WO2023090117A1 - Système d'authentification et programme d'authentification - Google Patents

Système d'authentification et programme d'authentification Download PDF

Info

Publication number
WO2023090117A1
WO2023090117A1 PCT/JP2022/040206 JP2022040206W WO2023090117A1 WO 2023090117 A1 WO2023090117 A1 WO 2023090117A1 JP 2022040206 W JP2022040206 W JP 2022040206W WO 2023090117 A1 WO2023090117 A1 WO 2023090117A1
Authority
WO
WIPO (PCT)
Prior art keywords
authentication
unit
feature data
data
biometric
Prior art date
Application number
PCT/JP2022/040206
Other languages
English (en)
Japanese (ja)
Inventor
克彦 近藤
Original Assignee
Tesnology株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tesnology株式会社 filed Critical Tesnology株式会社
Publication of WO2023090117A1 publication Critical patent/WO2023090117A1/fr

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials

Definitions

  • the present invention relates to technology for personal authentication.
  • the user's identity may be verified in order to prevent third parties from enjoying the services and functions by pretending to be the user.
  • a simple example would be an electronic key system that has the function of automatically unlocking the door of the user's home. To prevent third parties from entering the user's home, the electronic key system verifies that the person in front of the door is the user.
  • Biometric authentication is sometimes used as a method of personal authentication for identity verification.
  • Biometrics authentication is face authentication based on facial feature data indicating features of a face included in an image, for example.
  • the electronic key system holds the facial feature data of the authorized user and compares it with the facial features of the person in front of the door.
  • Patent document 1 aims to prevent leakage of personal data used for personal authentication in this way.
  • reference personal data is held in an authentication object (an example of an electronic device), and reference personal data is not held in an authentication device. Therefore, the risk of leakage of reference personal data from the authentication device is low.
  • the target personal data to be authenticated is acquired by the authentication object, the target personal data and the reference personal data are sent to the authentication device, and the two are compared by the authentication device. It is easy for a malicious third party to generate the same target personal data as the reference personal data as a disguise. In other words, copying appropriate reference personal data will result in fake target personal data. If a malicious third party prepares a counterfeit device that mimics the communication interface of the object for authentication and sends a pair of fake reference personal data and fake target personal data, authentication will succeed without any problems. I can guide you. As described above, the technique of Patent Document 1 has a low level of security.
  • the present invention was completed based on the recognition of the above problems, and its main purpose is to prevent the leakage of the user's biometric feature data in personal authentication while ensuring a high security level.
  • An authentication system includes an input device for inputting biometric authentication data of a holder of an electronic device, and a feature extractor for extracting biometric feature data of the holder from the inputted biometric authentication data of the holder.
  • a feature data acquisition unit that acquires biometric feature data of an authorized user registered in the electronic device from the electronic device; biometric feature data of the holder and the authorized user extracted from the biometric authentication data of the holder; and an authentication unit that performs biometric authentication based on the biometric feature data.
  • An authentication system includes an input device for inputting biometric authentication data of an authorized user of an electronic device, and extracting biometric feature data of the authorized user from the biometric authentication data of the authorized user. It is characterized by comprising an extraction unit and a feature data providing unit for registering biometric feature data of a legitimate user in an electronic device.
  • the present invention it is possible to prevent leakage of the user's biometric feature data in personal authentication while ensuring a high security level.
  • FIG. 1 is a diagram showing an overview of an electronic key system according to Embodiment 1;
  • FIG. 2 is a functional block diagram of an authentication device according to Embodiment 1;
  • FIG. 2 is a functional block diagram of a smartphone terminal according to Embodiment 1.
  • FIG. FIG. 4 is a diagram showing an initial setting sequence according to the first embodiment; 4 is a diagram showing an automatic unlocking sequence in Embodiment 1.
  • FIG. 10 is a diagram showing an outline of an electronic key system in modified example 1;
  • FIG. 11 is a functional block diagram of an authentication device in Modification 1;
  • FIG. 11 is a functional block diagram of a reception device in modification 1;
  • FIG. 10 is a diagram showing an initial setting sequence in modification 1;
  • FIG. 11 is a diagram showing an outline of an electronic key system in modified example 2;
  • FIG. 11A is a functional block diagram of an authentication device in modification 2.
  • FIG. FIG. 11B is a functional block diagram of a smartphone terminal according to Modification 2.
  • FIG. 12 is a diagram showing an initial setting sequence in modification 2;
  • FIG. 11 is a diagram showing a sequence of automatic unlocking (first time) in modification 2;
  • FIG. 11 is a diagram showing a sequence of automatic unlocking (second and subsequent times) in modified example 2;
  • FIG. 11 is a diagram showing an outline of an electronic key system in modification 3;
  • FIG. 16A is a functional block diagram of an authentication device in modification 3.
  • FIG. FIG. 16B is a functional block diagram of a reception device according to Modification 3.
  • FIG. 12 is a diagram showing a sequence for acquiring a guest's smartphone terminal ID in modification 3;
  • FIG. 13 is a diagram showing an automatic unlocking sequence in modification 3;
  • FIG. 12 is a diagram showing an outline of an electronic key system in modification 4;
  • FIG. 20A is a functional block diagram of a home authentication device in modification 4.
  • FIG. 20B is a functional block diagram of a company's authentication device in Modification 4.
  • FIG. FIG. 20C is a functional block diagram of a smartphone terminal according to Modification 4.
  • FIG. 10 is a diagram showing an automatic unlocking sequence in a home authentication device;
  • FIG. 10 is a diagram showing an automatic unlocking sequence in a company's authentication device;
  • FIG. 10 is a diagram showing an automatic unlocking sequence in a company's authentication device;
  • FIG. 10 is a diagram showing an automatic unlocking sequence in a company's authentication device;
  • FIG. 13 is a diagram showing an outline of an electronic key system in modified example 5;
  • FIG. 24A is a functional block diagram of an authentication device in modification 5.
  • FIG. FIG. 24B is a functional block diagram of a smartphone terminal according to modification 5.
  • FIG. 13 is a diagram showing an automatic unlocking sequence in modification 5;
  • FIG. 13 is a diagram showing the configuration of an electronic key system in modification 6;
  • FIG. 10 is a diagram showing an outline of an authentication system according to Embodiment 2;
  • FIG. 10 is a diagram showing a biometric information registration sequence according to the second embodiment;
  • FIG. 10 is a diagram showing a sequence at the start of service in Embodiment 2;
  • FIG. 22 is a diagram showing a biometric information registration sequence in Modification 7;
  • FIG. 20 is a diagram showing a sequence at the start of unlocking in modified example 8;
  • FIG. 21 is a diagram showing a sequence at the time of unlocking in modification 9;
  • FIG. 22 is a diagram of a menu screen of the target device in modification 12;
  • FIG. 21 is a diagram of a menu screen of home electric appliances in modified example 12;
  • FIG. 1 is a diagram showing an outline of an electronic key system according to Embodiment 1.
  • FIG. A scene in which the user opens the front door 306 to enter the house is assumed.
  • a user owns a smartphone terminal 100 that he or she uses.
  • the electronic key system in Embodiment 1 is an example of a personal authentication system that verifies that a person holding the smartphone terminal 100 on the spot is an authorized user of the smartphone terminal 100 .
  • An authentication device 200 is installed in front of the entrance.
  • the authentication device 200 authenticates the user using the biometric feature data of the user.
  • Biometric feature data is data that indicates the features of a person and serves as a comparison source in biometric authentication.
  • Authentication device 200 is connected to near field communication device 300 , camera 302 and lock device 304 .
  • the connection method may be wired or wireless. However, in order to prevent intervention by a third party, it is desirable to connect the authentication device 200 and the camera 302 by wire.
  • the authentication device 200 may incorporate the short-range wireless communication device 300 .
  • the authentication device 200 may incorporate a camera 302 .
  • an electronic key system including authentication device 200 , short-range wireless communication device 300 , camera 302 and lock device 304 is installed near front door 306 .
  • the smartphone terminal 100 and the short-range wireless communication device 300 detect each other and start communicating.
  • the smartphone terminal 100 stores the face feature data of the user in an encrypted state.
  • the authentication device 200 acquires encrypted facial feature data from the smartphone terminal 100 via the short-range wireless communication device 300 and decrypts it.
  • Authentication device 200 also extracts facial feature data of the user in front of door 306 from the image captured by camera 302 . If the facial feature data extracted from the video matches the decrypted facial feature data, authentication device 200 determines that face authentication is successful (OK), and controls lock device 304 to unlock the face. lock it.
  • Successful face authentication means that the user who has the authority to open the door 306 is holding his/her smartphone terminal 100 .
  • the authentication device 200 uses an encryption key that is used only by the authentication device 200, that is, an encryption key unique to the authentication device 200.
  • the encryption key in this example is not exposed outside the authentication device 200 .
  • a cryptographic key is a secret code given to an algorithm when encrypting or decrypting data. Therefore, keys used in decryption are also called cryptographic keys.
  • the encryption key may be stored in advance by the authentication device 200 at the manufacturing stage, or may be stored by the authentication device 200 receiving a common key transmitted from an external device at the operation stage.
  • the encryption key in this example is a common key based on a common key cryptosystem (symmetric key cryptosystem). That is, the key for encryption and the key for decryption are the same.
  • a public key cryptosystem (asymmetric key cryptosystem) may be employed and separate keys may be used for encryption and decryption.
  • the authentication device 200 holds the encryption key
  • the smartphone terminal 100 does not hold the encryption key. In other words, the smartphone terminal 100 neither performs encryption processing nor decryption processing.
  • the authentication device 200 determines that the face authentication is unsuccessful (NG). In this case, authentication device 200 does not unlock lock device 304 .
  • Unsuccessful face authentication (NG) means that the smartphone terminal 100 is held by a third party other than the user who has the authority to open the door 306 . In other words, even if a person who steals the smartphone terminal 100 approaches the front door, the door will not be unlocked. Therefore, even if the smartphone terminal 100 is lost, a third party who picks up the smartphone terminal 100 cannot impersonate the user and unlock the lock device 304 of the door 306 of the user's home. Note that even if the smartphone terminal 100 is lent to a cohabitant, the door 306 will not open because the face authentication will be unsuccessful (NG).
  • the authentication device 200 holds a unique encryption key.
  • the facial feature data held in the smartphone terminal 100 is encrypted using this encryption key.
  • the user is photographed and facial feature data extracted from the image is encrypted with a unique encryption key, It is assigned to the smartphone terminal 100 .
  • This encryption key is also used to decrypt the encrypted face feature data.
  • a unique encryption key is a dedicated encryption key that is used only by that authentication device 200 .
  • a unique encryption key is a secret key that is not shared with other authentication devices 200 .
  • FIG. 2 is a functional block diagram of the authentication device 200 according to the first embodiment.
  • Each component of the authentication device 200 includes computing units such as a CPU (Central Processing Unit) and various coprocessors, storage devices such as memory and storage, hardware including wired or wireless communication lines connecting them, It is implemented by software that is stored in a storage device and that supplies processing instructions to the calculator.
  • a computer program may consist of a device driver, an operating system, various application programs located in their higher layers, and a library that provides common functions to these programs.
  • Each illustrated block does not represent a configuration in units of hardware, but represents blocks in units of functions.
  • Each block may be implemented by causing a computer to execute a program stored in a storage device. The same applies to devices such as the smartphone terminal 100 and the reception device 400 described later.
  • the authentication device 200 includes a user interface processing unit 210, a data storage unit 240, a short-range wireless communication unit 250, and a data processing unit 280.
  • the user interface processing unit 210 is in charge of user interface processing via a touch panel or the like that integrates a display and a touch sensor included in the authentication device 200 .
  • the data storage unit 240 stores various data.
  • the data storage unit 240 is realized by, for example, RAM, ROM, flash memory, SSD (Solid State Device), hard disk, other storage devices, or an appropriate combination thereof.
  • the short-range wireless communication unit 250 takes charge of short-range wireless communication processing.
  • the data processing unit 280 executes various processes based on data input by the user interface processing unit 210 , data acquired by the near field communication unit 250 and data stored in the data storage unit 240 .
  • Data processing unit 280 also functions as an interface for user interface processing unit 210 , data storage unit 240 , and short-range wireless communication unit 250 .
