+

WO2000010125A1 - Electronic authentication system and its card - Google Patents

Electronic authentication system and its card Download PDF

Info

Publication number
WO2000010125A1
WO2000010125A1 PCT/JP1999/004393 JP9904393W WO0010125A1 WO 2000010125 A1 WO2000010125 A1 WO 2000010125A1 JP 9904393 W JP9904393 W JP 9904393W WO 0010125 A1 WO0010125 A1 WO 0010125A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
card
recognition data
memory
recognition
Prior art date
Application number
PCT/JP1999/004393
Other languages
French (fr)
Japanese (ja)
Inventor
Shuichiro Ito
Original Assignee
Stance Co., Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Stance Co., Ltd. filed Critical Stance Co., Ltd.
Publication of WO2000010125A1 publication Critical patent/WO2000010125A1/en

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • G06Q20/40145Biometric identity checks

Definitions

  • an electronic authentication card having a connection unit for exchanging data with an external device, for authenticating a card with a personal identification number or the like, and then exchanging data via the connection unit.
  • a card such as a bank card or credit card is inserted into a cash slot (ATM) of a cash slot (hereinafter simply referred to as a slot).
  • ATM cash slot
  • a slot By entering a personal identification number, it was possible to withdraw cash or transfer money to another bank account.
  • the card usually has a connection unit for exchanging data with an external device and a memory storing a personal identification number or the like as personal data, and detects a connection state with the connection unit. Thereafter, recognition data such as a password stored in the memory in advance is read through the connection unit. Then, the recognition data is compared with recognition data such as a password input from a keyboard or the like, and when the respective recognition data match, various personal data can be extracted from an external device. .
  • recognition data such as a password stored in the memory in advance
  • recognition data is compared with recognition data such as a password input from a keyboard or the like, and when the respective recognition data match, various personal data can be extracted from an external device.
  • recognition data such as a password stored in the memory in advance is read through the connection unit.
  • recognition data is compared with recognition data such as a password input from a keyboard or the like, and when the respective recognition data match, various personal data can be extracted from an external device.
  • the conventional card described above for example, when cash is withdrawn
  • the password of a cash card or the like may be known to others or carelessly. If they did, accidents and crimes could occur where others were abused.
  • the fingerprint itself is a kind of privacy information, which is a problem from the viewpoint of privacy protection.
  • cash cards have the property that they can be easily accessed via a connection unit and a communication line, etc., in a personal computer such as a card holder's bank account, which is stored in an external computer. Have. Therefore, if another person possesses the card holder's cash card, etc. and knows the PIN, the other person can freely access the personal data of the power holder, and from the viewpoint of privacy protection There was a problem. Disclosure of the invention
  • the present invention has been made in view of the above-mentioned problems, and an object of the present invention is to provide a connection unit for transmitting and receiving data to and from an external device, and a memory for storing personal data.
  • An object of the present invention is to provide an electronic authentication card which detects a connection state of an external device and retrieves personal data from the memory, and an electronic authentication system for performing an authentication operation using the electronic authentication card.
  • the electronic authentication card (hereinafter, simply referred to as a card) includes a data input unit for inputting the recognition data, a recognition data input from the data input unit, and the data stored in the memory.
  • a comparison operation unit for comparing and comparing the data with the data a control connected to the data input unit and the comparison operation unit, and outputting a signal to the memory and the comparison operation unit based on a signal input from the data input unit
  • the control unit stores the recognition data in the memory at the time of registration, and compares the recognition data with the recognition data stored in the memory at the time of collation. When the data match, force is used. Thereby, the control unit stores the recognition data such as the unique body pattern information in the memory first, and when the recognition data is input from the data input unit, the recognition data and the memory
  • the authentication operation that the recognition data stored in the storage device is compared with the external device is completely and independently performed (or independently) by the card side alone. If the two recognition data match, the card can be used only each time, and if the respective recognition data does not match, the card cannot be used. It cannot be deducted from or transferred from such a place.
  • FIG. 1 is a front view of an electronic authentication card according to one embodiment of the present invention.
  • FIG. 2 is a block diagram showing the internal structure of the electronic authentication card.
  • FIG. 3 is a flowchart showing the operation of the electronic authentication power authentication system.
  • FIG. 4 is a front view of an electronic authentication card provided with a password input means in the card body.
  • FIG. 5A is a front view of an electronic authentication card according to another embodiment of the present invention. Is a side view thereof.
  • FIG. 6A is a front view of still another electronic authentication card
  • FIG. 6B is a side view thereof.
  • FIG. 1 shows a cash card as an IC card, which is an example of an electronic authentication card as recognition data authentication means according to the present invention.
  • the name of the card holder (JOHN SMITH) 2 is embossed on the card body 1.
  • FIG. 2 is a diagram showing the internal structure of the cash card.
  • the card body 1 has a connection unit 4 for sending and receiving data to and from an external device 3 and an authentication data such as unique body pattern information.
  • a memory 5 for storing the information as electronic information is provided.
  • the connection state between the connection unit 4 and the external device 3 is detected, and the personal data and the like are taken out from the memory 5.
  • the external device 3 is an ATM machine or the like having a slot for inserting cards and the like.
  • the connection unit 4 and the memory 5 are connected to a control unit 8 including a RAM 6 and a ROM 7 for temporarily storing data and the like.
  • the control unit 8 is connected to a comparison operation unit 9 for comparing two types of data and comparing them.
  • the card body 1 has a recognition data input unit 10 for inputting unique body pattern information (fingerprint, voice, retinal pattern, iris pattern, facial features, DNA pattern, etc.).
  • the data input unit 10 has a configuration in which a scanner, a pressure-sensitive sensor, a camera, or a microphone for recognizing the fingerprint, voice, etc. of the card holder based on the unique body pattern information is incorporated in the card body 1. Consists of
  • the control unit 8 is connected to the data input unit 10 and the comparison operation unit 9, and outputs a signal to the memory 5 and the comparison operation unit 9 based on the signal input from the data input unit 10. It has become. As a result, the control unit 8 stores the recognition data input from the data input unit 10 in the memory 5 at the time of registration, and stores the recognition data and the memory 5 in the comparison operation unit 9 at the time of comparison. The obtained recognition data is compared, and when the two recognition data match, the card is made usable.
  • the control section 8 is connected to a display section 12 for displaying data on the liquid crystal display section 11 of the card body 1, and displays information such as a card number, a bar code, and an error display on the liquid crystal display section 1. 1 is displayed.
  • Reference numeral 13 denotes a main switch including an evening sensor provided on the card body 1.
  • step S2 it is determined whether or not the input is the first recognition data.
  • the recognition data is stored in the memory 5 in step S3.
  • the fingerprint can be registered by touching the fingerprint panel constituting the data input unit 10 with a finger.
  • an insulating sheet or the like is stuck on the fingerprint input panel to prevent an accidental registration by another person.
  • the process proceeds to step S4, and in step S4, the recognition data is stored in the basic data, that is, the memory 5. It is compared and collated with the stored recognition data.
  • step S5 an activation signal is sent to the external device 3, and in step S6, the card is brought into the normal card function, ON state. That is, when the authenticated card is inserted into an external device 3 such as an ATM machine, it is possible to pay money and the like, and the card can play its original role.
  • the external device 3 may read numbers, bar codes, and the like displayed on the liquid crystal display section 11 of the card, and may read the card number and the like from communication means built in the card. Information may be extracted.
  • step S4 if the result of comparison of the recognition data in step S4 is that they do not match, an error is displayed on the liquid crystal display section 11 and then the procedure returns to step S1.
  • the card does not play a role as a card, and even if it is inserted into an ATM machine or the like, money cannot be paid and received, and the card cannot be used.
  • the card that has been authenticated by inputting the recognition data to the card functions as a card for the external device once for one authentication, and the authentication after the first This is performed for the input of the recognition data after the second time. Therefore, in the embodiment of the present invention, the authentication is performed every time independently of the external device (or independently). This is done only on the card side.
  • a keyboard 14 for inputting numerical values can be provided on the card body 1, and the key board 14 is provided not from the external device 3 but from the card body 1. And a password or the like.
  • the card when a card is used, the card cannot be used unless the holder is a valid holder. That is, even if the card is obtained, the fingerprint cannot be verified without entering the password using the keyboard 14, and even if the password of the card is accidentally known, the card 1 If the unique body pattern information registered and recorded in the memory 5, for example, the fingerprint does not match the fingerprint input from the data input unit 10, an error message is displayed on the liquid crystal display unit 11, and the card must be used. Can not. Therefore, the input of the personal identification number using the keyboard 14 applies double security, thereby improving the security function of the card.
  • an electronic authentication card having a function of enabling payment of money such as a debit card or a credit card
  • a keyboard 14 for inputting a numerical value can be provided on this card.
  • the user can enter the payment amount after authentication, insert the card into the communication terminal of the payee, read the payment amount, and play the role of performing the payment.
  • a key called balance inquiry is set on this kind of card, for example, a bank account balance can be input through a bank ATM machine or the like, and the bank account balance can be displayed on the liquid crystal display unit 11. it can.
  • recognition data such as body pattern information is input from the data input section 10 of the card, and the card is inserted into the slot of the ATM machine after the card becomes usable.
  • a card is inserted halfway into the slot first, and for example, a fingerprint or the like is input to the data input unit 10 in this state.
  • input of recognition data is performed at that time before authentication is required. That is, the input and the authentication of the recognition data are performed on the card side in the same manner as in the above-mentioned embodiment, but the recognition data is inserted in a state where the card is inserted at least partially or half before the slot. Input and authenticate. Since this procedure requires that the cardholder be present in front of the ATM machine, it provides even more secure security assurance. Here's the background to strong authentication.
  • various personal information are registered in the IC card, so that the IC card can be conveniently and collectively managed.
  • the concern is the card itself, which means the property itself, and the security of the card holder.
  • the executor must cause the card holder to execute cash withdrawal or the like.
  • the procedure described above can be executed. This creates an unnatural situation in which a consumer needs to act with the cardholder near the bank's ATM machine. Nevertheless, surveillance cameras are still installed in banks, but such suspicious behavior is more noticeable on the part of the ATM installers, and the possibility of fraud is increased. Therefore, the present embodiment has an effect of suppressing such misconduct.
  • fingerprints is privacy information, so if you register it on a bank ATM, for example, the personal information may be leaked to the outside, so it is easy to register it. I could't do it.
  • fingerprints and other body patterns belong to the privacy of individuals.
  • providing an input device for personal authentication on the ATM machine side of a bank or credit company means that the host computer of the bank or credit company Since this is nothing more than registering your fingerprints, etc., such privacy information is intentionally or diverted to other purposes, such as by negligence, accident, or intruder's intrusion into the host computer. Means that there is a possibility that
  • the present invention is not limited to this.
  • the present invention can also be applied to an authentication system for opening and closing a car door, and can provide the same operation and effect as the above embodiment.
  • a function such as a password may be used in combination with the electronic authentication system as in the past.
  • FIG. 5A and 5B show an IC card 1 which is an example of an electronic authentication code as a recognition data authentication unit according to another embodiment of the present invention.
  • a fingerprint is used as a body pattern for authentication
  • a small camera 21 such as a CMOS image sensor
  • the iris pattern of the eye can be used for authentication.
  • a configuration different from the first embodiment will be described. The points that are not particularly described are the same as those in the first embodiment.
  • the small image sensor 21 as described above has about 100,000 pixels, but has a size of about 10 mm 2 and a thickness of about 6 mm.
  • the thickness of the portion where the optical lens 21 a is provided can be increased and the IC card 1 can be integrally formed.
  • the IC card shown in FIG. 5A is provided with a CMOS image sensor 21. By further reducing the size of this image sensor, it is possible to fit it all into a force with a thickness of about 3 mm.
  • a method of performing authentication by inserting only a part of the IC card into the slot as in the case of the first embodiment is possible.
  • the structure of the card slot on the ATM machine side is obliquely inserted from the top to the bottom so that the camera shown in the figure faces upward from the front, and only a part of the card is inserted into the slot. While opening a, the lens 21a of the camera can capture the scene in which the card holder is proceeding. Of course, a part of the card may be inserted into the slot after authentication.
  • the IC card 1 shown in FIGS. 6A and 6B is provided with a visible light irradiation LED 22 and a near infrared irradiation LED 23 in addition to the small image sensor 21.
  • This IC card 1 has a chip-type near-infrared irradiation LED (light-emitting diode) 22 embedded in the card so that the light receiving sensitivity area of the small image sensor 21 includes a near-infrared region. It is configured. With such a configuration, an image can be acquired even if the iris has black eyes.
  • a visible light LED 23 is provided to illuminate the card holder's eyes when the card holder performs authentication, adjust the size of the pupil, widen the iris, and acquire many images .
  • a filter (not shown) for blocking visible light can be provided on the optical lens 21a to cut off extra image information.
  • Near-infrared radiation means A near-infrared radiation method such as LED23 should be installed with consideration given to suppressing reflection on the iris. In other words, the light is emitted at an angle that fits within the pupil.
  • the input data changes depending on the positional relationship of the angle between the lens 21a and the iris to be authenticated.
  • the image sensor 21 can transfer an image of about 30 frames per second, so that the image of the body pattern information falls within a predetermined angle and the inner and outer circumferences of the iris are circular.
  • a comparison operation for authentication is performed.
  • the input data at a predetermined angle may be stored in a plurality of memories to detect a change in the size of the pupil or the shape of the eyelid, and by detecting these, the subject is a living body. You can also confirm that. As a result, even if a photograph of the iris is placed in front of the image sensor, authentication cannot be performed, and the reliability of the authentication operation is further improved.
  • 100,000 pixels can be set in about 8 bits per pixel and 256 grayscale gradations can be set. Only about 100 kilobytes of arithmetic processing is required. If the image is binarized and stored when performing the comparison operation, the data capacity can be reduced to about 13 kilobytes, and the operation process is easier.
  • the following algorithm for matching can be used. That is, the threshold value for binarization is set, and the image is rotated so that the center of the pupil is the center point and matches the shape of the eyelids in the registration data while changing the threshold value up and down, and the image is close to the registration data Correct to image. After that, the corrected image is divided into several blocks, and the pass / fail rate of comparison is calculated as a percentage for each of the blocks. Only when the pass / fail rate of the verification for each block exceeds a predetermined value, the user is authenticated. By dividing an image into blocks and performing collation as described above, an error in the collation operation can be reduced.
  • the input is not performed properly, for example, when the camera 21 is out of focus, a message such as “Please bring the lens closer to the eyes” is displayed on the LCD 11 Display, possibly accompanied by a beep, and By prompting the user to input data, the input can be facilitated when the power holder inputs the data overnight.
  • the input of the physical information pattern is not an input that requires contact as in the case of a fingerprint, but an indirect input that does not require contact. This makes it possible to perform input that does not depend on the magnitude of the contact pressure of pressing a finger or a finger against the input unit, and has the advantage of improving authentication accuracy.
  • the present invention is characterized in that the authentication action is completed only on the IC card side, so that the present invention is applicable to the case where other personal information such as voice input is used.
  • the same effect can be obtained by changing the form of the data input unit and performing a comparison operation according to the type of personal information.
  • the data input unit for inputting the recognition data, the recognition data input from the data input unit, and the data stored in the memory are stored in the electronic authentication card.
  • each authentication operation can be performed completely independently of the external device (or independently) on the card side alone, and the recognition data input from the data input unit can be recorded in advance. If the stored recognition data does not match, the card cannot be used even if the user possesses the card and knows the PIN of the card. Therefore, the security function of the card is significantly improved. Also, since the unique body pattern information is only stored in the memory of the card body, it can be managed by the card holder himself, and the information is not leaked outside. Therefore, it is also excellent from the viewpoint of privacy protection.

