JP2018124999A - Information processing device and program - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a technology for assisting provision of biometric authentication by an optimal authentication method to a user in accordance with situation of user's biological information or the like.SOLUTION: A user information acquisition part 51 acquires user's fingerprint information transmitted from a dedicated terminal 2 as user information. A virtual user information generation part 52 generates virtual user information on the basis of the user information. A similarity distribution calculation part 53 acquires and manages registered user information stored in a registered user DB 500 from the registered user DB 500. The similarity distribution calculation part 53 calculates a distribution of similarity between the virtual user information and the registered user information on the basis of comparison between the virtual user information and the registered user information. A proper result calculation part 54 calculates a proper N value for each user on the basis of the calculated distribution of similarity. Then, the proper result calculation part 54 determines an authentication method which is optimal for the user on the basis of the calculated proper N value.SELECTED DRAWING: Figure 4

Description

  The present invention relates to an information processing apparatus and a program.

Conventionally, biometric authentication is a technique of personal authentication performed using information such as human physical characteristics (for example, fingerprints). For example, there are 1: N authentication (or 1-to-N authentication) and 1: 1 authentication (or 1-to-1 authentication) as biometric authentication methods. Here, the 1: N authentication is a biometric that matches from a large number of templates (multiple biometric information) registered in advance only with the biometric information of the user including information related to fingerprints (hereinafter referred to as “fingerprint information”). This is a method of selecting information. The 1: 1 authentication is a method for calling a user template (user's biometric information) to be compared and comparing it with the user's biometric information.
For example, Patent Literature 1 exists as a biometric authentication technique using the 1: N method.

JP 2012-133603 A

  However, according to the prior art including the above-mentioned Patent Document 1, when performing authentication of 1: N (N is an integer value of 2 or more) method, unregistered users other than known users registered in the database in advance The possibility of accepting a third party by mistake cannot be excluded. Therefore, it is necessary to make the limit of N extremely low with respect to the acceptance rate of others assumed from the feature amount of the biological information acquired from the user who performs authentication. there were.

  The present invention has been made in view of such a situation, and an object thereof is to assist the user in providing biometric authentication by an optimum authentication method according to the situation of the biometric information of the user. To do.

In order to achieve the above object, an information processing system according to one embodiment of the present invention includes:
User information acquisition means for acquiring, as user information, information including at least biometric information of the user to be authenticated;
Virtual user information generating means for generating virtual user information based on the user information;
Registered user information management means for managing, as registered user information, information including at least biometric information already registered for a plurality of users different from the user;
Based on a comparison between at least one of the virtual user information or the user information and the registered user information, at least one of the virtual user information or the user information and the registered A similarity distribution calculating means for calculating a distribution of similarity with user information;
Based on the similarity distribution calculated by the similarity distribution calculating means, an appropriate value calculating means for calculating a value used for determining a predetermined authentication method suitable for use by the user;
Is provided.

  ADVANTAGE OF THE INVENTION According to this invention, provision of the biometric authentication by the optimal authentication method can be assisted with respect to the said user according to the condition etc. of a user's biometric information.

It is a figure which shows an example of a structure of the information processing system which concerns on one Embodiment of this invention. It is a block diagram which shows an example of the hardware constitutions of a server among the information processing systems of FIG. It is a block diagram which shows an example of the hardware constitutions of a dedicated terminal among the information processing systems of FIG. FIG. 4 is a functional block diagram illustrating an example of a functional configuration of the server in FIG. 2 and the dedicated terminal in FIG. 3. It is a flowchart explaining the flow of the user authentication method determination process which the server of FIG. 4 performs. It is a figure which shows an example of distribution prediction of similarity. It is a figure which shows an example of distribution prediction of similarity, and is a figure which shows an example different from the example of FIG. It is a figure which shows an example of distribution prediction of similarity, and is a figure which shows an example different from the example of FIG.6 and FIG.7.

  Hereinafter, embodiments of the present invention will be described with reference to the drawings.

