1. Field of the Invention
The present invention relates to an authentication apparatus and an entity device.
2. Description of the Related Art
In recent years, biometric authentication (biological authentication) has been vigorously introduced as a technique for strict principal confirmation. In biometric authentication, the information indicating the physical or behavioral features unique to an individual are sampled, and by comparing the sampled biometric information (biometric sample information) with the biometric information (biometric template) sampled and registered in advance, whether the individual is the principal or not is confirmed. As compared with the existing authentication methods such as the password authentication, therefore, the “principal” can be confirmed more strictly in the biometric authentication. Biometric information refers to fingerprints, iris pattern, retina pattern, face, voice, key strokes and handwriting. These kinds of biometric information, unlike the password or the IC card used in the existing authentication methods, has the advantage that there is little chance of loss or oblivion, and therefore, the burden on the user is reduced. Biometric authentication, which has been introduced in a fixed system such as the bank ATM (Automatic Teller Machine), is now under study for principal confirmation through the internet in electronic commercial transactions.
Biometric authentication, unlike the existing authentication methods such as password authentication, decides whether the principal confirmation is required or not according to the similarity between the biometric sample information and the biometric template. The similarity is dependent to a large extent on the devices and the algorithm for executing each process making up the biometric authentication (hereinafter referred to as the authentication subprocess) such as “the process of sampling the biometric information (the process of extracting the biometric characteristic amount”, “the matching process” or “the process of determining the similarity (the process of making comparison with a predetermined threshold value)”. In the biometrics for the fixed system such as the bank ATM, the legitimacy of the operation of the bank ATM executing each authentication subprocess can be assured by the verifier (bank, etc.), and therefore, no problem is posed.
Biometric authentication through the internet, however, poses the problem that the legitimacy of each authentication subprocess executed on the part of the user cannot be assured by the verifier.
As a technique for solving this problem, an authentication system using an authentication context for biometric authentication is known (see, for example, Jpn. Pat. Appln. KOKAI Publication No. 2006-11768). An authentication context is the information for permitting the device executing each authentication subprocess to assure the result of execution and the verifier to verify the legitimacy of each process.
This authentication system using the authentication context poses no problem as long as only one function module capable of executing a given authentication subprocess exists in the same device.
For example, the verifier verifies the authentication context generated in the device for executing the authentication subprocess (hereinafter referred to as the entity device) and thereby can confirm the legitimacy of the authentication subprocess executed by the entity device. Incidentally, the authentication context includes information on the functions of the entity device that has generated the particular authentication context.
The study of the present inventor, however, indicates that the inconveniences described below develop in the case where the same entity device has a plurality of function modules capable of executing a given authentication subprocess.
Specifically, in the case where the principal confirmation process is executed by selecting a given one of a plurality of function modules in the entity device, the verifier cannot determine from the authentication context which function module has executed the authentication subprocess.
In the case where a plurality of function modules have different matching accuracy, therefore, the verifier inconveniently cannot decide the legitimacy of the authentication subprocess and hence cannot decide the success or failure of the authentication.