JP2006293875A - Settlement system cooperating with biological authentication, and settlement terminal for ic card and ic card for use in the same - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To constitute a system capable of using results of a plurality of biological authentications and mutually securing individual securities in cooperation with service such as a settlement. <P>SOLUTION: Individual biological authentications in IC cards and the service hold common data respectively, and a device executes individual processing while securing individual securities and executes processing of providing the service after confirming coincidence of common data. <P>COPYRIGHT: (C)2007,JPO&INPIT

Description

  The present invention relates to a biometric authentication linked payment system that uses a combination of biometric authentication and payment to improve security, an IC card payment terminal used therefor, and an IC card having a biometric authentication function.

As a method for identifying a person who is difficult to impersonate another person in settlement or entry / exit management, there is a personal authentication using biometric information. Conventionally, it has been attracting attention as a means for authenticating a person who is more difficult to impersonate than a commonly used ID or password. An example of an authentication system using biometric information is disclosed in Patent Document 1.
Patent Document 1 is a system that enables a plurality of biometric authentications by providing a terminal device with means for recording a plurality of pieces of biometric information possessed by an individual.

Japanese Patent Laying-Open No. 2005-10826

  Biometric authentication is a means for authenticating the identity of a person in a service such as financial settlement using a bank account, for example, and requires operation in conjunction with these services using a plurality of biometric authentication results. Individual biometric authentication can identify an individual within the security range secured by the system. On the other hand, individual services can also provide services such as payment within the security range secured by the system. When constructing a biometric authentication system linked to this service, the result of authenticating the identity and the security of the service are often separate. Therefore, it is necessary to construct a system in which mutual systems can protect individual security.

  In addition, when an individual uses an IC card as a storage device for biometric information, the device used to acquire biometric information is often larger than the IC card and is difficult to put inside the IC card. . For this reason, it is necessary to input the read biometric information to the IC card or to read out some information for use in acquiring biometric information from the IC card. However, reading data from or writing data to an IC card is a security measure that data passes through the contact point between the IC card and the terminal, so that there is a possibility that data can be obtained by another person at this contact point. There is a problem with various threats.

The problem to be solved is that biometric authentication is a means of authenticating the identity of a person in a service such as financial settlement using a bank account, for example, and is linked to these services using multiple biometric authentication results. Therefore, it is necessary to construct a system that can protect individual security.
In addition, when an individual uses and uses an IC card as a biometric information storage device, there is a possibility that communication occurring with the device used for biometric information acquisition may be acquired by another person. .

  In order to solve the above-described problems, in the present invention, each biometric authentication and service each holds common data in an IC card handled by an apparatus that provides the service in conjunction with biometric authentication, and provides the service. The device executes individual processing while ensuring individual security, and the plurality of services are linked by confirming that the common data matches by the device providing the service.

That is, according to the present invention, in the biometric authentication linked payment system comprising the IC card having a biometric authentication function having a communication means between the arithmetic device and the outside, and the IC card payment terminal,
The IC card includes a first operation program that describes an operation procedure of the arithmetic device, a first information storage means that is read and written by the first operation program, and biometric information is recorded, and an arithmetic device of the IC card And a second information storage unit that is read and written by the second operation program, and the first information storage unit includes a first electronic device for identification. Information is provided, and second electronic information having the same meaning as the first electronic information is recorded in the second information storage means, and the IC card settlement terminal is configured to communicate with the IC card. IC card read / write means for reading and writing data via the terminal, a terminal program for reading and writing data via the IC card read / write means, a central processing unit for terminals that operates according to instructions of the terminal program, The terminal central processing unit has a terminal storage memory capable of storing and erasing data according to instructions of the terminal program, and the terminal central processing unit is configured to transmit the first electronic device via communication means with the outside of the IC card. Information and the second electronic information are read, and at least one of the read first electronic information or the second electronic information is recorded in the terminal storage memory, and the first electronic information or the second electronic information is recorded. The terminal program has a process for confirming that the meanings of the electronic information match.

