JP2025039038A - External authentication circuit board for smartphones - Google Patents

Abstract

To mount an authentication circuit board equipped with an NFC chip on a smartphone, and enable usage as a hardware token of authentication means for multi-factor authentication in order to prevent SIM swap fraud or the like, and to provide an authentication circuit board, in which an NFC card with fingerprint authentication functions can be used by a smartphone as additional fingerprint authentication means for further multi-factor authentication.SOLUTION: Necessary electric power can be supplied by bending a part of an authentication circuit board so as to cover a part of a side face of a smartphone, and by allowing a magnetic flux of an alternating magnetic field, generated at a non-contact IC card reader, to pass through a coil in the authentication circuit board. An NFC chip in the authentication circuit board is recognized by initial response of NFC communication with the non-contact IC card reader, thereby enabling continuous power feed to an NFC card with fingerprint authentication functions so that the fingerprint authentication functions can be used by the smartphone.SELECTED DRAWING: Figure 1

Description

The present invention relates to an external authentication circuit board that allows a smartphone with a built-in contactless IC card reader to be used as one of the authentication means for multi-factor authentication by attaching a circuit board equipped with an NFC chip, which is an IC chip with a function of communicating via NFC (Near Field Communication), as a hardware token to prevent SIM swap fraud and the like, and that also allows an NFC card with a fingerprint authentication function to be used on the smartphone as an additional fingerprint authentication means for multi-factor authentication.

In recent years, smartphones have been used in a variety of fields. To prevent unauthorized use of smartphones by others, smartphones are equipped with several identity verification functions. For example, they can be locked to prevent operation after a certain amount of time has passed since operation began, so that others cannot use the smartphone. It has become commonplace for smartphones to be equipped with biometric authentication functions such as fingerprint authentication and face authentication, which are more secure than password authentication, which requires entering a four-digit number to unlock the smartphone. In addition to unlocking the smartphone, these biometric authentication functions are increasingly being used for identity verification when paying for online shopping.

Damage caused by cyber attacks has been increasing rapidly in recent years. The most significant damages to individuals are phishing scams, and to corporations are ransomware attacks. Phishing scams involve sending emails from a false sender, directing victims to a fake website where personal information such as passwords and credit card information is stolen.

Ransomware is a type of malware that infiltrates a victim's system by using passwords obtained through phishing scams, etc., and then encrypts the data and demands a ransom. Increasingly, the method of intrusion is to exploit vulnerabilities in network devices to infiltrate internal networks, but even in these cases security is breached by using passwords that have been leaked in the past as authentication information, or by using a brute force attack to find out the password.

As such, traditional authentication methods using IDs and passwords alone cannot be considered secure against cyber attacks, and there is a growing opinion that we should switch to passwordless authentication, which does not use passwords, or multi-factor authentication, which combines several authentication methods. FIDO2 and Passkey are becoming standardized as passwordless authentication, and biometric authentication functions such as fingerprint and face recognition built into smartphones can be used as authentication devices, so it can be used without purchasing new hardware. Furthermore, with FIDO2, in addition to authentication using a smartphone, authentication can also be performed on the PC by connecting the PC and smartphone via Bluetooth (registered trademark), using the biometric authentication functions built into the smartphone.

One-time passwords used for online banking and other purposes were traditionally provided by hardware tokens, but because the battery that runs the internal clock needs to be replaced every few years, and because it is inconvenient to carry a hardware token to each bank when using online banking on a smartphone, many authentication functions are now built into smartphones, such as providing one-time password functions as software authentication apps that can be installed on smartphones.

Currently, as a measure against phishing scams, the shift to passwordless authentication and multi-factor authentication is progressing rapidly. This is having a deterrent effect against phishing scams. However, a new cyber attack method called SIM swap fraud is beginning to cause damage. In SIM swap fraud, the criminal first obtains the personal information of the targeted victim through phishing or other means, and then prepares a counterfeit driver's license or other document. Then, they impersonate the victim and report the loss of their smartphone to the mobile phone carrier, and take over the victim's phone number by having the SIM reissued or other means.

By taking over a phone number, the criminal can receive all SMS and calls sent to the victim. This allows them to circumvent SMS authentication, which is widely used for two-step authentication. Even for social media accounts that do not use SMS authentication, the criminal can change the password using SMS authentication by resetting the password. Some people are of the opinion that SMS authentication is risky for SIM swap scams, so we should switch to authentication apps. The reality is that very few people recognize that this type of opinion is a mistaken one derived from a naive perception of SIM swap scams.

When changing the model of a smartphone, it is normal to reinstall the authentication app and authenticate using the registered phone number, etc. This allows the phone to be used in the same way as before the model change. In other words, the current situation is that security is built on the premise that "the person who has the phone number is the person himself." Perpetrators of SIM swaps can exploit this to easily reinstall the authentication app on a new device and perform authentication. As can be easily understood from the above explanation, authentication using an authentication app cannot prevent SIM swap fraud.

Similarly, with biometric authentication such as fingerprint or face recognition built into smartphones, if you change your phone model, you can reinstall the application software and authenticate with a registered phone number, etc., making biometric authentication possible. What's important here is to be aware that a perpetrator who swaps SIM cards can easily register their own biometric information on a new device. A perpetrator who swaps SIM cards can successfully authenticate with their own biometric information. The frightening thing is that biometric authentication built into smartphones cannot prevent SIM swap fraud.

Therefore, when a SIM swap is performed, most authentication methods, such as biometric authentication and authentication apps on smartphones, can be invalidated. In other words, the current situation is extremely dangerous. This is because, as mentioned above, security for previous authentication methods is built on the assumption that "it is the person who has the phone number." Security cannot be ensured on the assumption that "it is the person who has the phone number." Therefore, it is urgent to correctly understand the lameness of this perception and fundamentally reconstruct security based on the perspective that SIM swaps allow "a malicious third party to have the phone number." Unfortunately, a correct understanding of SIM swaps is not widely known, and the current situation is that the only measures proposed are measures such as stricter identity verification when reissuing SIM cards by mobile phone carriers.

Furthermore, until now, SIM swap fraud has mostly involved the theft of personal bank deposits and virtual currencies, and was thought to have little to do with the security of large corporate networks. It has been reported that in August 2023, the US Department of Homeland Security released a report summarizing the results of the Cyber Security Review Board's investigation into the threat actor "Lapsus$." According to the report, "Lapsus$" has successfully infiltrated dozens of organizations in the United States, including Microsoft, by making full use of attack methods such as SIM swapping. As can be seen from this report, the SIM swap method is not only being used in "SIM swap fraud" targeting personal assets, but is actually beginning to be used as a "SIM swap attack" to break through multi-factor authentication when infiltrating the networks of large companies. It is necessary to quickly popularize multi-factor authentication methods that can counter SIM swap attacks.

A SIM swap attack mainly disables the biometric authentication built into a smartphone or the authentication app installed on the smartphone. If the authentication function is provided by hardware independent of the smartphone, even if the victim's phone number is transferred from their smartphone to another smartphone via a SIM swap, the perpetrator will not be able to successfully authenticate them because the hardware with the authentication function remains in the victim's possession. Therefore, SIM swap attacks can be prevented by using authentication using hardware with authentication functions, i.e. a hardware token, as one element of multi-factor authentication.

