CN101075364A - Personal verifying system, method, procedure and host device thereof - Google Patents
Personal verifying system, method, procedure and host device thereof Download PDFInfo
- Publication number
- CN101075364A CN101075364A CN 200710103321 CN200710103321A CN101075364A CN 101075364 A CN101075364 A CN 101075364A CN 200710103321 CN200710103321 CN 200710103321 CN 200710103321 A CN200710103321 A CN 200710103321A CN 101075364 A CN101075364 A CN 101075364A
- Authority
- CN
- China
- Prior art keywords
- authentication
- mentioned
- information
- organism
- need
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The invention provides a personal verifying system. An input unit for making the user input the code is in ATM(9) of bank B. A vena digitalis attestation unit (32) for reading vena digitalis information from the organism of the user is in ATM (3) of bank A. The organism authentication yes/no omitting label related to yes/no omitting vena digitalis attestation is stored in a databank (52) of sever (5) in advance. The ATM (3) of bank A and ATM (9) of bank B is judged to deal which does not perform vena digitalis attestating based on the yes/no omitting label(step S11,S49). Even though the said vena digitalis attestating is not allowed to perform, the personal verifying based on the said code verifying can also be performed, therefore the deal is proceeded(step S11,S49).
Description
Technical field
The present invention relates to relate in particular to execution based on the such traction processing apparatus of the personal authentication's of Biont information ATM according to the individual authentication system, its method, its program and the host apparatus thereof that for example refer to that vein or palm vein, iris, retina, facial such Biont information authenticate the individual.
Background technology
In the past, in being arranged at the ATM of financial institution, employing was the cipher authentication that the password of representative carries out the personal authentication with the security code.This cipher authentication is, relatively be registered in bankbook or the card log-in password and by the input password of user, if unanimity then authentication success in inputs such as touch panel or numerical keys.
There are the following problems for this cipher authentication: when media such as bankbook or card illegally fall into third party's hand, and the third party unlawfully during the cicada password, this third party just can working medium and password unlawfully conclude the business at ATM.
On the other hand, as preventing so black personal authentication's mode, proposed to use the individual authentication system (with reference to TOHKEMY 2003-186847 communique) of Biont information.This is to consider because therefore each one biosome difference, according to the individual authentication system that utilizes this Biont information, just can prevent above-mentioned illegal transaction.
In financial institution, organism authentication as such use Biont information, be in advance account number and registration Biont information to be registered to server in groups, when the user when ATM inserts bankbook or card, ATM reads account number and sends to server from above-mentioned bankbook or card, server is determined corresponding to the registration Biont information of account number and is sent to ATM, comparing to this registration Biont information with from the Biont information that reads that the user reads in the biosome unit that is installed on ATM, carries out organism authentication.And when this organism authentication success, ATM allows transaction.
But this organism authentication has just just begun to popularize, and present situation is that different financial institutions also exists the ATM that can not tackle organism authentication and carry out cipher authentication.Therefore, there are the following problems: when carrying out organism authentication, only allow transaction on the ATM of reply organism authentication, and the user can not conclude the business on the ATM that can not tackle organism authentication, thereby convenience descends.
At this problem points, also considered following method: on the ATM of reply organism authentication, carry out organism authentication, on the ATM that can not tackle organism authentication, carry out cipher authentication in the past.But following problem points is in the past still arranged in such method: safe class will descend, and the third party who illegally obtains medium and password can carry out illegal transaction on the ATM that can not tackle organism authentication.
Summary of the invention
The present invention is a kind of individual authentication system, has to make the user input the password input mechanism of password; And read Biont information as reading the Biont information reading mechanism of Biont information from above-mentioned user's biosome; It is characterized in that having: whether need information to obtain mechanism, obtain and whether need the relevant organism authentication of above-mentioned organism authentication whether to need information from suitable storing mechanism; Whether need decision mechanism, whether needs information judges whether the organism authentication of needs about above-mentioned user according to above-mentioned organism authentication; And personal authentication mechanism, even whether needing decision mechanism to be judged as not carry out above-mentioned organism authentication under the situation that does not need organism authentication, also allow personal authentication based on above-mentioned cipher authentication by above-mentioned.
Description of drawings
Fig. 1 is the hardware structure diagram at the transaction processing system of financial institution's use.
Fig. 2 is the process flow diagram of the processing carried out of the control module of A bank ATM.
Fig. 3 is the process flow diagram of the processing carried out of the control module of B bank ATM.
Fig. 4 is the process flow diagram of the processing carried out of the control module of the ATM of embodiment 2.
Embodiment
Below, with accompanying drawing an embodiment of the invention are described.
<embodiment 1 〉
Fig. 1 is illustrated in the hardware structure diagram of the transaction processing system 1 of financial institution's use.This embodiment 1 refers to that with utilization vena identification describes as the example of organism authentication, but is not limited to refer to vena identification, also can use other organism authentication such as palm vein, iris, retina, face.This transaction processing system 1 plays a role about judging the individual authentication system that could conclude the business as carrying out the personal authentication.
