WO2026038570A1 - Dispositif d'authentification et procédé et programme informatique associés - Google Patents

Dispositif d'authentification et procédé et programme informatique associés

Info

Publication number
WO2026038570A1
WO2026038570A1 PCT/JP2025/028658 JP2025028658W WO2026038570A1 WO 2026038570 A1 WO2026038570 A1 WO 2026038570A1 JP 2025028658 W JP2025028658 W JP 2025028658W WO 2026038570 A1 WO2026038570 A1 WO 2026038570A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
user
personal information
time password
authentication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
PCT/JP2025/028658
Other languages
English (en)
Japanese (ja)
Inventor
宇利 中村
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
NTI Inc
Original Assignee
NTI Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by NTI Inc filed Critical NTI Inc
Publication of WO2026038570A1 publication Critical patent/WO2026038570A1/fr
Pending legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication

Definitions

  • the present invention relates to authentication technology for verifying whether personal information provided by a user is correct.
  • a common number system known as the "My Number" system in Japan, is used in various countries for such purposes.
  • the common number system assigns a unique number (this is the common number.
  • a common number is a string of at least one of numbers, letters, and symbols, or a combination of these) to every citizen (user) of that country, and links the user's personal information to that common number.
  • the personal information linked to the common number differs depending on the system design of each country, but typical examples include name, gender, date of birth, and address.
  • the common number system will be operated as follows: In countries that adopt a common number system, an authentication device is installed.
  • the authentication device is generally configured as a server device.
  • the server device has a database configured as a recording medium, and the database stores each user's common number and multiple types of personal information about each user in a linked state.
  • the authentication device is capable of communicating with a device (let us call this device the "requesting device") managed by a party that needs to authenticate the authenticity of the user's personal information (in the above example, the city hall). This communication may be realized by a dedicated line, the Internet, or another network.
  • the user hands over the user's personal information and the common number to a party who needs to authenticate the authenticity of the user's personal information (in the above example, the city hall).
  • the user writes their name and address, which are examples of personal information, on the above-mentioned document and hands it over to a city hall official.
  • the user also hands over the common number to the city hall official.
  • the method of handing over the common number is up to the user.
  • the user can hand over a card with the common number printed on it or a card with an IC chip with the common number recorded on it to the city hall official, or the user can hand over the common number to the city hall official by further writing the common number on the above-mentioned document containing personal information and handing it over to the city hall official.
  • a person who needs to authenticate the authenticity of a user's personal information sends the common number of the received personal information and common number to the authentication device via the requesting device.
  • the authentication device then reads the personal information that was linked to the common number received from the requesting device and recorded in the database, and sends the read personal information to the requesting device. For example, the authentication device sends all of the personal information that was linked to the common number in the database to the requesting device.
  • the authentication device if the requesting device has previously sent an instruction, along with the common number, from the authentication device specifying which of the personal information (e.g., name, gender, date of birth, or address) to return to the requesting device, the authentication device reads the personal information requested by the requesting device that was linked to the common number received from the requesting device and recorded in the database, and returns the read personal information to the requesting device.
  • the person managing the requesting device can determine whether the personal information provided by the user is correct by comparing the personal information sent from the authentication device with the personal information provided by the user.
  • the above-mentioned personal information authentication using a common number unique to each user is used not only by public organizations such as the city hall mentioned above, but also by private companies.
  • a method of using the common number is in practical use, whereby a private bank checks whether or not the personal information of a customer is correct by making an inquiry to an authentication device using the common number.
  • the common number is a unique character string assigned to each user.
  • the common number is fixed. Therefore, if the common number is stolen by a malicious third party, the user's personal information linked to the common number may be stolen by the third party.
  • the conventional authentication device returns personal information to the requesting device that sent the common number.
  • a malicious third party who has stolen the common number can obtain the personal information of a desired user from the authentication device by using the authentication device's function of returning personal information, without having to hack into the database of the authentication device which stores a large number of users' common numbers and personal information linked to each other. If the malicious third party can make the device they use pretend to be the requesting device, they can obtain the personal information of a desired user from the authentication device.
  • the present invention aims to solve the problem of theft of a user's personal information, which is inherent in an authentication device that authenticates a user's personal information in response to a request from a requesting device, and which occurs when a unique common number assigned to the user is stolen.
  • an object of the present invention is to provide an authentication device that can authenticate a user's personal information in response to a request from a requesting device while minimizing the risk of theft of the user's personal information.
  • the present invention is an authentication device that combines a user terminal, a portable device including a computer that is possessed by a user and is capable of generating one-time password data, which is data about a one-time password that is a unique string of characters that will be identical when generated under the same conditions based on an initial value unique to each user, with a requesting device, a device including a computer, that requests authentication of the validity of personal information, which is information of multiple types relating to the user who possesses the user terminal, to authenticate the validity of the personal information in response to a request from the requesting device.
  • the authentication device of the present invention constitutes an authentication system by combining a user terminal possessed by a user with a requesting device that requests authentication of the authenticity of personal information.
  • the requesting device is similar to the requesting device described in the Background Art section and is installed in organizations that require authentication of users' personal information, such as city halls and banks.
  • the user terminal is a device possessed by the user, typically a smartphone.
  • the user terminal is capable of generating one-time password data, which is data about one-time passwords, which are unique character strings generated under the same conditions based on an initial value unique to each user.
  • the one-time password is a sequence of appropriate characters, such as letters and numbers, and symbols.
  • Each user terminal is capable of generating a unique one-time password based on its own unique initial value.
  • One-time passwords generated by each user terminal will be identical if generated under the same conditions. In other words, the one-time passwords generated by each user terminal are pseudo-random numbers.
  • the authentication device links and records personal information data, which is data about the multiple types of personal information of the user, and solutions, which are the initial values or values generated from the initial values, for each of the users, and includes a recording unit in which one of the personal information data is user ID data, which is data about a user ID, which is a unique identifier for each user that distinguishes each user from other users, a first communication unit that sends and receives specified data to and from the user terminal, a second communication unit that sends and receives specified data to and from the requesting device, and a calculation unit that processes information.
  • personal information data is data about the multiple types of personal information of the user
  • solutions which are the initial values or values generated from the initial values
  • the arithmetic device is configured to generate the one-time password data by the same method as that used by the user terminal, based on the initial value or solution linked to the user ID received from the first communication unit, read from the recording unit, when the first communication unit receives data including at least the user ID data sent from the user terminal, and when the second communication unit receives the one-time password data and personal information data sent from the requesting device and generated by the user terminal of the user who sent the user ID data and handed over to the requesting device by the user, and
  • the authentication device performs an OTP determination as to whether the one-time password data matches the one-time password data generated by the authentication device, and a personal information determination as to whether the personal information data received by the second communication unit matches the user ID of the user that should be linked to the personal information data or the personal information data that has been linked to the user ID and recorded in the recording unit. If both the OTP determination and the personal information determination results are positive, authentication data indicating that the personal information data sent from the requesting device is legitimate is generated, and the generated
  • the authentication device includes a recording unit, a first communication unit, a second communication unit, and a computing unit.
  • the recording unit records personal information data, which is data about personal information for each user.
  • the personal information data for the same user is stored in a linked state.
  • the user ID is a unique identifier for each user that distinguishes each user from other users.
  • the user ID can be a string of appropriate characters and symbols, such as alphabets and numbers.
  • the user ID is fixed and does not change.
  • personal information other than the user ID can include at least one of the user's name, gender, date of birth, address, and facial photograph.
  • the personal information data for these can be data for identifying the user's name, gender, date of birth, address, and facial photograph.
  • the recording unit also records initial values or solutions, which are values generated from the initial values, linked to each user. In other words, the recording unit records the user ID for each user and the initial values or solutions for generating one-time passwords in a linked state.
  • the authentication device or more specifically the computing device in the authentication device, is able to generate the same one-time password as is generated at each user terminal.
  • the first communication unit is a communication unit for communicating with a user terminal.
  • the second communication unit is a communication unit for communicating with a requesting device.
  • the communication between the first communication unit and the user terminal and the communication between the second communication unit and the requesting device may be the same type of communication or different types of communication.
  • the former may be communication using the Internet or another network, and the latter may be communication using a dedicated line.
  • the first communication unit may also serve as the second communication unit.
  • the arithmetic device is a computing device that performs information processing. Typically, it is a CPU (central processing unit). The arithmetic device executes the processes described below (or has the functions described below).
  • the arithmetic device may, and generally does, execute the processes described below based on a computer program recorded in a recording device (e.g., a large-capacity recording device such as a hard disk drive (HDD) or a solid state drive (SSD) or a memory) included in the authentication device.
  • a recording device e.g., a large-capacity recording device such as a hard disk drive (HDD) or a solid state drive (SSD) or a memory
  • HDD hard disk drive
  • SSD solid state drive
  • the arithmetic unit of the authentication device executes the following process.
  • user ID data is sent from the user terminal to the authentication device.
  • user ID data is sent from the user terminal to the authentication device, other data may also be sent to the authentication device.
  • the user ID data sent from the user terminal is received by a first communication unit of the authentication device.
  • the calculation device generates one-time password data using the same method as that used to generate the password in the user terminal, based on the initial value or solution linked to the user ID received from the first communication unit and read from the recording unit.
  • the one-time password data generated in this manner will be identical to the one-time password data generated in the user terminal that sent the user ID, unless there is any particular fraudulent activity.
  • One-time passwords that can be generated by the authentication device are basically unique, but this uniqueness does not need to be perfect; it is sufficient if uniqueness is guaranteed to a degree that does not affect the result of the OTP determination described below.
  • the authentication device may perform a procedure to authenticate the legitimacy of the user terminal. For this authentication, user ID data sent from the user terminal to the authentication device may be used, or other data sent together with the user ID data may be used.
  • the user Before or after transmitting user ID data from the user terminal to the authentication device, the user passes one-time password data and personal information data to the requesting device or its administrator.
  • the one-time password data is one-time password data generated on the user terminal.
  • the one-time password data and personal information data may or may not be passed from the user to the requesting device or its administrator in electronic data format.
  • the one-time password data and personal information data are passed in electronic data format, it is generally considered that the data is passed from the user terminal to the requesting device.
  • the user can, for example, write the one-time password and personal information on a specified piece of paper and deliver that paper to the administrator of the requesting device. In this case, the one-time password and personal information do not need to be written on the same piece of paper.
  • the one-time password data and personal information data can be delivered in a format other than electronic data by the user verbally informing the administrator of the requesting device.
  • the user can deliver either the one-time password data or the personal information data in electronic data format and the other in a format other than electronic data to the requesting device or its administrator.
  • the one-time password data and personal information data are passed from the user to the requesting device or its administrator.
  • the one-time password data and personal information data are sent from the requesting device to the authentication device.
  • the one-time password data and personal information data are received by the second communication unit of the authentication device.
  • the calculation unit in the authentication device executes an OTP judgment and a personal information judgment.
  • the OTP judgment is a judgment as to whether the one-time password data (or the one-time password specified by the data) received by the second communication unit matches the one-time password data (or the one-time password specified by the data) generated by the calculation device. If the two match, and if at least the one-time password sent from the requesting device matches the one-time password generated by the authentication device immediately before that (for example, a predetermined period before the timing at which the OTP judgment is made), the calculation device makes a positive judgment.
