WO2014155634A1 - Biometric registration/authentication system, biometric registration/authentication device, and biometric registration/authentication method - Google Patents

Biometric registration/authentication system, biometric registration/authentication device, and biometric registration/authentication method Download PDF

Info

Publication number
WO2014155634A1
WO2014155634A1 PCT/JP2013/059409 JP2013059409W WO2014155634A1 WO 2014155634 A1 WO2014155634 A1 WO 2014155634A1 JP 2013059409 W JP2013059409 W JP 2013059409W WO 2014155634 A1 WO2014155634 A1 WO 2014155634A1
Authority
WO
WIPO (PCT)
Prior art keywords
user
biometric
information
host computer
terminal
Prior art date
Application number
PCT/JP2013/059409
Other languages
French (fr)
Japanese (ja)
Inventor
厚志 加藤
Original Assignee
日立オムロンターミナルソリューションズ株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 日立オムロンターミナルソリューションズ株式会社 filed Critical 日立オムロンターミナルソリューションズ株式会社
Priority to PCT/JP2013/059409 priority Critical patent/WO2014155634A1/en
Priority to CN201410055910.XA priority patent/CN104077514B/en
Publication of WO2014155634A1 publication Critical patent/WO2014155634A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06VIMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
    • G06V10/00Arrangements for image or video recognition or understanding
    • G06V10/98Detection or correction of errors, e.g. by rescanning the pattern or by human intervention; Evaluation of the quality of the acquired patterns
    • G06V10/993Evaluation of the quality of the acquired pattern
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06VIMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
    • G06V40/00Recognition of biometric, human-related or animal-related patterns in image or video data
    • G06V40/50Maintenance of biometric data or enrolment thereof
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06VIMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
    • G06V40/00Recognition of biometric, human-related or animal-related patterns in image or video data
    • G06V40/10Human or animal bodies, e.g. vehicle occupants or pedestrians; Body parts, e.g. hands
    • G06V40/16Human faces, e.g. facial parts, sketches or expressions

