KR20110029032A - Method for processing issue public certificate of attestation, terminal and recording medium - Google Patents

Abstract

PURPOSE: A public key certificate issuance processing system and a method thereof are provided to prevent an illegal issuance by using biometric information. CONSTITUTION: If a user inputs biometric information, a biometric recognizer(925) recognizes the biometric information which the user inputted. An authentication confirmer(970) certifies the user's identity through the biometric information certifying authority. An authentication key generator(975) generates a public key and a private key for issuing public key certificate to the user. A certificate processor(990) transmits the public key certificate to a wired or a wireless storage medium.

Description

Method and system for accredited certificate issuance and terminal and recording medium therefor {Method for Processing Issue Public Certificate of Attestation, Terminal and Recording Medium}

1 is a diagram illustrating a face-to-face biometric information registration system for identification using biometric information according to an embodiment of the present invention.

2A and 2B illustrate a process of registering biometric information registration application information in a face-to-face manner according to an exemplary embodiment of the present invention.

3A and 3B illustrate a process of registering biometric information registration application information in a face-to-face manner according to another exemplary embodiment of the present invention.

4A and 4B illustrate a process of registering biometric information registration application information in a face-to-face manner according to another exemplary embodiment of the present invention.

5 is a diagram illustrating a non-face-to-face biometric information registration system for identification using biometric information according to another exemplary embodiment of the present invention.

6A and 6B are views illustrating a process of registering biometric information registration application information in a non-face-to-face manner to identify an identity using biometric information according to one embodiment of the present invention.

7 is a diagram illustrating a certificate issuing system for issuing and processing a public certificate through identity verification using biometric information according to one embodiment of the present invention.

8 is a diagram illustrating a certificate issuing system for issuing and processing a public certificate through identity verification using biometric information according to one embodiment of the present invention.

9 is a diagram illustrating a functional configuration of a certificate issuing terminal for issuing and processing a public certificate using biometric information according to an embodiment of the present invention.

10A and 10B are diagrams illustrating a process of issuing and processing a public certificate through identity verification using biometric information according to one embodiment of the present invention.

11A and 11B are views illustrating a process of issuing and processing a public certificate through identity verification using biometric information according to another exemplary embodiment of the present invention.

<Description of main parts of drawing>

100: information registration server 105: interface unit

110: interface providing unit 115: information receiving unit

120: image receiving unit 125: validating unit

130: electronic document generation unit 135: electronic document transmission unit

140: information storage unit 145: storage medium

150: electronic document server 155: electronic document receiving unit

160: information generating unit 165: electronic document storage unit

170: electronic document D / B 175: teller terminal

180: information registration terminal

The present invention, by using biometric information that can not be input other than the person when issuing a public certificate, in the case of using the conventional financial information (for example, account information or card information) for issuing a public certificate, it can be easily leaked, The purpose of this is to overcome the possible issue of unauthorized issuance of a public certificate.

Due to the development of information and communication technology, it is possible to conveniently use the financial transaction service in the case of the Internet banking service by using an authorized certificate.

In other words, in order to solve the security problem of Internet banking, it is a situation that a convenient financial transaction service can be used by utilizing a certificate.

However, although a certified certificate provides a convenient financial transaction service, there is a problem that a serious financial accident may occur if it is illegally downloaded and used through easily leaked financial information.

An object of the present invention for solving the above problems, by using the biometric information that can not be input other than the person at the time of issuing the public certificate, the conventional financial information (for example, account information or card information) for the public certificate issuance In the case of the method, it is easy to leak, and to provide a method for overcoming the problem that the issuance of the authorized certificate, and a terminal and a recording medium therefor.

Authorized certificate issuing terminal for processing and issuing an authorized certificate to the wired and wireless storage medium according to the present invention, when the customer enters one or more of the biometric information-fingerprint information, iris information, facial recognition information-inputted by the customer A biometric recognition unit for recognizing biometric information, an authentication confirmation unit for authenticating a customer's identity through a biometric information certification authority on a network based on the biometric information recognized by the customer, and when the customer's identity authentication is confirmed, An authentication key generation unit for generating a public key and a private key for issuing a public certificate; and a certificate processing unit for processing a public certificate and a private key based on the generated public key and private key to be issued to the wired / wireless storage medium. It features.

Authorized certificate issuing terminal according to the present invention, when the customer enters the financial information, based on the financial information entered by the customer authentication verification unit for verifying the customer identity through a financial institution on the network; It is done.

On the other hand, the method for issuing and storing an authorized certificate to the wired or wireless storage medium requested by the customer according to the present invention, when the customer inputs (or selects) the customer information and biometric information for the request for issuing a certificate, the biometrics on the network Confirming a customer's identity through biometric information authentication provided by the customer in association with an information certification authority, and verifying a customer's identity through biometric information authentication provided by the customer, in association with an authorized certificate issuer And receiving the information and processing the received authorized certificate information to be stored in the wired / wireless storage medium requested by the customer.

On the other hand, it includes a computer-readable recording medium, characterized in that for recording the program for executing the above-mentioned authorized certificate issuing processing method.

Hereinafter, with reference to the accompanying drawings and description will be described in detail the operating principle of the preferred embodiment of the present invention. However, the drawings and the following description shown below are for the preferred method among various methods for effectively explaining the features of the present invention, the present invention is not limited only to the drawings and description below. In addition, in the following description of the present invention, if it is determined that a detailed description of a related known function or configuration may unnecessarily obscure the subject matter of the present invention, the detailed description thereof will be omitted. In addition, terms to be described below are terms defined in consideration of functions in the present invention, which may vary according to a user's or operator's intention or custom. Therefore, the definition should be made based on the contents throughout the present invention.

In addition, preferred embodiments of the present invention to be carried out below are provided in each system functional configuration to efficiently describe the technical components constituting the present invention, or system functions that are commonly provided in the technical field to which the present invention belongs. The configuration will be omitted, and described mainly on the functional configuration to be additionally provided for the present invention. If those skilled in the art to which the present invention pertains, it will be able to easily understand the function of the components that are conventionally used among the omitted functional configuration not shown below, and also the configuration omitted as described above The relationship between the elements and the components added for the present invention will also be clearly understood.

In addition, the following examples will be used to appropriately modify the terms so that those skilled in the art to clearly understand the technical features of the present invention to effectively understand, but the present invention It is by no means limited.

As a result, the technical spirit of the present invention is determined by the claims, and the following examples are one means for efficiently explaining the technical spirit of the present invention to those skilled in the art to which the present invention pertains. It is only.

1 is a diagram illustrating a face-to-face biometric information registration system for identity verification using biometric information according to an embodiment of the present invention.

In more detail, in Figure 1, a predetermined customer fills out and submits a biometric information registration application including at least one of customer information and biometric information to identify an identity using biometric information. Acquires predetermined image contents corresponding to the biometric information registration application, and obtains from the biometric information registration application information and the biometric information registration application corresponding to the biometric information registration application to the biometric information registration system through a predetermined biometric information registration interface. When the provided image content is provided, a predetermined biometric information registration electronic document including the image content is generated and stored in a predetermined electronic document repository, and the customer information and biometric information included in the biometric information registration request information are linked. System configuration for processing and storing in a predetermined storage medium (145) Specifically, the present invention relates to an implementation method in which the electronic document repository is provided on an external system associated with the biometric information registration system through a predetermined communication means.

Those skilled in the art to which the present invention pertains may refer to and / or modify this drawing 1 to infer various implementation methods for the construction of a biometric information registration system for identification using biometric information. The present invention includes all the implementation methods inferred, and is not limited to the implementation method shown in FIG.

For example, one of ordinary skill in the art to which the present invention pertains may refer to and / or modify this drawing 1 to infer an implementation method provided in a DBMS in which the electronic document repository is located in the biometric information registration system. It will be appreciated that the present invention includes all implementation methods inferred above and is not limited to the implementation method illustrated in FIG.

In addition, according to the implementation method shown in FIG. 1, the biometric information registration electronic document corresponding to the biometric information registration application is described as being generated on the server side on the biometric information registration system, but the present invention is limited thereto. The biometric information registration electronic document may be generated at a terminal that has obtained image content corresponding to the biometric information registration application through a predetermined image acquisition device (for example, generating an electronic document provided at the server side). Function is provided on the terminal side to generate the biometric information registration electronic document), by which the present invention is not limited.

In addition, according to the implementation method illustrated in FIG. 1, the biometric information included in the biometric information registration application includes only selection information for selecting the type of biometric information (eg, fingerprint, iris, etc.), and the biometric information registration application. At the time, it is possible to receive biometric information about the user, whereby the present invention is not limited.

Hereinafter, the biometric information registration application and the biometric information registration application corresponding to the biometric information registration application created by the customer through a predetermined biometric information registration interface on the biometric information registration system shown in FIG. Receiving a registration application and storing the biometric information newly stored biometric information newly stored and stored in the storage medium 145 of the predetermined biometric information at least one means and / or components corresponding to the functional configuration "information registration server 100 for convenience "

Referring to FIG. 1 according to an embodiment of the present invention, a biometric information registration system for identifying an identity using the biometric information includes an information registration terminal including an employee terminal provided at at least one branch of a certification authority (or a branch). Characterized in that it comprises a 180, the information registration terminal 180 is connected to the communication channel and the information registration server 100 provided on the biometric information registration system through a predetermined communication network.

According to an exemplary embodiment of the present invention, the customer visits the certification authority branch (business office) for identification using the biometric information, and through a window (or counter staff) provided at the certification authority office (business office). Through a biometric information registration application (for example, a document provided with a form for filling in at least one information item for identifying the identity using the biometric information) When the customer is to seal the seal of the customer for the legal basis for the biometric information registration application.

Then, when the customer submits the completed biometric information registration application to the teller staff, the teller staff scans the biometric information registration application through a predetermined image acquisition device to obtain a predetermined image content, and a predetermined employee terminal Input (or select) biometric information registration application information including at least one of image content obtained in response to the biometric information registration application, customer information written in the biometric information registration application, and biometric information, and correspondingly The employee terminal preferably transmits the image content and the biometric information registration application information to the information registration server 100 provided on the biometric information registration system through the communication network.

Here, the employee terminal preferably comprises a terminal used by the employee of the branch (or branch) of the certification authority, the information registration server 100 connected to the employee terminal is provided on the predetermined certification authority system It is preferable to include a server.

In the biometric information registration system as described above, an image acquisition device for obtaining image content corresponding to the biometric information registration application prepared by the customer, the employee terminal used by the employee and the employee terminal and the information registration server 100 The communication network connecting to perform a function of the biometric information registration interface for registering the biometric information registration application information for the customer to identify the identity using the biometric information.

The storage medium 145 provided on the biometric information registration system according to the present invention performs a predetermined process by linking the customer information and the biometric information included in the biometric information registration information provided from the information registration terminal 180. The storage medium 145 is characterized in that the storage.

The customer information includes personal information (eg, name, resident registration number, address, phone number, mobile phone number, e-mail address, etc.) of the customer who filled out the biometric information registration application, and member information of the customer (eg, the customer And at least one member ID information, etc. included in the customer D / B provided on the certification authority system associated with the biometric information registration system in response to the customer. desirable.

The biometric information may be provided by a customer who filled out the biometric information registration application (or scanned by scanning a body part of the customer (eg, fingerprint, iris, face, etc.)) and / or features on the image data (eg, among fingerprints). Characteristic of the pattern that is differentiated from the general pattern) It is preferable to include at least one data.

According to an embodiment of the present invention, the storage medium 145 is preferably provided in a DBMS on a certification authority system provided on the biometric information registration system (or associated with the biometric information registration system). The storage medium 145 may be a customer D / B provided in the DBMS on the certification authority system, and / or a predetermined database associated with the customer D / B, and the present invention is not limited thereto.

The information registration server 100 provided on the biometric information registration system according to the present invention is a generic term for the components of the biometric information registration system side connected to the information registration terminal 180 through a predetermined communication network. It may be implemented by including a server (or device), and / or implemented by at least one or more programs recorded on a recording medium provided in a predetermined server (or device), by which the present invention is not limited.

According to an embodiment of the present invention, the information registration server 100 is provided with an interface unit 105 (or interface means) for managing connection between the information registration terminal 180 and a predetermined communication channel through the communication network. Characterized in that made.

When the information registration terminal 180 is an employee terminal connected to a predetermined communication network according to an embodiment of the present invention, the interface unit 105 communicates with the employee terminal based on a protocol stack defined in the communication network. It is preferable to provide a communication interface for transmitting and receiving at least one or more information (or data) by connecting a channel and using a communication protocol defined in the biometric information registration program provided in the employee terminal.

Referring to FIG. 1, when the predetermined information registration terminal 180 connects a predetermined communication channel with the information registration server 100 through the interface unit 105, the information registration server 100 is connected to the living body. Acquiring image contents corresponding to the biometric information registration application prepared by the customer through a predetermined image acquisition device provided in the information registration terminal 180 to confirm the identity using the information, and the biometric information corresponding to the biometric information registration application Generate (or extract) at least one user interface for inputting (or selecting) information registration request information to be transmitted to the information registration server 100, and generating (or extracting) in connection with the interface unit 105. In the interface providing unit 110 (or interface providing means) for providing a user interface to the information registration terminal 180, the information registration terminal 180 When the biometric information registration application information corresponding to the biometric information registration application is input (or selected) through a user interface, the biometric information transmitted from the information registration terminal 180 in association with the interface unit 105 is transmitted. The information receiving unit 115 (or information receiving means) for receiving registration application information and the biometric information registration application prepared by the customer through the predetermined image acquisition device based on the user interface in the information registration terminal 180 Acquire and transmit the image content, characterized in that it comprises an image receiving unit 120 (or image receiving means) for receiving the image content corresponding to the biometric information registration application in connection with the interface unit 105. .

The interface providing unit 110 connects a predetermined communication channel with the information registration server 100 through the interface registration unit 105, and then the information registration server 100 to the information registration server 100. When requesting a user interface for identification using biometric information, an image content corresponding to the biometric information registration application prepared by the customer is obtained through a predetermined image acquisition device provided in the information registration terminal 180, and the biometric information is obtained. Generate at least one user interface for inputting (or selecting) biometric information registration application information corresponding to the information registration application to be transmitted to the information registration server 100 through the communication network, and / or a predetermined database (not shown) Omit the extracted user interface in conjunction with the interface unit 105. To the information characterized in that it provides to the registered terminal 180. The

According to another embodiment of the present invention, the information registration terminal 180 acquires the image content corresponding to the biometric information registration application written by the customer through a predetermined image acquisition device, and the biometric information corresponding to the biometric information registration application. If a predetermined information registration program having at least one user interface for inputting (or selecting) registration application information and transmitting the information to the information registration server 100 through the communication network is provided, obtaining a predetermined image as described above. Obtain an image content corresponding to the biometric information registration application prepared by the customer through the device, and input (or select) biometric information registration application information corresponding to the biometric information registration application to be transmitted to the information registration server 100. Generate (or extract) a user interface to the information registration terminal 180. Interface providing unit 110 may be omitted mubang to, and which the present invention is not limited.

Thereafter, the information registration terminal 180 inputs (or selects) biometric information registration request information including at least one of the customer information and biometric information through the user interface, and registers the input (or selected) biometric information. The application information is transmitted to the information registration server 100 through the communication network. In response thereto, the information receiving unit 115 is connected to the interface unit 105 to transmit the biometric information transmitted from the information registration terminal 180. Characterized in that the registration application information is received.

In addition, the information registration terminal 180 obtains the image content corresponding to the biometric information registration application written by the customer through a predetermined image acquisition device based on the user interface, and the obtained image content through the communication network The image receiving unit 120 receives the image content corresponding to the biometric information registration application in association with the interface unit 105.

According to another exemplary embodiment of the present invention, the information registration terminal 180 acquires image content corresponding to the biometric information registration application prepared by the customer through a predetermined image acquisition device and is provided to the information registration terminal 180. In the case of pre-stored in a predetermined (or associated) storage device, the information registration terminal 180 to the biometric information registration application created by the customer of the at least one or more image content previously stored in the storage device through the user interface A corresponding image content is selected and transmitted to the information registration server 100 through the communication network. In response, the image receiving unit 120 is connected to the interface unit 105 to correspond to the biometric information registration application. It is desirable to receive content.

According to another exemplary embodiment of the present invention, the biometric information registration application information corresponding to the biometric information registration application and the image content corresponding to the biometric information registration application created by the customer through the user interface in the information registration terminal 180. When transmitting together, the information receiving unit 115 may be connected with the interface unit 105 to receive both the image content and the biometric information registration application information corresponding to the biometric information registration application (for example, the image The receiver 120 is integrated into the information receiver 115 and operated), whereby the present invention is not limited thereto.

Referring to FIG. 1, when the biometric information registration request information transmitted from the information registration terminal 180 is received through the information receiving unit 115, the information registration server 100 receives the biometric information registration request information. It is characterized in that it comprises a validity verification unit 125 (or validity confirming means) for confirming whether the validity for identity verification using the biometric information.

According to an embodiment of the present invention, the validity confirmation of the biometric information registration request information may include at least one or more pieces of information matching the biometric information registration request information in a customer D / B on a certification authority system associated with the biometric information registration system. It is preferable to include checking whether it is registered.

In addition, the validity check of the biometric information registration request information, it is preferable to check whether the image quality of the biometric information included in the received biometric information registration application information is a certain quality or more.

For example, the validity confirming unit 125 may include the customer D on the certification authority system in which the customer information (customer personal information or member information, etc.) is linked to the biometric information registration system among the information included in the biometric information registration application information. It is preferable to include checking whether it matches with the customer information stored in / B.

Referring to FIG. 1, the information registration server 100 receives the image content transmitted from the information registration terminal 180 through the image receiving unit 120, and receives the biometric information through the validity checking unit 125. When the validity of the information registration application information is authenticated, the electronic document generating unit 130 (or electronic document generating means) for generating a predetermined biometric information registration electronic document including the received image content, and the generated biometric information And an electronic document transmission unit 135 (or an electronic document transmission means) for transmitting a registration electronic document to an electronic document repository associated with the biometric information registration system.

The electronic document generating unit 130 may generate a biometric information registration electronic document including the image content received from the information registration terminal 180 through the image receiving unit 120.

According to the exemplary embodiment of the present invention, the electronic document generation unit 130 stores the biometric information intact as an image file including the image content received from the information registration terminal 180 through the image receiving unit 120. It is preferable to process the biometric information registration electronic document for identification verification.

Alternatively, the electronic document generating unit 130 includes the image content received from the information registration terminal 180 through the image receiving unit 120 in the biometric information registration request information received through the information receiving unit 115. It is preferable to generate a biometric information registration electronic document for identification using the biometric information to an image file corresponding to the image content including at least one or more of the customer information and biometric information in a watermarking manner.

According to another embodiment of the present invention, the electronic document generating unit 130 is a predetermined document file (eg, including the image content received from the information registration terminal 180 through the image receiving unit 120) Generating a PDF (Portable Document Format) file, an EDI (Electronic Data Interchange) file, a word processor file including at least one of HWP / DOC, or a web document file including MHT) It is preferable to generate a biometric information registration electronic document for identity verification.

Alternatively, the electronic document generating unit 130 includes the image content received from the information registration terminal 180 through the image receiving unit 120 in the biometric information registration request information received through the information receiving unit 115. Generating an image content including at least one or more of the stored customer information and biometric information by a watermarking method, and including a predetermined document file (eg, a Portable Document Format (PDF) file) including the generated image content, Or EDI (Electronic Data Interchange) file, a word processor file including at least one or more HWP / DOC, etc., or a web document file including the MHT)) to register the biometric information for identification using the biometric information It is desirable to create an electronic document.

According to another exemplary embodiment of the present invention, the electronic document generating unit 130 receives the image contents and the information receiving unit 115 received from the information registration terminal 180 through the image receiving unit 120. A predetermined document file (e.g., a Portable Document Format (PDF) file, an Electronic Data Interchange (EDI) file, a HWP / DOC, etc.) including at least one document file including the received biometric information registration request information, or By generating a web document file including the MHT), it is preferable to generate a biometric information registration electronic document for identity verification using the biometric information.