  • the personal information determination is a determination as to whether the personal information data received by the second communication unit matches the user ID of the user that should be linked to the personal information or the personal information that has been linked to the user ID and recorded in the recording unit (i.e., the personal information of the user that has transmitted the one-time password data to the authentication device via the requesting device, including the user ID). If the two match, the calculation device makes a positive determination. The computing device then performs an OTP verification and a personal information verification.
  • both verification results are positive, i.e., if the one-time password sent from the requesting device matches the one-time password generated in the authentication device based on the initial value for the user terminal that most recently sent the user ID, and if the personal information sent from the requesting device matches the personal information previously recorded in the authentication device's recording unit as the personal information of the user who sent the one-time password data to the authentication device via the requesting device, the computing device generates authentication data indicating that the personal information data sent from the requesting device is legitimate. This authentication data is then transmitted from the authentication device to the requesting device.
  • This authentication data is data "indicating that the personal information data sent from the requesting device is legitimate" and need not contain any further information.
  • the authentication data does not, in particular, contain any information that could lead to the identification of the user's personal information. In other words, the authentication data is information unrelated to personal information.
  • a requesting device sends one-time password data and personal information data provided by a user to the authentication device. Even if the one-time password data is stolen by a malicious third party during transmission, the one-time password can only be used once when the requesting device requests authentication of personal information from the authentication device, and therefore the possibility of the stolen one-time password being misused is extremely low. Furthermore, even if personal information data is stolen by a malicious third party during transmission, the personal information identified by the personal information data while it is being transmitted from the requesting device to the authentication device may be correct or incorrect because it is information prior to authentication by the authentication device.
  • the data sent from the authentication device to the requesting device is authentication data, as described above, and this authentication data is simply data "indicating that the personal information data sent from the requesting device is legitimate."
  • the authentication data can be made to not include any information that could lead to the identification of the user's personal information, in other words, information unrelated to personal information.
  • this authentication device is capable of outputting authentication data, which is data indicating that the personal information data sent from the requesting device is legitimate (it may also be capable of outputting what might be called non-approval data, which is data indicating that the personal information data sent from the requesting device is not legitimate, since this data is also unrelated to the user's personal information), the authentication device does not have a mechanism for transmitting personal information from the authentication device to the requesting device.
  • a malicious third party cannot extract a user's personal information from the authentication device by, for example, inputting some data into the authentication device from a device operated by the malicious third party disguised as the requesting device and causing it to output the data.
  • a malicious third party In order for a malicious third party to extract personal information from this authentication device, they would need to perform so-called hacking, i.e., infiltrate the recording unit of the authentication device and steal the data recorded in the recording unit. Therefore, although it naturally depends on the security technology applied to the authentication device to prevent hacking, it is generally difficult in principle for a malicious third party to steal a user's personal information from the authentication device of the present invention.
  • the personal information data sent from the requesting device to the authentication device along with the one-time password data may be multiple types of data relating to multiple types of personal information.
  • the computing device may be configured to execute the OTP determination and the personal information determination when the second communication unit receives the one-time password data and the multiple types of personal information data sent from the requesting device, and the personal information determination may be configured to determine whether the multiple types of personal information data received by the second communication unit match the user ID of the user that should be linked to the personal information data or all of the multiple types of personal information data linked thereto and recorded in the recording unit, and the determination result may be positive if all of the multiple types of personal information data received by the second communication unit match the multiple types of personal information data recorded in the recording unit.
  • the personal information determination may be configured to result in a positive decision only if all of the multiple types of personal information data sent from the requesting device match the same types of personal information data for that user that was recorded in the recording unit.
  • the calculation device may be configured to perform the OTP judgment and the personal information judgment when the second communication unit receives the one-time password data and the multiple types of personal information data sent from the requesting device, and in the personal information judgment, a judgment is made individually for each piece of personal information as to whether the multiple types of personal information data received by the second communication unit matches the user ID of the user that should be linked to the personal information data or all of the multiple types of personal information data that are linked to the user ID and recorded in the recording unit, and if the result of the OTP judgment is positive, the authentication data may be generated for each piece of personal information for which the result of the personal information judgment is positive.
  • personal information judgment is performed individually for each of the multiple personal information data sent from the requesting device, and authentication data may also be generated individually for each of the multiple
  • the authentication device may or may not be configured as a single physical device.
  • the authentication device may be configured as a single server device, or may be configured as multiple server devices.
  • the authentication device includes a computing device and a recording unit.
  • the computing device may be included in one device (the first authentication device or a server device), and the recording unit may be included in another device (the second authentication device or another server device).
  • the one device and the other devices constituting the authentication device do not need to be managed by the same person.
  • the one device and the other devices constituting the authentication device may be located in remote locations and may be able to communicate with each other.
  • the present inventors also propose a method executed by the authentication device as one aspect of the present invention, the effects of which are equal to those of the authentication device.
  • One example of such a method is a method executed by a computing device that performs information processing, and includes a recording unit, a first communication unit that transmits and receives predetermined data to and from the user terminal, a second communication unit that transmits and receives predetermined data to and from the requesting device, and an information processing device that performs information processing, and a requesting device that includes a computer and that requests authentication of the validity of personal information, which is multiple types of information about the user who possesses the user terminal.
  • the authentication device authenticates the validity of the personal information in response to a request from the requesting device, and records personal information data, which is data about the multiple types of personal information about the user, and the initial values or solutions, which are values generated from the initial values, in association with each other for each user, and one of the personal information data is user ID data, which is data about a user ID, which is an identifier unique to each user that distinguishes each user from other users.
  • the method includes a recording unit, a first communication unit that transmits and receives predetermined data to and from the user terminal, a second communication unit that transmits and receives predetermined data to and from the requesting device, and an information processing device that performs information processing, and a information processing device.
  • the method includes the following steps, which are executed by the computing device:
  • the process includes a step of generating the one-time password data by the same method as that used by the user terminal, based on the initial value or solution linked to the user ID received from the first communication unit and read from the recording unit when the first communication unit receives data including at least the user ID data sent from the user terminal; and a step of generating the one-time password data by the same method as that used by the user terminal, based on the initial value or solution linked to the user ID received from the first communication unit, read from the recording unit when the second communication unit receives the one-time password data and personal information data sent from the requesting device and generated by the user terminal of the user who sent the user ID data and handed over to the requesting device by the user who sent the user ID data.
  • the inventors of the present application also propose, as one aspect of the present invention, a computer program for causing a general computer device, such as a server device, to function as the authentication device of the present application.
  • a general computer device such as a server device
  • the effects of such a computer program are the same as those of the authentication device of the present application, and the effect of causing a general computer device to function as the authentication device of the present application is also an effect of such a computer program.
  • An example of a computer program according to the present invention is a computer program for causing a specified computer device to function as an authentication device, comprising: a user terminal, a portable device including a computer possessed by a user, capable of generating one-time password data, which is data about one-time passwords that are unique strings based on an initial value unique to each user, so that one-time passwords generated under the same conditions will be identical; and a requesting device, a device including a computer, that requests authentication of the validity of personal information, which is multiple types of information about the user possessing the user terminal.
  • the computer program authenticates the validity of the personal information in response to a request from the requesting device, and records personal information data, which is data about the multiple types of personal information of the user, and the initial values or solutions, which are values generated from the initial values, linked to each of the users, one of the personal information data being user ID data, which is data about a user ID, which is an identifier unique to each user that distinguishes each user from other users.
  • the computer program causes the arithmetic unit to perform a process of generating the one-time password data by the same method as that used by the user terminal, based on the initial value or solution linked to the user ID received from the first communication unit and read from the recording unit, when the first communication unit receives data including at least the user ID data sent from the user terminal; and a process of generating the one-time password data by the same method as that used by the user terminal, based on the initial value or solution linked to the user ID received from the first communication unit, when the first communication unit receives data including at least the user ID data sent from the user terminal, based on the initial value or solution read from the recording unit and linked to the user ID received from the first communication unit, when the second communication unit receives the one-time password data and personal information data sent from the requesting device, generated by the user terminal of the user who sent the user ID data, and handed over to the requesting device by the user who sent the user ID data.
  • the device executes an OTP judgment as to whether the received one-time password data matches the one-time password data generated by the authentication device, and a personal information judgment as to whether the personal information data received by the second communication unit matches the user ID of the user that should be linked to the personal information data or the personal information data that has been linked to the user ID and recorded in the recording unit, and if both the OTP judgment and the personal information judgment results are positive, generates authentication data indicating that the personal information data sent from the requesting device is legitimate, and returns the generated authentication data from the second communication unit to the requesting device.
  • FIG. 1 is a diagram showing the overall configuration of an authentication system including an authentication device according to an embodiment.
  • FIG. 2 is a diagram showing the appearance of a user terminal included in the authentication system shown in FIG. 1 .
  • FIG. 2 is a diagram showing the hardware configuration of a user terminal included in the authentication system shown in FIG. 1 .
  • 2 is a block diagram showing functional blocks generated within a user terminal included in the authentication system shown in FIG. 1 .
  • 2 is a block diagram showing functional blocks generated inside an authentication device included in the authentication system shown in FIG. 1;
  • FIG. 6 is a diagram conceptually showing the contents of data recorded in the personal information recording unit shown in FIG. 5 .
  • 2 is a block diagram showing functional blocks generated within a requesting device included in the authentication system shown in FIG.
  • FIG. 1; 2 is a sequence diagram showing the flow of processing executed when personal information of a user is authenticated by the authentication system shown in FIG. 1 .
  • 2 is a diagram showing an example of an image displayed on a display of a user terminal when personal information of a user is authenticated by the authentication system shown in FIG. 1 .
  • 2 is a diagram showing an example of an image displayed on a display of a user terminal when personal information of a user is authenticated by the authentication system shown in FIG. 1 .
  • FIG. 1 shows an outline of the overall configuration of an authentication system according to this embodiment.
  • This authentication system is a system that can determine the validity of a user's personal information.
  • the user can be, for example, all citizens.
  • the authentication system can be used to achieve the same purpose as the common number system, and the authentication device included in the authentication system, which will be described later, plays a central role.
  • the authentication system is composed of multiple user terminals 100-1 to 100-N (hereinafter, each user terminal may be simply referred to as a "user terminal 100"), an authentication device 200, and multiple requesting devices 300-1 to 300-n (hereinafter, each user terminal may be simply referred to as a "requesting device 300").
  • user terminals 100-1 to 100-N and authentication device 200 are capable of communicating with each other.
  • requesting devices 300-1 to 300-n and authentication device 200 are capable of communicating with each other.
  • user terminals 100-1 to 100-N, authentication device 200, and request devices 300-1 to 300-n are all connectable to network 400, and the above-described communications can be performed via network 400.
  • network 400 is the Internet, but it may also include other networks, such as a local area network (LAN).
  • LAN local area network
