JP2003006167A - Question-and-answer type authenticating device - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a question and answer type authenticating device which reduces the burden on a verifier and can also secure higher security. SOLUTION: The question and answer type authenticating device has a storage means for storing confidential information for authenticating the verifier, a questioning means for questioning the verifier on the basis of the confidential information, an answering means with which the verifier answers the questions, and an authenticating means for authenticating the propriety of an answer inputted from the answering means. The confidential information is composed of a combination of question information and answer information, consisting of two-dimensional images.

Description

Detailed Description of the Invention

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to secret information (personal identification number, secret number) secretly shared by a prover and an authenticator (authentication device).
The present invention relates to a question-and-answer type authentication device that authenticates that a certifier is a valid certifier himself / herself by using a password).

[0002]

2. Description of the Related Art In general, as an authentication device for authenticating that a prover is a proper prover himself, an authentication device using secret information such as a personal identification number and a password is widely used. In this case, the prover and the authentication device set secret information in advance. When the certifier authenticates that the certifier is the proper certifier himself, the certifier inputs the answer to the question in the input device of the authentication device, etc., and the authentication device inputs the input answer and the secret set in advance. By comparing and collating the information, it is determined whether the two match. For example, in an automated teller machine at a bank, whether the user is the true person by comparing the personal identification number entered by the user with the input device of the automated teller machine and the personal identification number registered in advance at the bank. I'm making a decision.

Further, a question answering type authentication device is used as an authentication device with higher security. In the question answering authentication device, a plurality of questions and a plurality of answers to each question are set in advance as secret information. Whenever the prover authenticates that the prover is the proper prover himself, the authentication device changes the question each time, and the prover gives an answer corresponding to the question at each time. In this way, the question from the authentication device changes every time the authentication device tries to be authenticated, so that it is possible to prevent a third party from impersonating the certifier and being illegally authenticated by the authentication device. A specific example of the question answering authentication device will be described below.

In the question answering type authentication device disclosed in Japanese Patent Laid-Open No. 11-3320, a plurality of questions and their answers are set in advance as secret information. When the certifier is authenticated as the authentic certifier himself, the authentication device displays a question, and the certifier inputs an answer to the displayed question.
This step is repeated multiple times to authenticate the prover if all the questions have the same answer.

Next, the question answering type authentication device disclosed in JP-A-8-180021 will be described. FIG. 7 is an explanatory diagram showing secret information, a question, and an answer of the question-and-answer type authentication device according to the related art disclosed in JP-A-8-180021.
7A is confidential information, FIG. 7B is a question display, and FIG.
(C) shows a character string of a correct answer to the question.

Here, as shown in FIG. 7A, the secret information is in the form of a matrix of 8 rows and 8 columns, which is composed of a total of 8 character strings. The question answering type authentication device is shown in FIG.
As shown in, a question is displayed in which a total of eight marks are displayed, one mark per line in a matrix of 8 rows and 8 columns. This question changes each time the certifier attempts to authenticate. The prover uses the characters of the secret information corresponding to the marked position to create a character string of 8 characters based on a predetermined rule and responds. In this example, the characters in the upper row are arranged in order to create a character string, and the correct answer is the character string [e, a, o, y, r, e, s, r, as shown in FIG. 7 (c). ]
Becomes The question-answering authentication device makes a determination based on the character string answered by the prover, and if correct, authenticates as a valid prover.

As described above, the question-answering type authentication device ensures higher safety than a general authentication device such as an automatic payment machine of a bank.

[0008]

However, the question-answering authentication device according to the above-mentioned prior art has the following problems.

According to Japanese Unexamined Patent Application Publication No. 11-3320, a plurality of questions and answers are set as confidential information, and therefore the prover needs to accurately store all the answers to the plurality of questions, verbatim. is there. Therefore, the larger the amount of secret information, the greater the burden on the prover of storing the secret information, and the greater the possibility that the prover forgets the answer or makes a mistake in memory.
There is a problem that the convenience of the authentication device is reduced.