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Accounting & Taxation (AREA)
  • Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Finance (AREA)
  • Computer Security & Cryptography (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Collating Specific Patterns (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Storage Device Security (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

An electronic authentication system uses an electronic authentication card having a memory where personal data are stored. The card further has a data input section for inputting recognition data, a comparison calculation section for comparing the recognition data inputted through the data input section with data stored in the memory, and a control section connected to the data input section and comparison calculation section and adapted to output signals to the memory and comparison calculation section according to the signal inputted through the data input section. In registering, the control section stores the recognition data in the memory. In checking, the comparison calculation section compares the recognition data with the data stored in the memory. When the recognition data coincides with the data in the memory, an electronic device is rendered usable. Thus, the authentication is performed independently of the external device (or solely).

Description

明 細 電子認証システムとその力一ド 技術分野  Description Electronic authentication system and its technical fields

本発明は、 外部装置とデ一夕の授受を行うためのコネクト部を備え、 暗証番号等 によってカードを認証した後に、 該コネクト部を介してデータの授受を行うように した電子認証力一ドの改良に関する。 背景技術  According to the present invention, there is provided an electronic authentication card having a connection unit for exchanging data with an external device, for authenticating a card with a personal identification number or the like, and then exchanging data via the connection unit. Regarding improvement. Background art

従来より、 この種の電子認証カードとして、 例えば銀行のキャッシュカードゃク レジットカード等のように、 カードを現金出納装置 (A TM) の力一ドスロット( 以下、 単に、 スロットという)に挿入し、 暗証番号を入力することで、 現金を引き 出したり、 他の銀行口座等に振り込んだりすること等が可能であつた。  Conventionally, as an electronic authentication card of this type, a card such as a bank card or credit card is inserted into a cash slot (ATM) of a cash slot (hereinafter simply referred to as a slot). By entering a personal identification number, it was possible to withdraw cash or transfer money to another bank account.

