JP2016133955A - Information processing apparatus and program - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide an information processing apparatus in consideration of convenience of users without reducing security, and a program.SOLUTION: A body-mounted device 1 to be mounted on a body includes: a sensor section 2 for detecting a mount state; a mount determination section 11 that determines whether the body-mounted device 1 has been mounted or not, on the basis of detection information from the sensor section 2; an authentication processing section 16 which authenticates a user with the device mounted thereon; an authentication success information storage section 33 which stores an authentication result of the authentication processing section 16; and an authentication success information storage control section 18 which controls the authentication success information storage section 33. The authentication success information storage control section 18 controls authentication success information to be stored in the authentication success information storage section 33 on condition that the user is authenticated by the authentication processing section 16 when the mount determination section 11 determines a mount state, and causes the authentication success information to be continuously stored in the authentication success information storage section 33 as long as the mount determination section 11 determines the mount state as before.SELECTED DRAWING: Figure 2

Description

  The present invention relates to an information processing apparatus and a program to be worn on the body.

Conventionally, a system that performs two-factor authentication that identifies a person using a plurality of elements has been disclosed (for example, Patent Document 1). In the two-factor authentication, the person is authenticated by collation using two factors. The two elements refer to a specific identification object (for example, a credit card) that only a party can have and specific identification object information (for example, a PIN (Personal Identification Number)) that only the party can know.
Moreover, a body-worn life support device for grasping the health condition of the user is disclosed (for example, Patent Document 2). So-called “wearable computers” that are worn on the user's body are becoming familiar.

JP 2014-106593 A JP 2001-327472 A

Two-factor authentication can improve security of the system, but allows the user to perform complicated input processing. In particular, when it is necessary to perform the authentication process many times, the user is forced to input specific identification target information, which is inconvenient.
SUMMARY An advantage of some aspects of the invention is that it provides an information processing apparatus and a program that take into account user convenience without lowering security.

  The present invention solves the above problems by the following means. In addition, in order to make an understanding easy, although the code | symbol corresponding to embodiment of this invention is attached | subjected and demonstrated, it is not limited to this. In addition, the configuration described with reference numerals may be improved as appropriate, or at least a part thereof may be replaced with another configuration.

1st invention is information processing apparatus (1) with which a body is mounted | worn, Comprising: The said information processing apparatus is mounted | worn with the detection part (2) for detecting a mounting state, and the detection information from the said detection part A wear determination unit (11) for determining whether or not the wearer, an authentication processing unit (16) for authenticating the wearer, an authentication storage unit (33) for storing an authentication result by the authentication processing unit, An authentication storage control unit (18) for controlling an authentication storage unit, and the authentication storage control unit is authenticated by the authentication processing unit when it is in a mounting state by the mounting determination unit. On the condition that the authentication success information is stored in the authentication storage unit, the authentication success information is stored in the authentication storage unit while the mounting determination unit continues to determine that it is in the mounting state. To continue, with features That is an information processing apparatus.
According to a second invention, in the information processing apparatus (1) of the first invention, the authentication storage control unit (18) is determined by the mounting determination unit (11) that the information processing apparatus is not mounted. In response to this, the authentication success information stored in the authentication storage unit (33) is deleted.
According to a third invention, in the information processing device (1) of the first invention or the second invention, the information processing device (1) includes a plurality of the detection units (2), and the mounting determination unit (11) includes all the detection units. If the detected information indicates that the information processing apparatus is being mounted, it is determined that the information processing apparatus is being mounted, and then the detection information from all the detection units is not mounted on the information processing apparatus. It is an information processing apparatus characterized by determining that it is in an unmounted state when it is indicated.
According to a fourth aspect of the present invention, in any one of the information processing apparatuses (1) from the first aspect to the third aspect, the apparatus includes a mounting state storage unit (34) that stores a determination result by the mounting determination unit (11). This is an information processing apparatus characterized by the above.
In a fifth aspect of the present invention, in any one of the information processing apparatuses (1) from the first aspect to the fourth aspect, the processing request receiving unit (13) that receives the processing request and the processing request receiving unit A processing execution unit (15) that executes a processing request, and the processing execution unit, when the authentication success information is stored in the authentication storage unit (33), the authentication processing unit (16) When the processing request received by the processing request receiving unit is executed without authenticating the user, and the authentication success information is not stored in the authentication storage unit, the authentication processing unit may identify the user. The information processing apparatus is characterized in that the processing request received by the processing request receiving unit is executed on the condition that authentication has been performed.
According to a sixth aspect of the present invention, in the information processing apparatus (1) of the fifth aspect of the present invention, a request determination for determining whether or not personal authentication is necessary based on the processing request received by the processing request receiving unit (13). Unit (14), and the process execution unit (15) performs personal authentication by the authentication processing unit (16) when the request determination unit determines that personal authentication is necessary. Is an information processing apparatus.
According to a seventh aspect of the present invention, in the information processing device (1) of the fifth or sixth aspect, the history storage unit (35) stores the processing history of the processing execution unit (15) executing the processing request. A history storage control unit (20), and an abnormal process determination unit (21) that refers to the processing history stored in the history storage unit and determines whether or not the execution state of the processing request is abnormal. The authentication storage control unit (18), even when the abnormal process determination unit determines that there is an abnormality, even while the installation determination unit (11) continues to determine that it is in the mounted state. The information processing apparatus is characterized in that the authentication success information stored in the authentication storage unit (33) is erased.
According to an eighth aspect of the present invention, in the information processing device (1) of the seventh aspect of the present invention, the information processing device (1) includes a date and time acquisition unit (5), and the history storage control unit (20) associates the processing history with the processing date and time. Determination information that is stored in the history storage unit (35) and sets processing determination information for determining whether or not the execution state of the processing request is abnormal from the processing history and processing date and time stored in the history storage unit It is an information processing apparatus characterized by comprising a setting unit (22).
According to a ninth invention, in any one of the information processing devices (1) from the first invention to the eighth invention, the information processing device (1) includes a timer unit (5), and the authentication storage control unit (18) includes the authentication processing unit. When the reference time elapses after the authentication success information in (16) is stored in the authentication storage unit (33), it is while the mounting determination unit (11) continues to determine the mounting state. However, the information processing apparatus is characterized in that the authentication success information stored in the authentication storage unit is erased.
According to a tenth aspect of the present invention, in the information processing apparatus (1) according to any one of the first to ninth aspects, the mounting determination unit (11) changes to the detection information from the detection unit (2). When there is, the information processing apparatus is characterized by determining whether or not the information processing apparatus is in a mounted state.
In an eleventh aspect of the present invention, in any one of the information processing apparatuses (1) from the first aspect to the tenth aspect, an imaging unit (3) and an authentication information storage unit (32) storing authentication information are provided. The authentication processing unit (16) performs personal authentication by comparing the face image captured by the imaging unit with authentication information stored in the authentication information storage unit. Information processing apparatus.
The twelfth invention is a program (31a, 31b) for causing a computer to function as any one of the information processing apparatuses (1) from the first invention to the eleventh invention.

