1. Field of the Invention
The present invention relates to a device for verifying an individual and a method for verifying an individual, and in particular, to a device for verifying an individual and a method for verifying an individual by biological information.
2. Description of the Related Art
In conventional devices for verifying an individual by biological information, read biological information is registered in advance as data for verification (verification templates), and verification is carried out by comparing the verification templates and biological information which is read (inputted) as verification data at the time of verification. The biological information is analog information, and the biological information which is read at the time of verification is not the same as the verification templates. Therefore, if the differences between the verification templates and the verification data fall within a predetermined range, it is determined that the person who is the object of verification is a legitimate user.
Here, if a person is familiar with the internal specifications of the device for verifying an individual, he/she can guess the verification template by inputting appropriate verification data and utilizing the differences obtained by comparing this verification data with the registered verification templates. Therefore, there is the problem that the verification template will be surreptitiously used.
In order to overcome this problem, there is known a system for verifying an individual in which inputted password (code) data is converted by a one-way function and registered in advance as verification templates, and at the time of verification, the verification templates and data, which is obtained by converting the inputted password data similarly by the one-way function, are compared (see, for example, WO/01/042938).
However, in the system for verifying an individual which is disclosed in aforementioned WO/01/042938, the password (code) data is converted by a one-way function, but biological information is not converted by a one-way function. Therefore, there is the problem that this system cannot handle cases in which there is outflow of the password data.