| 摘要 |
There is provided person oneself authenticating means for authentication of a user, which is highly secure and realizable by functions ordinarily provided by a PC, mobile phone, etc., and which is less burdensome than typical user authentication key management and authentication operations. Sound or an image is adopted as an authentication key for person oneself authentication. Authentication data is edited by combining an authentication key, which is selected by a registered user, and sound or an image that is other than the authentication key, and the authentication data is continuously reproduced in a user terminal. A time in which a user has discriminated the authentication key from the reproduced audio or video is compared with a time in which the authentication key should normally be discriminated, which is specified from the authentication data. When both times agree, the user is authenticated as a registered user. |
| 主权项 |
1. A person oneself authenticating method for authenticating, in a transaction system, whether a user who has accessed the transaction system from a terminal device is a registered user, comprising:
an authentication request accepting step of accepting, by the transaction system, an authentication request by the user who has accessed from the terminal device; an authentication data creating step of selecting, by the transaction system, at least one authentication key from an authentication key list of the user whose authentication request is accepted, the authentication key list being stored in an authentication key list memory unit that stores an authentication key, which is selected by the registered user, as the authentication key list, combining at least a part of authentication key data of the authentication key and at least a part of key data of one or two or more keys, which are not included in the authentication key list, thereby creating authentication data which is continuously reproduced; an authentication data transmission step of transmitting, by the transaction system, the authentication data to the terminal device; an authentication information reception step of receiving, by the transaction system, authentication information which is generated by an authenticating action which is performed by the user on the terminal device while the authentication data in the terminal device is reproduced, wherein the received authentication information is a string of binary data; and an authentication information collation step of collating, by the transaction system, a first string of the binary data of the received authentication information with a second string of binary data specified from normal authentication information which is specified from the authentication data, thereby determining whether the user is an authenticated person, wherein each of the authentication key data and the key data, which are used in the authentication data creating step, is sound source data or image data, which varies with time in a time period of reproduction, wherein the first string of binary data represents the time period specifying at least one time period during which an authentic action is performed and the second string of binary data represents a time period in which the authentication key should be reproduced, which is specified from the authentication data, wherein the first string of binary data is created by creating sequence data composed of first bit strings by dividing strings of bits recorded in the authentication information at the position corresponding to the points of time of the change of reproduction of the authentication key or the key, creating the first strings of binary data by deleting one or more bits from the beginning of each of the first bit strings in the sequence data, wherein the number of bits deleted corresponding to a grace time, wherein the grace time is set for each individual user by a total volume of a time that is needed for the user to determine a change of the key, by setting initial values considering the age or skill and subsequently updating the initial values each time the authentication is executed, and wherein the authentication information collation step determines whether the created first bit strings are collated with second bit strings, corresponding to the first bit strings, of the normal authentication information or not, respectively, and to collate one or more last bits of the created first bit strings which are not collated with the second bit strings with the second bit strings, respectively, when the created first bit strings are not collated with second bit strings. |
