JP2007264929A - User authentication system, user authentication method, operation terminal and server or the like - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a user authentication system wherein authentication information or the like can be easily memorized by a user while preventing the authentication information or the like from leaking to others when the user inputs the authentication information or the like, a user authentication method, an operation terminal and a server, etc. <P>SOLUTION: The system control part 18 of an ATM terminal 1 displays an object on a display operation part 16 and changes the display state of the object operated by the user on the basis of operation information inputted from the display operation part 16. The system control part 23 of a host computer 2 registers an image password indicating the image ID of the object with changed display state and motion information indicating the change contents of the display state in association with each other in a database constructed in a storage part 22, compares it with the image password of the user registered in the storage part 22 and authenticates the user. <P>COPYRIGHT: (C)2008,JPO&INPIT

Description

  The present application relates to a technical field such as a user authentication system, a user authentication method, an operation terminal, and a server that perform user authentication processing based on contents input and operated by a user while viewing a screen.

  Conventionally, passwords are used to perform user authentication at ATM terminals (Automatic Teller Machines) installed in financial institutions, information processing terminals such as personal computers, or websites connected to the Internet. In general, the user is required to input authentication information such as a personal identification number or a personal identification number.

  This authentication information is mainly represented by letters and numbers, and is directly input by operating a button or a keyboard. Therefore, there is a problem that the authentication information is likely to be leaked if the input operation is stolen. Some have been pointed out in the past. In addition, when characters, numbers, etc. (for example, names, telephone numbers, etc.) related to the user are used for the authentication information, there is a problem that the authentication information is easily guessed by others. To solve this problem, it is possible to prevent the leakage of authentication information to some extent by increasing the number of digits of authentication information or using random authentication information, but this time the user himself / herself learns the authentication information. The problem that cannot be done.

  Under such circumstances, techniques aimed at preventing leakage of authentication information and ease of remembering of authentication information by the user himself have been proposed.

  For example, Patent Document 1 discloses a technique for displaying a plurality of bitmap icons and a plurality of rooms on a screen and allowing a user to input a password by sequentially specifying bitmap icons and entering the rooms into any one of the rooms. ing.

Patent Document 2 discloses a technique for displaying a plurality of images on a screen, detecting the line of sight of a user who is gazing at these images, and performing authentication using the image gazed by the user as authentication information.
Japanese Patent Laid-Open No. 10-289210 JP-A-2005-149326

  However, in the techniques described in Patent Documents 1 and 2, the characters and numbers that the user has sequentially input as passwords are simply replaced with pictures and images, so that the password is easy to remember for the user himself / herself. It is hard to say that.

  The present application has been made in view of the above points, and an example of the problem is that a user who can easily authenticate the authentication information while preventing the leakage of the authentication information when the user inputs the authentication information. An object is to provide an authentication system, a user authentication method, an operation terminal, a server, and the like.

  In order to solve the above-mentioned problem, the invention according to claim 1 is a user authentication system for performing user authentication processing, wherein at least one or more screen components are displayed on a screen; and Input means for inputting user operation content as operation information, change means for changing the display state of the screen component based on the input operation information, and the screen configuration in which the display state is changed An authentication means for performing an authentication process based on a comparison result between the screen composition change information indicating the object and the change content in association with each other and the screen composition change information stored in advance as authentication information in the storage means It is characterized by.

  According to a third aspect of the present invention, in the user authentication system comprising an operation terminal operated by a user and a server for performing user authentication processing, the operation terminal displays at least one screen component on a screen. Display means for displaying; input means for inputting user operation details on the screen composition as operation information; changing means for changing a display state of the screen composition based on the input operation information; And the server device includes storage control means for storing, in the storage means, screen composition change information indicating the screen composition whose display state has been changed and the change content in association with each other as authentication information. It is characterized by.

  The invention according to claim 8 is a user authentication method in a user authentication system comprising an operation terminal operated by a user and a server that performs user authentication processing, wherein the operation terminal is at least one or more. A step of displaying a screen composition on the screen; and a step of changing the display state of the screen composition based on operation information indicating an operation content of the user with respect to the screen composition input from the input means by the operation terminal. The screen composition change information indicating the screen composition whose display state has been changed and the change contents in association with each other, and the screen composition change information stored in advance as authentication information in the storage unit And a step of performing an authentication process based on the comparison result.

  The invention according to claim 9 is a user authentication method in a user authentication system comprising an operation terminal operated by a user and a server that performs user authentication processing, wherein the operation terminal includes at least one or more operation terminals. A step of displaying a screen composition on the screen; and a step of changing the display state of the screen composition based on operation information indicating an operation content of the user with respect to the screen composition input from the input means by the operation terminal. And the server device comprises a step of storing screen composition change information indicating the screen structure whose display state has been changed and the change content in association with each other as authentication information in a storage unit. And

  A tenth aspect of the present invention is an operation terminal included in the user authentication system according to any one of the second to seventh aspects, wherein the display unit, the input unit, and the changing unit are provided. And

  The invention described in claim 11 is a server included in the user authentication system described in claim 2, characterized in that it comprises the authentication means.

  A twelfth aspect of the invention is a server included in the user authentication system according to the third aspect of the invention, which includes the storage control unit.

  According to a thirteenth aspect of the present invention, a computer is caused to function as the operation terminal according to the tenth aspect.