  ADVANTAGE OF THE INVENTION According to this invention, the information processing apparatus and program which considered the user's convenience can be provided, without reducing security.

It is a figure which shows the example of the body mounting apparatus which concerns on this embodiment. It is a figure which shows the functional block of the body mounting apparatus which concerns on this embodiment. It is a figure which shows the example of each memory | storage part of the body mounting apparatus which concerns on this embodiment. It is a flowchart which shows the main process of the body mounting apparatus which concerns on this embodiment. It is a flowchart which shows the mounting | wearing determination process of the body mounting apparatus which concerns on this embodiment. It is a flowchart which shows the request | requirement process of the body mounting apparatus which concerns on this embodiment. It is a flowchart which shows the authentication success information utilization determination process of the body mounting apparatus which concerns on this embodiment. It is a flowchart which shows the criteria change process of the body wearing apparatus which concerns on this embodiment.

DESCRIPTION OF EMBODIMENTS Hereinafter, embodiments for carrying out the present invention will be described with reference to the drawings. This is merely an example, and the technical scope of the present invention is not limited to this.
(Embodiment)
FIG. 1 is a diagram illustrating an example of a body wearing device 1 according to the present embodiment.
FIG. 2 is a diagram illustrating functional blocks of the body wearing device 1 according to the present embodiment.
FIG. 3 is a diagram illustrating an example of each storage unit of the body wearing device 1 according to the present embodiment.

A body wearing device 1 (information processing device) shown in FIG. 1 is a device for performing personal authentication processing and various processing. The various processes refer to, for example, a payment process when purchasing an article and a process for using a Web service.
As shown in FIG. 1A, the body wearing device 1 is, for example, a wristwatch type device worn on the arm (wrist portion) of the user P. And the body wearing apparatus 1 can measure the pulse of the user P who wears, and can detect whether the belts are in a coupled state. With these functions, the body wearing device 1 determines a wearing state indicating whether or not the user P is wearing.
The body wearing device 1 is a device having a function of performing face authentication processing using a face authentication technique using a face image that is specific identification target information.
In the following description, it is assumed that the body wearing device 1 is used for the personal authentication process of the payment process.

  As shown in FIG. 2, the body wearing device 1 includes a sensor unit 2, a camera unit 3, a touch panel display 4, a date / time information acquisition unit 5 (date / time acquisition unit, timer unit), and a Bluetooth (registered trademark) unit 7. An NFC (Near Field Communication) unit 8, a control unit 10, and a storage unit 30.

The sensor unit 2 acquires detection information for determining whether or not the body wearing device 1 is worn by the user P.
The sensor unit 2 includes a magnetic sensor 2a and a pulse sensor 2b.
As shown in FIG. 1B, the magnetic force sensor 2a is a sensor that detects whether or not the end portions of the belt portion 1a are coupled to each other. The magnetic sensor 2a is provided in the vicinity of the end of the belt portion 1a.
The pulse sensor 2b is the main body 1b, and is a sensor that detects the pulse of the user P by contacting the sensor contact surface with the contact surface with the user P (in this case, the skin of the wrist). The pulse sensor 2b can measure the heart rate by detecting, as a pulse wave, vibration synchronized with the heartbeat that propagates to the skin of the user P.
Thus, the body wearing apparatus 1 determines whether or not the body wearing apparatus 1 is worn by the user P by using the magnetic sensor 2a and the pulse sensor 2b. That is, when the magnetic sensor 2a detects that both the belt portions 1a are coupled to each other and the pulse sensor 2b detects a pulse, the body wearing device 1 is worn by the user P. Can be judged.
The sensor unit 2 is not limited to the above-described sensor as long as it can be determined whether or not the sensor unit 2 is attached to the user P, and may be another sensor.

Returning to FIG. 2, the camera unit 3 is a device for taking an image. As shown in FIG. 1B, the camera unit 3 is provided at a position where the face image of the user P can be taken with the user P wearing the body wearing device 1.
The touch panel display 4 has a function as a display unit composed of a liquid crystal panel and the like, and a function as an input unit that detects a touch input by the user P's finger or the like.
The date / time information acquisition unit 5 is a device that acquires date / time information. And the date information acquisition part 5 can measure the elapsed time from the measurement start time.

