Reader, authentication system, and method

Abstract

To provide high-security authentication for portable electronic devices at a low cost. [Solution] The reading device comprises at least one of a terminal and an antenna, an interface, and a processor. The terminal and antenna are connected to a portable electronic device. The interface communicates wirelessly with an information terminal when connected to a portable electronic device via the terminal or antenna. The processor obtains a biometric authentication result from the information terminal by transmitting a biometric authentication request signal to the information terminal using the interface, and performs processing according to the obtained biometric authentication result.

Description

【Technical Field】 , , 【0006】 , , 【0005】 , , 【0001】 Embodiments of the present invention relate to a reading device, an authentication system, and a method. 【Background Art】 【0002】 Conventionally, when using a portable electronic device with information registered therein, such as an IC card, measures against unauthorized use have been attempted by asking the user to enter a password. 【0003】 However, there is a risk of leakage of the password, and if this risk becomes apparent, there is a possibility of leakage of information that can identify an individual or personal information itself. And if the password is leaked, the IC card can be used by others than the owner, which may affect not only the card owner but also various related parties. 【Prior Art Documents】 【Patent Documents】 【0004】 【Patent Document 1】 Japanese Patent Translation of PCT No. 2024-502438 【Summary of the Invention】 【Problems to be Solved by the Invention】<000L025><OOOOL26> 【0005】 One countermeasure against the above problems is biometric authentication. For example, an IC card equipped with a biometric authentication function can be identified as a transaction by the user with very high accuracy because it authenticates with biometric information that only the user can possess. However, this method has a problem in that it is necessary to mount a sensor for biometric authentication on the IC card, which increases the cost for manufacturing and distribution. 【0006】 Embodiments of the present invention have been made in view of the above circumstances, and an object thereof is to achieve high-security authentication for a portable electronic device at low cost. 【Means for Solving the Problems】 【0007】 The reading device of the embodiment comprises at least one of a terminal and an antenna, an interface, and a processor. The terminal and antenna are connected to a portable electronic device. The interface, when connected to the portable electronic device via the terminal or antenna, performs wireless communication with an information terminal. The processor obtains a biometric authentication result from the information terminal by transmitting a biometric authentication request signal to the information terminal using the interface, and performs processing according to the obtained biometric authentication result. [Brief explanation of the drawing] 【0008】 [Figure 1] Figure 1 is a schematic diagram showing an example of the configuration of an authentication system according to the first embodiment. [Figure 2] Figure 2 is a block diagram showing an example of the configuration of an IC card processing device according to the first embodiment. [Figure 3] Figure 3 is a block diagram showing an example of the configuration of a card reader / writer according to the first embodiment. [Figure 4] Figure 4 is a block diagram showing an example of the configuration of an IC card according to the first embodiment. [Figure 5] Figure 5 is a block diagram showing an example of the configuration of an information terminal according to the first embodiment. [Figure 6] Figure 6 is a sequence diagram showing an example of the flow of the pre-registration process for authentication according to the first embodiment. [Figure 7] Figure 7 is a sequence diagram showing an example of the authentication process flow according to the first embodiment. [Figure 8] Figure 8 is a sequence diagram showing an example of the authentication process flow according to the second embodiment. [Figure 9] Figure 9 is a sequence diagram showing an example of the authentication process flow according to the third embodiment. [Modes for carrying out the invention] 【0009】 The embodiments will be described below with reference to the drawings. In the following descriptions of each embodiment and modified example, parts denoted by the same reference numerals have substantially the same function, and the description of overlapping parts will be omitted as appropriate. 【0010】 (First embodiment) Figure 1 is a schematic diagram showing an example of the configuration of the authentication system S according to the first embodiment. 【0011】 The authentication system S comprises an IC (Integrated Circuit) card processing unit 1, a card reader / writer 2, an IC card 3 as a portable electronic device, and an information terminal 4. 【0012】 The information terminal 4 is a portable electronic device owned by the owner of the IC card 3. In this embodiment, the owner of the IC card 3 is also referred to as the user. In this embodiment, "ownership" includes the state of being on loan. That is, the IC card 3 and the information terminal 4 may be the user's private property, or they may be loaned to the user by a company or other entity that has an authentication system S. 【0013】 The authentication system S may be installed, for example, near a security gate and used to control the opening and closing of the security gate. The security gate is, for example, a gate through which only pre-authorized users are allowed to pass. The IC card 3 stores the identification information of the user authorized to pass through the security gate, and the card reader / writer 2 reads this identification information from the IC card 3 and transmits it to the IC card processing device 1. The information terminal 4 also has a biometric authentication function. The authentication system S maintains security through multi-factor authentication, in which the card reader / writer 2 reads the identification information from the IC card 3 when the biometric authentication is successful. 【0014】 Also, each user who wishes to pass through the security gate inserts or touches the IC card 3 into / onto the card reader / writer 2 one by one. The vicinity of the security gate is restricted from entry by other gates or doors, etc. While a user inserts or touches the IC card 3 into / onto the card reader / writer 2 and biometric authentication is being performed by the information terminal 4, other users shall not enter within a specified distance from the card reader / writer 2. Other users are the owners of IC cards and information terminals different from the IC card 3 and the information terminal 4 during the authentication process. The specified distance is, for example, the connectable distance in the wireless communication standard used for the communication connection between the card reader / writer 2 and the information terminal 4. Details of the communication connection between the card reader / writer 2 and the information terminal 4 will be described later. 【0015】 Figure 2 is a block diagram showing an example of the configuration of the IC card processing device 1 according to the first embodiment. 【0016】 The IC card processing device 1 is an information processing device such as a PC (Personal Computer) or a mobile terminal, for example. The IC card processing device 1 is communicably connected to the card reader / writer 2 by a wired connection such as a cable, for example. Note that the connection means between the IC card processing device 1 and the card reader / writer 2 is not particularly limited and may be a wireless connection. 【0017】 The IC card processing device 1 includes a processor 11, a ROM (Read-Only Memory) 12, a RAM (Random-Access Memory) 13, an auxiliary storage unit 14, an input unit 15, an output unit 16, and a communication unit 17. 【0018】 The processor 11 is typically a CPU (Central Processing Unit) and / or a GPU (Graphics Processing Unit), but may also be a microcontroller, an FPGA (Field Programmable Gate Array), or a DSP (Digital Signal Processor), etc. 【0019】 By executing programs such as system software, application software, or firmware stored in at least one of the ROM 12 and the auxiliary storage unit 14, the processor 11 can realize various functions of the IC card processing device 1. Note that the IC card processing device 1 may combine two or more processors 11 and execute various processes through the cooperation of these two or more processors. 【0020】 By executing the above program, the processor 11 has functions such as transmitting various signals to the IC card 3 via the card reader / writer 2, acquiring various signals received from the IC card 3, and executing processes based on requests from the IC card 3. 【0021】 For example, the processor 11 may acquire the identification information stored in the IC card 3 from the IC card 3 via the card reader / writer 2 and execute a process of opening the security gate when the identification information is the identification information of a user permitted to pass through the security gate. 