JP7291178B2 - Information processing system and information processing program - Google Patents

Description

The present disclosure relates to an information processing system and an information processing program.

A device on the vehicle side for acquiring biometric information of a user who has reserved a vehicle before the user gets into the vehicle, and a terminal device carried by the user, wherein the terminal device receives the biometric information acquired by the device on the vehicle side. is received from a device on the vehicle side, and based on the result of comparing the received biometric information with a sample of the user's biometric information stored in advance by itself, an instruction is given to the effect that the user is permitted to board the vehicle. Techniques for transmitting to a device on the vehicle side or a management device having authorization authority are known.

Patent No. 6888160

However, with the conventional technology as described above, the user is required to possess a terminal device, and it is difficult for the user to receive various services empty-handed.

Accordingly, in one aspect, an object of the present invention is to enable a user to receive a predetermined service empty-handed while maintaining security.

In one aspect, a service information acquisition unit that acquires service information specifying a predetermined service based on an input from a user;
an authentication registration processing unit that associates authentication registration information associated with the user with the service information;
a determination information acquiring unit that acquires, in a contactless manner, determination information related to an authenticated person who has arrived at a service providing location from the authenticated person;
a determination unit that determines whether the person to be authenticated is the user based on the relationship between the determination information acquired by the determination information acquisition unit and the registration information;
a service permitting unit that permits provision of the predetermined service specified by the service information to the person to be authenticated at the service providing location when the person to be authenticated is determined to be the user by the determination unit; An information processing system is provided, comprising:

In one aspect, according to the present invention, it is possible for a user to receive a predetermined service empty-handed while maintaining security.

1 is a schematic diagram of an overall configuration of an information processing system according to an embodiment; FIG. It is an image diagram of empty-handed service. FIG. 3 is a diagram showing an example of a user interface (Part 1) on the display unit of the user terminal; FIG. 10 is a diagram showing an example of a user interface (part 2) on the display unit of the user terminal; FIG. 10 is an explanatory diagram of an example of a phase in use, and is an explanatory diagram (part 1) showing a state of a store; FIG. 10 is an explanatory diagram of an example of a phase in use, and is an explanatory diagram (part 2) showing the appearance of a store; FIG. 4 is an explanatory diagram of an example of data in an information management database; FIG. 4 is an explanatory diagram of a collective management method of service information using a cart; 4 is a timing chart showing an operation example of the information processing system;

Each embodiment will be described in detail below with reference to the accompanying drawings.

FIG. 1 is a schematic diagram of the overall configuration of an information processing system 1 according to one embodiment.

The information processing system 1 is a system that realizes the empty-handed service described below. The empty-handed service is a service that allows a user to safely receive a desired service empty-handed without having to carry, for example, the user terminal 21 or a predetermined card. An example of empty-handed service will be described later with reference to FIG.

The information processing system 1 includes a user terminal 21 , a store device 31 , a financial institution server 91 and an authentication server 100 . Some or all of the functions of the authentication server 100 may be implemented by the financial institution server 91 and/or by the store device 31 .

User terminal 21 , store apparatus 31 , financial institution server 91 , and authentication server 100 are connected via network 4 . The user terminal 21 and the authentication server 100 can communicate via the network 4 . Hereinafter, unless otherwise specified, a user refers to a user of the empty-handed service.

The network 4 may include, for example, a mobile phone wireless communication network, the Internet, a VPN (Virtual Private Network), a WAN (Wide Area Network), a wired network, or any combination thereof.

The user terminal 21 is, for example, a smart phone or a tablet, but may be a wearable terminal (for example, smart watch, ring, etc.), a remote controller, or the like. Also, the user terminal 21 does not need to be a portable terminal, and may be a fixed terminal such as a desktop personal computer.

The user terminal 21 includes a communication section 22 , a display section 24 , a camera 26 and a processing section 28 . The communication unit 22 performs various communications via the network 4 . The display unit 24 may be a liquid crystal display, an organic EL (Electro-Luminescence) display, or the like. The camera 26 is a built-in type, but may be an external type. The processing unit 28 implements various functions that can be implemented by the user terminal 21 . In this embodiment, the processing unit 28 implements various functions (functions on the user terminal 21 side) described below by executing a program related to the empty-handed service application described later.

The user terminal 21 is installed with an application (hereinafter referred to as "hands-free service application") according to the present embodiment. The user terminal 21 described below is realized by executing the hands-free service application. The empty-handed service application is an application for empty-handed service, and may require registration of user information (user ID) or the like as a condition of use. Hereinafter, the user terminal 21 associated with the user means the user terminal 21 on which the hands-free service application logged in with the user ID of the user operates.

