WO2022085265A1 - Fraud detection device for checking and authenticating person, application fraud detection method, and application fraud detection program - Google Patents

Fraud detection device for checking and authenticating person, application fraud detection method, and application fraud detection program Download PDF

Info

Publication number
WO2022085265A1
WO2022085265A1 PCT/JP2021/027773 JP2021027773W WO2022085265A1 WO 2022085265 A1 WO2022085265 A1 WO 2022085265A1 JP 2021027773 W JP2021027773 W JP 2021027773W WO 2022085265 A1 WO2022085265 A1 WO 2022085265A1
Authority
WO
WIPO (PCT)
Prior art keywords
applicant
data
application
personal
fraudulent
Prior art date
Application number
PCT/JP2021/027773
Other languages
French (fr)
Japanese (ja)
Inventor
敬起 長谷川
潤也 近藤
雄一郎 池田
Original Assignee
株式会社Elements
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 株式会社Elements filed Critical 株式会社Elements
Priority to JP2022556417A priority Critical patent/JPWO2022085265A1/ja
Priority to GB2307441.2A priority patent/GB2616145A/en
Publication of WO2022085265A1 publication Critical patent/WO2022085265A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/018Certifying business or products
    • G06Q30/0185Product, service or business identity fraud
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/36User authentication by graphic or iconic representation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/10Office automation; Time management
    • G06Q10/105Human resources
    • G06Q10/1053Employment or hiring
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q50/00Systems or methods specially adapted for specific business sectors, e.g. utilities or tourism
    • G06Q50/10Services
    • G06Q50/26Government or public services
    • G06Q50/265Personal security, identity or safety

Definitions

  • the present invention relates to a fraudulent application detection device, a fraudulent application detection method, and a fraudulent application detection program in the case of identity verification and identity verification using face recognition or the like.
  • Patent Document 1 Japanese Unexamined Patent Publication No. 2017-12570 discloses a method for preventing a malicious applicant from repeatedly making an unauthorized application in a system for registering an application such as opening an account.
  • the method for preventing fraudulent applications described in Patent Document 1 is to input data necessary for application for account opening, etc. from the terminal device of the applicant, and to register the application for account opening, etc. based on the data.
  • It is a fraudulent application prevention system including an application registration server including a comprehensive judgment unit that performs comprehensive judgment of certificate data based on history information and a transmission unit that transmits judgment result information of the comprehensive judgment unit.
  • Patent Document 2 Japanese Unexamined Patent Publication No. 2018-163677 is a service capable of efficiently detecting similar unauthorized access by creating a database of information that may be unauthorized access as a black list.
  • the provision system, service provision method, collation device, collation method and computer program are disclosed.
  • the unauthorized access detection system described in Patent Document 2 includes a WEB server and an authentication server.
  • the WEB server provides a service providing means for providing the user's information to the authentication server and providing the service to the user determined to be a legitimate user, and a transmitting means for transmitting the operation information of the user to the WEB server to the collation server.
  • the authentication server has a determination means for determining whether or not the user is a legitimate user based on the user's information, and a receiving means for receiving the probability that the user is not a legitimate user from the matching server.
  • the collation server includes a whitelist database that records information on the behavior of a legitimate user and a blacklist database that is registered when it is determined that the record does not correspond to the record in the whitelist database. The information is compared with the data in the blacklist database, and the index that the user is not a legitimate user is calculated from the degree of approximation and sent to the authentication server.
  • Patent Document 3 Japanese Unexamined Patent Publication No. 2004-259253 discloses a personal authentication device that collates not only a face image of a person but also a face image of a person requiring attention at the time of personal authentication.
  • the personal authentication device described in Patent Document 3 is a personal authentication device that authenticates that the user is the person, and is an image pickup unit that captures the user's face and a user's face image captured by the image pickup unit.
  • a specific person comparison unit that compares the image of the person with the face image of the specific person held in advance, a person image acquisition unit that acquires the person's face image from the storage device, and a user's face image captured by the image pickup unit.