  According to a fourteenth aspect of the invention, a computer is caused to function as the server according to the eleventh or twelfth aspect.

  Hereinafter, the best embodiment of the present application will be described in detail with reference to the drawings. In the embodiment described below, the present application is applied to an automated teller payment system in which a customer of a financial institution uses a cash card or the like to deposit, withdraw, transfer, balance inquiry, etc. It is an embodiment.

[1. Overview of Automatic Cash Deposit System Configuration and Functions]
First, the structure and function of the automatic teller payment system S according to the present embodiment will be described with reference to FIG.

  FIG. 1 is a diagram illustrating an example of a schematic configuration of an automatic teller payment system S according to the present embodiment.

  As shown in FIG. 1, the automatic teller payment system S is configured by connecting an ATM terminal 1 as an example of an operation terminal and a host computer 2 as an example of a server to a network NW. The ATM terminal 1 and the host computer 2 can exchange data with each other via the network NW.

  In this system, a customer (an example of a user) who has an account at a financial institution (for example, a bank) operates the ATM terminal 1 to transmit and receive data between the ATM terminal 1 and the host computer 2. Account management processing is executed based on customer information, account information, etc. stored in the host computer 2 to check account balances, pay out cash to customers, deposit cash to customer accounts, Transfers from the account to other accounts (including accounts of other financial institutions), entry of bankbooks, etc. are performed.

  Prior to these processes, the ATM terminal 1 and the host computer 2 cooperate to execute the process, thereby displaying an image for authentication on the screen of the ATM terminal 1, and displaying the image displayed on the screen. When the customer operates to move the image, the authentication information used for the customer authentication process is generated in the ATM terminal 1, and the customer authentication process is executed in the host computer 2. In the present embodiment, this authentication information is referred to as an image password.

[2. Configuration and functions of ATM terminal]
Next, the configuration and function of the ATM terminal 1 will be described with reference to FIGS.

  As shown in FIG. 1, the ATM terminal 1 includes a communication unit 11, a card reading unit 12, a bankbook handling unit 13, a cash handling unit 14, an operation unit 15, and a display operation unit 16 as an example of an input unit. And a storage unit 17 and a system control unit 18 as an example of a display unit and a changing unit. The system control unit 18 and each unit are connected to each other via a system bus 19.

  The communication unit 11 is connected to a network and controls communication between the host computer 2 and the system control unit 18.

  The card reading unit 12 includes, for example, a card feeding unit, a card storage unit, a data reading unit, and the like, and sends a cash card inserted from a card insertion slot (not shown) to the card storage unit by the card feeding unit. The data reading unit reads data such as a magnetic stripe attached to a cash card fixed to the card, an account number recorded in an IC (Integrated Circuit) memory, and the like, and outputs the data to the system control unit 18 It has become.

  The bankbook handling unit 13 includes, for example, a bankbook sending unit, a bankbook storage unit, a magnetic reading unit, a page breaker, a character reading unit, a printing unit, etc., and a bankbook inserted from a bankbook insertion port (not shown) Data such as an account number recorded in a magnetic stripe or the like attached to a passbook fixed to the storage unit is read to a magnetic reading unit, and the data is output to the system control unit 18 It has become. Further, the passbook handling unit 13 detects a non-printing start position of the passbook by reading the characters printed on the passbook by the character reading unit while turning the page of the passbook by the page break unit, and the printing unit is the system control unit 18. The characters such as transaction date, transaction content, payment amount, deposit amount, balance, etc. are printed from the unprinted start position of the book based on the print data output from the.

  The cash handling unit 14 includes, for example, a banknote storage unit, a coin storage unit, a banknote / coin processing unit, a banknote coin depositing unit, and the like, and the banknote / coin processing unit uses the data indicating the payout amount output from the system control unit 18. Corresponding banknotes and coins are taken out from the banknote storage part and the coin storage part and supplied to the banknote coin depositing part. Further, the cash handling unit 14 sends the banknotes and coins put in the banknote coin depositing unit to the banknote storage unit and the coin storage unit while detecting the type and number of banknotes and coins by the banknote / coin processing unit. The indicated data is output to the system control unit 18.

  The operation unit 15 includes, for example, operation buttons, a numeric keypad, and the like, and outputs data such as the amount of money input by the customer to the system control unit 18.

  The display operation unit 16 includes a display such as a liquid crystal display and a CRT (Cathode Ray Tube) display, and displays characters, images, and the like on the display based on image data output from the system control unit 18. ing. The display operation unit 16 includes a touch panel fixed so as to cover the display screen of the display, and the transparent electrode thin film on the touch panel is brought into contact with the transparent electrode thin film by pressure generated on the touch panel. A change in voltage or the like is monitored, and coordinates of a position where the customer touches the touch panel are detected from the change. In this way, the display operation unit 16 detects which position on the display screen the user touches with a finger or the like, and performs system control using the position information (coordinates) as operation information for operating an image to be described later. The data is output to the unit 18.

  The storage unit 17 includes, for example, an information storage medium such as a flash memory and a hard disk drive, an information recording / reproducing unit, and the like, and stores various programs, data, and the like.