  • the user interface processing unit 210 has an input unit 220 for inputting data by user operation and an output unit 230 for outputting data to be provided to the user.
  • the data processing unit 280 includes a password authentication unit 281, a video acquisition unit 282, a feature extraction unit 283, an encryption unit 284, a feature data provision unit 285, a feature data acquisition unit 286, a decryption unit 287, a person authentication unit 288, and a lock control unit. 289.
  • the password authentication unit 281 performs password authentication.
  • the image acquisition unit 282 acquires an image of the user from the camera 302 .
  • the feature extractor 283 extracts facial feature data of the user from the video.
  • the encryption unit 284 encrypts facial feature data.
  • the encrypted face feature data is hereinafter referred to as "face feature data (encrypted)".
  • the feature data providing unit 285 provides face feature data (encrypted) to the smartphone terminal 100 and causes it to be held.
  • the feature data providing unit 285 causes the smartphone terminal 100 to register the valid user's feature data (encrypted).
  • the feature data acquisition unit 286 acquires face feature data (encrypted) from the smartphone terminal 100 .
  • the decryption unit 287 decrypts the face feature data (encrypted).
  • Person authentication unit 288 performs person authentication (for example, face authentication).
  • the lock control unit 289 controls the lock device 304 to unlock and lock.
  • the storage unit 240 stores a unique encryption key. Specifically, in the case of the common key cryptosystem (symmetric key cryptosystem), the common key is stored in the storage unit 240 . In the case of the public key cryptosystem (asymmetric key cryptosystem), the storage unit 240 stores a pair of encryption key and decryption key.
  • the common key cryptosystem symmetric key cryptosystem
  • the public key cryptosystem asymmetric key cryptosystem
  • the short-range wireless communication unit 250 controls short-range wireless communication with the smartphone terminal 100 .
  • the short-range wireless communication unit 250 has a transmitting unit 260 and a receiving unit 270 .
  • the transmission unit 260 transmits various data by short-range wireless communication.
  • the receiving unit 270 receives various data through short-range wireless communication.
  • the transmission unit 260 does not transmit a unique encryption key used for encryption and decryption of biometric feature data.
  • authentication device 200 does not output the unique encryption key stored in storage unit 240 and used in encryption unit 284 and decryption unit 287 to the outside. Therefore, the unique encryption key is kept secret.
  • FIG. 3 is a functional block diagram of the smart phone terminal 100 according to the first embodiment.
  • Smartphone terminal 100 includes user interface processing unit 110 , data processing unit 180 , data storage unit 140 , short-range wireless communication unit 150 and network communication unit 155 .
  • the user interface processing unit 110 receives user operations via a touch panel or the like, and is in charge of user interface processing such as image display and audio output.
  • the short-range wireless communication unit 150 takes charge of short-range wireless communication processing.
  • a network communication unit 155 is in charge of communication processing via a network.
  • the data storage unit 140 stores various data.
  • Data processing unit 180 performs various processes based on data input by user interface processing unit 110, data acquired by network communication unit 155 and short-range wireless communication unit 150, and data stored in data storage unit 140. Execute. Data processing unit 180 also functions as an interface for user interface processing unit 110 , data storage unit 140 , short-range wireless communication unit 150 and network communication unit 155 .
  • User interface processing unit 110 includes an input unit 120 that receives an operation input by a user, and an output unit 130 that presents information to the user.
  • Input unit 120 includes a reception unit 122 .
  • the accepting unit 122 accepts a user's operation.
  • Output unit 130 includes a display processing unit 132 .
  • the display processing unit 132 performs processing for displaying a screen, a message, and the like on the display of the smartphone terminal 100 .
  • the data processing unit 180 has a feature data acquiring unit 181 and a feature data providing unit 182.
  • the feature data acquisition unit 181 acquires and holds face feature data (encrypted) from the authentication device 200 . That is, the feature data acquisition unit 181 registers the valid user's face feature data (encrypted) in the data storage unit 140 of the smartphone terminal 100 .
  • the registered valid user's face feature data (encrypted) is an example of biometric feature data that has already been registered in the smartphone terminal 100 .
  • the feature data providing unit 182 provides the authentication device 200 with face feature data (encrypted) of the registered valid user.
  • the data storage unit 140 has a feature data storage unit 141.
  • the feature data storage unit 141 stores face feature data (encrypted).
  • the feature data storage unit 141 uses an area of a non-volatile storage device.
  • the short-range wireless communication unit 150 controls short-range wireless communication.
  • Near-field wireless communication section 150 has transmitting section 160 and receiving section 170 .
  • the transmission unit 160 transmits various data by short-range wireless communication.
  • the receiving unit 170 receives various data through short-range wireless communication.
  • the network communication unit 155 performs communication via a network (LAN (Local Area Network), mobile communication network, Internet, etc.).
  • Network communication unit 155 has a transmitting unit 165 and a receiving unit 175 .
  • the transmission unit 165 transmits various data through network communication.
  • the receiving unit 175 receives various data through network communication.
  • FIG. 4 is a diagram showing the initialization sequence in the first embodiment. First, as a premise, the operation in the initial setting mode for assigning face feature data (encrypted) to the smartphone terminal 100 will be described.
  • the short-range wireless communication unit 150 of the smartphone terminal 100 and the short-range wireless communication unit 250 of the authentication device 200 establish a connection. (S10).
  • S10 Short-range wireless communication
  • an existing technique widely used as NFC (Near field communication) may be used.
  • the display processing unit 132 displays the initial setting screen (S12).
  • the initial setting screen is a screen for initializing the smartphone terminal 100 .
  • the accepting unit 122 accepts the use password on the initial setting screen (S14).
  • the user password is a password for confirming that the user has unlocking authority. The password for use shall be notified to the resident (user) in advance.
  • the user password may be regarded as the administrator password for moving to the initial setting mode.
  • the reception unit 122 receives a usage start request by touching the usage start button on the initial setting screen (S16)
  • the transmission unit 160 of the smartphone terminal 100 transmits the usage password to the authentication device 200, and the authentication device
  • the receiving unit 270 of 200 receives the password for use (S18).
  • the password authentication unit 281 authenticates the user password (S20). If the user password is incorrect, the process ends at this stage. If the user password is correct, the process continues.
  • the image acquisition unit 282 of the authentication device 200 acquires the user's image captured by the camera 302 (S22).
  • the feature extraction unit 283 determines the facial area included in the video, and generates facial feature data based on the image of the facial area (S24).
  • the encryption unit 284 encrypts the generated facial feature data using its own unique encryption key (S26).
  • the feature data providing unit 285 of the authentication device 200 provides facial feature data (encrypted) to the smartphone terminal 100, and the feature data acquisition unit 181 of the smartphone terminal 100 acquires the facial feature data (encrypted) from the authentication device 200. (S28). Specifically, the transmitting unit 260 of the authentication device 200 transmits facial feature data (encrypted), and the receiving unit 170 of the smartphone terminal 100 receives the facial feature data (encrypted).
  • a mechanism for data transmission using this short-range wireless communication in addition to direct communication, communication via a network drive may be used. If it is a network drive, facial feature data (encrypted) is written as a predetermined file in a predetermined directory. Data transmission using short-range wireless communication is preferably secure communication.
  • facial feature data (encrypted) is generated in the authentication device 200 that controls unlocking and is provided to the smartphone terminal 100. ) and provided to the smartphone terminal 100 .
  • facial feature data (encrypted) is generated in the reception device and provided to the smartphone terminal 100 (see FIG. 9).
  • the feature data storage unit 141 of the smartphone terminal 100 stores the received face feature data (encrypted) (S30).
  • the display processing unit 132 displays a start notification screen notifying that the initial setting of the electronic key system has been completed and the use has started (S32). After that, when the smartphone terminal 100 moves away from the authentication device 200 and the communication distance between them increases beyond a predetermined distance, the short-range wireless communication unit 150 of the smartphone terminal 100 and the short-range wireless communication unit 250 of the authentication device 200 are connected. is disconnected (S34).
  • FIG. 5 is a diagram showing the automatic unlocking sequence in the first embodiment. Next, automatic unlocking operation in normal mode will be described.
  • the short-range wireless communication unit 150 of the smartphone terminal 100 and the short-range wireless communication unit 250 of the authentication device 200 establish a connection (S40).
  • the feature data acquisition unit 286 of the authentication device 200 automatically acquires facial feature data (encrypted) from the smartphone terminal 100 when the connection is established.
  • the feature data providing unit 182 of the smartphone terminal 100 provides the face feature data (encrypted) stored in the feature data storage unit 141 to the authentication device 200 (S42).
  • the transmitting unit 160 of the smartphone terminal 100 transmits facial feature data (encrypted)
  • the receiving unit 270 of the authentication device 200 receives the facial feature data (encrypted).
  • face feature data (encrypted) is read as a predetermined file in a predetermined directory. If the feature data acquisition unit 286 cannot acquire the face feature data (encrypted), the authentication device 200 finishes processing and is not unlocked. At this time, for example, the user may be prompted to perform an operation for registering face feature data (encrypted) in the smartphone terminal 100 .
  • the decryption unit 287 of the authentication device 200 decrypts the received facial feature data (encrypted) using a unique encryption key (S44). If the decryption unit 287 cannot decrypt the (encrypted) facial feature data, the authentication device 200 completes the process and is not unlocked.
  • the image acquisition unit 282 of the authentication device 200 acquires the user's image captured by the camera 302 (S46). Then, the person authentication unit 288 performs face authentication processing (S48). Specifically, person authentication section 288 determines a face area included in the video, and generates facial feature data based on the image of the face area. If the generated facial feature data matches the decrypted facial feature data, face authentication (an example of person authentication) is determined to be successful (OK). Authentication processing may be the same as in the conventional technology. If the face authentication is unsuccessful (NG), the authentication device 200 finishes processing and is not unlocked.
  • lock control unit 289 instructs the lock device 304 to unlock (S50). In response, lock device 304 unlocks.
  • the transmitting unit 260 of the authentication device 200 transmits the unlocking notification, and the receiving unit 170 of the smartphone terminal 100 receives the unlocking notification (S52).
  • the display processing unit 132 displays an unlock notification screen (S54).
  • the unlock notification screen displays that the door has been unlocked.
  • the smartphone terminal 100 may output the sound of the unlock notification.
  • the display of the unlock notification screen may be omitted.
  • the smartphone terminal 100 moves away from the authentication device 200 and the communication distance between them increases beyond a predetermined distance, the connection between the short-range wireless communication unit 150 of the smartphone terminal 100 and the short-range wireless communication unit 250 of the authentication device 200 is disconnected. (S56).
  • the lock control unit 289 instructs the lock device 304 to lock (S58).
  • the locking device 304 locks. Therefore, when the user goes out, the door is automatically locked. Also, when the user enters the house and leaves the front door, the door is automatically locked.
  • the lock control unit 289 may instruct the lock device 304 to lock when a certain period of time has elapsed from the time of unlocking, and the lock may be automatically performed.
  • a mode control unit (not shown) of the authentication device 200 may switch between an automatic mode in which automatic unlocking and automatic locking are performed and a non-automatic mode in which automatic unlocking and automatic locking are not performed.
  • the automatic mode may be switched to the non-automatic mode after a predetermined time has elapsed after the user enters the house, and the non-automatic mode may be switched to the automatic mode when the user leaves the house.
  • a mode control unit (not shown) of the authentication device 200 acquires the location information of the smartphone terminal 100 detected by the GPS (Global Positioning System) function from the smartphone terminal 100 to determine whether the user is at home or out. can be determined based on the location information.
  • GPS Global Positioning System
  • the display processing unit 132 When the short-range wireless communication unit 150 of the smartphone terminal 100 detects disconnection, the display processing unit 132 conveniently displays a lock notification screen (S62).
  • the lock notification screen displays that the door is locked. Since the connection is automatically locked when the connection is cut, there is no problem even if the process is performed assuming that it is locked.
  • the smartphone terminal 100 may output a lock notification sound. By this operation, the user can confirm that the door is locked even at a distance from the front door.
  • the display of the lock notification screen may be omitted.