There are several types of hardware tokens. However, there are no convenient ones for multi-factor authentication on smartphones. For the type that uses a one-time password, you need to input the numbers displayed on the hardware token into your smartphone. For the type that connects via USB, you don't need to enter numbers, and some of them incorporate biometric authentication functions such as fingerprint authentication. However, you need to connect the smartphone and the hardware token via a wired connection. Smartphones have a connector for wired connection that also serves as a charger. If you use this connector to connect the hardware token via a wired connection, you need to connect the cable or directly every time you authenticate. As you can see from the above explanation, a cable connection is not convenient, and if you connect directly, there is a high possibility that the hardware token or the smartphone will be damaged if the smartphone is dropped. Therefore, a USB-connected hardware token is not practical for multi-factor authentication on smartphones.

The inventors of the present application considered that it would be best to connect to a hardware token using NFC communication using a contactless IC card reader that is installed in most smartphones. In the case of NFC communication, power can be supplied from the contactless IC card reader of the smartphone. This means that there is no need to install a battery on the hardware token, and there is no need to replace the hardware token every few years, and maintenance such as charging is also unnecessary. Since NFC has a shorter communication distance than Bluetooth, there is less risk of communication interception. In addition, NFC cards with fingerprint authentication function using an extremely thin capacitive fingerprint sensor are commercially available, and fingerprint authentication can also be used as multi-factor authentication.

When using an NFC-connected hardware token as possession information for authentication, it is sufficient to fix it to a position on the smartphone where NFC communication is possible. Therefore, if it can be used in a state where it is always attached to the smartphone directly or via a smartphone case, there is no problem with usability. The inventor of the present application, for example, used an iPhone (registered trademark) by Apple Inc. of the United States, and verified the position where it can be operated using a commercially available FeliCa (registered trademark) card as an NFC-connected hardware token. Here, in this specification, the surface on which the display screen of the iPhone, i.e., the smartphone, is located is called the "display surface," and the surface opposite to the display screen, i.e., the surface on which the camera lens is located, is called the "display back." With some types of iPhones, the card did not work when placed so as to fit within the frame of the iPhone's display back, and only worked when the FeliCa card protruded significantly from the iPhone's display back. It is difficult to use the smartphone with the FeliCa card always attached when the FeliCa card protrudes significantly from the smartphone.

In addition, contactless IC card readers installed in smartphones are also used to read NFC cards and make cashless payments. For this reason, it is necessary to ensure that NFC-connected hardware tokens do not interfere with NFC communications when used to read other NFC cards or make cashless payments. From this perspective, there is a problem in that the types of NFC chips that can be used as hardware tokens are limited.

If commercially available NFC cards with fingerprint authentication functions could be connected to a smartphone via NFC and used as hardware tokens, authentication would be possible using biometric information as well as possession information. For this reason, it would be preferable to use them in situations where high security is required, such as when transferring money in online banking, even if the authentication operation is time-consuming. There are mainly two types of commercially available NFC cards with fingerprint authentication functions. One is designed for security purposes, and the other is designed for credit cards.

The former, that is, NFC cards with fingerprint authentication functions designed for security purposes, only function as NFC cards if fingerprint authentication is successful, and have the advantage that they are not subject to skimming if fingerprint authentication is not successful. In addition, since they are not equipped with a battery, it is necessary to use a contactless IC card reader that can supply continuous power, but it is possible to add fingerprint authentication functions to electronic locks, entrance/exit management systems, attendance management systems, etc. that use NFC cards without modifying the system. However, on the iPhone, although various changes were made to the parameters of the application software to attempt NFC connection, the built-in contactless IC card reader could not be put into a continuous power supply state, and NFC connection with the NFC card with fingerprint authentication functions designed for security purposes was not possible.

In the latter case, that is, NFC cards with fingerprint authentication functions designed for credit cards, the NFC chip can operate even without fingerprint authentication. This not only creates the risk of skimming, but also outputs the same UID (fixed ID number) before and after fingerprint authentication is successful. For this reason, systems must be changed in order to use electronic locks, access control systems, attendance management systems, etc. that use NFC cards. Furthermore, on the iPhone, it is difficult to confirm that fingerprint authentication has been successful due to iOS limitations.

The objective of the present invention is to provide an inexpensive multi-factor authentication method as an external authentication circuit board for smartphones that is effective even when the SIM is swapped, and to protect smartphone users from cyber attacks without compromising the usability of the smartphone. Furthermore, in situations where higher security is required, it is possible to use fingerprint authentication using an NFC card with a fingerprint authentication function.

According to one aspect of the present invention, the above problem is solved by
An external authentication circuit board for a smartphone that is attached to a smartphone having a built-in non-contact IC card reader and that can operate the smartphone while attached to the smartphone,
a first NFC chip having a function of performing NFC communication with the non-contact IC card reader;
a first coil that receives power from the non-contact IC card reader;
This is achieved by providing an external authentication circuit board for a smartphone, characterized in that a part of the first coil covers a part of the side of the smartphone so that the magnetic flux of the alternating magnetic field generated from the non-contact IC card reader passes through the first coil, thereby enabling the first NFC chip to supply the power necessary for NFC communication with the non-contact IC card reader, thereby enabling the authentication circuit board to be used as one of the multi-factor authentication means on the smartphone.

According to a preferred embodiment of the present invention,
the authentication circuit board has a function of adding authentication by fingerprint authentication in addition to the multi-factor authentication means by the first NFC chip in the authentication circuit board by mounting the authentication circuit board on a smartphone having a built-in non-contact IC card reader and enabling the use of an NFC card with a fingerprint authentication function;
The NFC card with fingerprint authentication function includes:
A fingerprint sensor;
A fingerprint authentication unit;
A memory for storing fingerprint data for matching;
A second coil that receives power from the non-contact IC card reader;
a fingerprint authentication means including a second NFC chip having a function of performing NFC communication with the non-contact IC card reader;
The fingerprint authentication means includes:
a fingerprint data reading function that starts reading fingerprint data using the fingerprint sensor when the second coil receives power from the non-contact IC card reader;
a fingerprint data matching function for matching the read fingerprint data with the matching fingerprint data stored in the memory by the fingerprint authentication unit;
a fingerprint authentication notification function that performs the NFC communication from the second NFC chip to the non-contact IC card reader only when the fingerprint authentication unit recognizes the fingerprint as being the same, and notifies the non-contact IC card reader that the fingerprint has been recognized as being the same;
the fingerprint sensor, the fingerprint authentication unit, the memory, and the second NFC chip operate only with power received by the second coil;
The smartphone is a model in which continuous power supply from the non-contact IC card reader to the second coil cannot be performed by application software installed thereon alone,
when power is received from the non-contact IC card reader by a first coil in an authentication circuit board, the first NFC chip is recognized in an initial response of the NFC communication, thereby continuously supplying power from the non-contact IC card reader to the second coil;
The fingerprint authentication unit completes the fingerprint authentication.
If the fingerprint authentication is successful, a notification of the fingerprint authentication is given.