First, prior to describing an embodiment of the present invention, a service (hereinafter referred to as “the present service”) to which an information processing system according to an embodiment of the present invention is applied will be briefly described.
This service proposes a biometric authentication method based on an optimal authentication method for the user according to the status of the user's biometric information (for example, fingerprint information). This is a biometric authentication service that performs biometric authentication.
Specifically, in this service, the server 1 determines N for each user.
In other words, as described above, conventionally, when simply performing 1: N authentication, in order to eliminate the risk of accidentally accepting an unregistered third party other than a known user registered in advance in the database, In general, the limit of N is extremely low with respect to the other person acceptance rate assumed from the feature amount of the biometric information acquired from the user who performs authentication.
On the other hand, in this service, the server 1 considers the situation of the fingerprint information of the user and the difference from the fingerprint information of a known user registered in the database (hereinafter referred to as “registered user”). Thus, N identifications that can perform 1: N authentication are performed for each user.
And the server 1 provides the optimal authentication method suitable for each user based on the limit value (optimum value) of N determined by each user as a result, and performs biometric authentication of each user by the said authentication method. . A method for the server 1 to determine N of each user will be described later with reference to FIG.

FIG. 1 is a diagram illustrating an example of a configuration of an information processing system according to an embodiment of the present invention.
As shown in FIG. 1, the information processing system according to an embodiment of the present invention is configured to include a server 1, a dedicated terminal 2, and a fingerprint authentication device 3.
The server 1, the dedicated terminal 2, and the fingerprint authentication device 3 are connected to each other via a predetermined network N. The form of the network N is not particularly limited, and for example, Bluetooth (registered trademark), Wi-Fi (Wireless Fidelity), LAN (Local Area Network), the Internet, or the like can be adopted.

The server 1 is managed by the provider of this service, for example. Specifically, for example, the server 1 acquires the user's fingerprint information transmitted from the dedicated terminal 2 as user information, and determines an authentication method optimal for the user.
Here, the fingerprint information is image information such as an image obtained by specifically capturing the fingerprint of the user.

The dedicated terminal 2 is managed by a fingerprint authenticator or a provider of this service.
The dedicated terminal 2 acquires the authentication information transmitted from the server 1 and displays the information on the display unit 37 of the dedicated terminal 2.

The fingerprint authentication device 3 is managed by a fingerprint authenticator. The fingerprint authentication device 3 captures the fingerprint of the user's hand and acquires the user's fingerprint information. Then, the fingerprint authentication device 3 transmits the acquired fingerprint information of the user to the dedicated terminal 2 using near field communication described later.
Here, the fingerprint authentication device 3 is, for example, a capacitive sensor, and acquires image information or the like of an image having each pixel value as information such as capacitance changed by the finger touching or approaching.

  FIG. 2 is a block diagram showing a hardware configuration of the server 1 in the information processing system of FIG.

  The server 1 includes a CPU (Central Processing Unit) 11, a ROM (Read Only Memory) 12, a RAM (Random Access Memory) 13, a bus 14, an input / output interface 15, an output unit 16, an input unit 17, A storage unit 18, a communication unit 19, and a drive 20.

The CPU 11 executes various processes according to a program recorded in the ROM 12 or a program loaded from the storage unit 18 to the RAM 13.
The RAM 13 appropriately stores data necessary for the CPU 11 to execute various processes.

  The CPU 11, ROM 12, and RAM 13 are connected to each other via a bus 14. An input / output interface 15 is also connected to the bus 14. An output unit 16, an input unit 17, a storage unit 18, a communication unit 19, and a drive 20 are connected to the input / output interface 15.

The output unit 16 includes various liquid crystal displays and outputs various information.
The input unit 17 includes various hardware and inputs various information.
The storage unit 18 is configured by a DRAM (Dynamic Random Access Memory) or the like, and stores various data.
The communication unit 19 controls communication with other devices (the server 1 and the dedicated terminal 2 in the example of FIG. 1) via the network N including the Internet.

  The drive 20 is provided as necessary. A removable medium 21 composed of a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is appropriately attached to the drive 20. The program read from the removable medium 21 by the drive 20 is installed in the storage unit 18 as necessary. The removable medium 21 can also store various data stored in the storage unit 18 in the same manner as the storage unit 18.

FIG. 3 is a block diagram illustrating an example of a hardware configuration of the dedicated terminal 2 in the information processing system of FIG.
Since the configuration of the dedicated terminal 2 is basically the same as the configuration of the server 1 except that the dedicated terminal 2 includes the touch panel and the short-range wireless communication unit 40, only the differences will be described here.

  The touch operation input unit 36 includes, for example, a capacitance type or resistance film type (pressure sensitive) position input sensor stacked on the display unit 37, and detects the coordinates of the position where the touch operation is performed.

The display unit 37 includes various liquid crystal displays. For example, the display unit 37 displays a biometric authentication service authentication method that is optimal for the user.
Thus, in this embodiment, the touch operation input unit 36 and the display unit 37 constitute a touch panel.

