Patent Grant
7242277
The present invention relates to a personal authentication device used, for instance, in a commercial transaction, and to a portable terminal apparatus that comprises such device and performs transactions of various types of services.
Recently, the use of credit card instead of cash money to complete commercial transactions over a computer network employing Electronic Commerce (EC) is remarkably increased, and mobile EC that uses mobile terminals such as portable phone also starts spreading.
In a commercial transaction, it becomes necessary to perform {circle around (1)} personal authentication, {circle around (2)} approval of personal authentication, and {circle around (3)} transmission of transaction data.
The steps of acquiring inputs of Personal Identifier Number (PIN) such as secret number, password, collating input PIN with data that is registered previously, carrying out personal authentication ({circle around (1)}) and approval of personal authentication ({circle around (2)}), and transmitting transaction data such as credit card number, expiration date ({circle around (3)}), are performed in present transaction system. However, {circle around (1)} and {circle around (2)} are performed simultaneously when a user inputs the PIN information.
Moreover, recently, the technology of biometric authentication that utilizes the user's biological features such as fingerprint, iris and voice is gaining great attention as means for personal authentication, and computers that have user authentication functions by means of fingerprint and enter/leave access control systems that perform personal authentication by fingerprint are in practical use.
Transaction system using PIN for authentication cannot identify a particular person as such PIN can be input by another person, it is difficult to avoid the possibility of performing “counter feinting”. Thus, user has to care about others' eyes when inputting PIN information.
Fingerprint authentication avoids “counter feinting”, and increase possibility of safe transaction. However, when fingerprint authentication technology is applied in a mobile EC terminal, for instant, the operations of turning on the power to initiate fingerprint authentication application, extracting fingerprint for personal authentication, pressing a button for authentication approval, and transmission transaction data are complicated compared with PIN input operations.
To simplify these operations, fingerprint authentication application is initiated in advance, but the problem of increasing power consumption may be raised. Decreasing power consumption becomes an indispensable matter, specially, in portable tools such as portable phones/PDA, etc. To decrease power consumption, it is important to delay the processing of initiating fingerprint authentication application until such processing becomes necessary.
Although the fingerprint is read out through a sensor and fingerprint collation data is subjected to collation in fingerprint authentication processing, there is a risk that this fingerprint collation data might be revealed by hacking.
Even if transaction data and personal authentication processing are succeeded, similar risk still might occur during transmission.
It is an object of the present invention to provide a personal authentication device that performs a simple fingerprint authentication processing, and to provide a portable terminal apparatus that comprises such a device.
A personal authentication device according to one embodiment of the present invention comprising functions for performing personal authentication processing of an operator using biological features of the operator when an operation is initiated in an operation section, and approving authentication processing in response to the operation.
A personal authentication device according to another embodiment of the present invention comprising functions for performing personal authentication processing of an operator using a fingerprint of an operator finger that presses an operational button, and approving authentication processing in response to the action of pressing the operational button.
A personal authentication device according to another embodiment of the present invention comprising: a switch, a fingerprint sensor, a tamper resistant module (TRM), a switch power supply element to supply power to said switch from an external section of the device, a sensor power supply element to supply power to the fingerprint sensor from the switch, and a TRM power supply element to supply power to tamper resistant module from the switch, wherein tamper resistant module comprises a fingerprint authentication processor, a fingerprint collation data storing section, and a confidential information storing section.
A personal authentication device having a tamper resistant module according to another embodiment of the present invention comprising: a switch, a fingerprint sensor, a fingerprint authentication processor, a fingerprint collation data storing section, a confidential information storing section, a switch power supply element to supply power to the switch from an external section of the device, and a sensor power supply element to supply power to the fingerprint sensor from the switch.
A portable terminal apparatus having personal authentication device according to another embodiment of the present invention comprising a communication section to transmit data output from the personal authentication device to external section.
Hereafter, an embodiment of the present invention will be specifically described with reference to the accompanying drawings. In addition, the present invention is not limited to this embodiment and any other embodiments can be applied to this invention without deviation from the invention scope.
In the present embodiment, the case of using personal authentication device in a commercial transaction will be explained below.
Personal authentication device 10, as shown in
Fingerprint authentication sensor 11 which services as a switch button is set in front side of device 10, while the back side comprises an IC chip of tamper resistant module (TRM) 12, external interface (I/F) 13 to contact the connection terminal side of portable phone 30 when device 10 is mounted in portable phone 30, and bus circuit 14 to connect fingerprint authentication sensor 11 to TRM 12.