  The Bluetooth unit 7 is a communication interface unit for performing short-range wireless communication according to the Bluetooth standard (communication standard) (IEEE 802.15.1). The Bluetooth unit 7 includes a Bluetooth chip (not shown) and a Bluetooth antenna (not shown). The Bluetooth chip communicates with a payment processing terminal (not shown) that performs payment processing such as a register, for example, using a Bluetooth antenna.

  The NFC unit 8 is a communication interface unit for performing short-range wireless communication according to the NFC standard (communication standard) (ISO / IEC18092 (NFC IP-1), ISO / IEC21481 (NFC IP-2)). Here, the NFC unit 8 includes an NFC chip (not shown) and an NFC antenna (not shown). The NFC chip communicates with a reader / writer (not shown) of the above-described payment processing terminal by an NFC antenna. At that time, the NFC unit 8 can perform Bluetooth communication between the Bluetooth unit 7 and the payment processing terminal by setting the Bluetooth pairing (registration) with the payment processing terminal. To do.

The control unit 10 is a CPU (central processing unit) that controls the entire body wearing device 1. The control unit 10 executes various functions in cooperation with the hardware described above by appropriately reading and executing an application program or the like stored in the storage unit 30.
The control unit 10 includes an attachment determination unit 11, a process request reception unit 13, a request determination unit 14, a process execution unit 15, an authentication success information storage control unit 18 (authentication storage control unit), and a history storage control unit 20. And an abnormal process determination unit 21 and a determination information setting unit 22.
The wearing determination unit 11 is a control unit that determines whether or not the body wearing device 1 is worn by the user P when the detection information from the sensor unit 2 has changed.
The processing request receiving unit 13 is a control unit that receives a processing request such as a settlement processing request.
The request determination unit 14 is a control unit that determines whether or not personal authentication is necessary based on the processing request received by the processing request reception unit 13.
The process execution unit 15 is a control unit that executes the process request received by the process request receiving unit 13. The process execution unit 15 includes an authentication processing unit 16.
The authentication processing unit 16 is a control unit that authenticates the user P.
The authentication success information storage control unit 18 is a control unit that controls the authentication success information storage unit 33 (authentication storage unit).

The history storage control unit 20 is a control unit for storing the processing history in the history storage unit 35. In the history storage control unit 20, for example, the process execution unit 15 uses the authentication success information stored in the authentication success information storage unit 33 to execute the process request without performing the personal authentication by the authentication processing unit 16. The processing history is stored in the history storage unit 35.
The abnormal process determination unit 21 is a control unit that refers to the process history stored in the history storage unit 35 and determines whether or not the execution state of the process request is abnormal.
The determination information setting unit 22 is a control unit that sets processing determination information for determining whether or not the execution state of the processing request is abnormal from the processing history and processing date and time stored in the history storage unit 35.
Details of these functions will be described later.

The storage unit 30 is a storage area such as a semiconductor memory element for storing programs, data, and the like necessary for executing the control unit 10.
The storage unit 30 includes a program storage unit 31, an authentication verification information storage unit 32 (authentication information storage unit), an authentication success information storage unit 33, a mounting state storage unit 34, a history storage unit 35, and an allowable value storage unit. 36.
The program storage unit 31 is a storage area for storing a program.
The program storage unit 31 stores an authentication program 31a and a settlement program 31b.

The authentication program 31a is a program for determining whether or not to perform personal authentication and executing personal authentication when personal authentication is required. The authentication program 31a includes, for example, functions of the attachment determination unit 11, the authentication processing unit 16, the authentication success information storage control unit 18, the history storage control unit 20, the abnormal process determination unit 21, and the determination information setting unit 22. Execute.
The payment program 31b is a program for executing a payment process. The settlement program 31b executes functions of the process request receiving unit 13, the request determining unit 14, and the process executing unit 15, for example.

The authentication verification information storage unit 32 is a storage area for storing authentication verification information (authentication information) used for personal authentication. In this example, the authentication verification information is feature information of the face image of the user P. The authentication verification information storage unit 32 is provided in a secure storage area such as TrustZone (registered trademark), for example.
The authentication success information storage unit 33 is a storage area for storing authentication success information (authentication result). The authentication success information is information that can identify whether or not the personal authentication is successful. As shown in FIG. 3A, the authentication success information storage unit 33 stores the latest authentication success flag (authentication success information) and the processing date and time at the time of successful authentication in association with each other. The authentication success flag is a flag indicating whether or not the personal authentication is successful in the state where the body wearing device 1 is worn on the user P. The authentication success flag represents “1” when the personal authentication is successful, and represents “0” when the personal authentication fails. The initial value is “0”.

The wearing state storage unit 34 is a storage area that stores the wearing state of the body wearing device 1. The mounting state storage unit 34 stores the latest mounting state flag (mounting state) as shown in FIG. The wearing state flag is a flag indicating whether or not the body wearing device 1 is worn by the user P. The wearing state flag is represented by “1” when it is in a wearing state, and is represented by “0” when it is in a non-wearing state. The initial value is “0”.
The history storage unit 35 is a storage area for storing a processing history. As shown in FIG. 3C, the history storage unit 35 stores the processing date and time, the processing content, and the personal authentication processing code in association with each other. The processing date and time is the date and time when the processing is performed, and is acquired from the date and time information acquisition unit 5. The processing content is the processing content executed by the control unit 10. The personal authentication processing code indicates whether or not personal authentication has been performed. The personal authentication processing code is represented by “0” for processing that does not require personal authentication, “1” when personal authentication is performed, and when personal authentication is not performed by using the authentication success information. Is represented by “2”.