The 2nd, be used to register the registration terminal that finger venous information, card information, individual ID and organism authentication as a kind of Biont information could omit mark (whether need information as organism authentication and represent the mark that could not utilize organism authentication to conclude the business); The 21st, as the registration software of the application program that is used to register above-mentioned information; The 22nd, as the finger vena identification unit that is used to obtain the finger venous information of Biont information reading mechanism; The 23rd, be used for from read the card unit of card information (medium information) as the cards such as RF-ID card of information storage medium.
In this registration terminal 2, as omitting illustrated unit, the storage unit that is provided with the control module that constitutes by CPU etc., constitutes by hard disk etc., the input block that constitutes by touch panel etc., the display unit that constitutes by LCD etc., the voice output unit that constitutes by loudspeaker etc. and the communication unit of communicating by letter with server 5 etc.The control module of registration terminal 2 is according to above-mentioned each unit of above-mentioned registration software 21 controls.
The 3rd, the financial automat of concluding the business, promptly as the A bank ATM of the 1st financial institution terminal, the 31st, as the A bank ATM software of the application program of A bank ATM 3; The 32nd, from obtain finger vena identification unit as the finger of user's biosome as a kind of finger venous information of Biont information; The 33rd, read the card unit of information from cards such as contactless IC card, magnetic cards.There is this two classifications type of type that has the type that refers to vena identification unit 32 and do not have finger vena identification unit 32 in this A bank ATM 3, and the A bank ATM 3 of any kind can be installed identical A bank ATM software 31.This A bank ATM software 31 comprises personal authentication's program of carrying out the personal authentication.
In addition, in A bank ATM 3, as omitting illustrated unit, currency processing unit that the storage unit that is provided with the control module that is made of CPU etc., is made of hard disk etc., the input block that is made of touch panel etc., the display unit that is made of LCD etc., the voice output unit that is made of loudspeaker etc., the access of carrying out currency or coin are handled and the communication unit of communicating by letter with server 5 etc.The control module of A bank ATM 3 is according to above-mentioned each unit of above-mentioned A bank ATM software 31 controls.This A bank ATM 3 also plays a role as the person authentication device that carries out the personal authentication.
The 5th, server, the 51st, server software is as communicate by letter with A bank ATM 3 and receiving individual ID or card information, obtain the application program that finger venous information and organism authentication could omit mark and send to A bank ATM 3 from database; The 52nd, refer to that as being used to manage venous information, card information, individual ID and organism authentication could omit the database of the storing mechanism of mark.Card information here and individual ID play a role as user's identifying information of identification user.
In this server 5, as omitting illustrated unit, the storage unit that is provided with the control module that constitutes by CPU etc., constitutes by hard disk etc., the input block that constitutes by keyboard or mouse etc., the display unit that constitutes by LCD etc., the voice output unit that constitutes by loudspeaker etc. and the communication unit of communicating by letter with registration terminal 2 or A bank ATM 3 etc.The control module of server 5 is according to above-mentioned each unit of above-mentioned server software 51 controls.In addition, input block plays a role as the password input mechanism that makes the user input password.
The 7th, as communicate by letter with A bank ATM 3 and carrying out the A bank main of the host apparatus of transaction,, and, also carry out by B bank main 8 with the transaction between the capable user who concludes the business of sticking into of A bank at B bank ATM 9 as the 2nd financial institution terminal.
In this A bank main 7, as omitting illustrated unit, the storage unit that is provided with the control module that constitutes by CPU etc., constitutes by hard disk etc., the input block that constitutes by keyboard or mouse etc., the display unit that constitutes by LCD etc., the voice output unit that constitutes by loudspeaker etc. and the communication unit of communicating by letter with A bank ATM 3 etc.The control module of A bank main 7 is according to omitting above-mentioned each unit of illustrated host software control.
The 8th, as communicate by letter with B bank ATM 9 and carries out the B bank main of the 2nd financial organ host of concluding the business, with the card insertion B bank ATM 9 of A issued by banks the time, also carry out following processing: this card information is sent to A bank main 7 and authenticate and conclude the business.
In this B bank main 8, as omitting illustrated unit, the storage unit that is provided with the control module that constitutes by CPU etc., constitutes by hard disk etc., the input block that constitutes by keyboard or mouse etc., the display unit that constitutes by LCD etc., the voice output unit that constitutes by loudspeaker etc. and the communication unit of communicating by letter with A bank ATM 3 etc.The control module of B bank main 8 is according to omitting above-mentioned each unit of illustrated host software control.
The 9th, as the B bank ATM of the financial automat of concluding the business, the 91st, as the B bank ATM software of the application program of B bank ATM 9; The 93rd, read the card unit of information from cards such as contactless IC card, magnetic cards.The 92nd, from obtain finger vena identification unit as the finger of user's biosome as a kind of finger venous information of Biont information.In B bank ATM 9, existence has this and refers to the type of vena identification unit 92 and do not have the type that this refers to vena identification unit 92.The B bank ATM 9 of any kind can be installed identical B bank ATM software 91.This B bank ATM software 91 comprises personal authentication's program of carrying out the personal authentication.