The store device 31 is installed in a store that provides a service to which the empty-handed service can be applied. The store device 31 may have a different configuration for each attribute of the store. However, the store apparatus 31 has a camera 310 as a common configuration. Camera 310 is arranged to capture an image of a person to be authenticated who wishes to receive empty-handed service. A plurality of cameras 310 may be set in order to increase redundancy. In addition, the camera 310 may be set with a plurality of modes having different uses, such as a camera for capturing an image of the face and a camera for capturing an image of another part (for example, a part associated with a user's gesture described later). .

The type of service provided by the store in which the store apparatus 31 can be installed is arbitrary, but preferably the service is available only to users who satisfy predetermined preconditions. Predetermined preconditions are arbitrary, but may be, for example, being a member who is qualified to use the service, paying a usage fee, not satisfying predetermined prohibitive conditions, and the like.

In this embodiment, as an example, a store where the store device 31 can be installed is a store of a financial institution (for example, a branch) or a store such as a convenience store, and the store device 31 is an ATM. In this case, the services provided by the store where the store device 31 is installed are various ATM-related services (deposit/withdrawal, remittance, bookkeeping, etc.). Further, in this case, for example, a predetermined precondition for the deposit/withdrawal service is to have an account of a financial institution handled by the ATM.

The financial institution server 91 is a server managed by a financial institution that provides various services through the ATM in the store device 31 . The financial institution server 91 may be set for each financial institution. The financial institution server 91 is formed by, for example, a server computer. Financial institution server 91 may be realized by a plurality of server computers.

The authentication server 100 is a server that performs various authentications related to the empty-handed service. Note that the authentication server 100 may also serve as a server that performs authentication used in services (applications) other than the empty-handed service. The authentication server 100 is formed by, for example, a server computer. Authentication server 100 may be realized by a plurality of server computers. For example, the authentication server 100 may be implemented by cooperation of a plurality of server computers located at different locations.

Here, the empty-handed service in this embodiment will be described with reference to FIG. 2 and the like. FIG. 2 is an image diagram of the empty-handed service. Here, as described above, the various services provided by the ATM will be explained, but the present invention can be applied to other services as well.

Hands-free services are roughly divided into three phases: before use, during use, and after use. FIG. 2 schematically shows the time relationship of these three phases at each point on an arrow R200 representing time series.

Before use, the user inputs service information at any place. The arbitrary location is an arbitrary location other than the store device 31, but may be within the store device 31. FIG. FIG. 2 schematically shows several examples of arbitrary places, such as a home (a house) and a train. The user terminal 21 for inputting service information is, for example, a smart phone (denoted as "smart phone") in the example schematically shown in FIG. 2, but may be a terminal of another form. Moreover, the input timing of the service information is also arbitrary, and FIG. 2 schematically shows idle time as an example of arbitrary timing.

The service information is information specifying a predetermined service as a desired service to be provided. For example, in the case of withdrawal at an ATM, the service information may include information representing the withdrawal and information representing the amount of withdrawal. Also, the service information may be information specifying two or more predetermined services. That is, the service information may be generated in a manner specifying two or more predetermined services.

Also, in the pre-use phase, the user inputs and registers registration information for authentication at any place. Part or all of the registration information for authentication may be input and registered for each service information, or may be input and registered in a common manner for several pieces of service information.

The registration information for authentication is arbitrary as long as it is information that can be used for personal authentication and information that allows non-contact acquisition of determination information (described later) for verification.

In this embodiment, the registration information for authentication includes, for example, a user image, gesture information, and action information.

A user image is an image obtained by imaging a part used for user authentication. The user image may be obtained by imaging with the camera 26 of the user terminal 21, for example. In this embodiment, the user image includes a face image obtained by imaging the user's face. In this case, face authentication is possible. Note that in other embodiments, the user image may be an image of a relatively small part of the user (for example, the iris), or an image of the user's whole body or a combination of multiple parts such as the user's face and hands. It may be an image obtained. Also, the user image may include two or more images, such as a face image and a hand image. In this case, in addition to face authentication, authentication using other parts (for example, authentication using clothes) is possible. For example, when combining authentication based on clothes and face authentication, the user image may be a combination of two images, a face image and a clothing image, or may be a single image containing both the face and clothing. .

Note that the user image may be registered at the time of initial registration. On the other hand, when performing authentication based on clothing, a user image other than a face image may be input (registered) for each service information. When clothes are used for authentication, the registration information for authentication is changed frequently, and security can be effectively improved.

The gesture information is information representing the type of gesture used by the user for authentication (specific type of gesture). A particular type of gesture may be selected by the user from among a plurality of selectable types of gestures. The gestures that can be used are arbitrary, and may be, for example, palm gestures such as goo, scissors, and paper, or gestures using the whole body. In this embodiment, as an example, palm gestures are used. Note that the specific type of gesture is preferably input (registered) for each service information from the viewpoint of enhancing security.

