User verification system, and portable electronic device with user verification function utilizing biometric information

US 20030005310A1
Filed: 06/07/2002
Published: 01/02/2003
Est. Priority Date: 12/10/1999
Status: Active Grant

First Claim

Patent Images

1. A user verification system, comprising:

a portable electronic device (300), which is adapted to be carried by a user;

a data processing device (200) for directly accessing such portable electronic device (300) which is temporarily installed therein; and

a management device (400) which accesses said portable electronic device (300) via said data processing device (200) and verifies said user utilizing a personal identification number (PIN), said data processing device (200) including;

a biometric information measuring unit (201) for measuring biometric information of said user;

a biometric feature data extracting section (202) for extracting to-be-verified biometric feature data from said biometric information, which has been measured by biometric information measuring unit (201); and

a first transceiving interface (205) for transmitting/receiving data to/from said portable electronic device (300) and said management device (400), said portable electronic device (300) including;

a biometric feature data register section (302) having pre-stored valid biometric feature data of an authorized user of said portable electronic device (300);

a second transceiving interface (301) for transmitting/receiving data to/from said data processing device (200);

a biometric feature data verifying section (306) for comparing to-be-verified biometric feature data, which is received from an external device via said second transceiving interface (301), with said valid biometric feature data; and

a PIN register section (308) having a pre-stored PIN of said authorized user of said portable electronic device (300), said to-be-verified biometric feature data being transmitted from said first transceiving interface (205) of said data processing device (200) to said portable electronic device (300), said biometric feature data verifying section (306) of said portable electronic device (300) comparing said to-be-verified biometric feature data, which has been received via said second transceiving interface (301), with said valid biometric feature data, and as the result of the comparison, if said to-be-verified biometric feature data matches said valid biometric feature data in terms of a predetermined matching condition, said PIN being transmitted from said second transceiving interface (301) of said portable electronic device (300) to said management device (400) via said first transceiving interface (205) of said data processing device (200).

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In a system (e.g., debit card) where a PIN is entered as verification, the PIN and biometric information, which is free of being stolen or faked, are combined to realize secure user verification. The leakage and the theft of a PIN is reliably prevented, thereby realizing a high security ability. To-be-verified biometric feature data is transmitted from first transceiving interface (205) of data processing device (200) to portable electronic device (300). Biometric feature data verifying section (306) of portable electronic device (300) compares the to-be-verified biometric feature data, which has been received by second transceiving interface (301), with valid biometric feature data. If a predetermined matching condition between the to-be-verified biometric feature data and the valid biometric feature data is satisfied, a PIN stored in portable electronic device (300) is transmitted from second transceiving interface (301) to management device (400) via first transceiving interface (205) of data processing device (200).

184 Citations

32 Claims

1. A user verification system, comprising:
- a portable electronic device (300), which is adapted to be carried by a user;
  
  a data processing device (200) for directly accessing such portable electronic device (300) which is temporarily installed therein; and
  
  a management device (400) which accesses said portable electronic device (300) via said data processing device (200) and verifies said user utilizing a personal identification number (PIN), said data processing device (200) including;
  
  a biometric information measuring unit (201) for measuring biometric information of said user;
  
  a biometric feature data extracting section (202) for extracting to-be-verified biometric feature data from said biometric information, which has been measured by biometric information measuring unit (201); and
  
  a first transceiving interface (205) for transmitting/receiving data to/from said portable electronic device (300) and said management device (400), said portable electronic device (300) including;
  
  a biometric feature data register section (302) having pre-stored valid biometric feature data of an authorized user of said portable electronic device (300);
  
  a second transceiving interface (301) for transmitting/receiving data to/from said data processing device (200);
  
  a biometric feature data verifying section (306) for comparing to-be-verified biometric feature data, which is received from an external device via said second transceiving interface (301), with said valid biometric feature data; and
  
  a PIN register section (308) having a pre-stored PIN of said authorized user of said portable electronic device (300), said to-be-verified biometric feature data being transmitted from said first transceiving interface (205) of said data processing device (200) to said portable electronic device (300), said biometric feature data verifying section (306) of said portable electronic device (300) comparing said to-be-verified biometric feature data, which has been received via said second transceiving interface (301), with said valid biometric feature data, and as the result of the comparison, if said to-be-verified biometric feature data matches said valid biometric feature data in terms of a predetermined matching condition, said PIN being transmitted from said second transceiving interface (301) of said portable electronic device (300) to said management device (400) via said first transceiving interface (205) of said data processing device (200).
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. A user verification system according to claim 1, wherein said data processing device (200) further includes a first encryption section (204) for encoding said to-be-verified biometric feature data with a public key, wherein said portable electronic device (300) further includes:
    - a secret key register section (303) having a pre-stored valid secret key corresponding to said public key; and
      