【0022】 More specifically, when the biometric authentication result by the information terminal 4 is successful, the processor 11 determines whether the identification information acquired from the IC card 3 via the card reader / writer 2 is the identification information of a user permitted to pass through the security gate. When the identification information acquired from the IC card 3 is the identification information of a user permitted to pass through the security gate, the processor 11 executes a process of opening the security gate. The process of determining whether the identification information acquired from the IC card 3 is the identification information of a user permitted to pass through the security gate and the process of opening the security gate are each an example of a normal process in the IC card processing device 1. 【0023】 Furthermore, for example, the processor 11 may control the output unit 16 to output an error if the biometric authentication result from the information terminal 4 is unsuccessful, or if the identification information obtained from the IC card 3 via the card reader / writer 2 is not the identification information of a user authorized to pass through the security gate. The error may be output by displaying it on a screen or by outputting an audio signal. 【0024】 ROM12 is a read-only non-volatile memory that corresponds to the main memory portion of the processor 11, which is equivalent to a computer. ROM12 stores programs such as operating systems or application software. It also stores data used by the processor 11 in performing various processes. 【0025】 RAM13 is a volatile memory that corresponds to the main memory portion of the processor 11, which is equivalent to a computer. RAM13 is used as a so-called work area to store data that the processor 11 temporarily uses when performing various processes. 【0026】 The auxiliary storage unit 14 corresponds to the auxiliary storage portion of the processor 11, which is equivalent to a computer. The auxiliary storage unit 14 is, for example, an EEPROM (registered trademark) (Electric Erasable Programmable Read-Only Memory), an HDD (Hard Disk Drive), or an SSD (Solid State Drive). The auxiliary storage unit 14 may also store part or all of the above program. In addition, the auxiliary storage unit 14 stores data used by the processor 11 in performing various processes, data generated by various processes performed by the processor 11, or various setting values. 【0027】 For example, the auxiliary storage unit 14 stores the identification information of users who are permitted to pass through the security gate. 【0028】 ROM 12 and auxiliary storage unit 14 are non-temporary computer-readable storage media. The IC card processing device 1 may be transferred with the above program stored in it, or it may be transferred without the above program stored in it. In the latter case, the IC card processing device 1 reads the above program stored in a removable storage medium such as an optical disc or semiconductor memory, and writes the read program to the auxiliary storage unit 14, etc. The IC card processing device 1 downloads the above program via a network, etc., and writes the downloaded program to the auxiliary storage unit 14, etc. 【0029】 The input unit 15 may include a user interface such as a mouse, keyboard, or numeric keypad for receiving input commands from the operator and administrator of the IC card processing device 1, as well as various sensors such as a microphone or touch panel. 【0030】 The output unit 16 is, for example, a device that displays various information under the control of the processor 11, and includes a display or the like. The output unit 16 may also be equipped with an audio output means, such as a speaker, to audibly supply information to the operator and administrator of the IC card processing device 1. The input unit 15 and the output unit 16 may be integrally formed as, for example, a touchscreen. 【0031】 The communication unit 17 is connected to other devices via wired or wireless communication. For example, the communication unit 17 may be an interface that connects to the card reader / writer 2 via a cable or the like. Alternatively, the communication unit 17 may be connected to the information terminal 4. Furthermore, the communication unit 17 may send and receive information from external sources via a network such as the Internet. 【0032】 Next, we will explain the configuration of card reader / writer 2. 【0033】 Figure 3 is a block diagram showing an example of the configuration of a card reader / writer 2 according to the first embodiment. The card reader / writer 2 reads and writes data to and from the IC card 3. In other words, the card reader / writer 2 is an interface device that mediates the transmission and reception of information between the IC card processing device 1 and the IC card 3. The card reader / writer 2 is an example of a reading device in this embodiment. 【0034】 The card reader / writer 2 includes a processor 21, ROM 22, RAM 23, non-volatile memory 24, antenna 25, contact terminals 26, interface 27, and communication unit 28, etc. 【0035】 The processor 21 is typically a CPU and / or GPU, but may also be a microcontroller, FPGA, or DSP. The processor 21 can realize various functions of the card reader / writer 2 by executing programs such as system software, application software, or firmware stored in at least one of the ROM 22 and the non-volatile memory 24. The card reader / writer 2 may also be configured to perform various processes by combining two or more processors 21 and having these two or more processors cooperate. 【0036】 More specifically, the processor 21 obtains a biometric authentication result from the information terminal 4 by sending a biometric authentication request signal to the information terminal 4 using the interface 27 described later, and then performs processing according to the obtained biometric authentication result. 【0037】 For example, if the biometric authentication result from the information terminal 4 is successful, the processor 21 transmits the identification information obtained from the IC card 3 to the IC card processing device 1. This transmission of identification information is an example of normal processing in the card reader / writer 2. Alternatively, if the biometric authentication result from the information terminal 4 is unsuccessful, the processor 21 may transmit an error signal to the IC card processing device 1. 【0038】 ROM22 is a read-only non-volatile memory that corresponds to the main memory portion of the processor 21, which is equivalent to a computer. ROM22 stores various programs necessary for the card reader / writer 2 to operate. ROM22 also stores data used by the processor 21 in performing various processes. 【0039】 RAM23 is a volatile memory that corresponds to the main memory portion of the processor 21, which is equivalent to a computer. RAM23 is used as a so-called work area to store data that the processor 21 temporarily uses when performing various processes. 【0040】 The non-volatile memory 24 corresponds to the auxiliary storage portion of the processor 21. The non-volatile memory 24 is, for example, an EEPROM (registered trademark). The non-volatile memory 24 may store part or all of the above program. In addition, the non-volatile memory 24 stores data used by the processor 21 in performing various processes, data generated by various processes performed by the processor 21, or various setting values. 【0041】 Furthermore, the non-volatile memory 24 stores pairing information through a pairing process between the card reader / writer 2 and the information terminal 4. The pairing process is a configuration process that allows the card reader / writer 2 to establish a communication connection with the information terminal 4 via the interface 27 described later. Through this pairing process, the card reader / writer 2 and the information terminal 4 mutually acquire and store each other's pairing information. 【0042】 The pairing information is the identification information of the information terminal 4 after the pairing authentication process has been completed. For example, the pairing information stored in the non-volatile memory 24 includes the unique identifier of the information terminal 4, the pairing time, the number of pairing attempts, etc. The non-volatile memory 24 also has a pairing code of 6 digits or any number of digits pre-stored in it. The pairing code may be set by the user or administrator before the first use in the IC card processing device 1, for example, or it may be set in advance on the information terminal 4 by the user. 【0043】 Furthermore, the non-volatile memory 24 stores the biometric authentication results transmitted from the information terminal 4. The biometric authentication results only need to include information indicating at least approval (success) or denial (failure), and biometric information stored in the information terminal 4, as described later, is not included in the biometric authentication results. When storing the acquired biometric authentication results, the non-volatile memory 24 may overwrite the previous biometric authentication result, or it may maintain a history of at least two or more biometric authentication results. The biometric authentication results may also be stored in the RAM 23. 【0044】 Note that ROM22, RAM23, and non-volatile memory24 are examples of memory. 