  The short-range wireless communication unit 40 executes control for performing short-range wireless communication by a method in accordance with, for example, NFC (registered trademark) or Bluetooth (registered trademark) standards. Specifically, for example, each of the dedicated terminal 2 and the fingerprint authentication device 3 performs short-range wireless communication by a method in accordance with the Bluetooth (registered trademark) standard.

Execution of user authentication method determination processing for providing an optimal biometric authentication service to the user through cooperation of various hardware and software of the server 1, the dedicated terminal 2, and the fingerprint authentication device 3 configured as described above. Is possible.
Here, the user authentication method determination process refers to a series of processes from when user information is acquired in the server 1 to when an appropriate result optimal for the user is calculated.

  4 is a functional block diagram mainly showing an example of the functional configuration of the server 1 in FIG. 2 and the dedicated terminal 2 in FIG.

First, an example of the functional configuration of the dedicated terminal 2 will be described with reference to FIG.
As shown in FIG. 4, the fingerprint information management unit 81, the authentication method acquisition unit 82, and the display control unit 83 function in the CPU 31 of the dedicated terminal 2.

The fingerprint information management unit 81 of the dedicated terminal 2 acquires the user's fingerprint information transmitted from the fingerprint authentication device 3 via the short-range wireless communication unit 40 of the dedicated terminal 2.
In addition, the fingerprint information management unit 81 executes control to transmit the acquired fingerprint information of the user to the server 1 via the communication unit 41.

Here, the fingerprint information of the user transmitted in this way is acquired as user information by the server 1. In the server 1, the user authentication method is determined based on various information including the user information, and the result is transmitted from the server 1 to the dedicated terminal 2 again.
Therefore, the authentication method acquisition unit 82 acquires the user authentication method transmitted from the server 1 in this way via the communication unit 41. Details of processing performed in the server 1 will be described later.

  The display control unit 83 executes control for causing the display unit 37 to display the authentication method acquired by the authentication method acquisition unit 82.

Next, an example of the functional configuration of the server 1 will be described with reference to FIG.
As shown in FIG. 4, in the CPU 11 of the server 1, the user information acquisition unit 51, the virtual user information generation unit 52, the similarity distribution calculation unit 53, the appropriate result calculation unit 54, and the authentication method presentation unit 55 The authentication unit 56 functions.
A registered user DB 500 is provided in one area of the storage unit 18 of the server 1.
The registered user DB 500 stores the user ID of the registered user, fingerprint information, and the like in association with each other. The registered user DB 500 may store, for example, virtual user information described later.

The user information acquisition unit 51 of the server 1 acquires information including at least biometric information of the user to be authenticated as user information.
That is, the user information acquisition unit 51 of the server 1 acquires the user's fingerprint information transmitted from the dedicated terminal 2 as user information via the communication unit 19.
Here, in the server 1, necessary information is appropriately extracted from the user information acquired in this way. That is, the server 1 can extract, for example, information related to the captured fingerprint pattern of the user and information related to the length of various feature points based on the acquired user information.
In addition, when calling it user information in subsequent description, it contains the various information extracted from the above-mentioned user information in this way. Further, in the server 1, such user information is used for calculating a similarity described later.

The virtual user information generation unit 52 of the server 1 generates virtual user information based on the user information.
That is, the virtual user information generation unit 52 of the server 1 generates virtual user information based on the user information acquired from the user information acquisition unit 51.
Here, the virtual user information refers to virtual user information generated by deforming an image or randomly adding or deleting various feature amounts with respect to the above-described user information.
Specifically, even if the fingerprint image of the user captured by the fingerprint authentication device 3 is acquired from the same user, the same image is not necessarily captured. For example, the captured image may differ depending on the moisture content of the fingerprint, the posture of the finger when the fingerprint is pressed against the fingerprint authentication device 3, and the secular change of the fingerprint is also known.
Furthermore, for example, depending on the user, it may be assumed that the fingerprint is thin and the image cannot be acquired accurately, or even if it can be acquired, the feature of the fingerprint has few features and sufficient feature points cannot be acquired. The
In view of such circumstances, in order to calculate an appropriate N for the user and provide an appropriate authentication method, it is indispensable to consider the blurring of images acquired from the user.
Therefore, in this service, the virtual user information generation unit 52 of the server 1 generates virtual user information in order to take into account the blurring of the acquired image.