  • an authentication unit that determines whether or not the person's face image acquired by the person's image acquisition unit is an image of the same person by a different determination method based on the comparison result by the specific person comparison unit.
  • Patent Document 4 Japanese Unexamined Patent Publication No. 2019-086971 discloses a more convenient identity verification system and identity verification method using a face image.
  • the identity verification server is based on an image data receiving unit that receives the certification image data of the license taken by the camera of the mobile phone, the face image data of the user, and the certification image data.
  • the character acquisition unit that acquires character data
  • the score acquisition unit that collates the face image and face image data of the certification image data and acquires the score
  • the face recognition determination that determines that face authentication is possible when the score is equal to or higher than the threshold value. It is provided with a unit and a face determination result transmission unit that transmits the determination result and the personal identification data included in the character data to the mobile terminal.
  • the face recognition determination unit determines that face recognition is possible if the position data received from the mobile terminal is close to the address, and if the authentication result is face recognition, the mobile terminal. Provided an authenticated data transmission unit that transmits personal identification data to the bank server 7.
  • Patent Document 5 Japanese Unexamined Patent Publication No. 2020-087461 discloses a personal authentication system, an authenticator, a program, and a personal authentication method with improved security.
  • the mobile terminal is a personal authentication system.
  • An image storage processing unit that stores a face image, which is an image of the face of the holder holding a driver's license, acquired through a camera when verifying the identity of the user in the collation image storage unit as a collation image, and a service.
  • the face image acquisition collation unit that acquires the face image of the service user via the camera and collates it with the collation image stored in the collation image storage unit, and the collation result by the face image acquisition collation unit are stored in the personal authentication server. It is provided with a collation result transmission unit for transmitting to.
  • the personal authentication server includes a service use permission unit that permits the use of the service based on the collation result.
  • Japanese Unexamined Patent Publication No. 2017-12570 Japanese Unexamined Patent Publication No. 2018-163677 Japanese Unexamined Patent Publication No. 2004-259253 Japanese Unexamined Patent Publication No. 2019-086971 Japanese Unexamined Patent Publication No. 2020-087461
  • the authenticity determination unit checks whether the characters, symbols, etc. described in the image data of the driver's license conform to the predetermined rules, and the truth of the application data is obtained. Judge false. Further, the history information storage unit compares the terminal ID of the mobile terminal device with the terminal ID recorded in the history information table, and determines whether or not the terminal ID has been determined to be forged in the past. In the case of the method of Patent Document 1, even if the driver's license is forged, if the characters, symbols, etc. described in the image data of the driver's license conform to the predetermined rules, it is not an illegal application. There is a risk of being judged.
  • operation information such as OS, browser, language, IP address, time, and page transition is checked, and when the operation information is different even though the user is the same user.
  • Prevents unauthorized access by determining that there is a high possibility of unauthorized access by a malicious third party, but determines that there is a high possibility of unauthorized access by a malicious third party.
  • normal access data 20 times or more is required in advance, and it is considered that there is a high risk of using this unauthorized access detection method alone.
  • the face image of the user captured by the imaging unit is compared with the face image of a specific person held in advance, and the face image of the user is the face of the specific person.
  • the identity verification is performed by collating the proof image data of the driver's license with the face image data of the user, and if the license is forged, an error is made. There is a possibility that you will be authenticated.
  • a main object of the present invention is to provide an online identity verification and authentication fraudulent application detection device, a fraudulent application detection method, and a fraudulent application detection program.
  • an online identity verification application the combination of personal appearance data, personal identification items (for example, name, date of birth, address, driver's license number, etc.) and user's terminal identifier should be uniquely determined. Utilizing this feature, it detects the deception of a criminal's identity and the impersonation of another person or a fictitious person. That is, when multiple personal appearance data are applied for the same personal appearance data, when multiple personal appearance data are applied for the same personal identification matter, and from the same terminal identifier. When there are multiple applications for personal appearance data and personal identification items, it is detected as the first fraud judgment.