Further, according to Japanese Patent Application Laid-Open No. 8-180021,
The authentication device creates a question based on the secret information in 8 rows and 8 columns, but since the question is changed every time, the certifier always decides a predetermined rule in order to derive the answer character string. The answer needs to be created based on, and the thought work for deriving the answer is required. That is,
In this example, in order to derive the first character of the answer, the prover first remembers what the character string on the first line of the secret information was, and then what is the third character of the character string. Need to think. The same procedure is performed for the second and subsequent characters of the answer, and a total of 8 times is repeated to derive an answer consisting of a character string of 8 characters. Therefore, there is a problem that this thinking work is not only a burden on the prover, but also that it takes time to derive an answer.

Furthermore, JP-A-11-3320 and JP-A-8
The following problems are common to all -180021. In other words, as the answer to the question, both are inputting the character code as the character code through the input device, so for some reason, all of the confidential question and the answer are known to the third party. If it is done, there is a problem that the third party can easily be authenticated by impersonating the certifier and inputting characters into the input device.

The present invention has been made in view of the above problems, and provides a question-answering type authentication device capable of reducing the burden on the prover and ensuring higher security.

[0013]

In order to achieve the above object, a question answering type authentication apparatus according to the present invention comprises a holding means for holding secret information for authenticating a prover, and a prover based on the secret information. A questioning means for asking a question, an answering means for the prover to input an answer to the question, and an authenticating means for judging whether the answer entered from the answering means is correct or incorrect based on the secret information, and performing authentication. In the question answering type authentication device, the secret information may be a combination of question information and answer information composed of a two-dimensional image.

According to the present invention, since the two-dimensional image is set as the reply information of the secret information, the user can easily store the reply information as compared with the case where the character string as the password is used as the reply information. It also has the effect of making it easier to remember.

Further, the answer information of the present invention has information specific to the prover, which is one of a stroke order, a writing pressure, a drawing speed, or a combination thereof, and the authenticating means includes:
It is characterized in that the two-dimensional image input from the answering unit and information consisting of any one or a combination of the stroke order, the writing pressure, the drawing speed at the time of inputting the answer or a combination thereof is determined based on the secret information. .

According to the present invention, the question information and the answer information, which are confidential information, are determined by using the information specific to the prover, which is one of the stroke order, the writing pressure, the drawing speed, or a combination thereof. Even if is known to a third party, it is difficult for the third party to imitate the information unique to the prover, and the security of the authentication device can be enhanced.

Further, the secret information of the present invention has a plurality of combinations of question information and answer information thereof,
The inquiry means may select one or a plurality of questions from a plurality of question information and ask a question.

According to the present invention, since the two-dimensional image is set as the reply information of the secret information, the user can easily store the reply information as compared with the case where the character string as the password is used as the reply information. It also has the effect of making it easier to remember.
In particular, when a plurality of pieces of secret information are set, it is a heavy burden on the user to store the password in a verbatim manner, so that the effect of the present invention is particularly large as compared with the prior art.

[0019]

BEST MODE FOR CARRYING OUT THE INVENTION (Embodiment 1) An automatic teller machine of a bank using the question answering type authentication apparatus according to the present invention will be described with reference to the drawings.

FIG. 1 is a schematic diagram of a question answering type authentication apparatus according to the first embodiment of the present invention. The automatic payment machine 1 is provided with a question display section 2 for asking a user a question, an answer input section 3 for the user to input an answer in a two-dimensional image, and a card 4 in which an account number and the like are stored. A card insertion slot 5 is provided. The automatic payment machine 1 is connected to the host computer 6. The host computer 6 has a storage unit (not shown) that holds secret information and an authentication unit (Fig. 3) that determines whether the answer input from the answer input unit 3 is correct based on the secret information held in the storage unit. (Not shown).