Fingerprint authentication sensor 11 is elastically supported using spring as a push button type switch 15, and as shown in
TRM 12 stores transaction data 121 such as credit card number, fingerprint collation data 123, and fingerprint authentication application 122 to perform fingerprint authentication processing. Transaction data 121 might be credit card number, expiration date and secret number, or account number and secret number.
In addition, when a finger presses fingerprint authentication sensor 11, adds physical pressure and turns on a push button type switch 15, the power provided from portable phone through power supply terminals 113 is supplied to fingerprint authentication sensor 11 via terminals 17, and further supplied to TRM 12 via terminals 18.
External communication module 32 of Infrared Data Association (IrDA) of portable phone 30 transmits the data output from TRM 12.
Beside the internal configuration shown in
When a user finger presses fingerprint authentication sensor 11 ({circle around (1)}), turns on push button type switch 15, portable phone 30 supplies power to TRM 12 and fingerprint authentication sensor 11 ({circle around (2)}), and fingerprint authentication sensor 11 detects the fingerprint of the user finger.
OS 33 of portable phone 30 detects a signal transmitted to personal authentication device 10, and initiates EC application 34.
Fingerprint authentication application 122 is automatically initiated when supplying power to TRM 12 ({circle around (3)}). Fingerprint authentication application 122 acquires data detected from fingerprint authentication sensor 11 ({circle around (4)}), when a user is authenticated after collation with fingerprint collation data 123 ({circle around (5)}), fingerprint authentication application 122 extracts the necessary data from transaction data 121 ({circle around (6)}), and transmits transaction data (or the data resulted from processing transaction data) and transmission instructions to EC application 34 ({circle around (7)}).
EC application 34 that receives transaction data along with transmission instructions turns on the power supply of external communication module 32 ({circle around (8)}), and transmits transaction data outside through external communication module 32 ({circle around (9)}). In addition, fingerprint authentication application 122 of ({circle around (3)}) is initiated simultaneously or immediately after turning on power supply of external communication module 32 of ({circle around (8)}).
External communication module 32 is activated to transmit transaction data only when a user presses fingerprint authentication sensor (button) 11.
As shown in
When adding physical pressure on fingerprint authentication sensor 11, push button type switch 15 is turned on to supply external power to personal authentication device 10 which in turn supplies fingerprint authentication sensor 11 and initiates fingerprint authentication application 122.
The initiated personal authentication device 10 transmits transaction data and transmission instruction, and upon the reception of the above, the power supply of external communication module 32 of portable phone 30 is turned on and transaction data is transmitted.
Since fingerprint authentication sensor 11, fingerprint authentication application 122, and external communication module 32 are initiated immediately before their use becomes necessary, it is possible to reduce power consumption.
Since transaction data 121 and fingerprint collation data 123 are protected inside TRM 12, there is no threat of external leakage. Moreover, the transaction data can be taken out of TRM 12 only upon successful personal authentication, so that there is no threat that the transaction data is read out by way of illegitimate access such as hacking.
A user who had a meal at a restaurant holds a written receipt and goes to a register ({circle around (1)}). When a clerk inputs an amount of money of the written receipt into POS terminal 40 ({circle around (2)}), the total amount of money is displayed on a screen of POS terminal 40 ({circle around (3)}). The user who approved payment of such total amount of money pushes, using his finger, fingerprint authentication sensor of personal authentication device 10 installed in portable phone 30 ({circle around (4)}).
After completing the steps of personal authentication using personal authentication device 10, portable phone 30 transmits account number and secret number to POS terminal 40. POS terminal 40 performs transaction processing between transaction systems which are connected over a network, and prints a receipt after completing transaction processing. Finally, the register passes printed receipt to the user ({circle around (5)}).
Thus, a conventional transaction system operation in which a magnetic reader reads out a credit card and a user inputs a secret number, is replaced by an operation that can be realized in a portable phone 30 comprising personal authentication device 10 in which a user pushes fingerprint authentication sensor 11 of personal authentication device 10 for one time.
Thus, it becomes unnecessary to worry whether others are watching the operation of inputting a secret number when using personal authentication device.
It is possible to install fingerprint authentication sensor 11, pushbutton type switch 15, and power supply terminal inside TRM 12.