      a decryption section (305) for decoding encoded data, which is received from an external device via said second transceiving interface (301), with said valid secret key, wherein said to-be-verified biometric feature data encoded by said first encryption section (204) is transmitted from said first transceiving interface (205) to said portable electronic device (300), as said encoded data, and wherein said decryption section (305) decodes said encoded data, which has been received via said second transceiving interface (301), into the original to-be-verified biometric feature data, which is then compared with said valid biometric feature data by said biometric feature data verifying section (306).
  - 3. A user verification system according to claim 1, wherein said portable electronic device (300) further includes:
    - a made-for-management-device public key register section (311) having a pre-stored public key dedicated to said management device (400); and
      
      a second encryption section (305) for encoding said PIN with said made-for-management-device public key before said PIN is sent out to said management device (400).
  - 4. A user verification system according to claim 1, wherein said portable electronic device (300) further includes a recording unit provided on its surface, said recording unit storing magnetic data on information for use in processing carried out by said management device (400), wherein said data processing device (200) further includes a magnetic data read-out unit (206) for reading out said magnetic data stored in said recording unit, and wherein said magnetic data, which has been readout by said magnetic data read-out unit (206), is sent out, together with said PIN, from said first transceiving interface (205) to said management device (400).
  - 5. A user verification system according to claim 3, wherein said data processing device (200) further includes a time stamp generating section (203) for generating a time stamp as the date and time when said biometric feature data extracting section (202) has extracted said to-be-verified biometric feature data, wherein, said time stamp is encoded, together with said to-be-verified biometric feature data, by said first encryption section (204), and the encoded time stamp is then sent out from said first transceiving interface (205) to said portable electronic device (300), wherein said portable electronic device (300) further includes:
    - a clock function section (304) for calculating the current time; and
      
      a time stamp verifying section (307) for comparing the original time stamp, which has been restored by said decryption section (305), with said current time, which has been calculated by said clock function section (304), and wherein, if it is found, as the comparison result by said biometric feature data verifying section (306), that said to-be-verified biometric feature data matches said valid biometric feature data in terms of a predetermined matching condition, and also if it is found, as the comparison result by said time stamp verifying section (307), that a difference between said time stamp and said current time falls within a predetermined range, said user is identified as said authorized user of said portable electronic device (300).
  - 6. A user verification system according to claim 5, wherein if said user is identified as said authorized user of said portable electronic device (300), as the comparison result by said biometric feature data verifying section (306) and said time stamp verifying section (307), said second encryption section (305) encodes both said PIN and the date and time of the comparison performed, which date and time is obtained by said clock function section (304), and the encoded PIN and the encoded date and time of the comparison are then sent out from said second transceiving interface (301) of said portable electronic device (300) to said management device (400) via said first transceiving interface (205) of said data processing device (200).
  - 7. A user verification system according to claim 1, wherein upon receipt of a predetermined signal via said second transceiving interface (301), said portable electronic device (300) transmits public key information of said authorized user, which public key information is registered in said portable electronic device (300), from said second transceiving interface (301) to an external device.
  - 8. A user verification system according to claim 1, further comprising a lock function section (314) which is operable to prohibit input of biometric feature information to said portable electronic device (300), if the evaluation is made a predetermined number of times successively, as a result of the comparison by said feature data verifying section (306) of said portable electronic device (300), that said to-be-verified biometric feature data never matches said valid biometric feature data in terms of said predetermined matching condition.
  - 9. A user verification system according to claim 1, wherein said portable electronic device (300) further includes a management log recording section (317) storing a management log of said PIN, said management log accumulating the dates and times when said PIN has been transmitted, or the descriptions of transactions performed, or both of these.

