1. Field of the Invention
This invention relates to a communication system. More particularly, this invention relates to a communication system for executing authentication (identifying) by using living body information (biological information).
2. Description of the Related Art
A communication technology that connects an authentication (identification) apparatus such as a cellular telephone, a personal computer, a portable information terminal, or the like, through the Internet has made a remarkable progress in recent years. For Internet connection in business concerns and homes, it is customary to connect a fixed type personal computer to a telephone line. Particularly recently, various information exchanges have become possible as a cellular telephone system such as so-called i-mode capable of being connected easily to the Internet has become wide spread.
Mail-order business and stock trade using a communication network such as the Internet has drawn an increasing attention nowadays because of its convenience that transactions can be made at one's home. When making a deal with a mating party by using an authentication apparatus, however, authentication as to whether or not a communicating party is an authentic party is practically difficult. Therefore, there is the possibility that the third party other than the authentic person communicates as the user with the mating party under the disguise of the authentic person.
Under these circumstances, it has been desired to further improve reliability of authentication that the user is the authentic person.
FIG. 14 shows a flow of a conventional authentication processing. First, the user uses an authentication apparatus such as a cellular telephone and connects it to the Internet. The user then transmits a password such as password number as data for authentication to the mating party under a designated condition. Receiving the password for authentication as the data, the mating party collates a password of the authentic person registered thereto in advance with the password sent from the user and confirms whether or not they are coincident. The user is authenticated as the authentic person when the passwords coincide and is not authenticated, when they do not.
After collation is completed, the mating party sends a collation end signal representative of authentication approval/rejection as information as data to the user. When the user is not authenticated as the authentic person, the user again transmits the password as the data to the mating party. When the user is authenticated, the authentication operation is finished at the point when the user receives the collation end signal, and communication is then started.
Incidentally, the term Communication used herein means transmission/reception of the intended information that is executed after the authentication operation is completed.
As described above, the conventional authentication operation confirms whether or not the user is the authentic person by collating the number the user transmits to the mating party with the password of the authentic person registered in advance to the mating party in order to prevent the third party other than the authentic person from communicating as the user with the mating party under the disguise of the authentic person.
The communication system using the conventional authentication apparatus is not free from the following problems.
The possibility of the leak of the password to the third party cannot be denied. When the password leaks to the third party, the conventional authentication operation cannot confirm whether or not the user is the authentic person.
In addition, it is afraid that the authentic person forgets the password. In such the case, the authentic person must ask the mating party, or often re-write the password. Thus, it should be very troublesome.
In the conventional authentication operation, the user must transmit the password as the data to the mating party, and must receive the collation end signal from the mating party. When the user sends a wrong password to the mating party, the user must again send the correct password to the mating party. In other words, transmission/reception of the data must be carried out at least twice between the mating party and the user.
When the number of times of data transmission/reception between the user and the mating party, the cost necessary for authentication increases. When the number of times of data transmission/reception is great, the possibility is high that a line between the user and the mating party is cut off during data transmission/reception for some reason or other. When the line is cut off during data transmission/reception, it becomes necessary to start once again the authentication operation from the beginning and this is troublesome and complicated.