The external authentication circuit board for smartphones according to the present invention preferably further includes a control circuit that controls the operation timing of the first NFC chip, and makes the first NFC chip operational when the first coil receives power. This stops the operation of the first NFC chip after a sufficient time has elapsed for it to be used as one of the multi-factor authentication means. This makes it possible to not prevent the contactless IC card reader from communicating with other NFC chips via NFC.

The external authentication circuit board for smartphones according to the present invention can be constructed from a very thin circuit board, so it can be installed in a smartphone case with almost no increase in thickness. In addition, it can be manufactured using the same inexpensive manufacturing processes as commercially available NFC stickers, making it possible to mass-produce it at low cost.

10 is an explanatory diagram for explaining the arrangement of a first coil with respect to a smartphone. FIG. 1 is a cross-sectional view for explaining the relative positions of a smartphone and an NFC card. 1 is a cross-sectional view for explaining the relative positions of a smartphone and an NFC card. FIG. 1 is a block diagram of a fingerprint authentication system related to the present invention. 10 is a flowchart for explaining an example of the operation of application software installed on a smartphone for controlling a fingerprint authentication system related to the present invention on the smartphone side. 4 is a timing chart of a first example for explaining a state of power supply to a coil. 10 is a timing chart of a second example for explaining a state of power supply to a coil. 13 is a timing chart of a third example for explaining a state of power supply to a coil. FIG. 5 is a cross-sectional view for explaining the fingerprint authentication system of FIG. 4 . FIG. 5 is a cross-sectional view for explaining the fingerprint authentication system of FIG. 4 .

Figure 1 is a diagram relating to an embodiment of the present invention, and is an explanatory diagram for explaining the arrangement of coils of an authentication circuit board relative to a smartphone and a contactless IC card reader. In the figure, reference symbol 1 is an authentication circuit board. Reference symbol 2 is a first NFC chip having a function of NFC communication, typically a FeliCa (registered trademark) chip. Reference symbol 3 is a control circuit that controls the operation timing of the first NFC chip 2. Reference symbol 4 is a first coil that receives power from the contactless IC card reader of the smartphone. The first coil 4 supplies power to electronic components mounted on the authentication circuit board. Reference symbol 5 is a smartphone. Reference symbol 6 is a contactless IC card reader built into the smartphone 5. Reference symbol CL indicates a camera lens, and the camera lens CL is located on the back of the display of the smartphone 5.

2 and 3 are cross-sectional views for explaining the relative positions of the smartphone 5 and the coil. In FIG. 2 and FIG. 3, the same elements as those shown in FIG. 1 are given the same reference numerals. Reference numeral 7 denotes a Felica card, which is commercially available as an authentication circuit board, or a Felica card, etc., equipped with a Felica chip as an NFC chip such as a sticker or flexible substrate module having an equivalent function (hereinafter referred to as "FeliCa card, etc. 7"). The inventor of the present application verified the position where NFC communication is possible, that is, the arrangement position of the Felica card, etc. 7, when the Felica card, etc. 7 is applied to the iPhone of Apple Inc. of the United States. In these Felica cards, etc. 7, power is supplied to the NFC chip mounted on the Felica card, etc. 7 by the built-in first coil 4 receiving wireless power supply from the non-contact IC card reader 6. During the power supply period, the NFC chip always operates. There is no significant difference between the Felica cards, etc. 7, except for the size of the coil, depending on the type.

When the FeliCa card etc. 7 was used as an authentication circuit board on some iPhones and placed within the frame on the back of the iPhone's display as shown in Figure 2, the FeliCa card etc. 7 did not work. On the other hand, when the FeliCa card etc. 7 was placed near the non-contact IC card reader 6 in a manner that protruded significantly from the frame on the back of the iPhone's display as shown in Figure 3, it did work.

The inventors of the present application have investigated the reason why the Felica card 7 works when placed in a manner that protrudes significantly from the size of the back of the iPhone display as shown in FIG. 3, but does not work when placed so as to fit within the size of the back of the iPhone display as shown in FIG. 2. The inventors of the present application have come to the following conclusion. That is, the alternating magnetic field generated from the non-contact IC card reader 6 built into the iPhone mainly comes out from the side of the iPhone, and unless the Felica card 7 is placed so that the magnetic flux of this alternating magnetic field passes through the first coil 4, it is not possible to supply enough power to operate the NFC chip. However, when the authentication circuit board 1 is in the shape of a flat plate, as shown in FIG. 3, the authentication circuit board 1 protrudes significantly from the size of the back of the iPhone display.

In FIG. 1, the authentication circuit board 1 is made of a flexible printed circuit board or the like, partially or entirely. This allows the authentication circuit board 1 to be shaped in any desired bent form. In the embodiment, a part of the authentication circuit board 1 is bent to cover the back and side of the display of the smartphone 5. This allows the magnetic flux of the alternating magnetic field generated by the non-contact IC card reader 6 to pass through the first coil 4. In addition, the authentication circuit board 1 can be installed in a state where it does not protrude significantly from the outer contour of the smartphone 5, and the authentication circuit board 1 can be operated. For testing purposes, the inventor of the present application carefully bent a commercially available FeliCa card into the shape shown in FIG. 1 so that the internal wiring would not be broken, and attached this to the iPhone as shown in FIG. 1 as the authentication circuit board 1. The inventor of the present application used this prototype to confirm its operation. The results confirmed that the power supplied from the non-contact IC card reader 6 built into the iPhone activates the FeliCa chip (first NFC chip 2) in the FeliCa card (authentication circuit board 1), enabling NFC communication.

In the authentication circuit board 1 arranged as shown in FIG. 1, a Felica chip was used as the first NFC chip 2 that performs NFC communication with the non-contact IC card reader 6 to confirm its operation. The purpose of this operation check was to confirm that sufficient power could be supplied from the non-contact IC card reader 6 to the first coil 4. As a result, operation was successfully confirmed. From the results of this operation check, the following can be said. In other words, as long as the NFC chip supports wireless communication according to the NFC standard, other NFC chips such as Mifare (registered trademark) can also be used and will operate without any problems.

When the authentication circuit board 1 in the form shown in FIG. 1 is attached to a smartphone 5, it is desirable that it can be used without any problems for various purposes using the contactless IC card reader 6 built into the smartphone 5. The NFC standard specifies how to read multiple cards of the same type when there are multiple cards of the same type, such as type A MyFair cards, type B Japanese driver's licenses, and type F FeliCa cards. When there are multiple cards of different types, for example when an attempt is made to simultaneously read a MyFair card and a FeliCa card with an iPhone contactless IC card reader, the MyFair card will be read and the FeliCa card will not be read.

Normally, it is possible to specify the type of NFC card to be read on the contactless IC card reader side and perform reading. If the contactless IC card reader is specified to read only Type F, the Felica card can be read even if a MyFair card and a Felica card are held up at the same time. However, the type of card to be read is determined by the application software installed on the smartphone. Therefore, for example, if a MyFair chip is installed on the authentication circuit board 1, it may not be possible to use it correctly when reading a Felica card with the smartphone 5 or when using the contactless IC card reader 6 installed on the smartphone 5 to make payments as Mobile Felica.