The similarity distribution calculation unit 53 of the server 1 manages information including at least registered biometric information (for example, fingerprint information) regarding a plurality of users different from the user as registered user information.
That is, the similarity distribution calculation unit 53 of the server 1 acquires and manages the registered user information stored in the registered user DB 500 from the registered user DB 500.
Here, the registered user information is image information of fingerprints acquired from a large number of registered users, feature points extracted from the image information, and the like.

Further, the similarity distribution calculation unit 53 calculates the distribution of the similarity between the virtual user information and the registered user information based on the comparison between the virtual user information and the registered user information.
Note that the similarity distribution calculation unit 53 may use user information for the similarity distribution in addition to the above-described virtual user information, or calculate the similarity distribution using user information instead of the virtual user information. May be.

The appropriate result calculation unit 54 of the server 1 calculates a value used for determining a predetermined authentication method suitable for use by the user, based on the similarity distribution calculated by the similarity distribution calculating unit.
That is, the appropriate result calculation unit 54 calculates an appropriate value of N for each user based on the similarity distribution calculated by the similarity distribution calculation unit 53. Then, the appropriate result calculation unit 54 determines an optimal authentication method for the user based on the calculated appropriate value of N.
Here, the optimum authentication method for the user is, for example, “1: N authentication is performed unconditionally”, “1: N authentication is performed only when a specific condition is satisfied”, “(1: N “Because it is difficult to authenticate), perform 1: 1 authentication”.
In this service, an optimal authentication method for the user is determined from the appropriate value of N calculated for each user in this way, while considering how appropriate the user is for 1: N authentication. Can do.
In addition, the appropriate result calculation unit 54 can use the concept of a threshold when calculating an appropriate value of N. Details of calculating an appropriate value of N using this threshold will be described later with reference to FIG.

The authentication method presentation unit 55 of the server 1 presents the authentication method optimal for the user determined by the appropriate result calculation unit 54 to the dedicated terminal 2 or the like.
Here, the authentication method presenting unit 55 presents the authentication method is not limited to the dedicated terminal 2. That is, for example, the authentication method presenting unit 55 may present an optimum authentication method for the user to the output unit 16 of the server 1 or the like.

The authentication unit 56 performs all processes related to user authentication.
Specifically, for example, the authentication unit 56 actually performs fingerprint authentication for the user using the authentication method optimal for the user determined by the appropriate result calculation unit 54.
Note that the fingerprint information of the user used for authentication here may be acquired by any means.
That is, the authentication unit 56 may perform fingerprint authentication using feature points acquired from the fingerprint information acquired when executing the above-described user authentication method determination process. Fingerprint authentication may be performed using fingerprint information acquired from the user.

  FIG. 5 is a flowchart for explaining the flow of the user authentication method determination process executed by the server 1 of FIG.

In step S <b> 1, the user information acquisition unit 51 of the server 1 acquires information including at least biometric information of a user to be authenticated as user information.
That is, the user information acquisition unit 51 acquires the user's fingerprint information transmitted from the dedicated terminal 2 as user information via the communication unit 19.

In step S2, the virtual user information generation unit 52 of the server 1 generates virtual user information based on the user information.
That is, the virtual user information generation unit 52 generates virtual user information based on the user information acquired in step S1.

In step S <b> 3, the similarity distribution calculation unit 53 of the server 1 manages, as registered user information, information including at least biometric information already registered for a plurality of users different from the user.
That is, the similarity distribution calculation unit 53 of the server 1 acquires and manages virtual user information stored in the registered user DB 500.
Also, the similarity distribution calculation unit 53 of the server 1 is based on a comparison between at least one of virtual user information or user information and registered user information, and at least one of virtual user information or user information. The distribution of similarity between either one of the information and the registered user information is calculated.
Here, for convenience of explanation, explanation will be made using only virtual user information.
That is, the similarity distribution calculation unit 53 of the server 1 calculates the distribution of user similarity using the virtual user information generated in step S2 and the virtual user information stored in the registered user DB 500.
Then, the similarity distribution calculation unit 53 sets an appropriate threshold for determining whether or not the above-mentioned users are the same from the distribution of the similarity of the users, and generates information regarding the threshold.
The other person acceptance rate and the principal rejection rate are in a trade-off relationship, and if one tries to keep the principal rejection rate low, the others acceptance rate increases. Conversely, if the rate of accepting others is kept low, the rejection rate will increase. Therefore, the similarity distribution calculation unit 53 sets a threshold value in consideration of the balance between the stranger acceptance rate and the principal rejection rate.
In step S3, the similarity distribution calculation unit 53 of the server 1 calculates the user similarity distribution using the user information acquired in step S1 instead of the virtual user information generated in step S2. Also good. Similarly, the similarity distribution calculation unit 53 of the server 1 calculates the user similarity distribution using the user information stored in the registered user DB 500 instead of the virtual user information stored in the registered user DB 500. It may be calculated.