First, the user, who is the prover, and the bank, which is the certifier, set in advance n pieces of secret information to be secretly shared by both parties. The secret information referred to here is composed of n questions whose answers are uniquely determined, and n pieces of two-dimensional image information which are the answers to the questions. Figure 2
An example of a combination of a question and an answer which is confidential information according to the present embodiment is shown in FIG. Here, an image of "tulip flower" is set as an answer to the question "Hana". In addition, an image of an “umbrella” is set as an answer to the question “Ame”. In addition, an image of "crescent moon" is set as an answer to the question "tsuki". n
For the first question "bag", an image of "attache case" is set as an answer. As described above, in this embodiment, the n questions and their answers are used as secret information. The number of combinations n of questions that are confidential information and their answers can be set arbitrarily, and the security can be improved by increasing n. On the other hand, if the value of n is increased, the amount of confidential information that the user has to store becomes large, which increases the burden on the user. Compared with the case, since the two-dimensional image is used as the secret information in the present embodiment, the user can easily store and remember the secret information, so that the burden is small. In this embodiment, n = 10.

The image information which is the answer depends on the individual prover when the user inputs the answer in the two-dimensional image to the answer input section 3 in addition to the information as the mere two-dimensional image data. The feature is image information. Here,
The characteristics that depend on the individual prover are as follows.

(1) Input order for each stroke when inputting an answer (so-called stroke order).

(2) Writing pressure when inputting an answer. For example, the pressure of the pen tip when drawing an answer with an electronic pen, or the pressure of the finger tip when drawing on a touch panel.

(3) When inputting an answer, the drawing speed for each stroke or the time interval between drawing one stroke and drawing the next stroke (so-called drawing speed).

As the confidential information, not only a simple two-dimensional image but also the confidential information including the characteristics depending on the individual prover is used for the authentication, so that the security can be further enhanced.

Next, the flow of procedures when the user is authenticated to use the automatic payment machine 1 will be described in order. First, the user inserts the card 4 in which information such as his bank account is stored into the card insertion slot 5. The automatic payment machine 1 reads out information such as an account number stored in the inserted card 4, and reads out secret information set in advance from the storage unit of the host computer 6 connected based on the account number. The automatic payment machine 1 displays one question randomly selected from the read confidential information on the question display unit 2. The user draws and inputs a two-dimensional image corresponding to the question displayed on the question display unit 2 on the answer input unit 3 based on the secret information set in advance.

Here, as the question display section 2, a question is displayed by using a display device such as a CRT display, a liquid crystal display or an LED display. Also,
As the answer input unit 3, a device such as an electronic pen or a touch panel that directly reads image information, a video camera, or a CC
The image information input by the user is read by a device that indirectly reads the image information using a D camera or the like. A touch display panel in which the question display unit 2 and the answer input unit 3 are integrated may be used.

Next, the automated teller machine 1 completes the display of the first question and the corresponding answer input by the user,
Ask a second question that is different from the first question. The user answers the second question in the same manner as the first question. The automated teller machine 1 repeats this question a total of x times. The number of times x of repetition is set to be equal to or less than the preset number n of secret information. In this embodiment, x = 3. Therefore, in the present embodiment, three questions are arbitrarily selected from the 10 pieces of confidential information, and the question is displayed and the answer is input three times. Note that the questions are displayed one by one as in the present embodiment.
The questions may be displayed separately or multiple questions may be displayed simultaneously.

The automatic payment machine 1 compares and collates the three answers entered for each question with preset secret information, and if all of them match, the user is Authenticates as the legitimate user and performs the following processing (refund of deposit, etc.). On the other hand, if even one of the three answers does not match, the authentication is rejected, and another process (requesting the authentication operation to be redone or suspending use of the card 4) is performed. .

The image information input from the answer input section 3,
The image information, which is the reply information of the secret information set in advance, is compared and collated to determine whether or not to authenticate the user.
This is performed by the authentication unit of the host computer 6 connected to the automatic payment machine 1.

The determination made by the authentication unit will be described with reference to FIGS. FIG. 3 is a display example of the inquiry means of the question answering authentication device according to the embodiment of the present invention. Also, FIG.
FIG. 4 is an explanatory diagram showing a correct answer image of the answering means of the question answering authentication device according to the exemplary embodiment of the present invention. Further, FIG. 5 is an explanatory diagram showing an incorrect answer image of the answering means of the question answering type authentication apparatus according to the embodiment of the present invention.