  • the above-described communications for example, communications between request devices 300-1 to 300-n and authentication device 200, may be performed via a dedicated line, rather than via network 400.
  • Communications via network 400 using the Internet or the like, as well as communications not via network 400 using dedicated lines or the like, are both publicly known or well-known, and the above-described communications can be realized using these publicly known or well-known communications.
  • the user terminal 100 is an example of a user terminal of the present invention
  • the request device 300 is an example of a request device of the present invention
  • the authentication device 200 is an example of an authentication device of the present invention.
  • the authentication device 200 is configured as a server device when viewed as hardware, but the authentication device 200 does not have to be configured as a physically integrated device.
  • the authentication device 200 includes a CPU (a processing unit) as an example of a computing device and a personal information recording unit (a recording unit) as an example of a recording unit of the present invention, as described below.
  • the CPU may be included in one device (a server device, or a first authentication device of the present invention) and the personal information recording unit may be included in another device (another server device, or a second authentication device of the present invention).
  • the devices constituting the authentication device may be managed by the same person, but this is not required.
  • the devices constituting the authentication device may be located remotely from each other and be able to communicate with each other.
  • the authentication device 200 can be configured by combining multiple computer devices that can communicate with each other.
  • requesting device 300 is generally configured as a computer device, for example, a general-purpose personal computer device.
  • a user of this authentication system is a person who is required to hand over personal information of the user to the administrator of requesting device 300 in response to a request from the administrator of requesting device 300, for example.
  • requesting device 300 is a device managed by a party that needs to know whether the personal information of the user provided by the user is correct or not. Parties that need to know whether the personal information of the user is correct or not include, for example, the counters of city halls, metropolitan government offices, and other public organizations, as well as private companies such as banks and mobile phone companies.
  • the user terminal 100 is owned by each user.
  • the user terminal 100 includes a computer.
  • the user terminal 100 may be a mobile phone, smartphone, tablet, laptop, wearable device, or the like.
  • a smartphone or tablet is particularly preferable for use as the user terminal 100.
  • An example of a smartphone is the iPhone manufactured and sold by Apple Japan LLC.
  • An example of a tablet is the iPad manufactured and sold by Apple Japan LLC.
  • the following discussion will be based on the assumption that the user terminal 100 is a smartphone, although this is not limited to this.
  • the user terminal 100 in this embodiment must be capable of at least receiving data, but may also be capable of transmitting data. Since the user terminal 100 in this embodiment is a smartphone, it is naturally capable of both receiving and transmitting data.
  • each user terminal 100-1 to 100-N is the same in relation to the present invention.
  • the user terminal 100 includes a display 101.
  • the display 101 is for displaying still images or moving images, and may be a publicly known or well-known display.
  • the display 101 may be, for example, a liquid crystal display or an organic electroluminescence (EL) display.
  • the user terminal 100 also includes an input device 102.
  • the input device 102 is used by the user to input desired information into the user terminal 100.
  • the input device 102 may be a publicly known or well-known display.
  • the input device 102 of the user terminal 100 is a button-type device, but is not limited to this.
  • a numeric keypad, keyboard, trackball, mouse, speech-to-text input device, tap key, or the like may also be used.
  • the input device 102 may often be an external device such as a keyboard, mouse, or tapping switch.
  • the user terminal 100 is still considered to include the input device 102.
  • the display 101 is a touch panel, the display 101 also functions as the input device 102, which is the case in this embodiment.
  • the data input from the input device 102 will be described in detail later, but for example, there is start data that is ultimately sent to the authentication device 200 as will be described later.
  • the hardware configuration of the user terminal 100 is shown in FIG.
  • the hardware includes a CPU (central processing unit) 111, a ROM (read only memory) 112, a RAM (random access memory) 113, and an interface 114, which are interconnected by a bus .
  • the CPU 111 is a computing device that performs calculations or information processing.
  • the CPU 111 executes the processes described below by executing a computer program stored in, for example, the ROM 112 or the RAM 113.
  • the hardware may include a hard disk drive (HDD), a solid state drive (SSD), or other large-capacity storage device connected to the bus 116, and the computer program may be stored in the large-capacity storage device.
  • HDD hard disk drive
  • SSD solid state drive
  • the CPU 111 may also be a graphics processing unit (GPU) or a general purpose computing on GPU (GPGPU) depending on the required processing power. In this application, a so-called CPU is used as the CPU 111 as an example of an embodiment.
  • the computer program referred to here includes at least a computer program for causing the user terminal 100 to execute the processes described below (e.g., processes for causing the user terminal 100 to function as a user terminal according to the present invention). This computer program may be pre-installed in the user terminal 100, or may be post-installed in the user terminal 100. This computer program may be installed in the user terminal 100 via a predetermined recording medium such as a memory card, or via a network such as a LAN or the Internet.
  • the computer program may include data used when the CPU 111 executes information processing in accordance with instructions based on the computer program.
  • the ROM 112 stores computer programs and data necessary for the CPU 111 to execute the processes described below.
  • the computer programs stored in the ROM 112 are not limited to the above, and if the user terminal 100 is a smartphone, the ROM 112 stores computer programs and data necessary for the user terminal 100 to function as a smartphone, for example, for implementing functions such as calling and e-mail.
  • the user terminal 100 is also capable of browsing homepages based on data received via the network 400, and is equipped with a known web browser to enable this.
  • the RAM 113 is a type of memory that provides a work area necessary for the CPU 111 to perform processing.
  • the data stored in the RAM 113 can be rewritten.
  • the RAM 113 may also store (part of) the computer programs and data described above.
  • the CPU 111 executes processing based on the computer programs described below, the computer programs are deployed on the RAM 113.
  • the interface 114 exchanges data between the CPU 111, RAM 113, etc., which are connected via the bus 116, and the outside.
  • the interface 114 is connected to the display 101 and the input device 102.
  • Operational content input from the input device 102 is input from the interface 114 to the bus 116.
  • image data for displaying an image on the display 101 is sent from the bus 116 to the interface 114 and output from the interface 114 to the display 101.
  • the interface 114 is also connected to a transmission/reception mechanism (not shown), which is a well-known means for communicating with the outside via a network 400, i.e., the Internet.
  • a transmission/reception mechanism (not shown), which is a well-known means for communicating with the outside via a network 400, i.e., the Internet.
  • This enables the user terminal 100 to transmit data via the network 400 and receive data via the network 400.
  • Data transmission and reception via the network 400 may be performed wired or wirelessly. For example, if the user terminal 100 is a smartphone, such communication would typically be performed wirelessly.
  • the configuration of the transmission/reception mechanism may be publicly known or well-known.
  • Data received by the transmitting/receiving mechanism from the network 400 is received by the interface 114, and data passed from the interface 114 to the transmitting/receiving mechanism is sent by the transmitting/receiving mechanism via the network 400 to an external party, for example, the authentication device 200.
  • an input unit 121, a control unit 122, an image generation unit 123, an output unit 124, a user ID recording unit 125, and an OTP generation unit 126 are generated in relation to the functions of the present invention.
  • the functional blocks that perform information processing correspond to the arithmetic unit (CPU 111) in terms of hardware, or are realized by the functions of the arithmetic unit that executes information processing in accordance with the instructions of the computer program described above.
  • the functional blocks that perform information processing require some data that is at least temporarily recorded in order to perform the information processing, some kind of recording device, for example, RAM 113 or a large-capacity recording device in this embodiment, may be required to record that data.
  • some of the functional blocks that perform information processing may include some kind of recording device as a component.
  • the input unit 121 and the output unit 124 correspond to the interface 114, or are realized by the functions of the interface 114. More specifically, the input unit 121 and the output unit 124 conceptually correspond to the connection between the interface 114 and the bus 116.
  • the functional block for recording data that is, the user ID recording unit 125, is realized as hardware by a recording device, in this embodiment, the RAM 113 or a large-capacity recording device.
  • the input unit 121 receives input from the interface 114 .
  • the input to the input unit 121 from the interface 114 includes an input from the input device 102.
  • the input from the input device 102 includes, for example, start data.
  • the user ID of the user using the user terminal 100 may be input from the input device 102.
  • the data input from the interface 114 to the input unit 121 includes data input from the transmitting and receiving mechanism to the interface 114.
  • the transmitting and receiving mechanism may receive data (e.g., user authentication data, described later) sent from the authentication device 200 via the network 400. However, in some cases, the transmitting and receiving mechanism may not receive data from the network 400. In such cases, there will be no data input from the transmitting and receiving mechanism to the input unit 121 via the interface 114. In either case, the input unit 121 sends the data received from the interface 114 to the control unit 122 .
  • the control unit 122 controls all of the functional blocks created in the user terminal 100 .
  • the control unit 122 has the following functions, for example.
  • User ID data and start data may be input to the control unit 122.
  • the control unit 122 When the control unit 122 receives the user ID data, it records the data in the user ID recording unit 125.
  • the control unit 122 receives the start data, it reads the user ID data from the user ID recording unit 125, attaches data for specifying the authentication device 200 as the destination to the read user ID data, and sends the linked data to the output unit 124.
  • the control unit 122 may instruct the OTP generation unit 126 to generate one-time password data, which is data regarding a one-time password.
  • the timing at which the control unit 122 instructs the OTP generation unit 126 to generate one-time password data is a predetermined timing after start data is input to the control unit 122.
  • the control unit 122 instructs the OTP generation unit 126 to generate one-time password data promptly after user authentication data is input to the control unit 122.
  • the control unit 122 may receive one-time password data from the OTP generation unit 126.
  • the control unit 122 receives the one-time password data, it instructs the image generation unit 123 to generate image data for displaying the one-time password on the display 101.
  • the image generation unit 123 has a function of generating image data based on instructions from the control unit 122.
  • the image data is, for example, as described above, used to display the one-time password on the display 101.
  • the one-time password is displayed on the display 101 of the user terminal 100 in two formats: text format and barcode format. Details of the image displayed on the display 101 based on the image data will be described later.
  • the image generating unit 123 sends the generated image data to the output unit 124 .
  • the user ID recording unit 125 may record user ID data by the control unit 122.
  • the user ID recording unit 125 has the function of recording user ID data.
  • the user ID recording unit 125 also records an initial value that is unique for each user of each user terminal 100.
  • the initial value is a value used to generate a one-time password.
  • the initial value recorded in the user ID recording unit 125 may be replaced with a value generated based on the initial value (sometimes referred to as a "solution"). In this case, the solution may be recorded in place of the initial value in the user ID recording unit 125. If the initial value is replaced with a solution, it occurs after the first one-time password data is generated.
  • the OTP generating unit 126 has a function of generating one-time password data, which is data related to a one-time password.
  • the OTP generating unit 126 generates one-time password data when instructed by the control unit 122.
  • the one-time password is a character string of an appropriate length. The length of the character string of the one-time password may or may not always be the same, but in this embodiment, it is always the same.
  • the one-time password is a sequence of appropriate characters, such as letters and numbers, and symbols. Any method for generating the one-time password may be used. For example, a pseudo-random number sequence with initial value dependency, which always generates the same under the same conditions, may be used.
  • Such a technique can be applied to the user terminal 100 and the authentication device 200.
  • the technique that can be used when the OTP generation unit 126 of the user terminal 100 generates a one-time password is a method called event synchronization or a method called time synchronization, which will be described later.
  • the OTP generation unit 126 reads out the initial value or solution recorded in the user ID recording unit 125 and uses it to generate the one-time password data. How the OTP generation unit 126 generates the one-time password data will be described later. Once the OTP generating unit 126 generates the one-time password data, it sends it to the control unit 122 .
  • authentication device 200 When viewed as hardware, authentication device 200 may be an existing publicly known or well-known server device. However, by executing a computer program described below, authentication device 200 performs operations and functions different from those of conventional servers or server devices. In this respect, authentication device 200 can be said to be different from conventional server devices.
  • the authentication device 200 may have a general hardware configuration, and roughly speaking, can follow the hardware configuration of the user terminal 100, in which a CPU 111, a ROM 112, a RAM 113, and an interface 114 are connected via a bus 116. However, the authentication device 200 generally has a large-capacity storage device such as an HDD or SSD.
  • a transmitting/receiving mechanism similar to that of user terminal 100, is connected to the interface of authentication device 200 for communicating with devices outside authentication device 200 via network 400.
  • Information (data) sent from the bus to the interface is sent to the transmitting/receiving mechanism, and then sent from the transmitting/receiving mechanism to user terminal 100 or requesting device 300 via network 400.
  • data sent from user terminal 100 or requesting device 300 via network 400 and received by the transmitting/receiving mechanism is sent from the transmitting/receiving mechanism to the interface, and then from the interface to the bus.
  • the transmission/reception mechanism included in the authentication device 200 in this embodiment corresponds to the first communication unit of the present invention in the sense that it communicates with the user terminal 100, and corresponds to the second communication unit of the present invention in the sense that it communicates with the requesting device 300.