【0045】 The antenna 25 connects to and communicates with the IC card 3 via contactless means when the IC card 3 is a contactless type. The contactless communication method between the card reader / writer 2 and the IC card 3 can be any known communication standard and is not particularly limited. A contactless IC card 3 can communicate with the antenna 25 of the card reader / writer 2 by, for example, touching the outside of the casing of the card reader / writer 2. Note that "touching" includes not only touching the outside of the casing but also approaching within a specified distance from the casing (in other words, the user holding the IC card 3 over the outside of the casing of the card reader / writer 2). 【0046】 The contact terminal 26 makes contact with the terminals of the card reader / writer 2 when the IC card 3 is inserted into the card reader / writer 2, if the IC card 3 is a contact type. The contact terminal 26 is provided, for example, in an insertion slot provided in the housing of the card reader / writer 2. The contact terminal 26 supplies power to the IC card 3 and transmits and receives data with the IC card 3. The contact terminal 26 is an example of a terminal in this embodiment. 【0047】 The connection between the IC card 3 and the card reader / writer 2 can be contactless, contact, or a combination type that integrates both. When the IC card 3 is a combination type (combined type), the card reader / writer 2 communicates by physically and electrically connecting to the combination type IC card 3 via the contact terminals 26 and the antenna 25. In Figure 2, the card reader / writer 2 is shown as an example with both the antenna 25 and the contact terminals 26, but if the card reader / writer 2 supports only either contactless or contact type, it is sufficient to have only one of the antenna 25 or the contact terminals 26. 【0048】 Interface 27 communicates wirelessly with the information terminal 4 using a communication method compliant with a predetermined communication standard. For example, Interface 27 communicates wirelessly with the information terminal 4 using Bluetooth® as the communication standard. However, the communication standard is not limited to this, and Zigbee® or NFC (Near Field Communication) may also be used. 【0049】 For example, interface 27 uses Bluetooth® to receive information from information terminal 4 and transmits the received information to the configuration within card reader / writer 2. Interface 27 also transmits the information received from the configuration within card reader / writer 2 to information terminal 4. 【0050】 Furthermore, under the control of the processor 21, interface 27 acquires pairing information through a pairing process with the information terminal 4 and stores it in the non-volatile memory 24. Also, when the card reader / writer 2 connects to the IC card 3 via the contact terminal 26 or antenna 25, interface 27 reads the pre-registered pairing information from the non-volatile memory 24, connects to the information terminal 4, and performs wireless communication. For example, when interface 27 receives a pairing request signal from the information terminal 4, it sends a pairing response signal to the information terminal 4. 【0051】 The communication unit 28 is connected to other devices via wired or wireless communication. The communication unit 28 may also be an interface that connects to the IC card processing device 1 via a cable or the like. Alternatively, the communication unit 28 may send and receive information from external sources via a network such as the Internet. 【0052】 In Figure 2, the connection between the card reader / writer 2 and the information terminal 4 is shown to be made by interface 27, and the connection between the card reader / writer 2 and the IC card processing device 1 is made by the communication unit 28. However, the connection between the card reader / writer 2, the information terminal 4, and the IC card processing device 1 may be achieved by the same interface. 【0053】 Next, we will explain the configuration of IC card 3. 【0054】 Figure 4 is a block diagram showing an example of the configuration of the IC card 3 according to the first embodiment. 【0055】 Figure 4 shows a contact-type IC card as an example of an IC card 3. The IC card 3 comprises, for example, a processor 31, a ROM 32, a RAM 33, a non-volatile memory 34, a coprocessor 35, and contact terminals 36. 【0056】 If the IC card 3 is contactless, it may be equipped with an antenna instead of the contact terminals 36. Also, although the example shown in Figure 4 does not have wireless communication functionality, the IC card 3 may be equipped with a wireless communication interface. 【0057】 The processor 31 is typically a CPU and / or GPU, but may also be a microcontroller, FPGA, or DSP, etc. 【0058】 The processor 31 can realize various functions of the IC card 3 by executing programs such as system software, application software, or firmware stored in at least one of the ROM 32 and the non-volatile memory 34. The IC card 3 may also be configured to use two or more processors 31 in combination, with the cooperation of these two or more processors to perform various processes. 【0059】 ROM32 is a read-only non-volatile memory that corresponds to the main memory portion of the processor 31, which is equivalent to a computer. ROM32 stores programs such as operating systems or application software. It also stores data used by the processor 31 in performing various processes. 【0060】 RAM33 is a volatile memory that corresponds to the main memory portion of the processor 31, which is equivalent to a computer. RAM33 is used as a so-called work area to store data that the processor 31 temporarily uses when performing various processes. 【0061】 The non-volatile memory 34 corresponds to the auxiliary storage portion of the processor 31. The non-volatile memory 34 is, for example, an EEPROM (registered trademark). The non-volatile memory 34 may store part or all of the above program. In addition, the non-volatile memory 34 stores data used by the processor 31 in performing various processes, data generated by various processes performed by the processor 31, or various setting values. 【0062】 ROM 32 and non-volatile memory 34 are non-temporary computer-readable storage media. IC card 3 may be transferred with the above program stored on it, or it may be transferred without the above program stored on it. In the latter case, IC card 3 reads the above program stored on a removable storage medium such as an optical disc or semiconductor memory, or downloads the above program via a network or the like, and writes the read or downloaded program to the non-volatile memory 34 of IC card 3. 【0063】 The coprocessor 35 receives calculation commands from the processor 31 and outputs the calculation results calculated based on those calculation commands to the processor 31. 【0064】 The contact terminal 36 receives power from the IC card processing device 1 or the card reader / writer 2 when the IC card 3 is inserted into the card reader / writer 2 and makes contact with the terminals of the card reader / writer 2. The contact terminal 36 also transmits and receives information with the card reader / writer 2. 【0065】 Next, we will explain the configuration of information terminal 4. 【0066】 Figure 5 is a block diagram showing an example of the configuration of an information terminal 4 according to the first embodiment. The information terminal 4 is an electronic device such as a computer, and may be, but is not limited to, a television receiver (including internet television), a PC (Personal Computer), a mobile terminal (e.g., a tablet, smartphone, laptop, feature phone, digital music player, e-book reader, smartwatch, etc.), a game console (home game console, portable game console), a VR (Virtual Reality) terminal, an AR (Augmented Reality) terminal, etc. 【0067】 In this embodiment, the information terminal 4 is, for example, a smartphone and comprises a processor 41, a ROM 42, a RAM 43, an auxiliary storage unit 44, an input unit 45, an output unit 46, a communication unit 47, and a biometric information acquisition unit 48. 【0068】 The processor 41 is typically a CPU and / or GPU, but may also be a microcontroller, FPGA, or DSP, etc. 【0069】 The processor 41 can realize various functions of the information terminal 4 by executing programs such as system software, application software, or firmware stored in at least one of the ROM 42 and the auxiliary storage unit 44. The information terminal 4 may also be configured to use two or more processors 41 in combination, with the cooperation of these two or more processors to perform various processes. 【0070】 The processor 41, by executing the above program, has the function of causing various signals to be transmitted to the IC card 3 using a communication method compliant with a predetermined communication standard, acquiring various signals received from the IC card 3, and executing processing based on requests from the IC card 3. 【0071】 ROM 42 is a read-only non-volatile memory that corresponds to the main memory portion of the processor 41, which is equivalent to a computer. ROM 42 stores programs such as operating systems or application software. It also stores data used by the processor 41 in performing various processes. 【0072】 RAM43 is a volatile memory that corresponds to the main memory portion of the processor 41, which is equivalent to a computer. RAM43 is used as a so-called work area to store data that the processor 41 temporarily uses when performing various processes. 【0073】 The auxiliary storage unit 44 corresponds to the auxiliary storage portion of the processor 41, which is equivalent to a computer. The auxiliary storage unit 44 is, for example, an EEPROM (registered trademark), an HDD, or an SSD. The auxiliary storage unit 44 may store part or all of the above program. In addition, the auxiliary storage unit 44 stores data used by the processor 41 in performing various processes, data generated by various processes performed by the processor 41, or various setting values. 