In addition, in B bank ATM 9, as omitting illustrated unit, currency processing unit that the storage unit that is provided with the control module that is made of CPU etc., is made of hard disk etc., the input block that is made of touch panel etc., the display unit that is made of LCD etc., the voice output unit that is made of loudspeaker etc., the access of carrying out currency or coin are handled and the communication unit of communicating by letter with B bank main 8 etc.The control module of B bank ATM 9 is according to above-mentioned each unit of above-mentioned B bank ATM software 91 controls.This B bank ATM 9 also plays a role as the person authentication device that carries out the personal authentication.
Adopt above structure, can user's finger venous information and card information be registered to server 5 by registration terminal 2.In A bank ATM 3, can and refer to venous information and the card information that reads by card unit 33 or according to the card information of the database 52 that is stored in server 5 by the finger venous information that refers to that vena identification unit 32 reads, the user is carried out the personal authentication.And, if in the personal authentication authentication success, then can carry out and deposit processing in, take out handle, transfer accounts and handle so various transaction.In addition, if be the card of A issued by banks by the card that reads of card unit 93, then B bank ATM 9 can send to A bank main 7 with card information etc., carries out personal authentication and transaction.
Fig. 2 is the process flow diagram when user's processing of the control module execution of A bank ATM 3 when A bank ATM 3 is carried out transaction processing.
A bank ATM software 31 on the A bank ATM 3 reads card information (step S1) from the card that is arranged on the card unit 33, and the card information that reads is sent to server (step S2).
At this, the server software 51 on the server 5 is then retrieved consistent card information if receive card information from A bank ATM 3 card information of the database on being registered in server 5 52.If there is consistent card information (if registration has card information), finger venous information that then will be corresponding with this card information and organism authentication could omit mark and send to A bank ATM 3.
A bank ATM software 31 on the A bank ATM 3 comprises that from server 5 receptions finger venous information and organism authentication could omit the response message (step S3) of mark.The communication unit of A bank ATM 3 of this moment, as obtain as organism authentication whether need the organism authentication of information could omit mark whether need information to obtain mechanism to play a role.
Refer to venous information (step S4: be) if this response message comprises, and A bank ATM 3 is equipped with and refers to vena identification unit 32 (step S5: be), then A bank ATM software 31 indication users are put into finger and refer to vena identification unit 32 (step S6).At this, above-mentioned steps S5 is equivalent to judge whether have or not judgment processing as the Biont information reading mechanism of the finger vena identification unit 32 of Biont information reading mechanism.
Then, A bank ATM software 31 is according to by referring to finger venous information (reading Biont information) that vena identification unit 32 reads and the finger venous information (registration Biont information) that receives from server 5, carries out consistent degree according to unique point and whether is in whether authenticate in the certain limit be my finger vena identification (step S7).This refers to that vena identification can be by referring to that vena identification unit 32 carry out.
If this refers to vena identification success and authentication by (step S8: be), A bank ATM 3 is proceeded transaction (step S11).When carrying out this transaction, at first carry out in the past the cipher authentication authentication of 4 security codes (for example based on), pass through if in this cipher authentication, authenticate, then allow to deposit in or transaction such as taking-up.
If installing, A bank ATM 3 do not refer to vena identification unit 32 (step S5: not), A bank ATM software 31 then, need the organism authentication of organism authentication whether to need judgment processing as judging whether, check that the organism authentication that expression could not utilize organism authentication to conclude the business could omit mark (step S9).Carry out the control module of the A bank ATM 3 of this inspection, need the decision mechanism that whether needs of organism authentication to play a role as judging whether.
Be labeled as permission (step S9: be) if organism authentication could omit, then A bank ATM software 31 is proceeded transaction, carries out cipher authentication and transaction (step S11).The communication unit of the A bank ATM 3 of this moment, play a role as personal authentication mechanism, whether this personal authentication mechanism, even do not carry out above-mentioned organism authentication, is also being allowed to handle based on the personal authentication of above-mentioned cipher authentication when needing decision mechanism to be judged as not need organism authentication by above-mentioned.
If organism authentication could omit and be labeled as refusal (step S9: not) in above-mentioned steps S9, A bank ATM software 31 Cancel Transaction (step S10) then.
If the response message that receives from server 5, do not refer to venous information (step S4: not), owing to be the user of unregistered finger vein, therefore, do not refer to vena identification and proceed transaction, carry out cipher authentication and transaction (step S11).
Fig. 3 is illustrated in the user who holds the A bank card when carrying out transaction processing on B bank ATM 9, the process flow diagram of the processing that the control module of B bank ATM 9 is carried out.