  • the transmission/reception mechanism in the authentication device 200 serves as both the first communication unit and the second communication unit of the present invention. This is because, as described above in this embodiment, communication between the authentication device 200 and the user terminal 100 or the requesting device 300 is performed over a common network 400 such as the Internet, although this is not limited to this.
  • the authentication device 200 would generally be configured to include two transmission/reception mechanisms corresponding to the first communication unit and the second communication unit described above, respectively.
  • the interface of the authentication device 200 may be connected to a display and input device similar to those of the user terminal 100, but as this is not particularly relevant to the present application, a description of these will be omitted.
  • authentication device 200 By executing a computer program stored in ROM, a mass storage device, or the like within authentication device 200, for causing a server device serving as authentication device 200 to function as the authentication device of the present invention, functional blocks such as those described below are generated within authentication device 200.
  • the functional blocks below may be generated by the standalone functions of a computer program for causing a server device serving as authentication device 200 to function as the authentication device of the present invention, or may be generated by cooperation between such a computer program and an OS or other computer program installed on authentication device 200.
  • the computer program may be pre-installed in authentication device 200, or may be post-installed in authentication device 200.
  • the computer program may be installed in authentication device 200 via a specified recording medium such as a memory card, or via a network such as a LAN or the Internet.
  • a specified recording medium such as a memory card
  • a network such as a LAN or the Internet.
  • an input unit 221, a control unit 222, an OTP generation unit 223, an OTP judgment unit 224, a personal information judgment unit 225, a personal information recording unit 226, and an output unit 227 are generated in relation to the functions of the present invention.
  • the functional blocks that perform information processing i.e., the control unit 222, the OTP generation unit 223, the OTP determination unit 224, and the personal information determination unit 225, correspond to a computing device (CPU) in terms of hardware, or are realized by the functions of the computing device that executes information processing in accordance with the instructions of the computer program described above.
  • the functional blocks that perform information processing require some data that is at least temporarily recorded in order to perform the information processing, some kind of recording device, for example, RAM or a large-capacity recording device in this embodiment, may be required to record that data.
  • some of the functional blocks that perform information processing may include some kind of recording device as a component.
  • the input unit 221 and the output unit 227 correspond to an interface or are realized by the function of an interface. More specifically, the input unit 221 and the output unit 227 conceptually correspond to a connection between an interface and a bus.
  • the functional block for recording data that is, the personal information recording unit 226, is realized as hardware by a recording device, in this embodiment, a RAM or a large-capacity recording device.
  • the input unit 221 receives input from the interface. Inputs to input unit 221 from the interface include data input to the interface from the transmitting/receiving mechanism.
  • the transmitting/receiving mechanism may receive data sent from user terminal 100 or requesting device 300 via network 400. As will be described in more detail later, user ID data is sent from user terminal 100. As will be described in more detail later, one-time password data and personal information data are sent from requesting device 300. All of this data is received by the transmitting/receiving mechanism and sent to input unit 221 via the interface. In either case, the input unit 221 sends the data received from the interface to the control unit 222 .
  • the control unit 222 controls all of the functional blocks created within the authentication device 200 .
  • the control unit 222 has the following functions, for example.
  • User ID data may be sent to the control unit 222 from the input unit 221.
  • the control unit 222 executes a user authentication process to determine whether the user ID data is valid, in other words, whether the user who sent the user ID data is a valid person.
  • the control unit 222 uses data recorded in the personal information recording unit 226 to execute the user authentication. How the control unit 222 executes the user authentication will be described later.
  • the control unit 222 also performs user authentication, and if it determines that the user who sent the user ID data is a legitimate person, it generates user authentication data and sends it to the output unit 227, and also instructs the OTP generation unit 223 to generate a one-time password. At this time, the control unit 222 links the user ID data to the instruction to the OTP generation unit 223 and sends it to the OTP generation unit 223. Control unit 222 may also receive one-time password data and personal information data from input unit 221, both of which have been sent from requesting device 300. When control unit 222 receives one-time password data, it sends the data to OTP determination unit 224. When control unit 222 receives personal information data, it sends the data to personal information determination unit 225.
  • control unit 222 may also receive data indicating the result of the OTP judgment (described later) from the OTP judgment unit 224 and data indicating the result of the personal information judgment (described later) from the personal information judgment unit 225.
  • the control unit 222 Upon receiving the data indicating the result of the OTP judgment and the data indicating the result of the personal information judgment, the control unit 222 generates authentication data (described later) or denial data (described later).
  • the control unit 222 sends the generated authentication data or denial data to the output unit 227.
  • the OTP generating unit 223 receives user ID data and an instruction to generate a one-time password from the control unit 222.
  • the OTP generating unit 223 When receiving the instruction, the OTP generating unit 223 generates a one-time password.
  • One-time passwords are essentially unique. “In essence,” this means that the multiple one-time passwords generated during the "determination period" described below will be different from other one-time passwords generated during the determination period.
  • the one-time password created by the authentication device 200 is a character string of an appropriate length. The length of the character string of the one-time password may or may not always be the same, but in this embodiment it is always the same.
  • the one-time password is a string of appropriate letters, such as alphabets and numbers, and symbols.
  • the method by which the OTP generation unit 223 generates a one-time password may be any method as long as it is the same as the method by which the OTP generation unit 126 in the user terminal 100 generates a one-time password.
  • the OTP generation unit 223 in the authentication device 200 will be able to generate the same one-time password as that generated by the OTP generation unit 126 in all user terminals 100.
  • the method executed when the OTP generation unit 223 generates one-time password data will be described later, but in this embodiment, when generating one-time password data, the OTP generation unit 223 uses data recorded in the personal information recording unit 226.
  • the OTP generation unit 223 uses the data recorded in the personal information recording unit 226 to generate one-time password data to generate one-time password data.
  • the OTP generation unit 223 identifies the one-time password or sends one-time password data, which is data corresponding to the one-time password, to the OTP determination unit 224 together with the user ID data sent from the control unit 222 along with the instruction to generate the one-time password data.
  • the OTP determination unit 224 performs an OTP determination, which will be described later.
  • the OTP determination unit 224 may receive one-time password data from the control unit 222. This one-time password data is data sent from the requesting device 300 to the authentication device 200. Upon receiving the one-time password data from the control unit 222, the OTP determination unit 224 performs an OTP determination.
  • the OTP judgment unit 224 uses the one-time password data and user ID data received from the OTP generation unit 223 before receiving the one-time password data from the control unit 222. How the OTP judgment unit 224 performs OTP judgment using these data will be described later.
  • the OTP judgment unit 224 is configured to send data indicating the result of the OTP judgment obtained by performing the OTP judgment to the control unit 222.
  • the result of the OTP judgment can be either positive or negative.
  • the judgment result sent from the OTP judgment unit 224 to the control unit 222 will be one of these.
  • the OTP judgment unit 224 is configured to send user ID data to the personal information judgment unit 225.
  • the personal information determination unit 225 performs personal information determination, which will be described later. As described above, the personal information determination unit 225 may receive personal information data from the control unit 222. When the personal information data is received, the personal information determination unit 225 performs personal information determination. When making a personal information judgment, the personal information judgment unit 225 uses, in addition to the personal information data, the user ID data received from the OTP judgment unit 224 and the data recorded in the personal information recording unit 226. How the personal information judgment unit 225 makes a personal information judgment will be described later. The personal information determination unit 225 is configured to send data indicating the result of the personal information determination obtained by performing the personal information determination to the control unit 222. The result of the personal information determination can be either positive or negative. The result of the determination sent from the personal information determination unit 225 to the control unit 222 will be one of these.
  • the personal information recording section 226 records personal information of each user, more specifically, personal information data, which is data about the personal information of each user.
  • personal information data is data about the personal information of each user.
  • FIG. 1 An example of personal information data recorded in the personal information recording unit 226 is shown in FIG.
  • the personal information recording unit 226 stores data such as, but not limited to, the user ID, name, sex, date of birth, address, and a photograph of the user's face.
  • a series of data listed side by side in Fig. 6 is personal information data about the personal information of the same user.
  • the data of the user ID, name, gender, date of birth, address, and facial photograph of the user are merely examples.
  • the data of the user ID is essential, while the data of the name, gender, date of birth, address, and facial photograph of the user are not necessarily essential.
  • personal information of each user such as medical-related information such as medical history and medication status, and property-related information such as income and tax status, may also be recorded as personal information in the personal information recording unit 226. This depends on the institutional design of the authentication system. It is necessary to record data on personal information that is the subject of a determination of authenticity in an authentication system including the authentication device 200 in the personal information recording unit 226. A brief description will be given of each of the data items, name, sex, date of birth, address, and face photo of the user.
  • the user ID is a fixed and unique identifier for distinguishing each user from other users.
  • the user ID is assigned to every user by, for example, the authentication device 200 or its administrator.
  • the user ID is, for example, a list of appropriate characters, such as alphabets and numbers, and symbols.
  • the name, gender, date of birth, and address are the name, gender, date of birth, and address of the user. These are not considered necessary to explain, so they will be omitted.
  • the user's facial photo data is image data including the user's face. It is preferable that the facial photo data be such that the user's face can be authenticated using the facial photo.
  • the data format of the facial photo data is "jpg," but of course, this is not limited to this.
  • the same initial value as the initial value recorded together with the user ID in the user ID recording unit 125 of each user terminal 100 is also recorded in the personal information recording unit 226 in a state linked to the same user ID as the user ID recorded in the user ID recording unit 125.
  • the control unit 222, the OTP generation unit 223, and the personal information determination unit 225 are each capable of reading out data recorded in the personal information recording unit 226, which will be described later.
  • output unit 227 sends the authentication data or denial data to the transmitting/receiving mechanism via the interface.
  • the transmitting/receiving mechanism sends the authentication data or denial data to requesting device 300.
  • the output unit 227 may receive user authentication data from the control unit 222.
  • the output unit 227 transmits the user authentication data to the transmission/reception mechanism via the interface.
  • the transmission/reception mechanism transmits the user authentication data to the user terminal 100 that transmitted the user ID data that triggered the generation of the user authentication data.
  • the requesting device 300 may be an existing, publicly known, desktop or notebook personal computer or a server device.
  • the requesting device 300 can be configured using a general computer device.
  • the requesting device 300 may perform operations different from conventional computer devices and may perform functions different from conventional servers or server devices.
  • the requesting device 300 may differ from conventional computer devices.
  • the hardware configuration of requesting device 300 may be a general one, and roughly speaking, it can follow the hardware configuration of user terminal 100, in which CPU 111, ROM 112, RAM 113, and interface 114 are connected via bus 116.
  • requesting device 300 generally has an HDD, SSD, or other large-capacity storage device.
  • the configurations and functions of the CPU, ROM, RAM, interface, bus, and mass storage device of requesting device 300 are the same as those of user terminal 100.
  • a transmitting/receiving mechanism similar to that of user terminal 100, is connected to the interface of requesting device 300 for communicating with devices outside requesting device 300 via network 400.
  • Information (data) sent from the bus to the interface is sent to the transmitting/receiving mechanism, and then sent from the transmitting/receiving mechanism to authentication device 200 via network 400.
  • data sent from authentication device 200 via network 400 and received by the transmitting/receiving mechanism is sent from the transmitting/receiving mechanism to the interface, and then from the interface to the bus. It is sufficient for the transmitting/receiving mechanism in this embodiment to be able to communicate with authentication device 200.
  • a one-time password or one-time password data that identifies a one-time password is input to the requesting device 300.
  • a device for accepting input of a one-time password or the like is connected to the requesting device 300, and the device is also connected to the interface.
  • Examples of devices for accepting a one-time password or the like include input devices with functions equivalent to those provided in the user terminal 100 (e.g., a touch panel display, a numeric keypad, a keyboard, a trackball, a mouse, a speech-to-text input device, a tap key), a barcode reader capable of reading two-dimensional barcodes, a short-range communication mechanism for short-range communication such as Bluetooth (trademark), and an OCR (Optical Character Recognition) device capable of reading characters written on paper. It is sufficient for at least one of the four types of devices exemplified above to be connected to the interface as needed, and other devices for accepting a one-time password or the like may also be connected.
