(1) Field of the Invention
The present invention relates to a processor with a personal verification function and an operating device, which use differences in physical characteristics as identification information, in an information communication system.
(2) Description of Related Art
With development of networks, enterprises and local governments promote electronic information communication systems. In Japan, for example, electronic local governments, from which the residents can electronically get resident cards or the like, are under organization according to the e-Japan emphasis plan that the government announced in March, 2001. Additionally, the electronic commerce market keeps growing.
Such systems require a means (personal checking means) to ascertain whether a person who is now making an application or a deal in front of the display is certainly the person himself/herself. Heretofore, a magnetic card and a personal identification number (PIN) are used as means to confirm that a person is the person himself/herself without manual checking when the person enters into or leaves a facility, for example.
However, there are risks that these means may be lost, forgotten, stolen, etc. In an information communication system for an electronic local government, electric commerce, or the like, the users geographically scatter within a wide area, and various people from the old to the young may use the system over the network, thus the above risks are more serious.
For the above reason, there is vitally researched a technique using that a personal physical characteristic such as fingerprints, a face and the like differ from one person to another in order to obtain a means for personal check which cannot be lost, forgotten, stolen, etc. This technique uses a difference in physical characteristic of a user to perform authentication and identification.
Authentication is to determine, on the system's side, whether a user represented by a card or a PIN is the person himself/herself. Authentication signifies that the system determines whether a password inputted by a user agrees/disagrees with a password beforehand registered by the user, for example. In other words, authentication is to collate data of a user having been registered with data of a person now accessing to the system, corresponding to 1 (a password now inputted by a user) to 1 (a password beforehand registered by the person himself/herself) collation.
On the other hand, identification is to determine, on the system's side, that the person is a specific one of registered persons. When the system manages a person stepping into and out of, for example, a facility using his/her fingerprint, verification is to collate an obtained fingerprint with a number of registered fingerprints held by the system. In the case of identification, the system cannot know who a person accessing to itself is. Accordingly, identification corresponds to 1 (a fingerprint of an unknown person) to a number of persons (fingerprints of a number of persons having names) collation.
Hereinafter, “authentication” and “identification” are collectively referred as “personal verification”. “Personal verification” will be used as a general term for authentication and identification, not having another meaning.
Generally, an opportunity of personal verification is once or twice on a specific one person. In case where a user logs in from a personal computer to a network, the number of times personal verification is carried out is one. Personal verification is carried out once when the personal computer is started, after that, the system does not know who handles the personal computer. When management of a person stepping into and out of a security room is carried out twice when the person steps into and steps out of the security room.
In the case of management of a person stepping into and out of a room or a building, it can be said that the security can be assured by carrying out the personal verification of the person only when the person steps into and out of the room or the building because the room or the building is physically separated. In the case of an information communication system of, for example, an electronic local government over a network, it is desirable that the personal verification is carried out anytime or periodically because there is a possibility that another person pretends to be the user within a moment that the user leaves his/her seat while the user logs in.
Next, publications will be described.
Japanese Laid-Open (Kokai) Publication No. 11-149345 (hereinafter referred as publication 1) discloses a space-saving mouse for information processing with a structure simplified by integrating an authentication input unit into the mouse for information processing.
The above technique can readily ensure security of inputted/outputted information without spoiling compactness, light-weight and portability of the mouse. Additionally, an area occupied by the working area can be decreased, and the fingerprint input unit can be easily maintained and changed.
When using the mouse described in the publication 1, the user needs to press his/her finger onto the mouse to obtain authentication with his/her fingerprint. Accordingly, it is difficult to detect the fingerprint at any time without a burden on the user.
Japanese Patent Publication No. 3224216 (hereinafter referred as publication 2) discloses a technique, in which a fingerprint detecting unit is provided to a mouse that is an external input unit to read an image of a fingerprint from the fingerprint detecting unit at predetermined time intervals, and the fingerprint data read out is collated with registered fingerprint data to identify the user.
When the user changes in the course, an access to the computer becomes impermissible because the fingerprint is collated at predetermined time intervals. This makes it possible to make up a computer system having a high degree of security.
There is another known technique using an image of blood vessels of a hand as one of physical characteristics in the personal verification technique based on physical characteristics. For example, Japanese Patent Laid-Open (Kokai) Publication No. 7-21373 (hereinafter referred as publication 3) describes a personal verification apparatus, which uses a blood vessel seen-through image which is an imaged blood vessel image under the skin of a hand. This personal verification apparatus obtains a blood vessel see-through image by penetration or reflection to carry out personal verification.
This technique can use biological information, which can be obtain more safely, with a less burden on the user, and has a smaller number of characteristics than fingerprints.
The personal verification technique based on physical characteristics using a blood vessel image of a hand has following features: placing a less burden on a person to be photographed; difficult to forge because the blood vessels lie inside the body; almost possible even on a rough skin of a hand; applicable to most of people; providing a relatively high accuracy of verification; less affected by extraneous light; not always requiring the hand to contact with the apparatus because the blood vessels can be recognized so long as they are within a view of the camera; etc.
When a blood vessel image is photographed with reflection of near-infrared light, veins flowing near the surface of a body apt to be photographed, which is equivalent to use of only an image of veins, practically. It has been experimentally indicated that only an image of veins can provide a sufficient degree of accuracy of verification.
For example, Japanese Patent Laid-Open (Kokai) Publication No. 10-295674 (hereinafter referred as publication 4) discloses a personal verification apparatus which identifies a person with an image of veins on the back of a hand photographed with reflection of near-infrared light.
The above apparatus can be manufactured at a low cost, can identify a person and is free from risks such as loss or stealth of a card key when the card key is employed. Additionally, there is no need to fix a hand at a predetermined position, which allows the apparatus to be used conveniently and have a high identification performance.
The user operates the operating equipment, holding it in his/her own hand. A sensor which can photograph the hand is attached to the operating equipment, thereby to detect a physical characteristic at any time with a less burden on the user. As compared with a case where a measurement device is separately disposed, it is possible to save a space to dispose the apparatus.
The information communication system cannot know whether a person who transacts is the person himself/herself even when the person carries out a large sum of transaction in electronic commerce over a network. Accordingly, the information communication system does not have a practical means, which can be manufactured at a reasonable cost and by which the information communication system can confirm a person at any time. Any one of the techniques disclosed in the publications 1 through 4 does not carry out personal verification at any time or periodically without a burden on the users.
Practically, it is very difficult to force a person to take the personal verification using a card or a password, at any time or periodically. If a fingerprint authentication apparatus requires the user to press his/her fingerprint many times or face her blood vessels of the palm of his/her hand to a camera many times, it can be said that the apparatus is inconvenient. Accordingly, it is necessary to invent a method of detecting physical characteristics with a less burden on the user.
A characteristic to be detected as a physical characteristic has to have an image which can be readily photographed, and provide a distinct difference in lightness. An image of a face is relatively easily photographed, thus a burden on the user is small, but the present techniques cannot provide a high accuracy of authentication. A reason of this is that elements such as a change in hair style, presence/absence of eye glasses, a direction of the face, an angle of illumination, a change in expression, make-up, an intensity of illumination, etc. degrade the authentication accuracy. For this, a wrist, the back of a hand, the palm of a hand, a finger or an ear is generally used.
To completely remove a burden on the user, an automatic photographing unit may be used to automatically pursue a moving hand and photograph blood vessels of the palm of the hand. However, this is not practical in terms of price. Further, it is desirable that a space to set the apparatus for detection is as much as small.