If it is absolutely necessary to mount a MiFair chip on the authentication circuit board 1, a control circuit 3 that controls the operation timing can be added to the authentication circuit board 1. For example, after the first coil 4 receives power from the non-contact IC card reader 6, the first NFC chip 2 is activated for a short time (e.g., 0.3 seconds) that is sufficient for authentication, and then the operation of the first NFC chip 2 is stopped, thereby enabling reading and writing of another type of NFC chip. The control circuit 3 that executes such control can be realized with a simple microcomputer. It is technically easy to design an NFC chip in which the functions of the control circuit 3 are incorporated into the first NFC chip 2. Therefore, when mass-producing the authentication circuit board 1, the operation timing can be controlled within the first NFC chip.

However, in reality, it is not easy to check the operation of all application software, including overseas applications. Furthermore, when using the non-contact IC card reader 6 for electronic money payments, it is not easy to check the operation of all electronic money reading devices, including overseas applications. Of course, if the authentication circuit board 1 is attached to the smartphone 5 via a smartphone case, it is possible to avoid problems by removing the smartphone case.

In the Felica chip, it is possible to use a system code to selectively read and write multiple Felica cards. In this case, a Felica chip to which a unique system code is assigned can be used as the first NFC chip 2. This makes it possible to avoid interfering with the reading and writing of different types of MyFare cards, etc., without using the control circuit 3 that controls the operation timing. In addition, there is no interference with the reading and writing of Felica cards or mobile Felica cards to which a system code for electronic money is assigned.

The inventors of the present application have verified the operation of a combination of an iPhone manufactured by Apple Inc. of the United States and an NFC card with a fingerprint authentication function designed for security purposes. In this verification, they tried to connect via NFC by changing various parameters of application software on the iPhone, but unfortunately found that the built-in contactless IC card reader could not be set to a continuous power supply state and could not be used. However, the inventors of the present application have found that when the authentication circuit board 1 of the form shown in FIG. 1 is mounted on an iPhone in the configuration shown in FIG. 1, when the contactless IC card reader 6 recognizes the first NFC chip 2 mounted on the authentication circuit board 1, the power supply timing can be controlled according to the parameters of the application software, and it can also be set to a continuous power supply state. In other words, it can be said that an iPhone equipped with the authentication circuit board 1 can be authenticated by fingerprint authentication using an NFC card with a fingerprint authentication function designed for security purposes.

Figure 4 is a block diagram of a fingerprint authentication system included in an embodiment of the present invention. The same elements as those shown in Figure 1 are given the same reference numerals. In the figure, reference numeral 8 is an NFC card with a fingerprint authentication function. Reference numeral 9 is a thin-shaped capacitive fingerprint sensor. Reference numeral 10 is a fingerprint authentication unit. Reference numeral 11 is a memory that stores fingerprint data for matching. Reference numeral 12 is a second coil that receives power from a non-contact IC card reader. Reference numeral 13 is a second NFC chip with a function of NFC communication, typically a Felica chip. Reference numeral 14 is a user's finger whose fingerprint has been registered.

In the embodiment shown in FIG. 4, the fingerprint authentication means Fp is configured by devices mounted on an NFC card 8 with a fingerprint authentication function, namely, a fingerprint sensor 9, a fingerprint authentication unit 10, a memory 11 that stores fingerprint data for matching, a second coil 12, and a second NFC chip 13 in the illustrated fingerprint authentication system. In the fingerprint authentication means Fp, on the condition that power is supplied to the second coil 12 from a non-contact IC card reader 6 built into a smartphone 5, the second coil 12 that has received power supplies power to the fingerprint sensor 9, the fingerprint authentication unit 10, the memory 11, etc., and fingerprint authentication is started. At this time, the fingerprint authentication unit 10 controls the second NFC chip 13 so that the second NFC chip 13 does not operate by a method such as stopping the power supply to the second NFC chip 13.

After fingerprint authentication has started, when a finger 14 whose fingerprint has been registered in advance touches the fingerprint sensor 9, the fingerprint authentication unit 10 compares the fingerprint data of the finger 14 read from the fingerprint sensor 9 with the matching fingerprint data stored in the memory 11. If the matching results in the same fingerprint, the second NFC chip 13 is controlled to operate. This enables the non-contact IC card reader 6 to read the IDm2 data from the second NFC chip 13. This state is maintained until power supply to the second coil 12 is stopped.

On the other hand, before fingerprint authentication or when the fingerprint is not authenticated as the same, the fingerprint authentication unit 10 controls the second NFC chip 13 not to operate, and a state in which the IDm2 data cannot be read is maintained. With the above-mentioned control, the IDm2 data in the second NFC chip 13 can be read by the non-contact IC card reader 6 only when the fingerprint is authenticated as the same. In other words, if the fingerprint is not authenticated as the same, the IDm2 data in the second NFC chip 13 cannot be read by the non-contact IC card reader 6.

The IDm data is a unique ID number recorded when the Felica chip was manufactured. The IDm data cannot be rewritten. Therefore, there is no other Felica chip with the same IDm data. It is configured so that the smartphone 5 can recognize that "fingerprint authentication was successful with the NFC card 8 with fingerprint authentication function" only when two conditions are satisfied: first, the IDm2 data of the second NFC chip 13 can be read by the non-contact IC card reader 6, and second, the IDm2 data registered in advance in the smartphone 5 matches the IDm2 data of the second NFC chip 13. In this case, the smartphone 5 performs authentication using two elements, the fingerprint and the Felica IDm data, providing higher security than simple fingerprint authentication.

In the fingerprint authentication system shown in FIG. 4, a FeliCa chip is used as the NFC chip that performs NFC communication with the non-contact IC card reader 6. For example, since the non-contact IC card reader 6 supports wireless communication according to the NFC standard, an NFC chip conforming to another NFC standard, such as MyFair, may be used as long as it is an NFC chip capable of performing NFC communication.

In the fingerprint authentication system shown in FIG. 4, when the fingerprint authentication unit 10 "authenticates that the fingerprint is the same," the method of notifying the non-contact IC card reader 6 is realized by making the IDm2 data readable. As a variation, other data or a combination of IDm and other data may be made readable. Various methods have been proposed and are in practical use as authentication methods for this notification method, and the method may be selected taking into consideration the required level of security.

The above notification method can also be realized by carrying out the following process. That is, when the fingerprint authentication unit 10 authenticates the same fingerprint by simply sending a predetermined command from the non-contact IC card reader 6, the second NFC chip 13 transmits predetermined data, and the non-contact IC card reader 6 receives this data, thereby realizing the above notification method. However, even if the fingerprint authentication unit 10 does not authenticate the same fingerprint, it is possible to have the fingerprint authenticated as "the same fingerprint" by sending the same data as the above-mentioned predetermined data to the non-contact IC card reader 6 by some other means. There is a risk of security being breached by misuse of this. It is necessary to be careful of this misuse.

Regarding this misuse, for example, when a different NFC card with fingerprint authentication function on which a different fingerprint is registered is linked to the smartphone 5, in order to prevent the smartphone 5 from operating as if the fingerprint had been authenticated, it is advisable to have unique data on the NFC card with fingerprint authentication function. It is then preferable to adopt measures such as making it a prerequisite for fingerprint authentication to be successful that this unique data matches the data registered on the smartphone 5.