【0074】 The auxiliary storage unit 44 stores pairing information through a pairing process with the card reader / writer 2. For example, the pairing information stored in the auxiliary storage unit 44 includes the unique identifier of the IC card 3, the pairing time, the number of pairing attempts, and so on. 【0075】 Furthermore, the auxiliary storage unit 44 pre-stores the biometric information of the owner of the information terminal 4. This biometric information includes, for example, the owner's face, iris, ear, voiceprint, palm print, fingerprints, etc., which are acquired by the biometric information acquisition unit 48, which will be described later. In this embodiment, the owner of the information terminal 4 is assumed to be the same person as the owner of the IC card 3. 【0076】 ROM 42 and auxiliary storage unit 44 are non-temporary computer-readable storage media. The information terminal 4 may be transferred with the above-mentioned program stored in it, or it may be transferred without the above-mentioned program stored in it. In the latter case, the information terminal 4 reads the above-mentioned program stored in a removable storage medium such as an optical disc or semiconductor memory, or downloads the above-mentioned program via a network, etc., and writes the read or downloaded program to the auxiliary storage unit 44 of the information terminal 4. Note that ROM 42, RAM 43, and auxiliary storage unit 44 are examples of memory. 【0077】 The input unit 45 may include a user interface such as a mouse, keyboard, or numeric keypad for receiving input commands from the owner of the information terminal 4, as well as various sensors such as a microphone or touch panel. 【0078】 The output unit 46 is, for example, a device that displays various information under the control of the processor 41, and includes a display or the like. The output unit 46 may also be equipped with an audio output means that provides information audibly to the owner of an information terminal such as a speaker. The input unit 45 and the output unit 46 may be formed integrally. 【0079】 The communication unit 47, under the control of the processor 41, receives information from the card reader / writer 2, transmits the received information to the configuration within the information terminal 4, and transmits the received information from the configuration within the information terminal 4 to the card reader / writer 2. The communication unit 47 may also send and receive information from an external source via a network such as the Internet. The communication unit 47 may also be referred to as an interface. 【0080】 More specifically, the communication unit 47 communicates wirelessly with the card reader / writer 2 using a communication method compliant with a predetermined communication standard. For example, the communication unit 47 communicates wirelessly with the information terminal 4 using Bluetooth® as the communication standard. However, the communication standard is not limited to this, and Zigbee® or NFC (Near Field Communication) may also be used. 【0081】 The biometric information acquisition unit 48 is, for example, an in-camera or fingerprint sensor of a smartphone, and acquires the biometric information of the owner of the information terminal 4. The biometric information acquisition unit 48 acquires biometric information in response to a biometric authentication request signal received from the card reader / writer 2. More specifically, when the biometric information acquisition unit 48 receives a biometric authentication request signal from the card reader / writer 2, it acquires biometric information at the request of the processor 41. The situation in which biometric information is acquired is when the processor 41 performs a biometric information registration process or a biometric authentication process. 【0082】 For example, in the biometric information registration process, the processor 41 uses the biometric information acquisition unit 48 to acquire the selected biometric information and stores it in the auxiliary storage unit 44. The operating mode in which the information terminal 4 performs the biometric information registration process is called the biometric information registration mode. 【0083】 Furthermore, for example, in the biometric authentication process, the processor 41 uses the biometric information acquisition unit 48 to acquire the selected biometric information and store it in the RAM 43. It also determines the similarity between the biometric information previously stored in the auxiliary storage unit 44 during the biometric information registration mode and the biometric information acquired by the biometric information acquisition unit 48. The processor 41 generates and outputs a biometric authentication result based on the similarity. 【0084】 More specifically, if the processor 41 determines that the similarity between the biometric information stored in the auxiliary storage unit 44 and the biometric information acquired by the biometric information acquisition unit 48 is above a predetermined threshold, it generates information including approval (success) as a biometric authentication result and outputs it to the card reader / writer 2. On the other hand, if the processor 41 determines that the similarity between the biometric information stored in the auxiliary storage unit 44 and the biometric information acquired by the biometric information acquisition unit 48 is below a predetermined threshold, it generates information including denial (failure) as a biometric authentication result and outputs it to the card reader / writer 2. Note that known technologies can be used for the biometric information registration process and the biometric authentication process, and the specific processing content is not limited to the example described above. 【0085】 Furthermore, when the owner of the information terminal 4 initiates pairing mode, the processor 41 controls the communication unit 47 to send a pairing request signal to the card reader / writer 2. When the processor 41 receives a pairing response signal from the card reader / writer 2 within a predetermined time, it starts the pairing authentication process. 【0086】 The processor 41 controls the communication unit 47 to send a pairing code to the card reader / writer 2 and waits to receive a pairing authentication completion notification from the card reader / writer 2. When the processor 41 receives the pairing authentication completion notification from the card reader / writer 2 via the communication unit 47, it terminates the pairing authentication process and stores the pairing information, including the unique identifier of the card reader / writer 2, in the auxiliary storage unit 44. 【0087】 Next, we will explain the flow of the pre-registration process and authentication process performed by the authentication system S configured as described above. 【0088】 Figure 6 is a sequence diagram showing an example of the flow of the pre-registration process for authentication according to the first embodiment. In this pre-registration process, the card reader / writer 2 and the information terminal 4 are paired. The process shown in Figure 6 can be started at any time. 【0089】 First, when the IC card processing device 1 and the card reader / writer 2 are connected (S1), power is supplied from the IC card processing device 1 to the card reader / writer 2, and the card reader / writer 2 starts up (S2). 【0090】 The card reader / writer 2 notifies the IC card processing device 1 of its current status (S3). For example, if the card reader / writer 2 has not started up properly, it may notify the IC card processing device 1 that it is in an abnormal startup state. In this case, the IC card processing device 1 may display a screen to the operator or administrator notifying them of the abnormal startup state of the card reader / writer 2. Also, for example, if the card reader / writer 2 starts up properly, it notifies the IC card processing device 1 that it is in a normal startup state. 【0091】 When the IC card processing device 1 determines that the status notification from the card reader / writer 2 is normal, it waits in a state where it can receive identification information from the IC card 3 (S4). 【0092】 Furthermore, after normal startup, the card reader / writer 2 waits for IC card 3 to be inserted or touched. Insertion or touching of IC card 3 is referred to as acceptance of IC card 3 (S5). 【0093】 In Figure 6, as an example, an IC card 3 is inserted into the card reader / writer 2 (S6). 【0094】 Furthermore, when a user inserts an IC card 3 into the card reader / writer 2, the user and the information terminal 4 they possess are located within a distance from the card reader / writer 2 that allows for wireless communication. 【0095】 When the input unit 45 of the information terminal 4 receives an operation from the user to start pairing, the processor 41 of the information terminal 4 starts pairing (S7). 【0096】 When pairing is initiated, the processor 41 of the information terminal 4 controls the communication unit 47 to send a pairing request signal to the card reader / writer 2 (S8). 【0097】 When the processor 21 of the card reader / writer 2 receives a pairing request signal from the information terminal 4 via interface 27, it controls interface 27 to send a pairing response signal to the information terminal 4 (S9). 