  The system control unit 18 includes a CPU (Central Processing Unit), a RAM (Random Access Memory), a ROM (Read Only Memory), and the like, and reads and executes various programs stored in the ROM and the storage unit 17, thereby executing the ATM terminal 1. While controlling the whole, it functions as a display means, a change means, and the like. Various programs may be recorded in the ROM in advance, or may be downloaded from the host computer 2 or the like via the network NW, or recorded on a recording medium such as a CD-ROM, It may be read via an optical disk drive or the like.

  Specifically, for example, the system control unit 18 controls the communication unit 11 to inquire of the host computer 2 about customer account information and the like from the customer account number read by the card reading unit 12, and asks the display operation unit 16 for the customer. While displaying the service menu, etc., the account balance is displayed on the display operation unit 16 based on the acquired account information, etc., and the deposit, withdrawal, and passbook of cash by controlling the passbook handling unit 13 and the cash handling unit 14 Processing such as entry is executed, and when the account details of the customer change by these processing, information for updating the account information is transmitted to the host computer 2.

  Further, the system control unit 18 displays an image for inputting an image password on the display operation unit 16 in order to perform a customer authentication process, and is input by the customer operating the display operation unit 16 (touching the screen). The image displayed on the display operation unit 16 is changed based on the operation information, an image password is generated based on the change, and the image password is transmitted to the host computer 2.

  FIG. 2 is a diagram illustrating an example of a genre selection screen displayed on the display operation unit 16.

  As shown in FIG. 2, the system control unit 18 displays a genre selection screen as an image password input initial screen. On the genre selection screen, a plurality of genre images 100 indicating genres of images are displayed (six images 100a to 100f in the example of FIG. 2), and another candidate display button 101 is displayed.

  When the customer touches one of the genre images 100 displayed on the screen (selects the genre image 100), the system control unit 18 selects a block selection screen (described later) corresponding to the genre indicated by the touched genre image 100. ) Is displayed. When the user touches another candidate display button 101 (selects another candidate display button 101), the system control unit 18 displays a different genre image 100. Instead of an image indicating a genre, for example, a list of characters indicating the genre may be displayed.

  FIG. 3 is a diagram illustrating an example of a block selection screen displayed on the display operation unit 16. This figure is an example of a block selection screen displayed when the user selects a genre image 100a on the genre selection screen shown in FIG.

  As described above, when the user selects a certain genre image 100 displayed on the genre selection screen, the system control unit 18 displays a block selection screen as shown in FIG. One or a plurality of blocks 200 (an example of an area) are displayed on the block selection screen (six blocks 200a to 200f in the example of FIG. 2), and a password confirmation button 201 is displayed.

  Each block 200 displays one or a plurality of objects (an example of a screen component) related to the genre selected on the genre selection screen. For example, in the block 200a, four objects, a house 301, a car 302, a landscape 303, and a forest 304, are displayed.

  When the customer touches any of the blocks 200 displayed on the screen (selects the block 200), the system control unit 18 enlarges the image of the touched block 200 and displays the object operation screen. It has become.

  FIG. 4 is a diagram illustrating an example of an object operation screen displayed on the display operation unit 16.

  As shown in FIG. 4, the image of the selected block 200 is displayed in a large size, and a confirmation button 401 is displayed. The customer can operate each of the objects displayed on the screen (in the example of FIG. 4, a house 301, a car 302, a landscape 303, and a forest 304), and the display state of the object changes according to the operation. .

  In this system, the act of the customer operating the object and changing the display state of the object is the act of inputting the image password.

  FIGS. 5A, 5B, 6A, and 6B show examples of changes in the display state of the image when the object displayed on the display operation unit 16 is moved based on the operation of the customer. FIG.

  For example, as shown in FIG. 5A, the object displayed on the screen can be moved (in the example of FIG. 5, the car 302 is moved from the lower left corner of the screen to the vicinity of the landscape 303). Specifically, for example, the system is controlled by a customer touching the screen (of the display operation unit 16) with a finger to select an object displayed on the screen and tracing the screen while touching the screen with the finger. The unit 18 displays the object while changing the position of the object on the screen while detecting the operation content by the customer. In addition to this, for example, when the customer touches the screen, a menu for selecting the operation content for the selected object is displayed, and after the user touches the screen and selects "Move", the place on the screen to be moved By touching the confirmation button 401 (selecting the confirmation button 401) after touching the finger, the display position of the selected object may be changed and displayed.

  In the example shown in FIG. 5B, the car 302 is moved around the forest 304 and moved to the house 301. As described above, various operations can be performed on the object even if one movement is taken.

  In the example shown in FIG. 6A, the state is changed from a state where one tree of the forest 304 stands to a state where the tree 304 falls down. Specifically, for example, as described above, when a customer selects an object, a menu is displayed, and when the user touches the screen and selects “defeat” or the like, the display state of the object may be changed. Or, after a customer selects an object, an element constituting the object (for example, one tree in the example of Hayashi 304) is selected, and the customer defeats the selected element with a finger touched by the customer. The display state of the object may be changed by tracing the screen with an image.

  In the example shown in FIG. 6B, as in the example of FIG. 5A, the color of the roof of the house 301 changes by moving the paint 305, which is an object, from the lower right corner of the screen and overlaying it on the house 301. (That is, the roof of the house 301 is painted with paint 305).

  As described above, when the customer operates the object, the system control unit 18 can change the display state of the object, but the above is an example, and the type of change in the display state is not limited to this. For example, object movement (or display position change), shape change (including movement), rotation (or posture change), pattern change, color change, object deletion, etc. can be applied. . All of these may be used, or one or more of them may be selected and applied.