  • Embodiment 1 it is conceivable to use a common key based on a common key cryptosystem (symmetric key cryptosystem) as an encryption key. Since the encryption key is not taken out of the authentication device 200, it cannot be handed over to a third party. Therefore, the risk of forgery of biometric feature data (encryption) using an encryption key or exploitation of biometric feature data through unauthorized decryption is extremely low.
  • a public key cryptosystem asymmetric key cryptosystem
  • the common key cryptosystem has a faster processing speed, so the user has to wait for unlocking in a shorter time.
  • Embodiment 1 may be applied to the door 306 of the company.
  • the authentication device 200 can complete the authentication operation by itself without cooperating with the server. In other words, authentication device 200 simply functions as a gateway. Since the authentication system does not store personal information such as facial feature data, there is no risk of personal information being leaked. This protects privacy and improves security.
  • FIG. 6 is a diagram showing an outline of an electronic key system 500a in Modification 1.
  • the hotel has multiple guest rooms, such as guest room A and guest room B.
  • the hotel also has a reception counter for users to perform check-in and check-out procedures.
  • An electronic key system 500a including a short-range wireless communication device 300a, a lock device 304a, a camera 302a, and an authentication device 200a is installed near the door 306 of guest room A, and a short-range wireless communication device is installed near the door 306 of guest room B. 300b, a lock device 304b, a camera 302b and an electronic key system 500b including an authentication device 200b.
  • the reception counter is provided with a reception device 400 that connects the short-range wireless communication device 300s and the camera 302s.
  • the authentication device 200a of guest room A, the authentication device 200b of guest room B, and the reception device 400 are connected via a LAN.
  • the reception device 400 and the camera 302s are preferably wired to prevent third party intervention. In this way, the reception system 502 including the short-range wireless communication device 300s, the camera 302s, and the reception device 400 and the electronic key system 500 of each guest room constitute an integrated system 504 connected via the LAN.
  • Biometric feature data (encrypted) is generated in the reception device 400 and given to the smartphone terminal 100 of the user.
  • the encryption key used for encrypting and decrypting the biometric feature data is unique to authentication devices 200a and 200b and differs depending on the cabin.
  • the encryption key for each room is updated each time a guest is assigned to that room. Therefore, a person who stayed the previous day will not enter the room after the staying period has passed.
  • the reception device 400 When allocating guests to the guest room A, the reception device 400 generates an encryption key for the authentication device 200a and transmits it to the authentication device 200a.
  • the reception device 400 when allocating guests to guest room B, the reception device 400 generates an encryption key for the authentication device 200b and transmits it to the authentication device 200b. As illustrated, the reception device 400 has encryption key management data that holds encryption keys in association with room numbers.
  • the authentication devices 200a and 200b use the encryption key received from the reception device 400 to decrypt the biometric feature data (encrypted) obtained from the smartphone terminal 100 of the user and perform face authentication of the user.
  • FIG. 7 is a functional block diagram of authentication devices 200a and 200b in Modification 1. As shown in FIG. 3 shows functional blocks added in Modification 1.
  • FIG. The data storage unit 240 has an encryption key storage unit 241 .
  • the encryption key storage unit 241 stores encryption keys.
  • the encryption key storage unit 241 uses an area of a non-volatile storage device.
  • the network communication unit 255 performs communication via a network (LAN, Internet, etc.).
  • Network communication unit 255 has a transmitting unit 265 and a receiving unit 275 .
  • the transmission unit 265 transmits various data through network communication.
  • the receiving unit 275 receives various data through network communication.
  • FIG. 8 is a functional block diagram of the reception device 400 in Modification 1.
  • the user interface processing section 410 has an input section 420 and an output section 430 .
  • the input unit 420 has a reception unit 422 .
  • the accepting unit 422 accepts user operations.
  • the output unit 430 has a display processing unit 432 .
  • the display processing unit 432 performs processing for displaying a screen, a message, etc. on the display of the reception device 400 .
  • the data processing section 480 has an encryption key generation section 481 , a video acquisition section 482 , a feature extraction section 483 , an encryption section 484 and a feature data provision section 485 .
  • the encryption key generator 481 generates encryption keys. In the case of common key cryptosystem (symmetric key cryptosystem), a common key is generated. In the case of public key cryptosystem (asymmetric key cryptosystem), a secret key for encryption and a public key for decryption are generated.
  • the image acquisition unit 482 acquires an image of the user from the camera 302s.
  • the feature extraction unit 483 extracts facial feature data of the user from the video.
  • the encryption unit 484 encrypts facial feature data.
  • the feature data providing unit 485 provides face feature data (encrypted) to the smartphone terminal 100 and causes it to be held. That is, the characteristic data providing unit 485 causes the smartphone terminal 100 to register the valid user's biometric characteristic data (encrypted).
  • the data storage unit 440 has an encryption key management data storage unit 441.
  • the encryption key management data storage unit 441 stores encryption key management data.
  • the encryption key management data storage unit 441 uses an area of a non-volatile storage device.
  • the short-range wireless communication unit 450 controls short-range wireless communication.
  • the short-range wireless communication unit 450 has a transmitting unit 460 and a receiving unit 470 .
  • the transmission unit 460 transmits various data by short-range wireless communication.
  • the receiving unit 470 receives various data through short-range wireless communication.
  • the network communication unit 455 performs communication via a network (LAN, Internet, etc.).
  • Network communication unit 455 has a transmitting unit 465 and a receiving unit 475 .
  • the transmission unit 465 transmits various data through network communication.
  • the receiving unit 475 receives various data through network communication.
  • FIG. 9 is a diagram illustrating an initial setting sequence in Modification 1.
  • a guest room is assigned to a user staying at the hotel.
  • the reception unit 422 receives input of the room number by the receptionist (S70).
  • the encryption key generator 481 generates a new encryption key corresponding to the guest room identified by the room number, and updates the encryption key management data (S72).
  • the transmission unit 465 of the reception device 400 transmits the new encryption key to the authentication devices 200a and 200b of the guest room (S74).
  • the encryption key storage unit 241 stores the new encryption key in place of the encryption key that has been stored (S76).
  • the short-range wireless communication unit 150 of the smartphone terminal 100 and the short-range wireless communication unit 450 of the reception device 400 establish a connection. (S78).
  • the image acquisition unit 482 of the reception device 400 acquires the image of the user captured by the camera 302s (S80).
  • the feature extraction unit 483 determines the facial area included in the video, and generates facial feature data based on the image of the facial area (S82).
  • the encryption unit 484 encrypts the generated facial feature data using the encryption key corresponding to the guest room assigned to the user (S84).
  • the feature data providing unit 485 of the reception device 400 provides the face feature data (encrypted) to the smartphone terminal 100 and stores it.
  • the characteristic data providing unit 485 causes the smartphone terminal 100 to register the valid user's biological characteristic data (encrypted).
  • the feature data acquisition unit 181 of the smartphone terminal 100 acquires face feature data (encrypted) (S86).
  • the transmitting unit 460 of the reception device 400 transmits facial feature data (encrypted), and the receiving unit 170 of the smartphone terminal 100 receives the facial feature data (encrypted).
  • the mechanism of data transmission using this short-range wireless communication is the same as that of the authentication device 200 .
  • the feature data storage unit 141 of the smartphone terminal 100 stores the received face feature data (encrypted) (S88).
  • the display processing unit 132 displays a start notification screen notifying that the initial setting of the electronic key system 500a is completed (S90). Then, when the smartphone terminal 100 moves away from the reception device 400 and the communication distance between them increases beyond a predetermined distance, the short-range wireless communication unit 150 of the smartphone terminal 100 and the short-range wireless communication unit 450 of the reception device 400 are connected. is disconnected (S92).
  • the automatic unlocking sequence is the same as in Embodiment 1 (Fig. 5).
  • the smartphone terminal 100 of the user holds face feature data (encryption) and an encryption key, and in the case of sending the encryption key from the smartphone terminal 100 to the reception apparatus 400 in advance, the initial You can omit the setting.
  • the encryption key of the guest should be held in the authentication device 200 of the guest room at the start of the use of the guest room.
  • the processes shown in S74 and S76 are performed before the guest room starts to be used. In this way, automatic unlocking becomes possible without initial setting at check-in.
  • the face feature data (encrypted) held in the smartphone terminal 100 may be shared by a plurality of authentication devices 200, and each authentication device 200 may individually authenticate the same user.
  • FIG. 10 is a diagram showing an outline of an electronic key system in modification 2.
  • office door 306 Similar to electronic key system 500c (including near field communication device 300c, camera 302c, locking device 304c and authentication device 200c) for home door 306, office door 306 also includes electronic key system 500d (including near field communication device). 300d, camera 302d, locking device 304d and authentication device 200d) are installed. However, it is not necessary to communicate between the home electronic key system 500c and the company electronic key system 500d. In other words, it distinguishes itself from systems that collectively manage data on networks (for example, cloud systems).
  • networks for example, cloud systems.
  • the user uses the home electronic key system 500c to automatically unlock the home door 306, and the company electronic key system 500d to automatically unlock the office door 306.
  • the smartphone terminal 100 of the user stores facial feature data (encrypted) provided by the home authentication device 200c.
  • the face feature data (encrypted) is decrypted using the encryption key held by the authentication device 200c of the home, and face authentication is performed. Is possible.
  • the office authentication device 200d if the office authentication device 200d does not know the encryption key used in the user's home, the face feature data (encrypted) in the smartphone terminal 100 cannot be decrypted. Can not. Therefore, it is necessary to convey the encryption key held by the authentication device 200c at home to the authentication device 200d at the company.
  • the encryption key of the authentication device 200c at home is held in the smartphone terminal 100 so that the encryption key in the smartphone terminal 100 can be read from the authentication device 200d at the company.
  • the company's authentication device 200d manages a different encryption key for each employee who comes to work. Therefore, the authentication device 200d holds the encryption key storage data.
  • the ID of the employee's smartphone terminal 100 (hereinafter referred to as “smartphone terminal ID”) is associated with the encryption key obtained from each smartphone terminal 100 .
  • the smartphone terminal ID may be a UDID (Unique Device Identifier), a serial number, a MAC address (Media Access Control address), an IP address (Internet Protocol address), or the like.
  • the company guarantees a high level of security in this way, it is considered that there is no problem even if the encryption key is continuously stored in the authentication device 200d. Rather, in the sense of enhancing the convenience of employees who come to work every day, it is more rational to hold encryption keys and enable high-speed authentication.
  • FIG. 11A is a functional block diagram of an authentication device 200d according to modification 2.
  • FIG. FIG. 10 shows functional blocks added in Modification 2.
  • FIG. A data processing unit 280 of the authentication device 200 d has a terminal ID acquisition unit 290 , an encryption key identification unit 291 and an encryption key acquisition unit 292 .
  • the terminal ID acquisition unit 290 acquires the smartphone terminal ID from the smartphone terminal 100 .
  • the encryption key identification unit 291 identifies the encryption key corresponding to the smartphone terminal ID.
  • the encryption key acquisition unit 292 acquires the encryption key from the smartphone terminal ID.
  • the data storage unit 240 of the authentication device 200d has an encryption key storage data storage unit 242.
  • the encryption key storage data storage unit 242 stores encryption key storage data.
  • the encryption key storage data storage unit 242 uses an area of a non-volatile storage device.
  • FIG. 11B is a functional block diagram of the smartphone terminal 100 according to Modification 2. As shown in FIG. FIG. 10 shows functional blocks added in Modification 2.
  • FIG. A data processing unit 180 of the smartphone terminal 100 has a terminal ID providing unit 183 and an encryption key providing unit 184 .
  • the terminal ID providing unit 183 provides the smartphone terminal ID to the authentication device 200d.
  • the encryption key providing unit 184 provides the encryption key to the authentication device 200d.
  • the data storage unit 140 of the smartphone terminal 100 has an encryption key storage unit 142.
  • the encryption key storage unit 142 stores encryption keys.
  • the encryption key storage unit 142 uses an area of a non-volatile storage device.
  • FIG. 12 is a diagram illustrating an initial setting sequence in Modification 2.
  • This initial setting is performed by the home electronic key system 500c.
  • the flow of processing up to S30 is the same as in the case of the first embodiment (FIG. 4).
  • the transmitting unit 260 of the authentication device 200c transmits an encryption key (common key or public key for decryption) necessary for decrypting the facial feature data (encrypted). to the smartphone terminal 100 (S100).