In step S4, the appropriate result calculation unit 54 of the server 1 calculates whether or not the user is suitable for using a predetermined authentication method, based on the similarity distribution calculated by the similarity distribution calculating means.
That is, the appropriate result calculation unit 54 calculates an appropriate result suitable for the user from the information regarding the threshold set in step S3.
And the appropriate result calculation part 54 determines the authentication method suitable for the user from the information regarding the calculated N. Furthermore, the appropriate result calculation unit 54 presents information regarding the determined authentication method to the authentication method presenting unit 55 and the authentication unit 56 as authentication method determination information.

  In step S5, the authentication method presentation unit 55 presents the authentication method determination information determined in step S4.

In step S6, the server 1 determines whether or not there is an instruction to end the process. Here, the process termination instruction is not particularly limited, but in the present embodiment, a so-called power-off instruction for the server 1 is employed. That is, unless the server 1 is instructed to shut off the power, it is determined NO in step S6, the process returns to step S1, and the subsequent processes are repeated.
In contrast, when the server 1 is instructed to shift to the sleep state or the like, it is determined as YES in step S6, and the user authentication method determination process executed by the server 1 ends.

Here, similarity distribution prediction will be described with reference to FIGS.
FIG. 6 is a diagram illustrating an example of similarity distribution prediction.

FIG. 6 is an example in the case where the vertical axis represents biometric similarity and the horizontal axis represents frequency. Arbitrary fingerprint information acquired from a user to be authenticated (user A) and registered users The similarity distribution with fingerprint information is shown.
Here, as shown in FIG. 6, in the left part of FIG. 6, it is possible to confirm the peak of the frequency of similarity with a relatively low similarity in the comparison between the user A and the registered user. In the right part of FIG. 6, a peak of a relatively high similarity frequency in the comparison between the virtual user information generated from the user A can be confirmed.
Here, referring to FIG. 6, two different distribution peaks can be confirmed on the left and right of FIG. For example, when comparing user A's user information with registered user information of registered users other than user A, the feature points acquired from fingerprint images of completely different others will be compared. The degree should be low as a trend.
On the other hand, for example, when comparing the user information of the user A and the virtual user information generated from the user information, the feature points acquired from the fingerprint image originally acquired from the same person will be compared. The degree of similarity should be high as a trend.
The appropriate result calculation unit 54 of the server 1 determines a threshold (similarity) for calculating an appropriate value of N for the user A based on the distribution prediction of the similarity calculated in this way.

That is, if the threshold (similarity) determined by the appropriate result calculation unit 54 is too high, the threshold (similarity) may be below the threshold (similarity) depending on the status of the fingerprint image acquired from the user A, and the user who performs fingerprint authentication However, a situation may occur in which authentication is rejected even though the person is the person himself / herself.
On the other hand, if the threshold (similarity) determined by the appropriate result calculation unit 54 is too low, it is accepted as the same user even though fingerprint authentication is performed with a fingerprint image acquired from a third party other than the user A. It can happen.
In other words, the appropriate result calculation unit 54 determines a threshold value (similarity) from the distribution prediction of similarity calculated in this way, taking into account the balance between the acceptance rate of others and the rejection rate of the person, and sets an appropriate value of N. calculate. Then, the appropriate result calculation unit 54 determines an authentication method appropriate for the user A based on the calculated appropriate value of N.

FIG. 7 is a diagram illustrating an example of similarity distribution prediction when there is a registered user having a high similarity with the fingerprint information of the user (user A).
Here, in the example of FIG. 7, as in FIG. 6, in the left part of FIG. 7, a peak of the frequency of similarity with a relatively low similarity in the comparison between the user A and the registered user can be confirmed. In the right part of FIG. 7, a peak of a relatively high similarity frequency in the comparison between the virtual user information generated from the user A can be confirmed.
Unlike the example of FIG. 6, FIG. 7 is an example in which two different distribution peaks can be confirmed, but the difference between them is relatively small.
The example as illustrated in FIG. 7 may occur, for example, when the feature amount acquired from the fingerprint information of the user A is less specific.
In other words, since the feature amount acquired from the fingerprint information of the user A is less specific, as a result, among registered users other than the user A, a third party having a relatively high degree of similarity with the user A exists. It will exist.
Here, the appropriate result calculation unit 54 determines a threshold (similarity) and calculates an appropriate value of N in consideration of the balance between the acceptance rate of others and the rejection rate of the person as described above. However, as in the example of FIG. 7, when the left and right peaks partially overlap, it may be difficult to determine the threshold (similarity).
In such a case, for example, the appropriate result calculation unit 54 may temporarily determine a threshold value (similarity) and calculate an appropriate value of N. Then, the appropriate result calculation unit 54 recommends 1: 1 authentication by separately distributing an authentication card as an optimum authentication method suitable for the user A based on the calculated appropriate value of N. It is also possible.
The example shown in FIG. 7 may occur when a sufficient feature amount cannot be acquired from the fingerprint image, for example, when the fingerprint of the user A is thin or when the photographing condition of the fingerprint image is poor.
In other words, when a sufficient feature amount cannot be acquired from the fingerprint image of user A, the similarity may be relatively lowered even for fingerprint images of the same user.