  When the display state of the object is changed in this way, a combination of the object selected by the customer and the change content of the display state of the object is generated as one unit of the image password (an example of object change information). Here, the object selected by the customer is indicated by an image ID (Identify) assigned to each object, and the change contents of the display state of the object are indicated by motion information. The content of the motion information is, for example, a coordinate string indicating a trajectory when the object moves, a coordinate of a movement destination, or a file name of image data indicating an image when the shape of the object changes. Or information indicating the change location when the color of the object changes and the color after the change, but are not limited thereto.

  When one operation on the object (input of one image password unit) is completed, the system control unit 18 displays the block selection screen again. Thereby, the customer can further operate the object multiple times by selecting the block 200 and displaying the object operation screen. That is, a long image password can be input. Then, after the customer operates the object an arbitrary number of times, the customer confirms the image password by selecting the password confirmation button 201 (FIG. 3).

  The act of manipulating and moving a picture such as an object described so far (changing the display state) is very easy for a customer to remember, unlike passwords using passwords or characters. On the other hand, in order for a third party to steal and remember the image password while the customer is manipulating the object and entering the image password, it is necessary to see all of the operation details, but it can be operated from the beginning to the end. If the content is closely watched, it will be suspicious by the customer or a bank clerk, so the opportunity for a third party to remember the image password is very limited and security is improved.

  Here, from the viewpoint of making it easy for a customer to remember an image password, what is expressed in an object is not an image (for example, a ground pattern, an abstract image, etc.) that is difficult to recognize what the customer means It is desirable that the image expresses an object or matter that can be clearly recognized by the customer, such as a house or car as described above (not only in the real world, but also in an imaginary one) Good (for example, comic characters). From the same point of view, it is desirable that the change in the display state of the object by the operation of the customer is not a content that is difficult to imagine from the thing or matter expressed by the object, but a content that is consistent with the thing or the like ( For example, the car moves, the roof of the house is painted and the color changes).

  In the present embodiment, after the customer operates one object, the unit for the image password is confirmed by selecting the confirm button 401. For example, the customer operates a plurality of objects in the same block. Thereafter, one unit of the image password may be confirmed by selecting the confirmation button 401 so as to correspond the motion information of a plurality of objects. In this way, by associating the motion information of a plurality of objects with one block, it becomes more difficult for a third party to remember the image password.

  In the present embodiment, information indicating which block 200 the customer has selected is also included in the image password.

[3. Configuration and functions of host computer]
Next, the configuration and functions of the host computer 2 will be described with reference to FIGS. 1 and 7 to 10.

  As shown in FIG. 1, the host computer 2 includes a communication unit 21, a storage unit 22 as an example of a storage unit, and a system control unit 23 as an example of an authentication unit, a storage control unit, and a generation unit. The system control unit 23 and each unit are connected to each other via a system bus 24.

  The communication unit 21 is connected to a network and controls communication between the ATM terminal 1 and the system control unit 23.

  The storage unit 22 is constituted by, for example, a hard disk drive or the like, and stores various programs and data. The storage unit 22 includes a customer information DB (database) 22a, an image DB 22b, a customer ID management DB 22c, and a password management DB 22d. Although not shown, an account information management DB and the like are also constructed in addition to this.

  FIG. 7 is a diagram illustrating an example of customer information stored in the customer information DB 22a.

  As shown in FIG. 7, in the customer information DB 22a, the account number, name, address, customer ID, and password are stored as customer information for each customer. Here, the customer ID is identification information individually assigned to each customer. In addition, for example, a number designated by the customer at the time of opening an account is set in advance as the personal identification number.

  FIG. 8 is a diagram illustrating an example of image management information stored in the image DB 22b.

  As shown in FIG. 8, the image DB 22b stores the image ID, the file name of the image data representing the image, and the genre ID as image management information for each object. Here, the genre ID is identification information indicating the genre to which the object belongs, and corresponds to the genre image shown in FIG. In addition to image management information, the image DB 22b also stores image data of objects.

  FIG. 9 is a diagram illustrating an example of customer ID management information stored in the customer ID management DB 22c.

  As shown in FIG. 9, the customer ID management DB 22c stores the customer ID and password ID for each customer. Here, the password ID is identification information indicating an image password registered by the customer operating the ATM terminal 1.

  FIG. 10 is a diagram illustrating an example of password management information stored in the password management DB 22d.

  As shown in FIG. 10, in the password management DB 22d, an image in which a selected image ID, motion information, and selected block information (an example of area specifying information) are registered by a customer in association with each password ID together with the password ID. It is stored as password information.

  Here, the selected image ID indicates the image ID of the object selected and operated by the customer in the ATM terminal 1. Further, the motion information indicates the change contents of the display state of the object indicated by the selected image ID as described above. In FIG. 10, a coordinate string (array of X coordinates and Y coordinates) indicating a locus when the object moves is shown as an example of motion information. However, as described above, the content of motion information is limited to this. It is not a thing.

  The selected block information is information indicating the display pattern of the object in the block in which the operation of the object is performed (the block selected on the block selection screen), the image ID of the object displayed in the block, and the display thereof The coordinates indicating the position (for example, relative coordinates from the upper left corner of the block) are included.