B bank ATM software 91 on the B bank ATM 9, the card from be arranged at card unit 93 read card information (comprise individual ID and as bank's name of financial institution's classification information etc.) (step S21).Read the card unit 93 of individual ID this moment, obtain mechanism as the identifying information of the individual ID of user's identifying information of identification user etc. and play a role as obtaining.And, read the card unit 93 of bank's name this moment, obtain mechanism and play a role as obtaining classification information as bank's name of financial institution's classification information.
B bank ATM software 91 judges according to the bank's name that reads whether set card is the card (step S22) of this bank.
For the card of this bank (step S22: be) time, B bank ATM software 91 sends to the server (omit diagram) of this bank with the card information that reads or as the B bank main 8 (step S28) of the main frame of this bank.
At this, receive the B bank main 8 of card information or the server of B bank from B bank ATM 9, from being registered in, retrieve the card information of individual ID unanimity by in the card information the database of the server admin of B bank main 8 or B bank.If there is consistent card information (if registration has card information), finger venous information or encrypted message that then will be corresponding with this card information send to B bank ATM 9.
B bank ATM software 91 on the B bank ATM 9 receives from the server of B bank main 8 or B bank and to comprise the response message (step S24) that refers to venous information or encrypted message.
When not being the card of this bank in above-mentioned steps S22 (step S22: not), B bank ATM software 91 sends to the card information that reads in the main frame (step S25) of other banks of this card of distribution.In this embodiment, card information is sent to A bank main 7 as the main frame of other banks.
At this, the host software on the A bank main 7 then transfers to server 5 with this card information if receive card information from B bank ATM 9.In the card information that server 5 is registered from the database on server 5 52, the card information that retrieval is consistent, if there is consistent card information (if registration has card information), finger venous information that then will be corresponding with this card information and organism authentication could omit mark and send to A bank main 7.A bank main 7 should refer to that venous information and organism authentication could omit mark and send to B bank ATM 9.Could omit mark at the organism authentication that this sent, if allow then ask cipher authentication refusal then request refers to the meaning of vena identification if having.
B bank ATM software 91 on the B bank ATM 9 comprises that from 7 receptions of A bank main finger venous information and organism authentication could omit the response message (step S26) of mark.At this moment, the communication unit of B bank ATM 9 is obtained mechanism and is played a role as obtaining personal authentication's related information that organism authentication as personal authentication's related information could omit mark.
If comprising, the response message that receives like this refers to venous information (step S27: be), and B bank ATM 9 is equipped with and refers to vena identification unit 92 (step S28: be), and then B bank ATM software 91 indication users are put into finger and refer to vena identification unit 92 (step S29).
Then, B bank ATM software 91, according to by referring to finger venous information that vena identification unit 92 reads and, carry out consistent degree according to unique point and whether be in whether authenticate in the certain limit be my finger vena identification (step S30) from the finger venous information that A bank main 7 receives.
If this refers to vena identification success and authentication by (step S31: be), B bank ATM 9 is proceeded transaction (step S34).When carrying out this transaction, at first carry out cipher authentication in the past, pass through if in this cipher authentication, authenticate, then allow to deposit in or transaction such as taking-up.Carry out the control module of B bank ATM 9 of the judgement of above-mentioned steps S31, as according to judging that from server 5 obtained finger venous information the transaction that could proceed to conclude the business could play a role by decision mechanism as personal authentication's related information.
If installing, B bank ATM 9 do not refer to that (step S28: not), then B bank ATM software 91 checks that expression could not utilize the organism authentication of the transaction of organism authentication could omit mark (step S32) in vena identification unit 92.
Be labeled as permission (step S32: be) if organism authentication could omit, then proceed transaction, carry out cipher authentication and transaction (step S34), be labeled as refusal if organism authentication could omit, (step S33) then Cancels Transaction.
If the response message that receives from A bank main 7, do not refer to venous information (step S27: not), owing to be the user of unregistered finger vein, therefore, do not refer to vena identification and proceed transaction, carry out cipher authentication and transaction (step S34).
According to above structure and action, the user can be according to the intention of oneself, and selection is a safety-sensitive, and refusal does not utilize the transaction of organism authentication; Still before popularizing, organism authentication payes attention to convenience, even if do not utilize organism authentication also can carry out transaction.
Promptly, want to make and refer to that vena identification is necessary user, by registration terminal 2 organism authentication could be omitted flag settings in advance and be refusal, can prevent that the third party from not referring to vena identification ground illegal transaction (for example illegally withdrawing the money) on the ATM3,9 that does not have finger vena identification unit 32,92.Therefore, can improve safe class.
In addition, want the user that also concludes the business on the ATM3,9 that refers to vena identification unit 32,92 not having, can by registration terminal 2 organism authentication could be omitted flag settings for allowing in advance, in having the ATM3,9 that refers to vena identification unit 32,92, carry out and refer to vena identification, in not having the ATM3,9 that refers to vena identification unit 32,92, do not carry out and refer to vena identification, only carry out transaction by cipher authentication.Therefore, in having the ATM3,9 that refers to vena identification unit 32,92, can keep higher safe class, in not having the ATM3,9 that refers to vena identification unit 32,92, can only conclude the business, can improve convenience by cipher authentication.
