart card 200 through a bio matching algorithm installed in the MOC smart card 200 Performs user authentication by comparing with the user information stored in the password, and transmits the result to the operation processing unit (100).

As shown in FIG. 4, the MOC smart card 200 may include an OTP, a PKCS, an eID, an HPTP, a payment (Payment) , And an electronic cash (E-Cash).

The memory unit 170 stores data to be accessed after the user authentication in the MOC smart card 200. [ The memory unit 170 includes an SD memory, that is, a Secure uSD and is accessed after successful user authentication. The memory unit 170 stores information for authentication in the mobile terminal 510, the POS terminal, the terminal 530 of the computer, For example, a password. After the user authentication is performed in the MOC smart card 200, the MOC smart card 200 transmits predetermined information to the arithmetic processing unit 100 in response to a request from the arithmetic processing unit 100.

The battery unit 190 is a power supply unit in the portable security authenticator 10.

The blue pitcher communication unit 120 transmits information received from the operation processing unit 100 to the mobile terminal 510, the POS terminal, the terminal 530 of the computer, and the like through Bluetooth.

The WiFi communication unit 130 transmits information received from the operation processing unit 100 to the mobile terminal 510, the POS terminal, the terminal 530 of the computer, and the like through WiFi.

The NFC communication unit 140 transmits information received from the operation processing unit 100 to the mobile terminal 510 or the like through NFC communication.

The USB connector unit 110 includes a USB connector and a USB driver, and transmits / receives data to / from the operation processor 100 and the terminal 530 of an external computer through a USB connector.

5 is a schematic diagram for explaining the concept of signal detection in the fingerprint sensor of FIG.

5 (a) illustrates a method of using a sweep sensor as a fingerprint sensor. The finger moves from the top to the bottom of the fingerprint sensor, and the fingerprint sensor acquires the fingerprint image at this time.

FIG. 5B illustrates a process of acquiring a fingerprint image when a finger is moved as shown in FIG. 5A. As shown in FIG. 5B, .

Since the present invention needs to process authentication in the MOC smart card 200, fingerprint information, a card operating system (COS), an application (fingerprint recognition algorithm, etc.) are stored in the MOC smart card 200 and user authentication is performed .

FIG. 6 is a flowchart schematically illustrating a process of fingerprint recognition in the portable security authenticator of the present invention, and FIG. 7 is a flowchart illustrating the feature extraction process of FIG.

In the data capturing step S110, the user's fingerprint information is stored in the MOC smart card 200 at the initial stage of use. That is, in the MOC smart card 200, The fingerprint sensor unit 150 receives multiple fingerprint images at each moment from the fingerprint sensor unit 150 in accordance with the movement of the finger from the upper side to the lower side of the fingerprint sensor and performs image registration with one image, And stores it in the card 200. In some cases, features may be extracted from the image-matched fingerprint image and stored together.

The subsequent steps of the data capture step S110 are processed in the MOC smart card 200 to perform user authentication. The subsequent steps of the data capturing step S110 are performed in two stages: a fingerprint detection and a feature extraction step S150 and a fingerprint matching step 200. [

 A minutiae data file to be used in the fingerprint matching step is formed by the fingerprint detection and feature extraction step (S150). The fingerprint sensor 150 receives the fingerprint images of each moment in multiple layers, And the feature is extracted from the fingerprint image matched with one image.

The feature extraction step proceeds to three steps: a pre-processing step S160, a feature point extraction step S170, and a post-processing step S180.

The preprocessing step S160 is a step of thinning the fingerprint image. The preprocessing step S160 performs image enhancement, binarization of the image-improved fingerprint image, and thinning.

here. Image enhancement is a process of improving or restoring the ridge state of a fingerprint to a state suitable for extracting fingerprint feature information using a directional image or the like and binarization is a process of converting the improved image information into a monochrome image form And thinning is a process of making the ridge of the fingerprint into a line form immediately before the feature information extraction.