  Further, in the biometric authentication cooperative settlement system according to the present invention, the first key data for cryptographic processing is recorded in the first information storage means, and the second key different from the first key data for cryptographic processing is recorded. Data is recorded in the second information storage means, and encryption information using the first key data or authentication information generated using the first key data is transmitted via the communication means of the IC card. Configured to be transmitted and received.

With the above configuration, the service providing apparatus acquires, for example, an account number for settlement as common information within the security range secured by the biometric authentication system, and further activates the settlement system to secure the settlement system. For example, an account number for payment is acquired as common information within the scope of security, and if both of these pieces of common information match, the device providing the service determines that each person has processed the same person. can do.
In addition, before the communication that occurs between the devices used to acquire biometric information, the IC card and the device providing the service perform mutual authentication using encryption technology, and then the IC card data is read and written. Therefore, it is possible to reduce the possibility that data is easily acquired or input by another person.

  ADVANTAGE OF THE INVENTION According to this invention, the biometric authentication cooperation payment system which improved security can be provided, and possibility that biometric information data will be acquired by others can be reduced.

The system provides mutual authentication using triple DES between the device providing the service and the IC card, and acquires and records the account number for settlement held in the IC card application for the biometric authentication system as common information. In addition, the payment system is activated, the account number for payment is acquired as common information within the security range of the payment system, and the device providing the service confirms that both account numbers match, A mechanism has been realized that can determine that the same person has been processed between different systems.
In addition, if the IC card performs processing for biometric authentication after the mutual authentication between the IC card and the device providing the service is successfully completed, the IC card is illegal. A mechanism has been realized that reduces the possibility of data acquisition and data input by others using devices that provide various services.

Hereinafter, embodiments of the present invention will be described with reference to the drawings.
FIG. 1 is a block diagram showing the configuration of an embodiment of the present invention.
101 is an IC card payment terminal, 102 is an IC card that is electrically connected to an IC card connection port of the IC card payment terminal to allow electronic information to be exchanged, 103 is a central processing unit that controls the IC card 102, A program 104 is connected to the central processing unit 103 and defines processing operations of the central processing unit 103. A memory 105 is connected to the central processing unit 103 and is used for temporary storage of data by the central processing unit 103. Non-volatile memory connected to the arithmetic unit 103, capable of reading / writing and erasing data from the central arithmetic unit 103, and capable of storing electronic information such as data without applying power, 107 for an IC card A central processing control function for controlling the internal operation of the settlement terminal 101; 108, a program defining processing operations of the central processing control function 107; A memory 110 connected to the central processing control function 107 for reading and writing data when executing a program such as temporary storage of data, 110 is connected to the central processing control function 107 and a user of the IC card settlement terminal 101 (not shown). The display function 111 for outputting and presenting visual information such as images and characters is connected to the central processing control function 107, and a user (not shown) of the IC card settlement terminal 101 An input function that enables input of necessary information, 112 is a finger which is a living body of a part of a user (not shown), 113 is a biological information reading device for reading biological information held by the finger 112, Reference numeral 114 denotes a function of the program 108, biometric authentication processing for performing personal authentication processing operation using the biometric information of the finger 112 read by the biometric information reader 113, and 115 a central processing controller 107 is a network connection function that enables communication of electronic information with the outside of the IC card settlement terminal 101, and 116 is a network connection function that enables the IC card settlement terminal 101 to communicate electronic information. The network 117 is connected to the network 116 and performs settlement by exchanging electronic information. The IC card settlement terminal 101 uses the network connection function 115 to exchange electronic information with the settlement processing center 117. 119 is an account number that is temporarily stored in the memory 109 and is referred to when the payment processing function 118 performs a payment process, and 120 is a biometric authentication process. The encryption key B is used in the encryption processing function 114 has.

  FIG. 2 is a block diagram showing the configuration of the IC card 102 of the present invention. The same components as those in FIG. 1 are given the same reference numerals. Reference numeral 201 denotes an IC card OS having a function of operating a plurality of processing programs in the IC card 102 and protecting each other's security, and 202 denotes a single program operating on the IC card OS 201. A settlement processing program 203 is a settlement data area that stores data used by the settlement processing program 202 provided in a part of the nonvolatile memory 106, and 204 is another program that operates on the IC card OS 201. A biometric authentication program 205 is a biometric authentication data area that is provided in a part of the nonvolatile memory 106 and stores data used by the biometric authentication program 204.

