With the spread of the Internet and advancements in mobile technology, the demand for authentication to verify the identity of a person is increasing in e-commerce, online banking, online games, and other various transactions over the Internet.
Authentication methods can be broadly classified into those with three different factors. The first factor (knowledge) is to present the information which is known only to that person, and examples include a password, and a combination of secret question and answer. The second factor (possession) is to present information which is owned only by that person, and examples include a one-time password, IC card, and a table of random numbers. The third factor (physical and behavioral characteristics) is to identify a person by biometrics authentication and the like, and examples include vein authentication, fingerprint authentication, voiceprint authentication, and iris authentication. Incidentally, the distinction between the first and second factors is not always clear, and a one-time password, for example, may be classified into the first factor.
The most typical user authentication is an authentication method which uses a user name (ID) and a password, however, it is recognized that this authentication method is not always reliable and is particularly vulnerable to the list type account hacking and phishing sites. “Username (ID)+password” may be combined with other authentication methods. For example, according to the risk-based authentication which is widely adopted in the in the actual authentication system, user's environmental information (personal computer and network being used, IP address and ISP therethrough) and behavioral patterns are analyzed, and if the environment and behavioral patterns are different than usual and a possible fraudulent transaction is determined, additional authentication (pre-registered watchword entry or entry of one-time password sent by e-mail, for example) is conducted.
Conducting user authentication by combining a plurality of authentication methods, particularly multi-factor authentication using a combination of authentication methods with different factors, is effective in improving security. In the present specification, “a combination of a plurality of authentication methods” also includes a combination of authentication methods with the same factor, but “multi-factor authentication” refers to a combination of a plurality of authentication methods with different factors. There have been a number of proposals to conduct person authentication by combining a plurality of authentication methods, and some of them will be illustrated.
Patent Document 1 (JPA2003-67340) discloses an authentication selection system comprising a combination generating portion for generating one authentication or a combination of authentication using at least one authentication means to authenticate a person; an integrated authentication performance calculating portion for calculating authentication performance for the authentication or the combination of authentication; and an authentication means selecting portion for selecting one authentication or a combination of authentication to meet target performance required for authenticating a person using at least one authentication means. Authentication performance of the authentication means can be represented, for example, by a false rejection rate (FRR) which is a ratio of false rejection (FR) by which a person, who is the registrant himself, is authenticated to be as another person who is not the registrant himself; and by a false acceptance rate (FAR) which is a ratio of false acceptance (FA) by which a person, who is another person being not the registrant himself (another person) is authenticated to be as the registrant himself. The authentication performance (FRR and FAR) of each authentication means is updated by analyzing log data obtained by the actual authentication. Regarding the authentication means selecting portion, the authentication means is selected by the system from a predetermined combination of the authentication means in accordance with a table, and the combination does not change at each transaction.
Patent Document 2 (JPA2005-107592) relates to an authentication method selecting system in which an authentication method for a user is selected from a predetermined authentication methods when providing different kinds of transactions to the user. Authentication performance is evaluated by a misidentification rate which is expressed by a power of 10, 10−4 for example. The misidentification rate is a probability of a user being misidentified as another person. The authentication performance becomes higher as the misidentification rate becomes lower. The misidentification rate for a combination of authentication methods is obtained by multiplying a misidentification rate of each of authentication methods. When combining an authentication method 1 (a misidentification rate of 10−4) and an authentication method 2 (a misidentification rate of 10−3), a misidentification rate of 10−7 can be obtained by 10−4×10−3. When a transaction to be conducted is designated, an authentication method selecting portion of the authentication method selecting system selects one or a combination of authentication methods such that the misidentification rate is lower than a user-dependent misidentification rate for the transaction.
Patent Document 3 (JPA2009-237643) discloses an authentication system comprising a first authentication device which acquires a first authentication level; a second authentication device which acquires a second authentication level; and an authentication determining device which authenticates based on a comparison between a predetermined value and a sum of the first authentication level and the second authentication level. According to this system, authentication of a person is performed based on a sum of authentication levels obtained by a plurality of authentication devices so that the minimum required authentication accuracy can be ensured even if authentication levels of some of the plurality of authentication devices are low. If an elapsed time from previous authentication is short, authentication levels may easily exceed a threshold value by weighting the authentication level of each authentication device based on the historical information of the past authentication, so that the convenience is further enhanced.
When considering security, the user's point of view is also important. Many questionnaire survey results show that the users place emphasis on the usability of the authentication system while having an interest in the security of the system. Generally, an attempt to improve security impairs usability. Ensuring security without burdening users is an issue.
Due to the spread of the Internet, various online transactions are conducted and historical date for each transaction can be accumulated. Inventors of the present invention have been considering user authentication which is conducted without requiring a user to perform any authentication procedures at a transaction using such data.
From the standpoint of the user, it would be ideal if authentication is conducted at the system side without requiring the user to perform any authentication procedures. However, in reality, for most of the authentication, it would be difficult to ensure security by using only the historical data. It may be necessary to conduct authentication together with other authentication methods. In this regard, it is considered that flexibility is given to the user in selecting an authentication method which is used together with historical data to reduce a burden on the user.
Patent Document 4 (JPA2003-196566) discloses an authentication process in which an authentication level of a user is determined prior to an authentication process based on behavioral patterns of the user. This idea is similar in that the behavioral pattern as historical data is used, but according to Patent Document 4, authentication methods are predetermined corresponding to each authentication level which is determined in accordance with four stages A to D, and not selected by the user.