That is, the preprocessing step (S160) is a process of converting into a block directional image, a binarized image, and a thinned image. The fingerprint image is divided into blocks of a predetermined size, and a direction indicating the flow of ridges is determined for each block, and the image is converted into a direction image per block. The obtained ridge direction information is used for the binarization and smoothing process. In the process of binarization, the fingerprint image is transformed into a binary image, which is expressed only in black and white, and the binary image is smoothed by eliminating noise and emphasizing the fusion, thereby improving the connectivity of the image. The image is converted into a thinning image,

The feature point extracting step S170 is a step of extracting candidate feature points from the thinned fingerprint image in the preprocessing step S160.

Here, a minutiae refers to a point where a ridge called a ridge called a branch point (a point where a ridge flows off) and a branch point (a ridge splits into two ridge) are changed. The feature quantities (T = {m1, m2, ..., mm}) consist of the information of the minutiae (mi) existing in the fingerprint image. In most cases, The type of the feature point, the position in the fingerprint image, and the direction of the ridge where the feature point is located.

That is, the feature point extracting step S170 is a candidate feature point extracting step, and stores a disadvantage point and a bifurcation point in which a change occurs in the ridge flow from the thinned image. Extract candidate feature points including pseudo minutia points from the rinse information of the thin line image. At this time, pseudo minutia points may be generated due to erroneous ridge portions of the thinned image. Pseudo minutia refers to the fake minutiae that occur during the thinning process due to the noise during fingerprint acquisition. The pseudo minutiae point increases the amount of meaningless computation and increases the error, which degrades the performance of the system.

The post-processing step S180 is a step of removing fake feature points from the feature points extracted in the feature point extracting step S170. That is, in the post-processing step (S180), the ridge portion causing the pseudo minutiae is corrected to remove the pseudo minutiae points, and the missing minutiae are added to extract the final minutiae.

In the fingerprint matching step 200, the matching algorithm of the fingerprint recognition method using the feature points determines the similarity between the two fingerprint images using the feature values defined from the feature point information extracted by the extraction algorithm. The matching algorithm is divided into three steps as shown in Fig. 16: Image Alignment, Mnutiae Matching, and Scoring.

The fingerprint matching step 200 is a step of determining the similarity between two fingerprint images using the feature quantities defined from the extracted minutia information and includes an image alignment step S210, , And a scoring step (S250).

In the alignment step (S210), rotation and transition amounts at which the feature points of the two fingerprint images overlap most are calculated, and an alignment reference point of the image is selected. Then, the coordinates of the minutiae points are converted so as to be aligned with the alignment reference point, and then the corresponding pair of minutiae are determined. At this time, it is necessary to perform as many candidate alignments as possible in order to find an ideal rotation shift amount.

In the matching step (S230), the similarity (Measure Vector) is calculated using the coordinate, type, and angle information of the corresponding pair of feature points determined in the aligning step (S210). In order to reflect the similarity of pairs of corresponding feature points in real terms, various statistical techniques can be considered at various angles in the similarity determination method.

In the scoring step S250, in the scoring step S250, the degrees of coincidence of the two fingerprint images from the similarity vector of the corresponding pair of feature points are indicated by points according to predetermined rule data.

The rule data is data set in advance by using statistical basis and mathematical modeling in decision making of the score calculation rule in order to accurately reflect the degree of matching of images as in the matching step.

As described above, the present invention relates to a portable security authentication technology and a security authentication device based on bio-authentication using On-Card Match (MOC) for biometric identification using fingerprint information and safe personal information security management.

The operation processing unit 100 of the present invention first receives a fingerprint image through the fingerprint sensor unit 150 of the portable security authentication terminal, processes the input fingerprint image to extract feature information of the fingerprint, To the MOC smart card 200 and compares the user information stored in the card with the encrypted user information through an applet of the biometric matching algorithm installed in the MOC smart card 200 to perform the final user authentication. If the user authentication is successful, the data stored in the memory unit is allowed to be accessed and transmitted to the mobile terminal through the wired / wireless communication interface, thereby performing the required operation. It also allows access to various service applets (OTP, PKCS, eID, payment, etc.) installed on the MOC smart card through user authentication.