In the fingerprint authentication system shown in FIG. 4, the notification method is realized by transmitting the IDm2 data of the second NFC chip 13. As described above, there is no FeliCa chip with the same IDm data, so it is difficult to breach security without performing fingerprint authentication as described above. In other words, it is practically difficult to breach security by using some means to make the smartphone 5 recognize that "the fingerprint has been authenticated as the same."

IDm is used for authentication of general security cards, and no major problems have arisen at present. However, some say that since the communication method of IDm is disclosed, it is possible to forge it. Another problem with general FeliCa cards is that the IDm data can be easily read by skimming. In the fingerprint authentication system shown in Figure 4, the fingerprint authentication unit 10 in the NFC card 8 with fingerprint authentication function controls so that IDm2 data can only be read if the same fingerprint is authenticated. As a result, skimming is impossible on the NFC card 8 with fingerprint authentication function unless it is authenticated as the same fingerprint. This can significantly reduce the risk of skimming.

As measures against IDm forgery of FeliCa cards, methods such as MAC authentication using a secret key for FeliCa Lite-S chips and using a secure area for FeliCa Standard chips have been proposed. Such methods can be applied as appropriate to the notification method of the fingerprint authentication system shown in Figure 4.

In the fingerprint authentication system shown in FIG. 4, an example of a control method in which the smartphone 5 controls the electronic circuit built into the NFC card 8 with fingerprint authentication function is described with reference to the flowchart shown in FIG. 5.

When the application software installed on the smartphone 5 is started, in the first step S1, a message "Please touch the fingerprint sensor" is displayed on the display of the smartphone 5 in FIG. 4, and a built-in timer is started (S2). In this software, a command to turn on polling is sent to the contactless IC card reader 6 (S3), and the contactless IC card reader 6 starts polling and supplies power to the first coil 4 and the second coil 12.

The second coil 12 that has received power supplies power to the fingerprint sensor 9, fingerprint authentication unit 10, memory 11, etc. This starts fingerprint authentication. In the next step S4, the software proceeds to step S5 until the timer has reached 10 seconds, and proceeds to step S9 when 10 seconds have passed.

In step S5, this software sends a command to the contactless IC card reader 6 to read the IDm data. The contactless IC card reader 6 replies to this software as to whether reading the IDm data was successful or unsuccessful. If reading the IDm fails, or if the IDm data read in the next step S6 matches the IDm1 data of the first NFC chip 2, the process returns to step S3 and polling is repeated.

When polling is repeated, it is important to note that 0.5 to 2 seconds of calculation time is required for the fingerprint authentication unit 10 to complete fingerprint authentication. During this loop, the second coil 12 must always be able to receive power continuously. For this reason, it is necessary to set the time for which power is supplied by one polling command to the non-contact IC card reader 6 to a relatively long value using the command parameters, etc., so that the second coil 12 can always receive power continuously.

In step S6, if the read IDm data does not match the IDm1 data of the first NFC chip 2, proceed to step S7. The IDm2 data of the second NFC chip 13 can be read by the non-contact IC card reader 6 only if the fingerprint authentication unit 10 has authenticated the same fingerprint. Therefore, if the IDm data read in step S7 matches the IDm2 data previously registered in the smartphone 5, the system in the smartphone 5 is notified that "fingerprint authentication was successful using the NFC card 8 with fingerprint authentication function" (S8).

On the other hand, if the IDm data does not match in step S7, it is assumed that the non-contact IC card reader 6 has read the IDm data of another FeliCa card. As a result, the system in the smartphone 5 is notified that "fingerprint authentication has failed on the NFC card 8 with fingerprint authentication function" (S9). After notifying the system of the result of the fingerprint authentication, polling is turned off (S10) and the application software is terminated.

When the system in the smartphone 5 recognizes that "fingerprint authentication has been successful using the NFC card 8 with fingerprint authentication function," it unlocks the smartphone 5 or allows connection to a specific network. In other words, according to the fingerprint authentication system illustrated in FIG. 4, the NFC card 8 with fingerprint authentication function can be used as a fingerprint authentication device in the smartphone 5.

The inventors of the present application created application software conforming to the flowchart shown in FIG. 5, which is compatible with the iPhone of Apple Inc., and verified its actual operation. Recent iPhones have a built-in contactless IC card reader. For the iPhone, application software was created using CoreNFC, an NFC-standard communications framework, to be compatible with iOS13 and later operating systems. The inventors then verified the operation of NFC-standard cards such as general FeliCa cards and NFC cards with fingerprint authentication functions using the contactless IC card reader built into the iPhone.

We confirmed that the IDm and UID of general FeliCa cards and NFC standard cards such as MyFair cards could be read without any problems. When reading, it was possible to set the device to a continuous power supply state using command parameters, etc. However, we found a problem in that continuous power supply was not possible when simply combining an NFC card with fingerprint authentication function with an iPhone, and fingerprint authentication or IDm reading was also not possible.

In the fingerprint authentication system shown in FIG. 4, in a state where the authentication circuit board 1 is removed, that is, in a combination of only the NFC card 8 with fingerprint authentication function and the iPhone (smartphone 5), the power supply state to the second coil 12 when the application software for the iPhone based on the flowchart shown in FIG. 5 is started is shown in FIG. 6. FIG. 6 is a timing chart of the first example. As a result of examining the above-mentioned problem, that is, the problem that continuous power supply cannot be performed, the inventor of the present application found that the cause is that the period for supplying power at one time by the polling command is short in the initial setting. In response to this problem, even if the timeSlot value of the parameter such as the CoreNFC Polling command was changed to lengthen the period for one polling, the actual power supply period did not change. For this reason, as shown in FIG. 6, power is supplied to the second coil 12 for a short time only at a constant cycle. Therefore, it was found that the application software alone cannot be used to set the iPhone in a continuous power supply state so that the fingerprint authentication system shown in FIG. 4 can operate.

When an NFC-compliant card such as a general FeliCa card or MyFair card is brought close to the non-contact IC card reader 6 built into the iPhone, that is, when NFC communication is actually taking place, the change in the time slot value is effective, the power supply period is adjustable, and a continuous power supply state can also be established. However, when the authentication circuit board 1 is removed from the fingerprint authentication system shown in FIG. 4, the second NFC chip 13 is not in a state where NFC communication is possible until fingerprint authentication is successful. And fingerprint authentication is not completed unless a continuous power supply state can be established. Therefore, the change in the time slot value cannot be effective, and a continuous power supply state cannot be established.

When this application software is running and the authentication circuit board 1 is brought close to the built-in contactless IC card reader 6, the first NFC chip 2 is recognized, the change in the time slot value becomes effective, and the actual polling period becomes longer, resulting in a state in which continuous power supply is performed. By entering a continuous power supply state, the fingerprint authentication system shown in Figure 4 becomes capable of fingerprint authentication, and it was confirmed that the second NFC chip 13 is in a state in which it can operate after fingerprint authentication is successful.