  The system control unit 23 includes a CPU, a RAM, a ROM, and the like, and controls the entire host computer 2 by reading and executing various programs stored in the ROM and the storage unit 22, and also includes an authentication unit, a storage control unit, and a generation unit. The specific processing contents will be described later. Various programs may be downloaded from another server or the like via the network NW, or may be recorded on a recording medium such as a CD-ROM and read via an optical disk drive or the like. good.

[4. Operation of the automated teller system]
Next, operation | movement of the automatic teller payment system S is demonstrated using FIG.

  First, the operation at the time of image password registration will be described.

  FIG. 11 to FIG. 13 are flowcharts showing a processing example at the time of image password registration of the automatic teller payment system S according to the present embodiment.

  When the customer inserts the cash card into the card insertion slot of the ATM terminal 1, as shown in FIG. 11, the system control unit 18 of the ATM terminal 1 reads the account number and the like recorded on the cash card by the card reading unit ( In step S1, the read account number and the like are transmitted to the host computer 2 as a customer ID inquiry request (step S2).

  When the system control unit 23 of the host computer 2 receives the customer ID inquiry request (step S51), the customer management DB 22a is specified by the received account number, the customer is specified, and information about the customer is read (step S52). Next, the system control unit 23 generates menu data for displaying a service menu corresponding to the customer ID (step S53), and transmits the generated menu data to the ATM terminal 1 (step S54).

  Upon receiving the menu data, the system control unit 18 of the ATM terminal 1 displays a service menu on the display / operation unit 16 based on the menu data (step S4), and shifts to a menu selection wait (step S5). As a result, menus such as “Deposit”, “Drawer”, “Balance inquiry”, and “New image password registration” are displayed on the screen.

  Here, when the customer touches the screen and selects one of the menus (step S5: YES), the system control unit 18 determines whether or not new image password registration is selected (step S6), and new image password registration is performed. When a menu other than is selected (step S6: NO), processing corresponding to the selected menu is executed (step S7). In addition, since the specific processing content at this time is well-known, description is abbreviate | omitted.

  On the other hand, when the new image password registration is selected (step S6: YES), the system control unit 18 displays a password input screen on the display operation unit 16 (step S8), and shifts to a password input waiting state (step S8). S9).

  Here, when the customer inputs the password by operating the operation unit 15 (step S9: YES), the system control unit 18 transmits the input password to the host computer 2 (step S10).

  When the system control unit 23 of the host computer 2 receives the personal identification number (step S55), it authenticates by comparing the received personal identification number with the registered reference number (the personal identification number read from the customer DB 22a). Processing is performed (step S56). In the following description, it is assumed that the system control unit 23 executes the process assuming that the password entered by the customer is a correct number.

  Next, as shown in FIG. 12, the system control unit 23 reads out image data for genre selection from the storage unit 22 (step S57), and transmits the image data to the ATM terminal 1 (step S58).

  Upon receiving the image data for genre selection (step S11), the system control unit 18 of the ATM terminal 1 displays a genre selection screen on the display operation unit 16 based on the image data as shown in FIG. (Step S12), the process proceeds to genre selection waiting (Step S13).

  When the customer selects any genre image 100 (step S13: YES), the system control unit 18 transmits a genre ID corresponding to the selected genre image 100 to the host computer 2 (step S14).

  Upon receiving the genre ID (step S59), the system control unit 23 of the host computer 2 reads out the image management information and the image file of the object belonging to the received genre ID from the image DB 22b and displays them based on the image management information. Pattern data (an example of pattern information) is generated (step S60). Specifically, the system control unit 23 determines the number of blocks to be displayed (usually a plurality of blocks) and display position information (an example of area specifying information, for example, display order) indicating the display position. The number of objects to be displayed is determined, the corresponding number of objects are associated with each block, the display position of each object in the block is determined, and display pattern data including these pieces of information is generated. In addition, as a generation method of display pattern data, for example, the contents of each information may be determined at random, or information of a plurality of patterns is stored in the storage unit 22 in advance, and the patterns are combined. May be generated.

  Next, the system control unit 23 transmits the generated display pattern data and image file to the ATM terminal 1 (step S61).

  Upon receiving the display pattern data and the image file (step S15), the system control unit 18 of the ATM terminal 1 displays a block selection screen on the display operation unit 16 based on these pieces of information as shown in FIG. (Step S16), the process proceeds to block selection waiting as shown in FIG. 13 (Step S17).

  When the customer selects any block 200 (step S17: YES), the system control unit 18 displays an object operation screen corresponding to the selected block 200 as shown in FIG. 16 (step S18), and shifts to an object selection wait (step S19).

  When the customer selects any object (step S19: YES), the system control unit 18 transmits the object ID of the selected object and the display position information of the selected block to the host computer 2 (step S20). ), A transition is made to waiting for object operation (step S21).

  Here, when the customer operates and moves the selected object (step S21: YES), the system control unit 18 changes the display state of the object according to the operation and displays it on the display operation unit 16 (step S21). In step S22, the motion information obtained by the change in the display state is transmitted to the host computer 2 (step S23), and a block selection screen is displayed.