Definitions

  • the present invention is a biometric registration / authentication system, a biometric registration / authentication device that performs user registration and authentication using biometric information of a user and, for example, additional information such as gender, age, height, and current address, And a biometric registration / authentication method.
  • biometric authentication using “individual features” is being recognized as a highly accurate and accurate personal authentication means with less risk of forgery, theft, loss and unauthorized transfer.
  • biometric information authentication technology it is considered difficult to meet diversified requirements with only a single biometric authentication.
  • the registration means acquires a plurality of pieces of biometric information from the new user when registering the biometric information of the new user.
  • one piece of biometric information is first obtained from the new user, feature information is extracted from the obtained biometric information, and the biometric information and feature quantity of each of the existing users in the existing user database are compared. It is determined how much the biometric information of the new user is similar to the biometric information of the existing user group.
  • the biometric information is added to the database as the registered biometric information of the new user, Prompt to use. If the degree of similarity is above a certain level, that is, the degree of impersonation by another person is above a certain standard, the acquired biological information is rejected and another biological information is acquired from the new user. In the same manner, the biometric information of each existing user in the existing user database and the feature amount are compared, and biometric information in the case where the degree of similarity is below a certain level is found and registered in the user database.
  • biometric information acquired from the new user is determined how similar the biometric information acquired from the new user is to the biometric information group of the existing user, and the result is used to prompt the user to use the biometric information at the time of personal authentication. It is a registration method that provides more secure authentication by proposing whether to use another living body.
  • the present invention has been made in view of the above, and provides a biometric registration / authentication system, a biometric registration / authentication apparatus, and a biometric registration / authentication method that can sufficiently reduce the risk of impersonation by others.
  • the purpose is to do.
  • a biometric registration / authentication system includes a terminal that registers biometric information of a user and a host computer that stores the registered biometric information.
  • a biometric registration / authentication system connected via the terminal, wherein the terminal captures the user's biometric information, and an input unit that receives input of additional information for identifying the user's characteristics;
  • a display unit that displays a determination result indicating whether or not registration of the user's biometric information is possible, and transmits the biometric information and the additional information to the host computer, or receives the determination result from the host computer.
  • a terminal control unit that displays on the display unit, and the host computer has the same number of users as the number of users of the biometric registration / authentication system.
  • a storage unit that stores information and the additional information; and the biological information and additional information of the user received from the terminal; the biological information and additional information stored in the storage unit; and the received biological information
  • a host control unit that determines whether or not the user is registered based on the similarity to the additional information and transmits the result to the terminal as the determination result.
  • a biometric registration / authentication apparatus is a biometric registration / authentication apparatus for registering biometric information of a user connected via a network to a host computer that stores biometric information.
  • a display unit for displaying a determination result indicating whether or not information can be registered, and the host information and the biometric information captured by the sensor and the additional information for identifying the feature of the user input by the input unit.
  • the user is registered based on the degree of similarity between the biometric information and the additional information and the biometric information and additional information for the number of users of the biometric registration / authentication system transmitted from the host computer Terminal control that receives a result of whether or not and displays a determination result indicating whether or not registration of the biometric information of the user is possible Characterized in that it comprises a and.
  • the biometric registration / authentication method is a biometric registration / authentication system in which a terminal that registers biometric information of a user and a host computer that stores the registered biometric information are connected via a network.
  • a biometric registration / authentication method to be performed comprising: biometric information of the user captured from a sensor included in the terminal; and additional information for identifying the characteristics of the user input from an input unit of the terminal.
  • the biometric information and the additional information for the number of users of the biometric registration / authentication system stored in the storage unit, and the biometric information and additional information received from the terminal Determining whether or not the user is registered based on the degree, and whether or not the result can be registered for the biometric information of the user And transmitting to the terminal a judgment result indicating, characterized in that it comprises the steps of: displaying on the display unit receives the judgment result from the host computer.
  • biometric registration / authentication system a biometric registration / authentication apparatus, a biometric registration / authentication method, and a biometric registration / authentication program that can sufficiently reduce the risk of spoofing by others. it can.
  • FIG. 1 is a diagram showing an overall configuration of a biometric registration / authentication system.
  • the biometric registration / authentication system includes each branch 101 in banking business and a data center 107 that exchanges various data with each branch 101. They are connected to each other by a backbone network 105 such as a dedicated line.
  • Each branch 101 in banking business is provided with a terminal computer 102 operated by a bank clerk or an attendant and a biometric authentication device 103 connected to the terminal computer 102. It is controlled by receiving the acquired biological indication.
  • the terminal computer 102 and the biometric authentication device 103 may be remotely connected via a network in addition to an I / O connection represented by a USB (Universal Serial Bus) connection.
  • USB Universal Serial Bus
  • the data center 107 has a host computer 108.
  • the host computer 108 includes a user additional information database 109, a user biometric information database 110, a biometric authentication program 112, and a user additional information comparison program 113.
  • a user additional information database 109 includes a user additional information database 109, a user biometric information database 110, a biometric authentication program 112, and a user additional information comparison program 113.
  • biometric information 104 regarding the user, name, sex, age, height, current address (residence), registration
  • the additional information 104 for identifying the characteristics of the user such as the name of the branch office that performs the registration is also registered.
  • the host computer 108 compares the biometric information of the user with the biometric information stored in the user biometric information database 110 and is stored in the user additional information and the user additional information database 109. Comparison with additional information. Then, the host computer 108 determines whether or not the user who is to be newly registered has already been registered in the database based on the biometric similarity and the additional information similarity from the plurality of biometric information 104. And the determined result is presented to the user as a search result 106. Furthermore, the host computer 108 identifies a biometric with a low risk of impersonation by another person during personal authentication, presents the identified result to the user as a biometric 114 recommended for use of biometric authentication, and performs subsequent personal authentication. The user is prompted to use the living body.
  • the configuration of the host computer 108 is not particularly illustrated, but a control unit constituted by an arithmetic device such as a CPU (Central Processing Unit) for executing various processes shown below, Assume that hardware such as a memory for storing various programs and data is included. And when performing the process mentioned later, a control part reads a program mentioned above from memory etc., and controls various processes and transactions.
  • a control unit constituted by an arithmetic device such as a CPU (Central Processing Unit) for executing various processes shown below, Assume that hardware such as a memory for storing various programs and data is included. And when performing the process mentioned later, a control part reads a program mentioned above from memory etc., and controls various processes and transactions.
  • a control unit constituted by an arithmetic device such as a CPU (Central Processing Unit) for executing various processes shown below, Assume that hardware such as a memory for storing various programs and data is included. And when performing the process mentioned later, a control part reads a program mentioned
  • FIG. 2 is a diagram illustrating a configuration example of the biometric authentication device 103.
  • a CPU 201 is a processor responsible for data processing in the biometric authentication device 103 and manages execution of various programs, which will be described later, and processing and control of various data.
  • the peripheral device I / O port 202 is an interface for connecting the biometric authentication device 103 and the terminal computer 102.
  • the biometric authentication illumination 203 is for acquiring a biometric image, and a near infrared LED or the like suitable for image acquisition is used.
  • the image sensor 204 is a sensor for acquiring a biometric image.
  • the biometric pattern irradiated by the biometric illumination 203 is acquired as image data by a CCD (Charge Coupled Device) camera or the like.
  • CCD Charge Coupled Device
  • the overall apparatus control program 208 is a program that controls the entire biometric authentication apparatus 103.
  • the peripheral device I / O control program 209 is a program for controlling the peripheral device I / O port 202.
  • the image buffer 210 is an area for storing biological image data acquired by the image sensor 204.
  • each program performs a process by performing a predetermined function by being executed by the CPU 101.
  • these programs are stored in the main storage device 206.
  • the entire device control means, the peripheral I / O control means, the authentication means, etc. And can be expressed as means for realizing those functions.
  • FIG. 3 is a diagram illustrating a configuration example of the terminal computer 102.
  • the CPU 301 is a processor responsible for data processing and various controls of the entire authentication system.
  • the peripheral device I / O port 302 is an interface represented by USB for connecting the biometric authentication device 103.
  • the display device 303 is a display for displaying a confirmation display when inputting the additional information of the person, an authentication result, and the like.
  • the input device 305 is a device for inputting user additional information such as a keyboard.
  • a bus 304 is a bus that connects modules in the terminal computer.
  • the main storage device 306 stores various programs.
  • the biometric authentication device control program 307 is a program that controls the biometric authentication device 103 connected via the peripheral device I / O port 302.
  • the peripheral device I / O control program 308 is a program for controlling the peripheral device I / O port 302.
  • the customer information input control program 309 is a program that accepts information input from the input device 305 as customer information.
  • FIG. 4 is a diagram showing an example of user additional information stored in the user additional information database 109.
  • the user additional information database 109 includes identification information (ID) for identifying a user, the name, gender, and height of the user, and the user opens an account and adds it.
  • ID identification information
  • a registered branch (account opening branch) indicating the branch 101 in which the information is registered is stored in association with the current address of the user.
  • the user “Hitachi Taro” identified by the ID “103251” is a man who is 33 years old, is 170-174 cm tall, and currently lives in “xx Town, Chuo-ku, Tokyo”. It shows that. This user also indicates that an account has been opened at the Otemachi branch.
  • the gender, age, height, current address, and registered branch of a user who are highly likely to be at risk of impersonation are listed as examples of additional information. However, it is not necessarily limited to these examples. If there is a possibility of spoofing using items listed on identification documents such as a driver's license or passport, such as date of birth, permanent address, nationality, etc., these items may be included.
  • biometric authentication device 103 and the terminal computer 102 perform biometric registration / authentication processing operations, particularly when opening a store visitor's account in banking operations, the store visitor has already opened an account.
  • An embodiment of the processing operation for checking whether the service is open will be described.
  • the CPU 301 of the computer 102 executes the customer information input control program 309, and the input device 305 receives input of additional information of the user from the operator of the terminal computer 102 (S501).
  • the CPU 301 executes the biometric authentication device control program 307, transmits an activation signal to the biometric authentication device 103, and activates the biometric authentication device (S502). Then, the biometric authentication device 103 activates the CPU 201 based on the received activation signal, and executes the programs 208 to 209. In step S ⁇ b> 503, the CPU 301 executes the biometric authentication device control program 307 and transmits a biometric image acquisition processing activation signal to the biometric authentication device 103.
  • the biometric authentication device 103 detects it and controls the biometric authentication illumination 203 and the image sensor 204 to acquire a biometric image.
  • the biological image to be acquired acquires n biological bodies that are determined in advance. For example, in finger vein authentication, there are 6 living fingers such as the index finger, middle finger, and ring finger for each of the left hand and right hand, and in iris authentication, it is a living body such as 2 in total for the right eye and left eye.
  • the CPU 301 transmits the user's biological information and additional information 104 to the host computer 108 via the backbone network 105.
  • the host computer 108 collates and adds the biometric information in the database based on the user's biometric information and the additional information 104 received from the terminal computer 102 in the processes of FIGS. 6, 7, and 8 to be described later. Whether the user who acquired the biometric information by collating with the information has already been registered in the database, and of the n pieces of biometric information of the user acquired in S503, which biometric information is the most impersonated by others. It is determined whether the risk is small, and the result is returned to the terminal computer 102 in S505.
  • the terminal computer 102 that has received the determination result determines whether or not the user has already been registered (S506), and if it is determined that the user has already been registered, the terminal computer 102 determines that the user has already registered in S507. Perform the corresponding process.
  • the registration rejection display is used for the purpose of preventing double registration of the user. However, the registration rejection display is not particularly required if the process should be performed when the user is already registered.
  • FIG. 11 is a diagram illustrating an example of a registration rejection display screen displayed on the display device 303 when the CPU 301 rejects registration in S507. As shown in FIG. 11, the registration rejection display screen displays that the user has already been registered and that new registration cannot be accepted.
  • the CPU 301 of the terminal computer 102 As the corresponding processing in S508, the user has not been registered at the present time, and the new registration is OK (allows new registration). ) Is displayed on the display device 303. Further, as a living body having a low risk of impersonation by another person, the type of the living body most suitable for the personal authentication received in S505 is shown, and the living body is used by the user. A guidance screen for prompting the user to do so is displayed on the display device 303.
  • FIG. 9 is a diagram showing an example of the above-described guidance screen.
  • FIG. 10 is a diagram illustrating an example of the above-described new registration permission screen.
  • the new registration permission screen displays that the user has not been registered at the present time and that the new registration is OK.
  • the guidance screen displays the recommended biological body (the user's finger in FIG. 9) in the order of the lowest possibility of impersonation by others (low similarity). Are displayed in order.
  • the CPU 301 of the terminal computer 102 displays the above-described guidance screen on the display device 303, the user can easily determine which biological information should be registered as biological information with the least risk of impersonation by others. Can be recognized.
  • the terminal computer 102 transmits the user's biological information and additional information to the host computer 108, and the host computer 108 holds the information.
  • the processing of S508 At the timing when the process ends, a bank clerk or an attendant inserts the user's cash card into a card reader (not shown) connected to the terminal computer 102, and the IC chip included in the inserted cash card holds the information. It is also possible. In this case, authentication can be rejected when the cash card user is different from the user at the time of registration.
  • FIG. 6 is a diagram showing an overall outline of processing in the host computer 108.
  • step S ⁇ b> 601 the host computer 108 receives n pieces of user biometric information and additional information from the terminal computer 102. Thereafter, in S602, the host computer 108 searches and collates the user additional information database 109 and the user biometric information database 110 based on the information received in S601, and the user has already been registered in the database. It is determined whether or not. Note that the processing content in S602 will be described in detail with reference to FIG.
  • step S603 the host computer 108 similarly searches and collates the user additional information database 109 and the user biometric information database 110 based on the information received in step S601, and obtains n pieces obtained from the user.
  • the biometric information is searched and determined which biometric authentication is the safest during the personal authentication, that is, whether the similarity with the existing user is low and impersonation by another person is difficult. Note that the processing content in S603 will be described in detail with reference to FIG. Thereafter, in S604, the host computer 108 transmits the results of S602 and S603 to the terminal computer 102, and ends the process.
  • FIG. 7 is an example of details of processing in step S602 in FIG.
  • the host computer 108 executes the biometric authentication program 112 of the host computer 108, and extracts n pieces of biometric information and additional information for one existing user from the user biometric information database 110 (S701).
  • the host computer 108 uses the n pieces of biological information 104 received from the terminal computer 102 and the n pieces of biological information extracted in step S701, and compares the corresponding pieces of biological information. The degree of similarity between the two pieces of biological information is calculated (S702).
  • the corresponding biometric information corresponds to the corresponding biometric information, for example, the index fingers of the right hand, the middle finger, in the case of finger vein authentication, the right eye, the left eye, etc. in the case of iris authentication.
  • step S703 the host computer 108 determines whether or not the number of n similarities calculated in step S702 exceeds a predetermined similarity threshold is equal to or more than the predetermined number P. If it is determined whether or not the number exceeding the similarity threshold is equal to or greater than the number P (S703; Yes), the user who is going to register is extremely similar to the user extracted in S701. It is similar and it is determined that it is already registered in the database (S710), and the process is terminated. That is, in S703, the host computer 108 determines how much the user who is trying to register is very similar to the registered user (how much is black).
  • step S704 when the host computer 108 determines that the number exceeding the similarity threshold is not equal to or more than the predetermined number P (S703; No), in step S704, the n computers calculated in step S703 are used.
  • the similarity it is determined whether or not the number exceeding the predetermined similarity threshold is equal to or less than the predetermined number Q (S704), and the number is equal to or less than the number Q.
  • the user who is going to register determines that it is not very similar to the user extracted in S701, and proceeds to the comparison with the next existing user (S711). In other words, in S704, the host computer 108 determines how much the user who is trying to register is not very similar to the registered user (how much it is white).
  • the number is set so that P> Q, and a registered user who is very similar to the user is determined, and then a registered user that is not very similar to the user is determined.
  • a transaction device such as ATM (Automated Teller Machine) that authenticates users in an area where the number of crimes due to impersonation by others is low
  • the number of registered users that are very similar to users tends to be small It is thought that there is. Therefore, in order to increase the speed of the process search, a registered user who is not very similar to the user may be determined first.
  • step S704 the host computer 108 determines that the number of the n similarities calculated in step S703 exceeds the predetermined similarity threshold is not less than the predetermined number Q (S704; No). ), It is determined whether the existing user taken out in S701 is the same person as the user to be registered or whether it is another person (gray zone). The user is not very similar to the user extracted in S701, but is determined to be likely to be similar, and in S705, S706, and S707, additional information such as the height, age, and address of the user is added. If either of them is similar, the user extracted in S701 and the user who is about to register Although not very similar, it is determined that their high possibility, already determined to be registered in the database (S710), the process ends.
  • the host computer 108 determines that none of the additional information is similar, the host computer 108 determines that the user extracted in S701 is a different person from the user who intends to register, and The process proceeds to comparison with existing users (S712).
  • biometric authentication when biometric authentication is performed, there are three branches, i.e., whether the person is the person (P or more similarities greater than or equal to the threshold value), the other person (Q or less similarities equal to or greater than the threshold value), or whether the determination is suspended.
  • the biometric authentication result is branched and the determination is suspended, it is possible to improve the authentication accuracy by comparing the additional information of the user and determining whether the person is the other person or not.
  • the determination based on the additional information is performed in the order of the user's height difference, age difference, and residence distance.
  • Can do For example, when an ATM is installed in a region where there are many elderly people, it is considered that the users are in an age group close to each other, and thus it may be difficult to narrow down the number of people. Therefore, in such a case, the determination based on the age difference may be performed last.
  • FIG. 8 is an example of the processing details of the processing S603 in FIG.
  • the host computer 108 activates the biometric authentication program 112, extracts biometric information for one user from the user biometric information database 110, compares it with the biometric information 104 received from the terminal computer 102, and n Calculate the degree of similarity.
  • the host computer 108 subtracts n similarities according to the distance of the physical distance of the residence between the existing user extracted in S802 and the new user. In this case, the host computer 108 increases the subtraction value as the distance increases, and decreases the subtraction value as the distance decreases. In other words, the closer the residence between the users, the higher the risk of impersonation by others.
  • the host computer 108 subtracts n similarities according to the size difference between the users, similar to the subtraction of the similarity based on the physical distance of the residence in S803.
  • the larger the height difference the larger the subtraction value, and the smaller, the smaller the subtraction value.
  • the smaller the height difference between users the higher the risk of impersonation by others.
  • step S805 the host computer 108 subtracts a certain value from the n similarities when the gender between the users is different. In other words, if the gender between users is the same, the theory is that the risk of impersonation by others increases.
  • the host computer 108 matches these pieces of information. It is good also as subtracting a fixed value from the similarity mentioned above, when it is judged whether it is in agreement.
  • the determination of height difference and gender in S803 and S804 is performed, for example, by a bank clerk or an attendant when biometric information is registered and the data is input, and the input data is compared with the data of registered users. Or, the height and gender may be analyzed from image data such as a camera, and the use and data of registered users may be compared.
  • the size of a reference object is captured in advance, and it is determined how large the user's height is with respect to that object in the image. .
  • a determination method cannot measure the height itself with high accuracy.
  • the image of the user and the image of the registered user are imaged with the same accuracy based on the size of the predetermined object, the height error in these images is considered to be the same. You can get a height difference.
  • gender from image data for example, feature information such as hair, body shape, face contour, etc. is acquired from an external site, and the average value (for example, average value for each age) is used as a reference.
  • the determination may be made statistically, for example, when the feature information of the user on the image is within a certain range from the reference value, it is determined to be any gender.
  • the residence of the user is described as an example of the additional information, but the same applies to the registered branch. Therefore, the determination in S707 or S803 may be performed using a registered branch instead of the place of residence. Furthermore, the determination described above in these steps may be performed using both the residence and the registered branch.
  • the host computer 108 calculates n total similarities in which the similarity of the additional information of the user is added to the biometric similarity of the user, and the comparison is made for one existing user. As a result, save the result.
  • the host computer 108 performs the above processing for all existing users in the database (S807), and calculates the average of the total similarity for each n living organisms from the calculated total similarity of n ⁇ M people. Is calculated (S808). Thereafter, in S809, the host computer 108 determines that the living body having the lowest similarity is the safest living body for personal authentication from the calculated n similarity averages, and as shown in FIG. The biological information is displayed on the guidance screen in ascending order of similarity.
  • the biometric registration / authentication system is characterized in that n pieces of biometric information acquired from users are compared with biometric information of existing users in the database, and n pieces of similarity are obtained. And n total similarities are calculated in consideration of user attribute information. Then, by performing the above comparison process for all existing users, the average of n total similarity is obtained, and the living body having the lowest overall similarity is regarded as the living body that is most unlikely to be spoofed by others. By prompting the user to use it for personal authentication, a safe personal authentication means can be provided.
  • the new user can enter the database.
  • a large-scale biometric registration / authentication system for example, a biometric registration / authentication system in which millions to tens of millions of users exist
  • new users are registered in the database.
  • additional information such as gender, age, height, current address, registered location, etc. of the new user is associated and registered.
  • biometric authentication and additional information similarity authentication are performed to determine whether the new user is a truly new user or whether an existing user is falsely registering as a new user. It becomes possible to detect by doing.
  • the biometric information and additional information of the user are compared with the biometric information and additional information of the registered user, and the similarity is obtained.
  • FIG. 12 is a flowchart showing a processing procedure of authentication processing using optimal biometric information with a low risk of impersonation by another person.
  • the user operates a transaction device (not shown) such as an ATM installed in each branch office or the ATM installed in a convenience store together with the terminal computer 102 shown in FIG. Is done by.
  • the host computer 108 determines whether or not these biometric information and additional information match the biometric information and additional information of the user at the time of registration (S1203). If it is determined that they match (S1203; Yes), the user is authenticated, the result is transmitted to the terminal computer 102, and the fact that the authentication is OK is displayed on the display device 303 of the terminal computer 102 (S1204).
  • the host computer 108 determines that these pieces of information do not match the information at the time of registration (S1203; No), the host computer 108 transmits error information indicating that the user cannot be authenticated to the terminal computer 102, and A message indicating an authentication error is displayed on the display device 303 of the computer 102 (S1205).
  • the user since the user is authenticated using the biometric information and additional information of the user at the time of registration, the user can be authenticated while reducing the risk due to impersonation by others.
  • each piece of information is stored in an IC chip of the user's cash card when registering biometric information and additional information, and the ATM is provided when the user operates the ATM.
  • the biometric authentication device may read the biometric information of the user and cause the host computer 108 to transmit the read biometric information.
  • the biometric information is measured by a bank clerk or an attendant, and the additional information data is input, or the height is obtained from the image data such as a camera.
  • the additional information data may be generated by the ATM by analyzing the sex, and each of these data may be transmitted to the host computer 108.
  • the present invention is not limited to the above-described embodiment as it is, and can be embodied by modifying the constituent elements without departing from the scope of the invention in the implementation stage.
  • various inventions can be formed by appropriately combining a plurality of constituent elements disclosed in the above embodiments. For example, some components are deleted from all the components shown in the embodiment, such as performing registration and authentication of a user using a terminal device in which the terminal computer 102 and the biometric authentication device 103 are integrated. Also good.
  • constituent elements over different embodiments may be appropriately combined.

Abstract

Provided are a biometric registration/authentication system, a biometric registration/authentication device, and a biometric registration/authentication method, with which the risk of impersonation by another person can be adequately reduced. In this biometric registration/authentication system a terminal with which user biometric information is registered and a host computer that stores the registered biometric information are connected via a network. The terminal is equipped with: a sensor that picks up user biometric information; an input unit that accepts inputs of supplemental information for the purpose of identifying characteristics of the user; a display unit that displays a determination result indicating whether the user's biometric information can be registered; and a terminal control unit that transmits the biometric information and the supplemental information to the host computer or receives the determination result from the host computer and displays this result on the display unit. The host computer is equipped with: a storage unit that stores biometric information and supplemental information for each user of the biometric registration/authentication system; and a host control unit that receives the biometric information and the supplemental information from the terminal, determines whether the user is registered on the basis of the similarity between the biometric information and supplemental information stored in the storage unit and the received biometric information and supplemental information, and transmits to the terminal the result thereof, as a determination result.