Alternatively, the electronic document generating unit 130 includes the image content received from the information registration terminal 180 through the image receiving unit 120 in the biometric information registration request information received through the information receiving unit 115. Generate an image content including at least one or more of the stored customer information and biometric information by a watermarking method, and a predetermined document file including the generated image content and the biometric information registration information (eg, Generating a PDF (Portable Document Format) file, an EDI (Electronic Data Interchange) file, a word processor file including at least one of HWP / DOC, or a web document file including MHT) It is preferable to generate a biometric information registration electronic document for identity verification.

Those skilled in the art to which the present invention pertains, the electronic document generating unit 130, the technical features of generating a biometric information registration electronic document of the image file format and / or a predetermined document file format, and Since the technical features of the file format for the image file and / or the document file corresponding to the information registration electronic document will be familiar, detailed description thereof will be omitted for convenience.

The electronic document transmission unit 135 transmits and stores the biometric information registration electronic document generated by the electronic document generation unit 130 to a predetermined electronic document repository associated with the biometric information registration system. .

As shown in FIG. 1, the electronic document repository is connected to the information registration server 100 on the biometric information registration system through a predetermined communication means and the electronic document server 150 and the electronic document D / B 170 When provided to the outside, the electronic document transmission unit 135 is the electronic document server 150 via the communication means for the biometric information registration electronic document generated by the electronic document generation unit 130 It characterized in that the transmission to.

Here, when the electronic document server 150 and the electronic document D / B 170 is provided outside the biometric information registration system, the electronic document server 150 and the electronic document D / B 170 is It is advisable to manage them in accredited bodies.

According to another embodiment of the present invention, when the electronic document storage is provided on the DBMS provided in the biometric information registration system, the electronic document transmission unit 135 is generated by the electronic document generation unit 130. It is possible to store the biometric information registration electronic document in the electronic document D / B (170) corresponding to the electronic document storage on the DBMS provided in the biometric information registration system, by which the present invention is not limited.

According to an embodiment of the present invention, the electronic document transmission unit 135 may include electronic document-related information (eg, biometric information corresponding to the image content) for generating predetermined electronic document management information in the electronic document server 150. The electronic document further including the customer information that created the registration application, and / or the certification authority information for transmitting the biometric information registration electronic document, and / or the electronic document file format information, and / or the biometric information registration application information, and the like. It is possible to transmit to the storage, by which the present invention is not limited.

Referring to FIG. 1, the information registration server 100 has a validity for identifying an identity using the biometric information through the validity confirming unit 125 through the biometric information registration application information received through the information receiving unit 115. If the authentication, the information storage unit 140 (or information storage means) is stored in a predetermined storage medium 145 by linking the customer information and the biometric information included in the biometric information registration application information of the validity is verified; Characterized in that made.

When the validity of the biometric information registration application information is confirmed by the validity confirming unit 125, the information storage unit 140 stores the data by linking and processing the customer information and biometric information included in the biometric information registration application information. The storage medium 145, the storage medium 145 is provided in the information registration server 100, or when provided on the network associated with the information registration server 100, the information storage The unit 140 preferably processes the customer information and the biometric information included in the received biometric registration request information in association with the storage medium 145, and stores the stored information on the certification authority system. When provided in the provided DBMS, the information storage unit 140 is preferably stored in the DBMS provided on the certification authority system, the customer information, biometric information included in the received biometric information registration application information It is right.

Referring to FIG. 1, an electronic document that receives a predetermined biometric information registration electronic document from the information registration server 100 provided on the biometric information registration system and stores and manages the predetermined biometric information D / B 170 in a predetermined electronic document D / B 170. The server 150 includes an electronic document receiving unit 155 (or electronic document receiving means) for receiving a predetermined biometric information registration electronic document from the information registration server 100 through predetermined communication means, and the received biometric information. An information generating unit 160 (or information generating means) for generating predetermined electronic document management information for storing and managing a registered electronic document in the electronic document D / B 170; and the electronic document management information and the And an electronic document storage unit 165 (or electronic document storage means) for linking and processing the biometric information registration electronic document to a predetermined electronic document D / B 170.

The electronic document receiving unit 155 may receive the biometric information registration electronic document in the form of an image file and / or a document file from the information registration server 100 through the communication means.

According to the exemplary embodiment of the present invention, the biometric information registration electronic document received by the electronic document receiving unit 155 through the communication means is the image content received by the information registration server 100 from the information registration terminal 180. It is preferable that the image file including the same as it is made.

Alternatively, the biometric information registration electronic document received by the electronic document receiving unit 155 through the communication means may register the biometric information in the image content received by the information registration server 100 from the information registration terminal 180. It is preferable to include an image file corresponding to the image content including at least one or more information of the customer information, biometric information included in the application information in a watermarking (Watermarking) method.

According to another exemplary embodiment of the present invention, the biometric information registration electronic document received by the electronic document receiving unit 155 through the communication means is an image received by the information registration server 100 from the information registration terminal 180. A predetermined document file including contents (eg, a Portable Document Format (PDF) file, an Electronic Data Interchange (EDI) file, a word processor file including at least one or more HWP / DOC, etc.), or a web document including an MHT. File).

Alternatively, the biometric information registration electronic document received by the electronic document receiving unit 155 through the communication means may include the biometric information registration request information on the image content received by the information registration server 100 from the information registration terminal 180. A predetermined document file (eg, a Portable Document Format (PDF) file or EDI (Electronic Data Interchange)) containing image content including at least one of customer information and biometric information included in a watermarking method. File, or a word processor file including at least one or more HWP / DOC, or a web document file including MHT).

According to another exemplary embodiment of the present invention, the biometric information registration electronic document received by the electronic document receiving unit 155 through the communication means is received by the information registration server 100 from the information registration terminal 180. A word processor file including at least one of a predetermined document file (eg, a Portable Document Format (PDF) file, an EDI (Electronic Data Interchange) file, an HWP / DOC, etc.) including the image content and the biometric information registration request information. , Or a web document file including MHT).

Alternatively, the biometric information registration electronic document received by the electronic document receiving unit 155 through the communication means may include the biometric information registration request information on the image content received by the information registration server 100 from the information registration terminal 180. Image content including at least one or more of the customer information and biometric information included in the watermarking method and a predetermined document file (eg, a Portable Document Format (PDF) file) including the biometric information registration information; Or an EDI (Electronic Data Interchange) file, a word processor file including at least one or more HWP / DOC, or a web document file including MHT).

The information generating unit 160 uses a predetermined electronic document unique number (or unique information) to be assigned to the biometric information registration electronic document received through the electronic document receiving unit 155, and the electronic document receiving unit 155. And generating electronic document management information including electronic document storage date and time information including a date and time at which the biometric information registration electronic document was received (or a date and time at which the biometric information registration electronic document was stored).

According to the exemplary embodiment of the present invention, the information generating unit 160 registers the biometric information with reference to the information registration server 100 transmitting the biometric information registration electronic document received through the electronic document receiving unit 155. It is preferable to confirm the certification authority that sent the electronic document, and generate the electronic document management information further including the verified certification authority information.

According to another exemplary embodiment of the present invention, when predetermined electronic document related information is further received from the information registration server 100 through the electronic document receiving unit 155, the information generating unit 160 receives the received information. Electronic document-related information (e.g., customer information for creating a biometric information registration application corresponding to the image content, and / or certification authority information for transmitting the biometric information electronic document, and / or electronic document file format information, and / or It is preferable to generate the electronic document management information further comprising the biometric information registration application information).

The electronic document storage unit 165 processes a biometric information registration electronic document received through the electronic document receiving unit 155 and electronic document management information generated by the information generating unit 160 in a predetermined electronic document. It is characterized in that the storage in the D / B (170).

According to the exemplary embodiment of the present invention, the biometric information registration electronic document stored in the electronic document D / B 170 by the electronic document storage unit 165 is the information registration server 100 by the information registration terminal 180. It is preferable that the image file including the image content received from the) as it is included.

Alternatively, the biometric information registration electronic document stored in the electronic document D / B 170 by the electronic document storage unit 165 may include the image content received by the information registration server 100 from the information registration terminal 180. It is preferable to include an image file corresponding to the image content including at least one or more information of the customer information, the biometric information included in the biometric information registration application information in a watermarking (Watermarking) method.

According to another exemplary embodiment of the present invention, the biometric information registration electronic document stored in the electronic document D / B 170 by the electronic document storage unit 165 may include the information registration server 100. A predetermined document file (eg, a Portable Document Format (PDF) file, an Electronic Data Interchange (EDI) file, a HWP / DOC, etc.) including at least one document file including image content received from 180, or Web document file including MHT).

Alternatively, the biometric information registration electronic document stored in the electronic document D / B 170 by the electronic document storage unit 165 may be stored in the image content received by the information registration server 100 from the information registration terminal 180. A predetermined document file (eg, a Portable Document Format (PDF) file) including image content including at least one or more of customer information and biometric information included in the biometric information registration request information by a watermarking method, or An EDI (Electronic Data Interchange) file, a word processor file including at least one or more of HWP / DOC, or a web document file including MHT).

According to another embodiment of the present invention, the biometric information registration electronic document that the electronic document storage unit 165 stores in the electronic document D / B (170) is the information registration server 100 is the information registration terminal At least one predetermined document file (e.g., a Portable Document Format (PDF) file, an Electronic Data Interchange (EDI) file, an HWP / DOC, etc.) including the image content received from the 180 and the biometric information registration request information. Or a web document file including the MHT).

Alternatively, the biometric information registration electronic document stored in the electronic document D / B 170 by the electronic document storage unit 165 may be stored in the image content received by the information registration server 100 from the information registration terminal 180. Image content including at least one or more of customer information and biometric information included in the biometric information registration request information by a watermarking method and a predetermined document file including the biometric information registration request information (eg, PDF ( A Portable Document Format (EDI) file, an EDI (Electronic Data Interchange) file, or a word processor file including at least one or more HWP / DOC, or a web document file including an MHT.

According to the exemplary embodiment of the present invention, the electronic document management information stored in the electronic document D / B 170 by the electronic document storage unit 165 in association with the biological information registration electronic document is stored in the biological information registration electronic. Preferably, a predetermined electronic document unique number (or unique information) assigned to the document and the electronic document storage date and time information are included.

According to an exemplary embodiment of the present invention, the electronic document management information stored in the electronic document D / B 170 by the electronic document storage unit 165 in association with the biometric information registration electronic document is stored in the biometric information registration. It is preferable that the authentication information is sent to the information registration server 100 that sent the electronic document further comprises the certification authority information that sent the electronic document registration electronic document.

According to another exemplary embodiment of the present invention, when predetermined electronic document related information is further received from the information registration server 100, the electronic document storage unit 165 processes the electronic document registration electronic document in association with the biometric information registration electronic document. The electronic document management information stored in the electronic document D / B 170 may include the received electronic document related information (for example, customer information in which a biometric information registration application corresponding to the image content is prepared, and / or the biometric information registration electronics). Certificate authority information for transmitting the document, and / or the electronic document file format information, and / or the biometric information registration application information).

2A and 2B illustrate a process of registering biometric information registration application information in a face-to-face manner according to an exemplary embodiment of the present invention.

In more detail, Figures 2a and 2b, when a predetermined customer fills out and submits a biometric information registration application including at least one of customer information and biometric information for identification using biometric information, Obtain predetermined image contents corresponding to the biometric information registration application through an image acquisition device, and biometric information registration application information and the biometric information corresponding to the biometric information registration application to a biometric information registration system through a predetermined biometric information registration interface. When the image content obtained from the information registration application is provided, a predetermined biometric information registration electronic document including the image content is generated and stored in a predetermined electronic document repository, and the customer information included in the biometric information registration application information. The biometric information is linked to and stored in a predetermined storage medium 145. The method relates to an embodiment of the present invention. Specifically, after obtaining a predetermined image content corresponding to the biometric information registration application from the employee terminal through a predetermined image acquisition device and transmitting it to the information registration server 100, the biometric information An implementation method of inputting (or selecting) biometric information registration application information corresponding to a registration application form and transmitting the same to the information registration server 100 is illustrated.

Persons having ordinary skill in the art to which the present invention pertains may refer to and / or modify the drawings 2a and 2b to register the biometric information registration application information from the employee terminal to the information registration server 100. Although the implementation method may be inferred, the present invention includes all the implementation methods inferred above, and is not limited to the implementation method shown in FIGS. 2A and 2B.

For example, in the implementation method shown in FIGS. 2A and 2B, the employee terminal acquires predetermined image contents corresponding to the biometric information registration application through a predetermined image acquisition device, and / or the biometric information registration application. Although a user interface for inputting (or selecting) corresponding biometric information registration application information is illustrated and provided from the information registration server 100, the user interface is provided with a predetermined information registration program in the employee terminal. Is not necessarily provided from the information registration server 100, whereby the present invention is not limited.

Hereinafter, in FIG. 2A and FIG. 2B, the employee terminal shown in FIG. 2 is referred to as "terminal" for convenience, and the information registration server 100 shown in FIG. The customer information and biometric information transmitted to the information registration server 100 are referred to as "biological information registration application information" for convenience.

Referring to FIGS. 2A and 2B, when a predetermined customer fills out and submits a biometric information registration application including at least one of customer information and biometric information to identify an identity using biometric information, the employee terminal shown in the drawings s. When the server is connected to the server through a predetermined communication network and a predetermined communication channel is connected, the user interface request for identification using the biometric information corresponding to the biometric information registration application is requested (200). The terminal generates (or extracts) a user interface for acquiring and transmitting the predetermined image content corresponding to the biometric information registration application written by the customer through the predetermined image obtaining apparatus to the server (205), and the communication network. The generated (or extracted) user interface is transmitted to the terminal through the output (210).

Thereafter, the terminal acquires image content corresponding to the biometric information registration application through a predetermined image acquisition device based on the user interface (215).

If image content corresponding to the biometric information registration application is obtained through the image acquisition device (220), the terminal transmits the obtained image content to the server through the communication network (225).

Thereafter, the server inputs (or selects) biometric information registration request information including at least one of customer information and biometric information corresponding to the biometric information registration application matching the image content and transmits the user interface to the server. It generates (or extracts) 230 and transmits the generated (or extracted) user interface to the terminal through the communication network and outputs it (235).

Thereafter, the terminal inputs (or selects) biometric information registration request information including at least one of the customer information and biometric information through the user interface (240).

If the biometric information registration request information including at least one of the customer information and the biometric information is input (or selected) through the user interface (245), the terminal inputs (or selects) the terminal to the server through the communication network. The biometric information registration application information is transmitted (250).

Thereafter, the server receives and reads biometric information registration request information including at least one of the customer information and biometric information through the communication network to confirm the validity of the biometric information registration request information (255).

According to an embodiment of the present invention, the validity confirmation of the biometric information registration request information may include at least one or more pieces of information matching the biometric information registration request information in a customer D / B on a certification authority system associated with the biometric information registration system. It is preferable to include checking whether it is registered.

In addition, the validity check of the biometric information registration request information, it is preferable to check whether the image quality of the biometric information included in the received biometric information registration application information is a certain quality or more.

For example, the validity confirming unit 125 may include the customer D on the certification authority system in which the customer information (customer personal information or member information, etc.) is linked to the biometric information registration system among the information included in the biometric information registration application information. It is preferable to include checking whether it matches with the customer information stored in / B.

If the validity of the biometric information registration request information is not authenticated (260), the server generates predetermined information registration error information and transmits it to the terminal (265), and registers the information corresponding to the biometric information registration request information. Do not perform the procedure.

On the other hand, if the validity of the biometric information registration request information is authenticated (260), the server generates a predetermined biometric information registration electronic document including the image content (270).

According to an exemplary embodiment of the present invention, the server may use an image file including the image content received from the information registration terminal 180 through the image receiving unit 120 as it is to identify a living body using the biometric information. It is preferable to process the information registration electronic document.

Alternatively, the server may include the customer information and the biometric information included in the biometric information registration request information received through the information receiver 115 in the image content received from the information registration terminal 180 through the image receiver 120. It is preferable to generate a biometric information registration electronic document for identification using the biometric information of an image file corresponding to the image content including at least one or more of the information by a watermarking method.

According to another exemplary embodiment of the present disclosure, the server may include a predetermined document file (eg, Portable Document Format (PDF)) including the image content received from the information registration terminal 180 through the image receiving unit 120. File, or an EDI (Electronic Data Interchange) file, a word processor file including at least one or more of HWP / DOC, or a web document file including MHT), thereby generating a living body for identification using the biometric information. It is desirable to generate an information registration electronic document.

Alternatively, the server may include the customer information and the biometric information included in the biometric information registration request information received through the information receiver 115 in the image content received from the information registration terminal 180 through the image receiver 120. Generate image content including at least one of the information in a watermarking (2atermarking) method, and a predetermined document file (for example, a Portable Document Format (PDF) file or EDI (Electronic Data Interchange) including the generated image content ), A word processor file including at least one of HWP / DOC or the like, or a web document file including MHT). desirable.

According to another embodiment of the present invention, the server is the image content received from the information registration terminal 180 through the image receiving unit 120 and the biometric information registration request received through the information receiving unit 115. A predetermined document file including information (eg, a Portable Document Format (PDF) file, an Electronic Data Interchange (EDI) file, a word processor file including at least one or more HWP / DOC, etc.), or a web document including an MHT. File) to generate a biometric information registration electronic document for identity verification using the biometric information.

Alternatively, the server may include the customer information and the biometric information included in the biometric information registration request information received through the information receiver 115 in the image content received from the information registration terminal 180 through the image receiver 120. Generates image content including at least one or more of the information by a watermarking method, and a predetermined document file (eg, a Portable Document Format (PDF) file) including the generated image content and the biometric information registration information. , Or an electronic data interchange (EDI) file, a word processor file including at least one or more HWP / DOC, or a web document file including MHT), to generate biometric information for identification using the biometric information. It is desirable to create a registration electronic document.

Those skilled in the art to which the present invention pertains can provide a technical feature that the server generates a biometric information registration electronic document in an image file format and / or a predetermined document file format, and corresponds to the biometric information registration electronic document. The technical features of the file format for the image file and / or document file to be familiar with, so a detailed description thereof will be omitted for convenience.

Thereafter, the server stores the generated biometric information registration electronic document in a predetermined electronic document storage (275).

As shown in the drawings, the electronic document repository includes an electronic document D / B 170 and an electronic document server 150 linked with a server on the biometric information registration system through predetermined communication means. When provided in the, it is preferable that the server transmits the generated biometric information registration electronic document to the electronic document server 150 through the communication means to store in the electronic document D / B (170).

Alternatively, when the electronic document storage is provided on the DBMS provided in the biometric information registration system, the server corresponds to the generated electronic information storage electronic document on the DBMS provided in the biometric information registration system. It is possible to store in the electronic document D / B (170), thereby the present invention is not limited.

According to an embodiment of the present invention, the storing of the biometric information registration electronic document in the electronic document storage is performed by linking the generated biometric information registration electronic document with predetermined electronic document management information. It is preferable to include storing in the document D / B (170).

Here, the electronic document management information preferably includes a predetermined electronic document unique number (or unique information) assigned to the biometric information registration electronic document and the electronic document storage date and time information.

The electronic document management information may further include certification authority information that transmits the biometric information registration electronic document.

Further, the electronic document management information may include predetermined electronic document-related information (for example, customer information for creating a biometric information registration application corresponding to the image content, and / or certification authority information for transmitting the biometric information electronic document, and / or Or electronic document file format information, and / or the biometric information registration application information).

If the biometric information registration electronic document is stored in the electronic document repository (280), the server processes the customer information and the biometric information included in the biometric information registration request information in a predetermined storage medium 145 (285), predetermined information registration history information (e.g., the history of storing the biological information registration electronic document in the electronic document storage, and / or the history of storing the biometric information registration application information in the storage medium 145); ) Is generated (or extracted) and transmitted to the terminal (290).

According to an embodiment of the present invention, the storage medium 145 is preferably provided in a DBMS on a certification authority system provided on the biometric information registration system (or associated with the biometric information registration system). When the storage medium 145 may be a customer D / B provided in the DBMS on the certification authority system, and / or a predetermined database associated with the customer D / B, the present invention is not limited thereto.

3A and 3B illustrate a process of registering biometric information registration application information in a face-to-face manner according to another exemplary embodiment of the present invention.