However, when the first NFC chip 2 of the authentication circuit board 1 that is brought close to the non-contact IC card reader 6 in order to change the timeSlot value is a MyFair chip, in the fingerprint authentication system shown in FIG. 4, even after fingerprint authentication is successful, the non-contact IC card reader 6 reads the UID, which is the unique data of the first NFC chip 2, and is unable to read the IDm data of the second NFC chip 13. The inventors of this application believe that this is because the built-in non-contact IC card reader 6 first performs NFC communication with the MyFair chip and then tries to maintain communication with the MyFair chip, preventing communication with the second NFC chip 13.

To solve this problem, it is necessary to have the non-contact IC card reader 6 in FIG. 4 enter a continuous power supply state, so that the NFC chip is recognized after power supply to the second coil 12 starts, so that the change in the timeSlot value becomes effective, and to have the non-contact IC card reader 6 actually read the IDm of the second NFC chip 13 in a continuous power supply state.

Furthermore, in recent years, the contactless IC card reader 6 of a smartphone is required not only to read cards but also to perform NFC communication with various external devices such as for making electronic money payments. When the authentication circuit board 1 included in the fingerprint authentication system shown in FIG. 4 is attached to a smartphone 5, the embodiment of the present invention must be usable without interference when the contactless IC card reader 6 performs NFC communication with other IC cards using other application software, or when performing NFC communication with various external devices including an external contactless IC card reader.

In the NFC communication standard, the communication sequence between a contactless IC card reader and an NFC chip consists of, first, an "initial response" that sets up a communication path between the contactless IC card reader and the target NFC chip, and, second, an "active state" that exchanges information according to the application.

First, when power supply from the contactless IC card reader is started in the initial response, the NFC chip goes into a state of waiting for a request (request command) from the contactless IC card reader to set up a communication path. Next, the contactless IC card reader sends a request command, and the NFC chip returns a response. This recognizes the NFC chip present in the communication area of the contactless IC card reader. The contactless IC card reader then exchanges parameters with the recognized NFC chip, and mutually confirms conditions such as communication speed. After this, the state transitions from the initial response to the active state. In the active state, the NFC chip recognized in the initial response is selected, and NFC communication is performed by repeating responses from the NFC chip to commands from the contactless IC card reader.

There are various types of NFC chips, such as Type A for MyFair chips, Type B for Japanese driver's licenses, and Type F for FeliCa chips, and the processing method for when multiple NFC chips of the same type are simultaneously present in the initial response is determined for each type. When multiple NFC types of chips are present, only the specified type of NFC chip can be recognized by specifying the type of NFC chip to be read. When multiple types are specified, multiple specified types of cards can be recognized. However, there are restrictions not specified in the NFC communication standards, such as when a MyFair card and a FeliCa card are recognized at the same time, the UID of the MyFair card is read with priority over the IDm of the FeliCa card.

Type A NFC chips such as the MyFair chip (i) use a method called the bit collision method to read the UIDs of all recognized MyFair chips when multiple MyFair chips are recognized during the initial response, then (ii) the contactless IC card reader designates one of the read UIDs, and (iii) the MyFair chip with the matching UID responds, selecting one from the multiple MyFair chips. Therefore, MyFair chips that do not respond during the initial response cannot be recognized.

When multiple Felica chips are present, if IDm is known, the Felica chip can specify IDm and the Felica chip with the matching IDm will respond, or if the system codes of multiple Felica chips are different, it is possible to specify the system code and read the IDm data of the corresponding Felica chip even if the chips are stacked. In order to change the time slot value at the time of the initial response, if the Felica chip recognized by the non-contact IC card reader 6 is changed to a Felica chip with a different system code from that of the second NFC chip 13 included in the fingerprint authentication system shown in FIG. 4, it was confirmed that the built-in non-contact IC card reader 6 can specify the system code of the second NFC chip 13 to read the IDm data of the second NFC chip 13 even if the Felica chip recognized at the initial response after the fingerprint authentication is successful remains in an operating state. Since the Felica chip that responded initially has a different system code from that of the second NFC chip 13, its IDm cannot be read, but it was confirmed that it can be continuously powered.

In the contactless IC card reader 6 built into the iPhone, if any NFC chip is recognized in the initial response, the change in the timeSlot value becomes effective. However, in order to maintain a continuous power supply state and, after fingerprint authentication is successful, to enable the second NFC chip 13 in the NFC card 8 with fingerprint authentication function to notify the contactless IC card reader 6 that fingerprint authentication has been successful, it is necessary to effectively combine the control timing and type of the NFC chip recognized in the initial response and the type of the second NFC chip 13 in the NFC card 8 with fingerprint authentication function.

In the fingerprint authentication system shown in FIG. 4, the power supply state to the second coil 12 when starting the application software for iPhone based on the flowchart shown in FIG. 5 is shown in FIG. 7. FIG. 7 is a timing chart of the second example. Referring to FIG. 7, when power is supplied to the second coil 12 to enable the change of the timeSlot value, power is also supplied to the first coil 4 in the authentication circuit board 1 at the same time, and the first NFC chip 2 is made operable for a short time by the control circuit 3 a little later than the start of this power supply. As a result, within the initial short polling period of the initial setting, an initial response of NFC communication is made between the built-in non-contact IC card reader 6 and the first NFC chip 2, and the change of the timeSlot value becomes effective. Therefore, the actual polling period becomes longer and a state in which continuous power supply is performed is reached. Even if the operation of the first NFC chip 2 is stopped after the continuous power supply state is reached, the continuous power supply state is maintained for a certain period of time.

In the timing chart of the second example in FIG. 7, the control circuit 3 activates the first NFC chip 2 a little after the second coil 12 is powered, but they may be activated at the same time. The delay time is provided to delay the order of recognition so that the first NFC chip 2 does not interfere when (i) application software other than this software is started to read the NFC card with the non-contact IC card reader 6, or (ii) the non-contact IC card reader 6 built into the smartphone 5 performs NFC communication with an external device for electronic money payment, etc.

Fingerprint authentication by the NFC card 8 with fingerprint authentication function takes at least 0.5 to 1 second, so if the first NFC chip 2 is put into an operable state when power is first supplied, and then stopped in about 0.3 seconds, the first NFC chip 2 and the second NFC chip 13 will not be in an operable state at the same time, and there will be no problem even if different types of NFC chips are combined.

In addition, if the first NFC chip 2 and the second NFC chip 13 are both FeliCa chips, once the FeliCa chip is recognized in the initial response, NFC communication is possible after transitioning to an active state not only when the system codes of the two FeliCa chips are different, but also when there is only one FeliCa chip operating simultaneously, even if the system code of the first NFC chip 2 is the same as the system code of the second NFC chip 13. Therefore, even if two low-cost FeliCa Lite-S chips are used, operation can be performed without problems as long as the two NFC chips are controlled not to operate simultaneously.

The FeliCa Lite-S chip has a different system code than the FeliCa Standard chip used for electronic money, etc. This means that the contactless IC card reader 6 built into the smartphone 5 will not interfere with NFC communication with an external device, such as for electronic money payments.