10. A portable electronic device with a user verification function utilizing biometric information, which portable electronic device receives/transmits data from/to a management device (400) that uses a personal identification number (PIN) to verify a user, said portable electronic device comprising:
- a biometric feature data register section (302) having pre-stored valid biometric feature data of an authorized user of said portable electronic device (300);
  
  a transceiving interface (301) for transmitting/receiving data to/from an external device;
  
  a biometric feature data verifying section (306) for comparing to-be-verified biometric feature data, which is received from an external device via said transceiving interface, with said valid biometric feature data; and
  
  a PIN register section (308) having a pre-stored PIN of said authorized user of said portable electronic device (300), said biometric feature data verifying section (306) comparing said to-be-verified biometric feature data, which has been received via said transceiving interface (301), with said valid biometric feature data, and as the result of the comparison, if said to-be-verified biometric feature data matches said valid biometric feature data in terms of a predetermined matching condition, said PIN being transmitted from said transceiving interface (301) to said management device (400).
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 20, 21, 22, 23, 24, 25, 27, 28, 29, 30, 31, 32)
- - 11. A portable electronic device according to claim 10, further comprising:
    - a secret key register section (303) having a pre-stored valid secret key corresponding to said public key; and
      
      a decryption section (305) for decoding encoded data, which is received from an external device via said second transceiving interface (301), with said valid secret key, said decryption section (305) decoding said encoded data, which has been received via said transceiving interface (301), into the original to-be-verified biometric feature data, and said biometric feature data verifying section (306) comparing the original to-be-verified biometric feature data, which has been restored by said decryption section (305), with said valid biometric feature data.
  - 12. A portable electronic device according to claim 10, further comprising:
    - a made-for-management-device public key register section (311) having a pre-stored public key dedicated to said management device (400); and
      
      an encryption section (305) for encoding said PIN with said made-for-management-device public key before said PIN is sent out to said management device (400).
  - 13. A portable electronic device according to claim 10, further comprising a recording unit provided on its surface, said recording unit storing magnetic data on information for use in processing which is carried out by said management device (400).
  - 14. A portable electronic device according to claim 12, further comprising:
    - a clock function section (304) for calculating the current time; and
      
      a time stamp verifying section (307) for comparing a time stamp, if any, attached to the original to-be-verified biometric feature data restored by said decryption section (305), with said current time, which has been calculated by said clock function section (304), said time stamp indicating the date and time when said to-be-verified biometric feature data has been extracted, if it is found, as the comparison result by said biometric feature data verifying section (306), that said to-be-verified biometric feature data matches said valid biometric feature data in terms of a predetermined matching condition, and also if it is found, as the comparison result by said time stamp verifying section (307), that a difference between said time stamp and said current time falls within a predetermined range, said user being identified as said authorized user of said portable electronic device (300).
  - 15. A portable electronic device according to claim 14, wherein if said user is identified as said authorized user of said portable electronic device (300), as the comparison result by said biometric feature data verifying section (306) and said time stamp verifying section (307), said encryption section (305) encodes both said PIN and the date and time of the comparison performed, which date and time is obtained by said clock function section (304), and the encoded PIN and the encoded date and time of the comparison are then sent out from said transceiving interface (301) to said management device (400).
  - 16. A portable electronic device according to claim 10, wherein upon receipt of a predetermined signal via said transceiving interface (301), said portable electronic device (300) transmits public key information of said authorized user, which public key information is registered in said portable electronic device (300), from said transceiving interface (301) to an external device.
  - 17. A portable electronic device according to claim 10, further comprising a lock function section (314) which is operable to prohibit input of biometric feature information to said portable electronic device (300), if the evaluation is made a predetermined number of times successively, as a result of the comparison by said feature data verifying section (306), that said to-be-verified biometric feature data never matches said valid biometric feature data in terms of said predetermined matching condition.
  - 18. A portable electronic device according to claim 10, further comprising a management log recording section (317) storing a management log of said PIN, said management log accumulating the dates and times when said PIN has been transmitted, or descriptions of transactions performed, or both of these.
  - 20. A user verification system according to claim 19, wherein said data processing device (200) further includes a time stamp generating section (203) for generating a time stamp as the date and time when said biometric feature data extracting section (202) has extracted said to-be-verified biometric feature data, wherein, said time stamp is encoded, together with said to-be-verified biometric feature data, by said first encryption section (204), and the encoded time stamp is then sent out from said first transceiving interface (205) to said portable electronic device (300), wherein said portable electronic device (300) further includes:
    - a clock function section (304) for calculating the current time; and
      