  • the commercial database black list
  • the commercial database may be utilized for the personal identification items, the address, the telephone number, and the IP address of the access source at the time of the personal verification application, and if applicable, it may be detected as the first fraud determination.
  • the commercial database black list
  • the commercial database may be utilized for the personal identification items, the address, the telephone number, and the IP address of the access source at the time of the personal verification application, and if applicable, it may be detected as the first fraud determination.
  • Another object of the present invention is to provide a plurality of businesses to which a criminal provides a service with the same personal appearance data and a plurality of different personal identification matters, or with a plurality of different personal appearance data and the same personal identification matter.
  • a fraudulent application detection device, fraudulent application detection method, and fraudulent application detection program that can reliably detect fraudulent applications even when applying for identity verification with the same terminal identifier and multiple different personal identification items / personal appearance data.
  • If the fraudulent application detection device is closed by a single business operator, for example, apply for identity verification and personal authentication to different business operators with the same personal appearance data and multiple different personal identification items. Cannot detect fraud.
  • the present invention provides a fraudulent application detection device, a fraudulent application detection method, and a fraudulent application detection program that can reliably detect fraud even in such a case.
  • the fraudulent application detection device for identity verification and identity verification that follows one aspect can use at least one of the applicant's identity data, the applicant's identity identification data, and the terminal identifier data of the applicant's application terminal.
  • the application data receiving unit to be received, the applicant database that stores the personal appearance data, the personal identification matter data, and the terminal identifier data received by the application data receiving unit, and the personal appearance data of the applicant are stored in the applicant database.
  • the application data comparison department that compares the personal appearance data of the previous applicant and the application data comparison department finds the personal appearance data of the previous applicant that is similar to the personal appearance data of the applicant, the applicant If the personal identification matter data and the personal identification matter data of the previous applicant do not match, the fraudulent application determination unit that makes the first fraudulent application determination is included.
  • the personal identification matter data of the applicant is, for example, the applicant's name, date of birth, address, driver's license number, and other arbitrary information.
  • the identity verification and identity verification fraud application detection device is the identity verification according to one aspect, and the application data comparison unit further applies for the applicant's identity identification matter data in the identity verification fraud application detection device.
  • the fraudulent application judgment department has the previous applicant's personal identification matter data that matches the applicant's personal identification matter data in the application data comparison department.
  • the first fraudulent application determination may be performed.
  • the identity verification and identity verification fraud application detection device is the identity verification and identity verification fraud application detection device according to one aspect or the second invention.
  • the terminal identifier data is compared with the terminal identifier data of the previous applicant stored in the applicant database, and the fraudulent application judgment unit is the terminal identifier of the previous applicant that matches the terminal identifier data of the applicant in the application data comparison unit.
  • the applicant's personal appearance data and the previous applicant's personal appearance data are not similar, or the applicant's personal identification matter data and the previous applicant's personal identification matter data If they do not match, the first fraudulent application determination may be made.
  • the terminal identifier may be, for example, "a combination of terminal information such as an operating system (OS) type and version, a browser (BROWSER) type and version, and a terminal model", or "for software installed on the terminal”.
  • OS operating system
  • BROWSER browser
  • terminal model a terminal model
  • the issued UUID UNIVERSALLY UNIQUE IDENTIFIER
  • the fraudulent application detection device for identity verification and personal authentication according to the fourth invention is the fraudulent application detection device for identity verification and personal authentication according to the third invention from one aspect, and the fraudulent application determination unit determines the first fraudulent application. It may include a gray list database that records the applicant's personal appearance data, personal identification matter data, and terminal identifier data.
  • the applicant who made a fraudulent application in the previous personal application may also make a fraudulent application in the subsequent personal application. Therefore, by creating a gray list database that records the personal appearance of the applicant who was judged as the first fraudulent application judgment or the second fraudulent application judgment, the personal identification matter, and the terminal identifier, and using this, fraudulent application detection can be performed. Comprehensiveness can be improved.