【0098】 When the communication unit 47 receives a pairing response signal from the card reader / writer 2 within a predetermined time, the processor 41 of the information terminal 4 starts the pairing authentication process (S10). Specifically, the processor 41 of the information terminal 4 controls the communication unit 47 to transmit the pairing code entered by the owner to the card reader / writer 2. 【0099】 Furthermore, the processor 21 of the card reader / writer 2 starts the pairing authentication process (S11) when it confirms that the information terminal 4 has received the pairing response signal, or when a certain period of time has elapsed. Specifically, the card reader / writer 2 retrieves the pairing code stored in the non-volatile memory 24 and determines whether the pairing code matches the pairing code transmitted from the information terminal 4. 【0100】 When the processor 21 of the card reader / writer 2 determines that the pairing code obtained from the non-volatile memory 24 matches the pairing code transmitted from the information terminal 4, it sends a pairing authentication completion notification to the information terminal 4 and terminates the pairing authentication process. Also, when the processor 41 of the information terminal 4 receives the pairing authentication completion notification from the card reader / writer 2, it terminates the pairing authentication process. 【0101】 Then, the processor 41 of the information terminal 4 stores pairing information, including the unique identifier of the IC card 3, in the auxiliary storage unit 44 (S12). Also, the processor 21 of the card reader / writer 2 stores pairing information, including the unique identifier of the information terminal 4, in the non-volatile memory 34 (S13). At this point, the pre-registration process for authentication is completed. 【0102】 Note that the order of processing S10 and S11, and the order of processing S12 and S13, may vary depending on the processing speed, etc., and may be reversed or performed simultaneously. Also, processing S1 to S3 only needs to be executed when the IC card processing device 1 and the card reader / writer 2 are connected. 【0103】 Furthermore, processes S6 to S13 only need to be executed when the card reader / writer 2 and the information terminal 4 are first connected. If there are multiple users to be authenticated, that is, if there are multiple IC cards 3 and information terminals 4 to be authenticated, processes S6 to S13 will be executed for each IC card 3 and information terminal 4. 【0104】 Furthermore, the processor 21 of the card reader / writer 2 may transmit a pairing response signal only when an IC card 3 is inserted into or touched to the card reader / writer 2. Alternatively, the processor 21 of the card reader / writer 2 may obtain identification information that can identify the IC card 3 from the inserted or touched IC card 3, and store this identification information in the non-volatile memory 24 in association with pairing information including the unique identifier of the information terminal 4. Or, during pairing, the administrator of the authentication system S may confirm that the owners of the IC card 3 and the information terminal 4 are the same person, and operate the IC card processing device 1 to grant permission for pairing to the card reader / writer 2. 【0105】 Figure 7 is a sequence diagram showing an example of the authentication process flow according to the first embodiment. It is assumed that the pre-registration process shown in Figure 6 has been completed before the start of the process shown in Figure 7. The pre-registration process shown in Figure 6 and the authentication process shown in Figure 7 may be executed consecutively or on separate days. 【0106】 At the start of the authentication process, the IC card processing device 1 is assumed to be waiting in a state where it can receive identification information from the IC card 3, similar to S4 in Figure 6 (S21). If the processes in Figures 6 and 7 are executed consecutively, the IC card processing device 1 continues in the state of S4. 【0107】 Furthermore, the card reader / writer 2 is operating normally and is waiting to receive the IC card 3, similar to S5 in Figure 6 (S22). 【0108】 In Figure 7, as an example, an IC card 3 is inserted into the card reader / writer 2 (S23). In this case, the user of the IC card 3 and the information terminal 4 possessed by the user are located within a distance from the card reader / writer 2 that allows for wireless communication. If the IC card 3 is a contactless type, the processor 21 of the card reader / writer 2 may communicate with the IC card 3 via the antenna 25. 【0109】 Here, the communication unit 47 of the information terminal 4, under the control of the processor 41, reads the pairing information registered in the pre-registration process shown in Figure 6 from the auxiliary storage unit 44 and establishes a communication connection with the card reader / writer 2 (S24). 【0110】 Furthermore, the processor 21 of the card reader / writer 2 reads the pairing information registered in the pre-registration process shown in Figure 6 from the non-volatile memory 24 and controls the interface 27 to establish a communication connection with the information terminal 4 (S25). Note that the order of processing S24 and S25 may be reversed or performed simultaneously. Also, the processor 21 of the card reader / writer 2 may control the interface 27 to connect with the information terminal 4 only when an IC card 3 is inserted into or touched to the card reader / writer 2. 【0111】 Then, under the control of the processor 21, the interface 27 of the card reader / writer 2 transmits a biometric authentication request signal to the information terminal 4 (S26). 【0112】 When the communication unit 47 receives a biometric authentication request signal from the card reader / writer 2, the processor 41 of the information terminal 4 starts the biometric authentication process (S27). The processor 41 of the information terminal 4 controls the biometric information acquisition unit 48 to acquire the user's biometric information. The processor 41 of the information terminal 4 determines the similarity between the biometric information previously stored in the auxiliary storage unit 44 and the biometric information acquired by the biometric information acquisition unit 48. Based on the similarity, the processor 41 generates a biometric authentication result indicating whether the biometric authentication was successful or unsuccessful. The processor 41 controls the communication unit 47 to transmit the biometric authentication result to the interface 27 (S28). 【0113】 The interface 27 of the card reader / writer 2 acquires the biometric authentication result transmitted from the information terminal 4. If the biometric authentication result indicates successful biometric authentication, the interface 27 of the card reader / writer 2 reads the identification information from the IC card 3 under the control of the processor 21 (S29). The biometric authentication result indicating successful biometric authentication means that the person currently using the information terminal 4 is the predetermined owner of the IC card 3 and the information terminal 4. 【0114】 Note that the timing of the reading of the identification information in S29 may be when the IC card 3 is inserted in S23. In this case, the card reader / writer 2 temporarily stores the read identification information in RAM 23 or non-volatile memory 24 and transmits it to the IC card processing device 1 if the biometric authentication result indicates success. 【0115】 Then, the communication unit 28 of the card reader / writer 2 transmits the identification information read from the IC card 3 to the IC card processing unit 1 under the control of the processor 21 (S30). 【0116】 The processor 11 of the IC card processing device 1 obtains the identification information stored on the IC card 3 from the card reader / writer 2. If the identification information matches the identification information of a user authorized to pass through the security gate stored in the auxiliary storage unit 14, the processor 11 of the IC card processing device 1 determines that the identification information is already registered. In this case, the processor 11 of the IC card processing device 1 executes the process of opening the security gate (S31). 【0117】 Furthermore, if the identification information obtained from the card reader / writer 2 does not match the identification information of a user authorized to pass through the security gate stored in the auxiliary storage unit 14, the processor 11 of the IC card processing device 1 determines that the identification information is not registered. In this case, the processor 11 of the IC card processing device 1 does not open the security gate and controls the output unit 16 to output an error (S32). 【0118】 Furthermore, if there are multiple users authorized to pass through the security gate, multiple pieces of identification information are stored in the auxiliary storage unit 14 of the IC card processing device 1. The processor 11 of the IC card processing device 1 may determine that the acquired identification information is already registered if it matches any of the multiple pieces of identification information stored in the auxiliary storage unit 14. Conversely, the processor 11 of the IC card processing device 1 may determine that the acquired identification information is not registered if it does not match any of the multiple pieces of identification information stored in the auxiliary storage unit 14. 