  • the encryption key storage unit 142 stores the received encryption key (S102).
  • the flow of processing after S32 is the same as in the case of the first embodiment (FIG. 4).
  • the automatic unlocking operation in the normal mode of the company's electronic key system 500d will be described, but the flow of processing differs between the first time and the second time onwards. Since the authentication device 200d does not know the encryption key at first, an operation to obtain it is necessary in the first processing. After the encryption key is obtained, that is, in the second and subsequent processes, the encryption key can be used. Therefore, there is no need to obtain the encryption key, which simplifies the operation.
  • FIG. 13 is a diagram showing a sequence of automatic unlocking (first time) in modification 2.
  • first time automatic unlocking
  • the terminal ID acquisition unit 290 of the authentication device 200d acquires the smartphone terminal ID from the smartphone terminal 100.
  • the terminal ID providing unit 183 of the smartphone terminal 100 provides the smartphone terminal ID to the authentication device 200d (S112). Specifically, the transmitting unit 160 of the smartphone terminal 100 transmits the smartphone terminal ID, and the receiving unit 270 of the authentication device 200d receives the smartphone terminal ID.
  • the smartphone terminal ID may be handed over by the network drive.
  • the encryption key identification unit 291 of the authentication device 200d determines whether the acquired smartphone terminal ID is set in the encryption key storage data. If the smartphone terminal ID is not set in the encryption key storage data, there is no encryption key corresponding to the smartphone terminal ID, so the encryption key specifying unit 291 determines that the encryption key is not saved. (S114). In this way, it is determined that the encryption key is not saved only for the first time.
  • the encryption key acquisition unit 292 of the authentication device 200d acquires the encryption key from the smartphone terminal 100.
  • the encryption key providing unit 184 of the smartphone terminal 100 provides the encryption key to the authentication device 200d.
  • This encryption key is taken from the home authentication device 200c as described above.
  • the transmitting unit 260 of the authentication device 200d transmits a request for the encryption key
  • the receiving unit 170 of the smartphone terminal 100 receives the request for the encryption key (S116).
  • the transmission unit 160 of the smartphone terminal 100 transmits the encryption key stored in the encryption key storage unit 142 .
  • the receiving unit 270 of the authentication device 200d receives this encryption key (S118).
  • a network drive may be used to deliver the encryption key.
  • the encryption key storage data storage unit 242 of the authentication device 200d associates the received encryption key with the smartphone terminal ID and includes it in the encryption key storage data (S120).
  • the processing after S46 is the same as in the first embodiment (FIG. 5). Note that the face feature data (encrypted) acquired in S42 is the face feature data (encrypted) registered in the smartphone terminal 100 by another authentication device (authentication device 200c at home).
  • FIG. 14 is a diagram showing the sequence of automatic unlocking (second and subsequent times) in modified example 2.
  • the processing of S110 and S112 is the same as in the case of FIG.
  • the encryption key identification unit 291 of the authentication device 200d determines whether the acquired smartphone terminal ID is set in the encryption key storage data. Specifically, when there is an encryption key corresponding to the smartphone terminal ID, the smartphone terminal ID is set in the encryption key storage data, and the encryption key specifying unit 291 refers to the encryption key storage data to determine whether the encryption key has been stored. determine whether or not (S130). In this way, in the second and subsequent determinations, it is determined that the encryption key has been saved.
  • the encryption key identification unit 291 identifies the encryption key associated with the smartphone terminal ID (S132).
  • the processing after S42 is the same as in the first embodiment (FIG. 5). Note that the face feature data (encrypted) acquired in S42 is the face feature data (encrypted) registered in the smartphone terminal 100 by another authentication device (authentication device 200c at home).
  • a public key cryptosystem (asymmetric key cryptosystem) may be adopted.
  • the authentication device 200c at home which encrypts the facial feature data, generates a private key for encryption and a public key for decryption by, for example, RSA (Rivest-Shamir-Adleman cryptosystem) cryptosystem.
  • a secret key is used when the facial feature data is encrypted by the authentication device 200c at home.
  • the authentication device 200c at home gives the public key for decryption to the smartphone terminal 100.
  • a company authentication device 200d that decrypts facial feature data (encrypted) that has not been generated by itself obtains a public key for decryption from the smartphone terminal 100, and uses the public key to decrypt the facial feature data (encrypted). Decrypt. In this way, the private key will not be leaked out, so it is possible to prevent a third party from generating face feature data (encrypted) on behalf of the authentication device 200c at home. In this way, using the public key cryptosystem (asymmetric key cryptosystem) can reduce risks compared to the common key cryptosystem (symmetric key cryptosystem).
  • Modification 3 In Modified Example 2, the face feature data (encrypted) held in the smartphone terminal 100 is also used in the company's electronic key system 500d. In Modified Example 3, an example in which face feature data (encrypted) is used in the same way in the hotel's electronic key system 500f will be described.
  • FIG. 15 is a diagram showing an outline of an electronic key system according to Modification 3.
  • the electronic key system 500f (the near field wireless communication device 300f, camera 302f, locking device 304f and authentication device 200f).
  • the reception system 502 including the short-range wireless communication device 300s, the camera 302s, and the reception device 400, and the electronic key system 500 in each guest room constitute an integrated system 504 connected via a LAN.
  • the authentication device 200f in the guest room acquires the encryption key from the smartphone terminal 100 and decrypts the face feature data (encrypted) obtained from the smartphone terminal 100, as in the second modification.
  • the encryption key is acquired and the encryption key used for decryption is immediately erased. To minimize the possibility of leakage of a cryptographic key by destroying the cryptographic key each time.
  • the hotel is used by unspecified people. Therefore, the number of encryption keys acquired by the authentication device 200f in the guest room is large. Therefore, the burden of safely managing the encryption key is large. If it turns out that the encryption keys have been leaked, it is difficult to grasp the situation of which encryption keys have been leaked and which encryption keys have not been leaked. On the other hand, users are also expected to stay at many hotels. Even if the user finds out that his or her encryption key has been leaked, it is difficult to find out from which hotel the encryption key leaked without contact from the hotel. In this way, if it is difficult to specify the extent of the damage and to clarify where the responsibility lies, it may lead to ambiguity, and the credibility of the electronic key system 500 may be shaken.
  • the modified example It is desirable to adopt a procedure such as 3 that the encryption key does not remain.
  • the reception device 400 since the authentication device 200f in the guest room uses the encryption key provided by the smartphone terminal 100, the reception device 400 does not need to generate the encryption key for each guest room as in Modification 1. However, it must be avoided that the authentication device 200f of the guest room is unlocked by the smartphone terminal 100 of a third party other than the guest. Therefore, the reception device 400 grasps the smartphone terminal ID of the guest and notifies it to the guest room authentication device 200f as an appropriate smartphone terminal ID. The electronic key system 500 of each guest room automatically unlocks only the smartphone terminal 100 of each guest. The guest's smartphone terminal ID is associated with the room number in the user terminal management data held by the reception device 400 .
  • the smartphone terminal 100 accepts the user's operation to approve the provision of the encryption key and then transmits it. If the user refuses to provide the encryption key, it can be used according to Modification 1 described above.
  • FIG. 16A is a functional block diagram of an authentication device 200f in modification 3.
  • FIG. FIG. 10 shows functional blocks added in Modified Example 3.
  • FIG. A data processing unit 280 of the authentication device 200f has a terminal determination unit 293 and an encryption key deletion unit 294 .
  • the terminal determination unit 293 determines whether or not the read smartphone terminal ID matches the smartphone terminal ID of the guest stored in advance.
  • the encryption key deletion unit 294 deletes the temporarily stored encryption key.
  • the data storage unit 240 of the authentication device 200f has a terminal ID storage unit 243 and an encryption key temporary storage unit 244.
  • the terminal ID storage unit 243 stores terminal IDs.
  • the terminal ID storage unit 243 uses an area of a non-volatile storage device.
  • the cryptographic key temporary storage unit 244 temporarily stores cryptographic keys.
  • the encryption key temporary storage unit 244 may use a volatile storage area.
  • FIG. 16B is a functional block diagram of the reception device 400 according to Modification 3. As shown in FIG. FIG. 10 shows functional blocks added in Modified Example 3.
  • FIG. The data processing unit 480 of the reception device 400 has a terminal ID acquisition unit 486 .
  • the terminal ID acquisition unit 486 acquires the smartphone terminal ID from the smartphone terminal 100 .
  • the data storage unit 440 of the reception device 400 has a usage terminal management data storage unit 442 .
  • the used terminal management data storage unit 442 stores used terminal management data.
  • the used terminal management data storage unit 442 uses an area of a non-volatile storage device.
  • the initialization sequence in the electronic key system 500e at home is the same as in Modification 2 (FIG. 12).
  • FIG. 17 is a diagram showing a sequence for acquiring a guest's smartphone terminal ID in Modification 3. As shown in FIG. In Modified Example 3, at the time of check-in, the reception device 400 acquires the ID from the smartphone terminal 100 of the guest (user), that is, the user's smartphone terminal ID.
  • the reception unit 422 receives input of a room number by a receptionist.
  • the short-range wireless communication unit 150 of the smartphone terminal 100 and the short-range wireless communication unit 450 of the reception device 400 establish a connection. (S142).
  • the terminal ID acquisition unit 486 of the reception device 400 of the reception device 400 acquires the smartphone terminal ID from the smartphone terminal 100 .
  • the terminal ID providing unit 183 of the smartphone terminal 100 provides the smartphone terminal ID to the reception device 400 (S144). Specifically, the transmission unit 160 of the smartphone terminal 100 transmits the smartphone terminal ID, and the reception unit 470 of the reception device 400 receives the smartphone terminal ID.
  • the used terminal management data storage unit 442 of the reception device 400 associates the acquired smartphone terminal ID of the user with the room number and includes it in the used terminal management data (S146).
  • the transmission unit 465 of the reception device 400 transmits the smartphone terminal ID of the user to the authentication device 200f corresponding to the room number.
  • the reception unit 275 of the authentication device 200f in the guest room receives the smartphone terminal ID of the user (S148).
  • the terminal ID storage unit 243 stores the smartphone terminal ID of the user (S150).
  • the transmission unit 465 of the reception device 400 transmits the room number to the smartphone terminal 100 (S152).
  • the reception unit 175 of the smartphone terminal 100 receives the room number, and the data storage unit 140 stores the received room number (S154).
  • FIG. 18 is a diagram showing an automatic unlocking sequence in Modification 3. As shown in FIG. When the user approaches the door 306 of the guest room and the smartphone terminal 100 approaches the short-range wireless communication device 300f, the short-range wireless communication unit 150 of the smartphone terminal 100 and the short-range wireless communication unit 250 of the authentication device 200f A connection is established (S160).
  • the terminal ID acquisition unit 290 of the authentication device 200f acquires the smartphone terminal ID from the smartphone terminal 100.
  • the terminal ID providing unit 183 of the smartphone terminal 100 provides the smartphone terminal ID and the room number to the authentication device 200f (S162). Specifically, the transmission unit 160 of the smartphone terminal 100 transmits the smartphone terminal ID and the room number, and the reception unit 270 of the authentication device 200f receives the smartphone terminal ID and the room number.
  • the terminal determination unit 293 determines whether the acquired room number matches the room number of the guest room, and furthermore, the acquired smartphone terminal ID matches the smartphone terminal ID of the user stored in the terminal ID storage unit 243. It is determined whether or not (S164). If the acquired room number does not match the room number of the guest room, or if the acquired smartphone terminal ID does not match the user's smartphone terminal ID, it means that the smartphone terminal 100 of a third party other than the guest has been detected. means In that case, the authentication device 200f is not unlocked. If the obtained room number does not match the room number of the guest room, the transmission unit 260 of the authentication device 200f may transmit an error notification including a message such as "the room is incorrect" to the smartphone terminal 100. good. In that case, the receiving unit 175 of the smartphone terminal 100 receives the error notification, and the display processing unit 132 of the smartphone terminal 100 displays the message included in the error notification on the display.
  • the encryption key acquisition unit 292 of the authentication device 200f performs processing to acquire the encryption key from the smartphone terminal 100 of the guest. Therefore, the transmission unit 260 of the authentication device 200f transmits a request for the encryption key to the smartphone terminal 100.
  • FIG. When the reception unit 170 of the smartphone terminal 100 receives the request for the encryption key (S166), the display processing unit 132 performs processing for displaying an approval/disapproval screen (S168).