  The configuration of the present invention will be further described with reference to FIG. FIG. 3 is a block diagram showing the detailed configuration of the settlement data area 203 of the present invention. The same components as those in FIG. 2 are given the same reference numerals. 301 is an account number indicating a settlement account such as a holder of the IC card 102 stored in the settlement data area 203, and 302 is a network 116 by the settlement processing program 202, the settlement processing function 118, etc. This is an encryption key A used when performing a payment process with the payment processing center 117.

  The configuration of the present invention will be further described with reference to FIG. FIG. 4 is a block diagram showing a detailed configuration of the biometric authentication data area 205 of the present invention. The same components as those in FIG. 2 are given the same reference numerals. 401 is an account number indicating an account of the holder of the IC card 102 stored in the biometric authentication data area 205, 402 is a biometric by the biometric authentication program 204, the biometric authentication process 114, the biometric information reader 113, and the like. The biometric information for authentication, which is biometric information possessed by the holder of the IC card 102, used when performing the authentication process, 403 is the biometric authentication program 204, the biometric authentication process 114, the biometric information reading device 113, and the biometric information for authentication 402 This is an encryption key B that is used when performing biometric authentication processing such as.

  The configuration of the present invention will be further described with reference to FIG. FIG. 5 is a block diagram showing the file structure of the IC card 102 of the present invention. The same components as those in FIG. 2 are given the same reference numerals. The configuration conforms to ISO standard 7816. The description in the sentence follows the ISO standard file name. Reference numeral 501 denotes an MF positioned at the top of a file that can be accessed by the IC card 1 immediately after power-on and reset. Reference numeral 502 denotes a DIR in which a directory containing application programs existing in the IC card 1 is recorded. The function realized by the settlement processing program 202 shown in FIG. 2 is shown as the settlement process DF on the file structure of the IC card 102, and 504 is realized by the settlement processing program 204 shown in FIG. The biometric authentication process, the payment data area 203 and the biometric authentication data area 205, whose functions are indicated as DF on the file configuration of the IC card 102, are arranged as EFs under the DF representing each process.

  With the configuration described above, the operation of the present invention will be described below with reference to the drawings. FIG. 6 is a data flow diagram showing data exchanged between the IC card settlement terminal 101 and the IC card 102 as the operation of this embodiment. In the IC card 102, an account number 402 having the same number as the account number 301, an encryption key A302, an encryption key B403, and authentication biometric information 402, which are user biometric information, are recorded in advance. . First, if there is an account number 119 recorded in the memory 109, the IC card settlement terminal 101 deletes it.

  In step 601, a processing start command is sent to the IC card 102. The processing start command includes a random number generated by the IC card settlement terminal 101 as information necessary for starting the processing. In step 602, the IC card 102 obtains information necessary for starting the process from the received process start command, and then performs a process necessary for continuing the process. Information necessary for continuing the process is generated as a process necessary for continuing the process. As one of the information generations, a process of encrypting the received random number with the internal encryption key B403 is also performed. Further, a new random number is generated inside the IC card 102. Information necessary for continuing other processing is added to the result encrypted with the encryption key B and the new random number, and output as a processing start response.

  The IC card settlement terminal 101 uses the information received as the process start response to prepare for biometric authentication. As a preparation, first, the result obtained by encrypting the random number previously transmitted by the IC card settlement terminal with the encryption key B is processed in the same procedure as the IC card 102 with the encryption key B120 held in the biometric authentication process. Encryption is performed, and the calculated result is compared with the encrypted result of the response of the IC card 102 obtained in step 602. As a result of the comparison, if both are the same, the IC card settlement terminal 101 confirms that the IC card 102 has the same encryption key B.