The action information includes designation information designating a specific service providing place and time information (scheduled date and time) when the user arrives at the service providing place. The specific service providing location may be one store device 31 among the plurality of store devices 31 that the user desires to receive a predetermined service. Alternatively, the specific service providing location may be two or more store devices 31 . In this case, the user can receive the predetermined service at any of the plurality of store devices 31 . The time information may be information specifying a time zone. The time zone that can be specified is arbitrary, but from the viewpoint of enhancing security, it may be specified with a relatively short length (for example, one hour), or the length can be freely selected by the user. There may be.

Such service information and part of the registration information for authentication can be input to the user terminal 21 via a user interface as shown in FIGS. 3A and 3B, for example. 3A and 3B are diagrams showing an example of a user interface (operation screen) on the display unit 24 of the user terminal 21. FIG. In the example shown in FIGS. 3A and 3B, the user interface for entering service information and part of registration information for authentication includes a first screen G301 and a second screen G302. It should be noted that in other embodiments, it may be realized with one screen, or with three or more screens. The second screen G302 may be continuously output (transitioned) after the input of the first screen G301 is completed.

A first screen G301 shown in FIG. 3A provides a user interface for inputting service information and action information among registration information for authentication. The first screen G301 may display a user image that is part of the registration information for authentication. In this case, the user can confirm the state of the user image. Note that the user may be allowed to update or change the user image by tapping a portion of the user image. In addition, as shown in the first screen G301, the user image may be updated periodically.

The user interface of the first screen G301 is a user interface for inputting service information, and includes input fields for inputting transaction type (predetermined service content) and amount. In the example shown in FIG. 3A, the predetermined service is "withdrawal" and the amount is "8000 yen".

The user interface of the first screen G301 includes input fields for inputting the date and time of use and the store (specific service providing place) as a user interface for inputting behavior information.

A second screen G302 shown in FIG. 3B provides a user interface for inputting gesture information of registration information for authentication. In this case, the user can select a desired gesture from among three types of gestures (“first”, “peace”, and “good”) as a specific type of gesture (gesture used for authentication). Note that these three types of gestures may be changed periodically. As indicated by "yes" or "no" on the second screen G302, gesture authentication based on gesture information may be omitted by user selection. However, in a modification, gesture authentication based on gesture information may be mandatory in order to improve security.

The second screen G302 may further include information for confirming the user's email address. This email address may be used for notifications made in the post-use phase.

In the in-use phase, a user who arrives at a specific service providing location associated with the specified information during the time period associated with the time information causes the store apparatus 31 to acquire determination information in a non-contact manner. Specifically, the user stands in front of the camera 310 of the shop apparatus 31 and captures an image of the user's face with the specific type of gesture by the camera 310, thereby acquiring the determination information in a non-contact manner. In this case, the determination information is information included in the image captured by the camera 310, and specifically includes image information related to the user's face, image information related to gestures, and information on the date and time of image capturing (for example, time stamp). The store device 31 is assigned a store ID for each store, and the store ID of the store where the camera 310 is installed is determination information indicating the acquisition location of the image information acquired by the camera 310, that is, the service provision location. becomes. Each store device 31 may transmit determination information to the authentication server 100 .

In the in-use phase, the predetermined service is permitted when the registration information for authentication and the determination information match. In the case of ATM, a given service is started immediately. For example, if the predetermined service is "withdrawal", the withdrawal is realized. In this way, the user can visit the store device 31 empty-handed, and simply have his face and a specific kind of gesture taken in front of the camera 310 can come to the ATM and receive cash withdrawal as a predetermined service. .

In the post-use phase, the user confirms the details of the transaction related to the predetermined service executed in the present empty-handed service by email or in-app notification.

Such empty-handed services enable users to receive various services empty-handed while maintaining security. In particular, in a store where the store device 31 is installed, the user does not need to touch or operate the store device (for example, the store device 31) or other objects. There is no need to operate one's own user terminal 21 . In this way, the user can receive the desired service in a completely contactless manner only by entering the service information and the registration information for authentication in advance.

In particular, authentication with low mental burden (stressless authentication) can be realized by using familiar authentication methods such as face authentication and gesture authentication. In addition, the effects of stressless authentication can be further enhanced since no personal belongings are required.

Moreover, since the determination information is acquired by a non-contact and non-restrictive method, highly convenient authentication can be realized. In addition, since the image of the user is acquired by the camera 310 of the shop device 31 as the determination information, an effect of deterring fraud can be expected. Note that the determination information is handled appropriately from the viewpoint of protecting personal information.

In addition, since the determination information can be acquired only by installing the camera 310 at the store, a special dedicated device is not required, and the empty-handed service can be easily introduced at each store.

4 and 5 are explanatory diagrams of an example of the phase during use, and are explanatory diagrams showing the state of the store.