In more detail, Figures 3a and 3b, when a predetermined customer fills out and submits a biometric information registration application including at least one of customer information and biometric information to identify an identity using biometric information, Obtain predetermined image contents corresponding to the biometric information registration application through an image acquisition device, and biometric information registration application information and the biometric information corresponding to the biometric information registration application to a biometric information registration system through a predetermined biometric information registration interface. When the image content obtained from the information registration application is provided, a predetermined biometric information registration electronic document including the image content is generated and stored in a predetermined electronic document repository, and the customer information included in the biometric information registration application information. The biometric information is linked and stored in a predetermined storage medium 145. The method is an information method. Specifically, the staff terminal inputs (or selects) the biometric information registration application information corresponding to the biometric information registration application and transmits it to the information registration server 100, and then a predetermined image acquisition device. It illustrates a method of obtaining a predetermined image content corresponding to the biometric information registration application through the information registration server 100 to transmit.

Persons having ordinary skill in the art to which the present invention pertains may refer to and / or modify the drawings 3a and 3b to register the biometric information registration application information from the employee terminal to the information registration server 100. Although the implementation method may be inferred, the present invention includes all implementation methods inferred from the above, and is not limited to the implementation method shown in FIGS. 3A and 3B.

For example, in the implementation method shown in FIGS. 3A and 3B, the employee terminal acquires predetermined image contents corresponding to the biometric information registration application through a predetermined image acquisition device, and / or the biometric information registration application. Although a user interface for inputting (or selecting) corresponding biometric information registration application information is illustrated and provided from the information registration server 100, the user interface is provided with a predetermined information registration program in the employee terminal. Is not necessarily provided from the information registration server 100, whereby the present invention is not limited.

In the following Figures 3a and 3b, the employee terminal shown in the figures s is referred to as "terminal" for convenience, and the information registration server 100 shown in the figure s referred to as "server" for convenience, and said employee terminal The customer information and biometric information transmitted to the information registration server 100 is referred to as "biological information registration application information" for convenience.

Referring to FIGS. 3A and 3B, when a predetermined customer fills out and submits a biometric information registration application including at least one of customer information and biometric information to identify an identity using biometric information, the employee terminal shown in the drawings s. When the server is connected to the server through a predetermined communication network and a predetermined communication channel is connected, the user interface request for identification using the biometric information corresponding to the biometric information registration application is requested (300). Generates (or extracts) a user interface for inputting (or selecting) biometric information registration application information including at least one of customer information and biometric information corresponding to the biometric information registration application created by the customer and transmitting the biometric information registration application information to the server; 305, by transmitting the generated (or extracted) user interface to the terminal through the communication network The output (310).

Thereafter, the terminal inputs (or selects) biometric information registration request information including at least one of the customer information and biometric information through the user interface (315).

If the biometric information registration request information including at least one of the customer information and the biometric information is input (or selected) through the user interface (320), the terminal inputs (or selects) the server to the server through the communication network. The biometric information registration application information is transmitted (325).

Thereafter, the server receives and reads biometric information registration request information including at least one of the customer information and biometric information through the communication network to confirm the validity of the biometric information registration request information (330).

According to an embodiment of the present invention, the validity confirmation of the biometric information registration request information may include at least one or more pieces of information matching the biometric information registration request information in a customer D / B on a certification authority system associated with the biometric information registration system. It is preferable to include checking whether it is registered.

In addition, the validity check of the biometric information registration request information, it is preferable to check whether the image quality of the biometric information included in the received biometric information registration application information is a certain quality or more.

For example, the validity confirming unit 125 may include the customer D on the certification authority system in which the customer information (customer personal information or member information, etc.) is linked to the biometric information registration system among the information included in the biometric information registration application information. It is preferable to include checking whether it matches with the customer information stored in / B.

If the validity of the biometric information registration request information is not authenticated (335), the server generates predetermined information registration error information and transmits it to the terminal (340), and registers the information corresponding to the biometric information registration request information. Do not perform the procedure.

On the other hand, if the validity of the biometric information registration application information is authenticated (335), the server acquires the predetermined image content corresponding to the biometric information registration application created by the customer through a predetermined image acquisition device in the terminal to the server A user interface for transmitting to the terminal is generated (or extracted) (345), and the generated (or extracted) user interface is transmitted to the terminal through the communication network (350).

Thereafter, the terminal acquires image content corresponding to the biometric information registration application through a predetermined image acquisition device based on the user interface (355).

If image content corresponding to the biometric information registration application is obtained through the image acquisition device (360), the terminal transmits the obtained image content to the server through the communication network (365).

Upon receiving the biometric information registration request information and the image content from the terminal, the server generates a predetermined biometric information registration electronic document including the image content (370).

According to an exemplary embodiment of the present invention, the server may use an image file including the image content received from the information registration terminal 180 through the image receiving unit 120 as it is to identify a living body using the biometric information. It is preferable to process the information registration electronic document.

Alternatively, the server may include the customer information and the biometric information included in the biometric information registration request information received through the information receiver 115 in the image content received from the information registration terminal 180 through the image receiver 120. It is preferable to generate a biometric information registration electronic document for identification using the biometric information of an image file corresponding to the image content including at least one or more of the information by a watermarking method.

According to another exemplary embodiment of the present invention, the server may include a predetermined document file (eg, Portable Document Format (PDF)) including the image content received from the information registration terminal 180 through the image receiving unit 120. File, or an EDI (Electronic Data Interchange) file, a word processor file including at least one or more of HWP / DOC, or a web document file including MHT), thereby generating a living body for identification using the biometric information. It is desirable to generate an information registration electronic document.

Alternatively, the server may include the customer information and the biometric information included in the biometric information registration request information received through the information receiver 115 in the image content received from the information registration terminal 180 through the image receiver 120. Generates image content including at least one of the information in a watermarking method, and a predetermined document file (eg, a Portable Document Format (PDF) file or EDI (Electronic Data Interchange) including the generated image content. ), A word processor file including at least one of HWP / DOC or the like, or a web document file including MHT). desirable.

According to another embodiment of the present invention, the server is the image content received from the information registration terminal 180 through the image receiving unit 120 and the biometric information registration request received through the information receiving unit 115. A predetermined document file including information (eg, a Portable Document Format (PDF) file, an Electronic Data Interchange (EDI) file, a word processor file including at least one or more HWP / DOC, etc.), or a web document including an MHT. File) to generate a biometric information registration electronic document for identity verification using the biometric information.

Alternatively, the server may include the customer information and the biometric information included in the biometric information registration request information received through the information receiver 115 in the image content received from the information registration terminal 180 through the image receiver 120. Generates image content including at least one or more of the information by a watermarking method, and a predetermined document file (eg, a Portable Document Format (PDF) file) including the generated image content and the biometric information registration information. , Or an electronic data interchange (EDI) file, a word processor file including at least one or more HWP / DOC, or a web document file including MHT), to generate biometric information for identification using the biometric information. It is desirable to create a registration electronic document.

Those skilled in the art to which the present invention pertains can provide a technical feature that the server generates a biometric information registration electronic document in an image file format and / or a predetermined document file format, and corresponds to the biometric information registration electronic document. The technical features of the file format for the image file and / or document file to be familiar with, so a detailed description thereof will be omitted for convenience.

Thereafter, the server stores the generated biometric information registration electronic document in a predetermined electronic document storage (375).

As shown in the drawings, the electronic document repository includes an electronic document D / B 170 and an electronic document server 150 linked with a server on the biometric information registration system through predetermined communication means. When provided in the, it is preferable that the server transmits the generated biometric information registration electronic document to the electronic document server 150 through the communication means to store in the electronic document D / B (170).

Alternatively, when the electronic document storage is provided on the DBMS provided in the biometric information registration system, the server corresponds to the generated electronic information storage electronic document on the DBMS provided in the biometric information registration system. It is possible to store in the electronic document D / B (170), thereby the present invention is not limited.

According to an embodiment of the present invention, the storing of the biometric information registration electronic document in the electronic document storage is performed by linking the generated biometric information registration electronic document with predetermined electronic document management information. It is preferable to include storing in the document D / B (170).

Here, the electronic document management information preferably includes a predetermined electronic document unique number (or unique information) assigned to the biometric information registration electronic document and the electronic document storage date and time information.

The electronic document management information may further include certification authority information that transmits the biometric information registration electronic document.

Further, the electronic document management information may include predetermined electronic document-related information (for example, customer information for creating a biometric information registration application corresponding to the image content, and / or certification authority information for transmitting the biometric information electronic document, and / or Or electronic document file format information, and / or the biometric information registration application information).

If the biometric information registration electronic document is stored in the electronic document repository (380), the server processes the customer information and biometric information included in the biometric information registration request information in a predetermined storage medium 145 (385), predetermined information registration history information (e.g., the history of storing the biometric information registration electronic document in the electronic document storage, and / or the history of storing the biometric information registration application information in the storage medium 145); ) Is generated (or extracted) and transmitted to the terminal (390).

According to an embodiment of the present invention, the storage medium 145 is preferably provided in a DBMS on a certification authority system provided on the biometric information registration system (or associated with the biometric information registration system). The storage medium 145 may be a customer D / B provided in the DBMS on the certification authority system and / or a predetermined database associated with the customer D / B, and the present invention is not limited thereto.

4A and 4B illustrate a process of registering biometric information registration application information in a face-to-face manner according to another exemplary embodiment of the present invention.

In more detail, FIGS. 4A and 4B show that a predetermined customer fills out and submits a biometric information registration application including at least one of customer information and biometric information to identify an identity using biometric information. Obtain predetermined image contents corresponding to the biometric information registration application through an image acquisition device, and biometric information registration application information and the biometric information corresponding to the biometric information registration application to a biometric information registration system through a predetermined biometric information registration interface. When the image content obtained from the information registration application is provided, a predetermined biometric information registration electronic document including the image content is generated and stored in a predetermined electronic document repository, and the customer information included in the biometric information registration application information. The biometric information is linked and stored in a predetermined storage medium 145. Is an implementation method, specifically, the employee terminal acquires predetermined image contents corresponding to the biometric information registration application through a predetermined image acquisition device, and obtains biometric information registration application information corresponding to the biometric information registration application. It shows an implementation method of inputting (or selecting) and transmitting to the information registration server 100.

Persons having ordinary skill in the art to which the present invention pertains may refer to and / or modify the drawings 4a and 4b to register the biometric information registration application information from the employee terminal to the information registration server 100. Although the implementation method may be inferred, the present invention includes all implementation methods inferred from the above, and is not limited to the implementation method shown in FIGS. 4A and 4B.

For example, in the implementation method shown in FIGS. 4A and 4B, the employee terminal acquires predetermined image contents corresponding to the biometric information registration application through a predetermined image acquisition device, and / or the biometric information registration application. Although a user interface for inputting (or selecting) corresponding biometric information registration application information is illustrated and provided from the information registration server 100, the user interface is provided with a predetermined information registration program in the employee terminal. Is not necessarily provided from the information registration server 100, whereby the present invention is not limited.

In the following Figures 4a and 4b, the employee terminal shown in the drawing s is referred to as "terminal" for convenience, and the information registration server 100 shown in the drawing s is referred to as "server" for convenience, and in the employee terminal The customer information and biometric information transmitted to the information registration server 100 are referred to as "biological information registration application information" for convenience.

Referring to FIGS. 4A and 4B, when a predetermined customer fills out and submits a biometric information registration application including at least one of customer information and biometric information to identify an identity using biometric information, the employee terminal illustrated in the drawings s. The server requests a user interface for identification using the biometric information corresponding to the biometric information registration application (400) while accessing the server through a predetermined communication network and connecting a predetermined communication channel (400). Inputs (or selects) biometric information registration application information corresponding to the biometric information registration application written by the customer in the terminal, and acquires predetermined image content corresponding to the biometric information registration application through a predetermined image obtaining device; Create (or extract) a user interface for transmission to the server (405) and communicate over the network In operation 410, the generated (or extracted) user interface is transmitted to the terminal.

Thereafter, the terminal inputs (or selects) biometric information registration request information including at least one of the customer information and biometric information through the user interface (415).

If the biometric information registration request information including at least one of the customer information and the biometric information is input (or selected) through the user interface (420), the terminal uses a predetermined image acquisition apparatus based on the user interface. An image content corresponding to the biometric information registration application is acquired (425).

If the image content corresponding to the biometric information registration application is obtained through the image acquisition device (430), the terminal transmits the biometric information registration application information and the image content to the server through the communication network (435).

Thereafter, the server receives and reads biometric information registration request information including at least one of the customer information and biometric information through the communication network to confirm the validity of the biometric information registration request information (440).

According to an embodiment of the present invention, the validity confirmation of the biometric information registration request information may include at least one or more pieces of information matching the biometric information registration request information in a customer D / B on a certification authority system associated with the biometric information registration system. It is preferable to include checking whether it is registered.

In addition, the validity check of the biometric information registration request information, it is preferable to check whether the image quality of the biometric information included in the received biometric information registration application information is a certain quality or more.

For example, the validity confirming unit 125 may include the customer D on the certification authority system in which the customer information (customer personal information or member information, etc.) is linked to the biometric information registration system among the information included in the biometric information registration application information. It is preferable to include checking whether it matches the customer information stored in / B.

If the validity of the biometric information registration request information is not authenticated (445), the server generates predetermined information registration error information and transmits it to the terminal (450), and registers the information corresponding to the biometric information registration request information. Do not perform the procedure.

On the other hand, if the validity of the biometric information registration request information is authenticated (445), the server generates a predetermined biometric information registration electronic document including the image content (455).

According to an exemplary embodiment of the present invention, the server may use an image file including the image content received from the information registration terminal 180 through the image receiving unit 120 as it is to identify a living body using the biometric information. It is preferable to process the information registration electronic document.

Alternatively, the server may include the customer information and the biometric information included in the biometric information registration request information received through the information receiver 115 in the image content received from the information registration terminal 180 through the image receiver 120. It is preferable to generate a biometric information registration electronic document for identification using the biometric information to an image file corresponding to the image content including at least one or more of the information by a watermarking method.

According to another exemplary embodiment of the present invention, the server may include a predetermined document file (eg, Portable Document Format (PDF)) including the image content received from the information registration terminal 180 through the image receiving unit 120. File, or an EDI (Electronic Data Interchange) file, a word processor file including at least one or more of HWP / DOC, or a web document file including MHT), thereby generating a living body for identification using the biometric information. It is desirable to generate an information registration electronic document.

Alternatively, the server may include the customer information and the biometric information included in the biometric information registration request information received through the information receiver 115 in the image content received from the information registration terminal 180 through the image receiver 120. Generates image content including at least one of the information in a watermarking method, and a predetermined document file (eg, a Portable Document Format (PDF) file or EDI (Electronic Data Interchange) including the generated image content. ), A word processor file including at least one or more HWP / DOC, or a web document file including an MHT) to generate a biometric information pre-enrollment advisor for identity verification using the biometric information. It is preferable.

According to another embodiment of the present invention, the server is the image content received from the information registration terminal 180 through the image receiving unit 120 and the biometric information registration request received through the information receiving unit 115. A predetermined document file including information (eg, a Portable Document Format (PDF) file, an Electronic Data Interchange (EDI) file, a word processor file including at least one or more HWP / DOC, etc.), or a web document including an MHT. File) to generate a biometric information registration electronic document for identity verification using the biometric information.

Alternatively, the server may include the customer information and the biometric information included in the biometric information registration request information received through the information receiver 115 in the image content received from the information registration terminal 180 through the image receiver 120. Generates image content including at least one or more of the information by a watermarking method, and a predetermined document file (eg, a Portable Document Format (PDF) file) including the generated image content and the biometric information registration information. , Or an electronic data interchange (EDI) file, a word processor file including at least one or more HWP / DOC, or a web document file including MHT), to generate biometric information for identification using the biometric information. It is desirable to create a registration electronic document.

Those skilled in the art to which the present invention pertains can provide a technical feature that the server generates a biometric information registration electronic document in an image file format and / or a predetermined document file format, and corresponds to the biometric information registration electronic document. The technical features of the file format for the image file and / or document file to be familiar with, so a detailed description thereof will be omitted for convenience.

Thereafter, the server stores the generated biometric information registration electronic document in a predetermined electronic document storage (460).

As shown in the drawings, the electronic document repository includes an electronic document D / B 170 and an electronic document server 150 linked with a server on the biometric information registration system through predetermined communication means. When provided in the, it is preferable that the server transmits the generated biometric information registration electronic document to the electronic document server 150 through the communication means to store in the electronic document D / B (170).

Alternatively, when the electronic document storage is provided on the DBMS provided in the biometric information registration system, the server corresponds to the generated electronic information storage electronic document on the DBMS provided in the biometric information registration system. It is possible to store in the electronic document D / B (170), thereby the present invention is not limited.

According to an embodiment of the present invention, the storing of the biometric information registration electronic document in the electronic document storage is performed by linking the generated biometric information registration electronic document with predetermined electronic document management information. It is preferable to include storing in the document D / B (170).

Here, the electronic document management information preferably includes a predetermined electronic document unique number (or unique information) assigned to the biometric information registration electronic document and the electronic document storage date and time information.

The electronic document management information may further include certification authority information that transmits the biometric information registration electronic document.

Further, the electronic document management information may include predetermined electronic document-related information (for example, customer information for creating a biometric information registration application corresponding to the image content, and / or certification authority information for transmitting the biometric information electronic document, and / or Or electronic document file format information, and / or the biometric information registration application information).

If the biometric information registration electronic document is stored in the electronic document repository (465), the server processes the customer information and biometric information included in the biometric information registration application information in a predetermined storage medium 145 470, predetermined information registration history information (e.g., the history of storing the biometric information registration electronic document in the electronic document storage, and / or the history of storing the biometric information registration application information in the storage medium 145). ) Is generated (or extracted) and transmitted to the terminal (475).

According to an embodiment of the present invention, the storage medium 145 is preferably provided in a DBMS on a certification authority system provided on the biometric information registration system (or associated with the biometric information registration system). The storage medium 145 may be a customer D / B provided in the DBMS on the certification authority system and / or a predetermined database associated with the customer D / B, and the present invention is not limited thereto.

5 is a diagram illustrating a non-face-to-face biometric information registration system for identity verification using biometric information according to another exemplary embodiment of the present invention.

In more detail, FIG. 5 illustrates biometric information registration application information including at least one of customer information and biometric information for a predetermined customer to identify an identity using the biometric information to a biometric information registration system through a predetermined biometric information registration interface. If so, the biometric information registration system generates a predetermined biometric information registration electronic document including the provided biometric information registration application information and stores it in a predetermined electronic document storage, and the customer information included in the biometric information registration application information. The present invention relates to a system configuration for cooperatively processing biometric information and storing it in a predetermined storage medium 540. Specifically, the electronic document repository is provided on an external system associated with the biometric information registration system through a predetermined communication means. It is about the implementation method.

Those skilled in the art to which the present invention pertains may refer to and / or modify this drawing 5 to infer various implementation methods for the configuration of a biometric information registration system for identification using biometric information. The present invention includes all the implementation methods inferred above, and is not limited to the implementation method shown in FIG.

For example, one of ordinary skill in the art to which the present invention pertains may refer to and / or modify this drawing 5 to infer an implementation method provided in a DBMS in which the electronic document repository is located in the biometric information registration system. As will be appreciated, the present invention includes all the inferred implementation methods, and is not limited to the implementation method shown in FIG.

In addition, according to the implementation method shown in FIG. 5, the biometric information registration electronic document is illustrated as being generated on the server side on the biometric information registration system, but the present invention is not limited thereto. The information registration electronic document may be generated on the terminal side that inputs (or selects) the biometric information registration application information and transmits the biometric information registration function (for example, the electronic document generation function provided on the server side is provided on the terminal side to register the biometric information). Generate an electronic document), by which the present invention is not limited.

In addition, according to the implementation method illustrated in FIG. 5, the biometric information included in the biometric information registration application includes only selection information for selecting a type of biometric information (eg, fingerprint, iris, etc.), and the biometric information registration application. At the time, it is possible to receive biometric information about the user, whereby the present invention is not limited.

Hereinafter, the biometric information registration application information is received from the customer through a predetermined biometric information registration interface on the biometric information registration system shown in FIG. 5 to generate a predetermined biometric information registration electronic document and store it in a predetermined electronic document repository. In addition, at least one means for storing the biometric information registration application information in a predetermined storage medium 540 and / or a component corresponding to a functional configuration is referred to as "information registration server 500" for convenience.