  Next, the IC card settlement terminal 101 encrypts the random number generated by the IC card 102 using the encryption key B120. Further, the processing is continued using the information necessary for continuing the processing output from the acquired IC card 102 by the processing start response. As a process, the IC card settlement terminal 101 uses the biometric information reading device 113 in step 603 to read biometric information from the user's finger 112. The read biometric information is the biometric authentication in step 604 together with the data processed for input to the IC card 102 and the data obtained by encrypting the random number generated by the IC card 102 using the encryption key B120. Input to the IC card 102 as a command.

  The IC card 102 encrypts the result of encryption performed by the IC card settlement terminal 101 with the encryption key B120 and the random number held therein using the encryption key B403 inside the IC card 102 from the input biometric authentication command data. It is confirmed that the IC card settlement terminal 101 has the same encryption key B by comparing the result with the digitized result and confirming that they are the same. As a result, the IC card settlement terminal 101 and the IC card 102 have confirmed that the other party to exchange data with each other has the same encryption key B.

  In general, the encryption key B is managed and operated so as not to leak outside for the purpose of ensuring that it cannot be known unless it is a legitimate device. If you can confirm that you have this encryption key B, you can confirm that both are the holders of the encryption key B that are both valid in this management and operation. Both can confirm that they are payment terminals. This is a technique generally referred to as mutual authentication. In this embodiment, a cryptographic operation using triple DES, which is a common key cryptosystem, is used.

  In step 605, the IC card 102 that has authenticated that the IC card settlement terminal 101 is a terminal having a valid encryption key B performs a process on the biometric information that has been subjected to the process input by the biometric authentication command. As a result of the processing, the biometric authentication program 204 operating on the central processing unit 103 of the IC card 102 determines that the input biometric information matches the authentication biometric information 402 recorded in the IC card 102. In this case, the IC card 102 outputs the authentication result as a biometric authentication response in step 606. The biometric authentication response includes an authentication result, data obtained by encrypting the authentication result with the encryption key B403, and data obtained by encrypting the account number 402 recorded and held in the IC card 102 with the encryption key B403. Send it out.

  In step 607, the IC card settlement terminal 101 decrypts the encrypted authentication result received by the biometric response with the encryption key B120, and confirms the match with the authentication result, thereby outputting the result output by the IC card 102. Make sure that Then, the encrypted account number 401 is decrypted with the encryption key B 120 and recorded as the account number 119 in the memory 109. Thereafter, IC card settlement terminal 101 sends to IC card 102 a command instructing the start of settlement in step 608. This command uses the application selection command defined in ISO7816. When the IC card 102 activates the settlement processing program 202 with the application selection command, the IC card OS 201 terminates the operation of the biometric authentication program 204 used so far, and newly starts the operation of the settlement processing program. Is done.

  In this embodiment, these two programs are configured as two independent programs having no relation, and the operating environment such as data used in the biometric authentication program 204 so far is the settlement processing program. Does not take over. When the activation of the payment processing program 202 is completed, the IC card 102 outputs a response to the payment start command as a response in step 609. The IC card payment terminal 101 receives the payment start response, confirms that the control has been transferred to the payment processing program normally, and then continuously executes the payment processing with the IC card 102 in step 610. To do. In the case of the present embodiment, the settlement processing 1 performs a procedure and an operation according to the EMV specification. The IC card settlement terminal 101 acquires the settlement account number 301 recorded on the IC card and other necessary data from the IC card 102 in the settlement process 1.

  These pieces of information are structured such that data necessary for the payment processing is authenticated by the IC card terminal 101 and the payment processing center 117. In step 611, the IC card payment processing terminal 101 uses the account number 301 acquired in the payment processing 1 in step 610 and the account number that has already been acquired in the biometric authentication process 114 and temporarily stored in the memory 109. 119 is compared. If both account numbers match, the IC card indicates that the account number 401 held in the biometric authentication program 204 inside the IC card 102 used in the biometric authentication processing matches the account number 301 held in the settlement processing program 202. The terminal 101 can confirm it.