  • the approval/disapproval screen is a screen for asking the guest (user) whether or not to provide the encryption key.
  • the reception unit 122 of the smartphone terminal 100 receives an operation of refusal.
  • the transmission unit 160 of the smartphone terminal 100 transmits a refusal of providing the encryption key to the authentication device 200f, and the smartphone terminal 100 and the authentication device 200f complete the process and are not unlocked. It is also possible to ask the guest (user) whether or not to provide the encryption key by other means such as e-mail.
  • the reception unit 122 of the smartphone terminal 100 receives the approval operation (S170).
  • the transmission unit 160 of the smartphone terminal 100 transmits the encryption key stored in the encryption key storage unit 142.
  • the receiving unit 270 of the authentication device 200f receives this encryption key (S172).
  • the encryption key acquisition unit 292 temporarily stores the acquired encryption key in the encryption key temporary storage unit 244 (S174).
  • the feature data acquisition unit 286 of the authentication device 200f acquires facial feature data (encrypted) registered in the smartphone terminal 100 by another authentication device (authentication device 200e at home) (S42).
  • the decryption unit 287 of the authentication device 200f decrypts the acquired facial feature data (encrypted) using the temporarily stored encryption key. After the decryption is finished, the encryption key erasure unit 294 erases the encryption key stored in the encryption key temporary storage unit 244 (S176). The processing after S46 is the same as in the first embodiment (FIG. 5).
  • Modification 4 describes a multiple authentication method that combines a plurality of authentications.
  • the authentication device 200 that performs multiple authentication also takes into consideration the results of authentication previously performed by other authentication devices 200 . Multiple authentication is successful (OK) when both pre-authentication and main authentication are successful (OK).
  • FIG. 19 is a diagram showing an outline of an electronic key system according to Modification 4.
  • office door 306 Similar to electronic key system 500c (including near field communication device 300c, camera 302c, locking device 304c and authentication device 200c) for home door 306, office door 306 also includes electronic key system 500d (including near field communication device). 300d, camera 302d, locking device 304d and authentication device 200d) are installed. This configuration is similar to that of modification 2 (FIG. 10).
  • the user uses the company's electronic key system 500d when coming to work in the morning, and uses the company's electronic key system 500d when returning home in the evening.
  • face authentication by the home authentication device 200c is pre-authentication
  • face authentication by the office authentication device 200d is main authentication.
  • face authentication is performed by the company's authentication device 200d in the morning, it is confirmed whether the face authentication was successful (OK) by the home authentication device 200c in the evening of the previous day. Then, when both face authentications are successful (OK), user authentication (personal authentication for personal identification) in the company's authentication device 200d becomes successful (OK), and the company's door 306 is unlocked. .
  • FIG. 20A is a functional block diagram of a home authentication device 200c in modification 4. As shown in FIG. FIG. 11 shows functional blocks added in Modification 4.
  • FIG. The data processing unit 280 of the authentication device 200 c has a pre-authentication result providing unit 295 .
  • the pre-authentication result providing unit 295 provides the smartphone terminal 100 with the pre-authentication result.
  • FIG. 20B is a functional block diagram of a company authentication device 200d in Modification 4. As shown in FIG. FIG. 11 shows functional blocks added in Modification 4.
  • FIG. The data processing unit 280 of the authentication device 200 d has a pre-authentication result acquisition unit 296 and a pre-authentication confirmation unit 297 .
  • a pre-authentication result acquisition unit 296 acquires a pre-authentication result from the smartphone terminal 100 .
  • the pre-authentication confirmation unit 297 confirms that the pre-authentication was successful (OK).
  • FIG. 20C is a functional block diagram of the smartphone terminal 100 according to Modification 4. As shown in FIG. FIG. 11 shows functional blocks added in Modification 4.
  • FIG. The data processing unit 180 of the smartphone terminal 100 has a pre-authentication result acquiring unit 185 and a pre-authentication result providing unit 186 .
  • the pre-authentication result acquisition unit 185 acquires the pre-authentication result from the authentication device 200c.
  • the pre-authentication result providing unit 186 provides the pre-authentication result to the authentication device 200d.
  • the data storage unit 140 of the smartphone terminal 100 has a pre-authentication result storage unit 143.
  • the pre-authentication result storage unit 143 stores the pre-authentication result.
  • the pre-authentication result storage unit 143 uses an area of a non-volatile storage device.
  • FIG. 21 is a diagram showing an automatic unlocking sequence in the home authentication device 200c. Modification 2 will be used as a basis for the description.
  • the processing up to S48 is the same as in the second modification.
  • the pre-authentication result providing unit 295 of the home authentication device 200c provides the smartphone terminal 100 with the pre-authentication result.
  • the pre-authentication result includes an authentication device ID, authentication date and time, and success.
  • the authentication device ID is information that can identify that the authentication location is the home. Success indicates the judgment result.
  • the face authentication is unsuccessful (NG)
  • the determination result includes unsuccessful.
  • the pre-authentication result acquisition unit 185 of the smartphone terminal 100 acquires the pre-authentication result from the home authentication device 200c (S180). Specifically, the transmitting unit 260 of the authentication device 200c transmits the pre-authentication result, and the receiving unit 170 of the smartphone terminal 100 receives the pre-authentication result.
  • the pre-authentication result storage unit 143 of the smartphone terminal 100 stores the pre-authentication result (S182). The pre-authentication result may be handed over by a network drive.
  • the processing after S50 is the same as in the second modification.
  • FIG. 22 is a diagram showing an automatic unlocking sequence in the company's authentication device 200d. Modification 2 will be used as a basis for the description. The processing up to S48 is the same as in the second modification. Here, it is assumed that the face authentication is successful (OK) in the process of S48.
  • the pre-authentication result acquisition unit 296 of the company's authentication device 200d acquires from the smartphone terminal 100 the pre-authentication result of the other authentication device (home authentication device 200c).
  • the pre-authentication result providing unit 186 of the smartphone terminal 100 provides the pre-authentication result to the authentication device 200d of the company (S190).
  • transmitting unit 160 of smartphone terminal 100 transmits the pre-authentication result stored in pre-authentication result storage unit 143 .
  • the receiving unit 270 of the authentication device 200d receives the pre-authentication result.
  • the pre-authentication confirmation unit 297 confirms the acquired pre-authentication result (S192). Specifically, the pre-authentication confirmation unit 297 determines whether or not the pre-authentication result includes a predetermined authentication device ID corresponding to a predetermined location (home in this example). If the predetermined authentication device ID is not included, the pre-authentication confirmation unit 297 fails the multiple authentication (NG). If the predetermined authentication device ID is included, pre-authentication confirmation unit 297 determines whether or not the authentication date and time corresponding to the predetermined authentication device ID is included in a predetermined period (for example, the evening hours of the previous day). judge. If the date and time of authentication are not included in the predetermined period, the pre-authentication confirmation unit 297 fails the multiple authentication (NG).
  • NG multiple authentication
  • pre-authentication confirmation unit 297 determines that the determination result corresponding to the predetermined authentication device ID is unsuccessful (NG). Authentication is unsuccessful (NG). On the other hand, if the determination result is successful (OK), pre-authentication confirmation section 297 determines that multiple authentication is successful (OK). It is assumed that the predetermined authentication device ID and the predetermined period are set in advance.
  • the smartphone terminal 100 holds face feature data (encrypted) encrypted with the encryption key of the authentication device 200c and face feature data (encrypted) encrypted with the encryption key of the authentication device 200d. will do.
  • authentication since authentication is performed using two types of encryption keys, fraudulent acts such as forgery by a third party become more complicated, and as a result, authentication accuracy can be improved.
  • both the authentication device 200 and the smartphone terminal 100 record a visit history regarding a user (hereinafter sometimes referred to as a “visitor”) who uses the electronic key system at the visited destination.
  • the authentication device 200 confirms that the visitor has the same smartphone terminal 100 by comparing the visit history on the smartphone terminal 100 side with the visit history on the authentication device 200 side.
  • a visitor is, for example, a company, and a visitor is, for example, a trader.
  • FIG. 23 is a diagram showing an outline of an electronic key system in modification 5.
  • An electronic key system 500g (including a near field communication device 300g, a camera 302g, a lock device 304g and an authentication device 200g) is installed at the company door 306 .
  • the authentication device 200g holds device-side visit history. In the device-side visit history, visit date and time are stored in association with the visitor's smartphone terminal ID. According to the illustrated record, the company in which the authentication device 200g with the authentication device ID: M1 is installed receives two visits from the user with the smartphone terminal ID: SP1, and the user with the smartphone terminal ID: SP2 I have been visited twice.
  • the smartphone terminal 100 retains the terminal-side visit history.
  • the date and time of the visit are stored in association with the authentication device ID of the electronic key system 500 used.
  • a user with a smartphone terminal ID: SP1 visited twice a company where an authentication device 200g with an authentication device ID: M1 was installed, and there was an authentication device 200 with an authentication device ID: M2. I have visited the company twice.
  • the terminal-side visit history is generated based on the authentication results obtained from each authentication device 200 .
  • the authentication device 200g acquires the terminal-side visit history from the smartphone terminal 100 and checks it against the device-side visit history held by itself.
  • the visit date and time recorded on the visitor side: 2021/1/1 10:00 and the visit date and time: 2021/1/2 11:00 match the visit date and time recorded on the company side.
  • the visit dates and times are different, there is a possibility that fraudulent acts such as forging of the smartphone terminal ID have been performed by the remodeling device, so user authentication is unsuccessful (NG) and the lock is not unlocked.
  • the visit date and time in the visit history indicates the authentication date and time when user authentication was successful (OK).
  • a visit history is thus an example of an authentication history.
  • the later-described visit history storage unit 144 is an example of an authentication history storage unit
  • the visit history providing unit 187 is an example of an authentication history providing unit
  • the visit history storage unit 245 is an example of an authentication history storage unit
  • visit history acquisition is performed.
  • a unit 298 is an example of an authentication history acquisition unit.
  • FIG. 24A is a functional block diagram of an authentication device 200g in modification 5.
  • FIG. FIG. 10 shows functional blocks added in Modified Example 5.
  • FIG. The data processing unit 280 of the authentication device 200g has a visit history acquisition unit 298 and a visit history comparison unit 299.
  • FIG. The visit history acquisition unit 298 acquires terminal-side visit history from the smartphone terminal 100 .
  • the visit history collation unit 299 collates visit histories.
  • the data storage unit 240 of the authentication device 200g has a visit history storage unit 245.
  • the visit history storage unit 245 stores device-side visit history.
  • the visit history storage unit 245 uses an area of a non-volatile storage device.
  • FIG. 24B is a functional block diagram of the smartphone terminal 100 according to Modification 5. As shown in FIG. FIG. 10 shows functional blocks added in Modified Example 5.
  • FIG. The data processing unit 180 of the smartphone terminal 100 has a visit history providing unit 187 .
  • the visit history providing unit 187 provides the terminal-side visit history to the authentication device 200g.
  • the data storage unit 140 of the smartphone terminal 100 has a visit history storage unit 144.
  • the visit history storage unit 144 stores terminal-side visit history.
  • the visit history storage unit 144 uses an area of a non-volatile storage device.
  • FIG. 25 is a diagram showing an automatic unlocking sequence in modification 5. As shown in FIG. When the visitor approaches the office door 306 and the smartphone terminal 100 approaches the short-range wireless communication device 300g, the short-range wireless communication unit 150 of the smartphone terminal 100 and the short-range wireless communication unit 250 of the authentication device 200g A connection is established (S200).
  • the terminal ID acquisition unit 290 of the authentication device 200g acquires the smartphone terminal ID from the smartphone terminal 100.
  • the terminal ID providing unit 183 of the smartphone terminal 100 provides the smartphone terminal ID to the authentication device 200g (S202). Specifically, the transmitting unit 160 of the smartphone terminal 100 transmits the smartphone terminal ID, and the receiving unit 270 of the authentication device 200g receives the smartphone terminal ID.
  • the smartphone terminal ID may be handed over by the network drive.
  • the visit history providing unit 187 of the smartphone terminal 100 provides the terminal-side visit history to the authentication device 200g.
  • the visit history acquisition unit 298 of the authentication device 200g acquires the terminal-side visit history from the smartphone terminal 100 (S204). Specifically, the transmission unit 160 of the smartphone terminal 100 transmits the terminal-side visit history.