  On the other hand, when the system control unit 23 of the host computer 2 receives the object ID and the display position information transmitted from the ATM terminal 1 (step S62), it generates a password management ID and receives the password ID and the password ID in the password management DB 22d. The image ID (selected image ID) is registered in association with each other, and the display pattern (image ID and display position associated with the block) corresponding to the received display position information is generated in step S60. Obtained from the pattern information, this information is registered as selected block information in association with the selected image ID (step S63).

  After that, when receiving the motion information transmitted from the ATM terminal 1 (step S64), the system control unit 23 registers the motion information in association with the previously registered selected image ID (step S65). Thereby, one unit of the image password is registered in the password management DB 22d.

  On the other hand, the system control unit 18 of the ATM terminal 1 determines whether or not the password confirmation button 201 has been selected (step S24). If not selected (step S24: NO), the processing of steps S17 to S23 is repeated. As a result, the system controller 23 of the host computer 2 also repeats the processes of steps S62 to S65.

  When the customer selects the password confirmation button 201 (step S24: YES), the system control unit 18 of the ATM terminal 1 transmits a completion notification to the host computer 2 (step S25), and the process is terminated.

  When receiving the completion notification (step S66), the system control unit 23 of the host computer 2 registers the password ID in the customer ID management DB 22c in association with the customer ID (step S67), and ends the process.

  Next, an operation in the case where customer authentication is performed using an image password will be described.

  FIGS. 14 to 16 are flowcharts showing a processing example at the time of customer authentication of the automated teller machine S according to this embodiment. In FIG. 14, the same elements as those in FIGS. It is.

  When the customer inserts a cash card into the card insertion slot of the ATM terminal 1, as shown in FIG. 14, the system control unit 18 of the ATM terminal 1 executes the processes of steps S1 to S5 as in the case of registering the image password, The system control unit 23 of the host computer 2 also executes the processes of steps S51 to S54.

  When the customer selects any menu (step S5: YES), the system control unit 18 of the ATM terminal 1 transmits an image password authentication request to the host computer (step S31).

  When receiving the image password authentication request (step S81), the system control unit 23 of the host computer 2 reads out image data for genre selection from the storage unit 22 as shown in FIG. 15 (step S57). It transmits to the ATM terminal 1 (step S58).

  When the system control unit 18 of the ATM terminal 1 receives the image data for genre selection (step S11), the genre selection screen is displayed as in the case of registering the image password, and the genre ID of the genre selected by the customer is displayed on the host computer. 2 (steps S12 to S14).

  Upon receiving the genre ID (step S59), the system control unit 23 of the host computer 2 determines whether the genre ID is correct (step S82). Specifically, after reading the password ID corresponding to the customer ID from the customer ID management DB 22c, the password management information corresponding to the password ID is read from the password management DB 22d, and corresponds to the object registered in the password management information. After the genre ID is read from the image DB 22b, it is determined by determining whether the genre ID matches the received genre ID.

  If the genre ID is correct (step S82: YES), the system control unit 23 generates display pattern data based on the password management information read from the password management DB 22d (step S83). Specifically, the display pattern of the block in which the same image ID and display position as the selected block information registered in the password management information is associated is generated, and the number of blocks to be displayed, the display order of the blocks, etc. For the remaining blocks, the number of objects to be displayed, the image ID of the object to be associated, the display position of each object in the block, etc. are randomly determined (or the patterns stored in advance in the storage unit 22 are randomly selected) Display pattern data is generated). That is, a display pattern similar to that at the time of registration is generated for the block selected when the customer registered the image password, and a display pattern is randomly generated for the other blocks.

  On the other hand, if the genre ID is not correct (step S82: NO), the system control unit 23 determines that the person operating the ATM terminal 1 is not the customer himself and generates dummy display pattern data (step). S84). For example, display pattern data may be generated in a random combination, or display pattern data in a predetermined combination may be generated.

  In any case, the system control unit 23 then transmits the generated display pattern data and image data to the ATM terminal 1 (step S61).

  Upon receiving the display pattern data and the image data (step S15), the system control unit 18 of the ATM terminal 1 displays the block image and displays the object operation screen for the block selected by the customer, as in the case of registering the image password. Display and change the display state of the object selected and moved by the customer. This is repeated until the password confirmation button 201 is selected (step S16, steps S17 to S24 in FIG. 17).

  However, the system control unit 18 does not transmit the image ID of the selected object, the display position information of the selected block, and the motion information at this stage, and after the password confirmation button 201 is selected (step S24: YES), the password information is sent to the host computer 2 as a batch (step S32).

  Upon receiving the password information (step S85), the system control unit 23 of the host computer 2 performs customer authentication processing by comparing (comparing) the password information with the password management information (step S86). Specifically, for example, the first image ID and the motion information and the password management information (the registered order is the first) in which the password information is first (the order in which the manipulation (the display state is changed) is first) ), The display position information of the block having the display pattern that matches the first selected block information of the password management information is acquired from the display pattern information, and the display position information and the password information are acquired. Is compared with the first display position information. And if these match, this time, the second and subsequent comparisons are made in the same way. If all the information matches, it is determined that the customer is a legitimate customer, and if any of the information does not match, the legitimate customer is judged. Determine that it is not a customer. For example, when the coordinate sequence of the trajectory when the object moves is used as the motion information, it is not only when the information completely matches, but it can be determined that almost the same trajectory is drawn. If the ranges are different, it may be determined that they match.

  Next, the system control unit 23 transmits the authentication result to the ATM terminal 1 (step S87) and ends the process.