【0119】 Furthermore, if the biometric authentication result indicates a failure of biometric authentication, the communication unit 28 of the card reader / writer 2 transmits an error signal to the IC card processing unit 1 under the control of the processor 21 (S33). 【0120】 When the processor 11 of the IC card processing device 1 receives an error signal from the card reader / writer 2, it does not open the security gate but controls the output unit 16 to output an error (S34). At this point, the processing in this sequence diagram ends. 【0121】 As explained in S29-S32, the processor 11 of the IC card processing device 1 determines whether the person currently using the information terminal 4 is authorized to pass through the security gate, based on the assumption that biometric authentication has confirmed that the person is the predetermined owner of the IC card 3 and the information terminal 4. Therefore, if someone other than the predetermined owner of the IC card 3 and the information terminal 4 uses the IC card 3 and the information terminal 4 fraudulently, the error in S34 occurs. Furthermore, if the processor 11 of the IC card processing device 1 merely authenticates that the person currently using the information terminal 4 is the legitimate owner, but this is insufficient to meet security requirements (for example, if different gates are available depending on the user's authority), more detailed restrictions can be imposed by authentication in S31 and S32 using the identification information stored in the IC card 3. 【0122】 Note that the content of the S32 error and the S34 error may be the same or different. For example, the S32 error and the S34 error may both inform the user of the reason for the error. 【0123】 As described above, the card reader / writer 2 of this embodiment includes either a contact terminal 26 or an antenna 25 that connects to the IC card 3, and an interface 27 that performs wireless communication with the information terminal 4 when connected to the IC card 3 via the contact terminal 26 or antenna 25. Furthermore, the card reader / writer 2 of this embodiment includes a processor 21 that obtains a biometric authentication result from the information terminal 4 by transmitting a biometric authentication request signal to the information terminal 4 using the interface 27, and performs processing according to the obtained biometric authentication result. Therefore, the card reader / writer 2 of this embodiment makes it possible to achieve a high level of security authentication for the IC card 3 at a low cost. 【0124】 For example, with the card reader / writer 2 of this embodiment, since biometric authentication is performed on the information terminal 4, there is no need to implement sensors or the like that acquire biometric information on the IC card 3 or the card reader / writer 2. Furthermore, since it becomes possible to use biometric authentication for user authentication on the information terminal 4, such as a smartphone, highly accurate determination can be expected. Moreover, in this embodiment, since the card reader / writer 2 communicates wirelessly with the information terminal 4, the IC card 3 does not need to have a means of communication with the information terminal 4. For this reason, an existing standard IC card 3 that does not have functions such as Bluetooth (registered trademark) can be used as a portable electronic device, further cost reduction is possible. In addition, since an existing standard IC card 3, whether contact-type or contactless, can be used with the card reader / writer 2 of this embodiment, it is expected that the cost and effort of preparing an IC card with a configuration dedicated to the authentication system S will be reduced. 【0125】 Furthermore, with the card reader / writer 2 of this embodiment, a biometric authentication engine is not required in the card reader / writer 2 and IC card 3, thus saving memory. In addition, since there is no need to manage and store the source biometric information within the card reader / writer 2 and IC card 3, the risk of leakage of personal identification information (biometric information) can be reduced even if problems such as theft, loss, or security attack of the card reader / writer 2 and IC card 3 occur. Moreover, there is no need to register biometric information for biometric authentication in the card reader / writer 2 and IC card 3. 【0126】 Furthermore, the card reader / writer 2 of this embodiment transmits a pairing response signal to the information terminal 4 when it receives a pairing request signal from the information terminal 4, and stores the pairing information, which is the identification information of the information terminal 4 after the pairing authentication process is completed, in the non-volatile memory 24. Therefore, with the card reader / writer 2 of this embodiment, communication is established only with information terminals 4 that have already undergone pairing processing, thus reducing the risk of unauthorized access and other issues. 【0127】 Furthermore, according to the authentication system S of this embodiment, as described above, the card reader / writer 2 and the information terminal 4 work together to perform user authentication, thereby enabling high-security authentication at a low cost. 【0128】 (Second embodiment) In this second embodiment, the security of the authentication system S is further enhanced by multi-factor authentication, by adding PIN code authentication in addition to biometric authentication. 【0129】 The authentication system S of this embodiment, like the first embodiment, comprises an IC card processing device 1, a card reader / writer 2, an IC card 3 as a portable electronic device, and an information terminal 4. The configuration of the IC card processing device 1, card reader / writer 2, IC card 3, and information terminal 4 is the same as in the first embodiment. 【0130】 Furthermore, when the processor 11 of the IC card processing device 1 in this embodiment receives a PIN code request signal from the card reader / writer 2, it causes the output unit 16 to display a screen indicating that a PIN code input is required. The input unit 15 of the IC card processing device 1 also acquires the PIN code entered by the user. The PIN code entered by the user is an example of a first PIN code. 【0131】 Furthermore, the non-volatile memory 34 of the IC card 3 in this embodiment stores a PIN code (registered personal identification information) of four digits or any number of digits. The PIN code is, for example, one that the IC card owner has set in advance when the IC card 3 is issued. The PIN code stored in the non-volatile memory 34 of the IC card 3 is an example of a second PIN code. 【0132】 Furthermore, the communication unit 28 of the card reader / writer 2 in this embodiment acquires the PIN code entered by the operator from the IC card processing device 1. The communication unit 28 of the card reader / writer 2 is an example of an acquisition unit. 【0133】 In this embodiment, the processor 21 of the card reader / writer 2 obtains a PIN code from the IC card 3, and if it determines that the PIN code entered by the user matches the PIN code obtained from the IC card 3, it sends a biometric authentication request signal to the information terminal 4 using the interface 27. 【0134】 Furthermore, the pre-registration process for authentication in this embodiment is the same as that of the first embodiment described in Figure 6. 【0135】 Figure 8 is a sequence diagram showing an example of the authentication process flow according to the second embodiment. 【0136】 The process from S21 to S22 is the same as in the first embodiment described in Figure 7. 【0137】 In this embodiment, when an IC card 3 is inserted into the card reader / writer 2, the processor 21 of the card reader / writer 2 reads the PIN code stored in the non-volatile memory 34 of the IC card 3 from the IC card 3 via the contact terminal 26 (S101). If the IC card 3 is a contactless type, the processor 21 of the card reader / writer 2 may read the PIN code from the IC card 3 via the antenna 25. 【0138】 In this case, the user of the IC card 3 and the information terminal 4 possessed by the user are located within a distance from the card reader / writer 2 that allows for wireless communication. The communication connection process from S24 to S25 is the same as that of the first embodiment described in Figure 7. 【0139】 Then, the communication unit 28 of the card reader / writer 2 transmits a PIN code request signal to the IC card processing unit 1 under the control of the processor 21 (S102). 【0140】 When the processor 11 of the IC card processing device 1 receives a PIN code request signal from the card reader / writer 2, it causes the output unit 16 to display a screen indicating that a PIN code input is required. The input unit 15 of the IC card processing device 1 obtains the PIN code entered by the user (S103). 【0141】 The processor 11 of the IC card processing device 1 controls the communication unit 17 to transmit the PIN code entered by the user to the card reader / writer 2 (S104). 【0142】 Then, the processor 21 of the card reader / writer 2 performs a PIN code authentication process to determine whether the PIN code obtained from the IC card 3 matches the PIN code obtained from the IC card processing device 1 (S105). If the processor 21 of the card reader / writer 2 determines that the PIN code obtained from the IC card 3 matches the PIN code obtained from the IC card processing device 1, it outputs "Approved" (success) as the PIN code authentication result. 