  • the receiving unit 270 of the authentication device 200g receives the terminal-side visit history.
  • the terminal side visit history may be handed over by a network drive.
  • the terminal-side visit history is an example of a first visit history including the date and time of authentication using this smartphone terminal 100 .
  • the visit history checking unit 299 checks the visit history (S206). Specifically, the visit history collating unit 299 extracts the visit date and time corresponding to the authentication device ID: M1 of the authentication device 200g from the terminal-side visit history. The visit history matching unit 299 further extracts the visit date and time corresponding to the smartphone terminal ID: SP1 acquired in S202 from the device-side visit history. If the visit date and time extracted from the terminal-side visit history and the visit date and time extracted from the device-side visit history match, the collation is successful (OK), and the authentication device 200g continues processing. On the other hand, if the two visit dates and times do not match, the collation is unsuccessful (NG). In this case, the authentication device 200g finishes processing and is not unlocked.
  • the device-side visit history is an example of a second visit history including the date and time of authentication by the authentication device 200g.
  • S208-S214 The processing of S208-S214 is the same as the case of S42-S48 of FIG. 5 described in the first embodiment.
  • the transmitting unit 260 of the authentication device 200g transmits a success notification (including the authentication device ID and the visit date and time) to the smartphone terminal 100 (S216).
  • the reception unit 170 of the smartphone terminal 100 receives the success notification (including the authentication device ID and the visit date and time).
  • the visit history storage unit 144 of the smartphone terminal 100 the authentication device ID and the visit date and time received in the success notification are added to the terminal-side visit history (S218).
  • the smartphone terminal ID and the visit date and time acquired in S202 are added to the device-side visit history (S220).
  • the processing after S222 is the same as the case after S50 in FIG. 5 described in the first embodiment.
  • FIG. 26 is a diagram showing the configuration of an electronic key system according to Modification 6. As shown in FIG. In the first embodiment and the modified example described above, as shown in FIG. Alternatively, the camera 302 may be provided inside the authentication device 200 , that is, inside the housing of the authentication device 200 .
  • the authentication device 200 and the smartphone terminal 100 (an example of an electronic ), communication between the authentication device 200 and the smartphone terminal 100 may be performed via the server 600 as shown in FIG.
  • Authentication device 200 connects to server 600 via the first network.
  • Smartphone terminal 100 connects to server 600 via the second network.
  • the first network is, for example, LAN or Internet.
  • the second network is, for example, LAN or Internet.
  • the first network and the second network may be the same or different.
  • the server 600 transfers the data received from the authentication device 200 to the smart phone terminal 100 .
  • the server 600 also transfers data received from the smartphone terminal 100 to the authentication device 200 .
  • the camera 302 may be provided inside the authentication device 200 and communication may be performed via the short-range wireless communication device 300.
  • the camera 302 may be provided outside the authentication device 200, and communication may be performed via a server.
  • a person may be authenticated by some facial features.
  • iris authentication may be performed.
  • iris feature data is extracted from a captured image of the holder of the smartphone terminal 100, and compared with the iris feature data of the authorized user to determine whether they are the same person.
  • a person may be authenticated based on the features of a part of the body other than the face.
  • vein authentication may be performed.
  • the vein feature data is extracted from the captured image of the holder, and compared with the vein feature data of the valid user to determine whether it is the same person.
  • Body type authentication may also be performed.
  • the body type feature data is extracted from the captured image of the holder and compared with the body type feature data of the authorized user to determine whether or not they are the same person.
  • fingerprint authentication may be performed.
  • a fingerprint reader is used instead of the camera 302 .
  • a fingerprint reader extracts the fingerprint feature data of the holder and compares it with the fingerprint feature data of a valid user to determine whether the person is the same person.
  • a person may be authenticated not only by still images but also by moving images. For example, a person may be authenticated by characteristics of a user's actions (walking, etc.).
  • action feature data is extracted from a moving image of the holder and compared with the action feature data of a valid user to determine whether or not they are the same person.
  • a person may be authenticated by voice instead of video.
  • a person may be authenticated by the voice characteristics of the holder.
  • a microphone is used instead of the camera 302 .
  • Voice feature data is extracted from the owner's voice input by a microphone, and compared with the voice feature data of a valid user to determine whether the person is the same person.
  • Voice feature data includes utterance and pronunciation features.
  • the facial feature data, iris feature data, vein feature data, body feature data, fingerprint feature data, action feature data, and voice feature data described above are examples of biometric feature data representing physiological features of a person.
  • face image data iris image data
  • vein image data body shape (overall appearance) image data
  • fingerprint image data moving image data showing actions of a person
  • audio data of a person's voice is 3 is an example of biometric authentication data used for biometric authentication based on the physiological characteristics of the body.
  • the smartphone terminal 100 is an example of an electronic device.
  • An electronic device other than the smartphone terminal 100 may be used.
  • the electronic device may be, for example, a portable device such as a card-type device, a key-type device, a tablet terminal, or a notebook computer.
  • the camera 302 and fingerprint reader are examples of video input devices.
  • a microphone is an example of an audio input device.
  • the video acquisition unit 482 is an example of a video/audio acquisition unit that acquires the video or audio of the holder of the electronic device from the video or audio input device.
  • the image of the holder includes not only an image showing the whole body but also an image showing a part of the body such as a face image, an iris image, a fingerprint image, and a vein image.
  • the image of the holder may be a still image or a moving image.
  • a voice acquisition unit that acquires a person's voice, that is, a voice may be used instead of the video acquisition unit 482 .
  • These images and sounds are examples of biometric authentication data.
  • the biometric authentication data is data that includes a biometric feature of an individual and is a source of extraction of the biometric feature data.
  • biometric authentications may be combined for personal authentication. Any combination of the above biometrics may be used. For example, face recognition and voice recognition may be combined. If a plurality of authentication methods are used to confirm that the person is the same person, the accuracy of person authentication increases. In addition, by not disclosing which type of authentication method is being used, spoofing can be made more difficult. Even if it can be inferred that it is based on the video, it is not possible to determine from the outside whether face authentication is being performed or body type authentication is being performed, so it is not known what disguise should be used to impersonate. A plurality of authentication methods may be used, and an authentication method may be selectively designated when the authentication device 200 authenticates a person. If the authentication method is changed each time, impersonation becomes even more difficult.
  • an example of lock control in the electronic key system 500 is shown as an application for personal authentication. That is, the electronic key system 500 is shown as an example of the personal authentication system.
  • the above-described person authentication technology may be applied to other uses. By applying this personal authentication technology, it is possible to automatically confirm that the person present at the scene is the original smartphone user (legitimate user) in a scene where personal authentication is required.
  • this technology may be used to perform personal authentication before the electronic payment is made.
  • the personal authentication system may be an electronic payment system.
  • this technology may be applied to confirm the identity of a person in public procedures such as issuing a certificate or taking a qualification test.
  • the personal authentication system may be a certificate issuing system or an examinee checking system.
  • the user When the user selects a product and expresses his or her intent to purchase, the user is automatically authenticated, and electronic payment processing can be started.
  • procedures such as product shipping can be automated.
  • payment procedures can be simplified when using services such as eating and drinking.
  • the person who receives the service agrees to the billed amount, the person can be automatically authenticated and electronic payment can be processed. For example, if it is arranged that the user agrees to the billed amount by looking at the billed amount presented after the meal, the payment can be made by the electronic settlement means even if the user leaves the store.
  • plaintext facial feature data may be used instead of the facial feature data (encrypted) described in the first embodiment and the modified example.
  • plaintext biometric feature data may be used instead of encrypted biometric feature data.
  • the authentication server designates some of a plurality of types of personal information data (for example, biometric information) registered in advance in the user terminal, and the personal information data collected in the user terminal is registered in advance. Biometric authentication is performed to determine whether or not the personal information data matches the personal information data.
  • biometric information data for example, biometric information
  • the authentication server randomly specifies personal information data to be used for biometric authentication. As the personal information data, it is desirable to adopt data showing characteristics that are difficult to change due to cosmetic surgery or processing by a third party.
  • FIG. 27 is a diagram showing an outline of an authentication system according to the second embodiment.
  • the user terminal 700 is, for example, a smart phone, a tablet terminal, a node type personal computer, a personal computer, or the like.
  • User terminal 700 is connectable to the Internet.
  • the authentication server 800 and company server 900 are connected to the Internet.
  • the user terminal 700 has a collection unit 702 , a communication unit 704 , a control unit 706 and a storage unit 708 .
  • the collection unit 702 collects biometric information (example of personal information data).
  • a communication unit 704 communicates via the Internet.
  • a control unit 706 controls various processes.
  • a storage unit 708 stores various data.
  • the storage unit 708 has a biometric information storage unit 710 that stores biometric information.
  • the biometric information storage unit 710 is provided in a secret area that cannot be read or written except for application processing.
  • the authentication server 800 has a biometric information selection unit 802 , a communication unit 804 and an authentication unit 806 .
  • the biometric information selection unit 802 selects one type from a plurality of biometric information types. The type of biometric information may also be called an "item".
  • the biometric information selection unit 802 randomly selects the type of biometric information so that it cannot be predicted.
  • a communication unit 804 communicates via the Internet.
  • the authentication unit 806 performs various types of biometric authentication for each type of a plurality of biometric information.
  • the company server 900 is an example of a web server that provides web services.
  • corporate server 900 implements a corporate website. It is assumed that user authentication using biometric authentication is performed when a user uses the user terminal 700 to log in to a company's website. However, the biometric authentication process is executed by the authentication server 800 instead of the company server 900 .
  • FIG. 28 is a diagram showing a biometric information registration sequence according to the second embodiment.
  • the communication unit 704 of the user terminal 700 transmits the service application to the company server 900 (S300).
  • the company server 900 that has received the service application issues a registration URL and transmits it to the user terminal 700 (S302).
  • the registration URL is the address of authentication server 800 .
  • the communication unit 704 of the user terminal 700 accesses the authentication server 800 according to the received registration URL (S304).
  • the communication unit 804 of the authentication server 800 that has accepted the access to the registration URL transmits a biometric information registration request to the user terminal 700 (S306).
  • the biometric information registration request includes a message prompting collection of multiple types of biometric information. For example, "Please take a picture of your right eye.”, “Please take a picture of your face.”, “Please take a picture of your palm.”, “Please take a picture of your shoulder.”, "Please take a picture of your right ear.” and "Sing your favorite song” prompts collection of various types of biometric information.
  • the collection unit 702 of the user terminal 700 sequentially outputs messages while taking pictures (still images/videos) and recording (S308).
  • the multiple types of collected biometric information are stored in the biometric information storage unit 710 provided in the secret area (S310).
  • the data stored in the secret area can be rewritten only by an application, and cannot be arbitrarily replaced by the user.
  • the communication unit 704 of the user terminal 700 transmits a biometric information registration completion notification to the authentication server 800 (S312).
  • the authentication unit 806 of the authentication server 800 issues a new user ID (S314).
  • the communication unit 804 of the authentication server 800 transmits a service acceptance completion notification including the user ID to the company server 900 (S316).
  • the company server 900 sends the received service acceptance completion (including user ID notification) to the user terminal 700 (S318).