  The allowable value storage unit 36 is a storage area for storing allowable value information. The permissible value information is information used for determining whether or not the reuse of the authentication success information is permitted. As shown in FIG. 3D, the allowable value storage unit 36 stores allowable time, allowable frequency, and allowable amount as allowable value information. The allowable time is a time during which the authentication success information can be used at the time of the personal authentication and the request process can be executed without performing the personal authentication. The allowable number of times is the number of times that the authentication success information within the allowable time can be used and the request process can be executed without performing the personal authentication. The allowable amount is an amount that makes it possible to use the authentication success information within the allowable time and execute the request processing without performing the personal authentication. Initially, the allowable value storage unit 36 stores predetermined initial values such as, for example, an allowable time of 5 hours, an allowable number of times of 3, and an allowable amount of 100,000 yen.

  The computer refers to an information processing device including a control unit, a storage device, and the like. The body wearing device 1 is an information processing device including the control unit 10, the storage unit 30, and the like, and is included in the concept of a computer. .

Next, processing in the body wearing device 1 will be described.
FIG. 4 is a flowchart showing main processing of the body wearing device 1 according to the present embodiment.
This main process is started on condition that a power source (not shown) of the body wearing device 1 is turned on. Here, the description will be made excluding the case of the first activation. At the first activation, a process of acquiring the face image of the user P, creating authentication verification information and storing it in the authentication verification information storage unit 32 is added.
In step S (hereinafter referred to as “S”) 10, the control unit 10 performs an initialization process. Specifically, the control unit 10 sets the authentication success information storage unit 33 and the wearing state storage unit 34 to initial values. By this processing, the authentication success information storage unit 33 has the authentication success flag “0”, the processing date and time is cleared (blank), and the mounting state storage unit 34 has the mounting state flag “0”.

In S11, the control unit 10 performs communication establishment processing. Specifically, the NFC unit 8 receives a signal from the reader / writer when the user P brings the body-mounted device 1 close to the reader / writer (not shown) of the payment processing terminal. And the NFC part 8 establishes the communication by Bluetooth between the Bluetooth part 7 and the payment processing terminal by performing the setting for pairing with respect to the payment processing terminal.
In S12, the control unit 10 (mounting determination unit 11) performs a mounting determination process. The mounting determination process will be described later.
In S <b> 13, the control unit 10 (processing request receiving unit 13) determines whether or not a processing request has been received via the Bluetooth unit 7. When the process request is received (S13: YES), the control unit 10 moves the process to S14. When the processing request has not been received (S13: NO), the control unit 10 moves the process to S15.
In S14, the control unit 10 performs a request process. The request processing will be described later.

In S <b> 15, the control unit 10 determines whether or not the detection information from the sensor unit 2 has changed. For example, in the case of detection information from the magnetic sensor 2a, the control unit 10 changes from a state where the magnetic force value acquired as the detection information does not exceed the threshold value (not mounted) to a state where the threshold value is exceeded (during mounting). It can be determined that the detection information has changed. Further, the control unit 10 can determine that the detection information has changed by detecting that the threshold value is exceeded (during wearing) to a state where the threshold value is not exceeded (not worn).
Further, if the detection information is from the pulse sensor 2b, the control unit 10 indicates that the pulse rate acquired as the detection information has changed from a value outside the appropriate range (not attached) to a value within the appropriate range (during attachment). It can be determined that the detection information has changed. Further, the control unit 10 can determine that the detection information has changed by detecting that the value within the appropriate range (during mounting) is changed to a value outside the proper range (not mounted).
If there is a change in the detection information from the sensor unit 2 (S15: YES), the control unit 10 moves the process to S12. On the other hand, when the detection information from the sensor unit 2 has not changed (S15: NO), the control unit 10 moves the process to S16.

In S16, the control unit 10 determines whether or not to change the determination criterion. The determination criterion is tolerance value information stored in the tolerance value storage unit 36. As a timing for changing the determination criterion, for example, the timing when the number of history records stored in the history storage unit 35 reaches a predetermined number (for example, 50), or the number of times the power is turned on is a predetermined number (for example, 30). The timing when it is reached. Further, the control unit 10 refers to the schedule information stored in advance in the storage unit 30 instead of referring to the history storage unit 35, and determines whether or not an appropriate period (for example, three months) has elapsed. You may judge. When changing a judgment standard (S16: YES), control part 10 moves processing to S17. On the other hand, when the determination criterion is not changed (S16: NO), the control unit 10 moves the process to S18.
In S17, the control unit 10 (determination information setting unit 22) performs a determination criterion change process. The determination criterion change process is a process of referring to the processing history in the history storage unit 35 and changing the allowable value information stored in the allowable value storage unit 36. The criteria change process will be described later.

  In S <b> 18, the control unit 10 determines whether or not a power-off operation (OFF) has been performed by the operation of the user P, for example. When the power-off operation is performed (S18: YES), the control unit 10 ends this process. On the other hand, when the power-off operation is not performed (S18: NO), the control unit 10 moves the process to S13.

Next, the mounting determination process will be described with reference to FIG.
FIG. 5 is a flowchart showing the wearing determination process of the body wearing device 1 according to the present embodiment.
In S20, the control unit 10 (mounting determination unit 11) determines whether or not it is in a mounting state. Whether or not it is in the mounting state can be determined by referring to the mounting state storage unit 34 and whether or not the mounting state flag is “1”. When it is in the wearing state (S20: YES), the control unit 10 moves the process to S21. On the other hand, when it is not a mounting state (S20: NO), the control part 10 moves a process to S25.