その場合、 上記カードは、 通常、 外部装置とデ一夕の授受を行うためのコネクト 部と、 個人データとしての暗証番号等を記憶したメモリとを備え、 上記コネクト部 との接続状態を検知した後、 該コネクト部を介して、 上記メモリに予め記憶された 暗証番号等の認識データが読み出される。 そして、 この認識データを、 キーボード 等から入力された暗証番号等の認識データと比較し、 該各認識データが合致した場 合に、 外部装置から各種個人データを引き出すことができるようになつている。 ところが、 上記従来のカードでは、 例えばキャッシュカードによって銀行口座等 から現金を引き出したり、 振り込んだりする場合、 キャッシュカードの所持者が、 実際に現金をその銀行口座等に預けている本人か否かの認証を行わない。 すなわち 、 カード所持者以外の者が、 キャッシュカードを所持し、 その暗証番号を知ってい れば、 誰でも、 現金を引き出したり、 振り込んだりすることができる。  In that case, the card usually has a connection unit for exchanging data with an external device and a memory storing a personal identification number or the like as personal data, and detects a connection state with the connection unit. Thereafter, recognition data such as a password stored in the memory in advance is read through the connection unit. Then, the recognition data is compared with recognition data such as a password input from a keyboard or the like, and when the respective recognition data match, various personal data can be extracted from an external device. . However, with the conventional card described above, for example, when cash is withdrawn or transferred from a bank account using a cash card, it is determined whether or not the cash card holder is the person who actually deposits cash into the bank account or the like. Do not authenticate. In other words, anyone who has a cash card and knows the PIN can withdraw or transfer cash, except for the card holder.

そのため、 キャッシュカード等の暗証番号を他人に知られたり、 又は不注意で知 らせてしまった場合、 他人によって力一ドが悪用される事故や犯罪が発生するおそ れがあった。 For this reason, the password of a cash card or the like may be known to others or carelessly. If they did, accidents and crimes could occur where others were abused.

このことは、 キヤッシユカ一ドゃクレジットカ一ド等を用いたカードシステムに おいて、 セキュリティ保護の観点から問題があった。  This has a problem from the viewpoint of security protection in a card system using a cash card or a credit card.

また、 カード所持者の指紋等の固有身体パターン情報を銀行の ATM機等に登録 し、 記憶する場合、 指紋自体が一種のプライバシー情報であるので、 プライバシー 保護の観点から問題である。 また、 キャッシュカード等は、 コネクト部及び通信回 線等を介して、 外部のコンピュータに蓄積された, カード所持者の預金デ一夕等の 個人デ一夕に容易にアクセスすることができる性質を備えている。 そのため、 他人 が、 カード所持者のキャッシュカード等を所持し、 暗証番号を知っていれば、 他人 によって力一ド所持者の個人デー夕に自由にアクセスすることができ、 プライバシ 一保護の観点から問題があつた。 発明の開示  In addition, when registering and storing unique body pattern information such as a fingerprint of a cardholder in an ATM machine of a bank, the fingerprint itself is a kind of privacy information, which is a problem from the viewpoint of privacy protection. In addition, cash cards have the property that they can be easily accessed via a connection unit and a communication line, etc., in a personal computer such as a card holder's bank account, which is stored in an external computer. Have. Therefore, if another person possesses the card holder's cash card, etc. and knows the PIN, the other person can freely access the personal data of the power holder, and from the viewpoint of privacy protection There was a problem. Disclosure of the invention

本発明は上記問題点に鑑みてなされたものであり、 本発明の目的は、 外部装置と デ一夕の授受を行うコネクト部と、 個人データを記憶するメモリとを備え、 該コネ クト部と外部装置の接続状態を検知し、 上記メモリから個人データを取り出すよう にした電子認証カード及び該電子認証カードを用いて認証行為を行う電子認証シス テムを提供することである。 そして、 かかる電子認証カード(以下、 単に、 カード という)は、 認識デ一夕を入力するためのデータ入力部と、 該データ入力部から入 力された認識デ一夕と上記メモリに記憶されたデ一夕とを比較照合する比較演算部 と、 上記データ入力部及び比較演算部に接続され、 上記データ入力部から入力され た信号に基づいて、 上記メモリ及び比較演算部に信号を出力する制御部とを備え、 該制御部により、 登録時、 認識データを上記メモリに記憶する一方、 照合時、 上記 比較演算部において、 認識データと上記メモリに記憶された認識データを比較し、 該各認識データが合致した場合に、 力一ドを使用可能な状態にする構成とする。 これにより、 上記制御部は、 最初に、 固有身体パターン情報等の認識データをメ モリに記憶すれば、 上記データ入力部から認識デ一夕が入力されると、 該認識デ一 夕と上記メモリに記憶された認識デー夕とが比較されるという認証行為を外部装置 とは独立的に (又は単独に)全てカード側だけで完結して行うよう構成される。 そし て、 両認識デ一夕が合致した場合に、 その都度のみカードを使用可能な状態にする とともに、 該各認識データが合致しない場合には、 カードを使用できないようにし 、 例えば現金を銀行口座等から引き落としたり, 振り込んだりすることができない ようにしたものである。 図面の簡単な説明 The present invention has been made in view of the above-mentioned problems, and an object of the present invention is to provide a connection unit for transmitting and receiving data to and from an external device, and a memory for storing personal data. An object of the present invention is to provide an electronic authentication card which detects a connection state of an external device and retrieves personal data from the memory, and an electronic authentication system for performing an authentication operation using the electronic authentication card. The electronic authentication card (hereinafter, simply referred to as a card) includes a data input unit for inputting the recognition data, a recognition data input from the data input unit, and the data stored in the memory. A comparison operation unit for comparing and comparing the data with the data, a control connected to the data input unit and the comparison operation unit, and outputting a signal to the memory and the comparison operation unit based on a signal input from the data input unit The control unit stores the recognition data in the memory at the time of registration, and compares the recognition data with the recognition data stored in the memory at the time of collation. When the data match, force is used. Thereby, the control unit stores the recognition data such as the unique body pattern information in the memory first, and when the recognition data is input from the data input unit, the recognition data and the memory The authentication operation that the recognition data stored in the storage device is compared with the external device is completely and independently performed (or independently) by the card side alone. If the two recognition data match, the card can be used only each time, and if the respective recognition data does not match, the card cannot be used. It cannot be deducted from or transferred from such a place. BRIEF DESCRIPTION OF THE FIGURES

図 1は、 本発明の一実施の形態に係る電子認証カードの正面図である。 FIG. 1 is a front view of an electronic authentication card according to one embodiment of the present invention.

図 2は、 電子認証カードの内部構造を示すプロック図である。 FIG. 2 is a block diagram showing the internal structure of the electronic authentication card.

図 3は、 電子認証力一ドの認証システムの作動を示すフローチャートである。 図 4は、 カード本体に暗証番号の入力手段を備えた電子認証カードの正面図である 図 5 Aは、 本発明の他の実施の形態に係る電子認証カードの正面図であり、 図 5 B は、 その側面図である。 FIG. 3 is a flowchart showing the operation of the electronic authentication power authentication system. FIG. 4 is a front view of an electronic authentication card provided with a password input means in the card body. FIG. 5A is a front view of an electronic authentication card according to another embodiment of the present invention. Is a side view thereof.

図 6 Aは、 さらに他の電子認証カードの正面図であり、 図 6 Bは、 その側面図であ る。 発明を実施するための最良の形態 FIG. 6A is a front view of still another electronic authentication card, and FIG. 6B is a side view thereof. BEST MODE FOR CARRYING OUT THE INVENTION

以下、 本発明に係る電子認証カードの実施例を図面に基づいて説明する。  Hereinafter, an embodiment of an electronic authentication card according to the present invention will be described with reference to the drawings.