  • the gray list database registers arbitrary data related to the applicant. It may be possible. For example, the business operator that provides the service to the applicant or the system provider may be able to automatically or manually register the data.
  • the necessary data can be registered in the gray list database at the discretion of the business operator that provides the service to the applicant, the system provider, or the like.
  • the identity verification and identity authentication fraud application detection device is the identity verification and identity authentication fraud application detection device according to the fourth or fifth invention, and further, the applicant's personal appearance data is graylisted.
  • the fraudulent application judgment department finds the personal appearance data of the previous applicant similar to the personal appearance data of the applicant in the application data comparison department. In, the second fraudulent application determination may be made.
  • the fraudulent application detection device for identity verification and identity verification according to the seventh invention is the identity verification and fraudulent application detection device for identity verification according to the fourth to sixth inventions.
  • the personal identification matter data is compared with the personal identification matter data of the previous applicant stored in the gray list database, and the fraudulent application judgment department is the same as the personal identification matter data of the applicant in the application data comparison department. When the personal identification matter data of the above is found, the second fraudulent application determination may be made.
  • the identity verification and identity authentication fraud application detection device is the identity verification and identity authentication fraud application detection device according to the fourth to seventh inventions.
  • the terminal identifier data is compared with the terminal identifier data of the previous applicant stored in the gray list database, and the fraudulent application judgment unit is the terminal identifier of the previous applicant that matches the terminal identifier data of the applicant in the application data comparison unit. When the data is found, the second fraudulent application determination may be made.
  • the identity verification and identity verification fraud application detection device is the identity verification and identity verification fraud application detection device according to the eighth invention from one aspect, and the applicant database and the gray list database are the applicants. It may be built across multiple operators that provide services to.
  • An applicant who applies for fraudulent identity verification may contact multiple businesses that provide services, such as multiple banks, with the same personal appearance data and multiple different personal identification items, or with multiple different personal appearances.
  • applications such as opening an account are made with specific matters, or with the same terminal and multiple different personal identification matters / personal appearances.
  • the same personal appearance data and a plurality of different personal identification matters are used among a plurality of businesses, or a plurality of different personal appearances and the same personal identification matters. Even if an application for opening an account or the like is made with the same terminal and a plurality of different personal identification matters / personal appearances, it can be determined that the application is fraudulent. Further, when a certain business operator records the data in the gray list database, it can be detected as an illegal application even when an application for identity verification, identity verification, etc. is made to another business operator.
  • the identity verification and identity verification fraud application detection device is the identity verification and identity verification fraud application detection device according to the ninth invention from one aspect.
  • the fraudulent application determination unit may make the first fraudulent application determination when there is a suspicious point in the IP address.
  • the case where there is a suspicious point in the IP address is, for example, the case where the country code of the IP address is not Japan, or the case where it seems that an anonymous network is used.
  • the fraudulent application detection device for identity verification and personal authentication according to the fifth invention can detect a fraudulent application in such a case.
  • the identity verification and identity verification fraud application detection device is the identity verification and identity verification fraud application detection device according to the tenth invention from one aspect.
  • the fraudulent application determination unit may make the first fraudulent application determination when the applicant's address is a non-existent address or a suspicious address.
  • a fictitious address may be listed as the applicant's address.
  • the fraudulent application detection device for identity verification and personal authentication according to the eleventh invention detects that the application is fraudulent if the address described in the application form is not an existing address or if the house is vacant. be able to. In detecting whether the application is fraudulent, for example, the address of the applicant may be collated with arbitrary data or information such as a commercial database.
  • the fraudulent application detection device for identity verification and identity verification according to the twelfth invention is the identity verification and fraudulent application detection device for identity verification according to the eleventh invention from one aspect.
  • the fraudulent application determination unit may make the first fraudulent application determination when the applicant's telephone number does not exist or is a suspicious telephone number.
  • a fictitious telephone number or a telephone number for which payment of usage fees has been delayed may be listed as the applicant's telephone number.