In the present invention, a new user fingerprint is encrypted and stored in the MOC smart card 200 through the portable security authenticator login manager of the present invention. Thereafter, the user inputs a fingerprint to the fingerprint sensor to use the portable security authenticator, and the MOC smart card 200 is transmitted to the MOC smart card 200 through the fingerprint recognition algorithm provided by the bio security platform of the MOC smart card 200, And performs a user authentication through a matching process. The authorized user is allowed to use the applet service of the MOC smart card 200 through the biosecurity platform of the MOC smart card 200.

In addition, the present invention provides a function to prepare for theft or loss of a storage device by activating an encryption / decryption algorithm for the stored security data, and the user authentication / authentication using the portable security authenticator program, applet management, memory management Function.

10: Portable security authenticator 20: Security authenticator housing
100: operation processing unit 110: USB connector unit
120: Blue pitcher communication unit 130: WiFi communication unit
140: NFC communication unit 150: fingerprint sensor unit
170: memory unit 190: battery unit
200: MOC smart card

Claims (10)

A security authentication method for a portable security authenticator having a fingerprint sensor, an MOC smart card, an arithmetic processing unit, and a memory unit,
The operation processing unit includes a fingerprint detection and feature extraction step of receiving a fingerprint image through a fingerprint sensor and extracting feature information of the fingerprint from the received fingerprint image;
A fingerprint matching step of performing user authentication by comparing the feature information of the fingerprint received from the operation processing unit with the user fingerprint information stored in advance in the MOC smart card by the MOC smart card;
And if the user authentication is successful at the fingerprint matching step, the operation processing unit transmits the data including the password from the memory unit to one of the mobile terminal, the POS terminal, and the computer terminal;
And,
In the fingerprint detection and feature extraction step,
The MOC smart card includes a preprocessing step of thinning a fingerprint image of a received fingerprint image;
The MOC smart card is a feature point extraction step for extracting candidate feature points from a thinned fingerprint image in a preprocessing step;
The MOC smart card includes a post-processing step of removing the pseudo minutiae from the minutiae extracted at the minutiae extraction step;
And,
In the preprocessing step, in the MOC smart card, the fingerprint image is divided into blocks of a predetermined size, and a direction indicating the flow of the ridges is determined for each block. Then, the image is converted into a directional image for each block and then binarization is performed. And the binary image is smoothed to remove noise and emphasize the transformation, transforms the image into a thinned image by expressing the image with a line of one pixel thickness,
In the fingerprint matching step, the MOC smart card determines similarities between the two fingerprint images using the extracted feature point information and pre-stored user fingerprint information,
In the fingerprint matching step,
The MOC smart card calculates an amount of rotation and transition in which the feature points of the fingerprint received from the operation processing unit and the feature points of the two fingerprint images of the stored user fingerprint information are overlapped to the maximum to select the alignment reference point of the image, And determining a corresponding pair of feature points after converting the coordinates of the feature points so that the feature point pairs correspond to each other;
The MOC smart card includes a registration step of calculating a similarity vector (Measure Vector) using coordinates, kind, and angle information of a pair of corresponding feature points determined in the alignment step;
A point acquiring step of outputting from the operation processing unit the degree of coincidence between the feature information of the fingerprint received from the arithmetic processing unit and the two fingerprint images of the stored user fingerprint information from the similarity of the corresponding pair of feature points to the operation processing unit as a score according to the predetermined rule data;
The security authentication method comprising the steps of: A security authentication method for a portable security authenticator having a fingerprint sensor, an MOC smart card, an arithmetic processing unit, and a memory unit,