  • input devices with functions equivalent to those provided in the user terminal 100 e.g., a touch panel display, a numeric keypad, a keyboard, a trackball, a mouse, a speech-to-text input device, a tap key
  • a barcode reader capable of reading two-dimensional barcodes
  • all of the four types of devices exemplified above are connected to the interface of the requesting device 300.
  • the interface of requesting device 300 is connected to a display similar to that of user terminal 100.
  • the display may be a part of requesting device 300 or may be external.
  • requesting device 300 By executing a computer program stored in ROM, a mass storage device, or the like within requesting device 300, for causing a computer device serving as requesting device 300 to function as the requesting device of the present invention, functional blocks such as those described below are generated within requesting device 300.
  • the functional blocks below may be generated by the standalone function of a computer program for causing a computer device serving as requesting device 300 to function as the requesting device of the present invention, or may be generated by cooperation between such computer program and an OS or other computer program installed on requesting device 300.
  • the computer program may be pre-installed on requesting device 300, or may be post-installed on requesting device 300.
  • the computer program may be installed on requesting device 300 via a specified recording medium such as a memory card, or via a network such as a LAN or the Internet.
  • a specified recording medium such as a memory card
  • a network such as a LAN or the Internet.
  • an input unit 321, a control unit 322, an image generating unit 323, and an output unit 324 are generated in relation to the functions of the present invention.
  • the functional blocks that perform information processing i.e., the control unit 322 and the image generation unit 323, correspond to a computing device (CPU) in terms of hardware, or are realized by the functions of the computing device that executes information processing in accordance with the instructions of the computer program described above.
  • some kind of recording device for example, RAM or a large-capacity recording device in this embodiment, may be required to record that data.
  • the input unit 321 and the output unit 324 correspond to an interface or are realized by the function of an interface. More specifically, the input unit 321 and the output unit 324 conceptually correspond to a connection between an interface and a bus.
  • the control unit 322 and the image generation unit 323 need to record data even temporarily, the function of recording data is realized by a hardware recording device, in this embodiment, a RAM or a large-capacity recording device.
  • the input unit 321 receives input from the interface.
  • the input from the interface to the input unit 321 includes data input to the interface from the transmitting and receiving mechanism.
  • the transmitting and receiving mechanism receives authentication data or denial data from the authentication device 200 via the network 400.
  • the input unit 321 sends the data to the control unit 322.
  • devices for accepting input of one-time passwords and the like specifically, an input device, a barcode reader, a short-range communication mechanism, and an OCR device, are connected to the interface.
  • Input from these devices for accepting input of one-time passwords and the like is also input to input unit 321 via the interface.
  • Input from these devices for accepting input of one-time passwords and the like is one-time password data, personal information data, or both.
  • data input to the input unit 321 via the interface from these devices for accepting input of a one-time password or the like is sent from the input unit 321 to the control unit 322.
  • the control unit 322 controls all of the functional blocks created in the requesting device 300 .
  • the control unit 322 has the following functions, for example.
  • the control unit 322 may receive one-time password data and personal information data from the input unit 321.
  • the one-time password data and personal information data may be sent simultaneously or at an interval.
  • the control unit 322 links them together and sends them to the output unit 324.
  • the control unit 322 may receive authentication data or denial data from the input unit 321.
  • the control unit 322 sends the authentication data or denial data to the image generation unit 323.
  • the image generating unit 323 has a function of generating image data for an image to be displayed on a display provided in the requesting device 300 . As described above, the image generation unit 323 receives authentication data or denial data from the control unit 322. When the image generation unit 323 receives authentication data, it generates image data for displaying an image corresponding to the authentication data on the display, and when it receives denial data, it generates image data for displaying an image corresponding to the authentication data on the display. In either case, the image generating unit 323 sends the generated image data to the output unit 324 .
  • one-time password data and personal information data that are linked to each other may be sent from the control unit 322 to the output unit 324.
  • the output unit 324 sends the one-time password data and personal information data to the transmission/reception mechanism via the interface.
  • the transmission/reception mechanism sends the received one-time password data and personal information data to the authentication device 200.
  • image data may be sent to the output unit 324 from the image generation unit 323.
  • the output unit 324 sends the image data to the display via the interface. An image corresponding to the image data is displayed on the display. Details of the image displayed on the display will be described later.
  • a user ID is assigned to each user.
  • the user ID is unique to each user.
  • the user ID may be selected by each user, but in this embodiment, the user ID is assigned to each user by a person who manages the authentication device 200 or a person who has a cooperative relationship with the person who manages the authentication device 200, although this is not limited to this.
  • the user ID is notified to each user in a manner that allows for identity verification (KYC: Know Your Customer). For example, the user ID is notified by mailing a letter containing the user ID to the user.
  • a user once a user has learned their own user ID, they register the user ID in the user terminal 100 used in the authentication system. For example, the user operates the input device 102 of the user terminal 100 to input the user ID that he or she has grasped into the user terminal 100. Then, data specifying the user ID input from the input device 102 passes from the input device 102 through the interface to the input unit 121 and further to the control unit 122. The control unit 122 records the user ID data in the user ID recording unit 125. This completes the registration of the user ID to the user terminal 100. The registration of the user ID to the user terminal 100 needs to be performed only once at the beginning. The user ID recording unit 125 also records an initial value assigned to the user for generating one-time password data.
  • the initial value is recorded in the user ID recording unit 125 before the first one-time password data is generated by the user terminal 100.
  • Any method can be used to record the initial value in the user ID recording unit 125.
  • the user can record the initial value in the user ID recording unit 125 by operating the input device 102 to input the initial value data, just as when the user records user ID data in the user ID recording unit 125.
  • the above-mentioned letter is printed with not only the user ID but also the initial value assigned to the user, the user can enter the initial value after understanding it.
  • the flow of data for the initial value from the input device 102 to the user ID recording unit 125 can be the same as the flow of data for the user ID.
  • the authentication device 200 to which the user connects the user terminal 100 using the user ID data can automatically send the initial value data to the user terminal 100 via the network 400.
  • the initial value data received by the transmitting/receiving mechanism of the user terminal 100 may be sent from the transmitting/receiving mechanism to the control unit 122 via the interface 114 and the input device 102, and may be automatically recorded in the user ID recording unit 125 by the control unit 122.
  • personal information data is recorded in the personal information recording unit 226.
  • the personal information data is, for example, as shown in Fig. 6.
  • the data of the user ID, name, sex, date of birth, address, and a facial photograph of the user are recorded in the personal information recording unit 226.
  • the personal information recording unit 226 also records data of an initial value assigned to each user (or each user ID). This has already been described with reference to FIG. 6.
  • the initial value can be a string of at least one of numbers, letters, and symbols, or a combination thereof. Although not limited to this, in this embodiment, the initial value is a string of 20 digits containing a mixture of numbers and lowercase English letters.
  • the personal information recording unit 226 does not need to be configured as a single physical recording device, but may be configured as multiple recording devices.
  • the multiple recording devices that make up the personal information recording unit 226 may each be included in a different computer device and cooperate to form the personal information recording unit 226.
  • an institution or corporation that possesses and manages the user ID and initial value data recorded in a certain recording device may be different from an institution or corporation that possesses and manages the user's name, gender, date of birth, and address data recorded in a certain recording device, and an institution or corporation that possesses and manages the user's facial photo data recorded in a certain recording device.
  • the personal information recording unit 226 can be configured by cooperation between these three institutions or corporations, for example, by enabling three recording devices located in remote locations to cooperate.
  • authentication device 200 can also be configured so that the arithmetic unit (CPU, etc.) of authentication device 200 is included in a computer device separate from the computer device that makes up personal information recording unit 226.
  • authentication device 200 can also be configured to include a first authentication device that includes a arithmetic unit (CPU, etc.) and a second authentication device that includes personal information recording unit 226.
  • the first authentication device and the second authentication device may be located remotely from each other and may be able to communicate with each other via network 400, for example, as already mentioned.
  • this explanation has become somewhat redundant, what it means is that the authentication device 200 does not have to be configured from a single server device, but can be configured by combining a single server device with at least one computer device (or multiple server devices).
  • the user arrives at the city hall counter.
  • the user fills out a resident registration application form available at the city hall counter.
  • the resident registration application form may contain other fields, but it is assumed that it contains fields for the applicant's name, address, and date of birth.
  • the user fills in their name, address, and date of birth in the fields provided on the application form as requested.
  • the user operates the user terminal 100, which is the user's own smartphone, to launch a computer program (application) for personal information authentication.
  • the user operates the input device 102 of the user terminal 100 to input data to start up a computer program.
  • start data is sent from the input device 102 to the control unit 122 via the interface and input unit 121.
  • the control unit 122 reads out the user ID data from the user ID recording unit 125 (S1101).
  • the control unit 122 instructs the image generation unit 123 to generate image data for displaying an image (initial image) of the computer program when it is launched on the display 101, along with the user ID data.
  • the image generation unit 123 generates image data based on the instruction.
  • the generated image data is sent from the image generation unit 123 to the display 101 via the output unit 124 and the interface 114.
  • An image based on the image data is displayed on the display 101.
  • An example of an image displayed on the display 101 is shown in FIG. 9A.
  • a user ID 502 specified by the user ID data read from the user ID recording unit 125 is displayed.
  • the user ID is "111aaaa.”
  • the initial image also displays a button 503 with the word "Send" written on it. When the user touches a position on the display 101 corresponding to the button 503, start data is input from the input device 102.
  • the start data reaches the control unit 122 from the input device 102 via the interface and input unit 121, in the same manner as the data for launching a computer program described above.
  • the control unit 122 Upon receiving the start data, the control unit 122 sends user ID data to the output unit 124.
  • the control unit 122 adds data (destination data) to the user ID data to specify the authentication device 200 as the destination of the data.
  • the user ID data with the destination data attached is sent from the output unit 124 to the transmission/reception mechanism via the interface 114.
  • the user ID data is sent from the transmission/reception mechanism via the network 400 to the authentication device 200, which is the destination specified in the destination data (S1102).
  • the user ID data to be transmitted to the authentication device 200 is automatically read from the user ID recording unit 125.
  • the user ID data sent from the user terminal 100 via the network 400 is received by the transmission/reception mechanism of the authentication device 200 (S1201).
  • the user ID data received by the transmission/reception mechanism passes through the interface and input unit 221 within the authentication device 200 and reaches the control unit 222.
  • the control unit 222 executes user authentication processing (S1202).
  • User authentication is a determination of whether the user ID data is valid, in other words, a determination of whether the user who sent the user ID data is legitimate.
  • the control unit 222 searches for user ID data identical to the received user ID data among the data recorded in the personal information recording unit 226.
  • the control unit 222 determines that the user ID data received by the authentication device 200 from the user terminal 100, or the user who sent that data, is legitimate. This completes the user authentication.
  • the same user ID data as the user ID data received by the control unit 222 is not recorded in the personal information recording unit 226 as user ID data, it is determined that the user ID data received by the authentication device 200 from the user terminal 100, or the user who sent that data, is not legitimate. In such a case, user authentication is deemed to have failed. If the user authentication fails, the subsequent processing is stopped in the authentication device 200.
  • the authentication device 200 may execute publicly known or well-known processing, such as notifying the user terminal 100 of the fact that the user authentication has failed and the reason for the failure, in order to send some data from the authentication device 200 to the user terminal 100.
  • publicly known or well-known processing such as notifying the user terminal 100 of the fact that the user authentication has failed and the reason for the failure, in order to send some data from the authentication device 200 to the user terminal 100.
  • user ID data is used in the above-described user authentication process, it is of course possible to perform user authentication using other data.
  • two-factor authentication or multi-factor authentication using data other than the user ID For example, by having the user terminal 100 send not only user ID data but also user ID and password data to the authentication device 200, user authentication using not only the user ID but also the password can be realized.
  • facial authentication can be performed in the authentication device 200.
  • the user terminal 100 can send location information about the location of the user terminal 100, obtained by the user terminal 100 using a GPS (Global Positioning System) mechanism, in addition to the user ID data, to the authentication device 200, thereby allowing the authentication device 200 to perform two-factor authentication using the user ID and location information.
  • GPS Global Positioning System
  • control unit 222 in authentication device 200 determines that the user ID data received by authentication device 200 from user terminal 100 or the user who sent that data is legitimate
  • control unit 222 in authentication device 200 generates user authentication data (S1203).