Referring to FIG. 5 according to an embodiment of the present invention, a biometric information registration system for identifying an identity using the biometric information includes at least a client terminal including at least one wired terminal and / or a wireless terminal used by a customer. Characterized in that it comprises one or more information registration terminal 570, the information registration terminal 570 and the information registration server 500 provided on the biometric information registration system through a predetermined network means; The communication channel is connected.

According to an embodiment of the present invention, the customer accesses the information registration server 500 through at least one client terminal of a wired terminal connected to a predetermined wired communication network and / or a wireless terminal connected to a predetermined wireless communication network, When the biometric information registration application information for identifying the identity using the biometric information is input (or selected) through at least one user interface provided by the information registration server 500, the client terminal transmits the biometric information registration application information through a predetermined network means. It is preferable to transmit to the information registration server 500 provided on the biometric information registration system.

Here, the wired terminal connected to the wired communication network is a generic term for all terminal devices connected to a transmission control protocol / Internet protocol (TCP / IP) based communication network and includes a desktop computer and / or a laptop connected to the TCP / IP based communication network. (Notebook) or at least one home appliance terminal (for example, a refrigerator, a set-top-box, etc.) connected to the TCP / IP-based communication network, or a kiosk (KIOSK) connected to the TCP / IP-based communication network It is preferable to make it.

In addition, a wireless terminal connected to the wireless communication network is any terminal device connected to a mobile communication network based on Code Division Multiple Access (CDMA) (and / or High-Speed Downlink Packet Access (HSDPA)), and / or IEEE 802.16x based. A generic term for all terminal devices connected to the portable Internet and / or all terminal devices connected to an IEEE 802.11x based WLAN, the personal communication system being connected to the CDMA based (and / or HSDPA based) mobile communication network; PCS and / or Global System for Mobile communications (GSM) terminals and / or Personal Digital Cellular (PDC) and / or Personal Handyphone System (PHS) terminals and / or Personal Digital Assistants (PDAs) ) And / or a smart phone and / or telematics, or a portable Internet terminal connected to the IEEE 802.16x based mobile Internet, or the IEEE 802.11x based It is preferable to include at least one or more WLAN terminal connected to the WLAN.

In addition, the network means for connecting the client terminal and the information registration server 500 is a CDMA-based (and / or HSDPA-based) mobile communication network and / or IEEE 802.16x-based based on the type of wireless communication network connected to the client terminal It is preferable that any one of the portable Internet and / or IEEE 802.11x-based wireless LAN, and / or includes all kinds of wireless communication networks proposed in the future including a predetermined wireless interval.

In addition, the client terminal outputs at least one or more user interfaces provided by the information registration server 500, and inputs and / or selects at least one or more information through the user interface to the information registration server 500. It is preferable that a function configuration (for example, a browser program and a communication function or a predetermined communication program and communication function to communicate with the information registration server 500, etc.) for transmission is provided.

Those skilled in the art to which the present invention pertains can easily infer the characteristics of the client terminal corresponding to at least one or more wired terminals and / or wireless terminals, and thus the detailed description thereof is omitted for convenience. .

In the biometric information registration system as described above, a client terminal including at least one wired terminal and / or a wireless terminal used by the customer, and at least one wired communication network connecting the client terminal and the information registration server 500. And / or the wireless communication network performs a function of a biometric information registration interface for registering the biometric information registration application information for the customer to confirm the identity using the biometric information.

According to another exemplary embodiment of the present invention, the information registration terminal 570 further includes a terminal (and / or server) (not shown) provided in at least one or more institutions affiliated with the certification authority, in addition to the client terminal. In this regard, the present invention is not limited thereto.

The storage medium 540 provided on the biometric information registration system according to the present invention performs a predetermined process by linking the customer information and biometric information included in the biometric information registration information provided from the information registration terminal 570. The storage medium 540 is characterized in that the storage.

The customer information includes personal information of the customer (eg, customer's name, social security number, address, phone number, mobile phone number, e-mail address, etc.), and member information of the customer (eg, the customer is registered as a customer of the certification authority). It is preferable to include at least one or more), such as member ID information provided in the customer D / B provided on the certification authority system associated with the biometric information registration system corresponding to the customer.

The biometric information may be provided by a customer who filled out the biometric information registration application (or scanned by scanning a body part of the customer (eg, fingerprint, iris, face, etc.)) and / or features on the image data (eg, among fingerprints). Characteristic of the pattern that is differentiated from the general pattern) It is preferable to include at least one data.

According to an embodiment of the present invention, the storage medium 540 is preferably provided in a DBMS on a certification authority system provided on the biometric information registration system (or associated with the biometric information registration system). The storage medium 540 may be a customer D / B provided in the DBMS on the certification authority system, and / or a predetermined database associated with the customer D / B, and the present invention is not limited thereto.

The information registration server 500 provided on the biometric information registration system according to the present invention is a generic term for components of the biometric information registration system side connected to the information registration terminal 570 through a predetermined network means. It may be implemented by including the above server (or device), and / or may be implemented by at least one or more programs recorded on a recording medium provided in a predetermined server (or device), whereby the present invention is not limited.

According to an embodiment of the present invention, the information registration server 500 includes an interface unit 505 (or interface means) for connecting and managing a predetermined communication channel with the information registration terminal 570 through the network means. Characterized in that made.

According to an exemplary embodiment of the present invention, when the information registration terminal 570 is a client terminal including a wired terminal and / or a wireless terminal connected to a predetermined wired communication network and / or a wireless communication network, the interface unit 505 is At least one or more pieces of information are connected by connecting a predetermined communication channel with the client terminal based on a protocol stack defined in the wired communication network and / or a wireless communication network, and using a communication protocol defined in a communication program provided in the client terminal. Or data) communication interface for transmitting and receiving.

For example, if the client terminal is equipped with a browser program corresponding to the Hyper-Text Transfer Protocol (HTTP) protocol, the interface unit 505 connects a communication channel with the client terminal based on the TCP / IP protocol, It provides a communication interface for transmitting and receiving web pages (eg, Hyper-Text Markup Language (HTML) compatible web pages) and / or information using the HTPP protocol defined in the browser program.

Alternatively, when the client terminal is provided with a communication program (eg, an information registration program) provided by the information registration server 500, the interface unit 505 communicates with the client terminal based on the TCP / IP protocol. It connects a channel and provides a communication interface for transmitting and receiving information (or data) using a communication protocol defined in the communication program.

According to another exemplary embodiment of the present invention, when the information registration terminal 570 is a client terminal including a wireless terminal connected to a predetermined wireless communication network, the interface unit 505 uses a protocol stack defined in the wireless communication network. It is preferable to provide a communication interface for connecting at least one communication channel with the client terminal and transmitting and receiving at least one information (or data) using a communication protocol defined in a communication program provided in the client terminal.

For example, when a browser program corresponding to a WAP (Wireless Application Protocol) and / or a Mobile Explorer (ME) protocol is provided in the client terminal, the interface unit 505 communicates with the client terminal based on the CDMA protocol. And a communication interface for transmitting and receiving web pages (e.g., WML (Wireless Markup Language) compatible web pages, or HTML compatible web pages) and / or information using the WAP / ME protocol defined in the browser program. .

Alternatively, when the client terminal is provided with a communication program (eg, IC chip-based information registration program) provided by the information registration server 500, the interface unit 505 is based on the CDMA protocol. And a communication channel and provide a communication interface for transmitting and receiving information (or data) using a communication protocol defined in the communication program.

Referring to FIG. 5, when the predetermined information registration terminal 570 connects a predetermined communication channel with the information registration server 500 through the interface unit 505, the information registration server 500 may be configured as the living body. At least one user interface for inputting (or selecting) predetermined biometric information registration application information from the information registration terminal 570 to transmit the information to the information registration server 500 for identification verification using information (or at least) is generated (or And an interface providing unit 510 (or interface providing means) for providing the generated (or extracted) user interface to the information registration terminal 570 in association with the interface unit 505, and the information registration. When the terminal 570 inputs (or selects) and transmits the biometric information registration request information through the user interface, the information registration terminal 5 is linked with the interface unit 505. And an information receiving unit 515 (or information receiving means) for receiving the biometric information registration request information transmitted from 70.

The interface providing unit 510 connects a predetermined communication channel with the information registration server 500 through the interface registration unit 505, and then the information registration server 500 sends the information registration server 500 to the information registration server 500. When requesting a user interface for identity verification using biometric information, the information registration terminal 570 inputs (or selects) predetermined biometric information registration request information and transmits the biometric information to the information registration server 500 through the network means. Generate at least one user interface, and / or extract from a predetermined database (not shown), and link the generated (or extracted) user interface with the interface unit 505 via the network means. It is characterized in that provided to the registration terminal 570.

According to an embodiment of the present invention, when the information registration terminal 570 is a client terminal including a wired terminal connected to a predetermined wired communication network, the interface providing unit 510 is a browser program provided in the client terminal. And / or generate (or extract) a predetermined user interface that can be provided to a communication program, and provide the generated (or extracted) user interface to the client terminal through the interface unit 505.

According to another embodiment of the present invention, when the information registration terminal 570 is a client terminal including a wireless terminal connected to a predetermined wireless communication network, the interface providing unit 510 is a browser program provided in the client terminal. And / or generate (or extract) a predetermined user interface that can be provided to a communication program, and provide the generated (or extracted) user interface to the client terminal through the interface unit 505.

At least one user for inputting (or selecting) predetermined biometric information registration request information to the information registration terminal 570 according to another embodiment of the present invention and transmitting the biometric information registration request information to the information registration server 500 through the network means. When a predetermined information registration program having an interface is provided, a user interface is generated (or extracted) for inputting (or selecting) predetermined biometric information registration application information to the information registration server 500 as described above. The interface providing unit 510 provided to the information registration terminal 570 may be omitted, and the present invention is not limited thereto.

Thereafter, the information registration terminal 570 inputs (or selects) biometric information registration request information including at least one of the customer information and biometric information through the user interface, and registers the input (or selected) biometric information. The application information is transmitted to the information registration server 500 through the network means. In response thereto, the information receiving unit 515 is connected to the interface unit 505 to transmit the biometric information transmitted from the information registration terminal 570. Characterized in that it receives the information registration application information.

According to the embodiment of the present invention, the information registration terminal 570 is the biometric information registration request information including at least one of the customer information, biometric information to the biometric information registration request information from the information registration server 500 At least one or more of a predetermined password and / or security card information for confirming the validity and / or OTP code generated through a predetermined one time password (OTP) generator, the information registration server through the network means ( 500).

According to an embodiment of the present invention, the information registration terminal 570 may include at least one encryption method (eg, a symmetric key based encryption method) and biometric information registration request information including at least one of the customer information and biometric information. Or a public key based encryption method, and / or an electronic envelope based encryption method, and / or a key exchange based encryption method), and / or attach a predetermined electronic signature to the biometric registration information. It is preferable to transmit to the information registration server 500 through a means, for which the information registration terminal 570 has at least one encryption key corresponding to the encryption scheme, and / or at least one encryption key Equipped with a predetermined official certificate, and / or the official certificate is provided on a predetermined IC chip (or IC card) Wu, it is preferred that the IC chip-card reader for identifying the certificate provided in (or IC card) is provided.

Those skilled in the art to which the present invention pertains include technical features of various encryption methods for encrypting the biometric information registration application information, and technical features of attaching a predetermined electronic signature to the biometric information registration application information. Since it will be familiar with, detailed description thereof will be omitted for convenience.

Referring to FIG. 5, when the biometric information registration request information transmitted from the information registration terminal 570 is received through the information receiving unit 515, the information registration server 500 receives the biometric information registration request information. It is characterized in that it comprises a validating unit 520 (or validating means) for confirming whether or not to satisfy the validity for identity verification using the biometric information.

According to an embodiment of the present invention, the biometric information registration information is at least one encryption method (eg, symmetric key based encryption method and / or public key based encryption method, and / or electronic envelope based encryption method, and / Or, if encrypted with a key exchange-based encryption scheme, etc., the validity verification unit 520 at least one decryption scheme (for example, symmetric key-based decryption scheme, corresponding to the encryption scheme) the encrypted biometric information registration information; And / or public key based decryption scheme, and / or electronic envelope based decryption scheme, and / or key exchange based decryption scheme, etc.), thereby validating the validity of the received biometric registration application information.

Alternatively, when a predetermined electronic signature is attached to the biometric information registration application information, the validity verification unit 520 checks the electronic signature attached to the biometric information registration application information, thereby receiving the biometric information registration application information. It is desirable to authenticate validity.

Those skilled in the art to which the present invention pertains include technical features of various decryption methods for decrypting the encrypted biometric information registration application information, and technology for confirming an electronic signature attached to the biometric information registration application information. Since you will be familiar with the features, a detailed description thereof will be omitted.

According to an embodiment of the present invention, when the biometric information registration request information received through the information receiving unit 515 further includes a predetermined password for confirming the validity of the biometric information registration request information, the validity confirming unit In step 520, the password included in the biometric information registration application information is compared with a password provided corresponding to the customer on the DBMS, and then authenticated, thereby validating the validity of the received biometric information registration application information. desirable.

Alternatively, when the biometric information registration request information received through the information receiver 515 further includes predetermined security card information for confirming the validity of the biometric information registration request information, the validity confirming unit 520 Compares and authenticates the received security card information included in the biometric information registration application information and the security card information provided corresponding to the customer on the DBMS, thereby authenticating the validity of the received biometric information registration application information. desirable.

Alternatively, when the biometric information registration request information received through the information receiving unit 515 further includes a predetermined OTP code for confirming the validity of the biometric information registration request information, the validity confirming unit 520 may include: By comparing and authenticating the received OTP code included in the biometric information registration application information and the OTP code generated based on predetermined OTP generation information provided corresponding to the customer on the DBMS, the received biometric information registration application information It is desirable to authenticate the validity of the.

According to an embodiment of the present invention, the validity confirmation of the biometric information registration request information may include at least one or more pieces of information matching the biometric information registration request information in a customer D / B on a certification authority system associated with the biometric information registration system. It is preferable to include checking whether it is registered.

In addition, the validity check of the biometric information registration request information, it is preferable to check whether the image quality of the biometric information included in the received biometric information registration application information is a certain quality or more.

For example, the validity checker 520 is a customer D on the certification authority system of the customer information (customer personal information, member information, etc.) of the information included in the biometric information registration application information associated with the biometric information registration system. It is preferable to include checking whether it matches with the customer information stored in / B.

Referring to FIG. 5, when the validity of the biometric information registration request information is authenticated through the validity checker 520, the information registration server 500 includes a predetermined biometric information including the received biometric information registration request information. An electronic document generating unit 525 (or an electronic document generating means) for generating an information registration electronic document, and an electronic document transmission unit for transmitting the generated biometric information registration electronic document to an electronic document repository associated with the biometric information registration system. 530 (or electronic document transmission means) is characterized in that it comprises.

The electronic document generating unit 525 generates a biometric information registration electronic document including the biometric information registration application information received from the information registration terminal 570 through the information receiving unit 515.

According to an exemplary embodiment of the present invention, the electronic document generator 525 may include document content including at least one of customer information and biometric information included in the biometric information registration request information received through the information receiver 515. A document file (eg, a Portable Document Format (PDF) file, an Electronic Data Interchange (EDI) file, a HWP / DOC, or the like) including at least one document file including the document content, and an MHT. Web document files, etc.) is preferably processed as a biometric information registration electronic document for identification using the biometric information.

Alternatively, the electronic document generating unit 525 generates document content including at least one of customer information and biometric information included in the biometric information registration request information received through the information receiving unit 515, and generates the document content. After including at least one of the customer information and the biometric information included in the biometric information registration application information in a watermarking (Watermarking) method, a document file containing the document content containing the watermarking (for example, PDF (Portable Document) Format information, an EDI file, a word processor file including at least one of HWP / DOC, or a web document file including MHT). It is desirable to process the registration electronic document.

Alternatively, the electronic document generating unit 525 generates document content including at least one of customer information and biometric information included in the biometric information registration request information received through the information receiving unit 515, and generates the document content. It is preferable to process an image file including captured image content (eg, image content generated by capturing the document content on a memory) into a biometric information registration electronic document for identification using the biometric information.

Alternatively, the electronic document generating unit 525 generates document content including at least one of customer information and biometric information included in the biometric information registration request information received through the information receiving unit 515, and generates the document content. The method of watermarking at least one of customer information and biometric information included in the biometric information registration request information to captured image contents (for example, image contents generated by capturing the document contents on a memory) After the inclusion, the image file including the image content including the watermarking is preferably processed into a biometric information registration electronic document for identification using the biometric information.

According to another exemplary embodiment of the present invention, the electronic document generating unit 525 may include at least one of customer information and biometric information included in the biometric information registration request information received through the information receiving unit 515. A predetermined document file (e.g., a Portable Document Format (PDF) file) including an image content (e.g., image content generated by capturing the document content on a memory) and generating the captured document content. Biometric information for electronic identification using the biometric information by generating an EDI (Electronic Data Interchange) file, a word processor file including at least one or more HWP / DOC, or a web document file including MHT) It is preferable to process the document.

Alternatively, the electronic document generating unit 525 generates document content including at least one of customer information and biometric information included in the biometric information registration request information received through the information receiving unit 515, and generates the document content. The method of watermarking at least one of customer information and biometric information included in the biometric information registration request information to captured image contents (for example, image contents generated by capturing the document contents on a memory) At least one document file (for example, a PDF (Portable Document Format) file, an EDI (Electronic Data Interchange) file, or an HWP / DOC file) including an image content including the watermarking; Identity word using the biometric information by generating a word processor file or a web document file including MHT). It is preferable to process the biometric information registration electronic document for confirmation.

According to another exemplary embodiment of the present invention, the electronic document generating unit 525 includes at least one of customer information and biometric information included in the biometric information registration application information received through the information receiving unit 515. A predetermined document file (eg, an image content generated by capturing the document content on the memory) and the biometric information registration request information generated by generating document content and capturing the document content Generating a PDF (Portable Document Format) file, an EDI (Electronic Data Interchange) file, a word processor file including at least one of HWP / DOC, or a web document file including MHT) It is preferable to process the biometric information registration electronic document for identity verification.

Alternatively, the electronic document generating unit 525 generates document content including at least one of customer information and biometric information included in the biometric information registration request information received through the information receiving unit 515, and generates the document content. The method of watermarking at least one of customer information and biometric information included in the biometric information registration request information to captured image contents (for example, image contents generated by capturing the document contents on a memory) Generating an image content including an image content, and including a watermarking image content and a biometric information registration information (eg, a PDF (Portable Document Format) file, an EDI (Electronic Data Interchange) file, or Creating a word processor file including at least one HWP / DOC, or a web document file including MHT) It is preferable to process in the biometric information registered electronic document for the identity using biometric information.

Those skilled in the art to which the present invention pertains, the electronic document generating unit 525 is a technical feature of generating a biometric information registration electronic document of the image file format and / or a predetermined document file format, and Since the technical features of the file format for the image file and / or the document file corresponding to the information registration electronic document will be familiar, detailed description thereof will be omitted for convenience.

The electronic document transmitting unit 530 transmits and stores the biometric information registration electronic document generated by the electronic document generating unit 525 to a predetermined electronic document repository associated with the biometric information registration system. .

As shown in FIG. 5, the electronic document repository is connected to the information registration server 500 on the biometric information registration system through a predetermined communication means and the electronic document D / B 565. When provided to the outside, the electronic document transmission unit 530 is the electronic document server 545 via the communication means for the biometric information registration electronic document generated by the electronic document generation unit 525 It characterized in that the transmission to.

Herein, when the electronic document server 545 and the electronic document D / B 565 are provided outside the biometric information registration system, the electronic document server 545 and the electronic document D / B 565 are provided. It is advisable to administer the program in an accredited body.

According to another embodiment of the present invention, when the electronic document storage is provided on the DBMS provided in the biometric information registration system, the electronic document transmission unit 530 is generated by the electronic document generation unit 525. It is possible to store the biometric information registration electronic document in the electronic document D / B 565 corresponding to the electronic document storage on the DBMS provided in the biometric information registration system, by which the present invention is not limited.

According to an embodiment of the present invention, the electronic document transmission unit 530 inputs electronic document related information (eg, the biometric information registration request information) for generating predetermined electronic document management information in the electronic document server 545. (Optional) customer information transmitted, and / or certification authority information for transmitting the biometric information registration electronic document, and / or electronic document file format information, and / or the biometric information registration application information, and the like. It is possible to transmit to an electronic document storage, by which the present invention is not limited.