  • FIG. 29 is a diagram showing a sequence at service start in the second embodiment.
  • a service start request is transmitted from the control unit 706 of the user terminal 700 to the communication unit 704 based on a user instruction or application operation
  • the communication unit 704 of the user terminal 700 sends a service execution request (including a user ID). is sent to the company server 900 (S330).
  • the company server 900 Upon receiving the service execution request, the company server 900 transmits an authentication request (including the user ID) to the authentication server 800 (S332).
  • the biometric information selection unit 802 of the authentication server 800 selects multiple types of biometric information (S334). In this example, the biometric information selection unit 802 selects 4 types out of 16 types.
  • the communication unit 804 of the authentication server 800 transmits an item (type of biometric information) extraction request to the biometric information selection unit 802 .
  • the biological information selection unit 802 randomly selects items. Then, the selected item is transmitted from the biometric information selection unit 802 to the communication unit 804 .
  • the communication unit 804 of the authentication server 800 transmits notification of each selected item (type of biometric information) to the user terminal 700 (S336).
  • the notification for each item includes a message prompting collection of the respective biometric information. If the selected item is the iris image data of the right eye, the message "Please reflect the right eye" is included.
  • the communication unit 804 of the authentication server 800 notifies the user terminal 700 of four randomly selected items.
  • the collection unit 702 of the user terminal 700 collects biometric information for each item.
  • the user's right eye is photographed using the in-camera of the user terminal 700 (S338).
  • the communication unit 704 of the user terminal 700 transmits the biometric information collected for each item and the biometric information of the same type stored in the biometric information storage unit 710 as a pair to the authentication server 800 (S340). For example, the captured image of the right eye and the stored right eye image are sent.
  • the authentication unit 806 of the authentication server 800 performs biometric authentication processing based on the biometric information collected for each item and the stored biometric information. It does (S344).
  • the biometric authentication process may be a conventional method. If the biometric authentication is successful (OK) for each item, the authentication unit 806 determines that the biometric authentication as a whole is successful (OK). On the other hand, if the biometric authentication is unsuccessful (NG) for even one item, the authentication unit 806 determines that the biometric authentication as a whole is unsuccessful (NG).
  • the biometric authentication results of other items may be taken into consideration for determination, instead of making a determination based solely on the unsuccessful (NG) biometric authentication of one item. That way, accidental errors can be ruled out.
  • the communication unit 804 of the authentication server 800 sends an error notification indicating that the biometric authentication was unsuccessful (NG) to the user terminal. 700 and company server 900 (S348).
  • the communication unit 804 of the authentication server 800 transmits a notification of authentication success to the company server 900 (S350).
  • the company server 900 Upon receiving the notification of successful authentication, the company server 900 transmits an instruction to display the menu screen to the user terminal 700 (S352). As a result, the user terminal 700 displays a service menu screen on the corporate site.
  • the authentication server 800 guides the biometric information registration for the user terminal 700, but in the seventh modification, the company server 900 guides the biometric information registration.
  • FIG. 30 is a diagram showing a biometric information registration sequence in Modification 7.
  • the service application process (S300) and the registration URL issuance process (S302) are the same as in the second embodiment (FIG. 28).
  • the registration URL is the address of the company server 900 .
  • the communication unit 704 of the user terminal 700 accesses the company server 900 according to the received registration URL (S304).
  • the communication unit (not shown) of the company server 900 that has accepted the access to the registration URL transmits a biometric information registration request to the user terminal 700 (S400).
  • the process of photographing (still image/moving image) and sound recording (S308) and the process of storing biometric information in the secret area (S310) are the same as in the second embodiment (FIG. 28).
  • the communication unit 704 of the user terminal 700 transmits a biometric information registration completion notification to the company server 900 (S404).
  • the authentication unit (not shown) of the company server 900 issues a new user ID (S406).
  • the communication unit 804 of the enterprise server 900 sends a service acceptance completion notification including the user ID to the user terminal 700 (S408).
  • the company server 900 provides a web service when the biometric authentication is successful.
  • the authentication server 800 unlocks the lock device when the biometric authentication is successful.
  • the lock device is installed, for example, at the door of the user's home.
  • the lock device has a communication function such as network communication or short-range wireless communication, and can communicate with the authentication server 800 .
  • FIG. 31 is a diagram showing the unlocking sequence in the eighth modification.
  • the communication unit 704 of the user terminal 700 transmits a request to unlock the door of the user's home (including the user ID) to the authentication server 800 (S500).
  • the processing from S334 to S348 is the same as in the second embodiment (FIG. 29). However, in S348, error notification to the company server 900 is not performed. If biometric authentication as a whole is successful (OK) (Y of S346), the authentication server 800 performs unlocking processing (S502). In the unlocking process, the communication unit 804 of the authentication server 800 transmits an unlocking instruction to the lock device 304 (S504). This instruction unlocks the lock device 304 of the door of the user's home. Then, the communication unit 804 of the authentication server 800 transmits an unlock notification to the user terminal 700 (S506).
  • Modification 9 In Modified Example 8, an example in which biometric authentication processing is performed by the authentication server 800 has been described, but in Modified Example 9, the user terminal 700 performs biometric authentication processing.
  • FIG. 32 is a diagram showing the unlocking sequence in the ninth modification.
  • the user terminal 700 transmits an unlock request to the authentication server 800 (S600).
  • the biometric information selection unit 802 of the authentication server 800 selects the type of biometric information (S602). In the ninth modification, the biometric information selection unit 802 selects one type out of 16 types, for example.
  • the communication unit 804 of the authentication server 800 transmits notification of the selected one item (one type of biometric information) to the user terminal 700 (S604).
  • the collection unit 702 of the user terminal 700 collects biometric information for the one item.
  • the authentication unit (not shown) of the user terminal 700 performs biometric authentication processing based on the biometric information collected for one item and the same type of biometric information stored in the biometric information storage unit 710 (S608). If the biometric authentication is successful (OK) for the one item, the communication unit 704 of the user terminal 700 transmits a notification of authentication success to the authentication server 800 . Then, the authentication unit of user terminal 700 determines whether or not the authentication has been successful up to a predetermined number of times (for example, four times).
  • the communication unit 704 of the user terminal 700 sends a repeated request to the authentication server 800 (S600), and repeats the above-described processing from S602. If biometric authentication fails (NG) in any one item up to the fourth time, the communication unit 704 of the user terminal 700 transmits a notification of authentication failure to the authentication server 800 .
  • the communication unit 704 of the user terminal 700 transmits an unlocking request to the authentication server 800 (S616).
  • the processing of S618-S622 is the same as the processing of S502-S506 in Modification 8 (FIG. 31).
  • User authentication may be performed using text information registered in the storage unit 708 of the user terminal 700 and personal information read by an OCR function of an OCR (Optical Character Recognition) unit included in the collection unit 702 .
  • OCR Optical Character Recognition
  • User authentication may be performed by collation using voice data obtained by reading out text information registered in the storage unit 708 of the user terminal 700 .
  • FIG. 33 is a menu screen diagram of the target device in Modification 12.
  • FIG. A display processing unit (not shown) of the user terminal 700 displays on the display a menu screen including target device buttons 712a to 712c indicating target devices for which a connection of short-range wireless communication has been established.
  • a reception unit (not shown) of the user terminal 700 receives selection of the target device by touching the target device buttons 712a to 712c. Thereafter, when the reception unit (not shown) of the user terminal 700 receives an unlocking instruction by touching the unlock button 714, the communication unit 704 of the user terminal 700 transmits an unlocking request signal to the selected target device. , the target device is unlocked. That is, the lock is released.
  • the reception unit (not shown) of the user terminal 700 receives a lock instruction by touching a lock button (not shown)
  • the communication unit 704 of the user terminal 700 sends a lock request to the selected target device. A signal is sent and the target device is locked. That is, it is locked.
  • FIG. 34 is a menu screen diagram of home electric appliances in modification 12.
  • FIG. The next operation may be instructed after the target device is unlocked. For example, after selecting "Home" and unlocking the door, the ON/OFF control of the power supply of various electric appliances in the home is performed. A target device with which a short-range wireless communication connection has been established may be displayed.
  • the accepting unit of the user terminal 700 accepts the selection of a home appliance by touching one of the home appliance buttons 722a-722e. After that, when the reception unit (not shown) of the user terminal 700 receives a power switch instruction by touching the ON/OFF button 724, the communication unit 704 of the user terminal 700 transmits a power switch signal to the selected home appliance. , the power supply of home appliances is switched.
  • buttons 722a to 722e may be changed according to the state of the power supply so that the user can distinguish whether the target device is ON or OFF.
  • the second embodiment and modified examples 7 to 12 will be summarized. It is necessary for providers of various services to ascertain whether a user who wishes to enjoy the service is truly qualified to receive the service. Various authentication processes are performed in order to identify the user, and it is conceivable that a third party may pretend to be a user who wishes to enjoy the service by forging or falsifying documents or images for authentication. There are conventional techniques for preventing such "spoofing".
  • the characteristics of each of a plurality of biometric information that the user is unaware of the collected items are encrypted with an encryption key specified by the authentication server that performs the unlocking process, and then the user stored in the information terminal owned by Then, a technology is disclosed in which the authentication server acquires the user's biometric information in real time and performs authentication processing by comparing it with the features stored in the user terminal. This prevents a malicious third party from illegally acquiring the terminal and rewriting the reference personal data to impersonate the terminal owner.
  • the information terminal includes a storage unit that stores a plurality of types of first personal information data (e.g., first biometric information), and a collection unit that collects second personal information data (e.g., second biometric information).
  • a communication unit configured to externally transmit the second personal information data and the first personal information data corresponding to the second personal information data among the stored first personal information data in response to a request from the outside; and a service execution unit that enables execution of a service according to an authentication result from the outside.
  • at least one of the plurality of types of personal information data is an item that is less susceptible to change due to cosmetic surgery or the like.
  • the plurality of types of personal information data are any of audio data, still images, and moving images.
  • the collection unit includes an OCR unit with character recognition capability.
  • the authentication platform includes an information terminal that stores a plurality of types of first personal information data (e.g., first biometric information), a corporate server that controls service execution, and second personal information data (e.g., , second biometric information), and authenticates based on the collected second personal information data and data corresponding to the second personal information data among the plurality of types of first personal information data and an authentication server that notifies the server of an authentication result.
  • first personal information data e.g., first biometric information
  • a corporate server that controls service execution
  • second personal information data e.g., second biometric information
  • the plurality of types of personal information data are any of audio data, still images, and moving images.
  • the authentication server designates items to be used for authentication processing from among a plurality of types of personal information data to the information terminal, and notifies the information terminal.
  • the authentication server has an authentication data selection unit that randomly extracts items to be used for authentication processing.
  • Embodiments 1 and 2 are not limited to the above-described Embodiments 1 and 2 and each modified example, and can be embodied by modifying the constituent elements without departing from the scope of the invention.
  • Various inventions may be formed by appropriately combining a plurality of constituent elements disclosed in the above embodiments and modifications. Also, some components may be deleted from all the components shown in the above embodiments and modifications.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Collating Specific Patterns (AREA)