  In S21, the control unit 10 (mounting determination unit 11) determines whether or not all detection information of the sensor unit 2 indicates that the sensor unit 2 is not mounted. For example, when the body-worn device 1 that has been worn is removed from the user P, all the detection information of the sensor unit 2 changes to not worn (S21: YES). In addition, when the user P is continuously wearing the body wearing device 1 that has been worn, there is at least one of the detection information of the sensor unit 2 indicating that it is being worn (S21: NO). When it becomes what shows non-wearing (S21: YES), control part 10 moves processing to S22. On the other hand, when there is even one indicating that it is being mounted (S21: NO), the control unit 10 ends this processing and returns to FIG.

In S <b> 22, the control unit 10 (authentication success information storage control unit 18) clears the authentication success information storage unit 33. That is, the control unit 10 sets the authentication success flag in the authentication success information storage unit 33 to “0” and clears the processing date and time.
In S23, the control unit 10 changes the mounting state flag in the mounting state storage unit 34 from “1” indicating the mounting state to “0” indicating the non-mounting state. Then, the control part 10 complete | finishes this process, and returns to FIG.

On the other hand, in S <b> 25, the control unit 10 (mounting determination unit 11) determines whether or not all detection information of the sensor unit 2 indicates mounting. For example, when the user P wears the body wearing device 1 that has not been worn, all detection information of the sensor unit 2 changes during wearing (S25: YES). Further, when the unmounted body mounted device 1 is still unmounted, there is at least one that indicates unmounted in the detection information of the sensor unit 2 (S25: NO). When it becomes what shows mounting | wearing (S25: YES), the control part 10 moves a process to S26. On the other hand, when there is at least one that is not attached (S25: NO), the control unit 10 ends this processing and returns to FIG.
In S <b> 26, the control unit 10 changes the mounting state flag of the mounting state storage unit 34 from “0” indicating the unmounted state to “1” indicating the mounted state. Then, the control part 10 complete | finishes this process, and returns to FIG.

  Thus, the control part 10 can judge that it is a mounting state, when all the detection information of the sensor part 2 changes during mounting | wearing. On the other hand, after determining the mounting state, the control unit 10 determines that the sensor unit 2 is not mounted only when all the detection information of the sensor unit 2 is changed to unmounted, and detects even one sensor unit 2 from the sensor unit 2. If the information indicates that the device is being mounted, it can be determined that the device is still mounted.

Next, the request process will be described with reference to FIG.
FIG. 6 is a flowchart showing a request process of the body wearing device 1 according to the present embodiment.
FIG. 7 is a flowchart showing authentication success information use determination processing of the body-worn device 1 according to the present embodiment.
In S30 of FIG. 6, the control unit 10 (request determination unit 14) performs a request determination process. In the request determination process, it is determined whether the process requires personal authentication based on the process request. Specifically, when the necessity of personal authentication is clearly indicated in the processing request, the control unit 10 determines the necessity of personal authentication according to the instruction. Further, when the necessity of personal authentication is not clearly indicated in the processing request, the control unit 10 determines the necessity of personal authentication from the type and content of the command included in the processing request. For example, if the processing request relates to a payment process, authentication of the person is usually required. However, when the payment amount is low, it is determined that the personal authentication can be omitted.
In S31, the control unit 10 determines whether or not personal authentication is necessary as a result of the request determination process. When it is determined that personal authentication is necessary (S31: YES), the control unit 10 moves the process to S32. On the other hand, if it is determined that personal authentication is not required (S31: NO), the control unit 10 moves the process to S40.
In S32, the control unit 10 (authentication processing unit 16) performs authentication success information use determination processing.

Here, the authentication success information use determination process will be described with reference to FIG.
In S50 of FIG. 7, the control unit 10 (authentication processing unit 16) refers to the authentication success information storage unit 33 to check whether authentication success information is stored, that is, whether the authentication success flag is “1”. Judging. When the authentication success information is stored (S50: YES), the control unit 10 moves the process to S51. On the other hand, when the authentication success information is not stored (S50: NO), the control unit 10 moves the process to S58.
In S51, the control unit 10 determines that the elapsed time, which is the difference between the processing date and time of the authentication success information storage unit 33 (the processing date and time of S38 in FIG. 6 described later) and the current date and time, is within the allowable time of the allowable value storage unit 36. Judge whether there is. When the elapsed time is within the allowable time (S51: YES), the control unit 10 moves the process to S52. On the other hand, when the elapsed time is not within the allowable time (S51: NO), the control unit 10 moves the process to S58.
In S <b> 52, the control unit 10 refers to the history storage unit 35 and determines whether or not the number of processes within the allowable time is within the allowable number of times in the allowable value storage unit 36. When the number of processes with the personal authentication process code “2” is within the allowable number (S52: YES), the control unit 10 moves the process to S53. On the other hand, if the number of processes with the personal authentication process code “2” is not within the allowable number of times (S52: NO), the control unit 10 moves the process to S58.

In S <b> 53, the control unit 10 refers to the history storage unit 35, and determines whether or not the total amount of settlement processing amounts due to processing within the allowable time is within the allowable amount of the allowable value storage unit 36. When the total amount of the payment processing amounts for the process with the person authentication processing code “2” is within the allowable amount (S53: YES), the control unit 10 moves the process to S54. On the other hand, when the total amount of the settlement processing amounts for the process with the personal authentication processing code “2” is not within the allowable amount (S53: NO), the control unit 10 moves the process to S58.
In S54, the control unit 10 determines that the authentication success information can be reused. Then, the control part 10 complete | finishes this process, and returns to FIG.