  • the user authentication data travels from control unit 222 to output unit 227 and then to the transmission/reception mechanism, from which it is sent to user terminal 100 via network 400 (S1204).
  • the user terminal 100 receives the user authentication data via its transmission/reception mechanism (S1103).
  • the user authentication data is sent from the transmission/reception mechanism to the control unit 122 via the interface 114 and input unit 121.
  • the control unit 122 promptly sends an instruction to the OTP generation unit 126 to generate one-time password data.
  • the OTP generating unit 126 Upon receiving this instruction, the OTP generating unit 126 generates one-time password data (S1104).
  • the method used by the OTP generator 126 in the user terminal 100 to generate one-time password data is one that ensures that data generated under the same conditions is identical.
  • the initial value and the calculation method (algorithm) executed using the initial value are fixed, and the one-time password obtained as a result of the calculation is a pseudo-random number.
  • the one-time password is generated using one of the time-synchronized and event-synchronized methods described below, although this is not limited to this.
  • the one-time password data is data that identifies a one-time password or corresponds to a one-time password.
  • the OTP generating unit 126 When one-time password data is generated in a time-synchronized manner, the OTP generating unit 126 generates the one-time password data as follows.
  • the OTP generation unit 126 reads an initial value from the user ID recording unit 125.
  • the data for the initial value is, for example, a character string of 20 digits containing a mixture of numbers and lowercase English letters. This is the same for both the initial value and the one-time password.
  • Such an initial value is unique for each user terminal 100. There may be one initial value, but there may also be multiple initial values. Although not limited to this, in this embodiment there is one initial value, so the OTP generation unit 126 reads one initial value from the user ID recording unit 125.
  • the OTP generator 126 performs an operation on the initial value to generate a solution at that time.
  • solution refers to a one-time password.
  • the initial value is changed to numbers only so that calculations can be performed. If the initial value contains any alphabetic characters, they are replaced with two-digit numbers. The numbers to be replaced are those in the alphabetical order of the alphabetic characters. For example, “a” is replaced with "01", “b” with “02", and “z” with "26”. For example, suppose the initial value is "5a6458p6556ff4272149". In this case, if the initial value is changed to numbers only according to the above rule, it becomes "501645816655606064272149".
  • the number of digits when using numbers only increases according to the number of alphabetic characters included in the initial value. Note that if you want to include symbols such as (,), ! , &, and : in the solution, you can simply assign appropriate numbers such as "27” to "(", “28” to ")", and "29” to "!.
  • an operation is performed on the numbers.
  • the result of this operation is a string of numbers that is the basis for the solution. If this string of numbers is X, X is found according to the date and time at which the solution is generated. Specifically, the solution is found as follows according to the year, month, day, hour, and minute in the Gregorian calendar at that time. X1 in the following formula is the initial value converted into a number.
  • the string of numbers and lowercase English letters obtained in the manner described above has exactly 20 digits, it is used as the solution as is. Also, if the string of numbers and lowercase English letters obtained in the manner described above has fewer than 20 digits, the number of digits is increased based on some rule. For example, some number or letter may be inserted into the string based on the first number or letter of the string before the number of digits reaches 20.
  • the OTP generating unit 126 When generating one-time password data in synchronization with an event, the OTP generating unit 126 generates the one-time password data as follows. To generate a solution, a certain initial solution (there may be two or more solutions, such as (a) and (c) below) is used, and a new solution is sequentially generated by substituting the previous solution into a predetermined function. This method can be performed every time a solution is needed. In this way, the above solutions can be generated continuously.
  • the solutions in this case are pseudo-random numbers that are dependent on the initial solution.
  • the OTP generating unit 126 When the OTP generating unit 126 generates a solution for the first time, it reads an initial value from the user ID recording unit 125. Then, it substitutes the initial value into the following formula. In the following formula, the initial value is, for example, "X 0 ". Examples of functions used to create the above solutions are (a) to (c) below. (a) to (c) below are all formulas for creating the Nth solution, XN . P, Q, R, and S are appropriate natural numbers.
  • the new solution is then obtained by rearranging the digits as described above.
  • the above (a) to (c) are examples of algorithms for generating solutions, and it is possible to make changes to the algorithm when generating a solution, such as using the above (a) to (c) in order.
  • the above-mentioned methods using the formulas (a) to (c) can be used when the solution consists of only numbers. If you want to include letters and symbols in the solution, you can use the method of assigning numbers to letters and symbols described in the embodiment. According to the method of generating successive solutions using the above-described formulas, solutions generated in the same order will always be the same if the initial solution is the same.
  • the OTP generation unit 126 When generating one-time password data using the event synchronization method, the OTP generation unit 126 overwrites the initial value recorded in the user ID recording unit 125 with the first solution, or overwrites a solution with the next solution, or if more general, overwrites solution (X N ) with solution (X N+1 ) each time it generates one-time password data. This allows the OTP generation unit 126 to always generate the next solution using the previous solution recorded in the user ID recording unit 125.
  • the OTP generation unit 126 sends the generated one-time password data to the control unit 122.
  • the control unit 122 instructs the image generation unit 123 to generate image data for displaying the one-time password on the display 101.
  • the image generation unit 123 generates image data based on the instruction from the control unit 122.
  • the image generation unit 123 sends the generated image data to the output unit 124.
  • the image data is sent from the output unit 124 to the display 101 via the interface 114.
  • the one-time password is displayed on the display 101 (S1105). An example of the image displayed on the display 101 at this time is shown in FIG. 9B.
  • This image includes the characters "user ID” 501 and the user ID "111aaaa” 502, which were also present in the initial image shown in Fig. 9A.
  • this image does not include the button 503 that was present in the initial image shown in Fig. 9A.
  • the characters "one-time password” 504, a one-time password 505 (the character string “2g39uab46k3rmk65dakj" in this example) shown below the characters 504, and a two-dimensional barcode 506 are displayed.
  • the one-time password 505, which is the character string written below the word "one-time password” 504, is a one-time password identified by the one-time password data.
  • the two-dimensional barcode 506 is intended to assist the user in handing over the one-time password data to the city hall.
  • the two-dimensional barcode 506 contains information corresponding to the one-time password data.
  • the two-dimensional barcode 506 is, for example, a QR code (trademark).
  • the two-dimensional barcode 506 can also be replaced with a one-dimensional barcode.
  • the user hands over the one-time password (or one-time password data) and personal information (or personal information data) to the city hall (S1106).
  • the city hall receives them.
  • the requesting device 300 receives them (S1301).
  • "delivering" means that when a one-time password (or one-time password data) and personal information (or personal information data) are transferred from the user to the city hall, it is not necessary for the two parties to exchange electronic data.
  • the one-time password data and personal information data may be sent from the user's device, and the city hall's device may receive the data, but this is not required.
  • the user fills out a resident registration application form with their name, address, and date of birth.
  • the application form By handing the application form to a clerk at a city hall counter, the user can hand over their personal information (in this case, their name, address, and date of birth) to the city hall.
  • their personal information in this case, their name, address, and date of birth
  • the city hall can input the user's three pieces of personal information (name, address, and date of birth) into the requesting device 300.
  • a city hall clerk entering the user's name, address, and date of birth written on the application form using a keyboard or other input device, the city hall can input the user's three pieces of personal information (name, address, and date of birth) into the requesting device 300.
  • Another way for a user to hand over their personal information to the city hall is for the user to verbally communicate their name, address, and date of birth to the city hall clerk.
  • the city hall can use a voice input device, or a city hall employee who hears the voice can input the user's name, address, and date of birth using a keyboard or other input device, and these three pieces of personal information can be input into the requesting device 300.
  • the user can also use the user terminal 100 to send his or her personal information in electronic data format (as personal information data) to the requesting device 300 managed by the city hall, for example, a city hall employee.
  • the method for transferring personal information data in electronic data format from the user terminal 100 to the requesting device 300 can be similar to the method described below for transferring one-time password data in electronic data format from the user terminal 100 to the requesting device 300.
  • the one-time password (one-time password data) can be handed over from the user to the city hall as follows. Assume that the above-mentioned application form further includes a field for the user to enter the one-time password provided by authentication device 200, and that the user copies the one-time password displayed on the display of user terminal 100 (the character string "2g39uab46k3rmk65dakj" in the example of FIG. 9B ) onto the application form handed over to city hall.
  • a city hall official can input the one-time password data, in addition to the personal information data, into requesting device 300 by scanning the personal information and one-time password with an OCR device or entering them with a keyboard or other input device.
  • a two-dimensional barcode 506 displayed on the display 101 of the user terminal 100 held by the user may be used to deliver the one-time password to the city hall.
  • the user shows the screen shown in FIG. 9B displayed on the display 101 of the user terminal 100.
  • a city hall official reads the two-dimensional barcode 506 with a barcode reader (not shown) capable of reading two-dimensional barcodes.
  • the one-time password data contained in the two-dimensional barcode 506 is input from the barcode reader to the requesting device 300.
  • the one-time password data can be delivered from the user terminal 100 to the requesting device 300 in the form of electronic data. This is also true when a short-range communication mechanism, described below, is used.
  • the one-time password data can also be transmitted from the user terminal 100 to the requesting device 300 via a short-range communication mechanism, such as Bluetooth (trademark), provided in the user terminal 100.
  • the one-time password data is considered to have been handed over from the user to the city hall side. If a short-range communication mechanism is used, the personal information data and the one-time password data can be transmitted from the user to the city hall side simultaneously.
  • the user delivers the one-time password (or one-time password data) and personal information (or personal information data) to the city hall, and the city hall receives them.
  • the delivery of the one-time password (or one-time password data) from the user to the city hall and the delivery of the personal information (or personal information data) from the user to the city hall may or may not be performed in the same manner.
  • the delivery of the one-time password (or one-time password data) from the user to the city hall and the delivery of the personal information (or personal information data) from the user to the city hall may or may not be performed simultaneously.
  • the delivery of the one-time password (or one-time password data) from the user to the city hall can only be performed after the one-time password data generated by the authentication device 200 has arrived at the user terminal 100, but the delivery of the personal information (or personal information data) from the user to the city hall can be performed at an earlier stage, for example, before the processing of "S1101" is executed.
  • both the one-time password data and the personal information data are input to requesting device 300 from an appropriate device for accepting input of a one-time password or the like (in this embodiment, an input device, a barcode reader, a near-field communication mechanism, or an OCR device).
  • the data travels from the device for accepting input of a one-time password or the like through an interface and input unit 321 to control unit 322.
  • the control unit 322 receives the one-time password data and the personal information data. As described above, the one-time password data and the personal information data may be sent to the control unit 322 simultaneously, or may be sent at intervals. In either case, the control unit 322 links the one-time password data and personal information data received from the same user and sends them to the output unit 324. The one-time password data and personal information data are sent from the output unit 324 to the transmission/reception mechanism via an interface. The one-time password data and personal information data are then sent from the transmitting/receiving mechanism to the authentication device 200 via the network 400 (S1302).
  • the one-time password data and personal information data are received by the transmitting/receiving mechanism of the authentication device 200 (S1206).
  • the one-time password data and personal information data are sent from the transmission/reception mechanism in the authentication device 200 via an interface to the input unit 221 and then to the control unit 222 .
  • the OTP determination unit 224 performs an OTP determination
  • the personal information determination unit 225 performs a personal information determination (S1207).
  • one-time password data is generated (S1205) at an appropriate timing after user authentication (S1202) and before OTP verification.
  • the control unit 222 executes user authentication, and if it determines that the user who sent the user ID data is a legitimate user, it immediately issues an instruction to the OTP generation unit 223 to generate a one-time password. At this time, the control unit 222 transmits the user ID data to the OTP generation unit 223 in association with the instruction.
  • the OTP generation unit 223 Upon receiving an instruction to generate one-time password data, the OTP generation unit 223 generates the one-time password data.
  • the OTP generation unit 223 generates the one-time password data in the same manner as the OTP generation unit 126 of the user terminal 100 generates the one-time password data.
  • the OTP generation unit 223 of the authentication device 200 since the OTP generation unit 126 of the user terminal 100 generates the one-time password data using the time synchronization or event synchronization method as described above, the OTP generation unit 223 of the authentication device 200 also generates the one-time password data using the same method. Regardless of whether the OTP generation unit 223 generates one-time password data using the event synchronization or time synchronization method, when generating one-time password data, the OTP generation unit 223 first reads from the personal information recording unit 226 the initial value (if the event synchronization method is adopted, this may be a solution in which the initial value has been overwritten) that is recorded in the personal information recording unit 226 and is linked to the user ID data received from the control unit 222.
  • the initial value if the event synchronization method is adopted, this may be a solution in which the initial value has been overwritten