FIG. 8 differs from the examples of FIGS. 6 and 7 in an example in which two different distribution peaks can be confirmed due to image blurring according to the difference in the environment, but the difference is relatively small. is there.
Here, in the example of FIG. 8, as in FIGS. 6 and 7, in the left part of FIG. 8, a peak of frequency of similarity with a relatively low similarity in the comparison between the user A and the registered user is confirmed. it can. And in the right part of FIG. 8, the peak of the frequency of comparatively high similarity in the comparison between the virtual user information produced | generated from the user A can be confirmed.
Here, unlike FIG. 6 and FIG. 7, FIG. 8 is a distribution prediction that may occur when the environment is different.
That is, for example, in the case of a fingerprint, there may be blurring in an image acquired due to differences in various environments such as moisture content, posture when pressing the fingerprint, and aging of the fingerprint. In such a case, in order to calculate an appropriate value of N, it is necessary to consider the fluctuation.
Therefore, in order to consider the above-described blur, for example, the fingerprint information is deformed and various feature amounts are randomly added / deleted to generate virtual user information.
Using the data, the appropriate result calculation unit 54 can consider the above-described blur by calculating the distribution of the similarity of the biological information.
In general, there is a tendency that the distribution of the similarity is widened especially through the same biological information.
In such a case, as in the example of FIG. 7, it is considered that the appropriate result calculation unit 54 has difficulty in determining a threshold value (similarity). Therefore, as in the case of FIG. 7, the appropriate result calculation unit 54 may temporarily determine a threshold value (similarity) and calculate an appropriate value of N. Then, the appropriate result calculation unit 54 passes a separate card or the like as an optimum authentication method suitable for the user A based on the calculated appropriate value of N, for example, when high authentication accuracy is required. If 1: 1 authentication is recommended and there is no problem even with low authentication accuracy, a proposal can be made to recommend 1: N authentication.

  Although one embodiment of the present invention has been described above, the present invention is not limited to the above-described embodiment, and modifications, improvements, and the like within a scope that can achieve the object of the present invention are included in the present invention. is there.

For example, in the above-described embodiment, fingerprint authentication is described as an example of biometric authentication. However, the present invention is not particularly limited thereto.
That is, the provider of this service can employ any biometric authentication such as vein authentication, face authentication, and voiceprint authentication as biometric authentication to which the information processing system according to an embodiment of the present invention is applied.

Further, for example, in the above-described embodiment, as a method for collating fingerprints, various feature amounts acquired from fingerprint image information are extracted, and a method for comparing and examining the similarity of the feature amounts is described. Although it went, it is not limited to this in particular.
That is, the server 1 may collate biometric information using any other method such as a pattern matching method (fingerprint authentication) or a keyword method (voiceprint authentication).
When there is a registered user who has a high degree of similarity with the fingerprint information of the user (user A), in the above-described embodiment, the user authentication is usually performed with one finger ( For example, when authentication is performed with the index finger of the right hand), for the user A, an authentication method of performing fingerprint authentication using two fingers (for example, the index finger and the middle finger of the right hand) can be provided.