FIG. 4 schematically shows the inside of a store in which the store device 31 is installed. In this store, only one of the three ATMs functions as the store device 31. FIG. In this case, the store device 31 is used exclusively for the empty-handed service, so that the user can quickly receive a predetermined service using a dedicated lane without using an ATM with many people lined up. Note that FIG. 4 shows an imaging region R400 for acquiring determination information. Note that the imaging region R400 may be provided with guidance such as "Please stand here", or may be notified to each user in advance to stand in the region. By setting the imaging region R400 in this way, an image can be obtained when the person to be authenticated and the camera 310 are in a predetermined positional relationship, and the possibility that another person is reflected in the camera 310 is reduced. Highly reliable determination information can be obtained. FIG. 5 schematically shows a user positioned in the imaging region R400 and for whom the determination information is acquired. Note that a human sensor (for example, a pressure sensor in the imaging region R400) for detecting a person positioned in the imaging region R400 may be provided. In this case, camera 310 may be activated when the human sensor detects a person. According to such a configuration, power saving can be achieved by efficiently activating the camera 310 .

Next, while referring to FIG. 1 again, the information processing system 1 will be further described with reference to FIG. 4 and subsequent figures.

In this embodiment, as shown in FIG. 1, the authentication server 100 includes a service information acquisition unit 110, a registration information acquisition unit 111, an association processing unit 112, a determination information acquisition unit 114, a determination unit 120, a service authorization unit 130, It includes a service execution unit 132 , a notification processing unit 140 , a user information storage unit 150 and an information management database 160 . Each unit from the service information acquisition unit 110 to the notification processing unit 140 can be realized by executing a program by the CPU of the server computer. Also, the user information storage unit 150 and the information management database 160 can be realized by the storage device of the server computer.

The service information acquisition unit 110 acquires service information from each user terminal 21 . Service information is as described above. When using the user interface shown in FIGS. 3A and 3B, the user operates a confirmation button (send button) on the final screen (not shown) to transmit the entered service information to the authentication server 100. You can do it. In this case, the confirmation button may be made operable only when the designated predetermined service can be provided. For example, if the designated service cannot be provided due to insufficient balance or the like, the confirm button may not be displayed.

The registration information acquisition unit 111 acquires registration information for authentication from each user terminal 21 . The registration information for authentication is as described above. When using the user interface shown in FIGS. 3A and 3B, the user operates a confirm button (send button) on the final screen (not shown), and a part of the input registration information for authentication (a portion excluding the user image, the same shall apply hereinafter) may be transmitted to the authentication server 100 . In this case, the user terminal 21 can simultaneously transmit the service information and part of the registration information for authentication to the authentication server 100 . It should be noted that the user image need not be updated each time, but the user may also transmit the user image as appropriate.

The association processing unit 112 associates authentication registration information associated with a user with service information. Specifically, the association processing unit 112 collects service information associated with one user acquired by the service information acquisition unit 110 and authentication associated with the one user acquired by the registration information acquisition unit 111. and the registration information for each other. When using the user interfaces shown in FIGS. 3A and 3B, service information and part of the registration information for authentication can be received (acquired) at the same time, so that it is easy to associate them. When the service information and part of the registration information for authentication are transmitted separately, both may be associated via the terminal ID of the user terminal 21 or the user ID.

Further, the association processing unit 112 may associate the user image in the user information storage unit 150 with the user image, which is the remaining part of the registration information for authentication. Note that the user image may be stored for each user ID. In this case, the user image of one user and part of the registration information for authentication of the one user are integrated via the user ID. can be linked (linked).

The association processing unit 112 thus associates the service information with the registration information for authentication, and updates the data in the information management database 160 . FIG. 6 is an explanatory diagram of an example of data in the information management database 160. As shown in FIG. In FIG. 6, "***" indicates a state in which some information is stored, and "..." indicates a state in which similar information is stored repeatedly. In the example shown in FIG. 6, the information management database 160 stores a user ID, service information, registration information for authentication, and status information for each information ID. An information ID may be assigned to each piece of service information. State information represents various states of a given service specified by corresponding service information. For example, the status information represents information as to whether or not the predetermined service has been executed ("executed" or "not executed"). Of the data in the information management database 160, the data whose status information indicates that it has been executed may be deleted (or moved to another database) as appropriate.

The determination information acquisition unit 114 acquires determination information related to each person to be authenticated via each store device 31 in a non-contact manner. The determination information may be transmitted to the authentication server 100 immediately after being acquired by the store device 31 . As a result, it is possible to speed up the provision timing of the predetermined service.

When the judgment information acquisition unit 114 acquires the judgment information related to one person to be authenticated, the judgment unit 120, based on the relationship between the judgment information and the registration information for authentication of the data in the information management database 160, Determine whether the person to be authenticated is a user. Hereinafter, this determination process will be referred to as "authentication determination process".