  • the OTP generation unit 223 When the time synchronization technique is employed, the OTP generation unit 223 generates a one-time password for the current date and time using the same initial value and the same mathematical formula used by the user terminal 100. Therefore, as long as the timing at which the OTP generation unit 126 of the user terminal 100 generates the one-time password data matches the timing at which the OTP generation unit 223 of the authentication device 200 generates the one-time password data, the one-time password data generated by the OTP generation unit 126 of the user terminal 100 and the one-time password data generated by the OTP generation unit 223 of the authentication device 200 will match.
  • the timing at which the one-time password data is generated by the user terminal 100 may be slightly delayed from the timing at which the one-time password data is generated by the authentication device 200 depending on the time required to transmit the user authentication data
  • the timing at which the OTP generation unit 126 of the user terminal 100 generates the one-time password data basically matches the timing at which the OTP generation unit 223 of the authentication device 200 generates the one-time password data.
  • the OTP generation unit 223 When the event synchronization method is adopted, the OTP generation unit 223 generates a one-time password for the current date and time using the same initial value (or the previously generated solution) used in the user terminal 100 and the same mathematical formula used in the user terminal 100.
  • the OTP generation unit 223 in the authentication device 200 also overwrites the initial value or solution recorded in the personal information recording unit 226 with the newly generated solution. Therefore, the initial value or solution recorded in the user ID recording unit 125 of a certain user terminal 100 and the initial value or solution recorded in the personal information recording unit 226 of the authentication device 200 are always the same when linked to the user ID given to the user who owns that user terminal 100.
  • the one-time password data generated by the OTP generation unit 126 of the user terminal 100 will match the one-time password data generated by the OTP generation unit 223 of the authentication device 200. Because one-time password data is never generated by only one of the user terminal 100 and the authentication device 200, the number of times that the OTP generation unit 126 of the user terminal 100 has generated one-time password data always matches the number of times that the OTP generation unit 223 of the authentication device 200 has generated one-time password data.
  • the one-time password data generated by the OTP generation unit 223 of the authentication device 200 using the event synchronization technique always matches the one-time password data generated by the OTP generation unit 126 of the user terminal 100.
  • the OTP generation unit 223 once the OTP generation unit 223 generates the one-time password data, it sends the one-time password data to the OTP judgment unit 224 together with the user ID data that was sent from the control unit 222 along with the instruction to generate the one-time password data.
  • the OTP determination is performed as follows.
  • the control unit 222 sends the one-time password data out of the one-time password data and personal information data sent from the requesting device 300 to the OTP determination unit 224 .
  • the OTP judgment unit 224 performs OTP judgment upon receiving one-time password data from the control unit 222.
  • the OTP judgment unit 224 uses the one-time password previously received from the OTP generation unit 223.
  • the one-time password data received by the OTP judgment unit 224 from the control unit 222 is the one-time password data sent from the requesting device 300, and this is the one-time password data generated by the OTP generation unit 126 of the user terminal 100.
  • the one-time password data previously received by the OTP judgment unit 224 from the OTP generation unit 223 is the one-time password data generated by the OTP generation unit 223 in the authentication device 200.
  • the one-time password data generated by the user terminal 100 and the one-time password data generated in the authentication device 200 to be compared with it will match regardless of the generation method, as long as there is no fraud or other irregularities. If the two pieces of one-time password data to be compared match, the OTP judgment unit 224 judges that the one-time password data sent from the requesting device 300 is valid. In this case, the result of the OTP judgment is positive.
  • the OTP judgment unit 224 judges that the one-time password data sent from the requesting device 300 is invalid. In this case, the result of the OTP judgment is negative. Whether the result of the OTP judgment is positive or negative, the OTP judgment unit 224 sends the result of the OTP judgment to the control unit 222 . Furthermore, if the result of the OTP judgment is positive, the OTP judgment unit 224 sends the user ID data to the personal information judgment unit 225. This user ID data is the user ID data that was sent in advance from the OTP generation unit 223 together with the one-time password data used in the OTP judgment that produced a positive result.
  • the above-mentioned problem could be avoided by defining the validity period of one-time password data that can be used for OTP verification (e.g., a predetermined period of time (e.g., two minutes) after one-time password data is generated by OTP generation unit 223 of authentication device 200, or a predetermined period of time (e.g., three minutes) after user authentication data is transmitted from authentication device 200 to user terminal 100).
  • a predetermined period of time e.g., two minutes
  • a predetermined period of time e.g., three minutes
  • the result of the OTP judgment is positive.
  • the above-mentioned authentication device 200 or authentication system is operated in such a way that one-time password data is invalid if more than three minutes have passed since the one-time password data was generated by OTP generation unit 223.
  • OTP judgment unit 224 may not perform OTP judgment using the one-time password data, or may make the result of the judgment negative.
  • the uniqueness required for the one-time password data generated by the OTP generation unit 223 is sufficient if there is a guarantee that no one-time password data identical to that one-time password data will be generated within the period that that one-time password data is valid.
  • This level of uniqueness of the one-time password data can be mathematically guaranteed, although it depends on the method used to generate the one-time password data. We stated earlier that "One-time passwords are essentially unique.” The meaning of "essentially” in this sentence is as explained in this paragraph.
  • the control unit 222 receives data on the result of the OTP judgment. If the result of the OTP judgment is negative, the control unit 222 performs the process described below. If the result of the OTP judgment is positive, the control unit 222 sends the previously received personal information data to the personal information judgment unit 225.
  • the personal information judgment unit 225 receives the user ID data from the OTP judgment unit 224 around the time of receiving the personal information data from the control unit 222. In this embodiment, the personal information judgment unit 225 executes personal information judgment upon receiving the user ID data and the personal information data.
  • the personal information determination unit 225 executes the personal information determination as follows. As described above, the personal information determination unit 225 receives user ID data from the OTP determination unit 224 and personal information data from the control unit 222.
  • the personal information determination unit 225 searches the personal information recording unit 226 to find data for a user ID that matches the received user ID data. The personal information determination unit 225 then determines whether the personal information data associated with the found user ID data matches the personal information data received from the control unit 222. If the personal information data sent from the requesting device 300 matches the personal information data recorded in the personal information recording unit 226 in association with the user ID associated with the personal information data, the personal information determination unit 225 determines the result of the personal information determination as positive. On the other hand, if the two pieces of personal information data do not match, the personal information determination unit 225 determines the result of the personal information determination as negative.
  • the user identified by the user ID data received by personal information determination unit 225 prior to performing the personal information determination is the user ID data of the user who provided the personal information data sent from requesting device 300 to requesting device 300, unless there is any particular fraud. Therefore, the fact that the personal information data sent from requesting device 300 matches the personal information data recorded in personal information recording unit 226 in association with the user ID associated with that personal information data means that the personal information provided by the user to the city hall that operates requesting device 300 is correct, although of course this is premised on the fact that the personal information data, including the user ID, recorded in personal information recording unit 226 is guaranteed to be correct. Therefore, there is legitimacy in personal information determination unit 225 making a positive or negative determination in each of the above cases.
  • the personal information data received by the personal information determination unit 225 is “111aaaa.”
  • the personal information data received by the personal information determination unit 225 in association with the user ID is the personal information data corresponding to the user's name, address, and date of birth written on the application form.
  • the personal information (name, address, date of birth) identified by the personal information data received by the personal information determination unit 225 matches the personal information data for name, address, and date of birth recorded in the personal information recording unit 226 in a state linked to the user ID "111aaaa,” the result of the personal information determination will be positive.
  • the personal information determination unit 225 determines the result of the personal information determination to be positive.
  • the personal information determination unit 225 determines the result of the personal information determination to be negative.
  • the personal information determination unit 225 sends data indicating the result of the personal information determination obtained by performing the personal information determination to the control unit 222, regardless of whether the result of the determination is positive or negative.
  • the control unit 222 As a result, data on the result of the OTP judgment from the OTP judgment unit 224 and data on the result of the personal information judgment from the personal information judgment unit 225 are sent to the control unit 222 . If the data on the results of these two determinations are both positive, the control unit 222 generates authentication data (S1208).
  • the authentication data indicates that the personal information data sent from the requesting device 300 to the authentication device 200 for authentication is correct as the personal information data of the user for whom the authentication device 200 performed personal authentication prior to receiving the personal information data. In other words, the authentication data indicates that the personal information data sent from the requesting device 300 is valid.
  • the control unit 222 if at least one of the data on the results of these two determinations is negative, the control unit 222 generates denial data (S1208).
  • the denial data indicates that the personal information data sent from the requesting device 300 to the authentication device 200 for authentication is not correct as the personal information data of the user for whom the authentication device 200 performed personal authentication prior to receiving the personal information data. Neither the authentication data nor the denial data contains any personal information about the user, nor any information that could lead to the identification of the user's personal information.
  • the control unit 222 sends the generated authentication data or denial data to the output unit 227.
  • the authentication data or denial data is sent via the output unit 227 to the transmission/reception mechanism, and then transmitted from the transmission/reception mechanism via the network 400 to the requesting device 300 that sent the personal information data that triggered the generation of the authentication data or denial data (S1209).
  • the requesting device 300 receives the authentication data or denial data via its transmission/reception mechanism (S1303).
  • the authentication data or denial data is sent from the transmitting/receiving mechanism in the requesting device 300 to the control unit 322 via the interface.
  • the control unit 322 is adapted to send the authentication data or the denial data to the image generation unit 323 .
  • Image generation unit 323 generates image data for displaying on a display an image indicating whether the data received by requesting device 300 from authentication device 200 was authentication data or denial data.
  • image generation unit 323 generates image data for displaying on a display an image indicating that the data received by requesting device 300 from authentication device 200 is authentication data
  • image generation unit 323 generates image data for displaying on a display an image indicating that the data received by requesting device 300 from authentication device 200 is denial data.
  • the image generation unit 323 sends the generated image data to the output unit 324 .
  • the image data sent to the output unit 324 is sent from the output unit 324 to the display via an interface. An image based on the image data generated by the image generation unit 323 is displayed on the display.
  • the image indicates whether the data received by requesting device 300 from authentication device 200 is authentication data or denial data. For example, if the data received by requesting device 300 from authentication device 200 is authentication data, the image may be an image containing the words "Authenticated” or only such words, and if the data received by requesting device 300 from authentication device 200 is denial data, the image may be an image containing the words "Not Authenticated” or only such words.
  • the personal information determination unit 225 determines the result of the personal information determination as positive only if all of the sent personal information data are valid, and determines the result of the personal information determination as negative only if at least one of the personal information data is invalid. In other words, when multiple pieces of personal information data are sent from the requesting device 300 to the authentication device 200 to request authentication of personal information, the personal information determination is performed on all of the multiple pieces of personal information data as a whole.
  • the personal information determination unit 225 of the authentication device 200 may be configured to perform a personal information determination on each of the personal information data about the user's name, address, and date of birth. In this case, the personal information determination unit 225 outputs a determination result for each piece of personal information data.
  • the image displayed on the display of requesting device 300 will be an image that allows the user to understand that, for example, the name, address, and date of birth are "authenticated” or "not authenticated.” There is no need to explain that such image data is generated by image generating unit 323, and that the data required for image generating unit 323 to generate such image data is sent from control unit 322 to image generating unit 323.
  • the user may hand over one piece of personal information (or personal information data) to the city hall, or multiple pieces of personal information may be delivered.
  • the personal information delivered by the user to the city hall may also include a user ID.
  • the user ID is the user's personal information.
  • the authentication device 200 verifies the authenticity of the user ID delivered by the user to the city hall, in response to a request from the request device 300. It is also possible that the user delivers only one piece of personal information to the city hall, and that this single piece of personal information is the user ID. In this case, the authenticity of the user ID is verified by the authentication device 200. This verification is an authentication of the personal information, and at the same time, serves as a confirmation of the user's identity.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