Description

生体登録・認証システム、生体登録・認証装置、および生体登録・認証方法Biometric registration / authentication system, biometric registration / authentication device, and biometric registration / authentication method
 本発明は、利用者の生体情報と、例えば、性別、年齢、身長、現住所などの付加情報とを使用して、利用者の登録、認証を行う生体登録・認証システム、生体登録・認証装置、および生体登録・認証方法に関する。 The present invention is a biometric registration / authentication system, a biometric registration / authentication device that performs user registration and authentication using biometric information of a user and, for example, additional information such as gender, age, height, and current address, And a biometric registration / authentication method.
 近年、急速な情報化社会の進展に伴い、企業や自治体等で、個人情報、機密に対する管理意識が高まっている。また、金融業界では印鑑偽造、カード偽造等による不正取引が大きな問題となっている。これに伴って、「個人固有の特徴」を用いる生体認証が、偽造や盗難、紛失、不正譲渡の危険が少ない、確度、精度の高い個人認証手段として認知されつつある。さらに、生体情報による認証技術の使用者、使用環境、目的の多様化が進むにつれて、単一回の生体認証のみで多様化する要件に対応していくのは困難と考えられる。 In recent years, with the rapid development of the information society, management awareness of personal information and confidentiality is increasing in companies and local governments. In the financial industry, fraudulent transactions such as forgery of stamps and forgery of cards are a major problem. Along with this, biometric authentication using “individual features” is being recognized as a highly accurate and accurate personal authentication means with less risk of forgery, theft, loss and unauthorized transfer. Furthermore, as users, use environments, and purposes of biometric information authentication technology are diversified, it is considered difficult to meet diversified requirements with only a single biometric authentication.
 これに対し、新規利用者登録時、出来るだけ既存利用者と類似していない生体情報を登録する手段を利用することにより、利用者が本人認証する際に、他人によるなりすましをされにくくする技術的努力がなされている(特許文献1参照)。この登録手段は、新規利用者の生体情報登録時に、該新規利用者から複数個の生体情報を取得する。その際、該新規利用者からまず1個の生体情報を取得し、取得した該生体情報から特徴情報を抽出し、既存利用者データベース内の該既存利用者それぞれの生体情報と特徴量を比較し、該新規利用者の生体情報が、どの程度該既存利用者集団の生体情報と類似しているかの判定を行う。 On the other hand, at the time of new user registration, by using means to register biometric information that is not similar to existing users as much as possible, when a user authenticates himself / herself, it is difficult to impersonate others Efforts have been made (see Patent Document 1). The registration means acquires a plurality of pieces of biometric information from the new user when registering the biometric information of the new user. At that time, one piece of biometric information is first obtained from the new user, feature information is extracted from the obtained biometric information, and the biometric information and feature quantity of each of the existing users in the existing user database are compared. It is determined how much the biometric information of the new user is similar to the biometric information of the existing user group.
 その際、類似度がある一定以下の場合には、即ち他人によるなりすましのされやすさがある一定基準以下であるため、該新規利用者の登録生体情報としてデータベースに加え、本人認証時に該生体情報を使用するように促す。類似度がある一定以上の場合には、即ち他人によるなりすましのされやすさがある一定基準以上であるため、該取得した生体情報は棄却し、該新規利用者から別の生体情報を取得する。以下同様にして、既存利用者データベース内の該既存利用者それぞれの生体情報と特徴量を比較し、類似度がある一定以下の場合となる生体情報を見つけ、利用者データベースに登録する。 At that time, if the degree of similarity is below a certain level, that is, the degree of impersonation by another person is below a certain standard, the biometric information is added to the database as the registered biometric information of the new user, Prompt to use. If the degree of similarity is above a certain level, that is, the degree of impersonation by another person is above a certain standard, the acquired biological information is rejected and another biological information is acquired from the new user. In the same manner, the biometric information of each existing user in the existing user database and the feature amount are compared, and biometric information in the case where the degree of similarity is below a certain level is found and registered in the user database.
 以上のようにして、新規利用者より取得した生体情報が、既存利用者の生体情報群とどの程度類似しているかを判定し、その結果をもって、本人認証時に、その生体情報を利用するよう促すか、別の生体を利用すべきかの提案を行うことにより、より安全な認証を提供する登録方式である。 As described above, it is determined how similar the biometric information acquired from the new user is to the biometric information group of the existing user, and the result is used to prompt the user to use the biometric information at the time of personal authentication. It is a registration method that provides more secure authentication by proposing whether to use another living body.
特開2010-26959公報JP 2010-26959 A
 該公知例のように、生体情報を登録する際、既存登録生体情報との類似度をチェックしながら、出来るだけ他人との類似度が低い生体情報を登録することにより、本人認証の際、他人によるなりすましの危険性をある程度低減させることが出来る。 When registering biometric information, when registering biometric information, the biometric information with the lowest similarity to other people is registered while checking the similarity with the existing registered biometric information. The risk of spoofing due to can be reduced to some extent.
 しかしながら、既存登録者数が数百万人から数千万人にも及ぶような大規模な生体登録・認証システムにおいては、該公知例の方式を適用しても、類似した生体情報を持つ既存利用者が多数見つかり、その結果、他人によるなりすましの危険性を低減させるのに十分な効果が得られないことが予想され、より安全な本人登録、および認証の手段が求められる。すなわち、単に生体情報の類似度を考慮しただけでは、他人によるなりすましの危険性を十分に低減させることができないという問題があった。 However, in a large-scale biometric registration / authentication system in which the number of existing registrants ranges from several million to tens of millions, even if the method of the known example is applied, existing biometric information having similar biometric information A large number of users are found, and as a result, it is expected that a sufficient effect for reducing the risk of impersonation by others will not be obtained, and a safer means of identity registration and authentication is required. That is, there is a problem that the risk of impersonation by another person cannot be sufficiently reduced simply by considering the similarity of biometric information.
 本発明は、上記に鑑みてなされたものであって、他人によるなりすましの危険性を十分に低減させることが可能な生体登録・認証システム、生体登録・認証装置、および生体登録・認証方法を提供することを目的とする。 The present invention has been made in view of the above, and provides a biometric registration / authentication system, a biometric registration / authentication apparatus, and a biometric registration / authentication method that can sufficiently reduce the risk of impersonation by others. The purpose is to do.
 上述した課題を解決し、目的を達成するために、本発明にかかる生体登録・認証システムは、利用者の生体情報を登録する端末と、登録された前記生体情報を記憶するホストコンピュータとがネットワークを介して接続された生体登録・認証システムであって、前記端末は、前記利用者の生体情報を取り込むセンサと、前記利用者の特徴を識別するための付加情報の入力を受け付ける入力部と、前記利用者の生体情報について登録が可能か否かを示す判定結果を表示する表示部と、前記生体情報と前記付加情報とを前記ホストコンピュータに送信し、または前記ホストコンピュータから前記判定結果を受信して前記表示部に表示させる端末制御部と、を備え、前記ホストコンピュータは、前記生体登録・認証システムの利用者数分の前記生体情報と前記付加情報とを記憶する記憶部と、前記端末から前記利用者の生体情報と付加情報とを受信し、前記記憶部に記憶されている生体情報および付加情報と、受信した前記生体情報および付加情報との類似度に基づいて前記利用者が登録されているか否かを判定し、その結果を前記判定結果として前記端末に送信するホスト制御部と、を備えることを特徴とする。 In order to solve the above-described problems and achieve the object, a biometric registration / authentication system according to the present invention includes a terminal that registers biometric information of a user and a host computer that stores the registered biometric information. A biometric registration / authentication system connected via the terminal, wherein the terminal captures the user's biometric information, and an input unit that receives input of additional information for identifying the user's characteristics; A display unit that displays a determination result indicating whether or not registration of the user's biometric information is possible, and transmits the biometric information and the additional information to the host computer, or receives the determination result from the host computer. And a terminal control unit that displays on the display unit, and the host computer has the same number of users as the number of users of the biometric registration / authentication system. A storage unit that stores information and the additional information; and the biological information and additional information of the user received from the terminal; the biological information and additional information stored in the storage unit; and the received biological information And a host control unit that determines whether or not the user is registered based on the similarity to the additional information and transmits the result to the terminal as the determination result.
 また、本発明にかかる生体登録・認証装置は、生体情報を記憶するホストコンピュータにネットワークを介して接続された利用者の生体情報を登録する生体登録・認証装置であって、前記利用者の生体情報について登録が可能か否かを示す判定結果を表示する表示部と、センサによって取り込まれた前記生体情報と入力部によって入力された前記利用者の特徴を識別するための付加情報とを前記ホストコンピュータに送信し、または前記ホストコンピュータから前記生体登録・認証システムの利用者数分の生体情報と付加情報と、前記生体情報および付加情報との類似度に基づいて前記利用者が登録されているか否かの結果を受信し、前記利用者の生体情報について登録が可能か否かを示す判定結果を表示する表示部に表示させる端末制御部と、を備えることを特徴とする。 A biometric registration / authentication apparatus according to the present invention is a biometric registration / authentication apparatus for registering biometric information of a user connected via a network to a host computer that stores biometric information. A display unit for displaying a determination result indicating whether or not information can be registered, and the host information and the biometric information captured by the sensor and the additional information for identifying the feature of the user input by the input unit. Whether the user is registered based on the degree of similarity between the biometric information and the additional information and the biometric information and additional information for the number of users of the biometric registration / authentication system transmitted from the host computer Terminal control that receives a result of whether or not and displays a determination result indicating whether or not registration of the biometric information of the user is possible Characterized in that it comprises a and.
 また、本発明にかかる生体登録・認証方法は、利用者の生体情報を登録する端末と、登録された前記生体情報を記憶するホストコンピュータとがネットワークを介して接続された生体登録・認証システムにおいて行われる生体登録・認証方法であって、前記端末が有するセンサから取り込まれた前記利用者の生体情報と前記端末の入力部から入力された前記利用者の特徴を識別するための付加情報とを前記ホストコンピュータに送信するステップと、記憶部に記憶された前記生体登録・認証システムの利用者数分の前記生体情報と前記付加情報と、前記端末から受信した前記生体情報および付加情報との類似度に基づいて前記利用者が登録されているか否かを判定するステップと、その結果を前記利用者の生体情報について登録が可能か否かを示す判定結果として前記端末に送信するステップと、前記ホストコンピュータから前記判定結果を受信して表示部に表示させるステップと、を含むことを特徴とする。 The biometric registration / authentication method according to the present invention is a biometric registration / authentication system in which a terminal that registers biometric information of a user and a host computer that stores the registered biometric information are connected via a network. A biometric registration / authentication method to be performed, comprising: biometric information of the user captured from a sensor included in the terminal; and additional information for identifying the characteristics of the user input from an input unit of the terminal. Similar to the step of transmitting to the host computer, the biometric information and the additional information for the number of users of the biometric registration / authentication system stored in the storage unit, and the biometric information and additional information received from the terminal Determining whether or not the user is registered based on the degree, and whether or not the result can be registered for the biometric information of the user And transmitting to the terminal a judgment result indicating, characterized in that it comprises the steps of: displaying on the display unit receives the judgment result from the host computer.
 本発明によれば、他人によるなりすましの危険性を十分に低減させることが可能な生体登録・認証システム、生体登録・認証装置、生体登録・認証方法、および生体登録・認証プログラムを提供することができる。 According to the present invention, it is possible to provide a biometric registration / authentication system, a biometric registration / authentication apparatus, a biometric registration / authentication method, and a biometric registration / authentication program that can sufficiently reduce the risk of spoofing by others. it can.
生体登録・認証システムの全体構成を示す図である。It is a figure which shows the whole structure of a biometric registration and authentication system. 生体認証装置の構成例を示す図である。It is a figure which shows the structural example of a biometrics authentication apparatus. 端末コンピュータの構成例を示す図である。It is a figure which shows the structural example of a terminal computer. 利用者付加情報データベース内に保存されている利用者の付加情報の例を示す図である。It is a figure which shows the example of the user additional information preserve | saved in the user additional information database. 銀行業務の口座開設時における端末コンピュータ102の処理動作の例を示すフローチャートである。It is a flowchart which shows the example of the processing operation of the terminal computer 102 at the time of bank account opening. ホストコンピュータにおける処理動作の例を示すフローチャートである。It is a flowchart which shows the example of the processing operation in a host computer. 図6における処理S602の処理詳細の例を示すフローチャートである。It is a flowchart which shows the example of the process detail of process S602 in FIG. 図6における処理S603の処理詳細の例を示すフローチャートである。It is a flowchart which shows the example of the process detail of process S603 in FIG. 図5における処理S508において本人認証に最適な生体の種類を示し、利用者にその生体を利用するように促すためのガイダンス画面の例を示す図である。It is a figure which shows the example of the guidance screen for showing the kind of living body most suitable for personal authentication in process S508 in FIG. 5, and encouraging a user to use the living body. 図5における処理S508において新規登録を許可する際に表示される新規登録許可画面の例を示す図である。It is a figure which shows the example of the new registration permission screen displayed when permitting new registration in process S508 in FIG. 図5における処理S507において登録拒否をする際に表示される登録拒否表示画面の例を示す図である。It is a figure which shows the example of the registration refusal display screen displayed when refusing registration in process S507 in FIG. 他人によるなりすましのリスクが低い最適な生体情報を用いた認証処理の処理手順を示すフローチャートである。It is a flowchart which shows the process sequence of the authentication process using the optimal biometric information with the low risk of impersonation by others.
 以下、銀行業務における利用者登録、および利用者認証を例にとり、図面を参照して本発明の実施形態について説明する。 Hereinafter, an embodiment of the present invention will be described with reference to the drawings, taking user registration and user authentication in banking operations as an example.
 以下に添付図面を参照して、本発明にかかる生体登録・認証システム、生体登録・認証装置、および生体登録・認証方法の実施の形態を詳細に説明する。なお、以下では、銀行業務における利用者登録、および利用者認証を例に説明しているが、利用者の認証や、その認証のための登録が必要な様々な業務に適用することができる。 Hereinafter, embodiments of a biometric registration / authentication system, a biometric registration / authentication apparatus, and a biometric registration / authentication method according to the present invention will be described in detail with reference to the accompanying drawings. In the following, user registration and user authentication in banking operations are described as examples. However, the present invention can be applied to various operations that require user authentication and registration for the authentication.