The method of authentication determination processing by the determination unit 120 is arbitrary, but may be executed as follows, for example. First, the determination unit 120 identifies the corresponding user ID based on the user image of the person to be authenticated in the determination information related to one person to be authenticated. At this time, data in the user information storage unit 150 (user image for authentication (master image)) may be used. If the corresponding user ID cannot be identified, the result of the authentication determination process is "mismatch (authentication failure)". Next, the determination unit 120 extracts information IDs associated with the identified user IDs from the information management database 160 . Note that if there is no information ID associated with the specified user ID, the result of the authentication determination process is "mismatch (authentication failure)". If there is one or more information IDs associated with the specified user ID, it is determined whether the status information associated with the information ID indicates "unexecuted". If it does not indicate "executed" (that is, if the status information indicates "executed"), the result of the authentication determination process will be "inconsistent (authentication failed)". If there is one or more information IDs associated with the specified user ID and the associated status information indicates "unexecuted", the process proceeds to further authentication. An information ID associated with a specified user ID and whose associated status information indicates "unexecuted" is simply referred to as an "authentication target information ID". Below, the determination unit 120 performs gesture authentication based on gesture information and determination (authentication) based on action information based on determination information and authentication registration information associated with the information ID to be authenticated. do. Specifically, as gesture authentication, the determination unit 120 determines whether or not the type of gesture indicated by the determination information matches the specific type of gesture indicated by the gesture information in the registration information for authentication. Further, the determination unit 120 performs determination (authentication) based on behavior information. Specifically, as the determination (authentication) based on the action information, the determination unit 120 selects a specific service providing location based on the store used (store ID) and the date and time of use (image date and time of the camera 310) indicated by the determination information. In addition, it is determined whether or not the person to be authenticated has arrived at the time corresponding to the time information. If any one of the gesture authentication and the determination (authentication) based on the action information is denied, the result of the authentication determination process becomes "inconsistent (authentication failure)". On the other hand, if both the gesture authentication and the determination (authentication) based on the action information are affirmative, the result of the authentication determination process becomes "matching (authentication successful)". It should be noted that the fact that the result of the authentication determination process is "matching (successful authentication)" means that the person to be authenticated this time is the user of the user ID associated with the information ID to be authenticated (hereinafter referred to as the "legitimate user"). It is substantially synonymous with determining that it is.

It should be noted that the authentication determination processing method described above is merely an example, and may be changed as appropriate, and the determination order and the like are arbitrary.

When the result of the authentication determination process by the determination unit 120 is “matching (authentication success),” the service permission unit 130 issues a predetermined allow the provision of services; For example, the service permitting unit 130 may send a command to the service executing unit 132 to execute a predetermined service designated by service information associated with the information ID to be authenticated.

The service execution unit 132 executes a predetermined service via the financial institution server 91 and the shop device 31 according to the command from the service permission unit 130 . That is, the service execution unit 132 executes (implements) a predetermined service designated by the service information via the financial institution server 91 and the store device 31 (ATM).

According to such a configuration, when the result of the authentication determination process by the determination unit 120 is "matching (authentication success)," the service execution unit 132 executes the predetermined service without requiring the user to perform any other operation. realizable. Therefore, from the user's side, the predetermined service can be provided simply by performing a specific type of gesture registered in advance in front of the camera 310 (for example, the imaging region R400).

When the service executing unit 132 executes a predetermined service, the service executing unit 132 updates the status information (for example, updating from "unexecuted" to "executed") related to the corresponding information ID in the data in the information management database 160. .

Note that the service authorization unit 130 and/or the service execution unit 132 may be provided in the financial institution server 91 and/or the store device 31 instead of the authentication server 100 . Also, similarly, part or all of the functions of the determination unit 120 may be implemented by the financial institution server 91 and/or the store device 31 .

The notification processing unit 140 performs notification related to the post-use phase described above. In addition, in this embodiment, the notification processing unit 140 may further perform notification processing for outputting to the user in advance the executable range of the two or more predetermined services.

By the way, in this embodiment, as described above, the service information may be generated in such a manner as to designate two or more predetermined services. In this case, a user who wants to receive two or more predetermined services at the same time can input service information collectively, thereby improving convenience. However, if two or more predetermined services cannot be executed at the same time due to, for example, an insufficient balance, it is desirable to notify in advance.

Specifically, for example, an interface capable of collectively storing a plurality of pieces of service information in a cart may be set. In this case, the user can add/change the service information in the cart as appropriate, thereby improving convenience. In the case of the configuration using such a cart, the notification process may be performed by notifying (outputting) the screen G700 shown in FIG. 7 to the user terminal 21, for example, in the following cases. Specifically, the screen G700 is an example of a screen when three pieces of service information are included in the cart associated with one information ID. The three pieces of service information designate a transfer of 300,000 yen to company A, a transfer of 200,000 yen to company B, and a transfer of 700,000 yen to company C, respectively, as predetermined services. In this case, the screen G700 indicates the executable range of the two or more predetermined services by the information in the "possibility" column G701. In this case, the executable range of the two or more predetermined services is only the transfer of 300,000 yen to company A and the transfer of 200,000 yen to company B, to which "possible" is given. That is, it is indicated that the transfer of 700,000 yen to Company C is not possible. As a result, the user can easily understand whether or not each predetermined service can be executed while enjoying the convenience of collectively inputting service information.