  When the system control unit 18 of the ATM terminal 1 receives the authentication result (step S33), the system control unit 18 determines whether or not it is authenticated as an authorized customer (step S34). (Step S34: YES), the process according to the menu selected by the customer is executed (Step S35), and if it is authenticated that the customer is not a legitimate customer (Step S34: NO), for example, “Enter the correct password. Please display "or the like to end the process.

  As described above, according to the present embodiment, the system control unit 18 of the ATM terminal 1 displays an object on the display operation unit 16, and based on the operation information input from the display operation unit 16, the user can The display state of the operated object is changed, and the system control unit 23 of the host computer 2 indicates the image ID of the object whose display state has been changed and the motion information indicating the change contents of the display state in association with each other. The image password is registered in a database built in the storage unit 22 or is compared with the user image password registered in the storage unit 22 to authenticate the user.

  Therefore, the act of manipulating and moving such an object is easy for the customer to understand, and the customer himself can easily remember the image password. In order to steal the operation, the user must look from the beginning to the end of the operation. Therefore, leakage of the image password can be prevented. Moreover, since the act of manipulating and moving an object is easy for a child to learn, it is effective for teaching the child the significance of security. Moreover, since it is difficult to forget the image password, it is also effective for the elderly.

  The system control unit 23 of the host computer 2 generates display pattern data by associating one or more objects with each of a plurality of blocks, and the system control unit 18 of the ATM terminal 1 generates the display pattern data based on the display pattern data. A block is displayed on the screen, the corresponding object is displayed inside the block, and the change in the display state of the object is changed within the block in which the object is displayed. The user can easily recognize blocks, objects, etc. to be selected and operated by seeing the pattern displayed, and the customer can easily remember the image password even when many objects are displayed. At the same time, it becomes more difficult for a third party to remember the image password.

  Furthermore, since the system control unit 23 of the host computer 2 can change the display position of the block included in the display pattern data every time the display pattern data is generated, a third party can remember the image password. However, if the customer knows the display pattern of the block selected at the time of registration, the customer will never forget the image password even if the display position of the block changes.

  Further, the system control unit 18 of the ATM terminal 1 includes information for specifying a block corresponding to the operated object in the image password, and the system control unit 23 of the host computer 2 generates display pattern data. Sometimes, with the exception of the block indicated by the selected block information in the password management information, the associated object is changed each time to create display pattern data, which makes it more difficult for a third party to remember the image password, As long as the customer knows the display pattern of the block selected at the time of registration, the customer will not forget the image password even if the display position of the block changes.

  Furthermore, the object is an image that expresses things that can be clearly recognized by the customer, and the change in the display state of the object by the operation of the customer is content that is consistent with the things that the object expresses. Because there is, it is easier for customers to remember image passwords.

  Furthermore, the customer can operate the object a plurality of times, and the system control unit 23 of the host computer 2 can obtain the image password and the display state obtained each time the display state of the object is changed by the operation. Since the authentication process or the like is performed based on the order of changes, it is possible to register a long image password, and it becomes more difficult for a third party to remember the image password.

  In the embodiment described above, the display pattern data is generated by changing the number of blocks to be displayed on the screen, the number of objects for each block, the display pattern of the objects for each block, the display position of the blocks, etc. However, some or all of these may be set to fixed values.

  Further, the length of the image password (the number of times the customer operates the object to change the display state of the object) may be set to a fixed value instead of being variable.

  In the above embodiment, the object operation screen is displayed after the user selects a block on the block selection screen, and the user selects and operates the object on the object operation screen. An object may be directly selected and operated on a considerable screen.

  Further, the screen constituents to be displayed on the screen are not limited to images such as objects, but may be things that can be visually recognized by humans, for example, characters and symbols. As the change of the display state in this case, for example, movement and rotation of characters, change of character color, change of font design, rearrangement, addition and deletion of muddy points, addition and deletion of underline, etc. can be performed.

  Moreover, although this embodiment demonstrated the case where this application was applied with respect to the automatic teller payment system, it is not restricted to this, For example, you may apply to the user authentication in a web site etc.

  Further, the present invention can be applied to a stand-alone environment that does not use a server or the like. For example, the authentication unit may be applied to login authentication when starting an information processing terminal such as a personal computer, or an authentication unit connected to an external device (for example, a USB (Universal Serial Bus) memory) that can be connected to the information processing terminal. Or a storage unit for storing authentication information, and connecting the external device to the information processing terminal and performing user authentication by linking the two devices.

  Further, for example, the present invention may be applied to a case where an external communication device (for example, a wireless LAN (Local Area Network) communication card) is connected to an information processing terminal and user authentication is performed in cooperation with a server or the like by wireless communication. .

  In addition, for example, in a toy device for children equipped with a video game device, a display, or the like, for example, information related to the user is stored in the device, and the information stored in the device is used by authenticating the user. The present invention can also be applied to the case of playing games, and is very effective for children who play using the equipment.