 図1は、生体登録・認証システムの全体構成を示す図である。図1に示すように、本実施の形態における生体登録・認証システムは、銀行業務における各支店101と、各支店101との間で種々のデータをやり取りするデータセンタ107とを有し、これらが互いに専用線等の基幹ネットワーク105によって接続されている。 FIG. 1 is a diagram showing an overall configuration of a biometric registration / authentication system. As shown in FIG. 1, the biometric registration / authentication system according to the present embodiment includes each branch 101 in banking business and a data center 107 that exchanges various data with each branch 101. They are connected to each other by a backbone network 105 such as a dedicated line.
 銀行業務における各支店101には、銀行員や係員によって操作される端末コンピュータ102と、端末コンピュータ102に接続された生体認証装置103とが設けられ、生体認証装置103は、端末コンピュータ102により生体の取得生体示を受ける等して制御される。なお、端末コンピュータ102と生体認証装置103とは、USB(Universal Serial Bus)接続に代表されるI/O接続の他、ネットワーク経由で遠隔接続されていても構わない。 Each branch 101 in banking business is provided with a terminal computer 102 operated by a bank clerk or an attendant and a biometric authentication device 103 connected to the terminal computer 102. It is controlled by receiving the acquired biological indication. The terminal computer 102 and the biometric authentication device 103 may be remotely connected via a network in addition to an I / O connection represented by a USB (Universal Serial Bus) connection.
 データセンタ107は、ホストコンピュータ108を有している。図1に示すように、ホストコンピュータ108は、利用者付加情報データベース109と、利用者生体情報データベース110と、生体認証プログラム112と、利用者付加情報比較プログラム113とを有して構成される。具体的には後述するが、利用者が本人登録を行う際、利用者に関する情報として、利用者に関する複数の生体情報104の他、氏名、性別、年齢、身長、現住所(居住地)、また登録を行っている支店名等、利用者の特徴を識別するための付加情報104をあわせて登録する。 The data center 107 has a host computer 108. As shown in FIG. 1, the host computer 108 includes a user additional information database 109, a user biometric information database 110, a biometric authentication program 112, and a user additional information comparison program 113. Specifically, as will be described later, when the user registers himself / herself, as the information regarding the user, in addition to a plurality of biometric information 104 regarding the user, name, sex, age, height, current address (residence), registration The additional information 104 for identifying the characteristics of the user such as the name of the branch office that performs the registration is also registered.
 また、ホストコンピュータ108は、利用者の生体情報と利用者生体情報データベース110内に保存されている生体情報とを比較するとともに、利用者の付加情報と利用者付加情報データベース109内に保存されている付加情報との比較を行う。そして、ホストコンピュータ108は、複数の生体情報104から、生体の類似度や、付加情報の類似度をもとに、新規に登録しようとしている利用者が、既にデータベースに登録済みであるか否かを判定し、判定した結果を検索結果106として利用者に提示する。さらに、ホストコンピュータ108は、本人認証の際、他人によるなりすましのリスクが低い生体を特定し、特定した結果を生体認証の利用に推奨する生体114として利用者に提示し、以後の本人認証にてその生体を利用するよう、利用者に促す。 The host computer 108 compares the biometric information of the user with the biometric information stored in the user biometric information database 110 and is stored in the user additional information and the user additional information database 109. Comparison with additional information. Then, the host computer 108 determines whether or not the user who is to be newly registered has already been registered in the database based on the biometric similarity and the additional information similarity from the plurality of biometric information 104. And the determined result is presented to the user as a search result 106. Furthermore, the host computer 108 identifies a biometric with a low risk of impersonation by another person during personal authentication, presents the identified result to the user as a biometric 114 recommended for use of biometric authentication, and performs subsequent personal authentication. The user is prompted to use the living body.
 なお、本実施の形態では、ホストコンピュータ108の構成については特に図示していないが、以下に示す各種の処理を実行するためのCPU(Central Processing Unit)等の演算装置から構成される制御部や、各種のプログラムやデータを記憶するためのメモリ等のハードウェアを有しているものとする。そして、制御部は、後述する処理を行う場合、メモリ等から上述したプログラムを読み出して実行することにより、各種処理、取引を制御する。 In the present embodiment, the configuration of the host computer 108 is not particularly illustrated, but a control unit constituted by an arithmetic device such as a CPU (Central Processing Unit) for executing various processes shown below, Assume that hardware such as a memory for storing various programs and data is included. And when performing the process mentioned later, a control part reads a program mentioned above from memory etc., and controls various processes and transactions.
 図2は、生体認証装置103の構成例を示す図である。図2において、CPU201は、生体認証装置103におけるデータ処理を担うプロセッサであり、後述する各種のプログラムの実行、及び種々のデータの処理及び制御を司る。周辺装置I/Oポート202は、生体認証装置103と端末コンピュータ102とを接続するためのインタフェースである。生体認証用照明203は、生体画像を取得するためのものであり、画像取得に好適な近赤外光LED等が用いられる。 FIG. 2 is a diagram illustrating a configuration example of the biometric authentication device 103. In FIG. 2, a CPU 201 is a processor responsible for data processing in the biometric authentication device 103 and manages execution of various programs, which will be described later, and processing and control of various data. The peripheral device I / O port 202 is an interface for connecting the biometric authentication device 103 and the terminal computer 102. The biometric authentication illumination 203 is for acquiring a biometric image, and a near infrared LED or the like suitable for image acquisition is used.
 画像センサ204は、生体画像を取得するためのセンサであり、例えば、CCD(Charge Coupled Device)カメラなどにより、生体認証用照明203によって照射された生体パターンを画像データとして取得する。主記憶装置206には、装置を動作させるための各種プログラムやデータ領域が確保されている。装置全体制御プログラム208は、生体認証装置103全体を制御するプログラムである。周辺装置I/O制御プログラム209は、周辺装置I/Oポート202を制御するプログラムである。画像バッファ210は、画像センサ204で取得した生体画像データを格納するための領域である。 The image sensor 204 is a sensor for acquiring a biometric image. For example, the biometric pattern irradiated by the biometric illumination 203 is acquired as image data by a CCD (Charge Coupled Device) camera or the like. In the main storage device 206, various programs and data areas for operating the device are secured. The overall apparatus control program 208 is a program that controls the entire biometric authentication apparatus 103. The peripheral device I / O control program 209 is a program for controlling the peripheral device I / O port 202. The image buffer 210 is an area for storing biological image data acquired by the image sensor 204.
 このように、各プログラムは、CPU101で実行されることで所定の機能を発揮して、それぞれの処理を行う。これらのプログラムは、図2に示すように、主記憶装置206に記憶されているが、CPU201で実行される場合、例えば、装置全体制御手段、周辺I/O制御手段、認証手段などのように、それらの機能を実現する手段として表現することができる。 As described above, each program performs a process by performing a predetermined function by being executed by the CPU 101. As shown in FIG. 2, these programs are stored in the main storage device 206. However, when executed by the CPU 201, for example, the entire device control means, the peripheral I / O control means, the authentication means, etc. , And can be expressed as means for realizing those functions.
 図3は、端末コンピュータ102の構成例を示す図である。CPU301は、認証システム全体のデータ処理、各種の制御を担うプロセッサである。周辺装置I/Oポート302は、生体認証装置103を接続するためのUSBに代表されるインタフェースである。表示装置303は、本人の付加情報を入力する際の確認表示、また認証結果等を表示するディスプレイである。入力装置305は、キーボード等、利用者の付加情報を入力する装置である。バス304は、端末コンピュータ内の各モジュールをつなぐバスである。 FIG. 3 is a diagram illustrating a configuration example of the terminal computer 102. The CPU 301 is a processor responsible for data processing and various controls of the entire authentication system. The peripheral device I / O port 302 is an interface represented by USB for connecting the biometric authentication device 103. The display device 303 is a display for displaying a confirmation display when inputting the additional information of the person, an authentication result, and the like. The input device 305 is a device for inputting user additional information such as a keyboard. A bus 304 is a bus that connects modules in the terminal computer.
 主記憶装置306には、各種プログラムが格納されている。生体認証装置制御プログラム307は、周辺装置I/Oポート302を介して接続されている生体認証装置103を制御するプログラムである。周辺装置I/O制御プログラム308は、周辺装置I/Oポート302を制御するプログラムである。顧客情報入力制御プログラム309は、入力装置305から入力される情報を顧客情報として受け付けるプログラムである。 The main storage device 306 stores various programs. The biometric authentication device control program 307 is a program that controls the biometric authentication device 103 connected via the peripheral device I / O port 302. The peripheral device I / O control program 308 is a program for controlling the peripheral device I / O port 302. The customer information input control program 309 is a program that accepts information input from the input device 305 as customer information.
 図4は、利用者付加情報データベース109内に保存されている利用者の付加情報の例を示す図である。図4に示すように、利用者付加情報データベース109は、利用者を識別するための識別情報(ID)と、その利用者の氏名、性別、身長と、その利用者が口座を開設して付加情報を登録した支店101を示す登録支店(口座開設支店)と、その利用者の現住所とが対応付けて記憶されている。図4では、例えば、ID「103251」によって識別される利用者「日立太郎」は年齢が33歳の男性であり、身長が170~174cm、現在は「東京都中央区xx町」に居住していることを示している。また、この利用者は、大手町支店で口座を開設したことを示している。 FIG. 4 is a diagram showing an example of user additional information stored in the user additional information database 109. As shown in FIG. 4, the user additional information database 109 includes identification information (ID) for identifying a user, the name, gender, and height of the user, and the user opens an account and adds it. A registered branch (account opening branch) indicating the branch 101 in which the information is registered is stored in association with the current address of the user. In FIG. 4, for example, the user “Hitachi Taro” identified by the ID “103251” is a man who is 33 years old, is 170-174 cm tall, and currently lives in “xx Town, Chuo-ku, Tokyo”. It shows that. This user also indicates that an account has been opened at the Otemachi branch.
 なお、本実施の形態における生体登録・認証システムでは、なりすましの危険性が生じ得る可能性の高いと考えられる利用者の性別、年齢、身長、現住所、登録支店を、付加情報の例として挙げているが、必ずしもこれらの例に限られることはない。生年月日や本籍地、国籍等、運転免許証やパスポートなどの身分証明書に記載されている項目を用いてなりすまされる可能性がある場合には、それらの項目を含めることとしてもよい。 In the biometric registration / authentication system according to the present embodiment, the gender, age, height, current address, and registered branch of a user who are highly likely to be at risk of impersonation are listed as examples of additional information. However, it is not necessarily limited to these examples. If there is a possibility of spoofing using items listed on identification documents such as a driver's license or passport, such as date of birth, permanent address, nationality, etc., these items may be included.
 次に、図5を参照して、生体認証装置103及び端末コンピュータ102における生体登録・認証の処理動作、とりわけ銀行業務における来店者の口座開設時に、来店者が口座を開設済みであるか、未開設であるかをチェックする処理動作における一実施例を説明する。 Next, with reference to FIG. 5, when the biometric authentication device 103 and the terminal computer 102 perform biometric registration / authentication processing operations, particularly when opening a store visitor's account in banking operations, the store visitor has already opened an account. An embodiment of the processing operation for checking whether the service is open will be described.
 まず、コンピュータ102のCPU301は、顧客情報入力制御プログラム309を実行し、入力装置305が、端末コンピュータ102のオペレータから、利用者の付加情報の入力を受け付ける(S501)。 First, the CPU 301 of the computer 102 executes the customer information input control program 309, and the input device 305 receives input of additional information of the user from the operator of the terminal computer 102 (S501).
 次に、CPU301は、生体認証装置制御プログラム307を実行し、生体認証装置103に対して起動信号を送信し、生体認証装置を起動する(S502)。そして、生体認証装置103は、受信した起動信号によりCPU201を起動して、各プログラム208~209を実行する。次に、S503として、CPU301は、生体認証装置制御プログラム307を実行し、生体画像取得処理の起動信号を生体認証装置103へ送信する。 Next, the CPU 301 executes the biometric authentication device control program 307, transmits an activation signal to the biometric authentication device 103, and activates the biometric authentication device (S502). Then, the biometric authentication device 103 activates the CPU 201 based on the received activation signal, and executes the programs 208 to 209. In step S <b> 503, the CPU 301 executes the biometric authentication device control program 307 and transmits a biometric image acquisition processing activation signal to the biometric authentication device 103.
 生体認証装置103に生体がセットされると、生体認証装置103はそれを検知し、生体認証用照明203及び画像センサ204を制御し、生体画像を取得する。その際、取得する生体画像はあらかじめ定めておいたn個の生体を取得する。例えば、指静脈認証においては、左手、右手それぞれの人差し指、中指、薬指の計6本、虹彩認証においては右目、左目の計2個、等の生体である。 When a biometric is set in the biometric authentication device 103, the biometric authentication device 103 detects it and controls the biometric authentication illumination 203 and the image sensor 204 to acquire a biometric image. At that time, the biological image to be acquired acquires n biological bodies that are determined in advance. For example, in finger vein authentication, there are 6 living fingers such as the index finger, middle finger, and ring finger for each of the left hand and right hand, and in iris authentication, it is a living body such as 2 in total for the right eye and left eye.
 その後、S504にて、CPU301は、利用者の生体情報および付加情報104を、基幹ネットワーク105を介してホストコンピュータ108に送信する。ホストコンピュータ108は、後述する図6、図7、図8の処理にて、端末コンピュータ102より受信した利用者の生体情報および付加情報104をもとに、データベース内生体情報との照合、および付加情報との照合を行い、生体情報を取得した利用者が、データベースに既に登録済みか否か、またS503で取得した利用者のn個の生体情報のうち、どの生体情報が最も他人によるなりすましのリスクが少ないかを判定し、その結果をS505にて端末コンピュータ102に返す。 Thereafter, in S 504, the CPU 301 transmits the user's biological information and additional information 104 to the host computer 108 via the backbone network 105. The host computer 108 collates and adds the biometric information in the database based on the user's biometric information and the additional information 104 received from the terminal computer 102 in the processes of FIGS. 6, 7, and 8 to be described later. Whether the user who acquired the biometric information by collating with the information has already been registered in the database, and of the n pieces of biometric information of the user acquired in S503, which biometric information is the most impersonated by others. It is determined whether the risk is small, and the result is returned to the terminal computer 102 in S505.
 判定結果を受信した端末コンピュータ102は、CPU301が、利用者が既に登録済みであるか否かを判定し(S506)、利用者が既に登録済みであると判定した場合には、S507にてそれに対応する処理を行う。図5ではS507の例として、利用者の二重登録を防ぐ目的で登録拒否表示としたが、既に利用者が登録されている際に行うべき処理であれば、特に登録拒否表示でなくともよい。図11は、CPU301が、S507において登録拒否をする際に表示装置303に表示させる登録拒否表示画面の例を示す図である。図11に示すように、登録拒否表示画面には、既にその利用者が登録済みであり、新たな登録を受け付けることができない旨表示されている。 The terminal computer 102 that has received the determination result determines whether or not the user has already been registered (S506), and if it is determined that the user has already been registered, the terminal computer 102 determines that the user has already registered in S507. Perform the corresponding process. In FIG. 5, as an example of S507, the registration rejection display is used for the purpose of preventing double registration of the user. However, the registration rejection display is not particularly required if the process should be performed when the user is already registered. . FIG. 11 is a diagram illustrating an example of a registration rejection display screen displayed on the display device 303 when the CPU 301 rejects registration in S507. As shown in FIG. 11, the registration rejection display screen displays that the user has already been registered and that new registration cannot be accepted.
