1. Field of the Invention
The present invention relates to an IC card having an individual authentication function for authenticating whether a user of a card is a registered owner of the card.
2. Description of the Related Art
Recently, as the use of credit cards or bank cards has been rapidly increased, an increase in illegal use of these cards has become a big problem. This illegal use of cards includes the use of a card lost by its user by a third party, e.g., a person who finds it or the use of a forged card. To prevent such an illegal use of cards, it must be confirmed that a card is authentic or a user of a card is its owner.
As a conventional means for authenticating that a card is not a forged one or a user of a card is its legal owner, a password is generally used. For example, passwords of bank cards are stored in a central computing system of a bank connected to its ATM terminals through communication lines, thereby preventing an illegal use of the cards. In this case, however, when a legal user inserts a bank card into a card reader of an ATM terminal and inputs his or her password, this password can be read by third parties by a signal transmitted through communication lines. Therefore, an illegal use of cards by third parties cannot be perfectly prevented.
When an IC card is used as a bank card, on the other hand, since a password input using a terminal is internally authenticated by the card, it is impossible to read the password by a signal transmitted through communication lines. Also, when an IC card called a multifunctional IC card having a key input function and a data display function is used, a password is directly input in the card and internally authenticated by the card. Therefore, an illegal use of cards by third parties can be effectively, perfectly prevented.
Since, however, a number of four or more digits is generally used as a password, an owner of a card often forgets his or her own password. In this case, therefore, even a legal user of a card cannot use the card. In contrast, if an owner of a card designates a number which is easy to remember, e.g., his or her birth date or telephone number as a password, since this password can be easily guessed by third parties, an illegal use of the card by third parties cannot be prevented.
As a method of solving the above problems, there is a method of using physical characteristics of a user of a card instead of a password. That is, a certain physical characteristic of an owner of a card is registered beforehand, and a physical characteristic of a user of the card is checked and compared with the registered physical characteristic every time the card is used, thereby authenticating whether this user of the card is its legal user. Therefore, the owner of the card need not remember a password, and an illegal use of the card can be prevented.
To prevent an illegal use of cards of this type by third parties, a series of processing tasks from inputting of a physical characteristic to authentication must be executed by an integrated circuit incorporated in a card for the following reason. For example, such a physical characteristic is input from an external system to a card and subjected to signal processing or authentication by an internal IC of the card. Since a signal corresponding to the physical characteristic must be transmitted from the external system to the card, there is a possibility that this signal is read by third parties.
Published Unexamined Japanese Patent Application No. 63-163589 discloses an IC card with a fingerprint input device. This IC card with a fingerprint input device includes a solid-state image pickup device capable of inputting fingerprint data through a transparent film formed on the surface of the card. However, this device optically detects fingerprint data of a finger, if no water (sweat) is present between a finger and the transparent film, a contact state between the finger and the transparent film becomes worse, and it is difficult to correctly detect fingerprint data of the finger.