The question display section 2 of the automatic payment machine 1 displays the question "candy" as shown in FIG. 3, for example. This "candy" is one of the question information of the secret information shown in FIG. The user, in the answer input unit 3 of the automatic payment machine 1,
As an answer to “candy” which is a preset secret information question, an image of “umbrella” shown in FIG. 4 is input using an electronic pen or the like. Here, when a two-dimensional image as shown in FIG. 5 is input in response to the question “Ame”, it is determined that none of them match the secret information. That is,
In the case of FIG. 5A, the image is an image of an “umbrella”, which is very similar to the correct image of FIG. 4, but the pattern matching of the “umbrella” is reversed, so pattern matching is performed. Therefore, it is judged that they do not match because there is a difference. Figure 5
(B) is an image of "water droplets", and is shown in FIG.
(C) is an image of "rainy weather"
FIG. 5D is an image imagining "candy candy", and since each of them is different from the reply information of the secret information set in advance, it is determined that they do not match.

In the above-described embodiment, the image information input from the response input section 3 and the image information which is the response information of the preset secret information are determined by pattern matching as mere two-dimensional image data. However, the determination method of the comparison and collation performed in the authentication unit is not limited to the pattern matching.

As a means for comparing the stroke order, which is a feature depending on the user, the direction vector for moving the electronic pen when drawing a two-dimensional image, which is described in JP-A-6-243296 or JP-A-10-187341, is used. There is a method of extracting the stroke code. Specifically, a plurality of acceleration sensors are incorporated in the electronic pen so that the user can identify in which direction the electronic pen has moved when drawing an image. The stroke direction when the user draws an image can be recognized by sequentially recording, as stroke codes, codes obtained by classifying the moving direction of the electronic pen into eight directions.

The case where the method described in, for example, Japanese Patent Laid-Open No. 10-187341 is used in this embodiment will be described below. FIG. 8 is an explanatory diagram showing the direction vector that the electronic pen moves. As shown in FIG. 8, the direction vector that the electronic pen moves is divided into eight. Then, the numerical value written in the direction of moving the electronic pen from the center of the circle in FIG.
It is a numerical value indicating the direction vector in that direction. In this way, the direction in which the electronic pen is moved and the order in which the electronic pen is moved are stored as secret information, which is a feature that depends on the user, and authentication can be performed by comparison and verification during verification.

FIG. 9 is an explanatory diagram for explaining the stroke order of the two-dimensional image according to the embodiment of the present invention. A method of drawing the two-dimensional information, which is the “regular triangle” shown in FIG. 9, will be described as an example. If you draw a "regular triangle" from the vertices of a triangle in a single stroke, the stroke code is:
"503", "035", "350", "741",
There are 6 types of "174" and "417". That is, the stroke code "503" is a stroke code when drawn in the order of vertex A → vertex B → vertex C → vertex A, and the stroke code "035" is drawn in the order of vertex B → vertex C → vertex A → vertex B. The stroke code "350" is a stroke code when drawn in the order of vertex C → vertex A → vertex B → vertex C, and the stroke code "741" is vertex A → vertex C → vertex B. The stroke code is drawn when the vertex A is drawn in this order, and the stroke code "174" is the stroke code when drawn in the order of vertex B → vertex A → vertex C → vertex B, and the stroke code "417" is the vertex C. It is a stroke code when drawn in the order of → vertex B → vertex A → vertex C.

In this way, even if the shapes are the same in pattern matching, higher safety can be secured by comparing the stroke order, which is a feature that depends on the user.

As a means for comparing the writing pressure, which is a characteristic that depends on the user, a pressure sensor is incorporated in the pen tip portion of the electronic pen or the touch panel, and the amount of pressure when drawing an image is set. It is possible to recognize the writing pressure when the user draws the image by sequentially recording whether or not the stroke is added.