In addition, the notification processing unit 140 may preferably notify the reason for the service information that is “impossible”. For example, the screen G700 shown in FIG. 7 has a reason notification column G702, and the reason notification column G702 indicates the reason why the service information "transfer of 700,000 yen to company C" is "impossible". good. Thereby, the user can also confirm the reason why the transfer to company C is impossible in the cart. For example, it can be understood that the reason for this is that a fixed amount of 1,000,000 yen is supposed to be paid from Company D every month, but the payment is not made this month. For example, normally, people who bring their passbooks (accounting staff of small companies, etc.) start transferring money after confirming the payment (checking the balance), but it is not just an indication that the balance is insufficient. The lack of payment from the company is the cause of the insufficient balance."

In the example shown in FIG. 7, only two predetermined services in the cart shown in FIG. 7 can be executed. 700,000 yen transfer", it may be possible to execute two predetermined services by the above-mentioned empty-handed service. Alternatively, even if the "impossible" service information "transfer of 700,000 yen to company C" is not deleted from the cart, the two predetermined services by the above-mentioned empty-handed service may be executed. In this case, the user can understand that the transfer of 700,000 yen to Company C could not be executed by the notification processing unit 140 executing the notification related to the post-use phase described above.

In addition, the notification processing unit 140 may execute various useful notifications regarding the empty-handed service. For example, the notification processing unit 140 may notify the service information or the action information (specific service providing place) when the date and time of use of the action information is approaching. Further, when a predetermined service is not permitted due to failure of gesture authentication, the notification processing unit 140 may notify the fact via the corresponding store device 31 and prompt the user to redo the gesture. It should be noted that failure in gesture authentication may be permitted only a predetermined number of times.

In addition, based on the data in the information management database 160, the notification processing unit 140 may execute a notification prompting the corresponding user to visit a specific service providing location in accordance with the time period based on the behavior information. good. In addition, the behavior information is stored under predetermined conditions to ensure security so that users who mistakenly go to or arrive at a time or place different from the behavior information can receive the predetermined service as it is. , may be editable. Alternatively, a specific service provision location related to behavior information may be automatically changed according to a change in the user's location (for example, location information based on the GPS function of the user terminal 21).

By the way, as described above with reference to FIGS. 4 and 5, in the empty-handed service, it is expected that, for example, by providing a special dedicated lane in the ATM, it is possible to receive the prescribed service quickly. You may have to wait in line for a relatively long time. In such a case, the camera 310 of the shop device 31 or other detecting means detects the number of persons to be authenticated waiting to receive a predetermined service at the shop device 31 (for example, the number of persons to be authenticated lined up in a dedicated lane). may be In this case, if the number of persons to be authenticated is relatively large and the store where the store device 31 requiring waiting time is set is set as the specific service providing place, the time is extended for the user who is going to receive the predetermined service. may be enabled. Specifically, based on the congestion status information obtained from the store device 31 or the like, the determination unit 120 loosely performs authentication based on the behavior information in the store where the store device 31 that requires a waiting time is set. may be executed. Alternatively, a specific type of gesture may be changed to update (re-register) new registration information for authentication (the portion related to the gesture). In addition, the notification processing unit 140 may notify the user terminal 21 of the user who is about to receive the predetermined service with the corresponding store as the specific service providing location. In addition, information on the congestion status may be checked by the user as appropriate.

The user information storage unit 150 stores a user image (master image) for authentication for each user ID. User information may also include information such as an email address.

The information management database 160 stores the various data described above (see FIG. 6). Note that when some or all of the functions of the determination unit 120, the service permission unit 130 and/or the service execution unit 132 are implemented by the financial institution server 91 and/or the store device 31 instead of the authentication server 100, the information Some or all of the data in management database 160 may be held in financial institution server 91 and/or store device 31 . This is the same for the data in the user information storage unit 150 as well. In this case, for example, the data held in one store device 31 is registration information for authentication including action information in which the store where the one store device 31 is installed is specified as a specific service provision place, and corresponding registration information. It may be only the attached service information. In this case, the timing at which the data in the user information storage unit 150 is supplied to the one store device 31 may be timing that matches the time zone based on the behavior information.

Next, an operation example of the information processing system 1 will be described with reference to FIG.