 このように、利用者の生体情報および付加情報を参照して既にその利用者やその利用者になりすました他人が登録されているか否かを判定し、既にこれらの者が登録されていると判定された場合には、新たな登録を受け付けず、二重登録を防止することができる。したがって、他人になりすまされた利用者は、そのなりすましがあったことに登録時点で早期に気づくことができるとともに、銀行員や係員は、その利用者が他人によってなりすまされていることを登録時点で早期に発見することができる。 In this way, it is determined whether or not the user or another person pretending to be the user is registered by referring to the biometric information and additional information of the user, and it is determined that these users are already registered. In such a case, new registration is not accepted and double registration can be prevented. Therefore, a user impersonated by another person can quickly notice that the impersonation has occurred at the time of registration, and a bank employee or attendant can register that the user has been impersonated by another person. It can be discovered early at that time.
 利用者が未登録である場合には、S508にてそれに対応する処理として、端末コンピュータ102のCPU301は、現時点ではその利用者が未登録であり、新規登録がOKである(新規登録を許可する)旨の新規登録許可画面を表示装置303に表示させ、さらに、他人による成りすましのリスクが少ない生体として、S505にて受信した本人認証に最適な生体の種類を示し、利用者にその生体を利用するように促すためのガイダンス画面を表示装置303に表示させる。 If the user has not been registered, the CPU 301 of the terminal computer 102 as the corresponding processing in S508, the user has not been registered at the present time, and the new registration is OK (allows new registration). ) Is displayed on the display device 303. Further, as a living body having a low risk of impersonation by another person, the type of the living body most suitable for the personal authentication received in S505 is shown, and the living body is used by the user. A guidance screen for prompting the user to do so is displayed on the display device 303.
 図9は、上述したガイダンス画面の例を示す図である。また、図10は、上述した新規登録許可画面の例を示す図である。図10に示すように、新規登録許可画面には、現時点ではその利用者が未登録であり、新規登録がOKである旨が表示されている。また、図9に示すように、ガイダンス画面には、その利用者に対して推奨する生体(図9では、利用者の指)を、最も他人によるなりすましの可能性が低い順(類似度が低い順)にならべて表示されている。このように、端末コンピュータ102のCPU301が、表示装置303に上述したガイダンス画面を表示させるので、利用者は、他人によるなりすましのリスクが最も少ない生体情報として、どの生態情報を登録すべきかを容易に認識することができる。 FIG. 9 is a diagram showing an example of the above-described guidance screen. FIG. 10 is a diagram illustrating an example of the above-described new registration permission screen. As shown in FIG. 10, the new registration permission screen displays that the user has not been registered at the present time and that the new registration is OK. Further, as shown in FIG. 9, the guidance screen displays the recommended biological body (the user's finger in FIG. 9) in the order of the lowest possibility of impersonation by others (low similarity). Are displayed in order. Thus, since the CPU 301 of the terminal computer 102 displays the above-described guidance screen on the display device 303, the user can easily determine which biological information should be registered as biological information with the least risk of impersonation by others. Can be recognized.
 なお、本実施の形態では、利用者の生体情報および付加情報を、端末コンピュータ102がホストコンピュータ108に送信し、これらの情報をホストコンピュータ108側で保持することとしているが、例えば、S508の処理が終了したタイミングで、端末コンピュータ102に接続された不図示のカードリーダに銀行員や係員が利用者のキャッシュカードを挿入し、挿入されたキャッシュカードが有するICチップに、これらの情報を保持させることも可能である。この場合、キャッシュカードの利用者が登録時の利用者と異なる場合に認証を拒否することができる。 In the present embodiment, the terminal computer 102 transmits the user's biological information and additional information to the host computer 108, and the host computer 108 holds the information. For example, the processing of S508 At the timing when the process ends, a bank clerk or an attendant inserts the user's cash card into a card reader (not shown) connected to the terminal computer 102, and the IC chip included in the inserted cash card holds the information. It is also possible. In this case, authentication can be rejected when the cash card user is different from the user at the time of registration.
 図6、図7、図8は、ホストコンピュータ108側の処理の一実施例、とりわけ利用者の付加情報として居住地、性別、身長を利用した際の処理の一実施例を示したフローチャートである。図6は、ホストコンピュータ108における処理の全体概要を示した図である。 6, 7, and 8 are flowcharts showing an example of processing on the host computer 108 side, particularly an example of processing when the residence, sex, and height are used as additional information of the user. . FIG. 6 is a diagram showing an overall outline of processing in the host computer 108.
 まず、ホストコンピュータ108は、S601にて、端末コンピュータ102より、利用者のn個の生体情報と、付加情報を受信する。その後、ホストコンピュータ108は、S602にて、S601にて受信した情報をもとに、利用者付加情報データベース109、利用者生体情報データベース110を検索、照合し、利用者がデータベースに登録済みであるか否かについて判定する。なお、本S602における処理内容については、後述の図7を用いて詳細に説明する。 First, in step S <b> 601, the host computer 108 receives n pieces of user biometric information and additional information from the terminal computer 102. Thereafter, in S602, the host computer 108 searches and collates the user additional information database 109 and the user biometric information database 110 based on the information received in S601, and the user has already been registered in the database. It is determined whether or not. Note that the processing content in S602 will be described in detail with reference to FIG.
 次に、ホストコンピュータ108は、S603にて、S601にて受信した情報をもとに、同じく利用者付加情報データベース109、利用者生体情報データベース110を検索、照合し、利用者より取得したn個の生体情報のうち、どの生体による認証が、本人認証の際に最も安全であるか、すなわち既利用者との類似度が低く、他人によるなりすましがされにくいかを検索、判定する。なお、本S603における処理内容については、後述の図8を用いて詳細に説明する。その後、ホストコンピュータ108は、S604にて、S602、ならびにS603の結果を端末コンピュータ102に送信し、処理を終了する。 Next, in step S603, the host computer 108 similarly searches and collates the user additional information database 109 and the user biometric information database 110 based on the information received in step S601, and obtains n pieces obtained from the user. The biometric information is searched and determined which biometric authentication is the safest during the personal authentication, that is, whether the similarity with the existing user is low and impersonation by another person is difficult. Note that the processing content in S603 will be described in detail with reference to FIG. Thereafter, in S604, the host computer 108 transmits the results of S602 and S603 to the terminal computer 102, and ends the process.
 図7は、図6における処理S602の処理詳細の例である。ホストコンピュータ108は、S701にて、ホストコンピュータ108の生体認証プログラム112を実行し、利用者生体情報データベース110より、既存利用者一人分の生体情報n個と付加情報とを取り出す(S701)。次に、ホストコンピュータ108は、S702において、端末コンピュータ102より受信したn個の生体情報104と、S701で取り出したn個の生体情報とを用いて、それぞれ対応する生体情報を比較し、n個の生体情報について両者の類似度を計算する(S702)。この際、対応する生体情報とは、例えば、指静脈認証でいえば右手の人差し指どうし、中指どうし、虹彩認証でいえば右目どうし、左目どうしなどが、それぞれ対応する生体情報にあたる。 FIG. 7 is an example of details of processing in step S602 in FIG. In S701, the host computer 108 executes the biometric authentication program 112 of the host computer 108, and extracts n pieces of biometric information and additional information for one existing user from the user biometric information database 110 (S701). Next, in step S702, the host computer 108 uses the n pieces of biological information 104 received from the terminal computer 102 and the n pieces of biological information extracted in step S701, and compares the corresponding pieces of biological information. The degree of similarity between the two pieces of biological information is calculated (S702). At this time, the corresponding biometric information corresponds to the corresponding biometric information, for example, the index fingers of the right hand, the middle finger, in the case of finger vein authentication, the right eye, the left eye, etc. in the case of iris authentication.
 その後、ホストコンピュータ108は、S703にて、S702にて計算したn個の類似度について、あらかじめ決めておいた類似度閾値を上回っている数が、あらかじめ決めておいた個数P個以上であるか否かを判定し、類似度閾値を上回っている数が、その個数P個以上であると判定した場合(S703;Yes)、登録しようとしている利用者は、S701にて取り出した利用者と極めて似ており、既にデータベースに登録済みであると判定し(S710)、処理を終了する。すなわち、このS703では、ホストコンピュータ108は、登録しようとしている利用者が、既登録者にどの程度きわめて類似しているのか(どの程度クロなのか)を判断している。 Thereafter, in step S703, the host computer 108 determines whether or not the number of n similarities calculated in step S702 exceeds a predetermined similarity threshold is equal to or more than the predetermined number P. If it is determined whether or not the number exceeding the similarity threshold is equal to or greater than the number P (S703; Yes), the user who is going to register is extremely similar to the user extracted in S701. It is similar and it is determined that it is already registered in the database (S710), and the process is terminated. That is, in S703, the host computer 108 determines how much the user who is trying to register is very similar to the registered user (how much is black).
 一方、ホストコンピュータ108は、類似度閾値を上回っている数が、あらかじめ決めておいた個数P個以上でないと判定した場合(S703;No)、さらに、S704において、S703にて計算したn個の類似度について、あらかじめ決めておいた類似度閾値を上回っている数が、あらかじめ決めておいた個数Q個以下であるか否かを判定し(S704)、その数が個数Q個以下である場合、登録しようとしている利用者は、S701にて取り出した利用者と極めて似ていないと判定し、次の既存利用者との比較に進む(S711)。すなわち、このS704では、ホストコンピュータ108は、登録しようとしている利用者が、既登録者にどの程度きわめて類似していないのか(どの程度シロなのか)を判断している。 On the other hand, when the host computer 108 determines that the number exceeding the similarity threshold is not equal to or more than the predetermined number P (S703; No), in step S704, the n computers calculated in step S703 are used. Regarding the similarity, it is determined whether or not the number exceeding the predetermined similarity threshold is equal to or less than the predetermined number Q (S704), and the number is equal to or less than the number Q. The user who is going to register determines that it is not very similar to the user extracted in S701, and proceeds to the comparison with the next existing user (S711). In other words, in S704, the host computer 108 determines how much the user who is trying to register is not very similar to the registered user (how much it is white).
 なお、ここではP>Qとなるように個数を設定し、利用者に極めて似ている既登録利用者を判定した上で、利用者に極めて似ていない既登録利用者を判定しているが、これとは逆に、利用者に極めて似ていない既登録利用者を判定した上で、利用者に極めて似ている既登録利用者を判定することとしてもよい。例えば、他人によるなりすましによる犯罪件数が低い地域に、利用者を認証するATM(Automated Teller Machine)等の取引装置がある場合には、利用者に極めて似ている既登録利用者の数は少ない傾向にあると考えられる。したがって、処理検索の速度を速めるため、利用者に極めて似ていない既登録利用者を先に判定することとしてもよい。 Here, the number is set so that P> Q, and a registered user who is very similar to the user is determined, and then a registered user that is not very similar to the user is determined. On the contrary, it is also possible to determine a registered user who is very similar to the user after determining a registered user who is not very similar to the user. For example, if there is a transaction device such as ATM (Automated Teller Machine) that authenticates users in an area where the number of crimes due to impersonation by others is low, the number of registered users that are very similar to users tends to be small It is thought that there is. Therefore, in order to increase the speed of the process search, a registered user who is not very similar to the user may be determined first.
 ホストコンピュータ108は、S704において、S703にて計算したn個の類似度について、あらかじめ決めておいた類似度閾値を上回っている数が、あらかじめ決めておいた個数Q個以下でない場合(S704;No)、S701で取り出した既存利用者は、登録しようとしている利用者と同一人物であるのか、他人であるのかがあいまいである(グレーゾーンである)と判定し、その場合には、登録しようとしている利用者は、S701にて取り出した利用者と極めて似ていないが、似ている可能性があると判定し、S705、S706、S707において、さらに利用者の身長、年齢、住所などの付加情報をそれぞれ比較し、いずれかが類似している場合には、S701にて取り出した利用者と、登録しようとしている利用者は、極めて似ていないが、その可能性が高いと判定し、既にデータベースに登録済みであると判定し(S710)、処理を終了する。一方、ホストコンピュータ108は、上記付加情報が、いずれも類似していないと判定した場合には、S701にて取り出した利用者は、登録しようとしている利用者と別人であると判定し、次の既存利用者との比較に進む(S712)。 In step S704, the host computer 108 determines that the number of the n similarities calculated in step S703 exceeds the predetermined similarity threshold is not less than the predetermined number Q (S704; No). ), It is determined whether the existing user taken out in S701 is the same person as the user to be registered or whether it is another person (gray zone). The user is not very similar to the user extracted in S701, but is determined to be likely to be similar, and in S705, S706, and S707, additional information such as the height, age, and address of the user is added. If either of them is similar, the user extracted in S701 and the user who is about to register Although not very similar, it is determined that their high possibility, already determined to be registered in the database (S710), the process ends. On the other hand, if the host computer 108 determines that none of the additional information is similar, the host computer 108 determines that the user extracted in S701 is a different person from the user who intends to register, and The process proceeds to comparison with existing users (S712).
 以上のように、生体認証を行う際、本人であるか(閾値以上の類似度P個以上)、他人であるか(閾値以上の類似度Q個以下)、または判断を保留するかの3分岐に生体認証結果を分岐させ、判断保留の場合には、利用者の付加情報を比較することにより、本人か他人であるかの判断を行うことにより、認証精度を向上させることが出来る。 As described above, when biometric authentication is performed, there are three branches, i.e., whether the person is the person (P or more similarities greater than or equal to the threshold value), the other person (Q or less similarities equal to or greater than the threshold value), or whether the determination is suspended. In the case where the biometric authentication result is branched and the determination is suspended, it is possible to improve the authentication accuracy by comparing the additional information of the user and determining whether the person is the other person or not.
 なお、上述した例では、付加情報による判定を、利用者の身長差、年齢差、居住地の距離の順序で行うこととしたが、この順序に限らず適宜順序を入れ替えて処理を実行することができる。例えば、ATMが、地方部で高齢者の多い地域に設置されている場合には、利用者は互いに近い年齢層であると考えられるため、人数が絞り込みにくい可能性がある。したがって、このような場合には、年齢差による判定を最後に行うこととしてもよい。 In the above-described example, the determination based on the additional information is performed in the order of the user's height difference, age difference, and residence distance. Can do. For example, when an ATM is installed in a region where there are many elderly people, it is considered that the users are in an age group close to each other, and thus it may be difficult to narrow down the number of people. Therefore, in such a case, the determination based on the age difference may be performed last.
 図8は、図6における処理S603の処理詳細の例である。ホストコンピュータ108は、S802にて、生体認証プログラム112を起動し、利用者生体情報データベース110から利用者一人分の生体情報を取り出し、端末コンピュータ102より受信した生体情報104との比較を行い、n個の類似度を計算する。 FIG. 8 is an example of the processing details of the processing S603 in FIG. In step S <b> 802, the host computer 108 activates the biometric authentication program 112, extracts biometric information for one user from the user biometric information database 110, compares it with the biometric information 104 received from the terminal computer 102, and n Calculate the degree of similarity.
 その後、ホストコンピュータ108は、S803にて、S802にて取り出した既存利用者と、新規利用者との居住地の物理的距離の遠さに応じて、n個の類似度をそれぞれ減算する。この場合、ホストコンピュータ108は、距離が遠ければ遠い程、減算値を大きく、近ければ近い程、減算値を小さく取る。つまり、利用者間の居住地が近ければ近い程、他人によるなりすましのリスクが高まるという理屈である。 Thereafter, in S803, the host computer 108 subtracts n similarities according to the distance of the physical distance of the residence between the existing user extracted in S802 and the new user. In this case, the host computer 108 increases the subtraction value as the distance increases, and decreases the subtraction value as the distance decreases. In other words, the closer the residence between the users, the higher the risk of impersonation by others.