In addition, whether atm software 31,91 adopts according to having finger vena identification unit 32,92 to change the structure of handling, and therefore, whether no matter finger vena identification unit 32,92 is installed, can both be installed among all ATM3,9 identical atm software 31,91 and use according to each bank.
Thus, can easily carry out the version management of atm software 31,91, atm software 31,91 can be installed to ATM3, prevent the setup error that version error or machine mistake cause at 9 o'clock, in addition, the A bank ATM 3 that causes of the version error that can prevent to be installed and the maloperation of B bank ATM 9.
In addition, even if refer among the ATM3,9 of vena identification unit 32,92 not installing, if atm software 31,91 is installed, then under the situation that after this finger vena identification unit 32,92 has been installed, do not install especially etc., can use to refer to that 32,92 execution of vena identification unit refer to vena identification yet.
In addition, in the system of B bank, adopted the illustrated server admin of omission by B bank main 8 or B bank refer to venous information, B bank can be independently to the structure that sticks into capable personal authentication of B bank, therefore, even if do not force B bank to import the authentication mode identical, also can easily realize allowing the card of use A bank by B bank ATM 9 with A bank.
In addition, also can adopt the structure of the finger venous information of in A bank and B bank, using by server 5 managed together.Under these circumstances, also server 5 can be directly connected to B bank main 8.Thus, can refer to venous information with bank error single management irrespectively.
In addition, B bank ATM software 91 also can adopt if the card of this bank is not then carried out the structure that refers to vena identification.Under these circumstances, omitting step S27~S33 gets final product.And A bank main 7 adopts following structure get final product: be received in the card information that step S25 sends, confirm that organism authentication could omit mark, if allow then send password, if refusal then send the refusal information of concluding the business.Thus, B bank ATM 9 can could omit the transaction that card carried out of the A bank that is labeled as refusal at step S34 refusal with organism authentication.And, can be not the B bank ATM software 91 of the type that can only carry out cipher authentication not be made any correction ground, the corresponding transaction of setting that the organism authentication of realizing providing with A bank could omit mark.
In addition, B bank ATM software 91 also can constitute, and as if the card of this bank does not then refer to the structure of vena identification, omits step S27~S33, entrusts the main frame of other banks to carry out the personal authentication at step S25.Entrust the communication unit of personal authentication's B bank ATM 9 to play a role as personal authentication associated agency this moment.Under these circumstances, B bank ATM software 91 adopts the structure do not carry out cipher authentication in step S34, makes the user input password after step S21, also sends encrypted message except card information and personal authentication's entrusted information gets final product in step S25.Then, A bank main 7, be received in card information and personal authentication's entrusted information that step S25 sends, confirm that organism authentication could omit mark, if allow then judge whether the password that receives is consistent with the password that is registered in server 5, will conclude the business as authentication result allows information response to send to get final product.If organism authentication could omit be labeled as refusal or password inconsistent, the refusal information response transmission of will conclude the business gets final product as authentication result.The communication unit that receive the B bank ATM software 91 of authentication result this moment is obtained mechanism as personal authentication's related information and is played a role.By this structure, B bank ATM 9 can refuse could omit with organism authentication the transaction that card carried out of the A bank that is labeled as refusal at step S34.And, can be not the B bank ATM software 91 of the type that can only carry out cipher authentication not be made any correction ground, the corresponding transaction of setting that the organism authentication of realizing providing with A bank could omit mark.
In addition, therewith in the same manner, also can adopt A bank ATM software 31 to entrust A bank main 7 to carry out personal authentication's structure.Under these circumstances, A bank ATM software 31 adopts the structure do not carry out cipher authentication in step S11, makes the user input password after step S1, also sends encrypted message except card information and personal authentication's entrusted information gets final product in step S2.Then, A bank main 7, be received in card information and personal authentication's entrusted information that step S2 sends, confirm that organism authentication could omit mark, if allow then judge whether the password that receives is consistent with the password that is registered in server 5, will conclude the business as authentication result allows information response to send to get final product.If organism authentication could omit be labeled as refusal or password inconsistent, the refusal information response transmission of will conclude the business gets final product as authentication result.Thus, A bank ATM 3 can could omit the transaction that card carried out of the A bank that is labeled as refusal at step S11 refusal with organism authentication.
In addition, A bank ATM software 31 has adopted the structure of not handling the card of other banks, but also can adopt the structure of carrying out the processing identical with B bank ATM software illustrated in fig. 3 91, and the structure of the card of other banks is also handled in employing.
In addition, adopted to use to be stored in the structure of the card information in the card, but also can adopt the structure of not using card fully.Under these circumstances, in step S1, S21, import individual ID and bank's name (also can be the difference or the ID of bank of this bank/other banks) by the user with the input block of A bank ATM 3 or B bank ATM 9, the processing of carrying out the back according to individual ID and bank's name of this input gets final product.Thus, can not use card ground to allow transaction.And even under these circumstances, whether the user also can utilize organism authentication could omit the mark registered in advance only still must refer to vena identification by password with regard to allowing transaction.