Referring to FIG. 5, the information registration server 500 validates that the biometric information registration request information received through the information receiving unit 515 is used for identifying the identity using the biometric information through the validity checking unit 520. Upon authentication, the information storage unit 535 (or information storage means) for storing the data on the predetermined storage medium 540 by cooperatively processing the customer information and the biometric information included in the biometric information registration request information is validated. Characterized in that made.

When the validity of the biometric information registration request information is confirmed by the validity confirming unit 520, the information storage unit 535 stores the biometric information by linking and processing the customer information and biometric information included in the biometric information registration request information. And storing the information in the storage medium 540. When the storage medium 540 is provided in the information registration server 500 or on the network associated with the information registration server 500. The unit 535 preferably processes the customer information and the biometric information included in the received biometric information registration request information and stores them in the storage medium 540, wherein the storage medium 540 is located on the certification authority system. When provided in the provided DBMS, the information storage unit 535 provides the customer information, biometric information included in the received biometric information registration application information to the information system through the external system on the certification authority system Be stored in a DBMS provided on a certificate authority system is preferred.

Referring to FIG. 5, an electronic document which receives a predetermined biometric information registration electronic document from the information registration server 500 provided on the biometric information registration system and stores and manages the same in a predetermined electronic document D / B 565. The server 545 may include an electronic document receiving unit 550 (or an electronic document receiving unit) for receiving a predetermined biometric information registration electronic document from the information registration server 500 through a predetermined communication unit, and the received biometric information. An information generation unit 555 (or information generating means) for generating predetermined electronic document management information for storing and managing a registered electronic document in the electronic document D / B 565; And an electronic document storage unit 560 (or electronic document storage means) for linking and processing the biometric information registration electronic document to a predetermined electronic document D / B 565.

The electronic document receiving unit 550 may receive the biometric information registration electronic document in the form of an image file and / or a document file from the information registration server 500 through the communication means.

According to one embodiment of the present invention, the biometric information registration electronic document received by the electronic document receiving unit 550 through the communication means is the biometric information received by the information registration server 500 from the information registration terminal 570. Document files (eg, Portable Document Format (PDF) files, EDI (Electronic Data Interchange) files, HWP / DOC, etc.) containing document contents including at least one of customer information and biometric information included in the registration application information. And at least one word processor file or at least one web document file including the MHT.

Alternatively, the biometric information registration electronic document received by the electronic document receiving unit 550 through the communication means is included in the biometric information registration request information received by the information registration server 500 from the information registration terminal 570. After the watermarking method includes at least one of customer information and biometric information included in the biometric information registration request information in document content including at least one of information and biometric information, the watermarking method is included. Document files containing document contents (eg, Portable Document Format (PDF) files, Electronic Data Interchange (EDI) files, Word processor files including at least one or more such as HWP / DOC, or Web document files including MHT) Etc.) is preferable.

Alternatively, the biometric information registration electronic document received by the electronic document receiving unit 550 through the communication means is included in the biometric information registration request information received by the information registration server 500 from the information registration terminal 570. Preferably, the image file includes an image file including image content (eg, image content generated by capturing the document content on a memory) that captures document content including at least one of information and biometric information.

Alternatively, the biometric information registration electronic document received by the electronic document receiving unit 550 through the communication means is included in the biometric information registration request information received by the information registration server 500 from the information registration terminal 570. Customer information included in the biometric information registration application information in image content (eg, image content generated by capturing the document content on a memory) which captures document content including at least one of information and biometric information After including at least one or more information of the information in a watermarking (Watermarking) method, it is preferable to include an image file including the image content including the watermarking.

According to another exemplary embodiment of the present invention, the biometric information registration electronic document received by the electronic document receiving unit 550 through the communication means is a biometric information received by the information registration server 500 from the information registration terminal 570. A predetermined document including image content (eg, image content generated by capturing the document content on a memory) which captures document content including at least one of customer information and biometric information included in the information registration application information. A file (eg, a Portable Document Format (PDF) file, an Electronic Data Interchange (EDI) file, a word processor file including at least one or more HWP / DOC, or a web document file including an MHT). It is preferable.

Alternatively, the biometric information registration electronic document received by the electronic document receiving unit 550 through the communication means is included in the biometric information registration request information received by the information registration server 500 from the information registration terminal 570. Customer information included in the biometric information registration application information in image content (eg, image content generated by capturing the document content on a memory) which captures document content including at least one of information and biometric information Create image content including at least one or more of the information in a watermarking manner, and include a document file (eg, a Portable Document Format (PDF) file or an EDI (including a document content) including the image content including the watermarking. Electronic Data Interchange) file, a word processor file including at least one of HWP / DOC, etc., or a web text including MHT. It is preferred which comprises a file, and so on).

According to another exemplary embodiment of the present invention, the biometric information registration electronic document received by the electronic document receiving unit 550 through the communication means is received by the information registration server 500 from the information registration terminal 570. Image content (eg, image content generated by capturing the document content on a memory) and the biometric information registered by capturing document information including at least one of customer information and biometric information included in the biometric information registration request information. A predetermined document file including application information (eg, a Portable Document Format (PDF) file, an Electronic Data Interchange (EDI) file, a word processor file including at least one of HWP / DOC, etc.), or a web including an MHT. Document files).

Alternatively, the biometric information registration electronic document received by the electronic document receiving unit 550 through the communication means is included in the biometric information registration request information received by the information registration server 500 from the information registration terminal 570. Customer information included in the biometric information registration application information in image content (eg, image content generated by capturing the document content on a memory) which captures document content including at least one of information and biometric information Create image content including at least one or more information of the information by a watermarking method, and a document file (for example, PDF (Portable Document Format) including the image content and the biometric information registration information including the watermarking; Word processor including at least one file, an electronic data interchange (EDI) file, or an HWP / DOC file. File, or a web document file including MHT).

The information generating unit 555 is a predetermined electronic document unique number (or unique information) to be assigned to the biometric information registration electronic document received through the electronic document receiving unit 550, and through the electronic document receiving unit 550 And generating electronic document management information including electronic document storage date and time information including a date and time at which the biometric information registration electronic document is received (or a date and time at which the biometric information registration electronic document is stored).

According to the exemplary embodiment of the present invention, the information generating unit 555 registers the biometric information with reference to the information registration server 500 that transmits the biometric information registration electronic document received through the electronic document receiving unit 550. It is preferable to confirm the certification authority that sent the electronic document, and generate the electronic document management information further including the verified certification authority information.

According to another exemplary embodiment of the present invention, when predetermined electronic document related information is further received from the information registration server 500 through the electronic document receiving unit 550, the information generating unit 555 receives the received information. Electronic document related information (e.g., customer information transmitted by inputting (selecting) the biometric information registration application information and / or certification authority information transmitting the biometric information electronic document, and / or electronic document file format information, and / Or the biological information registration application information, etc.) is preferably generated.

The electronic document storage unit 560 associates the biometric information registration electronic document received through the electronic document receiving unit 550 with the electronic document management information generated by the information generating unit 555 to process a predetermined electronic document D. / B (565) is characterized in that.

According to the exemplary embodiment of the present invention, the biometric information registration electronic document stored in the electronic document D / B 565 by the electronic document storage unit 560 is the information registration server 500 by the information registration terminal 570. A document file (eg, a Portable Document Format (PDF) file, an EDI (Electronic Data Interchange) file) containing document information including at least one of customer information and biometric information included in the biometric information registration request information received from Or a word processor file including at least one or more HWP / DOC, or a web document file including an MHT).

Alternatively, the biometric information registration electronic document stored in the electronic document D / B 565 by the electronic document storage unit 560 may include the biometric information received by the information registration server 500 from the information registration terminal 570. After the watermarking method includes at least one or more of the customer information and the biometric information included in the biometric information registration application information in the document content including at least one of customer information, biometric information included in the registration application information, A document file including document content including the watermarking (eg, a Portable Document Format (PDF) file, an Electronic Data Interchange (EDI) file, a word processor file including at least one or more HWP / DOC, or MHT). It is preferable that the web document file including a).

Alternatively, the biometric information registration electronic document stored in the electronic document D / B 565 by the electronic document storage unit 560 is registered in the biometric information received by the information registration server 500 from the information registration terminal 570. And an image file including image content (eg, image content generated by capturing the document content on a memory) which captures document content including at least one of customer information and biometric information included in the application information. It is preferable to make.

Alternatively, the biometric information registration electronic document stored in the electronic document D / B 565 by the electronic document storage unit 560 is registered in the biometric information received by the information registration server 500 from the information registration terminal 570. The biometric information registration application information into image content (eg, image content generated by capturing the document content on a memory) which captures document content including at least one of customer information and biometric information included in the application information. Preferably, the watermarking method includes at least one of customer information and biometric information included in the watermarking method, and then includes an image file including the image content including the watermarking.

According to another exemplary embodiment of the present invention, the biometric information registration electronic document stored in the electronic document D / B 565 by the electronic document storage unit 560 is the information registration server 500. Image content (eg, image content generated by capturing the document content on a memory) by capturing document content including at least one of customer information and biometric information included in the biometric information registration request information received from 570. A predetermined document file (eg, a Portable Document Format (PDF) file, an Electronic Data Interchange (EDI) file, a word processor file including at least one or more such as HWP / DOC, or a web document file including an MHT) Etc.) is preferable.

Alternatively, the biometric information registration electronic document stored in the electronic document D / B 565 by the electronic document storage unit 560 is registered in the biometric information received by the information registration server 500 from the information registration terminal 570. The image content (e.g., image content generated by capturing the document content on a memory) of the document content including at least one of customer information and biometric information included in the application information is stored in the biometric information registration request information. Create image content including at least one or more of the included customer information and biometric information by a watermarking method, and a document file (eg, a Portable Document Format (PDF)) containing the image content including the watermarking. A web document including an MHT, a word processor file including at least one of an EDI file, an HWP / DOC file, or the like. It is preferable to include a standing file).

According to another embodiment of the present invention, the biometric information registration electronic document stored in the electronic document D / B 565 by the electronic document storage unit 560 is the information registration server 500 is the information registration terminal Image content that captures document content including at least one of customer information and biometric information included in the biometric information registration request information received from 570 (eg, image content generated by capturing the document content on a memory). And a predetermined document file (eg, a Portable Document Format (PDF) file, an Electronic Data Interchange (EDI) file, or a HWP / DOC) including at least one document file including the biometric information registration request information. Or a web document file including the MHT).

Alternatively, the biometric information registration electronic document stored in the electronic document D / B 565 by the electronic document storage unit 560 is registered in the biometric information received by the information registration server 500 from the information registration terminal 570. The biometric information registration application information into image content (eg, image content generated by capturing the document content on a memory) which captures document content including at least one of customer information and biometric information included in the application information. A document file including image information including at least one or more of customer information and biometric information included in a watermarking method, the image file including the watermarking and the biometric information registration application information ( For example, a word processor including at least one of a Portable Document Format (PDF) file, an Electronic Data Interchange (EDI) file, or an HWP / DOC. It is preferred which comprises a web page file, and so on) containing the file, or MHT.

According to an embodiment of the present invention, the electronic document management information stored in the electronic document D / B 565 by the electronic document storage unit 560 in association with the biometric information registration electronic document is stored in the biometric information registration electronic. Preferably, a predetermined electronic document unique number (or unique information) assigned to the document and the electronic document storage date and time information are included.

According to the exemplary embodiment of the present invention, the electronic document management information stored in the electronic document D / B 565 by the electronic document storage unit 560 in association with the biometric information registration electronic document is stored in the biometric information registration. The information registration server 500 which transmitted the electronic document may preferably further include certification authority information which has transmitted the biometric information registration electronic document.

According to another exemplary embodiment of the present invention, when predetermined electronic document related information is further received from the information registration server 500, the electronic document storage unit 560 processes the connection with the biometric information registration electronic document and performs the The electronic document management information stored in the electronic document D / B 565 may include the received electronic document related information (for example, customer information transmitted by inputting (selecting) the biometric information registration request information) and / or the biometric information. Certificate authority information for transmitting the registration electronic document, and / or electronic document file format information, and / or the biometric information registration application information).

6A and 6B illustrate a process of registering biometric information registration application information in a non-face-to-face manner to identify an identity using biometric information according to an exemplary embodiment of the present invention.

In more detail, FIGS. 6A and 6B illustrate that when a predetermined customer provides biometric information registration request information including at least one of customer information and biometric information through the client terminal to identify an identity using the biometric information, In the information registration system, a predetermined biometric information registration electronic document including the provided biometric information registration application information is generated and stored in a predetermined electronic document repository, and the customer information and biometric information included in the biometric information registration application information are linked. The present invention relates to a method of processing and storing the same in a predetermined storage medium 540. Those skilled in the art to which the present invention pertains may refer to and / or modify the drawings 6a and 6b in the client terminal. It is possible to infer various implementation methods for registering the biometric information registration application information to the information registration server 500. As will be appreciated, the present invention includes all implementation methods inferred from the foregoing, and is not limited to the implementation methods shown in FIGS. 6A and 6B.

For example, in the method shown in FIGS. 6A and 6B, the client terminal inputs (or selects) the biometric information registration request information through a predetermined web page provided by the information registration server 500. Although illustrated as being provided, when a predetermined information registration program is provided in the client terminal, the user interface may not be provided from the information registration server 500, and the present invention is not limited thereto.

In the following FIGS. 6A and 6B, the client terminal shown in FIG. 6 is referred to as "terminal" for convenience, and the information registration server 500 shown in FIG. 6 is referred to as "server" for convenience, and in the client terminal The customer information and biometric information transmitted to the information registration server 500 are referred to as "biometric information registration application information" for convenience.

6A and 6B, when the client terminal illustrated in FIG. 6 is a predetermined network means (eg, when the client terminal is a wired terminal, a TCP / IP based wired communication network, and the client terminal is a wireless terminal, CDMA-based (and / or HSDPA-based) mobile communication network and / or IEEE 802.16x-based portable Internet, and / or IEEE 802.11x-based wireless LAN, etc.) to connect to the server to connect a predetermined communication channel, When requesting a web page including a user interface for identity verification using information (w00), the server inputs (or selects) biometric information registration request information including at least one of the customer information and biometric information. Generate (or extract) a web page including a user interface for transmission to the server (w05), and generate the web page via the network means ( And transmits the output to the web page containing the extracted) user interface to the terminal (w10).

According to an embodiment of the present invention, the process of transmitting and / or outputting the web page from the server to the terminal is preferably performed at least once according to the biometric information registration information registration procedure, thereby limiting the present invention. Not.

Thereafter, the terminal inputs (or selects) biometric information registration request information including at least one or more customer information and biometric information through a user interface included in the web page (w15).

If the terminal inputs (or selects) biometric information registration request information including the customer information and biometric information through the user interface (w20), the terminal inputs (or selects) the customer through the communication channel. Information and biometric information are transmitted to the server (w25).

According to an embodiment of the present invention, the terminal includes a predetermined password for confirming the validity of the biometric information registration request information in the server to the biometric information registration request information including at least one of the customer information and biometric information; Alternatively, at least one or more OTP codes generated through security card information and / or a predetermined one time password (OTP) generator may be transmitted to the server through the network means.

According to an embodiment of the present invention, the terminal may include at least one encryption method (eg, a symmetric key based encryption method and / or a public key based encryption method) for registering biometric information registration information including at least one of the customer information and biometric information. Method, and / or an electronic envelope-based encryption method, and / or a key exchange-based encryption method), and / or attach a predetermined electronic signature to the biometric registration application information to the server through the network means. Preferably, the terminal has at least one encryption key corresponding to the encryption scheme, and / or has a predetermined certificate including at least one encryption key, and / or the certification. When the certificate is provided on a predetermined IC chip (or IC card), the certificate provided on the IC chip (or IC card) It is preferable that a card reader for verifying a certificate is provided.

According to an embodiment of the present invention, the terminal may include at least one encryption method (eg, a symmetric key based encryption method and / or a public key based encryption method) for registering biometric information registration information including at least one of the customer information and biometric information. Scheme, and / or an electronic envelope-based encryption scheme, and / or a key exchange-based encryption scheme, and the like, and transmits the encrypted data to the server through the network means. The IC is provided with one or more encryption keys, and / or with a predetermined certificate containing at least one or more encryption keys, and / or when the certificate is provided with a predetermined IC chip (or IC card). It is preferable that a card reader is provided for confirming the public certificate provided in the chip (or IC card).

Those skilled in the art to which the present invention pertains include technical features of various encryption methods for encrypting the biometric information registration application information, and technical features of attaching a predetermined electronic signature to the biometric information registration application information. Since it will be familiar with, detailed description thereof will be omitted for convenience.

Thereafter, the server receives and reads the customer information and the biometric information through the communication channel to check the validity of the biometric information registration application information (w30).

According to an embodiment of the present invention, the biometric information registration information is at least one encryption method (eg, symmetric key based encryption method and / or public key based encryption method, and / or electronic envelope based encryption method, and / or When encrypted with a key exchange-based encryption scheme, the server may include the at least one decryption scheme (eg, a symmetric key based decryption scheme and / or a public key based scheme) corresponding to the encryption scheme. Decryption method, and / or electronic envelope-based decryption method, and / or key exchange-based decryption method, etc.), it is preferable to authenticate the validity of the received biometric information.

Alternatively, when a predetermined electronic signature is attached to the biometric information registration request information, the server verifies the validity of the received biometric information registration request information by checking the electronic signature attached to the biometric information registration request information. It is preferable.

Those skilled in the art to which the present invention pertains include technical features of various decryption methods for decrypting the encrypted biometric information registration application information, and technology for confirming an electronic signature attached to the biometric information registration application information. Since you will be familiar with the features, a detailed description thereof will be omitted.

According to an embodiment of the present invention, when the biometric information registration request information received through the information receiving unit 515 further includes a predetermined password for checking the validity of the biometric information registration request information, the server may be configured as described above. It is preferable to authenticate the validity of the received biometric information registration application information by comparing and authenticating the password included in the biometric information registration information and the password provided corresponding to the customer on the DBMS.

Alternatively, when the biometric information registration request information received through the information receiver 515 further includes predetermined security card information for confirming the validity of the biometric information registration request information, the server registers the biometric information. It is preferable to authenticate the validity of the received biometric information registration application information by comparing and authenticating the received security card information included in the application information with the security card information provided corresponding to the customer on the DBMS.

Alternatively, when the biometric information registration request information received through the information receiver 515 further includes a predetermined OTP code for confirming the validity of the biometric information registration request information, the server requests the biometric information registration request. The validity of the received biometric information registration request information is verified by comparing and authenticating the received OTP code included in the information and the OTP code generated based on predetermined OTP generation information provided corresponding to the customer on the DBMS. It is desirable to.

According to an embodiment of the present invention, the validity confirmation of the biometric information registration request information may include at least one or more pieces of information matching the biometric information registration request information in a customer D / B on a certification authority system associated with the biometric information registration system. It is preferable to include checking whether it is registered.

In addition, the validity check of the biometric information registration request information, it is preferable to check whether the image quality of the biometric information included in the received biometric information registration application information is a certain quality or more.

For example, the validity checker 520 is a customer D on the certification authority system of the customer information (customer personal information, member information, etc.) of the information included in the biometric information registration application information associated with the biometric information registration system. It is preferable to include checking whether it matches with the customer information stored in / B.

If the validity of the biometric information registration request information is not authenticated (w35), the server generates a web page including predetermined information registration error information and transmits it to the terminal (w40), and the biometric information registration request information Do not perform the corresponding information registration procedure.

On the other hand, if the validity of the biometric information registration request information is authenticated (w35), the server generates at least one customer information including the biometric information registration request information, predetermined document content including biometric information (w45) In operation 50, a predetermined biometric information registration electronic document including the document content is generated.

According to an exemplary embodiment of the present invention, the server generates document content including at least one of customer information and biometric information included in the received biometric information registration request information, and includes a document file (eg, the document content). , A Portable Document Format (PDF) file, an Electronic Data Interchange (EDI) file, a word processor file including at least one or more HWP / DOC, or a web document file including an MHT). It is preferable to process the biometric information registration electronic document for confirmation.