As shown in
Communications in external communication module 32 and 19 can be carried out using Bluetooth communication or contactless IC card besides infrared radio communication.
Although the case where external communication module 32 of portable phone 30 transmits transaction data output from personal authentication device 10 over local communication was explained, but radio communication section of portable phone 30 can be used to transmit transaction data output from personal authentication device 10 over a network, and use commercial transaction in mobile EC which processes transaction over the network.
However, a mechanical exemplary composition of fingerprint authentication sensor 11 is given, as switch is turned on simultaneously with extracting fingerprint, but any other compositions are possible. The integrated composition of fingerprint authentication sensor 11 in TRM 12 might be a preferable composition as when fingerprint authentication sensor 11 is pressed, the switch is turned on.
Furthermore, in order to prevent personal authentication device 10 to mistakenly operate when a user touches unconsciously fingerprint authentication sensor 11, a possible composition is that personal authentication device 10 operates only when fingerprint authentication sensor 11 is continuously pressed for 2 seconds or more.
Any other kinds of data which are necessary for personal authentication are possible beside transaction data used in personal authentication device for personal authentication.
When insurance certificate number or driver's license are used to authenticate a person in a financial institution, it is possible to authenticate that the insurance certificate number or driver's license belongs to that person by storing such a number in TRM of personal authentication device.
Similarly, it is possible to use the personal authentication device in the case where authentication is carried out by personal ID number or in any case where what is needed is just to show confidential information such as amusement park annual passport, ticket used for a box seat of a baseball field, and enter/leave access control systems.
The case when personal authentication device installed on a card that is mounted in portable terminal is explained, but equivalent case when personal authentication device and portable phone are embedded in one piece, as the function corresponding to personal authentication device is embedded in a portable terminal is not considered at all.
Using fingerprint as a personal authentication is explained, but other biometrics information (biological information) such as iris, voiceprint, are also applicable.
For example, when using a voice print, an applicable form of the present invention is to use microphone as a sensor. That is, when a user starts talking through a microphone, wind pressure vibration arises which in turn generates an electric current as a trigger (supplying of power), and the structure is referred to as comparing between information detected by microphone and voiceprint collation data.
This application is based on the Japanese Patent Application No.2002-072670 filed on Mar. 15, 2002, entire content of which is expressly incorporated by reference herein.
The present invention is applicable to a personal authentication device used, for instant, in commercial transactions, and to a portable terminal apparatus that comprises such device and performs transactions of various types of services.
| Number | Date | Country | Kind |
|---|---|---|---|
| 2002-72670 | Mar 2002 | JP | national |
| Filing Document | Filing Date | Country | Kind | 371c Date |
|---|---|---|---|---|
| PCT/JP03/02831 | 3/11/2003 | WO | 00 | 9/5/2003 |
| Publishing Document | Publishing Date | Country | Kind |
|---|---|---|---|
| WO03/079291 | 9/25/2003 | WO | A |
| Number | Name | Date | Kind |
|---|---|---|---|
| 5623552 | Lane | Apr 1997 | A |
| 5903225 | Schmitt et al. | May 1999 | A |
| 6141436 | Srey et al. | Oct 2000 | A |
| 6466781 | Bromba et al. | Oct 2002 | B1 |
| 6484260 | Scott et al. | Nov 2002 | B1 |
| 6547130 | Shen | Apr 2003 | B1 |
| 7003495 | Burger et al. | Feb 2006 | B1 |
| 20020073340 | Mambakkam et al. | Jun 2002 | A1 |
| 20020118865 | Hosokawa | Aug 2002 | A1 |
| 20030048904 | Wang et al. | Mar 2003 | A1 |
| 20030115490 | Russo et al. | Jun 2003 | A1 |
| 20030149662 | Shore | Aug 2003 | A1 |
| Number | Date | Country |
|---|---|---|
| 10-149446 | Jun 1998 | JP |
| 11-272349 | Oct 1999 | JP |
| 2000-57324 | Feb 2000 | JP |
| 2000-76412 | Mar 2000 | JP |
| 2001-92554 | Apr 2001 | JP |
| 2002-024812 | Jan 2002 | JP |
| 2002-24812 | Jan 2002 | JP |
| 2002-011052 | Feb 2002 | KR |
| Number | Date | Country | |
|---|---|---|---|
| 20040085188 A1 | May 2004 | US |