<embodiment 2 〉
Then, illustrate that the card that the user is held is set at IC-card, stores the embodiment 2 of Biont information mode in this IC-card.In this embodiment 2, be not arranged on the server 5 of explanation in the transaction processing system 1 of embodiment 1, replace and will refer to that venous information and organism authentication could omit mark and be stored in separately in the IC-card that each user holds.Other structures are identical with the transaction processing system 1 of embodiment 1, omit detailed description thereof.
Fig. 4 represents user's treatment scheme that the control module of A bank ATM 3 or B bank ATM 9 is carried out when A bank ATM 3 or B bank ATM 9 carried out transaction processing.In this embodiment 2, A bank ATM software 31 and B bank ATM software 91 adopt the structure of carrying out same treatment shown in following step S41~S49.
Atm software 31 (or 91) on the ATM 3 (or 9), read from IC-card and to refer to that venous information and organism authentication could omit mark (step S41), utilize this finger venous information that reads and organism authentication could omit the processing that mark is carried out the step S42~S49 of back.
Step S42~S49 uses except not using the information that receives from server 5 information that reads from IC-card, and other step S4~S11 with explanation in embodiment 1 are identical, therefore, omit detailed description thereof.
According to above structure and action, with embodiment 1 in the same manner, the transaction processing system 1 of embodiment 2 can be tackled following two aspects: the one, even if refer on the ATM3,9 of vena identification unit 32,92 not installing, also allow transaction, thereby improve convenience; The 2nd, refusal transaction among the ATM3,9 that refers to vena identification unit 32,92 be not installed, thereby can improving security.
In addition, the invention is not restricted to the structure of above-mentioned embodiment, can also obtain a lot of embodiments.
According to the present invention, under the situation of the device of reply organism authentication and the device mixing existence that can not tackle organism authentication, can tackle the raising of safe class and these two aspects of raising of convenience.
Claims (9)
1, a kind of individual authentication system has and makes the user input the password input mechanism of password; And read Biont information as reading the Biont information reading mechanism of Biont information from above-mentioned user's biosome; It is characterized in that having:
Whether need information to obtain mechanism, obtain and whether need the relevant organism authentication of above-mentioned organism authentication whether to need information from suitable storing mechanism;
Whether need decision mechanism, whether needs information judges whether the organism authentication of needs about above-mentioned user according to this organism authentication; And
Whether personal authentication mechanism is even needed decision mechanism to be judged as not carry out above-mentioned organism authentication under the situation that does not need organism authentication, also allow the personal authentication based on above-mentioned cipher authentication by above-mentioned.
2, individual authentication system as claimed in claim 1 is characterized in that,
Has above-mentioned storing mechanism and the above-mentioned information that whether needs obtains mechanism at server;
The 1st financial institution terminal in the 1st financial institution has above-mentioned Biont information reading mechanism;
The 2nd financial institution terminal in the 2nd financial institution has above-mentioned password input mechanism;
Above-mentioned the 2nd financial institution terminal has:
Classification information obtains mechanism, obtains will conclude the business financial institution's classification information of classification of the financial institution that utilizes of expression user;
Personal authentication's related information is obtained mechanism, from the above-mentioned server of the represented financial institution of this financial institution's classification information, obtains the personal authentication's related information that is associated with above-mentioned personal authentication about this user; And
Transaction could decision mechanism, and according to obtained personal authentication's related information, judgement could be proceeded transaction.
3, individual authentication system as claimed in claim 2 is characterized in that,
Whether need information to constitute above-mentioned personal authentication's related information with above-mentioned organism authentication;
Have above-mentioned decision mechanism and the above-mentioned personal authentication mechanism of whether needing at above-mentioned the 2nd financial institution terminal.
4, individual authentication system as claimed in claim 2 is characterized in that,
Above-mentioned the 2nd financial institution terminal has:
Identifying information is obtained mechanism, obtains user's identifying information of identification user; And
Personal authentication associated agency sends to above-mentioned server with obtained user's identifying information with by the password of above-mentioned password input mechanism input, and entrusts and carry out the personal authentication;
Above-mentioned server has above-mentioned personal authentication mechanism;
Authentication result information with the result who represents above-mentioned personal authentication constitutes above-mentioned personal authentication's related information.
5, a kind of authenticating method reads the Biont information that Biont information reads according to the password that the user is inputed with by the Biont information reading mechanism from above-mentioned user's biosome conduct, carries out the personal authentication; It is characterized in that, comprise the steps:
Whether whether utilizing needs information to obtain mechanism, obtain and need the relevant organism authentication of above-mentioned organism authentication whether to need information from suitable storing mechanism;
Utilize whether need decision mechanism, whether needs information judges whether the organism authentication of needs about above-mentioned user according to this organism authentication; And
Even whether needing decision mechanism to be judged as not carry out above-mentioned organism authentication under the situation that does not need organism authentication, also utilize personal authentication mechanism to allow personal authentication based on above-mentioned cipher authentication by above-mentioned.