  • the fraudulent application detection device for identity verification and personal authentication when the telephone number described in the application form is not an actual telephone number, or when the payment of the usage fee is delayed, etc. Can detect that the application is fraudulent.
  • the applicant's telephone number may be collated with arbitrary data or information such as a commercial database.
  • the fraudulent application detection device for identity verification and personal authentication according to the thirteenth invention is the identity verification and fraudulent application detection device for personal authentication according to the twelfth invention from one aspect.
  • the first fraudulent application determination may be made when the matter data corresponds to a person requiring attention.
  • the first fraudulent application determination can be made for the person requiring attention.
  • the method for detecting identity verification and fraudulent application for identity verification is at least one of the applicant's identity data, the applicant's identity identification data, and the terminal identifier data of the applicant's application terminal.
  • the application data receiving step to receive The application data storage step for storing the personal appearance data, personal identification data, and terminal identifier data received in the application data reception step in the applicant database, The applicant's personal appearance data is compared with the previous applicant's personal appearance data stored in the applicant database, and the applicant's personal identification data is stored in the applicant database.
  • Application data comparison step to compare with data, When the applicant's personal appearance data similar to the applicant's personal appearance data is found in the application data comparison step, the applicant's personal identification data and the previous applicant's personal identification data are one.
  • the applicant's personal appearance data and the previous applicant's personal appearance data are similar. If not, the fraudulent application determination step of performing the first fraudulent application determination is included.
  • the method for detecting fraudulent applications for identity verification and personal authentication is an invention of a fraudulent application detection method corresponding to the fraudulent application detection device for identity verification and personal authentication according to the first aspect and the second invention.
  • the fraudulent application detection program for identity verification and identity verification that follows other aspects is at least one of the applicant's identity data, the applicant's identity identification data, and the terminal identifier data of the applicant's application terminal.
  • the application data reception process to receive, and The application data storage process that stores the personal appearance data, personal identification data, and terminal identifier data received in the application data reception process in the applicant database,
  • the applicant's personal appearance data is compared with the previous applicant's personal appearance data stored in the applicant database, and the applicant's personal identification data is stored in the applicant database.
  • Application data comparison processing to compare with data and When the applicant's personal appearance data similar to the applicant's personal appearance data is found in the application data comparison process, the applicant's personal identification data and the previous applicant's personal identification data are one.
  • the applicant's personal identification data that matches the applicant's personal identification data is found in the application data comparison process, the applicant's personal appearance data and the previous applicant's personal appearance data are similar. If not, the fraudulent application determination process for performing the first fraudulent application determination is included.
  • the identity verification and fraudulent application detection program is the invention of the fraudulent application detection program corresponding to the identity verification and the fraudulent application detection device for the identity verification according to the first aspect and the second invention.
  • FIG. 1 is a schematic overall configuration diagram of an identity verification or identity authentication system 60 including a fraudulent application detection device 30 according to the present embodiment
  • FIG. 2 is a schematic diagram showing an example of the configuration of the fraudulent application detection device 30. ..
  • the identity verification or identity authentication system 60 includes an applicant terminal 10, a reception terminal 20, a fraudulent application detection device 30, and a business operator terminal 50.
  • the fraudulent application detection device 30 includes an applicant database 40 and a gray list database 45, and the applicant database 40 and the gray list database 45 are fraudulently included in another identity verification or identity authentication system 60. It is a common database with the application detection device 30.
  • the applicant terminal 10 transmits the applicant application data 70 such as the person's appearance, personal identification matters, address, and telephone number to the reception terminal 20. Further, the reception terminal 20 obtains a terminal identifier based on a combination of the OS type and version of the applicant terminal 10, the browser type and version, the terminal model name, and the like, and the IP address of the applicant terminal 10.
  • the applicant application data 70 such as the personal appearance, personal identification matters, address, and telephone number received by the reception terminal 20 is transmitted to the business terminal 50.
  • the application data 80 including the applicant application data 70 such as the personal appearance, personal identification matters, address, and telephone number received by the reception terminal 20 and the terminal identifier and IP address of the applicant terminal 10 is the fraudulent application detection device 30. Will also be sent.