 次に、ホストコンピュータ108は、S804にて、S803の居住地の物理的距離による類似度の減算同様、利用者間の身長差の大きさに応じて、n個の類似度をそれぞれ減算する。この場合、身長差が大きければ大きい程、減算値を大きく、小さければ小さい程、減算値を小さく取る。つまり、利用者間の身長差が少なければ少ない程、他人によるなりすましのリスクが高まるという理屈である。 Next, in S804, the host computer 108 subtracts n similarities according to the size difference between the users, similar to the subtraction of the similarity based on the physical distance of the residence in S803. In this case, the larger the height difference, the larger the subtraction value, and the smaller, the smaller the subtraction value. In other words, the smaller the height difference between users, the higher the risk of impersonation by others.
 次に、ホストコンピュータ108は、S805にて、利用者間の性別が異なる場合には、n個の類似度からある一定の値を減算する。つまり、利用者間の性別が同じであれば、他人によるなりすましのリスクが高まるという理屈である。 Next, in step S805, the host computer 108 subtracts a certain value from the n similarities when the gender between the users is different. In other words, if the gender between users is the same, the theory is that the risk of impersonation by others increases.
 なお、運転免許証やパスポートなどの身分証明書に含まれる生年月日や本籍地、国籍等の情報を付加情報として設定している場合には、ホストコンピュータ108は、これらの各情報が一致しているか否かを判定し、一致している場合には、上述した類似度から一定の値を減算することとしてもよい。 If information such as date of birth, residence, nationality, etc. included in identification documents such as driver's licenses and passports is set as additional information, the host computer 108 matches these pieces of information. It is good also as subtracting a fixed value from the similarity mentioned above, when it is judged whether it is in agreement.
 また、S803、S804における身長差や性別の判定は、例えば、銀行員や係員によって生体情報の登録時に目測してそのデータを入力させ、入力されたデータと既登録利用者のデータとを比較したり、あるいはカメラ等の画像データから身長や性別を解析し、その利用と既登録利用者とのデータを比較してもよい。 The determination of height difference and gender in S803 and S804 is performed, for example, by a bank clerk or an attendant when biometric information is registered and the data is input, and the input data is compared with the data of registered users. Or, the height and gender may be analyzed from image data such as a camera, and the use and data of registered users may be compared.
 例えば、画像データから身長を解析する場合には、基準となる物体の大きさをあらかじめ撮像しておき、画像内のその物体に対して利用者の身長がどの程度の大きさなのかを判定する。このような判定方法では身長自体を精度よく測定できないような場合も考えられる。しかし、あらかじめ定めた物体の大きさを基準として、利用者を撮像した画像と既登録者を撮像した画像とが同じ精度で撮像され、これらの画像における身長誤差も同程度と考えられるため、適切な身長差得ることができる。また、画像データから性別を解析する場合には、例えば、頭髪や体型、顔の輪郭等の特徴情報を外部サイト等から取得しておき、その平均値(例えば、年齢ごとの平均値)を基準として、画像上の利用者の特徴情報がその基準値からある一定の範囲内にある場合にいずれかの性別であると判定する等、統計的に判定してもよい。 For example, when analyzing height from image data, the size of a reference object is captured in advance, and it is determined how large the user's height is with respect to that object in the image. . There may be a case where such a determination method cannot measure the height itself with high accuracy. However, since the image of the user and the image of the registered user are imaged with the same accuracy based on the size of the predetermined object, the height error in these images is considered to be the same. You can get a height difference. When analyzing gender from image data, for example, feature information such as hair, body shape, face contour, etc. is acquired from an external site, and the average value (for example, average value for each age) is used as a reference. Alternatively, the determination may be made statistically, for example, when the feature information of the user on the image is within a certain range from the reference value, it is determined to be any gender.
 さらに、本実施例では、図7に示したS707や図8に示したS803の各ステップでは、付加情報のうち利用者の居住地を例に説明しているが、登録支店についても同様に考えることができるため、居住地に代えて登録支店を用いてS707やS803の判定を行うこととしてもよい。さらに、居住地および登録支店の両方を用いてこれらのステップで上述した判定を行ってもよい。 Further, in this embodiment, in each step of S707 shown in FIG. 7 and S803 shown in FIG. 8, the residence of the user is described as an example of the additional information, but the same applies to the registered branch. Therefore, the determination in S707 or S803 may be performed using a registered branch instead of the place of residence. Furthermore, the determination described above in these steps may be performed using both the residence and the registered branch.
 以上の処理を行うことにより、ホストコンピュータ108は、利用者の生体類似度に、利用者の付加情報の類似度を加味したn個の総合類似度を計算し、既存利用者1人分の比較結果として、結果を保存する。 By performing the above processing, the host computer 108 calculates n total similarities in which the similarity of the additional information of the user is added to the biometric similarity of the user, and the comparison is made for one existing user. As a result, save the result.
 そして、ホストコンピュータ108は、以上の処理をデータベース内既存利用者すべてに対して行い(S807)、算出したn個×M人の総合類似度から、n個の生体ごとに、総合類似度の平均を算出する(S808)。その後、ホストコンピュータ108は、S809にて、算出したn個の類似度平均のなかから、最も類似度の低い生体を、本人認証に最も安全な生体と判定し、図9に示したように、類似度の低い順に生体情報をガイダンス画面に表示させることとなる。 Then, the host computer 108 performs the above processing for all existing users in the database (S807), and calculates the average of the total similarity for each n living organisms from the calculated total similarity of n × M people. Is calculated (S808). Thereafter, in S809, the host computer 108 determines that the living body having the lowest similarity is the safest living body for personal authentication from the calculated n similarity averages, and as shown in FIG. The biological information is displayed on the guidance screen in ascending order of similarity.
 上記のように、本実施の形態における生体登録・認証システムの特徴とするところは、利用者より取得したn個の生体情報を、データベースの既存利用者の生体情報と比較、n個の類似度を算出したうえで、利用者の属性情報を加味したn個の総合類似度を算出する。そして、以上の比較処理を既存利用者全員に対して行うことにより、n個の総合類似度平均を求め、最も総合類似度の低い生体を、最も他人によるなりすましがされにくい生体として、利用者の個人認証に使用するよう促すことにより、安全な個人認証手段を提供することができる。すなわち、新規利用者の生体情報と、性別や年齢などの付加情報とを、データベース内既存利用者の生体情報と、性別や年齢などの付加情報とを比較することにより、新規利用者がデータベースに既に登録されているか否かを判定する手段、また本人認証の際に使用する最適な生体をシステム側から利用者に提案し、その結果他人によるなりすましのされにくい本人認証を提供する手段を提供することができる。 As described above, the biometric registration / authentication system according to the present embodiment is characterized in that n pieces of biometric information acquired from users are compared with biometric information of existing users in the database, and n pieces of similarity are obtained. And n total similarities are calculated in consideration of user attribute information. Then, by performing the above comparison process for all existing users, the average of n total similarity is obtained, and the living body having the lowest overall similarity is regarded as the living body that is most unlikely to be spoofed by others. By prompting the user to use it for personal authentication, a safe personal authentication means can be provided. That is, by comparing the biometric information of a new user with additional information such as gender and age, and comparing the biometric information of an existing user in the database with additional information such as gender and age, the new user can enter the database. Providing means to determine whether or not it has already been registered, and to provide the user with an optimum biometric to be used for personal authentication from the system side, and as a result, to provide personal authentication that is difficult for others to impersonate be able to.
 具体的には、大規模な生体登録・認証システム(例えば、数百万人から数千万人以上の利用者が存在するような生体登録・認証システム)において、新規利用者をデータベースに登録する際、該新規利用者の生体情報を複数個登録するのに加え、該新規利用者の性別、年齢、身長、現住所、登録した場所などの付加情報を関連付けて登録する。そのうえで、本人認証を行う際、該新規利用者が複数個登録した生体のうち、他人によるなりすましがされにくい生体を選ぶため、既存利用者の生体情報と比較し、類似度を求めるのに加え、該利用者の付加情報を既存利用者の付加情報と比較、類似度を計算し、前記生体の類似度に加味することにより、どの生体を使用すべきかを効果的に選択することが出来、より安全な本人認証手段を提供することができる。加えて、該新規利用者が真に新規の利用者であるのか、または既存利用者が新規の利用者であると偽って登録しようとしているかを、該生体認証、および付加情報の類似度認証を行うことにより検出することが可能となる。 Specifically, in a large-scale biometric registration / authentication system (for example, a biometric registration / authentication system in which millions to tens of millions of users exist), new users are registered in the database. At this time, in addition to registering a plurality of biometric information of the new user, additional information such as gender, age, height, current address, registered location, etc. of the new user is associated and registered. In addition, when performing identity authentication, among biometrics registered by the new user, in order to select a biometric that is difficult to impersonate by another person, in addition to obtaining biometric information of existing users, By comparing the additional information of the user with the additional information of the existing user, calculating the similarity, and adding to the similarity of the living body, it is possible to effectively select which living body should be used, It is possible to provide a safe identification means. In addition, biometric authentication and additional information similarity authentication are performed to determine whether the new user is a truly new user or whether an existing user is falsely registering as a new user. It becomes possible to detect by doing.
 なお、上述した例では、利用者が口座を開設する際に、その利用者の生体情報および付加情報と、既登録利用者の生体情報および付加情報を比較してその類似度を求めたうえで他人によるなりすましのリスクが低い最適な生体情報を登録させることとしたが、その利用者は、登録した最適な生体情報を用いて認証を行い、自らの口座を使用して様々な取引を行うことができるようになる。 In the above-described example, when a user opens an account, the biometric information and additional information of the user are compared with the biometric information and additional information of the registered user, and the similarity is obtained. We decided to register the optimal biometric information with low risk of impersonation by others, but the user authenticates using the registered optimal biometric information and conducts various transactions using his / her own account. Will be able to.
 図12は、他人によるなりすましのリスクが低い最適な生体情報を用いた認証処理の処理手順を示すフローチャートである。認証処理は、例えば、利用者が、図1に示した端末コンピュータ102とともに各支店等に設置されたATMや、コンビニエンスストアに設置されたATM等の取引装置(いずれも不図示)を操作することによって行われる。 FIG. 12 is a flowchart showing a processing procedure of authentication processing using optimal biometric information with a low risk of impersonation by another person. In the authentication process, for example, the user operates a transaction device (not shown) such as an ATM installed in each branch office or the ATM installed in a convenience store together with the terminal computer 102 shown in FIG. Is done by.
 図12に示すように、ホストコンピュータ108は、上述したATMから生体認証装置103が取得した利用者の生体情報および付加情報を受信すると、これらの情報が登録時の利用者の情報であるか否かをチェックする(S1201、S1202)。 As shown in FIG. 12, when the host computer 108 receives the user's biometric information and additional information acquired by the biometric authentication device 103 from the above-described ATM, whether or not these pieces of information are the information of the user at the time of registration. Is checked (S1201, S1202).
 そして、ホストコンピュータ108は、これらの生体情報と付加情報とが登録時の利用者の生体情報および付加情報に一致するか否かを判定し(S1203)、これらの各情報が登録時の情報と一致すると判定した場合には(S1203;Yes)、その利用者を認証してその結果を端末コンピュータ102に送信し、端末コンピュータ102の表示装置303に認証OKである旨を表示させる(S1204)。 Then, the host computer 108 determines whether or not these biometric information and additional information match the biometric information and additional information of the user at the time of registration (S1203). If it is determined that they match (S1203; Yes), the user is authenticated, the result is transmitted to the terminal computer 102, and the fact that the authentication is OK is displayed on the display device 303 of the terminal computer 102 (S1204).
 一方、ホストコンピュータ108は、これらの各情報が登録時の情報と一致しないと判定した場合には(S1203;No)、その利用者を認証できない旨のエラー情報を端末コンピュータ102に送信し、端末コンピュータ102の表示装置303に認証エラーである旨を表示させる(S1205)。このように、登録時の利用者の生体情報および付加情報を用いて利用者を認証するので、他人によるなりすましによるリスクを低減させつつ、利用者を認証することができる。 On the other hand, when the host computer 108 determines that these pieces of information do not match the information at the time of registration (S1203; No), the host computer 108 transmits error information indicating that the user cannot be authenticated to the terminal computer 102, and A message indicating an authentication error is displayed on the display device 303 of the computer 102 (S1205). In this way, since the user is authenticated using the biometric information and additional information of the user at the time of registration, the user can be authenticated while reducing the risk due to impersonation by others.
 なお、図12に示した例では、生体情報および付加情報の登録時に利用者のキャッシュカードが有するICチップにこれらの各情報を記憶させ、利用者がATMを操作する際に、ATMに備えられたカードリーダが生体情報および付加情報を読み出す場合を前提に説明しているが、キャッシュカード側にこれらの情報を保持させていない場合には、認証時にATMに備えられた生体認証装置103と同様の生体認証装置が、その利用者の生体情報を読み取り、読み取った生体情報をホストコンピュータ108に送信させることとしてもよい。さらに、付加情報をホストコンピュータ108に送信する場合には、登録時の場合と同様に、銀行員や係員によって生体情報を目測して付加情報のデータを入力させ、あるいはカメラ等の画像データから身長や性別を解析して付加情報のデータをATMが生成し、これらの各データをホストコンピュータ108に送信してもよい。 In the example shown in FIG. 12, each piece of information is stored in an IC chip of the user's cash card when registering biometric information and additional information, and the ATM is provided when the user operates the ATM. However, if the information is not held on the cash card side, it is the same as the biometric authentication device 103 provided in the ATM at the time of authentication. The biometric authentication device may read the biometric information of the user and cause the host computer 108 to transmit the read biometric information. Further, when transmitting the additional information to the host computer 108, as in the case of the registration, the biometric information is measured by a bank clerk or an attendant, and the additional information data is input, or the height is obtained from the image data such as a camera. Alternatively, the additional information data may be generated by the ATM by analyzing the sex, and each of these data may be transmitted to the host computer 108.
 本発明は、上記実施の形態そのままに限定されるものではなく、実施段階ではその要旨を逸脱しない範囲で構成要素を変形して具体化することができる。また、上記実施の形態に開示されている複数の構成要素の適宜な組み合わせにより、種々の発明を形成することができる。例えば、端末コンピュータ102と生体認証装置103とが一体となった端末装置を用いて利用者の登録や認証を行う等、実施の形態に示される全構成要素からいくつかの構成要素を削除してもよい。さらに、異なる実施の形態にわたる構成要素を適宜組み合わせても良い。 The present invention is not limited to the above-described embodiment as it is, and can be embodied by modifying the constituent elements without departing from the scope of the invention in the implementation stage. In addition, various inventions can be formed by appropriately combining a plurality of constituent elements disclosed in the above embodiments. For example, some components are deleted from all the components shown in the embodiment, such as performing registration and authentication of a user using a terminal device in which the terminal computer 102 and the biometric authentication device 103 are integrated. Also good. Furthermore, constituent elements over different embodiments may be appropriately combined.
101:銀行業務における各支店   102:端末コンピュータ
103:生体認証装置        104:ホストコンピュータに送信される利用者情報の例
105:基幹ネットワーク      106:端末コンピュータに送信される本人判定結果
107:データセンタ        108:ホストコンピュータ
109:利用者付加情報データベース 110:利用者生体情報データベース
112:生体認証プログラム     113:利用者付加情報比較プログラム。 101: Each branch office in banking business 102: Terminal computer 103: Biometric authentication device 104: Example of user information transmitted to the host computer 105: Core network 106: Identity determination result 107: Data center 108: transmitted to the terminal computer Host computer 109: User additional information database 110: User biometric information database 112: Biometric authentication program 113: User additional information comparison program.