Further, for example, in the above-described embodiment, the description has been made by adopting the method of extracting various feature amounts acquired from the image information of the fingerprint, and comparing and examining the similarity of the feature amounts. Not.
That is, the provider of the service uses the feature quantity characteristics such as the number of extracted feature quantities and quality as fingerprint authentication to be applied to the information processing system according to the embodiment of the present invention. The amount of similarity can be compared and examined.
For example, conventionally, in a service that handles fingerprints, it is possible to have a user press the finger of the fingerprint authentication device several times at the time of initial registration, but to acquire a plurality of fingerprint information, but only to that extent. Among them, it is possible to calculate the degree of similarity, but the degree-of-similarity distribution calculation unit 53 can also perform a predictive distribution of the degree of similarity using the characteristics of the feature amount. For example, specifically, the similarity distribution calculation unit 53 calculates the number and quality of feature quantities extracted by the minutiae method, and estimates that it is possible to calculate a high similarity if there are many high quality feature quantities. . On the other hand, it is difficult for the similarity distribution calculation unit 53 to calculate a high degree of similarity in the first place if there are few high-quality feature quantities.
Accordingly, the similarity distribution calculation unit 53 can perform the distribution prediction of the user's own similarity.

Further, for example, in the above-described embodiment, as a method for generating virtual user information, image deformation, random addition and deletion of various feature amounts, and the like have been described as examples of user information. Hereinafter, a specific example when performing such virtual user information will be briefly described.
Specifically, for example,
(1) When a user images a fingerprint, the shape may be deformed by finger pressure, and the position of the feature amount may be shifted. In such a case, a correct fingerprint shape can be reproduced by deformation of the image.
(2) Further, the acquisition of the feature amount may be unstable due to a deviation in the acquisition of the ridges by the sensor due to the moisture content of the user's finger or the like. In such a case, an appropriate feature amount can be reproduced by deleting / adding the feature amount.
(3) In addition, a part of the fingerprint may be missing due to injury, rash, dust, or the like on the user's finger. In such a case, a correct fingerprint shape can be reproduced by solidly painting a part of the image.
(4) In some cases, the fingerprint pattern cannot be seen due to the expansion and contraction of the blood vessel of the user's finger. In such a case, for example, an appropriate fingerprint pattern can be reproduced by deleting or adding a vein pattern.

For example, in the above-described embodiment, biometric authentication has been described using an authentication method using fingerprint information, but the present invention is not particularly limited thereto.
That is, the server 1 may provide not only fingerprint information but also an authentication method in combination with vein authentication, face authentication, voiceprint authentication, etc. in addition to the fingerprint information as a method for authenticating the user. For example, specifically, the server 1 can provide an optimal authentication method suitable for the user in the following specific examples when biometric information such as a face, a vein, and an iris is used.
(1) A normal user authenticates with one fingerprint.
(2) A user with a small number of fingerprints in the registered user DB 500 is combined with face authentication.
(3) When the 1: N suitability of the fingerprint is low, it is combined with card authentication or the like.
In the above-described embodiment, an optimal authentication method suitable for the user can be provided according to the required security level.
(1) When duplication is permitted for fingerprint information, an optimal authentication method suitable for the user by collating fingerprint information with only the first finger is provided.
(2) When duplication is not allowed for fingerprint information, an optimal authentication method suitable for the user is provided in addition to the second finger, a card, and the like according to the result of the first finger collation.

Further, for example, in the above-described embodiment, the description has been given as a service that provides an optimal authentication method suitable for the user using fingerprint information, but the present invention is not particularly limited thereto.
That is, for example,
(1) Virtual user information may be generated from biological information such as iris and face.
(2) The tendency of user selection may be taken into account according to the type of biometric information acquired.
(3) For example, various stores and facilities such as a seaside house may be adopted as the service providing location.

For example, the series of processes described above can be executed by hardware or can be executed by software.
In other words, the functional configuration of FIG. 4 is merely an example, and is not particularly limited.
That is, it is sufficient that the information processing system has a function capable of executing the above-described series of processes as a whole, and what functional block is used to realize this function is not particularly limited to the example of FIG. Further, the location of the functional block is not particularly limited to that in FIG. 4 and may be arbitrary. For example, the functional block of the server 1 may be transferred to the dedicated terminal 2 or the like. Conversely, the functional blocks of the dedicated terminal 2 may be transferred to the server 1 or the like.
In addition, one functional block may be constituted by hardware alone, software alone, or a combination thereof.

For example, when a series of processing is executed by software, a program constituting the software is installed in a computer or the like from a network or a recording medium.
The computer may be a computer incorporated in dedicated hardware.
The computer may be a computer capable of executing various functions by installing various programs, for example, a general-purpose smartphone or personal computer other than a server.

  In addition, for example, the recording medium including such a program is not only constituted by a removable medium (not shown) distributed separately from the apparatus main body in order to provide the program to the user, but is also incorporated in the apparatus main body in advance. And a recording medium provided to the user.