For example, if the pressure sensitive level of the pressure sensor incorporated in the touch panel is set to three levels, the user can register the writing pressure level when drawing a two-dimensional image in three levels. More specifically, when the "regular triangle" of FIG. 9 is drawn in the order of vertex A → vertex B → vertex C → vertex A, the writing pressure level of vertex A → vertex B is 2, vertex B → vertex C.
If the writing pressure level is 1 and the writing pressure level from vertex C to vertex A is 1, the writing pressure level code is "211",
As confidential information, which is a characteristic that depends on the user, the writing pressure level code for drawing an "equal triangle" is registered, and the writing pressure level code is compared at the time of matching, so that the user can be a valid certifier individual. Can be authenticated.

Further, as means for comparing the drawing speed, which is a characteristic that depends on the user, an acceleration sensor is incorporated in the electronic pen to integrate the acceleration of the electronic pen when drawing an image to move the electronic pen. By obtaining the speed and sequentially recording the moving speed, the user can recognize the drawing speed when drawing an image. Also, when using a touch panel, by sequentially storing the drawing speed obtained by dividing the moving distance of the pen tip that draws the image (fingertip when drawing the image with a finger) by the time required for the movement. , The user can recognize the drawing speed when drawing an image.

By any one of the above-described methods, the image information input from the answer input unit 3 and the image information which is the answer information of the preset secret information are compared and collated, and the user is identified. Determine whether to authenticate. At this time, the pattern matching of the two-dimensional image is combined with one or more of the stroke order, the writing pressure, and the drawing speed, which are the characteristics depending on the user, to provide an authentication device with higher security. be able to.

FIG. 6 is a flowchart showing the authentication processing flow performed by the automatic payment machine 1 described so far.

First, when performing the authentication process, step 6
The process is started from 0 (hereinafter referred to as S60).

Next, in S61, the automatic payment machine 1
The x questions randomly selected from the n pieces of secret information shown in FIG. 2 are read from the host computer 6 connected to the automatic payment machine 1. It should be noted that x, which is the number of questions to be selected, is set in advance by agreement between the user who is the prover, the bank which is the certifier, or both parties.

In S62, the automatic payment machine 1 displays one of the read x questions on the question display unit 2 to ask the user a question.

In S63, the automatic payment machine 1 reads the two-dimensional image which is the answer input by the user through the answer input section 4.

In S64, 1 is added to the variable i (initial value is 0) indicating the number of questions asked to the user.

In S65, if the variable i is equal to x, the process proceeds to S66, and if not equal, the process proceeds to S62. That is,
The questions are repeated until the preset number of questions x is reached.

In S66, it is compared and collated whether the answers to the x questions shown in the question display unit 3 match the answer information which is the preset secret information.

In S67, depending on whether or not all x answers are correct as a result of the comparison and collation in S66, the process branches to S68 or S69. If all x answers match the reply information that is preset secret information, the process proceeds to S68, and the user is authenticated as the legitimate user. On the other hand, if even one of the x answers does not match the reply information that is the preset confidential information, the process proceeds to S69, the user is determined not to be the legitimate user, and it is defined separately. Process (request re-authentication or stop using the card).

Through the steps described above, the automatic payment machine 1 determines whether the user is the proper user himself.

In the present embodiment, the storage unit that holds the secret information and the authentication unit that determines whether the answer to the question matches the reply information that is the preset secret information are the host computer 6. Although it is configured inside, either or both of the storage unit and the authentication unit,
It may be built in the automatic payment machine 1. Further, a storage unit for storing secret information can be built in the card 4.

Further, in the present embodiment, after all the questions have been completed in S67, the process branches to S68 or S69 depending on whether all x answers are correct. When the answer information does not match the secret information, the process proceeds to S69, the user determines that the user is not the legitimate user, and the separately defined process (requesting re-authentication or stopping card use). ) May go.

(Embodiment 2) As a method of answering a question of the automatic payment machine 1, a method different from that of Embodiment 1 will be described. Other parts are the same as those in the first embodiment.