The operation processing unit includes a fingerprint detection and feature extraction step of receiving a fingerprint image through a fingerprint sensor and extracting feature information of the fingerprint from the received fingerprint image;
A fingerprint matching step of performing user authentication by comparing the feature information of the fingerprint received from the operation processing unit with the user fingerprint information stored in advance in the MOC smart card by the MOC smart card;
If the user authentication is successful at the fingerprint matching step, the MOC smart card can be used to activate one of the OTP applet, PKCS applet, eID applet, HPTP applet, Payment applet, or E-cash applet stored in the MOC smart card A service step according to user authentication;
And,
In the fingerprint detection and feature extraction step,
The MOC smart card includes a preprocessing step of thinning a fingerprint image of a received fingerprint image;
The MOC smart card is a feature point extraction step for extracting candidate feature points from a thinned fingerprint image in a preprocessing step;
The MOC smart card includes a post-processing step of removing the pseudo minutiae from the minutiae extracted at the minutiae extraction step;
And,
In the preprocessing step, in the MOC smart card, the fingerprint image is divided into blocks of a predetermined size, and a direction indicating the flow of the ridges is determined for each block. Then, the image is converted into a directional image for each block and then binarization is performed. And the binary image is smoothed to remove noise and emphasize the transformation, transforms the image into a thinned image by expressing the image with a line of one pixel thickness,
In the fingerprint matching step, the MOC smart card determines similarities between the two fingerprint images using the extracted feature point information and pre-stored user fingerprint information,
In the fingerprint matching step,
The MOC smart card calculates an amount of rotation and transition in which the feature points of the fingerprint received from the operation processing unit and the feature points of the two fingerprint images of the stored user fingerprint information are overlapped to the maximum to select the alignment reference point of the image, And determining a corresponding pair of feature points after converting the coordinates of the feature points so that the feature point pairs correspond to each other;
The MOC smart card includes a registration step of calculating a similarity vector (Measure Vector) using coordinates, kind, and angle information of a pair of corresponding feature points determined in the alignment step;
A point acquiring step of outputting from the operation processing unit the degree of coincidence between the feature information of the fingerprint received from the arithmetic processing unit and the two fingerprint images of the stored user fingerprint information from the similarity of the corresponding pair of feature points to the operation processing unit as a score according to the predetermined rule data;
The security authentication method comprising the steps of: 3. The method according to any one of claims 1 to 3,
Wherein the user fingerprint information is data stored in the MOC smart card by receiving the fingerprint information of the user through the fingerprint sensor at the beginning of use and storing the fingerprint information in the MOC smart card. delete delete The method according to claim 1,
Wherein the feature point extracting step stores the disadvantages and branch point information in the MOC smart card in which a change in the flow of ridges is obtained from the thinning image received from the preprocessing step. delete delete 3. The method according to any one of claims 1 to 3,
Wherein the fingerprint sensor is a swipe sensor. The method according to claim 1,
Wherein the secure data transmission step is performed through one of a blue pitcher communication unit, a WiFi communication unit, an NFC communication unit, and a USB connector unit.
KR1020150022978A 2015-02-16 2015-02-16 Authentication method for portable secure authentication apparatus using fingerprint KR101853270B1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020150022978A KR101853270B1 (en) 2015-02-16 2015-02-16 Authentication method for portable secure authentication apparatus using fingerprint

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020150022978A KR101853270B1 (en) 2015-02-16 2015-02-16 Authentication method for portable secure authentication apparatus using fingerprint

Publications (2)

Publication Number Publication Date
KR20160101249A KR20160101249A (en) 2016-08-25
KR101853270B1 true KR101853270B1 (en) 2018-05-02

Family

ID=56884462

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020150022978A KR101853270B1 (en) 2015-02-16 2015-02-16 Authentication method for portable secure authentication apparatus using fingerprint

Country Status (1)