  • the fraudulent application detection device 30 stores the received application data 80 in the applicant database 40, and also uses the application data 80 stored in the applicant database 40 by its own fraudulent application detection device 30 and another fraudulent application detection device 30. The presence or absence of fraudulent application is determined, and the fraudulent application determination result 100 is transmitted to the business terminal 50.
  • the fraudulent application detection device 30 includes an application data receiving unit 110, an application data comparison unit 120, a fraudulent application determination unit 130, an applicant database 40, and a gray list database 45.
  • the applicant database 40 and the gray list database 45 are common databases with the fraudulent application detection device 30 included in the other identity verification or identity authentication system 60.
  • the personal appearance, personal identification matters, address, telephone number, terminal identifier of the applicant terminal 10, IP address, etc. received by the application data receiving unit 110 are stored in the applicant database 40 and sent to the application data comparison unit 120.
  • the application data comparison unit 120 compares the applicant's personal appearance, personal identification items, terminal identifier of the applicant terminal 10, IP address, etc. with the data stored in the applicant database 40, and the result of the comparison is the fraudulent application determination unit 130.
  • the fraudulent application determination unit 130 compares the data of the applicant sent from the application data comparison unit 120 with the data stored in the applicant database 40, and for example, address existence determination, telephone number existence determination, IP address determination, etc. Use our commercial database to determine if your identity verification application is fraudulent. The details of the fraudulent application determination will be described later in (Flowchart for determining fraudulent application).
  • the fraudulent application determination result 100 is transmitted to the business operator terminal 50, and when a new fraudulent application is determined, it is added to the gray list database 45.
  • FIG. 3 shows an example of the applicant database 40.
  • the applicant database 40 contains personal identification matter data, personal appearance data, application terminal identifier, access source IP address, address, and the like.
  • the personal identification matter data is, for example, a name, a date of birth, an address, a driver's license number, and the like.
  • FIG. 4 shows an example of the gray list database 45.
  • the gray list database 45 in addition to the data of the applicant database 40, the fraudulent application determination result 100 is described.
  • the column of the fraudulent application determination result 100 it is desirable to specifically describe "reuse of personal appearance", “reuse of personal identification matters", and the like.
  • the gray list database 45 may allow a business operator who provides a service to the applicant to register arbitrary data.
  • FIG. 5 is a flowchart of fraudulent application determination based on the person's appearance, personal identification items, and application terminal identifier
  • FIG. 6 is a flowchart of fraudulent application determination by comparison with the gray list database 45
  • FIG. 7 is an access source IP address. , Address, telephone number, and a flowchart of fraudulent application determination by comparison with persons requiring attention.
  • the application data receiving unit 110 receives data such as a person's appearance, a person's identification item, an application terminal identifier, an IP address, an address, and a telephone number.
  • the application data receiving unit 110 sends the received data to the applicant database 40, and the applicant database 40 stores the received data. At this time, the application data receiving unit 110 also sends the received data to the application data comparison unit 120.
  • the application data comparison unit 120 compares the personal appearance sent from the application data receiving unit 110 with the personal appearance of the data stored in the applicant database 40, and the applicant with a similar personal appearance is the applicant. Check if you are in database 40. The comparison result is sent to the fraudulent application determination unit 130. (S5-S7) Based on the comparison result sent, if there is an applicant with a similar personal appearance in the applicant database 40, the fraudulent application determination unit 130 identifies the applicant's personal appearance. Compare with similar applicant's identity identification items. If the personal identification matter of the applicant and the personal identification matter of the applicant with similar personal appearance are different, the first fraudulent application judgment (reuse of the personal appearance) is made and the fraudulent application judgment result 100 is transmitted to the business terminal 50. At the same time, the applicant is registered in the gray list database 45.