La présente invention résout un problème lié au vol d'informations personnelles d'un utilisateur en raison du vol d'un numéro commun unique attribué à l'utilisateur. Un terminal utilisateur génère des données de mot de passe à usage unique (S1104). L'utilisateur transfère les données de mot de passe à usage unique et les informations personnelles à un dispositif de demande (S1106, S1301). Le dispositif de demande transmet les données de mot de passe à usage unique et les informations personnelles au dispositif d'authentification de l'invention (S1302, S1206). Le dispositif d'authentification génère des données de mot de passe à usage unique (S1205). Lorsqu'il est déterminé que les données de mot de passe à usage unique et les informations personnelles sont valides (S1207), le dispositif d'authentification génère des données d'authentification et les transmet au dispositif de demande (S1208, S1209, S1303).
PCT/JP2025/028658 2024-08-14 2025-08-14 Dispositif d'authentification et procédé et programme informatique associés Pending WO2026038570A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2024-135430 2024-08-14
JP2024135430A JP2026032677A (ja) 2024-08-14 2024-08-14 認証装置、方法、コンピュータプログラム

Publications (1)

Publication Number Publication Date
WO2026038570A1 true WO2026038570A1 (fr) 2026-02-19

Family

ID=98780649

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2025/028658 Pending WO2026038570A1 (fr) 2024-08-14 2025-08-14 Dispositif d'authentification et procédé et programme informatique associés

Country Status (2)

Country Link
JP (1) JP2026032677A (fr)
WO (1) WO2026038570A1 (fr)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2015072511A (ja) * 2013-10-01 2015-04-16 さくら情報システム株式会社 ワンタイムパスワード装置、方法及びプログラム
JP2019219780A (ja) * 2018-06-18 2019-12-26 Necソリューションイノベータ株式会社 個人情報管理システム、サービス提供システム、方法およびプログラム

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2015072511A (ja) * 2013-10-01 2015-04-16 さくら情報システム株式会社 ワンタイムパスワード装置、方法及びプログラム
JP2019219780A (ja) * 2018-06-18 2019-12-26 Necソリューションイノベータ株式会社 個人情報管理システム、サービス提供システム、方法およびプログラム

Also Published As

Publication number Publication date
JP2026032677A (ja) 2026-02-27

Similar Documents

Publication Publication Date Title
US7552467B2 (en) Security systems for protecting an asset
US20150193610A1 (en) Automatic pin creation using password
TW201238315A (en) Method and system for abstrcted and randomized one-time use passwords for transactional authentication
US11631079B2 (en) Settlement system, user terminal and method executed therein, settlement device and method executed therein, and program
WO2018092809A2 (fr) Terminal utilisateur, procédé et programme informatique
KR101267229B1 (ko) 입력패턴을 이용한 인증 방법 및 시스템
CN106233359B (zh) 服务器系统、通信系统、通信终端装置以及通信方法
US20110119746A1 (en) Identity Verification Method and Network Device for Implementing the Same
CA2571666A1 (fr) Stockage et transfert de donnees d'identite et de renseignements personnels proteges
JP5651742B1 (ja) パスワードの入力方法、入力端末、及び入力システム
US7715560B2 (en) Systems and methods for hiding a data group
JP7493182B2 (ja) デジタル印鑑システム、デジタル印鑑システムのプログラム
JP3639811B2 (ja) 本人認証方法。
WO2026038570A1 (fr) Dispositif d'authentification et procédé et programme informatique associés
WO2019031487A2 (fr) Système d'émission de données de monnaie virtuelle, terminal d'utilisateur, dispositif de gestion, procédé, et programme d'ordinateur
CN114511321A (zh) 基于点对点的数据处理方法、系统、计算设备及存储介质
US20190080301A1 (en) Settlement system, user terminal and method executed by same, settlement device and method executed by same, and program
WO2026038569A1 (fr) Dispositif d'authentification et procédé et programme informatique associés
JP2019036139A (ja) データ構造、送信装置、受信装置、決済装置、方法、コンピュータプログラム
JP2010079823A (ja) 個人識別システム
JP6191406B2 (ja) 情報処理装置、及びプログラム
JP4623293B2 (ja) 個人パスワード管理方法、個人パスワード連想支援装置、個人パスワード連想支援プログラム、個人パスワード管理システム
WO2018084283A1 (fr) Coupon de paiement
TWM663218U (zh) 驗證系統
JP6005890B1 (ja) サーバシステム、通信システム、通信端末装置、プログラム及び通信方法

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 25854433

Country of ref document: EP

Kind code of ref document: A1