【0143】 The processor 21 of the card reader / writer 2 executes the process of sending a biometric authentication request signal to the information terminal 4 in S26 if the PIN code authentication result is successful. The processes from S26 to S34 are the same as in the first embodiment described in Figure 7. 【0144】 Furthermore, the processor 21 of the card reader / writer 2 outputs a denial (failure) as the PIN code authentication result if it determines that the PIN code obtained from the IC card 3 does not match the PIN code obtained from the IC card processing device 1. 【0145】 The processor 21 of the card reader / writer 2 controls the communication unit 28 to send an error signal to the IC card processing unit 1 if the PIN code authentication result fails (S106). 【0146】 When the processor 11 of the IC card processing device 1 receives an error signal from the card reader / writer 2, it does not open the security gate but controls the output unit 16 to output an error (S107). The error in S107 may be the same as or different from the errors in S32 and S34. For example, the error in S107 may notify the user that the entered PIN code is incorrect. At this point, the processing in this sequence diagram ends. 【0147】 As described above, the card reader / writer 2 of this embodiment transmits a biometric authentication request signal to the information terminal 4 when it determines that the PIN code entered by the user matches the PIN code obtained from the IC card 3. Therefore, the card reader / writer 2 of this embodiment has the same effects as the first embodiment, and can further improve security through PIN code authentication. In particular, by obtaining a PIN code from the IC card 3 for comparison with the PIN code entered by the user, there is no need to pre-register the PIN code in the card reader / writer 2, and the risk of PIN code leakage can be reduced. 【0148】 (Third embodiment) In the first and second embodiments described above, while a user was inserting or touching an IC card 3 to the card reader / writer 2 to perform biometric authentication via an information terminal 4, other users were restricted from entering within a specified distance from the card reader / writer 2. Therefore, only the information terminal 4 of the owner of the IC card 3 inserted into the card reader / writer 2 was connected to the card reader / writer 2. For this reason, the card reader / writer 2 transmitted biometric authentication request signals only to the information terminal 4 of the owner of the IC card 3 inserted into the card reader / writer 2. 【0149】 In contrast, in this third embodiment, the card reader / writer 2 limits the information terminal 4 to which the biometric authentication request signal is sent based on the request destination information pre-registered in the IC card 3. 【0150】 The authentication system S of this embodiment, like the first embodiment, comprises an IC card processing device 1, a card reader / writer 2, an IC card 3 as a portable electronic device, and an information terminal 4. The configuration of the IC card processing device 1, card reader / writer 2, IC card 3, and information terminal 4 is the same as in the first embodiment. 【0151】 Furthermore, the non-volatile memory 34 of the IC card 3 in this embodiment stores identification information that can identify the information terminal 4 of the owner of the IC card 3. The identification information of the information terminal 4 is an example of request destination information. The identification information of the information terminal 4 may be, for example, a unique identifier of the information terminal 4 included in the pairing information. The identification information of the information terminal 4 may be written to the IC card 3 by the card reader / writer 2 as part of the pre-registration process, for example. Alternatively, the identification information of the information terminal 4 may be stored in the IC card 3 in advance by a device outside the authentication system S. 【0152】 In this embodiment, the processor 21 of the card reader / writer 2 acquires request destination information from the IC card 3 via the contact terminals 26 or antenna 25, indicating the information terminal 4 to which a biometric authentication request pertains to the IC card 3. Based on the request destination information, the processor 21 of the card reader / writer 2 identifies the information terminal 4 to which the biometric authentication request signal is to be sent during the authentication process of the IC card 3. The processor 21 of the card reader / writer 2 controls the interface 27 to transmit the biometric authentication request signal to the information terminal 4 identified by the request destination information. 【0153】 In this embodiment, the pre-registration process for authentication may include, in addition to the same process as in the first embodiment described in Figure 6, the process of saving the identification information of the information terminal 4 to the non-volatile memory 34 of the IC card 3. Alternatively, if the identification information of the information terminal 4 is saved in advance on the IC card 3 by a device outside the authentication system S, the pre-registration process for authentication in this embodiment may be the same as in the first embodiment described in Figure 6. 【0154】 Figure 9 is a sequence diagram showing an example of the authentication process flow according to the third embodiment. 【0155】 The process from S21 to S22 is the same as in the first embodiment described in Figure 7. 【0156】 In this embodiment, when an IC card 3 is inserted into the card reader / writer 2, the processor 21 of the card reader / writer 2 reads the identification information of the information terminal 4 stored in the non-volatile memory 34 of the IC card 3 from the IC card 3 via the contact terminal 26 (S201). If the IC card 3 is a contactless type, the processor 21 of the card reader / writer 2 may read the identification information of the information terminal 4 from the IC card 3 via the antenna 25. 【0157】 In this case, the user of the IC card 3 and the information terminal 4 possessed by the user are located within a distance from the card reader / writer 2 that allows for wireless communication. 【0158】 In this embodiment, the processor 21 of the card reader / writer 2 identifies the information terminal 4 to which the biometric authentication request signal is to be transmitted based on the identification information of the information terminal 4 acquired in S201 (S202). 【0159】 In this case, the user of the IC card 3 and the information terminal 4 possessed by the user are located within a distance from the card reader / writer 2 that allows for wireless communication. The communication connection process from S24 to S25 is the same as that of the first embodiment described in Figure 7. 【0160】 Then, the processor 21 of the card reader / writer 2 controls the interface 27 and transmits a biometric authentication request signal only to the information terminal 4 identified in the S202 process among the information terminals 4 that are connected for communication (S26). In this embodiment, even if multiple information terminals 4 that have been paired with the card reader / writer 2 are located within a communication range, the processor 21 of the card reader / writer 2 does not transmit a biometric authentication request signal to any information terminals other than the one identified in the S202 process. The processes from S27 to S34 are the same as in the first embodiment described in Figure 7. At this point, the processing in this sequence diagram ends. 【0161】 As described above, the card reader / writer 2 of this embodiment acquires request destination information from the IC card 3, indicating the information terminal 4 to which the biometric authentication request for the IC card 3 will be sent, and transmits a biometric authentication request signal to the information terminal 4 identified by the request destination information. Therefore, the card reader / writer 2 of this embodiment has the same effects as the first embodiment, and by limiting the destination of the biometric authentication request signal, it is possible to reduce the chance of incorrect biometric authentication being performed by other users in the vicinity. Furthermore, with the card reader / writer 2 of this embodiment, when a user inserts or touches the IC card 3 to the card reader / writer 2 to perform biometric authentication by the information terminal 4, the effort required to isolate subsequent users waiting to be authenticated is reduced. 【0162】 (Variation 1) In the above-described embodiment 3, the information terminal 4 to which the biometric authentication request signal is sent was limited by the request destination information pre-registered in the IC card 3. However, the communication connection destination, which is a prerequisite for sending the biometric authentication request signal, may also be limited. 