      a time stamp verifying section (307) for comparing the original time stamp, which has been restored by said decryption section (305), with said current time, which has been calculated by said clock function section (304), and wherein, if it is found, as the comparison result by said biometric feature data verifying section (306), that said to-be-verified biometric feature data matches said valid biometric feature data in terms of a predetermined matching condition, and also if it is found, as the comparison result by said time stamp verifying section (307), that a difference between said time stamp and said current time falls within a predetermined range, said user is identified as said authorized user of said portable electronic device (300).
  - 21. A user verification system according to claim 20, wherein said portable electronic device (300) further includes:
    - a user information register section (309) having pre-stored user information about said authorized user of said portable electronic device (300); and
      
      a second encryption section (305) for encoding data, which is to be transmitted from said second transceiving interface (301) to said data processing device (200), with said valid secret key, and wherein as a result of comparison by said biometric feature data verifying section (306) and said time stamp verifying section (307), if said user is identified as said authorized user of said portable electronic device (300), said second encryption section (305) encodes at least one of the following items;
      
      said user information;
      
      the level of correlation between said to-be-verified biometric feature data and said valid biometric feature data, which correlation level is obtained at the comparison; and
      
      the date and time of said comparison performed, which is provided by said clock function section (304), and the encoded item is sent out from said second transceiving interface (301) to said data processing device (200) as a verification result.
  - 22. A user verification system according to claim 21, wherein said data processing section (200) further includes a message digest creating section (208) for creating a message digest as a value obtained by inputting data to be transferred to said portable electronic device (300) to a predetermined one-way function, wherein said message digest and said to-be-verified biometric feature data are both encoded by said first encryption section (204), and are then sent out from said first transceiving interface (205) to said portable electronic device (300), wherein if said user is identified as said authorized user of said portable electronic device (300), as the comparison result by said biometric feature data verifying section (306) and said time stamp verifying section (307), said second encryption section (305) encodes the message digest which has been restored by said decryption section (305), and the encoded message digest is sent out from said second transceiving interface (301) to said data processing device (200) as a verification result.
  - 23. A user verification system according to claim 21, wherein said portable electronic device (300) further includes a verification log recording section (310) storing said verification result as a verification log for a predetermined time period.
  - 24. A user verification system according to claim 19, wherein upon receipt of a predetermined signal via said second transceiving interface (301), said portable electronic device (300) transmits public key information of said authorized user, which public key information is registered in said portable electronic device (300), from said second transceiving interface (301) to an external device.
  - 25. A user verification system according to claim 19, further comprising a lock function section (314) which is operable to prohibit input of biometric feature information to said portable electronic device (300), if the evaluation is made a predetermined number of times successively, as a result of the comparison by said feature data verifying section (306) of said portable electronic device (300), that said to-be-verified biometric feature data never matches said valid biometric feature data in terms of said predetermined matching condition.
  - 27. A portable electronic device according to claim 26, further comprising:
    - a clock function section (304) for calculating the current time; and
      
      a time stamp verifying section (307) for comparing a time stamp, if any, attached to the original to-be-verified biometric feature data restored by said decryption section (305), with said current time, which has been calculated by said clock function section (304), said time stamp indicating the date and time when said to-be-verified biometric feature data has been extracted, if it is found, as the comparison result by said biometric feature data verifying section (306), that said to-be-verified biometric feature data matches said valid biometric feature data in terms of a predetermined matching condition, and also if it is found, as the comparison result by said time stamp verifying section (307), that a difference between said time stamp and said current time falls within a predetermined range, said user being identified as said authorized user of said portable electronic device (300).
  - 28. A portable electronic device according to claim 27, further comprising:
    - a user information register section (309) having pre-stored user information about said authorized user of said portable electronic device (300); and
      
      an encryption section (305) for encoding data, which is to be transmitted from said transceiving interface (301) to said data processing device (200) with said valid secret key, as a result of comparison by said biometric feature data verifying section (306) and said time stamp verifying section (307), if said user is identified as said authorized user of said portable electronic device (300), said encryption section (305) encoding at least one of the following items;
      
      said user information;
      
      the level of correlation between said to-be-verified biometric feature data and said valid biometric feature data, which correlation level is obtained at the comparison; and
      