実施の形態 1 Embodiment 1

図 1は、 本発明に係る認識データ認証手段としての電子認証カードの一例である I Cカードとしてのキャッシュカードを示し、 カード本体 1に、 カード所持者の氏 名 (JOHN SMITH) 2がエンボス表示されている。 図 2は、 上記キャッシュカードの内部構造を示す図であり、 該カード本体 1は、 外部装置 3とデ一夕の授受を行うコネクト部 4と、 固有の身体パターン情報等の認 証デ一夕を電子情報として記憶するメモリ 5を備え、 該コネクト部 4と外部装置 3 の接続状態を検知し、 メモリ 5から個人デ一夕等を取り出すようになつている。 こ こで、 外部装置 3は、 カード類を差し込むスロット等を備えた ATM機等である。 また、 上記コネクト部 4やメモリ 5は、 データ等を一時的に記憶する R AM 6と R OM 7を備えた制御部 8に接続されている。 この制御部 8には、 2種類のデ一夕 を比較し、 照合する比較演算部 9が接続されている。 FIG. 1 shows a cash card as an IC card, which is an example of an electronic authentication card as recognition data authentication means according to the present invention. The name of the card holder (JOHN SMITH) 2 is embossed on the card body 1. ing. FIG. 2 is a diagram showing the internal structure of the cash card. The card body 1 has a connection unit 4 for sending and receiving data to and from an external device 3 and an authentication data such as unique body pattern information. A memory 5 for storing the information as electronic information is provided. The connection state between the connection unit 4 and the external device 3 is detected, and the personal data and the like are taken out from the memory 5. Here, the external device 3 is an ATM machine or the like having a slot for inserting cards and the like. The connection unit 4 and the memory 5 are connected to a control unit 8 including a RAM 6 and a ROM 7 for temporarily storing data and the like. The control unit 8 is connected to a comparison operation unit 9 for comparing two types of data and comparing them.

さらに、 上記カード本体 1には、 固有の身体パターン情報 (指紋, 音声, 網膜パ ターン, 虹彩パターン, 顔の特徴, D N Aパターン等) を入力するための認識デー 夕入力部 1 0を備えている。 ちなみに、 データ入力部 1 0は、 固有の身体パターン 情報により、 カード所持者の指紋や音声等を認識するためのスキャナ, 感圧式セン サ, カメラ, 又は、 マイク等をカード本体 1に組み込んだ構成からなる。  Further, the card body 1 has a recognition data input unit 10 for inputting unique body pattern information (fingerprint, voice, retinal pattern, iris pattern, facial features, DNA pattern, etc.). . By the way, the data input unit 10 has a configuration in which a scanner, a pressure-sensitive sensor, a camera, or a microphone for recognizing the fingerprint, voice, etc. of the card holder based on the unique body pattern information is incorporated in the card body 1. Consists of

そして、 上記制御部 8は、 上記データ入力部 1 0及び比較演算部 9に接続され 、 該データ入力部 1 0から入力された信号に基づいて、 メモリ 5及び比較演算部 9 に信号を出力するようになっている。 これにより、 制御部 8は、 登録時、 上記デー 夕入力部 1 0から入力された認識データをメモリ 5に記億する一方、 照合時、 比較 演算部 9において、 上記認識データとメモリ 5に記憶された認識データを比較し、 該両認識データが合致した場合に、 カードを使用可能な状態にするようになつてい る。  The control unit 8 is connected to the data input unit 10 and the comparison operation unit 9, and outputs a signal to the memory 5 and the comparison operation unit 9 based on the signal input from the data input unit 10. It has become. As a result, the control unit 8 stores the recognition data input from the data input unit 10 in the memory 5 at the time of registration, and stores the recognition data and the memory 5 in the comparison operation unit 9 at the time of comparison. The obtained recognition data is compared, and when the two recognition data match, the card is made usable.

尚、 上記制御部 8には、 カード本体 1の液晶表示部 1 1に、 データを表示する ための表示部 1 2が接続され、 カードナンバー, バーコード, エラー表示等の情報 を液晶表示部 1 1に表示するようになっている。 また、 1 3は、 カード本体 1に設 けられた夕ツチセンサからなるメインスィツチである。  The control section 8 is connected to a display section 12 for displaying data on the liquid crystal display section 11 of the card body 1, and displays information such as a card number, a bar code, and an error display on the liquid crystal display section 1. 1 is displayed. Reference numeral 13 denotes a main switch including an evening sensor provided on the card body 1.

次に、 上記実施例の作動を示す。  Next, the operation of the above embodiment will be described.

まず、 メインスィッチ 1 3を O Nにすると、 図 3に示すように、 ステップ S 1に おいて、 上記データ入力部 1 0から、 身体パターン情報等の認識データを入力する 。 そして、 ステップ S 2に進み、 該ステップ S 2で、 上記入力が最初の認識デ一夕 であるか否かが判定される。 First, when the main switch 13 is turned ON, as shown in FIG. Here, recognition data such as body pattern information is input from the data input unit 10. Then, the process proceeds to step S2, where it is determined whether or not the input is the first recognition data.

最初の入力であれば、 ステップ S 3において、 上記認識データをメモリ 5に記憶 する。 その際、 カードにカード所持者の指紋を登録する場合、 デ一夕入力部 1 0を 構成する指紋パネルに指を触れることで登録できるようになつている。 ちなみに、 認識データが、 未登録である場合、 上記指紋入力パネルに、 絶縁シート等を貼り付 けて、 不用意に他人が登録してしまうのを防止することができる。 一方、 上記ステ ップ S 2において、 2回目以降の認、識デ一夕の入力があれば、 ステップ S 4に進み 、 該ステップ S 4において、 この認識データが、 基礎データ、 すなわちメモリ 5に 記憶された認識データと比較, 照合される。  If it is the first input, the recognition data is stored in the memory 5 in step S3. At that time, when registering the cardholder's fingerprint on the card, the fingerprint can be registered by touching the fingerprint panel constituting the data input unit 10 with a finger. Incidentally, when the recognition data is not registered, an insulating sheet or the like is stuck on the fingerprint input panel to prevent an accidental registration by another person. On the other hand, in the above step S2, if there is an input of recognition and recognition for the second and subsequent times, the process proceeds to step S4, and in step S4, the recognition data is stored in the basic data, that is, the memory 5. It is compared and collated with the stored recognition data.

これらの認識データを比較し、 合致すれば、 ステップ S 5に進み、 外部装置 3に 作動信号を送り、 ステップ S 6で、 カードを、 通常のカード機能, O Nの状態にす る。 すなわち、 認証されたカードは、 ATM機等の外部装置 3に挿入すると、 金銭 の出納等が可能になり、 カード本来の役割を果たすことができる。 その際、 外部装 置 3では、 カードの液晶表示部 1 1に表示されている数字やバーコ一ド等を読みと るようにしてもよく、 カードに内蔵されている通信手段からカード番号等の情報を 引き出すようにしてもよい。  These recognition data are compared, and if they match, the process proceeds to step S5, where an activation signal is sent to the external device 3, and in step S6, the card is brought into the normal card function, ON state. That is, when the authenticated card is inserted into an external device 3 such as an ATM machine, it is possible to pay money and the like, and the card can play its original role. At this time, the external device 3 may read numbers, bar codes, and the like displayed on the liquid crystal display section 11 of the card, and may read the card number and the like from communication means built in the card. Information may be extracted.

一方、 ステップ S 4で、 認識データを比較した結果、 不一致の場合、 上記液晶表 示部 1 1にエラー表示をした後、 ステップ S 1に戻る。 この段階では、 カードは、 カードとしての役割を果たさず、 ATM機等に挿入しても、 金銭の出納等ができず 、 カードを使用できない。  On the other hand, if the result of comparison of the recognition data in step S4 is that they do not match, an error is displayed on the liquid crystal display section 11 and then the procedure returns to step S1. At this stage, the card does not play a role as a card, and even if it is inserted into an ATM machine or the like, money cannot be paid and received, and the card cannot be used.

このように、 カードへの認識データの入力によって認証されたカードは、 1回の 認証に対して 1回、 外部装置に対してカードとしての機能を発揮し、 2回目以降の 認証は、 認識データの 2回目以降の認識データの入力に対して行われる。 従って、 本発明の実施例においては、 認証は、 毎回、 外部装置とは独立的に(又は単独に)全 てカード側だけで完結して行われる。 In this way, the card that has been authenticated by inputting the recognition data to the card functions as a card for the external device once for one authentication, and the authentication after the first This is performed for the input of the recognition data after the second time. Therefore, in the embodiment of the present invention, the authentication is performed every time independently of the external device (or independently). This is done only on the card side.

尚、 図 4に示すように、 カード本体 1に、 数値を入力するためのキーボード 1 4 を設けることができ、 該キ一ボード 1 4は、 外部装置 3からではなく、 カード本体 1から暗証番号やパスヮ一ド等を入力できるようにしたものである。  As shown in FIG. 4, a keyboard 14 for inputting numerical values can be provided on the card body 1, and the key board 14 is provided not from the external device 3 but from the card body 1. And a password or the like.