It is a figure which shows an example of schematic structure of the automatic teller payment system S which concerns on this embodiment. 6 is a diagram illustrating an example of a genre selection screen displayed on the display operation unit 16. FIG. 6 is a diagram illustrating an example of a block selection screen displayed on the display operation unit 16. FIG. 6 is a diagram illustrating an example of an object operation screen displayed on the display operation unit 16. FIG. It is a figure which shows the example of a change of the display state of the said image when the object displayed on the display operation part 16 is moved based on operation of a customer. It is a figure which shows the example of a change of the display state of the said image when the object displayed on the display operation part 16 is moved based on operation of a customer. It is a figure which shows an example of the customer information memorize | stored in customer information DB22a. It is a figure which shows an example of the image management information memorize | stored in image DB22b. It is a figure which shows an example of the customer ID management information memorize | stored in customer ID management DB22c. It is a figure which shows an example of the password management information memorize | stored in password management DB22d. It is a flowchart which shows the process example at the time of the image password registration of the automatic teller payment system S which concerns on this embodiment. It is a flowchart which shows the process example at the time of the image password registration of the automatic teller payment system S which concerns on this embodiment. It is a flowchart which shows the process example at the time of the image password registration of the automatic teller payment system S which concerns on this embodiment. It is a flowchart which shows the process example at the time of the customer authentication of the automatic teller payment system S which concerns on this embodiment. It is a flowchart which shows the process example at the time of the customer authentication of the automatic teller payment system S which concerns on this embodiment. It is a flowchart which shows the process example at the time of the customer authentication of the automatic teller payment system S which concerns on this embodiment.

Explanation of symbols

DESCRIPTION OF SYMBOLS 1 ATM terminal 2 Host computer 11 Communication part 12 Card reading part 13 Passbook handling part 14 Cash handling part 15 Operation part 16 Display operation part 17 Storage part 18 System control part 19 System bus 21 Communication part 22 Storage part 22a Customer information DB
22b Image DB
22c Customer ID management DB
22d Password management DB
23 System Control Unit 24 System Bus S Automatic Deposit System NW Network

Claims (14)

In a user authentication system that performs user authentication processing,
Display means for displaying at least one or more screen components on the screen;
An input means for inputting the operation content of the user with respect to the screen composition as operation information;
Change means for changing a display state of the screen composition based on the input operation information;
As a result of comparison between the screen composition change information indicating the screen composition whose display state has been changed and the change content in association with each other, and the screen composition change information stored in advance as authentication information in the storage unit A user authentication system comprising authentication means for performing authentication processing based on the authentication means. The user authentication system according to claim 1,
The user authentication system includes an operation terminal operated by a user and a server that performs user authentication processing,
The operation terminal is
The display means, the input means and the changing means,
The server device
A user authentication system comprising the authentication means. In a user authentication system comprising an operation terminal operated by a user and a server that performs user authentication processing,
The operation terminal is
Display means for displaying at least one or more screen components on the screen;
An input means for inputting the operation content of the user with respect to the screen composition as operation information;
Changing means for changing the display state of the screen composition based on the input operation information,
The server device
A user authentication system comprising: storage control means for storing screen composition change information indicating the screen composition whose display state has been changed and the change content in association with each other as authentication information in a storage means. In the user authentication system according to claim 2 or 3,
The server
Further comprising generating means for generating pattern information indicating a display pattern of the screen composition by associating at least one screen composition with each of a plurality of areas on the screen of the operation terminal;
The display means provides the plurality of areas on the screen based on the pattern information generated by the server and displays the corresponding screen components on the areas, respectively.
The change means changes the display state of each screen composition within the area associated with the screen composition. The user authentication system according to claim 4, wherein
The user authentication system characterized in that the generation means can generate the pattern information by changing the position on the screen for at least one of the plurality of areas each time. In the user authentication system according to claim 4 or 5,
The screen composition change information includes area specifying information for specifying the area associated with the screen composition,
The generating means associates the screen constituent to be associated with each other at least one of the areas excluding the area specified by the area specifying information included in the screen constituent change information stored in the storage means. A user authentication system, wherein the pattern information can be generated by changing. The user authentication system according to any one of claims 1 to 6,
The screen composition is an image representing a certain thing so that the user can recognize it,
The change content of the display state of the image by the change means is a change content that matches the thing represented by the image. A user authentication method in a user authentication system comprising an operation terminal operated by a user and a server that performs user authentication processing,
The operation terminal displaying at least one or more screen components on a screen;
The operation terminal changing a display state of the screen composition based on operation information indicating a user's operation content on the screen composition input from an input unit;
The server apparatus displays screen composition change information indicating the screen composition whose display state has been changed and the content of the change in association with each other; screen composition change information stored in advance as authentication information in a storage unit; A process of performing an authentication process based on the comparison result of
A user authentication method comprising: A user authentication method in a user authentication system comprising an operation terminal operated by a user and a server that performs user authentication processing,
The operation terminal displaying at least one or more screen components on a screen;
The operation terminal changing a display state of the screen composition based on operation information indicating a user's operation content on the screen composition input from an input unit;
The server device storing screen composition change information indicating the screen composition whose display state has been changed and the change content in association with each other as authentication information in a storage unit;
A user authentication method comprising: An operation terminal included in the user authentication system according to any one of claims 2 to 7,
A terminal device comprising the display means, the input means, and the changing means. A server included in the user authentication system according to claim 2,
A server comprising the authentication means. A server included in the user authentication system according to claim 3,
A server comprising the storage control means. Computer
An operating terminal program that functions as the operating terminal according to claim 10. Computer
13. A server program that functions as the server according to claim 11 or 12.

Images