Claims (9)

  1.  利用者の生体情報を登録する端末と、登録された前記生体情報を記憶するホストコンピュータとがネットワークを介して接続された生体登録・認証システムであって、
     前記端末は、
     前記利用者の生体情報を取り込むセンサと、
     前記利用者の特徴を識別するための付加情報の入力を受け付ける入力部と、
     前記利用者の生体情報について登録が可能か否かを示す判定結果を表示する表示部と、
     前記生体情報と前記付加情報とを前記ホストコンピュータに送信し、または前記ホストコンピュータから前記判定結果を受信して前記表示部に表示させる端末制御部と、を備え、
     前記ホストコンピュータは、
     前記生体登録・認証システムの利用者数分の前記生体情報と前記付加情報とを記憶する記憶部と、
     前記端末から前記利用者の生体情報と付加情報とを受信し、前記記憶部に記憶されている生体情報および付加情報と、受信した前記生体情報および付加情報との類似度に基づいて前記利用者が登録されているか否かを判定し、その結果を前記判定結果として前記端末に送信するホスト制御部と、
     を備えることを特徴とする生体登録・認証システム。     A biometric registration / authentication system in which a terminal that registers biometric information of a user and a host computer that stores the registered biometric information are connected via a network,
    The terminal
    A sensor that captures the user's biological information;
    An input unit for receiving input of additional information for identifying the characteristics of the user;
    A display unit for displaying a determination result indicating whether or not the biometric information of the user can be registered;
    A terminal control unit that transmits the biological information and the additional information to the host computer, or receives the determination result from the host computer and displays the determination result on the display unit;
    The host computer
    A storage unit for storing the biometric information and the additional information for the number of users of the biometric registration / authentication system;
    The user's biological information and additional information are received from the terminal, and the user is based on the similarity between the biological information and additional information stored in the storage unit and the received biological information and additional information. A host control unit that determines whether or not is registered, and transmits the result to the terminal as the determination result;
    A biometric registration / authentication system comprising:
  2.  前記端末は、
     前記センサが、前記利用者の複数部位の生体情報を取り込み、
     前記表示部が、前記複数部位の生体情報の中で他の利用者との類似度が低い部位を登録部位として推奨するガイダンス画面を表示し、
     前記端末制御部が、取り込まれた前記複数部位の生体情報を前記ホストコンピュータに送信し、または前記ホストコンピュータから前記複数部位の生体情報についての前記類似度の判定結果を受信して前記ガイダンス画面に表示させ、
     前記ホストコンピュータは、
     前記ホスト制御部が、前記端末から前記複数部位の生体情報を受信し、受信した前記複数部位の生体情報のそれぞれと、前記ホストコンピュータの記憶部に記憶されている他の利用者の生体情報のそれぞれとの類似度を判定し、その結果を前記判定結果として前記端末に送信する、
     ことを特徴とする請求項1に記載の生体登録・認証システム。     The terminal
    The sensor captures biological information of a plurality of parts of the user,
    The display unit displays a guidance screen that recommends a part having a low degree of similarity with another user in the biological information of the plurality of parts as a registered part,
    The terminal control unit transmits the captured biometric information of the plurality of parts to the host computer, or receives the determination result of the similarity for the biometric information of the plurality of parts from the host computer and displays it on the guidance screen. Display
    The host computer
    The host control unit receives the biometric information of the plurality of parts from the terminal, and receives each of the received biometric information of the plurality of parts and the biometric information of other users stored in the storage unit of the host computer. Determine the degree of similarity with each of them, and send the result to the terminal as the determination result;
    The biometric registration / authentication system according to claim 1.
  3.  前記ホスト制御部は、前記複数部位の生体情報のそれぞれと、前記他の利用者の生体情報のそれぞれとの類似度を判定した結果、所定の閾値以上の類似度となっている部位の数が一定数以上であって前記一定数よりも大きい数未満の範囲にあるか否かを判定し、前記部位の数が前記範囲にあると判定した場合、さらに前記利用者の付加情報と、前記他の利用者の付加情報との差が所定の範囲にあるか否かを判定し、前記付加情報の差が所定の範囲にないと判定した場合、前記利用者は未登録であると判定し、その結果を前記判定結果として前記端末に送信する、
     ことを特徴とする請求項2に記載の生体登録・認証システム。     The host control unit determines the degree of similarity between each of the biological information of the plurality of parts and each of the biological information of the other users, and as a result, the number of parts having a degree of similarity equal to or greater than a predetermined threshold is obtained. If it is determined whether the number is greater than a certain number and less than a number greater than the certain number, and the number of parts is determined to be within the range, the additional information of the user and the other Determining whether the difference between the additional information of the user and the user is within a predetermined range, and determining that the difference between the additional information is not within the predetermined range, determining that the user is unregistered, The result is transmitted to the terminal as the determination result.
    The biometric registration / authentication system according to claim 2.
  4.  前記端末制御部は、前記ホストコンピュータから前記複数部位についての類似度の判定結果を受信した場合、前記ガイダンス画面に、その類似度の低い順に前記部位を推奨部位として表示させる、
     ことを特徴とする請求項2または3に記載の生体登録・認証システム。     When the terminal control unit receives a determination result of the similarity for the plurality of parts from the host computer, the part is displayed on the guidance screen as a recommended part in ascending order of similarity.
    The biometric registration / authentication system according to claim 2 or 3.
  5.  前記生体登録・認証システムは、さらに前記ネットワークに接続された前記利用者が取引するための取引装置を有し、
     前記取引装置は、
     前記利用者の生体情報を取り込む装置センサと、
     前記装置センサによって取り込まれた前記生体情報を前記ホストコンピュータに送信し、または前記ホストコンピュータから前記利用者の認証結果を受信して表示装置に表示させる装置制御部と、を備え、
     前記ホスト制御部は、前記取引装置から受信した前記生体情報と、前記記憶部に記憶されている前記他の利用者の生体情報とに基づいて、前記利用者を認証し、その結果を前記認証結果として前記取引装置に送信する、
     ことを特徴とする請求項1~4のいずれか1項に記載の生体登録・認証システム。     The biometric registration / authentication system further includes a transaction device for the user connected to the network to perform transactions.
    The transaction device
    A device sensor that captures the user's biological information;
    A device control unit that transmits the biometric information captured by the device sensor to the host computer, or receives an authentication result of the user from the host computer and displays the result on a display device;
    The host control unit authenticates the user based on the biometric information received from the transaction apparatus and the biometric information of the other user stored in the storage unit, and the result is the authentication As a result, send to the transaction device,
    The biometric registration / authentication system according to any one of claims 1 to 4, characterized in that:
  6.  前記端末は、前記入力部が、前記利用者の身長、居住地、前記利用者の登録支店、性別を含む特徴情報を前記付加情報として受け付け、
     前記ホストコンピュータは、前記ホスト制御部が、前記端末から受信した前記生体情報および前記特徴情報との類似度に基づいて前記利用者が登録されているか否かを判定し、その結果を前記判定結果として前記端末に送信する、
     ことを特徴とする請求項1~5のいずれか1項に記載の生体登録・認証システム。     In the terminal, the input unit accepts feature information including the user's height, residence, registered branch of the user, and gender as the additional information,
    In the host computer, the host control unit determines whether or not the user is registered based on the similarity between the biological information and the feature information received from the terminal, and the result is the determination result. To the terminal as
    The biometric registration / authentication system according to any one of claims 1 to 5, characterized in that:
  7.  生体情報を記憶するホストコンピュータにネットワークを介して接続された利用者の生体情報を登録する生体登録・認証装置であって、
     前記利用者の生体情報について登録が可能か否かを示す判定結果を表示する表示部と、
     センサによって取り込まれた前記生体情報と入力部によって入力された前記利用者の特徴を識別するための付加情報とを前記ホストコンピュータに送信し、または前記ホストコンピュータから前記生体登録・認証システムの利用者数分の生体情報と付加情報と、前記生体情報および付加情報との類似度に基づいて前記利用者が登録されているか否かの結果を受信し、前記利用者の生体情報について登録が可能か否かを示す判定結果を表示する表示部に表示させる端末制御部と、
     を備えることを特徴とする生体登録・認証装置。     A biometric registration / authentication device for registering biometric information of a user connected via a network to a host computer that stores biometric information,
    A display unit for displaying a determination result indicating whether or not the biometric information of the user can be registered;
    The biometric information captured by the sensor and the additional information for identifying the user characteristics input by the input unit are transmitted to the host computer, or the biometric registration / authentication system user is transmitted from the host computer. Is it possible to receive the result of whether or not the user is registered based on the biometric information and additional information for several minutes and the degree of similarity between the biometric information and the additional information, and register the biometric information of the user? A terminal control unit for displaying on a display unit for displaying a determination result indicating whether or not,
    A biometric registration / authentication apparatus comprising:
  8.  前記センサは、前記利用者の複数部位の生体情報を取り込み、
     前記表示部は、前記複数部位の生体情報の中で他の利用者との類似度が低い部位を登録部位として推奨するガイダンス画面を表示し、
     前記端末制御部は、取り込まれた前記複数部位の生体情報を前記ホストコンピュータに送信し、または前記ホストコンピュータから、前記複数部位の生体情報のそれぞれと、前記ホストコンピュータの記憶部に記憶されている他の利用者の生体情報のそれぞれとの類似度を判定した結果を受信し、その類似度の低い順に前記部位を推奨部位として前記ガイダンス画面に表示させる、
     ことを特徴とする請求項7に記載の生体登録・認証装置。     The sensor captures biological information of a plurality of parts of the user,
    The display unit displays a guidance screen that recommends, as a registered part, a part having a low degree of similarity with other users in the biological information of the plurality of parts,
    The terminal control unit transmits the captured biological information of the plurality of parts to the host computer, or is stored in the storage part of the host computer with each of the biological information of the plurality of parts from the host computer. Receiving the result of determining the degree of similarity with each of the other users' biometric information, and displaying the part as a recommended part in the order of the degree of similarity on the guidance screen;
    The biometric registration / authentication apparatus according to claim 7.
  9.  利用者の生体情報を登録する端末と、登録された前記生体情報を記憶するホストコンピュータとがネットワークを介して接続された生体登録・認証システムにおいて行われる生体登録・認証方法であって、
     前記端末が有するセンサから取り込まれた前記利用者の生体情報と前記端末の入力部から入力された前記利用者の特徴を識別するための付加情報とを前記ホストコンピュータに送信するステップと、
     記憶部に記憶された前記生体登録・認証システムの利用者数分の前記生体情報と前記付加情報と、前記端末から受信した前記生体情報および付加情報との類似度に基づいて前記利用者が登録されているか否かを判定するステップと、
     その結果を前記利用者の生体情報について登録が可能か否かを示す判定結果として前記端末に送信するステップと、
     前記ホストコンピュータから前記判定結果を受信して表示部に表示させるステップと、
     を含むことを特徴とする生体登録・認証方法。     A biometric registration / authentication method performed in a biometric registration / authentication system in which a terminal that registers biometric information of a user and a host computer that stores the registered biometric information are connected via a network,
    Transmitting the biometric information of the user captured from a sensor included in the terminal and additional information for identifying the characteristics of the user input from the input unit of the terminal to the host computer;
    The user registers based on the similarity between the biometric information and the additional information for the number of users of the biometric registration / authentication system stored in the storage unit, and the biometric information and the additional information received from the terminal. Determining whether or not
    Transmitting the result to the terminal as a determination result indicating whether registration of the biometric information of the user is possible;
    Receiving the determination result from the host computer and displaying it on a display unit;
    A biometric registration / authentication method comprising:
PCT/JP2013/059409 2013-03-28 2013-03-28 Biometric registration/authentication system, biometric registration/authentication device, and biometric registration/authentication method WO2014155634A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
PCT/JP2013/059409 WO2014155634A1 (en) 2013-03-28 2013-03-28 Biometric registration/authentication system, biometric registration/authentication device, and biometric registration/authentication method
CN201410055910.XA CN104077514B (en) 2013-03-28 2014-02-19 Organism accession authorization system, device and method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2013/059409 WO2014155634A1 (en) 2013-03-28 2013-03-28 Biometric registration/authentication system, biometric registration/authentication device, and biometric registration/authentication method