Alternatively, the server generates document content including at least one of customer information and biometric information included in the received biometric information registration request information, and the customer information and biometric information included in the biometric information registration request information in the document content. After including at least one of the information in a watermarking (Watermarking) method, a document file containing a document content including the watermarking (for example, a PDF (Portable Document Format) file, or an EDI (Electronic Data Interchange) file, Or a word processor file including at least one or more HWP / DOC, or a web document file including MHT), as a biometric information registration electronic document for identification using the biometric information.

Alternatively, the server generates document content including at least one of customer information and biometric information included in the received biometric information registration request information, and captures the image content (eg, the document content). It is preferable to process the image file including the image content generated by capturing on the memory as a biometric information registration electronic document for identity verification using the biometric information.

Alternatively, the server generates document content including at least one of customer information and biometric information included in the received biometric information registration request information, and captures the image content (eg, the document content). Image content generated by capturing the image on the memory) by including at least one of customer information and biometric information included in the biometric information registration application information in a watermarking manner, and then including the image content including the watermarking. It is preferable to process the image file including the biometric information registration electronic document for identity verification using the biometric information.

According to another exemplary embodiment of the present invention, the server generates document content including at least one of customer information and biometric information included in the received biometric information registration request information, and captures the document content. A predetermined document file (eg, a Portable Document Format (PDF) file, an EDI (Electronic Data Interchange) file, HWP / DOC, etc.) containing image content (eg, image content generated by capturing the document content on a memory). By generating a word processor file including at least one or a web document file including the MHT, etc.), it is preferable to process the biometric information registration electronic document for identification using the biometric information.

Alternatively, the server generates document content including at least one of customer information and biometric information included in the received biometric information registration request information, and captures the image content (eg, the document content). To the image content generated by capturing the image content on the memory), the image content including at least one or more of the customer information and the biometric information included in the biometric information registration application information by watermarking (Watermarking) method, A document file including an image content included (eg, a Portable Document Format (PDF) file, an Electronic Data Interchange (EDI) file, a word processor file including at least one or more such as HWP / DOC, or a web including an MHT). Document file, etc.), to create a biometric information registration electronic document for identification using the biometric information. It is preferable to process.

According to another exemplary embodiment of the present invention, the server generates document content including at least one of customer information and biometric information included in the received biometric information registration request information, and captures the document content. A predetermined document file (eg, a Portable Document Format (PDF) file or EDI (Electronic Data Interchange) including an image content (eg, image content generated by capturing the document content on a memory) and the biometric information registration request information. ), A word processor file including at least one of HWP / DOC, or a web document file including MHT), and the like to process the biometric information registration electronic document for identification using the biometric information. desirable.

Alternatively, the server generates document content including at least one of customer information and biometric information included in the received biometric information registration request information, and captures the image content (eg, the document content). To the image content generated by capturing the image content on the memory), the image content including at least one or more of the customer information and the biometric information included in the biometric information registration application information by watermarking (Watermarking) method, Word processor file including at least one document file (eg, Portable Document Format (PDF) file, EDI (Electronic Data Interchange) file, HWP / DOC, etc.) containing the included image content and the biometric information registration application information , Or a web document file including an MHT) to confirm identity using the biometric information. It is preferable to process the biometric information registration electronic document.

Those skilled in the art to which the present invention pertains can provide a technical feature that the server generates a biometric information registration electronic document in an image file format and / or a predetermined document file format, and corresponds to the biometric information registration electronic document. You will be familiar with the technical features of the file format for the image file and / or document file, so a detailed description thereof will be omitted for convenience.

Thereafter, the server stores the generated biometric information registration electronic document in a predetermined electronic document storage (w55).

As shown in FIG. 6, the electronic document repository includes a predetermined electronic document server 545 and an electronic document D / B 565 associated with a server on the biometric information registration system through predetermined communication means. When provided in the, it is preferable that the server transmits the generated biometric information registration electronic document to the electronic document server 545 through the communication means to store in the electronic document D / B (565).

Alternatively, when the electronic document storage is provided on the DBMS provided in the biometric information registration system, the server corresponds to the generated electronic information storage electronic document on the DBMS provided in the biometric information registration system. The electronic document D / B 565 can be stored, and the present invention is not limited thereto.

According to an embodiment of the present invention, the storing of the biometric information registration electronic document in the electronic document storage is performed by linking the generated biometric information registration electronic document and predetermined electronic document management information to the electronic illustrated in FIG. It is preferable to include storing in the document D / B 565.

Here, the electronic document management information preferably includes a predetermined electronic document unique number (or unique information) assigned to the biometric information registration electronic document and the electronic document storage date and time information.

The electronic document management information may further include certification authority information that transmits the biometric information registration electronic document.

The electronic document management information may include predetermined electronic document related information (eg, customer information transmitted by inputting (selecting) the biometric information registration request information and / or certification authority information transmitting the biometric information electronic document); And / or the electronic document file format information, and / or the biometric information registration application information).

If the biological information registration electronic document is stored in the electronic document repository (w60), the server processes the customer information and the biological information included in the biometric information registration application information in a predetermined storage medium 540 (W65), predetermined information registration history information (e.g., details of storing the biometric information registration electronic document in the electronic document storage, and / or details of storing the biometric information registration application information in the storage medium 540). ) Is generated (or extracted) and transmitted to the terminal (w70).

According to an embodiment of the present invention, the storage medium 540 is preferably provided in a DBMS on a certification authority system provided on the biometric information registration system (or associated with the biometric information registration system). The storage medium 540 may be a customer D / B provided in the DBMS on the certification authority system and / or a predetermined database associated with the customer D / B, and the present invention is not limited thereto.

7 is a diagram illustrating a certificate issuing system for issuing and processing a public certificate through identity verification using biometric information according to one embodiment of the present invention.

In more detail, FIG. 7 illustrates that a predetermined customer issues authentication request information including customer information and biometric information from an unattended certificate issuing terminal 730 in order to process and issue an authorized certificate through identity verification using biometric information. The present invention relates to a system configuration for processing identity verification based on biometric information included in the received authentication request information. Those skilled in the art to which the present invention pertains may refer to and / or modify the present invention. By using the biometric information can be inferred various implementation methods for the certificate issuance system configuration for issuing and processing the certificate by using the biometric information, the present invention includes all the implementation methods inferred, shown in FIG. It is not limited only to the implementation method.

For example, those of ordinary skill in the art to which the present invention belongs, financial information (for example, card information or account information, etc.) replacing the biometric information provided by the customer by referring to and / or modifying the drawing 7 If received, it will be possible to infer an implementation method for a method for issuing and processing a public certificate through identification verification using the received financial information, thereby not limiting the present invention.

Hereinafter, when the customer information and the biometric information for the request for issuing a certificate through a certificate issuing request interface output through a predetermined certificate issuing terminal 730 on the certificate issuing system shown in FIG. When the authentication request information is generated based on the information and the biometric information, and the generated authentication request information is transmitted through the certificate issuing terminal 730, after the identity verification process is performed based on the authentication request information, the authentication result is verified. Components corresponding to at least one or more means and / or functional configurations provided to the issuing terminal 730 are referred to as "certification authority server 700" for convenience.

Referring to FIG. 7 according to an embodiment of the present invention, a certificate issuing system for verifying identity using the biometric information may include a certificate issuing terminal 730 provided in at least one certification authority branch (or branch) or a public place. The certificate issuing terminal 730 is connected to the certification authority server 700 provided on the certificate issuing system through a predetermined communication network.

The storage medium 725 provided on the certificate issuing system according to the present invention includes customer information, biometric information, and the certificate issuing terminal 730 registered through the biometric information registration system shown in FIG. 1 or 5. Based on the received authentication request information, the authentication history information that has been authenticated may be linked and stored in a predetermined storage medium 725.

The customer information includes personal information of the customer (for example, the name, resident registration number, address, telephone number, mobile phone number, e-mail address, etc.) of the customer who registered the biometric information through the biometric information registration system shown in FIG. 1 or 5. ) And a member provided in the customer D / B provided on the certification authority system associated with the certificate issuing system in response to the customer by the member information of the customer (for example, when the customer subscribes as a customer of the certification authority). ID information and the like).

The biometric information may include image data provided by a customer who registers the biometric information through the biometric information registration system illustrated in FIG. 1 or FIG. 5 (or a scan of a body part of the customer (eg, a fingerprint, an iris, a face, etc.) and And / or at least one feature data on the image data (e.g., a feature on a pattern that is differentiated from a general pattern of fingerprints).

When the authentication request information for the customer who registered the biometric information is received through the biometric information registration system illustrated in FIG. As a result of the authentication process, the authentication request terminal unique information, etc.) is preferably included.

The certification authority server 700 provided on the certificate issuing system according to the present invention is a generic term for the certificate issuing system side component connected to the certificate issuing terminal 730 through a predetermined communication network, and includes at least one server ( Or an apparatus) and / or at least one or more programs recorded on a recording medium provided in a predetermined server (or apparatus), and the present invention is not limited thereto.

Referring to FIG. 7, the certification authority server 700 generates authentication request information based on the customer information and the biometric information input from the certificate issuing terminal 730, and when the generated authentication request information is transmitted, On the basis of the information receiving unit 705 (or information receiving means) for receiving the authentication request information transmitted from the certificate issuing terminal 730 and the identification request information received through the information receiving unit 705, And an information providing unit 715 (or information providing means) for providing an information confirming unit 710 (or information verifying means) for confirming processing and an identification result of the customer to the certificate issuing terminal 730. Characterized in that made.

When the certificate issuing terminal 730 generates and transmits authentication request information for an identity verification request for a certificate issuance process based on customer information and biometric information input (or selected) through an outputted user interface, the response is made. The information receiving unit 705 is characterized in that for receiving the authentication request information transmitted from the certificate issuing terminal 730.

When the authentication request information transmitted from the certificate issuing terminal 730 is received through the information receiving unit 705, the information checking unit 710 is based on the authentication request information transmitted from the certificate issuing terminal 730. Perform identity verification on the customer.

According to an embodiment of the present invention, identification of the customer may include biometric information matching the biometric information included in the received authentication request information through the storage medium 725, It is preferable to process identity verification for the authentication request information by checking whether the stored customer information and the customer information included in the authentication request information match.

According to another exemplary embodiment of the present invention, when the identification of the customer is performed in the certificate issuing terminal 730, the biometric information matching the biometric information included in the received authentication request information is stored through the storage medium 725. It is preferable to check and to transmit the stored customer information to the certificate issuing terminal 730 in connection with the confirmed biometric information so that the identification of the authentication request information is performed at the certificate issuing terminal 730. .

When the result corresponding to the received authentication request information is confirmed through the information checking unit 710, the information providing unit 715 transmits the result corresponding to the authentication request information to the certificate issuing terminal 730. It is characterized by.

Here, the result corresponding to the authentication request information transmitted to the certificate issuing terminal 730, it is preferable to provide only the identity verification results corresponding to the authentication request information, or provide the confirmed customer information.

Referring to FIG. 7, the certification authority server 700 stores the authentication details according to the authentication request information received in the storage medium 725 in response to the authentication request information transmitted from the certificate issuing terminal 730. It is characterized by comprising an information storage unit 720 (or information storage means).

The information storage unit 720 is characterized in that in response to the authentication request information transmitted from the certificate issuing terminal 730, and stores the authentication details in response to the authentication request information received in the storage medium 725.

According to the embodiment of the present invention, the authentication details include date information on which authentication request information is received from the certificate issuing terminal 730, a part (or all) of customer information included in the received authentication request information, and At least one authentication result confirmed in response to the authentication request information is preferably included.

According to an embodiment of the present invention, the storage medium 725 may include a first storage medium 725 for storing customer information and biometric information registered by the customer through the biometric information registration system illustrated in FIG. 1 or 5. The first storage medium 725 and the second storage medium 725 are preferably connected / configured in a relational manner. The second storage medium 725 stores authentication information for the customer. Do.

8 is a diagram illustrating a certificate issuing system for issuing and processing a public certificate by verifying identity using biometric information according to one embodiment of the present invention.

In more detail, FIG. 8 illustrates that a predetermined customer issues a certificate through biometric information through the certification authority server 850 shown in FIG. And receiving a public key generated by the certificate issuing terminal 845 from the certificate issuing terminal 845 (or generated from a wired / wireless storage medium connected to the certificate issuing terminal 845), and is authorized based on the received public key. As a system configuration for generating a document information and processing to be stored in a wired and wireless storage medium through the certificate issuing terminal 845, if the person skilled in the art to which the present invention pertains, refer to this figure and / Alternatively, it is possible to infer various implementation methods for the configuration of a certificate issuing system for issuing and processing a public certificate through verification of identity using biometric information. It will be appreciated that the present invention includes all implementation methods inferred above and is not limited to the implementation method shown in FIG.

Hereinafter, when the customer information and the biometric information for the certificate issuance request are input through the certificate issuing request interface output through a predetermined certificate issuing terminal 845 on the certificate issuing system shown in FIG. After identity verification based on the information and biometric information, a component corresponding to at least one or more means and / or functional configurations for processing the issuance of a public certificate is referred to as a "certificate server 800" for convenience.

Referring to FIG. 8 according to an embodiment of the present invention, a certificate issuing system for identifying an identity using the biometric information includes a certificate issuing terminal 845 provided in at least one certification authority branch (or branch) or a public place. The certificate issuing terminal 845 is connected to the certificate server 800 provided on the certificate issuing system through a predetermined communication network.

The certificate D / B 840 provided on the certificate issuing system according to the present invention issues and processes an authorized certificate to a customer according to a request for issuing a public certificate, and links and processes the customer information and the public certificate information according to the public certificate issuance process. Characterized in that for storing.

When the customer information requests for issuance of a certificate through the certificate issuing system and processes a certificate issuance corresponding thereto, and provides an authorized certificate to the customer, personal information of the target customer who issued and processed the authorized certificate (for example, Name, resident registration number, address, telephone number, mobile phone number, e-mail address, etc.).

The public certificate information is used as version information for distinguishing the public certificate type for the public certificate provided to the customer, and as reference information for the suspension of revocation and revocation list of the public certificate provided to the public certificate provided to the customer. Signing algorithm information having serial number information, signature algorithm value used when creating a public certificate, issuer information for the organization that issued the public certificate, validity period information for the period guaranteeing the status of the public certificate, Issuer public key identifier information for identifying the owner information that owns the certificate, the public key information held by the owner, the public key corresponding to the certificate authority private key used to sign the certificate, the owner public key identifier information, and the owner. Key usage information, including the purpose for which the public key of It is preferable to include at least one or more information.

The certificate server 800 provided on the certificate issuing system according to the present invention is a generic term for the certificate issuing system side component connected to the certificate issuing terminal 845 through a predetermined communication network, and includes at least one server (or Device) and / or at least one program recorded on a recording medium provided in a predetermined server (or device), and the present invention is not limited thereto.

According to the embodiment of the present invention, the certificate server 800 is provided with an interface unit 805 (or interface means) for connecting and managing a predetermined communication channel with the certificate issuing terminal 845 through the communication network. It is characterized by.

According to an embodiment of the present invention, the certificate issuing terminal 845 is connected to a predetermined communication channel based on a protocol stack defined in the communication network, and the certificate issuing program included in the certificate issuing terminal 845 is provided. It is desirable to provide a communication interface for transmitting and receiving at least one or more information (or data) using a defined communication protocol.

Referring to FIG. S, when the predetermined certificate issuing terminal 845 connects the predetermined communication channel with the certificate server 800 through the interface unit 805, the certificate server 800 provides the biometric information. At least one of inputting (or selecting) customer information and biometric information for a predetermined certificate issuance request from the certificate issuing terminal 845 to transmit the certificate server 800 to the certificate issuing process through identification verification using Interface providing unit 810 (or providing interface) for generating (or extracting) the above-described user interface and providing the generated (or extracted) user interface to the certificate issuing terminal 845 in association with the interface unit 805. Means), and the certificate issuing terminal 845 inputs (or selects) and transmits the user interface through the user interface and the user interface. An information receiving unit 815 (or information receiving means) for receiving the customer information and the biometric information transmitted from the certificate issuing terminal 845 in association with an e-mail unit 805, and based on the received customer information and the biometric information. An information generating unit 820 (or information generating means) for generating authentication request information, and an authentication confirmation unit for transmitting the generated authentication request information to a certification authority server 850 to confirm authentication for the biometric information ( 825 (or authentication confirmation means), and when the certificate server 800 does not receive the biometric information and / or if identification is not directly possible based on the biometric information, the information is generated. The unit 820 and the authentication confirmation unit 825 may be omitted.

The interface provider 810 connects the certificate issuing terminal 845 to the certificate server 800 through the interface unit 805 and a predetermined communication channel, and then sends the biometric information to the certificate server 800. When requesting a user interface for the process of issuing an accredited certificate by using an identity verification, the certificate issuing terminal 845 inputs (or selects) predetermined customer information and biometric information to the certificate server 800 through the communication network. Generate at least one user interface for transmission to a network, and / or extract from a predetermined database (not shown), and issue the certificate through the communication network with the generated (or extracted) user interface in conjunction with the interface unit. Characterized in that provided to the terminal 845.

According to the exemplary embodiment of the present invention, a predetermined user interface that can be provided to the certificate issuing program provided in the certificate issuing terminal 845 is generated (or extracted), and the generated (or extracted) is provided through the interface unit 805. It is preferable to provide the user interface) to the certificate issuing terminal 845.

Here, a predetermined certificate having at least one user interface for inputting (or selecting) predetermined customer information and biometric information on the certificate issuing terminal 845 to be transmitted to the certificate server 800 through the communication network. If the issue related program is provided, the certificate issuing terminal 845 is generated (or extracted) by generating (or extracting) a user interface for inputting (or selecting) predetermined customer information and biometric information to the certificate server 800 as described above. The interface providing unit 810 may be omitted. Therefore, the present invention is not limited thereto.

Thereafter, the certificate issuing terminal 845 inputs (or selects) the customer information and the biometric information through the user interface, and transmits the input (or the selected) customer information and the biometric information through the communication network to the certificate server ( In response thereto, the information receiving unit 815 receives the customer information and the biometric information transmitted from the certificate issuing terminal 845 in association with the interface unit 805.

According to the embodiment of the present invention, the certificate issuing terminal 845 has a predetermined password and / or security for verifying the validity of the customer information and the biometric information in the certificate server 800 to the customer information and the biometric information. At least one or more card information and / or an OTP code generated through a predetermined one time password (OTP) generator may be further transmitted to the certificate server 800 through the network means.

According to an exemplary embodiment of the present invention, the certificate issuing terminal 845 may include at least one encryption method (eg, a symmetric key based encryption method and / or a public key based encryption method, and / or the electronic device). Envelope-based encryption method, and / or key exchange-based encryption method, etc.), and / or attach a predetermined electronic signature to the customer information and biometric information, and transmit it to the certificate server 800 through the network means. Preferably, for this purpose, the certificate issuing terminal 845 has at least one encryption key corresponding to the encryption scheme, and / or has a predetermined public certificate including at least one encryption key, and / Or if the certificate is provided on a predetermined IC chip (or IC card), the certificate of authentication provided on the IC chip (or IC card) It is equipped with a card reader for cut group is preferred.

Those skilled in the art to which the present invention pertains include technical features of various encryption methods for encrypting the customer information and the biometric information, and technical features of attaching a predetermined electronic signature to the customer information and the biometric information. Since it will be familiar with, detailed description thereof will be omitted for convenience.

When the customer information and the biometric information are input (or selected) through the output user interface, the information generator 820 generates the authentication request information based on the input (or the selected) customer information and the biometric information. It features.

When authentication request information is generated through the information generation unit 820, the authentication confirmation unit 825 transmits the generated authentication request information to the certification authority server 850 to transmit the biometric information included in the authentication request information. Check and check whether the checked biometric information matches the biometric information registered by the user in the certification authority server 850 by comparing and checking whether the biometric information is registered by the user from the certification authority server 850. Characterized in that the check.

According to the implementation method of the present invention, whether the authentication of the authentication request information is confirmed, transmitting the generated authentication request information to the certification authority server 850, and the certification authority server 850 is included in the authentication request information. The biometric information and the biometric information stored in the database held by the certification authority server 850 (or accessible), and compare the biometric information with the customer information and the authentication request information registered in the database. Checking whether the customer information is matched, by receiving and reading the authentication result information (that is, including only the authentication result for the authentication request information) transmitted by the certification authority server 850, the authentication request information It is advisable to check the authenticity for.