FIG. 8 is a timing chart showing an operation example of the information processing system 1. FIG. Although the illustration of the financial institution server 91 is omitted in FIG. 8 for ease of viewing, the financial institution server 91 also operates in cooperation as will be described later.

FIG. 8 schematically shows exchange of main information among one user terminal 21, one store apparatus 31, and authentication server 100. As shown in FIG. Here, as representatives, one user terminal 21 and one store device 31 related to provision of one predetermined service described below are shown, but the combination of the user terminal 21 and the store device 31 can be It depends on the user terminal 21 and the service information generated by each user terminal 21 .

First, in step S800, one user (hereinafter simply referred to as “user”) desires to receive a predetermined service, and activates the hands-free service application on the user terminal 21 .

Next, in step S802, the user transmits his/her own user image to authentication server 100 as initial registration. Note that if initial registration has been completed, step S802 may be omitted.

In step S<b>804 , the authentication server 100 performs user registration based on the user image from the user terminal 21 . That is, the authentication server 100 issues a user ID (user account), and stores a user image and the like in the user information storage unit 150 in association with the user ID.

In step S<b>806 , the user generates service information designating a predetermined service and registration information for authentication, and transmits them to the authentication server 100 . The method of generating service information and registration information for authentication may be as described above with reference to FIGS. 3A and 3B.

In step S808, when the authentication server 100 receives the service information and the registration information for authentication from the user terminal 21, it issues a new information ID, and based on the received service information and the registration information for authentication, the information management database 160 (see FIG. 6) is updated. In this case, the user image is associated with the new information ID together with the received service information and registration information for authentication. Note that the user image associated with the new information ID may be the user image (data in the user information storage unit 150) associated with the user ID. However, as described above, when clothing or the like is used for authentication, the user image is sent from the user terminal 21 together with the service information and the registration information for authentication, or is sent from the user terminal 21 separately from the service information and the registration information for authentication. , may be sent to the authentication server 100 .

In step S810, the authentication server 100 sends information such as guidance to the user terminal 21 (user) based on the action information included in the registration information for authentication when the date and time of use of the action information is approaching. Give notice before use. In this case, the user is assumed to arrive at the shop on the date and time of use of the behavior information after receiving such notification. Note that the notification before use may be omitted as appropriate.

In step S<b>812 , the shop device 31 of the shop uses the camera 310 to image the person to be authenticated, generates determination information, and transmits the generated determination information to the authentication server 100 .

In step S814, upon receiving the determination information, authentication server 100 determines whether the person to be authenticated according to the determination information is an authorized user based on the determination information and the data in information management database 160 (see FIG. 6). determine whether or not Note that the method of this authentication determination process may be as described above. Here, it is assumed that the result of the authentication determination process is "matching (successful authentication)". Note that if the result of the authentication determination process is not “matching (authentication success),” the authentication server 100 may notify the user of that fact via the store device 31 . In this case, the notification may be a notification prompting to redo the gesture or the like.

In step S816, the authentication server 100 permits the predetermined service based on the corresponding service information because the result of the authentication determination processing is "matching (authentication successful)", cooperates with the financial institution server 91, 31, an instruction to execute a predetermined service is transmitted.

In step S818, upon receiving the execution command of the predetermined service, the store device 31 of the used store provides the authentication target person with the predetermined service such as withdrawal according to the execution command. Note that the store apparatus 31 may notify the authentication server 100 and/or the financial institution server 91 of the execution of the provision of the predetermined service.

In step S820, the authentication server 100 notifies the user terminal 21 (authorized user) of the content of the predetermined service that has already been executed, the date and time of execution, and the like after use.

In step S<b>822 , the user terminal 21 outputs the notification received from the authentication server 100 to the display section 24 .

Although each embodiment has been described in detail above, it is not limited to a specific embodiment, and various modifications and changes are possible within the scope described in the claims. It is also possible to combine all or more of the constituent elements of the above-described embodiments.

For example, in the above-described embodiment, the store device 31 is mainly illustrated as an ATM, but as described above, it can be installed at various service providing locations. For example, the store device 31 may be installed at the entrance of a membership-based service providing location to realize an automatic reception function. In this case, the store device 31 may unlock and/or open the door of the entrance to the service providing location in response to the execution command of the predetermined service from the authentication server 100 .

Also, the service provision location need not be fixed and may be mobile. For example, the service provision location may be an airplane, a train, or the like. Moreover, in the case of car sharing, the store device 31 may be installed in a vehicle. In this case, the store device 31 may unlock and/or open the vehicle door in response to the execution command of the predetermined service from the authentication server 100 .

Also, in the above-described embodiment, the number of specific types of gestures is one, but a combination of two or more types may be used. In this case, the order of gestures in combination of two or more types may also be subject to authentication. Further, from the viewpoint of preventing bank transfer fraud, provision of a predetermined service may be prohibited when the camera 310 detects the call state of the person to be authenticated.