6, a kind of personal authentication's program, making person authentication device carry out the personal authentication handles, described personal authentication is treated to, read the Biont information that Biont information reads according to the password that the user is inputed with by the Biont information reading mechanism from above-mentioned user's biosome conduct, the individual is authenticated; It is characterized in that, comprising:
Make above-mentioned person authentication device carry out organism authentication and whether need judgment processing, whether this organism authentication needs judgment processing to be, according to be stored in according to each user in the suitable storing mechanism, with whether the relevant organism authentication of the above-mentioned organism authentication of needs needs information whether, judging whether need be about above-mentioned user's organism authentication;
Handle as above-mentioned personal authentication,
Even whether need to be judged as in the judgment processing at above-mentioned organism authentication does not carry out above-mentioned organism authentication under the situation that does not need organism authentication, also allow above-mentioned person authentication device to carry out personal authentication based on above-mentioned cipher authentication.
7, personal authentication's program as claimed in claim 6 is characterized in that, also comprises:
Make above-mentioned person authentication device carry out the Biont information reading mechanism and have or not judgment processing, this Biont information reading mechanism has or not judgment processing to be, judges whether have above-mentioned Biont information reading mechanism at above-mentioned person authentication device;
Being judged as when having above-mentioned Biont information reading mechanism, make above-mentioned person authentication device carry out above-mentioned organism authentication;
Being judged as when not having above-mentioned Biont information reading mechanism, make above-mentioned person authentication device carry out above-mentioned personal authentication and handle.
8, a kind of host apparatus connects as the 1st financial institution terminal of the terminal of the 1st financial institution with as the 2nd financial organ host of the host apparatus of the 2nd financial institution, is used for the transaction business of the 1st financial institution, it is characterized in that having:
Whether need information to obtain mechanism, obtain according to each user be stored in the suitable storing mechanism, with whether need the relevant organism authentication of organism authentication whether to need information; And
Whether need decision mechanism,, need to judge whether organism authentication according to obtained organism authentication needs information whether;
When receiving personal authentication's entrusted information of entrusting as the personal authentication from above-mentioned the 1st financial institution terminal or above-mentioned the 2nd financial organ host, carry out judgement by the above-mentioned decision mechanism that whether needs, organism authentication then carries out organism authentication to above-mentioned the 1st financial institution terminal or above-mentioned the 2nd financial organ host request if desired;
If do not need organism authentication, then carry out cipher authentication to above-mentioned the 1st financial institution terminal or above-mentioned the 2nd financial organ host request.
9, a kind of host apparatus connects as the 1st financial institution terminal of the terminal of the 1st financial institution with as the 2nd financial organ host of the host apparatus of the 2nd financial institution, is used for the transaction business of financial institution, it is characterized in that having:
Whether need information to obtain mechanism, obtain according to each user be stored in the suitable storing mechanism, with whether need the relevant organism authentication of organism authentication whether to need information; And
Whether need decision mechanism,, need to judge whether organism authentication according to obtained organism authentication needs information whether;
When receiving personal authentication's entrusted information of entrusting as the personal authentication from above-mentioned the 1st financial institution terminal or above-mentioned the 2nd financial organ host,
Need to judge whether organism authentication by the above-mentioned decision mechanism that whether needs;
Organism authentication is then carried out organism authentication if desired, and response sends authentication result;
If do not need organism authentication, then carry out cipher authentication, and response sends authentication result.