Country Link
KR (1) KR101853270B1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11463775B2 (en) 2018-11-16 2022-10-04 Samsung Electronics Co., Ltd. Image display device and method for operating same

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR102574772B1 (en) * 2016-12-12 2023-09-05 삼성전자주식회사 Method for regstering and authenticating bio data and an electronic device thereof
KR102231785B1 (en) * 2020-10-08 2021-03-26 주식회사 올아이티탑 Method for dealing a digital currency with block chain matching Quantum Random Number and biometric identification
KR102337263B1 (en) * 2021-02-26 2021-12-08 (주)올잇코인 Method for dealing a digital currency with block chain matching Atomic Random Number and biometric identification
KR102367416B1 (en) * 2021-03-03 2022-02-28 (주)올잇코인 Method for dealing USB for matching Atomic Random Number and biometric identification

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100606393B1 (en) * 2001-06-28 2006-07-28 트렉 2000 인터네셔널 엘티디. A Portable storage Device Having Biometrics-Based Authentication Capabilities

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100606393B1 (en) * 2001-06-28 2006-07-28 트렉 2000 인터네셔널 엘티디. A Portable storage Device Having Biometrics-Based Authentication Capabilities

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
이남일 외 2명, 지문인식 센서 알고리즘 기술 동향, 정보보호학회지 제12권 제2호 (2002.04.)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11463775B2 (en) 2018-11-16 2022-10-04 Samsung Electronics Co., Ltd. Image display device and method for operating same

Also Published As

Publication number Publication date
KR20160101249A (en) 2016-08-25

Similar Documents

Publication Publication Date Title
KR101514706B1 (en) Method of user authentication using a variable keypad and biometrics and, the system thereof
US11824642B2 (en) Systems and methods for provisioning biometric image templates to devices for use in user authentication
KR102070635B1 (en) Apparatus and method for recognizing biological features and for registering biological feature templates
KR101853270B1 (en) Authentication method for portable secure authentication apparatus using fingerprint
US20150100485A1 (en) Biometric confirmation for bank card transaction
US10963552B2 (en) Method and electronic device for authenticating a user
US10552596B2 (en) Biometric authentication
KR102198288B1 (en) Biological feature recognition device and method and biological feature template registration method
US9940503B2 (en) Authentication device including template validation and related methods
CN109426963B (en) Biometric system for authenticating biometric requests
KR20180088715A (en) Security chip, biological feature recognition method and biological feature template registration method
US20150120543A1 (en) EyeWatch ATM and Wire Transfer Fraud Prevention System
KR20170016779A (en) System for relaying financial transaction with multiple safety function using finger vein authentication
CN113315639A (en) Identity authentication system and method
KR101853266B1 (en) Portable secure authentication apparatus using fingerprint
KR102014394B1 (en) Authentication method for portable secure authentication apparatus with improved security for fake fingerprints
US20150100493A1 (en) EyeWatch credit card fraud prevention system
KR20040028210A (en) Apparatus for Identifying a Person through Recognizing a Face and Method thereof
US20220027866A1 (en) Digital virtual currency issued by being matched with biometric authentication signal, and transaction method therefor
KR102138659B1 (en) Smart credit card and settlement system to recognize fingerprints
Kil et al. A study on the portable secure authenticator using fingerprint
RU2791846C2 (en) Method and device for decision-making to perform operation based on groups of face expressions and electronic device
Ibrahima et al. FINGERPRINTS TO AUTHENTICATE TRANSACTIONS IN CONTACTLESS CARDS.
Al-Khalil FINGERPRINTS TO AUTHENTICATE TRANSACTIONS IN CONTACTLESS CARDS
KR102451994B1 (en) Method for relaying financial transaction with multiple safety function

Legal Events

Date Code Title Description
A201 Request for examination
E902 Notification of reason for refusal
AMND Amendment
E601 Decision to refuse application
AMND Amendment
X701 Decision to grant (after re-examination)
GRNT Written decision to grant