On the other hand, in S58, the control unit 10 (authentication success information storage control unit 18) clears the authentication success information storage unit 33. That is, the control unit 10 sets the authentication success flag in the authentication success information storage unit 33 to “0” and clears the processing date and time. In this processing, when there is a processing request exceeding the allowable value information, the control unit 10 determines that the execution state of the processing request is in an abnormal state, and clears the authentication success information storage unit 33, thereby again. The purpose is to have the user authenticate.
In S59, the control unit 10 determines that the reuse of the authentication success information is impossible. Then, the control part 10 complete | finishes this process, and returns to FIG.

  Returning to FIG. 6, in step S <b> 33, the control unit 10 determines whether it is determined that the authentication success information can be reused as a result of the processing by the authentication success information use determination process. If it is determined that the authentication success information can be reused (S33: YES), the control unit 10 moves the process to S40. On the other hand, if it is determined that the authentication success information cannot be reused (S33: NO), the control unit 10 moves the process to S34.

In S <b> 34, the control unit 10 (authentication processing unit 16) performs personal authentication. Specifically, the control unit 10 activates the camera unit 3 and acquires the face image of the user P by the photographing operation by the user P. Then, the control unit 10 extracts the feature information of the acquired face image, and compares the extracted feature information of the face image with the feature information of the face image that is authentication verification information stored in the authentication verification information storage unit 32. To do. As a result of this processing, the control unit 10 determines whether or not the face image acquired by the camera unit 3 matches the face image stored in the authentication verification information storage unit 32, and thus stored in the authentication verification information storage unit 32. It can be determined whether or not the face image belongs to the same person. If the control unit 10 determines that they are the same person, it can determine that the personal authentication has been successful.
In S <b> 35, the control unit 10 stores the processing history in the history storage unit 35. Specifically, the control unit 10 stores “person authentication” and the result of the user authentication in the processing content of the history storage unit 35. In addition, the control unit 10 stores “1” in the personal authentication processing code of the history storage unit 35.

In S36, the control unit 10 determines whether or not the personal authentication is successful. When the personal authentication is successful (S36: YES), the control unit 10 moves the process to S37. On the other hand, when the personal authentication fails (S36: NO), the control unit 10 moves the process to S42.
In S <b> 37, the control unit 10 refers to the mounting state storage unit 34 and determines whether the mounting state flag is “1”, that is, whether it is a mounting state. If the mounting state flag is “1” (S37: YES), the control unit 10 moves the process to S38. On the other hand, when the mounting state flag is “0” (S37: NO), the control unit 10 moves the process to S40.

In S38, the control unit 10 updates the authentication success information storage unit 33. Specifically, the control unit 10 changes the authentication success flag of the authentication success information storage unit 33 to “1”, and sets the current date and time acquired from the date and time information acquisition unit 5 as the processing date and time of the authentication success information storage unit 33. Remember me.
In S <b> 39, the control unit 10 causes the date information acquisition unit 5 to start measuring time. By this process, the measured time can be used, for example, for the determination process (S51 in FIG. 7) of whether or not it is within the allowable time described above.
In S40, the control unit 10 executes a request process. In executing the request process, the control unit 10 outputs, for example, a settlement amount and a button indicating approval to the touch panel display 4. Then, when the button is selected by the user P, the control unit 10 transmits information for causing the payment execution terminal to execute the payment via the Bluetooth unit 7. Thereby, the payment processing is executed at the payment execution terminal.

  In S <b> 41, the control unit 10 stores the processing history in the history storage unit 35. Specifically, the control unit 10 stores “0” in the personal authentication processing code of the history storage unit 35 when the process does not require personal authentication (NO in S31). Further, when the request processing is executed after executing the personal authentication (S36 is YES), the control unit 10 stores “1” in the personal authentication processing code of the history storage unit 35. Further, when the authentication success information is reused (YES in S33), the control unit 10 stores “2” in the personal authentication processing code of the history storage unit 35. Then, the control part 10 complete | finishes this process, and returns to FIG.

  On the other hand, in S42, the control unit 10 responds with a processing error. Specifically, the fact that a processing error has occurred due to an authentication failure is output to the touch panel display 4. Then, the control part 10 complete | finishes this process, and returns to FIG.

Next, the determination criterion changing process will be described.
FIG. 8 is a flowchart showing the determination criterion changing process of the body wearing device 1 according to the present embodiment.
The determination criterion changing process is a process of changing the allowable value information stored in the allowable value storage unit 36 based on the history information.
In S <b> 60, the control unit 10 refers to the history storage unit 35 and extracts predetermined history information. The history information to be extracted may be, for example, information after the previous determination standard changing process, or information for the number of cases designated in advance, such as the latest 30 cases. In addition, information using authentication success information whose personal authentication processing code is “2” may be extracted.
In S61, the control unit 10 performs an analysis process for analyzing the extracted history information. In the analysis process, for example, the process execution frequency is specified from the date and time information on which the process is executed in the history information, or the allowable amount is specified from the settlement amount on which the process is executed in the history information.

In S62, the control unit 10 creates update data specified by the analysis process.
In S <b> 63, the control unit 10 updates the allowable value information stored in the allowable value storage unit 36 using the update data.
In S <b> 64, the control unit 10 deletes the history information stored in the history storage unit 35. Here, all history information except history information from the most recent power-on may be deleted, or history information for 100 cases may be left from the latest and other history information may be deleted. Then, the control part 10 complete | finishes this process, and returns to FIG.