Publications (1)

Publication Number Publication Date
WO2014155634A1 true WO2014155634A1 (en) 2014-10-02

Family

ID=51598765

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2013/059409 WO2014155634A1 (en) 2013-03-28 2013-03-28 Biometric registration/authentication system, biometric registration/authentication device, and biometric registration/authentication method

Country Status (2)

Country Link
CN (1) CN104077514B (en)
WO (1) WO2014155634A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2024003989A1 (en) * 2022-06-27 2024-01-04 日本電気株式会社 Information processing system, information processing method, and recording medium

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP7064854B2 (en) * 2017-12-01 2022-05-11 オムロンヘルスケア株式会社 Biometric information measuring devices, communication devices, systems, methods and programs

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2000090264A (en) * 1998-09-11 2000-03-31 Omron Corp Method and device for collating living body
JP2001005836A (en) * 1999-04-23 2001-01-12 Oki Electric Ind Co Ltd Iris registration system
JP2010086478A (en) * 2008-10-02 2010-04-15 Fujitsu Ltd Authentication method, authentication program, and information processing apparatus
JP2011018127A (en) * 2009-07-07 2011-01-27 Hitachi Ltd System and method for determining writer, electronic pen, and information processing apparatus

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6700998B1 (en) * 1999-04-23 2004-03-02 Oki Electric Industry Co, Ltd. Iris registration unit
JP5202155B2 (en) * 2008-07-24 2013-06-05 株式会社日立製作所 Biometric authentication device and biometric authentication server

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2000090264A (en) * 1998-09-11 2000-03-31 Omron Corp Method and device for collating living body
JP2001005836A (en) * 1999-04-23 2001-01-12 Oki Electric Ind Co Ltd Iris registration system
JP2010086478A (en) * 2008-10-02 2010-04-15 Fujitsu Ltd Authentication method, authentication program, and information processing apparatus
JP2011018127A (en) * 2009-07-07 2011-01-27 Hitachi Ltd System and method for determining writer, electronic pen, and information processing apparatus

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2024003989A1 (en) * 2022-06-27 2024-01-04 日本電気株式会社 Information processing system, information processing method, and recording medium

Also Published As

Publication number Publication date
CN104077514A (en) 2014-10-01
CN104077514B (en) 2017-06-13

Similar Documents

Publication Publication Date Title
Mason et al. An investigation of biometric authentication in the healthcare environment
Jain et al. An introduction to biometric recognition
Jain et al. Biometric identification
Delac et al. A survey of biometric recognition methods
KR100823755B1 (en) Biometrics system and biometrics method
US10810451B2 (en) ATM with biometric security
Amin et al. Biometric and traditional mobile authentication techniques: Overviews and open issues
Kaur A study of biometric identification and verification system
WO2014155634A1 (en) Biometric registration/authentication system, biometric registration/authentication device, and biometric registration/authentication method
Sharma et al. Encryption of text using fingerprints as input to various algorithms
Anu et al. A smart door access system using finger print biometric system
JP6584855B2 (en) Input support apparatus, input support method, and program
CN107615299A (en) For assessing the method and system of fingerprint template
Dhir et al. Biometric recognition: A modern era for security
JP2011076289A (en) Biometric authentication device
Sharma et al. Role of biometric technology over advanced security and protection in auto teller machine transaction
TWI756592B (en) Identity verification system
Betab et al. Fingerprints in automated teller Machine-A survey
JP6668013B2 (en) Judgment device, judgment method and program
US20230386250A1 (en) Biometric gallery management using wireless identifiers
Boonkrong et al. Biometric Authentication
US11915511B2 (en) Information processing system, information processing method, and program
Lott Biometrics: modernising customer authentication for financial services and payments
US20210248217A1 (en) User authentication using primary biometric and concealed markers
Tiwari et al. Biometrics based user authentication

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 13880125

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 13880125

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: JP