In the present specification, the step of describing the program recorded on the recording medium is not limited to the processing performed in time series along the order, but is not necessarily performed in time series, either in parallel or individually. The process to be executed is also included.
Further, in the present specification, the term “system” means an overall apparatus configured by a plurality of devices, a plurality of means, and the like.

In other words, an information processing system to which the present invention is applied only needs to have the following configuration, and can take various embodiments.
That is, an information processing apparatus to which the present invention is applied
User information acquisition means for acquiring, as user information, information including at least biometric information of the user to be authenticated;
Virtual user information generating means for generating virtual user information based on the user information;
Registered user information management means for managing, as registered user information, information including at least biometric information already registered for a plurality of users different from the user;
Based on a comparison between at least one of the virtual user information or the user information and the registered user information, at least one of the virtual user information or the user information and the registered A similarity distribution calculating means for calculating a distribution of similarity with user information;
Based on the similarity distribution calculated by the similarity distribution calculating means, an appropriate value calculating means for calculating a value used for determining a predetermined authentication method suitable for use by the user;
Is provided.

  Accordingly, it is possible to provide a technique for assisting the provision of biometric authentication by an optimal authentication method for the user according to the state of the biometric information of the user.

The biometric information of the user included in the user information is fingerprint information,
The virtual user information generation means may be at least one of a method involving a change in image information related to the user's fingerprint or a method involving a random addition or change in a feature amount acquired from the image information. Based on this, the virtual user information is generated.

  Thereby, it is possible to calculate the distribution of the similarity of fingerprint information in consideration of the change in fingerprint information due to the moisture content, posture, aging, etc. of the user's fingerprint.

  Further, the appropriate calculation means calculates a value used for determining whether or not it is suitable for use of 1: N (N is an integer value of 2 or more) authentication.

  As a result, it is possible to accurately determine N for the user.

In addition, an authentication method presenting means for presenting an authentication method suitable for the user based on the result calculated by the appropriateness calculating means is provided.

Thereby, the authentication method suitable for the user can be presented.

  DESCRIPTION OF SYMBOLS 1 ... Server, 2 ... Dedicated terminal, 3 ... Fingerprint authentication apparatus, 11 ... CPU, 18 ... Memory | storage part, 19 ... Communication part, 40 ... Near field communication part , 51 ... User information acquisition unit, 52 ... Virtual user information generation unit, 53 ... Similarity distribution calculation unit, 54 ... Appropriate result calculation unit, 55 ... Authentication method presentation unit, 56 ..Authentication unit, 81 ... fingerprint information management unit, 82 ... authentication method acquisition unit, 83 ... display control unit, 500 ... registered user DB

Claims (5)

User information acquisition means for acquiring, as user information, information including at least biometric information of the user to be authenticated;
Virtual user information generating means for generating virtual user information based on the user information;
Registered user information management means for managing, as registered user information, information including at least biometric information already registered for a plurality of users different from the user;
Based on a comparison between at least one of the virtual user information or the user information and the registered user information, at least one of the virtual user information or the user information and the registered A similarity distribution calculating means for calculating a distribution of similarity with user information;
Based on the similarity distribution calculated by the similarity distribution calculating means, an appropriate value calculating means for calculating a value used for determining a predetermined authentication method suitable for use by the user;
An information processing apparatus comprising: The biometric information of the user included in the user information is fingerprint information,
The virtual user information generation means is at least one of a method involving a change in image information related to the fingerprint information of the user or a method involving a random addition or change in a feature amount acquired from the image information. Generating the virtual user information based on a method;
The information processing apparatus according to claim 1. The appropriate calculation means calculates a value used for determining whether or not it is suitable for use of 1: N (N is an integer value of 2 or more) authentication.
The information processing apparatus according to claim 1 or 2. An authentication method presenting means for presenting an authentication method suitable for the user based on the result calculated by the appropriate calculation means;
The information processing apparatus according to any one of claims 1 to 3. On the computer,
A user information acquisition step of acquiring information including at least biometric information of the user to be authenticated as user information;
A virtual user information generation step of generating virtual user information based on the user information;
A registered user information management step for managing, as registered user information, information including at least biometric information of already registered users for a plurality different from the user;
Based on a comparison between at least one of the virtual user information or the user information and the registered user information, at least one of the virtual user information or the user information and the registered A similarity distribution calculating step for calculating a similarity distribution with the user information;
An appropriate value calculating step for calculating a value used for determining a predetermined authentication method suitable for use by the user, based on the similarity distribution calculated by the similarity distribution calculating step;
A program that executes processing including

Images