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| JP139895/2006 | 2006-05-19 | ||
| JP2006139895A JP4860346B2 (en) | 2006-05-19 | 2006-05-19 | Personal authentication system and method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101075364A true CN101075364A (en) | 2007-11-21 |
| CN100565596C CN100565596C (en) | 2009-12-02 |
Family
ID=38843482
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 200710103321 Expired - Fee Related CN100565596C (en) | 2006-05-19 | 2007-05-18 | Individual authentication system, its method and host apparatus thereof |
Country Status (3)
| Country | Link |
|---|---|
| JP (1) | JP4860346B2 (en) |
| CN (1) | CN100565596C (en) |
| TW (1) | TW200821992A (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101567033B (en) * | 2009-06-03 | 2011-03-02 | 西北工业大学 | Biological authentication method for resisting privacy disclosure |
| CN102043944A (en) * | 2009-10-16 | 2011-05-04 | 日立欧姆龙金融***有限公司 | Biometric authentication apparatus and biometric authentication method |
| CN107657765A (en) * | 2017-10-12 | 2018-02-02 | 比亦特网络科技(天津)有限公司 | A kind of new bank access device |
| CN109263604A (en) * | 2018-09-10 | 2019-01-25 | 深兰盛视科技(苏州)有限公司 | Car door lock open method, device and computer readable storage medium |
| CN109462501A (en) * | 2018-10-29 | 2019-03-12 | 北京芯盾时代科技有限公司 | A kind of identifying procedure control method and system |
| CN109691016A (en) * | 2016-07-08 | 2019-04-26 | 卡列普顿国际有限公司 | Distributing real time system and Verification System |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101853542B (en) * | 2009-04-01 | 2012-01-18 | 张子文 | IC card consumption system integrating finger vein identification technology |
| JP6255239B2 (en) * | 2013-12-27 | 2017-12-27 | 日本エイ・ティー・エム株式会社 | Common business processing system |
| JP6633666B2 (en) * | 2018-02-28 | 2020-01-22 | 株式会社三井住友銀行 | Temporary authentication system, method, and program |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JPH11338947A (en) * | 1998-05-26 | 1999-12-10 | Okinawa Nippon Denki Software Kk | Financial transaction system utilizing individual authentication |
| JP2001290779A (en) * | 2000-04-07 | 2001-10-19 | Koji Sugano | Illegal use preventing method for original identification card and individual certifying system using the same |
| JP2003186847A (en) * | 2001-12-20 | 2003-07-04 | Oki Electric Ind Co Ltd | Apparatus and method for personal identification, and system therefor |
| JP2004355088A (en) * | 2003-05-27 | 2004-12-16 | Nec Soft Ltd | Personal identification system, method, and program |
-
2006
- 2006-05-19 JP JP2006139895A patent/JP4860346B2/en not_active Expired - Fee Related
-
2007
- 2007-04-24 TW TW096114462A patent/TW200821992A/en unknown
- 2007-05-18 CN CN 200710103321 patent/CN100565596C/en not_active Expired - Fee Related
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101567033B (en) * | 2009-06-03 | 2011-03-02 | 西北工业大学 | Biological authentication method for resisting privacy disclosure |
| CN102043944A (en) * | 2009-10-16 | 2011-05-04 | 日立欧姆龙金融***有限公司 | Biometric authentication apparatus and biometric authentication method |
| CN109691016A (en) * | 2016-07-08 | 2019-04-26 | 卡列普顿国际有限公司 | Distributing real time system and Verification System |
| CN109691016B (en) * | 2016-07-08 | 2024-01-26 | 卡列普顿国际有限公司 | Distributed transaction processing and authentication system |
| CN107657765A (en) * | 2017-10-12 | 2018-02-02 | 比亦特网络科技(天津)有限公司 | A kind of new bank access device |
| CN109263604A (en) * | 2018-09-10 | 2019-01-25 | 深兰盛视科技(苏州)有限公司 | Car door lock open method, device and computer readable storage medium |
| CN109462501A (en) * | 2018-10-29 | 2019-03-12 | 北京芯盾时代科技有限公司 | A kind of identifying procedure control method and system |
| CN109462501B (en) * | 2018-10-29 | 2021-02-02 | 北京芯盾时代科技有限公司 | Authentication process control method and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN100565596C (en) | 2009-12-02 |
| JP4860346B2 (en) | 2012-01-25 |
| TW200821992A (en) | 2008-05-16 |
| JP2007310697A (en) | 2007-11-29 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101075364A (en) | Personal verifying system, method, procedure and host device thereof | |
| US10437976B2 (en) | Biometric personal data key (PDK) authentication | |
| US7802723B2 (en) | System and method for nameless biometric authentication and non-repudiation validation | |
| JP4578244B2 (en) | Method for performing secure electronic transactions using portable data storage media | |
| US7527192B1 (en) | Network based method of providing access to information | |
| EP2685401B1 (en) | Methods and systems for improving the security of secret authentication data during authentication transactions | |
| CN1892711A (en) | Biometrics authentication method and biometrics authentication system | |
| CN1758268A (en) | Biometric authentication method and biometric authentication apparatus | |
| US9262615B2 (en) | Methods and systems for improving the security of secret authentication data during authentication transactions | |
| Khan et al. | Comparative study of authentication techniques | |
| CN1855155A (en) | Automated teller machine | |
| US20090235086A1 (en) | Server-side biometric authentication | |
| US20080253619A1 (en) | Technique for authenticating an object on basis of features extracted from the object | |
| CN1873705A (en) | Automated teller machine | |
| CN1453744A (en) | IC card, portable terminal and access control method | |
| US20140020058A1 (en) | Methods and systems for improving the security of secret authentication data during authentication transactions | |
| KR100788768B1 (en) | System for automatic teller machine and automatic cash transaction device | |
| CN1897046A (en) | Biological authentification system | |
| JP4911595B2 (en) | Identification device, identification system and identification method | |
| CN101140599A (en) | Organism identifying system and method | |
| JP5282477B2 (en) | Authentication method, program, and authentication apparatus | |
| CN1643551A (en) | Method and system for user authentication in a digital communication system | |
| JP2006215786A (en) | User authentication method and user authentication program | |
| CN1455367A (en) | Method and system of identifying teller identity using fingerprint | |
| TWM612133U (en) | Digital account management system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C17 | Cessation of patent right | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20091202 Termination date: 20140518 |