In the fingerprint authentication system shown in FIG. 4, the power supply state to the second coil 12 when starting up the iPhone application software based on the flowchart shown in FIG. 5 is shown in FIG. 8. FIG. 8 is a timing chart of the third example. In the timing chart of the third example, the control circuit 3 shown in FIG. 4 is omitted, and the operating state of the first NFC chip 2 is determined only by the power supply state of the first coil 4. Referring to FIG. 8, when power is supplied to the second coil 12 to enable the change of the timeSlot value, power is also supplied to the first coil 4 in the authentication circuit board 1 at the same time. As a result, the first NFC chip 2 becomes operable and remains in the operable state until the power supply is stopped.

Referring to FIG. 8, after fingerprint authentication is successful, not only the second NFC chip 13 but also the first NFC chip 2 remain in an operable state at the same time. In this state, it is necessary to select the type of NFC chip that can read the IDm2 of the second NFC chip 13 that has not responded initially.

As mentioned above, if one Felica chip responds at the time of initial response, multiple Felica chips can be read. To read multiple Felica chips, the corresponding Felica chips will respond by specifying IDm or by specifying a system code. However, CoreNFC does not have a way to specify IDm. For this reason, it is necessary to specify a system code and read the corresponding Felica chip. In this case, if multiple system codes are specified, the corresponding Felica chips can be read simultaneously.

When there are multiple Felica chips with the same system code, multiple chips cannot be read simultaneously, so the first NFC chip 2 should be a Felica chip with a different system code from that of the second NFC chip 13. Here, in order not to interfere with communication with Felica chips with specific system codes when making electronic money payments on an iPhone, it is better to select a Felica chip with a different system code from those system codes as the first NFC chip 2.

As described above, according to the embodiment described based on the timing charts shown in Figures 6, 7, and 8, even in a smartphone such as an iPhone in which the original application software alone cannot continuously supply power from the non-contact IC card reader 6 built into the smartphone 5, (i) the authentication circuit board 1 is attached to the smartphone 5, (ii) the first NFC chip 2 in the authentication circuit board 1 is recognized in the initial response, thereby making the power supply continuous, (iii) the fingerprint authentication unit 10 in the NFC card 8 with fingerprint authentication function starts fingerprint authentication upon receiving power from the non-contact IC card reader 6 built into the smartphone 5, and (iv) if the fingerprint authentication is successful, the non-contact IC card reader 6 receives a fingerprint authentication notification from the second NFC chip 13 in the NFC card 8 with fingerprint authentication function, thereby notifying the smartphone 5 that "the fingerprint has been authenticated as the same fingerprint."

In addition, if the first NFC chip 2 recognized in the initial response is a FeliCa chip, by appropriately selecting the system code, it is possible to prevent the embodiment of the present invention from interfering with cases such as (i) when application software other than this application software is launched and an NFC card is read using the contactless IC card reader 6, or (ii) when the contactless IC card reader 6 built into the smartphone 5 communicates with an external device via NFC for electronic money payments, etc.

In Figures 7 and 8, for smartphones such as iPhones, which cannot normally maintain continuous power supply from the built-in contactless IC card reader using application software alone, the application software can achieve continuous power supply by having the NFC chip recognized in the initial response.

Figures 9 and 10 are cross-sectional views for explaining the fingerprint authentication system of Figure 4. In Figures 9 and 10, the same elements as those shown in Figure 4 are given the same reference numerals. Reference numeral 15 shown in Figures 9 and 10 is a smartphone case that is attached to smartphone 5. Reference numeral 16 is an LED. LED 16 is mounted on NFC card 8 with fingerprint authentication function. LED 16 constitutes a display unit that displays the power supply status of the NFC card with fingerprint authentication function and the success or failure of fingerprint authentication, etc.

9 and 10, the authentication circuit board 1 can be bent by forming a part or the whole of the board from a flexible printed circuit board or the like as shown in FIG. 1. The authentication circuit board 1 is disposed on the back of the display of the smartphone 5, and the bent part covers a part of the side of the smartphone 5 with the authentication circuit board 1. This allows the magnetic flux of the alternating magnetic field generated from the non-contact IC card reader 6 to pass through the first coil 4 in the authentication circuit board 1. As a result, the authentication circuit board 1 can be operated by wireless power supply from the non-contact IC card reader 6. The authentication circuit board 1 is fixed to the smartphone case 15 with double-sided tape or the like. The authentication circuit board 1 may be directly fixed to the smartphone 5 with double-sided tape or the like, but it is preferable to fix it so that it can be easily attached and detached from the smartphone 5 in consideration of maintenance such as repairs. In addition, by separating the authentication circuit board 1 from the smartphone 5 by the thickness of the case, the effective area of the first coil 4 through which the alternating magnetic field from the non-contact IC card reader 6 passes can be increased. This allows the authentication circuit board 1 to receive more stable power supply.

With reference to FIG. 9, FIG. 9 illustrates a state in which the authentication circuit board 1 is attached to the smartphone 5 via the smartphone case 15 and the NFC card 8 with the fingerprint authentication function is accessed near the non-contact IC card reader 6. When power supply from the non-contact IC card reader 6 starts in this state, the first NFC chip 2 in the authentication circuit board 1 is activated, and the first NFC chip 2 is recognized by the non-contact IC card reader 6 in the initial response. As a result, the NFC card 8 with the fingerprint authentication function is continuously powered, and fingerprint authentication is possible. In FIG. 9, the operation was verified by bending a part of a FeliCa card of different sizes as the authentication circuit board 1, a sticker having the same function, or a flexible board module. It was found that the larger the area of the first coil 4 located along the back of the display of the smartphone 5, the wider the range in which sufficient power can be supplied to the NFC card 8 with the fingerprint authentication function to operate. From this verification result, it was confirmed that the range of the relative positions of the non-contact IC card reader 6 and the NFC card 8 with the fingerprint authentication function is expanded. In other words, it was confirmed that power can be supplied from the non-contact IC card reader 6 over a wider range via the first coil 4.

Referring to FIG. 10, in the illustrated embodiment, a mechanism for holding the NFC card 8 with fingerprint authentication function is added to the smartphone case 15. By adding this card holding mechanism to the smartphone case 15, the NFC card 8 with fingerprint authentication function can be stored in the smartphone case 15 when not in use. When performing fingerprint authentication, the NFC card 8 with fingerprint authentication function is pulled out from the smartphone case 15 and fingerprint authentication is performed in the state shown in FIG. 10. In both cases of FIG. 9 and FIG. 10, the fingerprint sensor 9 is located on the display surface side of the smartphone 5, so the position of the fingerprint sensor 9 can be actually confirmed with the eyes while touching the fingerprint sensor 9 with the finger 14. This allows fingerprint authentication to be performed reliably. In addition, the LED 16 on the NFC card 8 with fingerprint authentication function makes it possible to perform fingerprint authentication while checking the power supply status and the success or failure of fingerprint authentication. The usage shown in FIG. 10 can also be achieved by attaching a card holder that holds a commercially available credit card-sized card to the smartphone case 15 of FIG. 9.

In Figures 9 and 10, by using multiple NFC cards 8 with fingerprint authentication function, it is possible to perform fingerprint authentication using separate cards for corporate and personal use, thereby achieving higher security. In addition, one NFC card 8 with fingerprint authentication function can be used not only with the smartphone 5 but also with other terminals, improving convenience.

