1. Field of the Invention
The present invention relates to a biometric authentication system, a biometric authentication apparatus, and a biometric authentication program capable of reducing a possibility of re-failure due to an environmental problem during a retry of a biometric authentication.
2. Description of the Related Art
Examples of a conventional client-server online biometric authentication system include a client matching system and a server matching system.
In the client matching system, a template for matching (“matching template”) is created from biological information acquired in advance, and a client matches the acquired biological information with the template using a biological information capturing device during an authentication and transmits a matching result to a server, thereby performing a user authentication.
In the server matching system, a server holds a matching template created from biological information acquired in advance, biological information acquired in client environment is transferred to the server, and the server matches the transferred biological information with the template, thereby performing a user authentication.
The biological authentication system can prevent the occurrence of lost and theft of knowledge and property and prevent masquerading as compared with a conventional authentication system using knowledge such as a password and property such as an IC card. Therefore, it is known that a system ensuring higher security can be constructed.
As a system performing a safe biometric authentication online, there is known a system disclosed in Jpn. Pat. Appln. KOKAI Publication No. 2006-11768. In the system disclosed therein, each client apparatus (hereinafter, “client”) performing a biometric authentication outputs a context describing a result of a processing performed by the client itself (i.e., an authentication context) and authentication contexts output from all the clients are transmitted to a server apparatus (hereinafter, “server”).
The server can verify contents of biometric authentication processings performed by the clients by verifying these authentication contexts. At this time, an authenticator (e.g., an electronic signature) corresponding to the contents of the authentication context is created and described in the authentication context using secret information held by each client in secret. Namely, each client assures contents described in the corresponding authentication context by the authenticator. By verifying the contents of the authentication contexts and the authenticators, the server can verify the validity of the biometric authentication processings performed by the respective clients.
Although the conventional technique for performing the online biometric authentication as stated above has no serious problem normally, considerations of the inventor of the present invention indicate that it is necessary to improve the conventional technique for a processing performed if it is determined that an authentication result fails.
As for a conventional password authentication system, there is known a method of rejecting a predetermined number of authentication requests to the same account (hereinafter “account lock method”) according to the number of failures in authentication (hereinafter, “retry count”) so as to prevent leakage of a password as a result of server interference by a large number of illegal accesses and repeated attacks.
However, if the account lock method for locking the same account according to the number of authentication failures is used in the biometric authentication system, the following problems resulting from properties characteristic of the biometric authentication occur, unlike in the conventional password authentication system.
Cases of failures in biometric authentication include not only cases where biological information on an illegal user does not match with a template for a normal user but also cases involved with surrounding environments. Examples of the cases involved with surrounding environments include a case where a surrounding luminance is low for a face authentication, a case where fingers are dry or wet with sweat for a fingerprint authentication, and a case where loud noise is present for a voiceprint authentication. In these cases, biological information on the normal user is input as a value greatly different from the template.
However, the biometric authentication system using the account lock method determines whether to provide services only based on a matching result. Due to this, the system is unable to discriminate whether a biometric authentication failure is caused by an illegal user or by the environmental problem with a normal user. As a result, if there is an environmental problem with a normal user, then a biometric authentication fails by as much as the retry count and provision of services to the normal user are rejected despite the presence of the normal user.