Question display section 2 of automatic teller machine 1 of the second embodiment
Then, for example, as shown in FIG. 3, the question “candy” is displayed. This "candy" is one of the question information of the secret information shown in FIG. The user registers in advance an image of the “umbrella” shown in FIG. 4 as secret information.
The answer input unit 3 of the automatic payment machine 1 displays a total of five images including an image of the “umbrella” shown in FIG. 4 and four images shown in FIG. The user selects the correct image from the five images and inputs the answer to the answer input unit 3. When the user selects the image in FIG. 4, the user is authenticated as the legitimate user, but when the user selects FIG. 5 (a), it is similar to the correct image in FIG. There is an "umbrella"
It is judged that they do not match, because the directions of the patterns are reversed. Similarly, FIG. 5 (b) is an image of "water droplets", FIG. 5 (c) is an image of "raining", and FIG. 5 (d) is an image of "candy". Since the images are different from the reply information of the secret information set in advance, it is determined that they do not match.

[0057]

According to the present invention, since the two-dimensional image is set as the reply information of the secret information, the user stores the reply information as compared with the case where the character string as the password is used as the reply information. It is easy and easy to remember. In particular, when a plurality of pieces of secret information are set, it is a heavy burden on the user to store the password in a verbatim manner, so that the effect of the present invention is particularly large as compared with the prior art.

Further, the answer to the question only needs to input the two-dimensional image which is the answer information of the secret information, and the thinking work for deriving the answer unlike the prior art is not required, so the answer time should be shortened. There is an effect that can be.

Further, according to the present invention, the judgment is made by using the information unique to the prover, which is one of the stroke order, the writing pressure, the drawing speed, or a combination thereof. Even if is known to a third party, it is difficult for the third party to imitate the information unique to the prover, and the security of the authentication device can be enhanced.

[Brief description of drawings]

FIG. 1 is a schematic diagram of a question answering type authentication device according to an embodiment of the present invention.

FIG. 2 is an explanatory diagram of a combination of secret information according to the embodiment of the present invention.

FIG. 3 is a diagram showing a display example of an inquiry unit of the inquiry response type authentication device according to the exemplary embodiment of the present invention.

FIG. 4 is an explanatory diagram showing a correct answer image of the answer means of the question answering authentication device according to the exemplary embodiment of the present invention.

FIG. 5 is an explanatory diagram showing an incorrect answer image of the answering means of the question answering authentication device according to the embodiment of the present invention.

FIG. 6 is an authentication processing flow chart of the question answering authentication device according to the exemplary embodiment of the present invention.

FIG. 7 is an explanatory diagram showing secret information, questions, and answers of a conventional question answering authentication device.

FIG. 8 is an explanatory diagram showing a direction vector that an electronic pen moves.

FIG. 9 is an explanatory diagram for describing a stroke order of a two-dimensional image according to the embodiment of the present invention.

[Explanation of symbols]

1 ... ATM 2 ... Question display section 3 ... Answer input section 4 ... Card 5: Card insertion slot 6 ... Host computer

Claims (3)

[Claims] 1. A holding means for holding secret information for authenticating a prover, an inquiry means for asking a question to the prover based on the secret information, and a reply means for the prover to input an answer to the question. And a question answering type authentication device having an authenticating means for judging whether the answer input from the answering means is correct based on the secret information and performing authentication, wherein the secret information is from the question information and the two-dimensional image. A question-answering authentication device, which is characterized by comprising a combination of the following answer information. 2. The response information includes information specific to the prover, which is one of a stroke order, a writing pressure, a drawing speed, or a combination thereof, and the authentication unit is input from the response unit. The correctness of the information including the two-dimensional image and any one or a combination of a stroke order, a writing pressure, and a drawing speed at the time of inputting an answer is determined based on the secret information. Question answering type authentication device. 3. The secret information has a plurality of combinations of question information and answer information, and the question means selects one or a plurality of questions from the plurality of question information. The question-answering authentication device according to claim 1, wherein the question-answering authentication device asks a question.