According to another exemplary embodiment of the present invention, the authentication information included in the authentication request information is transmitted, the generated authentication request information is transmitted to the certification authority server 850, and the certification authority server 850 transmits the authentication request information. Compare / verify the biometric information included in the biometric information stored in a database held by the certification authority server 850 (or accessible), and obtain authentication result information including customer information registered with the biometric information. By checking whether the customer information included in the received authentication result information and the customer information included in the authentication request information match, it is preferable to check whether the authentication request information is authenticated.

Referring to FIG. S, when the authentication of the customer is confirmed, the certificate server 800 requests and receives public key information from the certificate issuing terminal 845 to generate and provide the public certificate information to the customer. An information receiving unit 815 (or information receiving means), an information generating unit 820 (or information generating means) for generating public certificate information based on the received public key information, and the generated public certificate information. It is characterized in that it comprises a certificate issuing unit 830 (or certificate issuing means) for transmitting to the certificate issuing terminal 845 to be stored in the wired and wireless storage medium for the customer.

After the identity verification process based on the biometric information of the customer through the authentication verification unit 825 (or after the identity verification process based on the biometric information about the customer in the certificate issuing terminal 845), the certificate issuing terminal 845 When the public key information and the customer information is transmitted in the), the information receiving unit 815 is characterized in that for receiving the customer information and public key information transmitted from the certificate issuing terminal 845.

When the customer information and the public key information transmitted from the certificate issuing terminal 845 are received through the information receiving unit 815, the information generating unit 820 is an authorized certificate based on the received customer information and the public key information. It is characterized by generating information.

According to an embodiment of the present invention, the public certificate information generated based on the customer information and the public key information is preferably generated according to the ITU-T Recommendation X.50x standard.

Here, the public certificate information is the version information for distinguishing the official certificate format, the serial number information used as reference information for the suspension and revocation list of the official certificate given to the public certificate provided to the customer; Signature algorithm information having a signature algorithm value used when creating a public certificate, issuer information for the authority that issued the public certificate, validity period information for the period that guarantees the status of the public certificate, and owner information of the public certificate holder. And the issuer public key identifier information for identifying the public key held by the owner, the public key corresponding to the certificate authority private key used to sign the certificate, the owner public key identifier information, and the owner's public key. At least one key usage purpose information including the purpose and certificate policy information It is made by also being preferred.

When the public certificate information is generated through the information generator 820, the certificate issuer 830 stores the generated public certificate information in the wired / wireless storage medium requested by the customer through the certificate issue terminal 845. It is characterized by processing.

Referring to FIG. 8, the certificate server 800 associates and processes the certificate information provided to the certificate issuing terminal 845 with the customer information about the target customer who issued the certificate. Information storage unit 835 (or information storage means) to be stored.

According to the method of the present invention, the certificate D / B 840 is a database accessible from the certificate server 800, the customer information for one or more customers, and the public certificate information corresponding to the certificate provided to the customer Is preferably stored.

In addition, the certificate D / B 840 is preferably a database that can not be modified / generated by accessing from an external server other than the certificate server (800).

9 is a diagram illustrating a functional configuration of a certificate issuing terminal 900 for issuing and processing a public certificate using biometric information according to an embodiment of the present invention.

In more detail, FIG. 9 illustrates an issuance of an authorized certificate using biometric information in an unmanned certificate issuing terminal 900 provided in a predetermined financial institution (eg, a commercial bank branch, a card company branch) and / or a public place. As a preferred functional configuration for processing the present invention, those of ordinary skill in the art to which the present invention pertains, refer to and / or modify this figure 9 to process the issuance of a public certificate using biometric information according to the present invention. Various implementation methods for the certificate issuing terminal 900 may be inferred, but the present invention includes all the implementation methods inferred above and is not limited by the implementation method shown in FIG.

For example, one of ordinary skill in the art to which the present invention pertains may refer to and / or modify the drawing 9 and infer an implementation method of applying to a financial institution-specific certificate issued by a financial institution in addition to the authorized certificate. There will be, and the invention is not limited thereby.

Referring to FIG. 9, the certificate issuing terminal 900 may use a wireless terminal such as a USB memory and / or a mobile phone and / or a wired / wireless storage medium such as an SD / MMC memory card and / or a CF memory card and / or an XD memory card. A storage medium control unit 910 for recognizing and storing the certificate information issued by using the biometric information, and outputs the processing screen of each step for issuing the certificate using the biometric information provided through the certificate issuing terminal 900 The screen output unit 920, the key input unit 930 for receiving predetermined information according to each step, and to request the issuance of a certificate using biometric information according to the present invention, to recognize the biometric information of the user A biometric unit 925, a communication unit 935 which communicates with a certificate authority server 990 and / or a financial institution server 993 and / or a certificate server 995 through a predetermined communication network, and the certificate issuing stage A memory unit 950 for storing at least one certificate issuance processing information for the public certificate issuing process using the biometric information, a predetermined certificate issuance information after the certificate issuing process, and the certificate issuing terminal 900 It includes a power supply unit 945 for supplying power to the power supply unit 945 and at least one terminal function unit 940 and a control unit 905 for controlling each functional component provided in the certificate issuing terminal 900.

In addition, the certificate issuing terminal 900 recognizes the MS card and / or IC card and / or bankbook that stores the customer's financial information (for example, the card information and / or account information possessed by the customer) and predetermined information It comprises a card reader unit 915 to obtain a.

The control unit 905 controls the overall operation of the certificate issuing terminal 900 in the functional configuration, manages the flow of information or data between each component, and for issuing an authorized certificate based on biometric information according to the present invention. Control at least one or more components provided in the certificate issuing terminal 900, and at least one processor and execution memory (Central Processing Unit (CPU) / Micro Processing Unit (MPU) hardware) For example, it comprises a register) and a bus (BUS) for inputting and outputting predetermined data and at least one or more electronic circuits (or integrated circuits) therefor, and also for performing software-specific functions. Loading and loading the execution memory from a predetermined recording medium provided in the certificate issuing terminal 900 Including a predetermined program routine (Routine) and / or the program data to be processed computed by the processor is characterized in that formed. In particular, the control unit 905 includes a predetermined operating system and / or a terminal control program routine for managing the certificate issuing terminal 900 after the certificate issuing terminal 900 is booted in software. .

Hereinafter, FIG. 9 illustrates at least one program component provided in the certificate issuing terminal 900 for issuing an authorized certificate based on biometric information according to the present invention for convenience in the controller 905.

The storage medium controller 910 is issued and processed by the certificate information based on the biometric information according to the present invention, the wired and wireless storage medium and the certificate issuing terminal for storing / reading the certificate information in the wired and wireless storage medium It provides an interface between the 900, and controls according to the standard for reading and / or recording one or more information or data according to the type of wired and wireless storage media (e.g., SPI protocol, etc. in the case of a memory card) It is preferable.

The card reader unit 915 provides an interface between the card and the certificate issuing terminal 900 to read at least one or more information or data included in the card for issuing a public certificate. MS reader interface to interface the MS (Magnetic Stripe) card based on the 7810 standard with the certificate issuing terminal 900, and / or contact type based on the ISO / IEC 7816 standard for the process of issuing a certificate based on biometric information A contact IC reader unit for interfacing an IC (Integrated Circuit) card with the certificate issuing terminal 900 and / or a contactless IC reader unit for interfacing a contactless IC card based on the ISO / IEC 14443 standard with the certificate issuing terminal 900 And the contact IC reader unit and / or the contactless IC reader unit correspond to the IC card reader provided in the certificate issuing terminal 900. desirable.

The MS reader unit is a card reader unit 915 based on ISO / IEC 7810, and includes at least one magnetic head including a predetermined coil, and includes predetermined information or data (eg, magnetization). When the MS card on which the stored binary information or binary data is recorded moves in a predetermined direction in close contact with the magnetic head (or the magnetic head moves in close contact with an MS card in which predetermined information or data is recorded), By using a predetermined electrical signal is loaded, the predetermined information or data from at least one or more tracks included in the MS of the MS card is characterized in that the interface to the certificate issuing terminal 900.

The contact IC reader unit is a card reader unit 915 based on ISO / IEC 7816, and includes at least one contact point that makes electrical contact with a chip on board (COB) provided in the contact IC card. It supplies power to the IC chip of the IC card through the contact point, and the predetermined information or data from the IC chip through the half duplex transaction using an APDU (Application Protocol Data Unit) It is characterized in that the interface to the certificate issuing terminal 900.

The contactless IC reader part is a card reader part 915 based on ISO / IEC 14443. The contactless IC reader part may be at least in electrical contact with the contactless IC card by using capacitive coupling and / or inductive coupling. It comprises one or more antennas, and supplies power to the IC chip of the IC card through the antenna, the predetermined information or data from the IC chip through the half-duplex transaction using the APDU certificate It is characterized in that the interface to the issuing terminal 900.

The screen output unit 920 is predefined so that the certificate issuing terminal 900 is output by the control unit 905 to a predetermined screen output means including a liquid crystal display (LCD) and / or a cathode ray tube (CRT). Or at least one information or data that is defined in real time or is defined in real time, and the key data input through the key input unit 930 to pre-defined information or data to be output on the screen from the certificate issuing terminal 900. Biometric information input through the biometric recognition unit 925, information stored or generated by the components provided in the certificate issuing terminal 900, information transmitted and received through the communication unit 935, certificate issuing terminal ( And data corresponding to a predetermined operation result performed at 900.

According to the exemplary embodiment of the present invention, the screen output unit 920 preferably outputs a processing screen and / or an interface screen according to each authorized certificate issue step using biometric information according to the present invention to a predetermined screen output device. .

The key input unit 930 includes a predetermined at least one key button including at least one numeric key and / or a character key and / or a function key. Detects information (or a signal) input from a key input device of a predetermined key and is provided to the key input device in a specific input mode and / or an operation mode of the certificate issuing terminal 900 controlled by the controller 905. When predetermined information (or signal) is inputted from the key button of, a key event corresponding to the input information (or signal) is generated, and the generated key event is provided to the controller 905. The controller 905 obtains predetermined key data corresponding to the key event in the current input mode and / or operation mode of the certificate issuing terminal 900, and / or is matched with the key event. Characterized in that obtaining a command for executing a predetermined function, the key input unit 930 and the key input device having at least one or more key buttons are provided in the certificate issuing terminal 900 in cooperation with each other Functions as a key input means.

According to an embodiment of the present invention, a key input device interoperating with the key input unit 930 may include a keypad device having at least one numeric key and a function key, and / or at least one numeric key and a character key (eg, A keyboard device having English character keys and / or Korean character keys) and a function key, and / or at least one numeric key and a function key in conjunction with the screen output means, and / or at least one numeric key And at least one touch screen device having character keys and function keys.

According to the exemplary embodiment of the present invention, the key input unit 930 preferably receives at least one or more pieces of information from a predetermined key input device according to each of the steps for issuing a public certificate using biometric information according to the present invention.

The biometric recognition unit 925 detects information input from a biometric information recognition device having a function of reading at least one or more biometric information, and specifies the certificate issuing terminal 900 controlled by the control unit 905. When predetermined biometric information is input from the biometric information reader provided in the biometric information recognizing apparatus in the input mode and / or the operation mode, the input biometric information is provided to the controller 905. In operation 905, the biometric information may be obtained in a current input mode and / or an operation mode of the certificate issuing terminal 900.

According to an embodiment of the present invention, a biometric information recognition device interoperating with the biometric recognition unit 925 may include a keypad device having at least one or more function keys, and / or at least one fingerprint recognition device, and / or at least one. At least one biometric device equipped with a biometric information reader function such as the iris recognition device and / or the face recognition device is preferable.

The communication unit 935 provides communication means for performing a transaction function (for example, a transaction function interoperating with one or more servers connected to the certificate issuing terminal 900 and the communication network) provided in the certificate issuing terminal 900. And a network communication unit 935 and / or a predetermined cable communication port for providing transactional communication with a server on a communication network through a communication network (for example, a party network or a CD / ATM network) in hardware. Cable communication unit 935 and / or Infrared Ray communication, RF (Radio Frequency) communication, Bluetooth (BlueTooth), which provides transactional communication with external communication devices via RS-232c, USB (Universal Serial Bus (USB), etc.) Local area that provides transactional communication with a local area communication device through at least one local area wireless communication including wireless LAN, Wi-Fi, and ultra wide band system (UWB). It made, including the bride (935) comprises a communication protocol and communications applications to provide transactional communications by software.

According to an embodiment of the present invention, the communication unit 935 connects a communication channel for issuing an authorized certificate using biometric information with at least one server on the communication network through a network communication unit 935 through a predetermined communication network. It is preferable.

The memory unit 950 is a storage medium that stores at least one or more information or data required for the control unit 905 to perform a predetermined control function. The memory unit 950 hardware-electrically erasable and programmable read only memory (EEPROM), FM (Flash Memory), HDD (Hard Disk Drive), and at least one storage means including a solid state drive (SSD), and the like, the software control unit 905 is required to perform a predetermined control function A predetermined program routine and program data (e.g., data input or output for the program routine to perform a predetermined function).

According to an exemplary embodiment of the present invention, the memory unit 950 may store at least one certificate issuance processing information used by the certificate issuing terminal 900 to process a financial transaction using biometric information according to the present invention. And, and / or after the certificate issuing process using the biometric information, it is preferable to store the certificate issuance history information corresponding to the issue of the certificate.

The terminal function unit 940 is a component provided in the certificate issuing terminal 900 in addition to the components shown in FIG. 9 and / or components provided in the certificate issuing terminal 900 for a predetermined purpose or role. As a security application module (SAM), a user device such as a scanner device capable of confirming customer information, such as a resident registration card / driver's license / passport that is put by the user is made of a variety of additional function configuration according to the intention of those skilled in the art.

Those skilled in the art to which the present invention pertains will easily understand each terminal function unit 940 provided according to the characteristics of the certificate issuing terminal 900, and thus a detailed description thereof will be omitted.

Referring to FIG. 9, whether the operation mode of the certificate issuing terminal 900 is an authorized certificate issuing mode based on biometric information or a public certificate issuing mode based on financial information (eg, account information or card information). One or more modes corresponding to a mode checking unit 955 for checking whether the authentication certificate issuing mode based on the biometric information or the authentication certificate issuing mode based on financial information (for example, account information or card information). In response to an interface output unit 960 for processing a user interface to be output through the screen output unit 920 and an operation mode input (or selected) through the output one or more user interfaces, the issuance of the public certificate is issued. Generate authentication request information based on biometric information input by the requesting user and customer information about the user. And an authentication confirmation unit 970 which transmits the generated authentication request information to the certification authority server 990 and confirms authentication of the biometric information.

The certificate issuing terminal 900 includes a plurality of operation modes, such as an official certificate issuing mode for processing the issuance of the public certificate using the biometric information according to the present invention, an official certificate issuing mode for processing the issue of the public certificate using financial information, and the like. The mode checking unit 955 checks whether the operation mode of the certificate issuing terminal 900 is an authorized certificate issuing mode for processing the issuance of a certified certificate using biometric information or an authorized certificate issuing mode using financial information. Characterized in that.

According to an exemplary embodiment of the present invention, the certificate issuing terminal 900 selects issuance of a certificate using biometric information according to the present invention from among a plurality of operation modes on a basic screen, thereby issuing a certificate of certification using the biometric information. It is preferable to switch to the public certificate issuing mode.

According to another embodiment of the present invention, the certificate issuing terminal 900 is a predetermined IC card is inserted into the IC card reader, and issuing a certificate issued by using the biometric information according to the present invention of a plurality of operation modes By selecting, it is preferable to switch to the public certificate issuing mode for processing the public certificate issuance using the biometric information.

When the mode checking unit 955 is set to the public certificate issuing mode using biometric information, the interface output unit 960 is configured to input (or select) customer information for processing the public certificate issue and biometric information. It characterized in that it comprises at least one user interface.

According to an embodiment of the present invention, customer information for processing the issued certificate and at least one user interface for inputting (or selecting) biometric information may include customer information such as a customer name, social security number, address, and telephone number. And at least one region for inputting (or selecting) and at least one button (or icon) for processing the biometric information of the user through the biometric recognition unit 925.

When the customer information and the biometric information are input (or selected) through the output user interface, the information generator 965 generates the authentication request information based on the input (or the selected) customer information and the biometric information. It features.

Here, the generated 'authentication request information' is directly referred to as 'certificate issue request information' when directly transmitted to the certificate server 995.

When authentication request information is generated through the information generating unit 965, the authentication confirming unit 970 transmits the generated authentication request information to the certification authority server 990 to transmit biometric information included in the authentication request information. Check and check whether the checked biometric information matches the biometric information registered by the user in the certification authority server 990 by comparing and checking whether the biometric information is registered by the user from the certification authority server 990. Characterized in that the check.

According to the implementation method of the present invention, whether the authentication of the authentication request information is confirmed, the generated authentication request information is transmitted to the certification authority server 990, and the certification authority server 990 is included in the authentication request information. The biometric information and the biometric information stored in the database held by the certification authority server 990 (or accessible), and compare the biometric information with the customer information and the authentication request information registered in the database. Checking whether the customer information is matched and receiving and reading the authentication result information (that is, including only the authentication result for the authentication request information) transmitted by the certification authority server 990, the authentication request information It is advisable to check the authenticity for.

According to another embodiment of the present invention, the authentication whether the authentication information included in the authentication request information, and transmits the generated authentication request information to the certification authority server 990, the phosphorus pipe server 990 is the authentication request information Compare / verify the biometric information included in the biometric information and the biometric information stored on the database (or accessible) held by the certification authority server 990, and obtain authentication result information including customer information registered with the biometric information. By checking whether the customer information included in the received authentication result information and the customer information included in the authentication request information match, it is preferable to check whether the authentication request information is authenticated.

Referring to FIG. 9, the certificate issuing terminal 900, based on a result of confirming the authentication of the authentication request information, if the authentication of the authentication request information is confirmed, issuing an authorized certificate based on the biometric information An authentication key generation unit 975 for generating an authentication key for processing, and transmits the generated authentication key to a certificate server 995 to request issuance of a public certificate, and the authentication key transmitted from the certificate server 995. The certificate processing unit 980 for receiving the public certificate information generated based on the wired / wireless storage medium through the storage medium controller 910 for the public certificate information and the generated authentication key information received from the certificate server 995 And an information storage unit 985 for processing to be stored in the storage device.

Based on a result of verifying whether the authentication request information is authenticated, when the authentication of the authentication request information is confirmed, the authentication key generation unit 975 generates a public key and a private key.

Those skilled in the art will be familiar with the method and / or process for generating the public and private keys, and the technical features of the public and private keys. Detailed description is omitted for convenience.

When a public key and a private key are generated through the authentication key generation unit 975, the certificate processing unit 980 transmits the generated public key to a certificate server 995, and transmits the certificate from the certificate server 995. Characterized in that the public certificate information generated based on the public key.

According to the exemplary embodiment of the present invention, it is preferable that the authorized certificate information generated based on the transmitted public key is encrypted using the transmitted public key.

According to the implementation method of the present invention, the online request form for the wired public certificate is preferably composed of certificate request information, private key ownership verification information, and additional registration information. It is preferred, and may be changed according to the intention and purpose of those skilled in the art.

In addition, it is preferable that the online request form for the wireless certification certificate conforms to the WAPWPKI international standard.

CertReqMsg :: = SEQUENCE {

certReq CertRequest,

pop ProofOfPossession OPTIONAL,

regInfo SEQUENCE SIZE (1..MAX) of AttributeTypeAndValue OPTIONAL}

Here, certReq is the certificate request information, and includes only the contents to be included in the certificate. Pop is the verification information of the user's private key ownership. Is information used when additional registration information is required for the authentication request, and may include user identification information, user access information, and payment information.

The structure of the certificate request information is preferably the following structure.

CertRequest :: = SEQUENCE {

certReqId INTEGER,

certTemplate CertTemplate,

controls Controls OPTIONAL}

Here, the CertReqID is information used for confirming a certificate request message and a response message corresponding thereto. Preferably, the CertReqID value is the same between the corresponding messages.

In addition, the certTemplate includes respective information according to a user's request for certificate issuance according to the RFC2510 standard, and preferably has the following structure.