Also, in the above-described embodiment, the specific type of gesture is registered separately from the user image, but it is also possible to register it together with the user image. Specifically, the user image may include an image of a part (for example, a hand) representing the user's gesture. In this case as well, the user image may be a combination of two images, that is, the face image of the user and the image of the region representing the user's gesture, or may be obtained by simultaneously imaging the face and the region representing the gesture. It may be one image. According to such a configuration, it is possible to register a specific type of gesture as well as to register a user image, so that the user's registration load can be reduced, and the communication load between the user terminal 21 and the authentication server 100 can be reduced.

In addition, in the above-described embodiment, the service permission unit 130 and the service execution unit 132 are provided, but it is also possible to implement part or all of the functions of one of the service permission unit 130 and the service execution unit 132 by the other. It is possible. For example, part or all of the functions of the service authorization unit 130 may be implemented by the service execution unit 132 . In this case, "permit" and "execute" may be realized at the same time.

Further, in the embodiment described above, the registration information for authentication includes the user image, the gesture information, and the action information, but is not limited to this. For example, if the user image is changed for each use (every time), high security is thereby ensured, so the registration information for authentication may be simplified information. For example, the registration information for authentication may include only gesture information in addition to the user image, or may include only the user image. In this case, the action information may be used as reservation information. Also, in this case, the face image included in the user image is preferably an image that is significantly changed for each use. As a specific example, the face image included in the user image is preferably not only a natural change of the face of the day, but also a face image obtained by the user forming a face with some intentional change. is. A face with some intentional change can be, for example, a funny face, a smiling face, a crying face, or the like. Alternatively, an image that significantly changes for each use may be realized by capturing only a portion of the face and changing that portion each time. In this case, the user who is to be authenticated must adjust the position of the user with respect to the camera 310 so that only the part concerned falls within the authentication frame set in the image when the image is captured by the camera 310. , the corresponding determination information may be generated.

1 information processing system 4 network 21 user terminal 22 communication unit 24 display unit 26 camera 28 processing unit 31 store device 91 financial institution server 100 authentication server 110 service information acquisition unit 111 registration information acquisition unit 112 association processing unit (authentication registration processing unit )
114 determination information acquisition unit 120 determination unit 130 service permission unit 132 service execution unit 140 notification processing unit 150 user information storage unit 160 information management database 310 camera

Claims (9)

a service information acquisition unit that acquires service information designating a predetermined service based on an input from a user;
an authentication registration processing unit that associates authentication registration information associated with the user with the service information;
a determination information acquiring unit that acquires, in a contactless manner, determination information related to an authenticated person who has arrived at a service providing location from the authenticated person;
a determination unit that determines whether the person to be authenticated is the user based on the relationship between the determination information acquired by the determination information acquisition unit and the registration information;
a service permitting unit that permits provision of the predetermined service specified by the service information to the person to be authenticated at the service providing location when the person to be authenticated is determined to be the user by the determination unit; with
The registration information includes a user image obtained by imaging the user, and information representing a specific type of gesture that can be registered by the user for each service information,
The information processing system , wherein the user image includes an image of a part including the user's face and an image of a part representing the specific type of gesture . 2. The information processing system according to claim 1, wherein said user image further includes an image of clothing of said user, and said image of clothing can be registered by said user for each piece of said service information. the information representing the specific type of gesture is selectable by the user from among a plurality of types;
The determination information acquisition unit acquires the determination information for the user image by capturing an image of the person to be authenticated with a camera provided at the service providing location, and captures the gesture of the person to be authenticated with the camera. 3. The information processing system according to claim 1 or 2, wherein said determination information for said specific type of gesture is acquired in said step. The predetermined service includes at least one of various services that can be received via an ATM,
4. The information processing system according to claim 3, further comprising a service execution unit for realizing provision of said predetermined service permitted by said service permitting unit among various services in ATM. 5. The service execution unit according to claim 4, wherein said determination unit determines that said determination information related to said gesture matches said registration information related to said gesture, and at the same time said service execution unit starts providing said predetermined service. information processing system. 6. The information processing system according to any one of claims 1 to 5, wherein said service information can be generated in a manner specifying two or more of said predetermined services. 7. The information processing system according to claim 6, further comprising a notification processing unit that outputs to said user in advance the executable range of said two or more predetermined services. The registration information further includes designation information designating a specific service providing place and time information when the user arrives at the service providing place,
The determination information acquiring unit acquires the determination information regarding the service providing place and the arrival time of the person to be authenticated,
8. The determining unit determines that the person to be authenticated is the user when the person to be authenticated arrives at the specific service providing location at a time corresponding to the time information. The information processing system according to any one of the items. An information processing program executable by an information processing device,
An information processing program that causes the information processing apparatus to implement the information processing system according to any one of claims 1 to 8.

Images