Thus, according to this embodiment, the body wearing apparatus 1 has the following effects.
(1) The user authentication is performed with the body-mounted device 1 in the mounted state, and when the user authentication is successful (S36 in FIG. 6 is YES), while in the mounted state (S37 in FIG. 6 is YES) Authentication success information indicating that the personal authentication is successful is stored in the authentication success information storage unit 33. Thereby, when the body wearing apparatus 1 is in the wearing state, the authentication success information can be used in the next processing (S33 in FIG. 6 is YES). Therefore, since a complicated authentication operation that needs to be performed for each process can be omitted, the convenience of the user P is improved as a result.
(2) When the body wearing device 1 is not worn, the authentication success information in the authentication success information storage unit 33 is cleared (S22 in FIG. 5). It is determined that the body wearing device 1 is in the unmounted state when the body wearing device 1 is changed from the state worn until now to a state where it is removed from the body of the authenticated person. In this case, if the authentication success information is still stored in the authentication success information storage unit 33, the authentication success information may be abused. Therefore, the authentication success information stored in the authentication success information storage unit 33 is cleared. To do. By this process, the authentication success information cannot be used in other processes, and the security is improved.

(3) If all the detection information of the sensor unit 2 of the body wearing device 1 indicates that it is being worn, it is determined that it is in a worn state (S25 in FIG. 5 is YES). Accurate determination can be made, and erroneous determination can be suppressed.
If it is determined that the sensor is in the mounted state, the determination of the mounted state is maintained until all the detection information of the sensor unit 2 indicates that it is not mounted (S21 in FIG. 5 becomes YES). To do. Therefore, even if the body wearing apparatus 1 in the wearing state indicates that the detection information from the sensor unit 2 indicates non-wearing due to malfunction of one sensor unit 2, even one of the other sensor units 2 If it indicates that the device is being mounted, it is determined that the device is still mounted. As a result, the convenience of the user P is improved.

(4) Based on the detection information of the sensor unit 2, the determination result indicating the mounted state or the unmounted state is stored in the mounted state storage unit 34 (S23, S26 in FIG. 5). This can be determined by referring to the wearing state storage unit 34, and the process is simple.
(5) When there is a change in the detection information from the sensor unit 2 (S15 in FIG. 4 is YES), it is determined whether or not it is in the mounted state, so there is no need to always determine the mounting and the processing load is increased. Can be reduced.

(6) The personal authentication for executing the processing request can be omitted by referring to the authentication success information in the authentication success information storage unit 33 (when S33 in FIG. 6 is YES).
Also, instead of omitting the user authentication uniformly, it is determined whether or not the user authentication is necessary from the processing request (S31 in FIG. 6). If the user authentication is required, the user authentication is performed and the processing request is issued. Can be executed. Therefore, it is possible to achieve both user P's convenience and security.

(7) When an abnormal state is determined such that the number of processing executions exceeds the allowable number or the processing execution amount exceeds the allowable amount, the authentication success information in the authentication success information storage unit 33 is deleted (FIG. 7 S58). Therefore, when the permissible value information is exceeded, personal authentication can be performed for the processing request. Therefore, processing using authentication success information cannot be continued, and processing in an abnormal state can be suppressed.
(8) Information for determining an abnormal state can be created from a user's behavior pattern using history information.
For example, the allowable number of times can be set from the settlement transaction history in the history information. Therefore, it is possible to set the number of times whether or not to authenticate the user according to the user's behavior pattern.
(9) If the allowable time has passed after successful authentication, authentication success information is deleted. Therefore, various risks due to continuous use can be avoided.

  As mentioned above, although embodiment of this invention was described, this invention is not limited to embodiment mentioned above. In addition, the effects described in the embodiments are merely a list of the most preferable effects resulting from the present invention, and the effects of the present invention are not limited to those described in the embodiments. In addition, although embodiment mentioned above and the deformation | transformation form mentioned later can also be used combining suitably, detailed description is abbreviate | omitted.

(Deformation)
(1) In this embodiment, although what uses a wristwatch-type body mounting apparatus was demonstrated, it is not limited to this. For example, a spectacle-type body wearing device may be used. In that case, the eyeglass-type body wearing device is equipped with a switch for detecting the opening and closing of the vine and a pulse sensor on the part that touches the skin, so that it is in a wearing state like the wristwatch-type body wearing device. You can determine whether or not.
(2) In the present embodiment, an example of performing a payment process has been described, but the present invention is not limited to this. For example, authentication processing of a web service executed on a personal computer or a portable information terminal may be performed using a body wearing device.
In the present embodiment, authentication processing using face authentication has been described, but the present invention is not limited to this. Any information that uses specific identification target information may be used. For example, a PIN authentication process may be used.

(3) In the present embodiment, the description has been given of updating the allowable value information in the allowable value storage unit from the processing history stored in the history storage unit, but the present invention is not limited to this. For example, a history when the attachment determination process is performed may be stored, and the allowable value information in the allowable value storage unit may be updated from the history. In this case, in S21 of FIG. 5, a history is recorded when a part of the sensor unit indicates non-wearing, and if the number of times is equal to or greater than a certain number, it is considered that the body wearing device is illegally removed. be able to. Therefore, when an abnormal operation is detected, the user can be authenticated again by setting the allowable number of times in the allowable value information to a low value such as “0”.
(4) In the present embodiment, in the authentication success information use determination process using the allowable value information in the allowable value storage unit, determination of the number of processes within the allowable time and determination of the total amount of the payment processing amount within the allowable time In the above description, the history storage unit 35 is referred to as a determination regarding the process of which the personal authentication process code is “2”, but the present invention is not limited to this. Regardless of the value of the personal authentication process code, all processes may be used to determine the number of processes within the allowable time and the total amount of payment.