【0163】 For example, the processor 21 of the card reader / writer 2 may read only the pairing information of the information terminal 4 identified based on the identification information of the information terminal 4 obtained from the IC card 3 from the non-volatile memory 24, out of the multiple pairing information registered in the pre-registration process, and control the interface 27 to establish a communication connection with the information terminal 4. In this case, the communication connection between the card reader / writer 2 and the information terminal 4 is established only if the communication connection from the card reader / writer 2 to the information terminal 4 is successfully performed. That is, even if multiple information terminals 4 have already been paired with the card reader / writer 2, only the information terminal 4 identified by the identification information of the information terminal 4 stored in the IC card 3 currently inserted into the card reader / writer 2 will be able to connect and communicate with the card reader / writer 2. 【0164】 This configuration reduces the likelihood of incorrect biometric authentication being performed by other users in the vicinity. 【0165】 (Modification 2) In the first to third embodiments described above, the IC card 3 was used as an example of a portable electronic device. However, the portable electronic device is not limited to the IC card 3, and may be, for example, a tag, microchip, mobile terminal, etc., that have similar functions. 【0166】 (Variation 3) In the first to third embodiments described above, the card reader / writer 2 was assumed to be capable of reading and writing data to the IC card 3. However, the card reader / writer 2 only needs to have a data reading function and does not need to have a writing function. 【0167】 Furthermore, the card reader / writer 2 is not limited to being a reader / writer specifically for IC cards 3; it can be any reader / writer capable of reading data from tags, microchips, mobile devices, etc. 【0168】 In Figure 1, the card reader / writer 2 is shown as an external device connected to the IC card processing device 1 via a wired connection; however, it is not limited to this configuration and may be installed inside the IC card processing device 1. 【0169】 (Modification 4) In the first to third embodiments described above, it was explained that the IC card processing device 1 performs error output and reception of the PIN code entered by the user. However, these functions may also be provided by the card reader / writer 2. 【0170】 For example, the card reader / writer 2 may include a display and an operating section on which the user can enter a PIN code. 【0171】 In the second embodiment, the communication unit 28 of the card reader / writer 2 was used as an example of the acquisition unit. However, if the card reader / writer 2 is equipped with an operation unit on which the user can input a PIN code, that operation unit may be an example of the acquisition unit. 【0172】 (Variation 5) In the first to third embodiments described above, the card reader / writer 2 performed different processing depending on the biometric authentication result from the information terminal 4. However, the card reader / writer 2 does not need to change its processing depending on whether the biometric authentication result is successful or unsuccessful. In this case, the card reader / writer 2 transmits the biometric authentication result to the IC card processing device 1 regardless of the content of the biometric authentication result obtained from the information terminal 4. The IC card processing device 1 performs different processing depending on the biometric authentication result. 【0173】 (Experimental variation 6) In the first embodiment described above, the interface 27 of the card reader / writer 2 transmits a pairing response signal to the information terminal 4 when it receives a pairing request signal from the information terminal 4. However, the interface 27 of the card reader / writer 2 may transmit the pairing request signal to the information terminal 4 first. 【0174】 (Example 7) In the first to third embodiments described above, the IC card processing device 1 and card reader / writer 2 of the authentication system S were, for example, installed near a security gate and used to control the opening and closing of the security gate. However, the application of the authentication system S is not limited to controlling the opening and closing of security gates. For example, the authentication system S may be used to unlock the electronic lock of a security door. The IC card processing device 1 and card reader / writer 2 may also be used to control the opening and closing of partition doors in booths used by operators. Furthermore, the IC card processing device 1 and card reader / writer 2 may also be used to control login to an information processing terminal such as a PC. 【0175】 Furthermore, the authentication system S may be used for identity verification for credit card or prepaid card payments. 【0176】 As described above, according to the first to third embodiments, a high level of security authentication for portable electronic devices can be achieved at a low cost. 【0177】 While several embodiments of the present invention have been described, these embodiments are presented as examples only and are not intended to limit the scope of the invention. These novel embodiments can be carried out in a variety of other forms, and various omissions, substitutions, and modifications can be made without departing from the spirit of the invention. These embodiments and their variations are included in the scope and spirit of the invention, as well as in the claims of the invention and its equivalents. [Explanation of Symbols] 【0178】 1 IC card processing device 2 card reader / writers 3 IC card 4. Information terminals 11,21,31,41 processors 12,22,32,42 ROM 13,23,33,43 RAM 14,44 Auxiliary storage 15,45 Input section 16,46 Output section 17, 28, 47 Communications Department 24,34 Non-volatile memory 25 Antennas 26,36 contact terminal 27 Interfaces 35 coprocessors 48. Biological Information Acquisition Unit S Authentication System

Claims

[Claim 1] A terminal for connecting to a portable electronic device and at least one of the antennas, An interface for wireless communication with an information terminal when connected to the portable electronic device via the aforementioned terminal or antenna, A processor that transmits a biometric authentication request signal to the information terminal using the interface, obtains a biometric authentication result from the information terminal, and performs processing according to the obtained biometric authentication result, A reading device equipped with [a specific feature]. [Claim 2] The interface transmits a pairing response signal to the information terminal when it receives a pairing request signal from the information terminal. The device further comprises a memory for storing pairing information, which is the identification information of the information terminal after the pairing authentication process has been completed. The reading device according to claim 1. [Claim 3] It further comprises an acquisition unit that acquires a first PIN code entered by the user, The processor obtains a second PIN code from the portable electronic device, and if it determines that the first PIN code and the second PIN code match, it transmits the biometric authentication request signal to the information terminal using the interface. The reading device according to claim 1. [Claim 4] The processor obtains request destination information from the portable electronic device indicating the information terminal to which a biometric authentication request pertains to the portable electronic device is to be made, and transmits the biometric authentication request signal to the information terminal identified by the request destination information. The reading device according to claim 1. [Claim 5] It comprises a reader capable of reading portable electronic devices and an information terminal, The aforementioned reading device, At least one of the terminals and antennas that connect to the aforementioned portable electronic device, An interface for wireless communication with the information terminal when connected to the portable electronic device via the aforementioned terminal or antenna, The system includes a processor that transmits a biometric authentication request signal to the information terminal using the interface, obtains a biometric authentication result from the information terminal, and performs processing according to the obtained biometric authentication result, The aforementioned information terminal is A communication unit that receives a biometric authentication request signal from the reader and transmits the biometric authentication result, A biometric information acquisition unit that acquires biometric information in response to the biometric authentication request signal, The system includes a processor that determines the similarity between biometric information pre-registered and stored in memory and biometric information acquired by the biometric information acquisition unit, and outputs the biometric authentication result based on the similarity. Authentication system. [Claim 6] Connects to portable electronic devices via terminals or antennas, When connected to the portable electronic device via the aforementioned terminal or antenna, wireless communication is performed with the information terminal. By transmitting a biometric authentication request signal to the information terminal, the biometric authentication result is obtained from the information terminal. The process is executed according to the acquired biometric authentication result. method.

Images