The fingerprint authentication system shown in FIG. 4, FIG. 9, and FIG. 10 can provide the same usability as a fingerprint authentication device built into a smartphone. In addition, security can be ensured against attacks such as SIM swap attacks, in which the criminal registers his/her own biometric information on a new smartphone to which the criminal has transferred his/her phone number, thereby disabling the face authentication and fingerprint authentication built into the smartphone. In other words, the criminal cannot obtain the NFC card 8 with fingerprint authentication function with a registered fingerprint only by a SIM swap attack. Even if the criminal obtains a new NFC card 8 with fingerprint authentication function with no fingerprint registered and registers his/her own fingerprint, the unique data in the NFC card 8 with fingerprint authentication function is different, so that even if a SIM swap attack is performed, the fingerprint authentication is not recognized as successful. Even if the criminal is able to obtain the NFC card 8 with fingerprint authentication function with a registered fingerprint, fingerprint authentication will not be successful with the criminal's fingerprint. In this way, it can be said that the fingerprint authentication system of the present invention is an effective fingerprint authentication device against SIM swap attacks. The fingerprint authentication system of the present invention can provide higher security than the fingerprint authentication device built into a smartphone.

The authentication circuit board 1 shown in Figs. 1, 4, 9, and 10 is attached to the smartphone 5 so that a continuous power supply state can be realized even in a model such as an iPhone in which application software alone cannot continuously supply power from the built-in contactless IC card reader. In addition, when the authentication circuit board 1 is attached, the first NFC chip 2 of the authentication circuit board 1 can be accessed from the smartphone 5 at any time to confirm unique numbers such as IDm1, so that it can be used as one of multi-factor authentication. Since authentication using the authentication circuit board 1 is not fingerprint authentication, it is ineffective against SIM swap attacks if the authentication circuit board 1 is stolen. However, if the authentication circuit board 1 is not stolen, it is an effective authentication device against SIM swap attacks. Since there is no need to touch the fingerprint sensor, authentication using the NFC card 8 with fingerprint authentication function is required for large remittances in online banking, and login and balance inquiries in online banking can be performed smoothly using authentication using the authentication circuit board 1.

As mentioned above, the authentication circuit board 1 does not have a fingerprint authentication function, so if the authentication circuit board 1 is stolen, it is basically ineffective against SIM swap attacks. However, by adding an electronic circuit for an NFC card 8 with fingerprint authentication function to the authentication circuit board 1 and configuring it as a single circuit board, it is possible to prevent SIM swap attacks even in the event of theft. Note that when configuring it as a single circuit board, it is a simple design item for a person skilled in the art to design a circuit board in which a single coil serves as both the first coil 4 and the second coil 12.

REFERENCE SIGNS LIST 1 Authentication circuit board 2 First NFC chip 3 Control circuit 4 First coil 5 Smartphone 6 Non-contact IC card reader 7 FeliCa card, etc. 8 NFC card with fingerprint authentication function Fp Fingerprint authentication means 9 Fingerprint sensor 10 Fingerprint authentication unit 11 Memory 12 Second coil 13 Second NFC chip 15 Smartphone case 16 LED

Claims (10)

An external authentication circuit board for a smartphone that is attached to a smartphone having a built-in non-contact IC card reader and that can operate the smartphone while attached to the smartphone,
a first NFC chip having a function of performing NFC communication with the non-contact IC card reader;
a first coil that receives power from the non-contact IC card reader;
An external authentication circuit board for a smartphone, characterized in that a portion of the first coil covers a portion of the side of the smartphone so that the magnetic flux of the alternating magnetic field generated from the non-contact IC card reader passes through the first coil, thereby enabling the first NFC chip to supply the power necessary for NFC communication with the non-contact IC card reader, thereby enabling the authentication circuit board to be used as one of the multi-factor authentication means on the smartphone. A control circuit for controlling an operation timing of the first NFC chip is further provided.
2. The external authentication circuit board for a smartphone according to claim 1, wherein the control circuit enables the first NFC chip when the first coil receives power, and stops operation of the first NFC chip after a sufficient amount of time has elapsed for use as one of the multi-factor authentication means, thereby not preventing the contactless IC card reader from communicating with other NFC chips via NFC. The external authentication circuit board for a smartphone according to claim 1, characterized in that the first NFC chip is a FeliCa chip. The external authentication circuit board for a smartphone according to claim 1, characterized in that the authentication circuit board is attached to the smartphone via a smartphone case. The external authentication circuit board for a smartphone according to claim 2, characterized in that the authentication circuit board is attached to the smartphone via a smartphone case. The external authentication circuit board for a smartphone according to claim 3, characterized in that the authentication circuit board is attached to the smartphone via a smartphone case. the authentication circuit board has a function of adding authentication by fingerprint authentication in addition to the multi-factor authentication means by enabling an NFC card with a fingerprint authentication function to be used on the smartphone;
The NFC card with fingerprint authentication function includes:
A fingerprint sensor;
A fingerprint authentication unit;
A memory for storing fingerprint data for matching;
A second coil that receives power from the non-contact IC card reader;
a fingerprint authentication means including a second NFC chip having a function of performing NFC communication with the non-contact IC card reader;
The fingerprint authentication means includes:
a fingerprint data reading function that starts reading fingerprint data using the fingerprint sensor when the second coil receives power from the non-contact IC card reader;
a fingerprint data matching function for matching the read fingerprint data with the matching fingerprint data stored in the memory by the fingerprint authentication unit;
a fingerprint authentication notification function that performs the NFC communication from the second NFC chip to the non-contact IC card reader only when the fingerprint authentication unit recognizes the fingerprint as being the same, and notifies the non-contact IC card reader that the fingerprint has been recognized as being the same;
the fingerprint sensor, the fingerprint authentication unit, the memory, and the second NFC chip operate only with power received by the second coil;
The smartphone is a model in which continuous power supply from the non-contact IC card reader to the second coil cannot be performed by application software installed thereon alone,
when the first coil receives power from the non-contact IC card reader, the first NFC chip is recognized in an initial response to the NFC communication, thereby continuously supplying power from the non-contact IC card reader to the second coil;
The fingerprint authentication unit completes the fingerprint authentication.
7. The external authentication circuit board for a smartphone according to claim 1, wherein when the fingerprint authentication is successful, a notification of the fingerprint authentication is given. The external authentication circuit board for smartphones described in claim 7, characterized in that the fingerprint authentication notification, which notifies that fingerprint authentication has been successful when the fingerprint authentication unit recognizes the same fingerprint, transmits data using unique data stored in the second NFC chip to the contactless IC card reader via the NFC communication. The external authentication circuit board for smartphones according to claim 8, characterized in that the smartphone compares data using the unique data transmitted from the second NFC chip to the contactless IC card reader by the NFC communication with data preregistered in the smartphone, and when the data match, the smartphone recognizes that the fingerprint authentication unit has authenticated the fingerprint as the same. The external authentication circuit board for a smartphone according to claim 7, characterized in that the fingerprint authentication function is implemented on the same board as the authentication circuit board.

Images