CertTemplate :: = SEQUENCE {

version [0] version OPTIONAL,

serialNumber [1] INTEGER OPTIONAL,

signingAlg [2] AlgorithmIdentifier OPTIONAL,

issuer [3] Name OPTIONAL,

validity [4] OptionalValidity OPTIONAL,

subject [5] Name OPTIONAL,

publicKey [6] SubjectPublicKeyInfo OPTIONAL,

issuerUID [7] UniqueIdentifier OPTIONAL,

subjectUID [8] UniqueIdentifier OPTIONAL,

extensions [9] Extensions OPTIONAL}

In addition, the control includes information affecting certificate issuance, and controls of regToken, authenticator, pkiPublicationInfo, and oldCertID may be used.

Here, the regToken control has one-time information for verifying the identity of the user, and this information may be generated by a certification authority (CA) or provided to the user from outside, only for a new user, UTF8 Is preferably encoded as.

In addition, the authenticator control may include a part of the subscriber information shared between the CA and the user to verify the identity of the user, this control can be used to request certificates of existing users in addition to the new user.

In addition, the pkiPublicationInfo control includes a certificate notification method and notification location information, and it is preferable to comply with the RFC2511 standard.

When the certificate storage unit 985 receives the certificate information from the certificate server 995, the received certificate information is processed to be stored in the wired / wireless storage medium based on a protocol corresponding to the type of wired / wireless storage medium. It is characterized by.

According to the exemplary embodiment of the present invention, when the wired / wireless storage medium is a USB storage medium, the authorized certificate information storage is supplied with power for the operation of the USB storage medium, and the USB storage medium is operated through the applied power. Preferably, the public certificate is processed to be transmitted to and stored in the USB storage medium.

According to another exemplary embodiment of the present invention, when the wired / wireless storage medium is a mobile phone storage medium, the authorized certificate information storage drives a VM (Virtual Machine) provided in the mobile phone to operate the mobile phone storage medium. It is preferable to process the data to be stored in a Universal Subscriber Identifier Module (USIM) chip or IC chip or SD / MMC / CF / XD memory card provided in the mobile phone.

Those skilled in the art to which the present invention pertains may refer to and / or modify the drawing 9 and / or any wired / wireless storage medium capable of storing authorized certificate information in addition to the USB storage medium or the mobile phone storage medium (eg, smart). Card storage media, etc.), whereby the present invention is not limited thereto.

10A and 10B illustrate a process of issuing and processing a public certificate through identity verification using biometric information according to one embodiment of the present invention.

In more detail, FIGS. 10A and 10B illustrate the customer information and the biometric information from the certificate issuing terminal 900 for the processing of issuing an authorized certificate through identification verification using biometric information, based on FIGS. 7 and 8 and 9. When is input (or selected), the authentication authority server 990 and the certificate issuing terminal 900 processes the identification, based on the input (or selected) customer information and biometric information, the certificate issuing terminal 900 In the process of generating a public key and a private key in a request to receive a certificate issued through the certificate server 995, and receiving the received certificate information stored in a wired or wireless storage medium, the present invention Those skilled in the art can refer to and / or modify the drawings 10a and 10b to issue and process a public certificate through identity verification using biometric information. Would be able to infer a variety of exemplary methods of the present invention includes all embodiments in which the inference method, shall not be limited to the exemplary method shown in the figure 10a and figure 10b.

For example, those skilled in the art to which the present invention pertains may modify the order of the process of issuing and processing a public certificate through identification verification using biometric information by referring to and / or modifying the drawings 10a and 10b. , And / or some omitted implementation methods may be inferred, and the present invention is not limited thereto.

Referring to FIGS. 10A and 10B, the certificate issuing terminal 900 illustrated in FIG. 9 may be configured to input (or select) customer information and biometric information to request an issuance of a certificate through authentication of identity using biometric information. The user interface output is requested (1000), the user interface corresponding to the output request is generated (or extracted) and processed to be output (1005), and the customer information and the biometric information are input (or selected) through the output user interface. (1010).

If customer information and biometric information are input (or selected) through the output user interface (1015), the certificate issuing terminal 900 requests for authentication based on the input (or selected) customer information and biometric information. Generate (or extract) information (1020), and transmit the generated (or extracted) authentication request information to the certification authority server 990 shown in FIG. 7 through a communication network to request authentication (1025). In response, the certification authority server 990 checks the authentication result based on the received authentication request information (1030).

According to an embodiment of the present invention, identification of the customer may include biometric information matching the biometric information included in the received authentication request information through the storage medium, and may be stored in connection with the confirmed biometric information. It is preferable to process identity verification for the authentication request information by checking whether the customer information and the customer information included in the authentication request information match.

In accordance with another embodiment of the present invention, when the identification of the customer is performed in the certificate issuing terminal 900, the biometric information matching the biometric information included in the received authentication request information is confirmed through the storage medium, Preferably, the certificate issuing terminal 900 checks the identity of the authentication request information by transmitting the stored customer information in connection with the confirmed biometric information to the certificate issuing terminal 900.

Here, the result corresponding to the authentication request information transmitted to the certificate issuing terminal 900, it is preferable to provide only the identity verification results corresponding to the authentication request information, or provide the confirmed customer information.

Thereafter, the certification authority server 990 transmits the verified authentication result to the certificate issuing terminal 900 (1040), and correspondingly, the certificate issuing terminal 900 confirms the received authentication result ( 1045).

If the authentication result received from the certification authority server 990 is confirmed as an authentication failure (1050), the certificate issuing terminal 900 generates error information for authentication failure based on the received authentication result (or Extraction) to process the output (1055).

On the other hand, if the authentication result received from the certification authority server 990 is confirmed as successful authentication (1050), the certificate issuing terminal 900 generates a public key and a private key (1060), and the generated public key The certificate server 995 requests public certificate information by sending it to the certificate server 995.

Those skilled in the art will be familiar with the method and / or process for generating the public and private keys, and the technical features of the public and private keys. Detailed description is omitted for convenience.

Thereafter, the certificate server 995 generates public certificate information based on the received public key (1070), transmits the generated public certificate information to the certificate issuing terminal 900 (1075), and corresponds thereto. The certificate issuing terminal 900 processes the received public certificate information and the generated private key information to be stored in a wired / wireless storage medium connected to the certificate issuing terminal 900 (1080).

According to the exemplary embodiment of the present invention, it is preferable that the authorized certificate information generated based on the transmitted public key is encrypted using the transmitted public key.

According to the implementation method of the present invention, the online request form for the wired public certificate is preferably composed of certificate request information, private key ownership verification information, and additional registration information. It is preferred, and may be changed according to the intention and purpose of those skilled in the art.

In addition, the online request form for the wireless certification certificate should follow the WAPWPKI international standard.

CertReqMsg :: = SEQUENCE {

certReq CertRequest,

pop ProofOfPossession OPTIONAL,

regInfo SEQUENCE SIZE (1..MAX) of AttributeTypeAndValue OPTIONAL}

Here, certReq is the certificate request information, and includes only the contents to be included in the certificate. Pop is the verification information of the user's private key ownership. Is information used when additional registration information is required for the authentication request, and may include user identification information, user access information, and payment information.

The structure of the certificate request information is preferably the following structure.

CertRequest :: = SEQUENCE {

certReqId INTEGER,

certTemplate CertTemplate,

controls Controls OPTIONAL}

Here, the CertReqID is information used for confirming a certificate request message and a response message corresponding thereto. Preferably, the CertReqID value is the same between the corresponding messages.

In addition, the certTemplate includes respective information according to a user's request for certificate issuance according to the RFC2510 standard, and preferably has the following structure.

CertTemplate :: = SEQUENCE {

version [0] version OPTIONAL,

serialNumber [1] INTEGER OPTIONAL,

signingAlg [2] AlgorithmIdentifier OPTIONAL,

issuer [3] Name OPTIONAL,

validity [4] OptionalValidity OPTIONAL,

subject [5] Name OPTIONAL,

publicKey [6] SubjectPublicKeyInfo OPTIONAL,

issuerUID [7] UniqueIdentifier OPTIONAL,

subjectUID [8] UniqueIdentifier OPTIONAL,

extensions [9] Extensions OPTIONAL}

In addition, the control includes information affecting certificate issuance, and controls of regToken, authenticator, pkiPublicationInfo, and oldCertID may be used.

Here, the regToken control has one-time information for verifying the identity of the user, and this information may be generated by a certification authority (CA) or provided to the user from outside, only for a new user, UTF8 Is preferably encoded as.

In addition, the authenticator control may include a part of the subscriber information shared between the CA and the user to verify the identity of the user, this control can be used to request certificates of existing users in addition to the new user.

In addition, the pkiPublicationInfo control includes a certificate notification method and notification location information, and it is preferable to comply with the RFC2511 standard.

According to an embodiment of the present invention, the public certificate information generated based on the customer information and the public key information is preferably generated according to the ITU-T Recommendation X.50x standard.

Here, the public certificate information is the version information for distinguishing the official certificate format, the serial number information used as reference information for the suspension and revocation list of the official certificate given to the public certificate provided to the customer; Signature algorithm information having a signature algorithm value used when creating a public certificate, issuer information for the authority that issued the public certificate, validity period information for the period that guarantees the status of the public certificate, and owner information of the public certificate holder. And the issuer public key identifier information for identifying the public key held by the owner, the public key corresponding to the certificate authority private key used to sign the certificate, the owner public key identifier information, and the owner's public key. At least one key usage purpose information including the purpose and certificate policy information It is made by also being preferred.

According to the exemplary embodiment of the present invention, when the wired / wireless storage medium is a USB storage medium, the authorized certificate information storage is supplied with power for the operation of the USB storage medium, and the USB storage medium is operated through the applied power. Preferably, the public certificate is processed to be transmitted to and stored in the USB storage medium.

According to another exemplary embodiment of the present invention, when the wired / wireless storage medium is a mobile phone storage medium, the authorized certificate information storage drives a VM (Virtual Machine) provided in the mobile phone to operate the mobile phone storage medium. It is preferable to process the data to be stored in a Universal Subscriber Identifier Module (USIM) chip or IC chip or SD / MMC / CF / XD memory card provided in the mobile phone.

Those skilled in the art to which the present invention pertains, all wired and wireless storage media capable of storing the authorized certificate information, in addition to the USB storage medium or mobile phone storage medium by referring to and / or modified with reference to the drawings 10a and 10b ( For example, a smart card storage medium, etc.) may be included, and the present invention is not limited thereto.

11A and 11B illustrate a process of issuing and processing a public certificate through identity verification using biometric information according to another exemplary embodiment of the present invention.

In more detail, FIGS. 11A and 11B illustrate the customer information and the biometric information from the certificate issuing terminal 900 for the processing of issuing an authorized certificate through identification verification using biometric information, based on FIGS. 7 and 8 and 9. Is inputted (or selected), the inputted (or selected) customer information and biometric information is transmitted to the certificate server 995, the certificate server 995 processes the identity verification with the certificate authority server 990, It is a process for generating a public key and a private key from the certificate issuing terminal 900 to request and receive an issuance of a certificate through a certificate server 995, and process the received certificate information to be stored in a wired / wireless storage medium. For those of ordinary skill in the art to which the present invention pertains, reference and / or modifications of the drawings 11a and 11b may be used to generate an authorized certificate through identity verification using biometric information. Would be able to infer a variety of exemplary methods for the handling, the present invention includes all embodiments in which the inference method, shall not be limited to the exemplary method shown in the figure 11a and figure 11b.

For example, those skilled in the art to which the present invention pertains may modify the order of the process of issuing and processing the public certificate through the identification verification using biometric information by referring to and / or modifying the drawings 11a and 11b. , And / or some omitted implementation methods may be inferred, and the present invention is not limited thereto.

11A and 11B, the certificate issuing terminal 900 illustrated in FIG. 9 is for inputting (or selecting) customer information and biometric information to request an issuance of an authorized certificate through identity verification using biometric information. Requests user interface output (1100), generates (or extracts) a user interface corresponding to the output request, processes it to be output (1105), and inputs (or selects) customer information and biometric information through the outputted user interface. (1110).

If customer information and biometric information are input (or selected) through the output user interface (1115), the certificate issuing terminal 900 issues a certificate based on the input (or selected) customer information and biometric information. Generate (or extract) the request information (1120), and transmit the generated (or extracted) certificate issue request information to the certification authority server 990 shown in FIG. In response, the certificate server 995 receives the certificate issuing request information transmitted from the certificate issuing terminal 900, and confirms the identity through the certification authority server 990 based on the received certificate issuing request information. In operation 1130, the certification authority server 990 verifies the customer identity in response to the received identification request (1135).

According to an embodiment of the present invention, identification of the customer may include biometric information matching the biometric information included in the received authentication request information through the storage medium, and may be stored in connection with the confirmed biometric information. It is preferable to process identity verification for the authentication request information by checking whether the customer information and the customer information included in the authentication request information match.

In accordance with another embodiment of the present invention, when the identification of the customer is performed in the certificate issuing terminal 900, the biometric information matching the biometric information included in the received authentication request information is confirmed through the storage medium, Preferably, the certificate issuing terminal 900 checks the identity of the authentication request information by transmitting the stored customer information in connection with the confirmed biometric information to the certificate issuing terminal 900.

Here, the result corresponding to the authentication request information transmitted to the certificate issuing terminal 900, it is preferable to provide only the identity verification results corresponding to the authentication request information, or provide the customer information confirmed above.

Thereafter, the certification authority server 990 transmits the verified authentication result to the certificate server 995 (1140), and correspondingly, the certificate server 995 confirms the received authentication result (1145). .

If the authentication result received from the certification authority server 990 is confirmed as an authentication failure (1150), the certificate server 995 generates error information for authentication failure based on the received identity verification result (or Extract) to transmit the certificate to the certificate issuing terminal 900 through the communication network to be output (step 1155).

On the other hand, if the authentication result received from the certification authority server 990 is confirmed as successful authentication (1150), the certificate server 995 requests a public key for issuing a public certificate to the certificate issuing terminal (1160), In response, the certificate issuing terminal 900 generates a public key and a private key according to the public key request, and transmits the generated public key to the certificate server 995 to request public certificate information (1165).

Those skilled in the art will be familiar with the method and / or process for generating the public and private keys, and the technical features of the public and private keys. Detailed description is omitted for convenience.

Thereafter, the certificate server 995 generates public certificate information based on the received public key (1170), transmits the generated public certificate information to the certificate issuing terminal 900 (1175), and corresponds to this. The certificate issuing terminal 900 processes the received public certificate information and the generated private key information to be stored in a wired / wireless storage medium connected to the certificate issuing terminal 900 (1180).

According to the exemplary embodiment of the present invention, it is preferable that the authorized certificate information generated based on the transmitted public key is encrypted using the transmitted public key.

According to the implementation method of the present invention, the online request form for the wired public certificate is preferably composed of certificate request information, private key ownership verification information, and additional registration information. It is preferred, and may be changed according to the intention and purpose of those skilled in the art.

In addition, it is preferable that the online request form for the wireless certification certificate conforms to the WAPWPKI international standard.

CertReqMsg :: = SEQUENCE {

certReq CertRequest,

pop ProofOfPossession OPTIONAL,

regInfo SEQUENCE SIZE (1..MAX) of AttributeTypeAndValue OPTIONAL}

Here, certReq is the certificate request information, and includes only the contents to be included in the certificate. Pop is the verification information of the user's private key ownership. Is information used when additional registration information is required for the authentication request, and may include user identification information, user access information, and payment information.

The structure of the certificate request information is preferably the following structure.

CertRequest :: = SEQUENCE {

certReqId INTEGER,

certTemplate CertTemplate,

controls Controls OPTIONAL}

Here, the CertReqID is information used for confirming a certificate request message and a response message corresponding thereto. Preferably, the CertReqID value is the same between the corresponding messages.

In addition, the certTemplate includes respective information according to a user's request for certificate issuance according to the RFC2510 standard, and preferably has the following structure.

CertTemplate :: = SEQUENCE {

version [0] version OPTIONAL,

serialNumber [1] INTEGER OPTIONAL,

signingAlg [2] AlgorithmIdentifier OPTIONAL,

issuer [3] Name OPTIONAL,

validity [4] OptionalValidity OPTIONAL,

subject [5] Name OPTIONAL,

publicKey [6] SubjectPublicKeyInfo OPTIONAL,

issuerUID [7] UniqueIdentifier OPTIONAL,

subjectUID [8] UniqueIdentifier OPTIONAL,

extensions [9] Extensions OPTIONAL}

In addition, the control includes information affecting certificate issuance, and controls of regToken, authenticator, pkiPublicationInfo, and oldCertID may be used.

Here, the regToken control has one-time information for verifying the identity of the user, and this information may be generated by a certification authority (CA) or provided to the user from outside, only for a new user, UTF8 Is preferably encoded as.

In addition, the authenticator control may include a part of the subscriber information shared between the CA and the user to verify the identity of the user, this control can be used to request certificates of existing users in addition to the new user.

In addition, the pkiPublicationInfo control includes a certificate notification method and notification location information, and it is preferable to comply with the RFC2511 standard.

According to an embodiment of the present invention, the public certificate information generated based on the customer information and the public key information is preferably generated according to the ITU-T Recommendation X.50x standard.

Here, the public certificate information is the version information for distinguishing the official certificate format, the serial number information used as reference information for the suspension and revocation list of the official certificate given to the public certificate provided to the customer; Signature algorithm information having a signature algorithm value used when creating a public certificate, issuer information for the authority that issued the public certificate, validity period information for the period that guarantees the status of the public certificate, and owner information of the public certificate holder. And the issuer public key identifier information for identifying the public key held by the owner, the public key corresponding to the certificate authority private key used to sign the certificate, the owner public key identifier information, and the owner's public key. At least one key usage purpose information including the purpose and certificate policy information It is preferable to comprise.

According to the exemplary embodiment of the present invention, when the wired / wireless storage medium is a USB storage medium, the authorized certificate information storage is supplied with power for the operation of the USB storage medium, and the USB storage medium is operated through the applied power. Preferably, the public certificate is processed to be transmitted to and stored in the USB storage medium.

According to another exemplary embodiment of the present invention, when the wired / wireless storage medium is a mobile phone storage medium, the authorized certificate information storage drives a virtual machine (VM) provided in the mobile phone to operate the mobile phone storage medium. It is preferable to process the data to be stored in a USIM (Universal Subscriber Identify Module) chip or IC chip or SD / MMC / CF / XD memory card provided in the mobile phone.

Those skilled in the art to which the present invention pertains, all wired and wireless storage media capable of storing authorized certificate information, in addition to the USB storage medium or mobile phone storage medium by referring to and / or modified with reference to the drawings 11a and 11b ( For example, a smart card storage medium, etc.) may be included, and the present invention is not limited thereto.

The present invention, by using biometric information that can not be input other than the person when issuing a public certificate, in the case of using the conventional financial information (for example, account information or card information) for issuing a public certificate, it can be easily leaked, Enables the resolution of fraudulent issuance of public certificates.

Claims (4)

In a terminal for issuing a certificate that is processed to issue and store the certificate by wired and wireless storage media, A biometric recognition unit recognizing biometric information input by the customer when the customer inputs at least one of biometric information—fingerprint information, iris information, and facial recognition information; An authentication confirmation unit for authenticating a customer's identity through a biometric information authority on a network based on the biometric information recognized by the customer; An authentication key generation unit for generating a public key and a private key for issuing an authorized certificate to the customer when the customer identification is verified; And a certificate processing unit for processing a public certificate to be issued to the wired / wireless storage medium based on the generated public key and private key. The method of claim 1, When the customer enters the financial information, based on the financial information entered by the customer authentication verification unit for verifying the customer identity through a financial institution on the network; Authorized certificate issuing terminal characterized in that it further comprises. In a method for processing by issuing an authorized certificate to the wired and wireless storage medium requested by the customer, When the customer inputs (or selects) the customer information and the biometric information for the request for issuance of an authorized certificate, confirming the customer's identity through the biometric information provided by the customer in association with a biometric information authority on the network; When the customer's identity is verified through the biometric information provided by the customer, the authentication certificate information is received in association with an authorized certificate issuer, and the received authentication certificate information is stored in a wired / wireless storage medium requested by the customer. Certified certificate issue processing method characterized in that it comprises a. A computer-readable recording medium having recorded thereon a program for executing the method of claim 1.

Images