従って、 上記実施例では、 カードを使用する場合、 その所持者が正当な所持者で なければ、 そのカードを使用することができない。 すなわち、 カードを取得しても 、 キーボード 1 4により暗証番号を入力しなければ指紋の照合を行うことができな いし、 たとえ、 そのカードの暗証番号を偶々知っていたとしても、 カード本体 1の メモリ 5に登録, 記録した固有身体パターン情報、 例えば指紋が、 デ一夕入力部 1 0から入力した指紋に合致しなければ、 液晶表示部 1 1にはエラー表示がなされ、 カードを使用することができない。 よって、 このようなキーボード 1 4による暗証 番号の入力は、 二重セキュリティをかけることになり、 これにより、 カードのセキ ユリティ機能が向上する。  Therefore, in the above embodiment, when a card is used, the card cannot be used unless the holder is a valid holder. That is, even if the card is obtained, the fingerprint cannot be verified without entering the password using the keyboard 14, and even if the password of the card is accidentally known, the card 1 If the unique body pattern information registered and recorded in the memory 5, for example, the fingerprint does not match the fingerprint input from the data input unit 10, an error message is displayed on the liquid crystal display unit 11, and the card must be used. Can not. Therefore, the input of the personal identification number using the keyboard 14 applies double security, thereby improving the security function of the card.

また、 例えば、 デビットカードやクレジットカードのような、 金銭の支払い行為 を可能とする機能を備えた電子認証カードを用意し、 このカードに数値を入力する ためのキーボード 1 4を設けることができる。 この場合、 認証後に支払金額を入力 し、 支払相手方の通信端末等に本カードを揷入して支払金額を読み取らせて支払行 為の役割を果たすようにすることができる。 さらに、 この種のカードに、 例えば、 残高照会というキーを設定すれば、 銀行の A TM機等を介して銀行口座残高を入力 させ、 その銀行口座残高を液晶表示部 1 1に表示させることもできる。  Also, for example, an electronic authentication card having a function of enabling payment of money, such as a debit card or a credit card, can be prepared, and a keyboard 14 for inputting a numerical value can be provided on this card. In this case, the user can enter the payment amount after authentication, insert the card into the communication terminal of the payee, read the payment amount, and play the role of performing the payment. Furthermore, if a key called balance inquiry is set on this kind of card, for example, a bank account balance can be input through a bank ATM machine or the like, and the bank account balance can be displayed on the liquid crystal display unit 11. it can.

以上説明した実施例においては、 カードのデータ入力部 1 0から身体パターン情 報等の認識データを入力してカードが使用可能な状態になつてから ATM機のスロ ットにカードを挿入して認証を実施したが、 他の第 2の実施例によれば、 前記スロ ットにカードを先に半分差込んでおき、 この状態でデータ入力部 1 0に、 例えば、 指紋等を入力するように構成することもできる。 換言すれば、 認証を必要とするま さにそのときに認識データの入力が行われる。 即ち、 認識データの入力及び認証行為は、 前記実施例と同様にカード側で行われ るが、 カードをスロットに先に、 少なくともその一部、 又は半分程度、 差込んだ状 態で認識データの入力及び認証を行う。 この手順は、 ATM機の直前でカード所持 者が立会うことを要求しているわけであるから、 より一層確実なセキュリティ保証 を行うことになる。 力 ^かる確実な認証を行うことの背景を説明する。 In the embodiment described above, recognition data such as body pattern information is input from the data input section 10 of the card, and the card is inserted into the slot of the ATM machine after the card becomes usable. Although authentication was performed, according to another second embodiment, a card is inserted halfway into the slot first, and for example, a fingerprint or the like is input to the data input unit 10 in this state. Can also be configured. In other words, input of recognition data is performed at that time before authentication is required. That is, the input and the authentication of the recognition data are performed on the card side in the same manner as in the above-mentioned embodiment, but the recognition data is inserted in a state where the card is inserted at least partially or half before the slot. Input and authenticate. Since this procedure requires that the cardholder be present in front of the ATM machine, it provides even more secure security assurance. Here's the background to strong authentication.

前述したように、 本発明において、 I Cカードに、 さまざまな個人情報、 とりわ け、 個人の財産情報 (各銀行の預金デ一夕等)を登録し、 一括して便利に管理できる ようになるが、 こうした場合に懸念される事柄は、 まさしく財産そのものを意味し ていることになるカード自体と、 そのカードの所持者の身の安全である。 身の安全 という意味を説明する。 以上に説明した実施例における場合のごとく、 カードが便 利になることは好ましいことであるが、 反面、 かかるカードの悪用を企図する不正 行為実行者が、 そのカードには所持者の全財産を引き出せる鍵としてのカードがあ ることに着目することは必至と思われる。 そして、 身体パターン情報の入力によつ てしかカードが使用できないとすれば、 前記実行者はカードの所持者自身に現金引 き出し等を実行させなければならない。 このような場合、 ATM機側の対応として 、 第 2の実施例のように、 ATM機のスロットに半分カードを差込み、 その後、 指 紋等の入力を行うような手順にしておけば、 前記実行者は銀行の ATM機の近辺ま でカード所持者と行動をともにする必要があるという不自然な状況を生じることに なる。 然るに、 現在でも銀行には監視カメラが設置されているが、 そのような不審 な行動は ATM設置者側にとり一層目立つことになり、 不正行為が発覚する可能性 が高くなる。 よって、 本実施例は、 そうした不正行為を抑制する効果を奏する。 ちなみに、 例えば、 1台の A TM機が設置されているスペースに対して一人しか そのスペースに入れない構造にしておくと、 前記実行者とカード所持者が同時にそ のスペースに入ることはできず、 カード所持者一人だけが A TM機設置スペースに 入り、 前記実行者はその近辺で待機することとなり、 カードが使用可能とならない ばかりか、 このときカード所持者は非常通報を行うようなチヤンスを得ることがで きる。 以上のような ATM機側の対応が可能となり、 カード所持者の財産と身の安 全を守るという極めて重要な目的が達成できるという画期的な効果を奏する。 以上のように、 本発明では、 個人情報の認証を全てカードを介して行い、 しかも 、 このカードを所持者本人が所有する。 本発明特有の構成のメリットは、 主として 、 プライバシ一保護と、 システム負荷の軽減とにある。 このうち、 プライバシ一保 護については若干既述したが、 さらに詳細に説明する。 前述したように、 指紋のよ うな個人情報は、 プライバシー情報であるので、 例えば銀行の ATM機等に登録す ると、 その個人情報が、 外部に漏洩するおそれがあって、 簡単に登録することがで きなかった。 つまり、 指紋その他の身体パターンは、 個人のプライバシーに属して おり、 例えば、 銀行やクレジット会社の ATM機側に個人認証のための入力手段を 設けるということは、 すなわち、 銀行やクレジット会社のホストコンピュータに自 分の指紋等を登録することに他ならないのであるから、 かかるプライバシー情報が 、 故意に、 あるいは、 過失、 事故、 犯罪者のホストコンピュータへの侵入等によつ て他の目的に流用される可能性があるということを意味する。 As described above, in the present invention, various personal information, particularly, personal property information (deposits and deposits of each bank, etc.) are registered in the IC card, so that the IC card can be conveniently and collectively managed. However, in such a case, the concern is the card itself, which means the property itself, and the security of the card holder. Explain the meaning of personal safety. As is the case with the embodiment described above, it is desirable for the card to be convenient, but on the other hand, a fraudster attempting to misuse such a card will have the entire property of the holder in the card. It seems inevitable to pay attention to the fact that there are cards that can be withdrawn. If the card can be used only by inputting the body pattern information, the executor must cause the card holder to execute cash withdrawal or the like. In such a case, as a countermeasure on the ATM machine side, as in the second embodiment, inserting a half card into the slot of the ATM machine, and then inputting a fingerprint or the like, the procedure described above can be executed. This creates an unnatural situation in which a consumer needs to act with the cardholder near the bank's ATM machine. Nevertheless, surveillance cameras are still installed in banks, but such suspicious behavior is more noticeable on the part of the ATM installers, and the possibility of fraud is increased. Therefore, the present embodiment has an effect of suppressing such misconduct. By the way, for example, if one ATM machine is installed in a space where only one person can enter the space, the executor and the card holder cannot enter the space at the same time. However, only one card holder enters the ATM machine installation space, and the executor stands by in the vicinity, and not only does the card become unusable, but at this time the card holder makes an opportunity to make an emergency call. Can get Wear. As described above, the ATM machine can respond, and the crucial effect of protecting the cardholder's property and personal safety can be achieved. As described above, in the present invention, all the authentication of personal information is performed via the card, and the card is owned by the holder. The advantages of the configuration unique to the present invention mainly reside in privacy protection and reduction of the system load. Of these, privacy protection has been described slightly, but will be described in more detail. As described above, personal information such as fingerprints is privacy information, so if you register it on a bank ATM, for example, the personal information may be leaked to the outside, so it is easy to register it. I couldn't do it. In other words, fingerprints and other body patterns belong to the privacy of individuals.For example, providing an input device for personal authentication on the ATM machine side of a bank or credit company means that the host computer of the bank or credit company Since this is nothing more than registering your fingerprints, etc., such privacy information is intentionally or diverted to other purposes, such as by negligence, accident, or intruder's intrusion into the host computer. Means that there is a possibility that

そこで、 本発明によれば、 全ての認証行為がカード側で行われるのであるから、 銀行やクレジット会社側にプライバシー情報を登録する必要はなく、 従って、 その ような情報が流用される可能性もない。 換言すれば、 上記 2つの実施例では、 力一 ド本体 1に、 指紋等の固有身体パターン情報が記憶, 保存されるので、 カード所持 者自身で管理でき、 気軽に登録することができる。 よって、 プライバシー保護の観 点からも問題が生じない。  Therefore, according to the present invention, since all authentication actions are performed on the card side, there is no need to register privacy information at the bank or credit company side, and thus such information may be diverted. Absent. In other words, in the above two embodiments, unique body pattern information such as a fingerprint is stored and stored in the forceps body 1, so that the card holder can manage the card and register easily. Therefore, there is no problem in terms of privacy protection.