(5) In the present embodiment, the authentication success information storage unit has been described on the assumption that the authentication success flag represents not only authentication success but also authentication failure. However, the present invention is not limited to this. For example, what represents authentication success may be stored, and authentication failure may not be stored.
(6) In the present embodiment, the allowable value storage unit has been described as storing the allowable time, the allowable number of times, and the allowable amount. However, the present invention is not limited to this. For example, the tolerance value storage unit may store other tolerance value information, or may not have it. Further, the tolerance value storage unit may have different tolerance value information according to the day of the week or the time zone. In that case, update data for each day of the week or time zone may be created by analyzing the history information in the determination criterion changing process (FIG. 8).

DESCRIPTION OF SYMBOLS 1 Body mounting apparatus 2 Sensor part 2a Magnetic force sensor 2b Pulse sensor 3 Camera part 5 Date and time acquisition part 10 Control part 11 Wear determination part 13 Process request | requirement reception part 14 Request determination part 15 Process execution part 16 Authentication process part 18 Authentication success information storage control Unit 20 History storage control unit 21 Abnormal processing determination unit 22 Determination information setting unit 30 Storage unit 31a Authentication program 31b Settlement program 32 Authentication verification information storage unit 33 Authentication success information storage unit 34 Wearing state storage unit 35 History storage unit 36 Allowable value storage Part

Claims (12)

An information processing device worn on the body,
A detection unit for detecting the wearing state;
A mounting determination unit that determines whether or not the information processing apparatus is in a mounting state based on detection information from the detection unit;
An authentication processing unit for authenticating the wearer;
An authentication storage unit for storing an authentication result by the authentication processing unit;
An authentication storage control unit for controlling the authentication storage unit;
With
The authentication storage control unit
When the wearing determination unit is in a wearing state, the authentication processing unit stores authentication success information in the authentication storage unit on the condition that the user is authenticated.
Continuing the state in which the authentication success information is stored in the authentication storage unit while the mounting determination unit continues to determine the mounting state.
An information processing apparatus characterized by the above. The information processing apparatus according to claim 1,
The authentication storage control unit deletes the authentication success information stored in the authentication storage unit in response to the mounting determination unit determining that the information processing apparatus is not mounted.
An information processing apparatus characterized by the above. The information processing apparatus according to claim 1 or 2,
A plurality of the detection units;
The wearing determination unit
When the detection information from all the detection units indicates that the information processing apparatus is being mounted, it is determined that the information processing apparatus is mounted,
Thereafter, when the detection information from all the detection units indicates that the information processing apparatus is not mounted, determining that the information processing apparatus is not mounted.
An information processing apparatus characterized by the above. In the information processing apparatus according to any one of claims 1 to 3,
A mounting state storage unit that stores a determination result by the mounting determination unit;
An information processing apparatus characterized by the above. In the information processing apparatus according to any one of claims 1 to 4,
A processing request receiver for receiving a processing request;
A process executing unit for executing the process request received by the process request receiving unit;
With
The process execution unit
When the authentication success information is stored in the authentication storage unit, without performing personal authentication by the authentication processing unit, execute the processing request received by the processing request receiving unit,
When the authentication success information is not stored in the authentication storage unit, the processing request received by the processing request receiving unit is executed on the condition that the authentication processing unit is authenticated. ,
An information processing apparatus characterized by the above. The information processing apparatus according to claim 5,
Based on the processing request received by the processing request receiving unit, a request determination unit that determines whether or not personal authentication is necessary,
The process execution unit performs identity authentication by the authentication process unit when it is determined by the request determination unit that identity authentication is necessary,
An information processing apparatus characterized by the above. In the information processing apparatus according to claim 5 or 6,
A history storage control unit for storing the processing history of the processing request executed by the processing execution unit in a history storage unit;
An abnormal process determination unit that refers to the processing history stored in the history storage unit and determines whether or not the execution state of the processing request is abnormal;
With
The authentication storage control unit stores the authentication storage unit in the authentication storage unit even when the mounting determination unit continues to determine that it is in the mounted state when the abnormality processing determination unit determines that the abnormality is abnormal. Deleting said authentication success information,
An information processing apparatus characterized by the above. The information processing apparatus according to claim 7,
It has a date and time acquisition unit,
The history storage control unit stores the processing history in association with the processing date and time in the history storage unit,
A determination information setting unit that sets processing determination information for determining whether or not the execution state of the processing request is abnormal from the processing history and processing date and time stored in the history storage unit;
An information processing apparatus characterized by the above. In the information processing apparatus according to any one of claims 1 to 8,
It has a timer part,
The authentication storage control unit, when a reference time has elapsed since the authentication success information stored by the authentication processing unit is stored in the authentication storage unit, while the mounting determination unit continues to determine that it is in the mounting state Even so, deleting the authentication success information stored in the authentication storage unit,
An information processing apparatus characterized by the above. In the information processing apparatus according to any one of claims 1 to 9,
The mounting determination unit determines whether or not the information processing apparatus is in a mounted state when the detection information from the detection unit is changed;
An information processing apparatus characterized by the above. The information processing apparatus according to any one of claims 1 to 10,
A shooting section;
An authentication information storage unit storing authentication information;
With
The authentication processing unit performs identity authentication by comparing a face image captured by the imaging unit with authentication information stored in the authentication information storage unit;
An information processing apparatus characterized by the above.   A program for causing a computer to function as the information processing apparatus according to any one of claims 1 to 11.

Images