Abstract

Ce système d'authentification comprend : un dispositif d'entrée permettant d'entrer des données d'authentification biométrique concernant un détenteur d'un dispositif électronique ; une unité d'extraction de caractéristiques permettant d'extraire des données de caractéristiques biologiques concernant le détenteur à partir des données d'authentification biométrique concernant le support qui ont été entrées ; une unité d'acquisition de données de caractéristiques permettant d'acquérir, à partir du dispositif électronique, des données de caractéristiques biologiques concernant un utilisateur légitime enregistré dans le dispositif électronique ; et une unité d'authentification permettant d'effectuer une authentification biométrique d'après les données de caractéristiques biologiques concernant le détenteur extraites des données d'authentification biométrique concernant le détenteur et des données de caractéristiques biologiques concernant l'utilisateur légitime.
PCT/JP2022/040206 2021-11-17 2022-10-27 Système d'authentification et programme d'authentification WO2023090117A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2021-186804 2021-11-17
JP2021186804A JP2023074059A (ja) 2021-11-17 2021-11-17 認証システムおよび認証プログラム

Publications (1)

Publication Number Publication Date
WO2023090117A1 true WO2023090117A1 (fr) 2023-05-25

Family

ID=86396809

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2022/040206 WO2023090117A1 (fr) 2021-11-17 2022-10-27 Système d'authentification et programme d'authentification

Country Status (2)

Country Link
JP (1) JP2023074059A (fr)
WO (1) WO2023090117A1 (fr)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2003331323A (ja) * 2002-05-17 2003-11-21 Nippon Signal Co Ltd:The 自動ゲートシステム
JP2007102660A (ja) * 2005-10-07 2007-04-19 Hitachi Electronics Service Co Ltd 認証可否判定システム及び利用認証システム
JP2011145948A (ja) * 2010-01-15 2011-07-28 Ntt Docomo Inc 情報処理システム
JP6124124B2 (ja) * 2013-05-14 2017-05-10 株式会社デンソーウェーブ 認証システム

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2003331323A (ja) * 2002-05-17 2003-11-21 Nippon Signal Co Ltd:The 自動ゲートシステム
JP2007102660A (ja) * 2005-10-07 2007-04-19 Hitachi Electronics Service Co Ltd 認証可否判定システム及び利用認証システム
JP2011145948A (ja) * 2010-01-15 2011-07-28 Ntt Docomo Inc 情報処理システム
JP6124124B2 (ja) * 2013-05-14 2017-05-10 株式会社デンソーウェーブ 認証システム

Also Published As

Publication number Publication date
JP2023074059A (ja) 2023-05-29

Similar Documents

Publication Publication Date Title
US11991175B2 (en) User authentication based on device identifier further identifying software agent
JP4553565B2 (ja) 電子バリューの認証方式と認証システムと装置
US8843760B2 (en) Biometric identification method
JP5859953B2 (ja) 生体認証システム、通信端末装置、生体認証装置、および生体認証方法
AU2013232744B2 (en) A biometric authentication system
WO2017071493A1 (fr) Procédé et dispositif d'identification, de traitement de service et de traitement d'informations biométriques
JP2004040717A (ja) 機器認証システム
JP7021417B2 (ja) 生体データテンプレートの更新
JP5538701B2 (ja) 本人認証のための方法、システム、判定装置、端末装置、サーバ装置、プログラムおよび記録媒体
JP2006146914A (ja) バイオセンサを有するidカード及びユーザー認証方法
JP4859631B2 (ja) 暗号通信システム及び通信端末装置及び暗号通信プログラム及び暗号通信方法
JPH10269182A (ja) 利用者認証方法および利用者認証システム
JP4970178B2 (ja) 対面業務システム、対面制御サーバ装置およびプログラム
WO2023090117A1 (fr) Système d'authentification et programme d'authentification
JP2007334644A (ja) 認証システム、認証サーバ、端末、認証方法、プログラム
JP6837864B2 (ja) 携帯端末、情報処理装置、情報処理方法、およびプログラム
KR102342354B1 (ko) 기공유id와 간편안전otp 이용하는 비대면본인인증 방법
US11277265B2 (en) Verified base image in photo gallery
JP2008165411A (ja) 通信システム、サーバ装置、通信装置および通信処理プログラム
TWI696963B (zh) 票證發行與入場驗證系統與方法及使用於票證發行與入場驗證系統之用戶終端裝置
JP2013009052A (ja) サーバ装置、代理人認証方法及び代理人認証システム
JP5127469B2 (ja) サーバ装置、リファレンス保管装置及びリファレンス生成装置
EP4246404A2 (fr) Système, dispositif utilisateur et procédé pour transaction électronique
WO2023239760A1 (fr) Procédé de vérification d'identité d'utilisateur mis en œuvre par ordinateur

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 22895400

Country of ref document: EP

Kind code of ref document: A1