  Further, in step 612, the IC card payment terminal 101 adds the contents of the payment to the data acquired from the IC card 102 in order to continue the payment processing to the payment processing center 117 via the network 116. A payment message is transmitted as data, and a response payment message is acquired. This settlement message includes an account number used for settlement. The IC card settlement terminal 101 that has received the settlement message in response to the processing continuation permission from the settlement processing center 117 continues the processing on the IC card 102 in step 613. With these operations, the user of the IC card payment terminal can perform payment processing using the biometric information of the finger 112 and the IC card 102. Upon completion of these processes, the IC card settlement terminal 101 deletes the account number 119 temporarily recorded in the memory 109 in order to end the processing operation, and if necessary, deletes the area of the memory. All operations are performed with 0xFF data in hexadecimal notation.

  The effect of the present embodiment by the operation described above will be described below. In this embodiment, triple DES is used as the common key encryption. The encryption key length is 128 bits, and the data length of the encryption key recorded in the IC card can be 128 bits. When a general public key cryptosystem is used, since it is 128 bits or more and certificate data is required, there is an effect that the data area of the encryption key recorded in the IC card can be reduced.

In addition, the common key cryptosystem has a feature that the calculation processing time is generally shorter than that of the public key cryptosystem, and in this embodiment, the processing time is generally faster than that of the public key cryptosystem.
In this embodiment, biometric authentication using biometric information of the finger is used. However, since the finger is usually used when operating the device, and biometric authentication can be performed while operating the device, the user can There is also an effect that operation and authentication can be continuously performed with one finger.

  As the operation of the present embodiment, the communication between the IC card settlement terminal 101 and the IC card 102 is described as normal plain text except for the portions necessary for the explanation, but the encryption process using the encryption key B is performed. And decryption can be configured by configuring all data as encrypted communication, or adding a message authentication code as defined in ISO7816 to all data and detecting tampering of the data. Such a configuration has no problem because it has the effect of further improving the security of the present invention. In addition, although described as a method using common key cryptography, a public key cryptosystem is used to generate a temporary key that is used intelligently for communication together with mutual authentication, and an encryption procedure using this temporary key is used. In addition, operation while switching the encryption key has the effect of improving the security and usability of this embodiment, and there is no problem. In addition, finger information is used for biometric authentication, but there is no problem in using other biometric information without being limited to the finger.

  In addition, the biometric authentication method has been described as one biometric authentication program and settlement processing program. However, multiple biometric authentication programs are installed on one IC card, and an account number is provided for each biometric authentication program. By using a configuration in which individual biometric authentication programs can individually perform mutual authentication with an IC card payment terminal, any biometric authentication program selected by the IC card payment terminal can be used. However, it goes without saying that payment processing is possible as well.

  Application software for recording and providing services unique to IC cards, which are tamper-resistant devices that can be carried, and application software for recording biometric information, and authentication services using this biometric information If this is the case, the communication method between the IC card and the terminal can be similarly used as a contact type or non-contact type for purposes other than payment such as credit, debit, and electronic money.

1 is a configuration diagram according to an embodiment of the present invention. It is a block diagram of the IC card by the Example of this invention. It is a block diagram of the data inside the IC card according to an embodiment of the present invention. It is a block diagram of the data inside the IC card according to an embodiment of the present invention. It is a block diagram which shows the file structure of the IC card by the Example of this invention. It is an operation | movement flow which shows the biometrics authentication and payment process by the Example of this invention.

Explanation of symbols

101 IC card settlement terminal 102 IC card 202 settlement processing program 204 biometric authentication program 301, 401 account number 120, 403 encryption key B
611 Account number confirmation

Claims (10)