      the date and time of said comparison performed, which is provided by said clock function section (304), and the encoded item being sent out from said transceiving interface (301) to said data processing device (200) as a verification result.
  - 29. A portable electronic device according to claim 28, wherein if said user is identified as said authorized user of said portable electronic device (300), as the comparison result by said biometric feature data verifying section(306) and said time stamp verifying section (307), and also if a message digest, which is obtained by inputting data to be transferred to said portable electronic device (300) to a predetermined one-way function, is attached to the original to-be-verified biometric feature data restored by said decryption section (305), said encoding section (305) encodes said message digest, and the encoded message digest is then sent out from said transceiving interface (301) to said data processing device (200) as a verification result.
  - 30. A portable electronic device according to claim 28, further including a verification log recording section (310) storing said verification results as a verification log for a predetermined time period.
  - 31. A portable electronic device according to claim 26, wherein upon receipt of a predetermined signal via said transceiving interface (301), said portable electronic device (300) transmits public key information of said authorized user, which public key information is registered in said portable electronic device (300), from said transceiving interface (301) to an external device.
  - 32. A portable electronic device according to claim 26, further comprising a lock function section (314) which is operable to prohibit input of biometric feature information to said portable electronic device (300), if the evaluation is made a predetermined number of times successively, as the result of the comparison by said feature data verifying section (306), that said to-be-verified biometric feature data never matches said valid biometric feature data in terms of said predetermined matching condition.

19. A user verification system, comprising:
- a portable electronic device (300), which is adapted to be carried by a user; and
  
  a data processing device (200) for directly accessing such portable electronic device (300) which is temporarily installed therein, said data processing device (200) including;
  
  a biometric information measuring unit (201) for measuring biometric information of said user;
  
  a biometric feature data extracting section (202) for extracting to-be-verified biometric feature data from said biometric information, which has been measured by biometric information measuring unit (201);
  
  a first encryption section (204) for encoding said to-be-verified biometric feature data with a public key; and
  
  a first transceiving interface (205) for transmitting/receiving data to/from said portable electronic device (300), said portable electronic device (300) including;
  
  a biometric feature data register section (302) having pre-stored valid biometric feature data of an authorized user of said portable electronic device (300);
  
  a second transceiving interface (301) for transmitting/receiving data to/from said data processing device (200);
  
  a biometric feature data verifying section (306) for comparing to-be-verified biometric feature data, which is received from an external device via said second transceiving interface (301), with said valid biometric feature data;
  
  a secret key register section (303) having a pre-stored valid secret key corresponding to said public key; and
  
  a decryption section (305) for decoding encoded data, which has been encoded with said public key, with said valid secret key, the encoded to-be-verified biometric feature data, which has been encoded by said first encryption section (204), being transmitted from said first transceiving interface (205) to said portable electronic device (300), said decryption section (305) decoding said encoded data, which has been received via said second transceiving interface (301), into the original to-be-verified biometric feature data, and said biometric feature data verifying section (306) comparing the original to-be-verified biometric feature data with said valid biometric feature data.

26. A portable electronic device with a user verification function utilizing biometric information, said portable electronic device, comprising:
- a biometric feature data register section (302) having pre-stored valid biometric feature data of an authorized user of said portable electronic device (300);
  
  a transceiving interface (301) for transmitting/receiving data to/from an external device;
  
  a biometric feature data verifying section (306) for comparing to-be-verified biometric feature data, which is received from an external device via said transceiving interface (301), with said valid biometric feature data;
  
  a secret key register section (303) having a pre-stored valid secret key corresponding to said public key; and
  
  a decryption section (305) for decoding encoded data, which has been encoded with said public key, with said valid secret key, said decryption section (305) decoding said encoded data, which has been received via said transceiving interface (301), into the original to-be-verified biometric feature data, and said biometric feature data verifying section (306) comparing the original to-be-verified biometric feature data with said valid biometric feature data.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Fujitsu Limited
Original Assignee
Fujitsu Limited
Inventors
Shinzaki, Takashi

Granted Patent

US 6,957,339 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/186
CPC Class Codes

G06F 21/32   using biometric data, e.g. ...

G06F 21/34   involving the use of extern...

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/40145   Biometric identity checks

G07C 9/257   electronically G07C9/26 tak...

G07F 7/1008   Active credit-cards provide...

User verification system, and portable electronic device with user verification function utilizing biometric information

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

184 Citations

32 Claims

Specification

Solutions

Use Cases

Quick Links

User verification system, and portable electronic device with user verification function utilizing biometric information

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

184 Citations

32 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links