次に、 システム負荷の軽減あるいはトラブルの最小限化に関して説明する。 本発 明が対象とする認証行為において、 もし、 銀行やクレジット会社のホストコンピュ 一夕に力一ド所持者全員の指紋等を登録するとなると膨大なデータ量に達する。 ま た、 これらが各種通信網を通じてそれぞれの端末間でデータの送受信を行うことに なるとすると、 デ一夕のトラフィックが異常に増大してしまう。 こうした場合、 デ 一夕通信に長時間を要し、 カードの所持者は端末の前で長時間待たされることにな り、 利便性は、 すこぶる低減される。 Next, reduction of the system load or minimization of troubles will be described. In the authentication activities targeted by the present invention, if the fingerprints of all the owners of the registered users are registered with the host computer of the bank or credit company, the amount of data will be enormous. In addition, if these devices transmit and receive data between terminals through various communication networks, the overnight traffic will increase abnormally. In such a case, it takes a long time to communicate overnight, and the card holder has to wait a long time in front of the terminal. And convenience is greatly reduced.

従って、 カード側で認証を行うことができれば、 ホストコンピュータに膨大な量 のデ一夕を蓄えてこれを管理する必要はなく、 運用上も有利である。 例えば、 ホス トコンピュータがダウンしてしまった場合は、 そのホストコンピュータに指紋等の デ一夕を登録しているカード所持者全員がカードを使用できなくなるが、 本発明に よれば、 カードが壊れてしまったとしてもカードが使用できなくなるのは、 その壊 れたカードの所持者だけで済むという点で大きなメリットが存する。 また、 各種通 信網を通じた大容量のデータ通信も、 カード側で認証を行えば、 当然、 必要ないの で、 カードの所持者が認証を待っために端末の前で長時間待たされることもないの である。  Therefore, if authentication can be performed on the card side, there is no need to store and manage an enormous amount of data in the host computer, which is advantageous in operation. For example, if the host computer goes down, all cardholders who have registered fingerprints and other data in the host computer will not be able to use the card, but according to the present invention, the card will be destroyed. There is a big advantage in that the card can no longer be used even if it has been destroyed, because only the owner of the broken card needs to do so. Also, large-scale data communication via various communication networks is not required if authentication is performed on the card side, so that the card holder may have to wait a long time in front of the terminal to wait for authentication. There is no.

また、 上記実施例では、 キャッシュカード等による金銭の支払行為の場合を例に 挙げて説明したが、 これに限定されることなく、 I Cカードの携帯性や多機能性に 着目し、 例えば家や車のドア開閉の際の認証システムにも適用でき、 上記実施例と 同様の作用, 効果を奏することができる。  Further, in the above embodiment, the case of paying money with a cash card or the like has been described as an example.However, the present invention is not limited to this. The present invention can also be applied to an authentication system for opening and closing a car door, and can provide the same operation and effect as the above embodiment.

尚、 上記電子認証システムに、 従来のように、 暗証番号のような機能を併用して もよいのはもとよりである。  It should be noted that a function such as a password may be used in combination with the electronic authentication system as in the past.

実施の形態 2 Embodiment 2

図 5 A及び図 5 Bは、 本発明の他の実施の形態の認識データ認証手段としての電 子認証力一ドの一例である I Cカード 1を示す。 前記実施の形態 1においては認証 のための身体パターンとして指紋を用いる場合について述べたが、 実施の形態 1の I Cカードのデータ入力部を CMO Sイメージセンサ等の小型カメラ 2 1に替える ことにより、 目の虹彩パターンを認証に使用することができる。 以下の説明におい ては、 実施の形態 1と異なる構成について説明する。 特に説明しない点は、 実施の 形態 1と同様である。  5A and 5B show an IC card 1 which is an example of an electronic authentication code as a recognition data authentication unit according to another embodiment of the present invention. In the first embodiment, the case where a fingerprint is used as a body pattern for authentication has been described.However, by replacing the data input section of the IC card of the first embodiment with a small camera 21 such as a CMOS image sensor, The iris pattern of the eye can be used for authentication. In the following description, a configuration different from the first embodiment will be described. The points that are not particularly described are the same as those in the first embodiment.

前述のような小型イメージセンサ 2 1は、 本出願の時点では、 約 1 0万画素を有 しているもののサイズが、 1 0 mm2、 厚さ 6 mm程度である。 かかる小型ィメー ジセンサ 2 1を I C力一ド 1に搭載するためには、 光学レンズ 2 1 aを配設する部 分の厚さを厚くし、 I Cカード 1として一体として構成することができる。 図 5 A に示す I Cカードには、 C MO Sイメージセンサ 2 1が設けられている。 このィメ ージセンサをさらに小型化することにより、 3 mm程度の厚さの力一ドに全て収め ることができる。 At the time of the present application, the small image sensor 21 as described above has about 100,000 pixels, but has a size of about 10 mm 2 and a thickness of about 6 mm. Such a small image In order to mount the sensor 21 on the IC card 1, the thickness of the portion where the optical lens 21 a is provided can be increased and the IC card 1 can be integrally formed. The IC card shown in FIG. 5A is provided with a CMOS image sensor 21. By further reducing the size of this image sensor, it is possible to fit it all into a force with a thickness of about 3 mm.

何れの厚さの場合の I Cカードも、 実施の形態 1の場合と同様にその I Cカード の一部分のみをスロットに差込んで認証を行なう方法が可能である。 即ち、 A TM 機側カードスロットの方向を、 図示したカメラが手前上方を向くように、 上から斜 め下方に差込む構造にして、 カードの一部分のみをスロットに差込み、 コネクト部 開閉カバ一 4 aを開にするかたわら、 前記カメラのレンズ 2 1 aが、 カードの所持 者が手続を行なっている情景を撮影するようにできる。 勿論、 認証後にカードの一 部分をスロットに差込んでもよい。  Regarding the IC card of any thickness, a method of performing authentication by inserting only a part of the IC card into the slot as in the case of the first embodiment is possible. In other words, the structure of the card slot on the ATM machine side is obliquely inserted from the top to the bottom so that the camera shown in the figure faces upward from the front, and only a part of the card is inserted into the slot. While opening a, the lens 21a of the camera can capture the scene in which the card holder is proceeding. Of course, a part of the card may be inserted into the slot after authentication.

次に、 虹彩のイメージ取得をよりスムーズに行なう構成が可能であり、 この構成 について述べる。 図 6 A及び図 6 Bに示す I Cカード 1には小型イメージセンサ 2 1の他に可視光線照射 L E D 2 2や、 近赤外線照射 L E D 2 3が設けられている。 この I Cカード 1は、 前記小型ィメ一ジセンサ 2 1の受光感度領域が近赤外線領域 を含むようにし、 カード内に収容可能なチップ型の近赤外線照射 L E D (発光ダイ オード) 2 2を埋設して構成したものである。 このような構成により、 黒い瞳の虹 彩であってもイメージを取得できる。 そして、 同時に可視光線 L E D 2 3を設け、 カード所持者が認証を行なう際に、 その目に向かって照射し、 瞳孔の大きさを調整 し、 虹彩を広げて多くのイメージを取得できるようにする。 また、 前記光学レンズ 2 1 aの上には可視光線を遮断するフィル夕(図示せず)を設置し、 余分なイメージ 情報をカツ卜することができる。 近赤外線照射 L E D 2 3のような近赤外線照射手 段は、 虹彩部分への映り込みを抑制するように配慮して設置する。 即ち、 瞳孔内に 収まるような角度で照射する。  Next, it is possible to achieve a configuration that allows smoother iris image acquisition, and this configuration will be described. The IC card 1 shown in FIGS. 6A and 6B is provided with a visible light irradiation LED 22 and a near infrared irradiation LED 23 in addition to the small image sensor 21. This IC card 1 has a chip-type near-infrared irradiation LED (light-emitting diode) 22 embedded in the card so that the light receiving sensitivity area of the small image sensor 21 includes a near-infrared region. It is configured. With such a configuration, an image can be acquired even if the iris has black eyes. At the same time, a visible light LED 23 is provided to illuminate the card holder's eyes when the card holder performs authentication, adjust the size of the pupil, widen the iris, and acquire many images . In addition, a filter (not shown) for blocking visible light can be provided on the optical lens 21a to cut off extra image information. Near-infrared radiation means A near-infrared radiation method such as LED23 should be installed with consideration given to suppressing reflection on the iris. In other words, the light is emitted at an angle that fits within the pupil.