A biometric authentication linked payment system comprising an IC card having a communication means between an arithmetic device and the outside and having a biometric authentication function, and an IC card payment terminal,
The IC card includes a first operation program that describes an operation procedure of the arithmetic device, first information storage means that is read and written by the first operation program, and biometric information is recorded, and an arithmetic device of the IC card And a second information storage unit that is read and written by the second operation program, and the first information storage unit includes a first electronic device for identification. Providing information, recording second electronic information representing the same meaning as the first electronic information in the second information storage means,
The IC card settlement terminal includes an IC card read / write unit that reads / writes data via the IC card communication unit, a terminal program that reads / writes data via the IC card read / write unit, and instructions of the terminal program A terminal central processing unit that operates according to the terminal program, and a terminal storage memory in which the terminal central processing unit can store and erase data according to instructions of the terminal program, and the terminal central processing unit is connected to the outside of the IC card. Read the first electronic information and the second electronic information via a communication means, record at least one of the read first electronic information or the second electronic information in the terminal storage memory, The terminal program has a process of confirming that the meanings of the first electronic information and the second electronic information match. Body authentication linked payment system.   First key data for cryptographic processing is recorded in the first information storage means, and second key data different from the first key data for cryptographic processing is recorded in the second information storage means. The encryption information using the first key data or the authentication information generated using the first key data is transmitted or received via the communication means of the IC card. Item 12. The biometric authentication linked settlement system according to item 1.   The terminal program erases the first electronic information or the second electronic information recorded in the terminal storage memory at the time of starting or ending a series of processes for providing the service of the terminal program. The biometric authentication cooperative settlement system according to claim 1, wherein the biometric authentication payment system is a terminal program having   4. The terminal program according to claim 1, wherein the terminal program is a terminal program that is used when the terminal program performs processing for providing a settlement service in the second operation program in the IC card. The biometric authentication linked settlement system according to any one of the above.   6. The biometric authentication linked payment system according to claim 1, wherein the first electronic information and the second electronic information in the IC card are account numbers for payment.   Information obtained by encrypting the first electronic information using the first key data, or authentication information generated using the first key data for authentication is connected to the outside of the IC card. 6. The biometric authentication cooperative settlement system according to claim 5, wherein the biometric authentication cooperative settlement system is transmitted or received via a communication unit.   An IC card having a biometric authentication function having a communication device between the arithmetic device and the outside, wherein the first operation program describing the operation procedure of the arithmetic device of the IC card, and reading and writing by the first operation program First information storage means in which biometric information is recorded, a second operation program describing the operation procedure of the arithmetic device of the IC card, and second information storage means read / written by the second operation program The first information storage means is provided with first electronic information for identification, and second electronic information having the same meaning as the first electronic information is recorded in the second information storage means IC card characterized by that.   First key data for cryptographic processing is recorded in the first information storage means, and second key data different from the first key data for cryptographic processing is recorded in the second information storage means. The encryption information using the first key data or the authentication information generated using the first key data is transmitted or received via the communication means of the IC card. Item 7. The IC card according to item 7. A payment terminal for IC card used in a biometric authentication linked payment system using an IC card having a computing device and communication means between the inside and having a biometric authentication function,
In the IC card, a first operation program describing the operation procedure of the arithmetic device, a first information storage means in which biometric information is recorded by reading and writing by the first operation program, and an operation of the IC card A second operation program describing an operation procedure of the apparatus; and a second information storage means that is read and written by the second operation program. The first information storage means includes a second information program for identification. 1 electronic information is provided, second electronic information having the same meaning as the first electronic information is recorded in the second information storage means,
The IC card settlement terminal includes an IC card read / write unit that reads / writes data via the IC card communication unit, a terminal program that reads / writes data via the IC card read / write unit, and instructions of the terminal program A terminal central processing unit that operates according to the terminal program, and a terminal storage memory in which the terminal central processing unit can store and erase data according to instructions of the terminal program, and the terminal central processing unit is connected to the outside of the IC card. Read the first electronic information and the second electronic information via a communication means, record at least one of the read first electronic information or the second electronic information in the terminal storage memory, The terminal program has a process for confirming that the meanings of the first electronic information and the second electronic information match. IC card payment terminal characterized by First key data for cryptographic processing is recorded in the first information storage means, and second key data different from the first key data for cryptographic processing is recorded in the second information storage means. The encryption information using the first key data or the authentication information generated using the first key data is transmitted or received via the communication means of the IC card. Item 12. A settlement terminal for IC cards according to Item 9.

Images