このように小型イメージセンサ 2 1で身体パターン情報を取得する場合、 光学レ ンズ 2 1 aと、 その認証の対象となる虹彩との角度の位置関係によって入力デ一夕 が変化する。 この変化に対しては、 前記イメージセンサ 2 1において秒間 3 0フレ ーム程度のィメージ転送が可能なので、 所定の角度内に身体パターン情報のィメ一 ジが収まって虹彩の内周円形及び外周円形が登録時の形に近いものを見出したとき に、 認証のための比較演算を行なうことにする。 When acquiring body pattern information with the small image sensor 21 as described above, The input data changes depending on the positional relationship of the angle between the lens 21a and the iris to be authenticated. With respect to this change, the image sensor 21 can transfer an image of about 30 frames per second, so that the image of the body pattern information falls within a predetermined angle and the inner and outer circumferences of the iris are circular. When a circle whose shape is close to the shape at the time of registration is found, a comparison operation for authentication is performed.

またさらに、 所定の角度の入力デ一夕を複数メモリに記憶し、 瞳孔の大きさや瞼 の形の変化を検出するように構成することもでき、 これらを検出することにより、 被写体が生体であることも確認できる。 これにより、 虹彩を撮影した写真を前記ィ メ一ジセンサの前に置いたとしても認証を行なうことができないことになり、 認証 行為の信頼性がより向上する。  Further, the input data at a predetermined angle may be stored in a plurality of memories to detect a change in the size of the pupil or the shape of the eyelid, and by detecting these, the subject is a living body. You can also confirm that. As a result, even if a photograph of the iris is placed in front of the image sensor, authentication cannot be performed, and the reliability of the authentication operation is further improved.

このような比較演算において、 1 0万画素というのは、 1画素当り 8ビット程度 でグレースケールの 2 5 6段階の階調を設定できるので、 充分認証を行なうことが でき、 しかも、 1画像当り 1 0 0キロバイト程度の演算処理で済む。 尚、 比較演算 を行なう際、 画像を 2値化して記憶した場合は、 1 3キロバイト程度にまでデータ 容量を節約でき、 さらに演算処理が容易である。  In such a comparison operation, 100,000 pixels can be set in about 8 bits per pixel and 256 grayscale gradations can be set. Only about 100 kilobytes of arithmetic processing is required. If the image is binarized and stored when performing the comparison operation, the data capacity can be reduced to about 13 kilobytes, and the operation process is easier.

このとき、 照合のための次のようなアルゴリズムを利用することができる。 即ち 、 2値化のための閾値を設定し、 閾値を上下に変化させつつ瞳孔の中心を中心点と して登録データの瞼の形状等に合致するようにイメージを回転させ、 登録データに 近いイメージに補正する。 こののち、 補正したイメージを幾つかのブロックに分割 し、 そのブロックのそれぞれに対して照合の合否率をパーセンテージで算出する。 そして、 各ブロックごとの照合の合否率が所定値を上回るときのみ本人であること を認証する。 このようにィメージをプロックに分割して照合を行なうことにより、 照合演算における誤差を小さくすることができる。  At this time, the following algorithm for matching can be used. That is, the threshold value for binarization is set, and the image is rotated so that the center of the pupil is the center point and matches the shape of the eyelids in the registration data while changing the threshold value up and down, and the image is close to the registration data Correct to image. After that, the corrected image is divided into several blocks, and the pass / fail rate of comparison is calculated as a percentage for each of the blocks. Only when the pass / fail rate of the verification for each block exceeds a predetermined value, the user is authenticated. By dividing an image into blocks and performing collation as described above, an error in the collation operation can be reduced.

また、 例えば、 カメラ 2 1のピントが合わなかったとき等、 デ一夕入力が適切に 行われなかった場合は、 「レンズをもっと目に近づけて下さい」 等のメッセージを 液晶表示部 1 1に表示し、 場合によっては警告音を伴うようにして、 再度入力を行 なうように催促して力一ド所持者がデ一夕入力を行なう際の入力の便を図ることが できる。 If the input is not performed properly, for example, when the camera 21 is out of focus, a message such as “Please bring the lens closer to the eyes” is displayed on the LCD 11 Display, possibly accompanied by a beep, and By prompting the user to input data, the input can be facilitated when the power holder inputs the data overnight.

このように、 目の虹彩パターンを認証に用いると、 身体情報パターンの入力が、 指紋の場合のような接触を要する入力ではなく、 接触を要しない間接的入力となり 、 例えば、 指の表面の汚れや指を入力部に押圧する接触圧力の大小に依存しない入 力が可能となり、 認証精度が向上する利点がある。  As described above, when the iris pattern of the eye is used for authentication, the input of the physical information pattern is not an input that requires contact as in the case of a fingerprint, but an indirect input that does not require contact. This makes it possible to perform input that does not depend on the magnitude of the contact pressure of pressing a finger or a finger against the input unit, and has the advantage of improving authentication accuracy.

以上の実施の形態の説明からも明らかなように、 本発明は、 I Cカード側のみで 認証行為を完結する点を特徴とするので、 他の音声入力等の個人情報を利用する場 合であっても、 データ入力部の形態を変更し、 個人情報の種別に応じた比較演算を 行なうことができ、 同様の効果を奏する。  As is clear from the above description of the embodiment, the present invention is characterized in that the authentication action is completed only on the IC card side, so that the present invention is applicable to the case where other personal information such as voice input is used. However, the same effect can be obtained by changing the form of the data input unit and performing a comparison operation according to the type of personal information.

以上の如く、 本発明によると、 電子認証カードに、 認識デ一夕を入力するための データ入力部と、 該デ一夕入力部から入力された認識デ一夕と上記メモリに記憶さ れたデ一夕と比較する比較演算部と、 上記データ入力部及び比較演算部に接続され 、 上記デ一夕入力部から入力された信号に基づいて、 上記メモリ及び上記比較演算 部に信号を出力する制御部とを備え、 該制御部により、 登録時、 上記認識デ一夕を 上記メモリに記憶する一方、 照合時、 上記比較演算部において、 上記認識データと 上記メモリに記憶された認識データを比較し、 該各認識データが合致した場合に、 カードを使用可能な状態にするようにした。 これにより、 毎回の認証行為を外部装 置とは独立的に(又は単独に) 全てカード側だけで完結して行うことができ、 上記 データ入力部から入力された認識デ一夕と、 予めメモりに記憶された認識データが 合致しなければ、 たとえカードを所持し、 カードの暗証番号を知っていたとしても 、 カードを使用することができない。 よって、 カードのセキュリティ機能が著しく 向上する。 また、 固有身体パターン情報は、 カード本体のメモリに記憶されるだけ であるので、 カード所持者自身で管理することができ、 外部にその情報が漏洩する ことがない。 よって、 プライバシ一保護の観点からも優れている。  As described above, according to the present invention, the data input unit for inputting the recognition data, the recognition data input from the data input unit, and the data stored in the memory are stored in the electronic authentication card. A comparison operation unit for comparing with the data processing unit; and a signal connected to the data input unit and the comparison operation unit, and outputs a signal to the memory and the comparison operation unit based on a signal input from the data input unit. A control unit for storing the recognition data in the memory at the time of registration, and comparing the recognition data with the recognition data stored in the memory at the comparison operation unit at the time of comparison. Then, when the respective recognition data match, the card is made usable. As a result, each authentication operation can be performed completely independently of the external device (or independently) on the card side alone, and the recognition data input from the data input unit can be recorded in advance. If the stored recognition data does not match, the card cannot be used even if the user possesses the card and knows the PIN of the card. Therefore, the security function of the card is significantly improved. Also, since the unique body pattern information is only stored in the memory of the card body, it can be managed by the card holder himself, and the information is not leaked outside. Therefore, it is also excellent from the viewpoint of privacy protection.

Claims

請 求 の 範 囲 The scope of the claims 1 . 固有の身体パターン情報からなる認識デ一夕を認識データ認証手段に入力し、 該認識デ一夕認証手段において、 前記認識データを予め記憶された認識データと比 較して、 該各認識データが一致して認証が行われた場合に、 各種電子機器を使用で きるようにし、 一致しない場合に、 各種電子機器を使用できないようにし、 各種電 子機器のスィッチ的役割を果たすようにしたことを特徴とする電子認証システム。1. The recognition data consisting of the unique body pattern information is input to the recognition data authentication means, and the recognition data authentication means compares the recognition data with pre-stored recognition data, and performs each recognition. Various types of electronic devices can be used when data is matched and authentication is performed, and when they do not match, various electronic devices are disabled and played a role as a switch for various electronic devices. An electronic authentication system, characterized in that: 2 . 上記身体パターン情報は、 指紋であることを特徴とする請求の範囲 1に記載の 電子認証システム。 2. The electronic authentication system according to claim 1, wherein the body pattern information is a fingerprint. 3 . 上記身体パターン情報は、 音声であることを特徴とする請求の範囲 1に記載の 電子認証システム。  3. The electronic authentication system according to claim 1, wherein the body pattern information is a voice. 4. 上記身体パターン情報は、 虹彩パターンであることを特徴とする請求の範囲 1 に記載の電子認証システム。  4. The electronic authentication system according to claim 1, wherein the body pattern information is an iris pattern. 5 . 外部装置とデ一夕の授受を行うコネクト部と、 個人データを記憶するメモリを 備え、 上記メモリから個人デ一夕を取り出すようにした電子認証カードにおいて、 認識データを入力するためのデータ入力部と、 該デ一夕入力部から入力された認識 デー夕と上記メモリに記憶されたデータとを比較照合する比較演算部と、 上記デー 夕入力部及び比較演算部に接続され、 上記データ入力部から入力された信号に基づ いて、 上記メモリ及び上記比較演算部に信号を出力する制御部とを備え、 該制御部 により、 登録時、 認識デ一夕を上記メモリに記憶する一方、 照合時、 上記比較演算 部において、 認識データと上記メモリに記憶された認識データを比較し、 該両認識 データが合致した場合に、 カードを使用可能な状態にすることを特徴とする電子認 証カード。  5. An electronic authentication card that has a connection unit for exchanging data with an external device and a memory for storing personal data, and retrieves personal data from the memory. An input unit, a comparison operation unit for comparing and recognizing the recognition data input from the data input unit with the data stored in the memory, and connected to the data input unit and the comparison operation unit; A control unit that outputs a signal to the memory and the comparison operation unit based on a signal input from the input unit, and stores the recognition data in the memory at the time of registration by the control unit; At the time of collation, the comparison operation unit compares the recognition data with the recognition data stored in the memory, and when both the recognition data match, puts the card in a usable state. Electronic authentication card to. 6 . 上記デ一夕入力部は、 認識デ一夕を入力するためのスキャナからなることを特 徴とする請求の範囲 5に記載の電子認証力一ド。  6. The electronic authentication code according to claim 5, wherein the data input unit comprises a scanner for inputting the recognition data. 7 . 上記制御部は、 個人データを表示する表示部に接続されることを特徴とする請 求の範囲 5に記載の電子認証カード。 7. The control unit is connected to a display unit for displaying personal data. The electronic authentication card described in claim 5. 8 . 上記制御部は、 認識データが上記メモリに未登録の場合、 上記データ入力部か ら認識データが入力されると、 最初の認識データを上記メモリに記憶するとともに 、 2回目以降の認識データを上記メモリに記憶された認識データと比較するように したことを特徴とする請求の範囲 5に記載の電子認証力一ド。  8. When the recognition data is not registered in the memory, the recognition unit stores the first recognition data in the memory when the recognition data is input from the data input unit, and stores the second and subsequent recognition data in the memory. 6. The electronic authentication method according to claim 5, wherein the information is compared with the recognition data stored in the memory. 9 . 請求の範囲 5記載の電子認証カードの少なくとも一部を前記外部装置に挿入し 、 前記認識データを前記電子認証カードに入力して認証を行うことを特徴とする電 子認証方法。 9. An electronic authentication method comprising: inserting at least a part of the electronic authentication card according to claim 5 into the external device; and inputting the recognition data to the electronic authentication card to perform authentication.
PCT/JP1999/004393 1998-08-13 1999-08-12 Electronic authentication system and its card WO2000010125A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP10/229088 1998-08-13
JP22908898A JP2003067687A (en) 1998-08-13 1998-08-13 Electronic authentication system and its card

Publications (1)

Publication Number Publication Date
WO2000010125A1 true WO2000010125A1 (en) 2000-02-24

Family

ID=16886571

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP1999/004393 WO2000010125A1 (en) 1998-08-13 1999-08-12 Electronic authentication system and its card

Country Status (2)

Country Link
JP (1) JP2003067687A (en)
WO (1) WO2000010125A1 (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2003157332A (en) * 2001-11-21 2003-05-30 Oki Electric Ind Co Ltd Personal identification device, personal identification system, card issuing device and card issuing system
JP2005310157A (en) * 2004-04-20 2005-11-04 Agilent Technol Inc Biometric data card and method for authenticating user using it
JP2007011993A (en) * 2005-07-04 2007-01-18 Sony Corp Information processing system, information processor and method, and program
US10187378B2 (en) 2013-05-27 2019-01-22 Fuji Xerox Co., Ltd. Authentication system and non-transitory computer readable medium

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2006155217A (en) * 2004-11-29 2006-06-15 Hitachi Ltd External storage device having authentication mechanism
JP4914578B2 (en) * 2005-05-27 2012-04-11 日立オムロンターミナルソリューションズ株式会社 Automatic cash transaction apparatus and transaction system

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPS63163589A (en) * 1986-12-25 1988-07-07 Mitsubishi Electric Corp Ic card with fingerprint input device
JPH01147791A (en) * 1987-12-04 1989-06-09 Nec Corp Ic card
JPH02118790A (en) * 1988-10-27 1990-05-07 Nec Corp Ic card with fingerprint collating function
JPH09328938A (en) * 1996-06-06 1997-12-22 Secom Co Ltd Non-contact type information source unlocking device

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPS63163589A (en) * 1986-12-25 1988-07-07 Mitsubishi Electric Corp Ic card with fingerprint input device
JPH01147791A (en) * 1987-12-04 1989-06-09 Nec Corp Ic card
JPH02118790A (en) * 1988-10-27 1990-05-07 Nec Corp Ic card with fingerprint collating function
JPH09328938A (en) * 1996-06-06 1997-12-22 Secom Co Ltd Non-contact type information source unlocking device

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2003157332A (en) * 2001-11-21 2003-05-30 Oki Electric Ind Co Ltd Personal identification device, personal identification system, card issuing device and card issuing system
JP2005310157A (en) * 2004-04-20 2005-11-04 Agilent Technol Inc Biometric data card and method for authenticating user using it
JP2007011993A (en) * 2005-07-04 2007-01-18 Sony Corp Information processing system, information processor and method, and program
US7787662B2 (en) 2005-07-04 2010-08-31 Sony Corporation Information processing system, information processing apparatus and method, and program
US10187378B2 (en) 2013-05-27 2019-01-22 Fuji Xerox Co., Ltd. Authentication system and non-transitory computer readable medium

Also Published As

Publication number Publication date
JP2003067687A (en) 2003-03-07

Similar Documents

Publication Publication Date Title
CN104487987B (en) System and method for fraud prevention
US7172115B2 (en) Biometric identification system
JP4804759B2 (en) IC card updating method and IC card updating apparatus having biometric authentication function
US6700998B1 (en) Iris registration unit
US8461961B2 (en) Tamper-proof secure card with stored biometric data and method for using the secure card
US20080222720A1 (en) Financial and similar indentification cards and methods relating thereto
US20130036017A1 (en) Financial card for online fund transfer and method therefor
US20070073619A1 (en) Biometric anti-fraud plastic card
US20040091136A1 (en) Real-time biometric data extraction and comparison for self identification
JP2018515830A (en) System and apparatus for biometric authentication and authorization of a unique user
CN101833830A (en) information processing device
JP2006146914A (en) Identification card with biosensor, and user authentication method
CN104636765A (en) Self-service card dispenser for authenticating identity based on third-generation identity card fingerprint and photo information
US20140052632A1 (en) Financial card for online fund transfer and method therefor
CN115660674A (en) Multifunctional card, card settlement terminal and card settlement system
JP2004211541A (en) Safe-deposit box using biological recognition technology
KR20180057167A (en) An Unmanned Financial Transactions System and A Financial Transactions Method Using The Same
TWI687872B (en) Transaction system based on face recognitioin for verification and method thereof
WO2001059580A1 (en) Personal authentication system
JP3635284B2 (en) Personal authentication system
WO2000010125A1 (en) Electronic authentication system and its card
TW201942879A (en) Transaction system based on face recognition for verification and method thereof
US12105784B1 (en) Secure biometric-based smart card activation method and system
US20070075130A1 (en) Mid-Level Local Biometric Identification Credit Card Security System
JP2006252110A (en) Financial transaction system

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): CA JP US

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE

121 Ep: the epo has been informed by wipo that ep was designated in this application
122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP

Ref document number: 2000565499

Format of ref document f/p: F

点击 这是indexloc提供的php浏览器服务,不要输入任何密码和下载