  • the application data comparison unit 120 compares the personal identification items sent from the application data receiving unit 110 with the personal identification items of the data stored in the applicant database 40, and the applicant has the same personal identification items. Check if is in the applicant database 40. The comparison result is sent to the fraudulent application determination unit 130. (S10-S12) Based on the comparison result sent, the fraudulent application determination unit 130 shows the applicant's personal appearance when the applicant and the applicant with the same personal identification items are in the applicant database 40. Is compared with the personal appearance of the applicant who has the same personal identification matters. If the personal appearance of the applicant and the personal appearance of the same applicant are different from each other, the first fraudulent application judgment (reuse of the personal identification matter) is made and the fraudulent application judgment result 100 is transmitted to the business terminal 50. At the same time, the applicant is registered in the gray list database 45.
  • the application data comparison unit 120 compares the terminal identifier sent from the application data reception unit 110 with the terminal identifier of the data stored in the applicant database 40, and the applicant with the same terminal identifier is the applicant. Check if you are in database 40. The comparison result is sent to the fraudulent application determination unit 130.
  • S15-S18 In the fraudulent application determination unit 130, when an applicant having the same terminal identifier is in the applicant database 40 based on the sent comparison result, the terminal identifier determines the personal appearance of the applicant. Compare with the personal appearance of the same applicant.
  • the personal identification item of the applicant is further compared with the personal identification matter of the applicant having the same terminal identifier. If the personal appearance of the applicant is not similar to the personal appearance of the same applicant with the same terminal identifier, or if the personal identification items of the applicant and the personal identification items of the same applicant with the same terminal identifier are different, As the first fraudulent application determination (reuse of terminal identifier), the fraudulent application determination result 100 is transmitted to the business terminal 50, and the applicant is registered in the gray list database 45.
  • the application data comparison unit 120 compares the personal appearance sent from the application data receiving unit 110 with the personal appearance of the data stored in the gray list database 45, and the applicant with similar personal appearance is the gray list. Check if you are in database 45. The comparison result is sent to the fraudulent application determination unit 130.
  • the application data comparison unit 120 compares the personal identification items sent from the application data receiving unit 110 with the personal identification items of the data stored in the gray list database 45, and the applicant has the same personal identification items. Check if is in the gray list database 45. The comparison result is sent to the fraudulent application determination unit 130.
  • the application data comparison unit 120 compares the terminal identifier sent from the application data reception unit 110 with the terminal identifier of the data stored in the gray list database 45, and the applicant with the same terminal identifier is the gray list. Check if you are in database 45. The comparison result is sent to the fraudulent application determination unit 130. (S25) Based on the comparison result sent, the fraudulent application determination unit 130 makes an application in which the applicant and the person-identifying matter have the same identity when there is an applicant having a similar appearance to the applicant in the gray list database 45. If a person is in the gray list database 45, or if an applicant with the same terminal identifier as the applicant is in the gray list database 45, the second fraudulent application determination is made and the fraudulent application determination result 100 is set as the business operator. Send to the terminal 50.
  • the fraudulent application determination unit 130 uses a commercial database for IP address determination, and the IP address of the access source is an IP address other than Japan, or an IP address used in an anonymous network. If there is a suspicious point in the IP address, such as in the case of Register at 45.
  • the fraudulent application determination unit 130 confirms whether the applicant's address is a real address by using a commercial database for determining the existence of the address, and if it is not the real address, the first 1
  • the fraudulent application determination (address suspicious) is made, the fraudulent application determination result 100 is transmitted to the business terminal 50, and the applicant is registered in the gray list database 45.
  • the fraudulent application determination unit 130 confirms whether the applicant's telephone number is an existing telephone number by using a commercial database for determining the existence of the telephone number, and if it is not an existing telephone number.
  • the first fraudulent application determination (phone number suspicious) is set, the fraudulent application determination result 100 is transmitted to the business terminal 50, and the applicant is registered in the gray list database 45.
  • the fraudulent application determination unit 130 uses a commercial database for searching for a person requiring attention to confirm whether or not the applicant corresponds to a person requiring attention, and if it corresponds to a person requiring attention. , The first fraudulent application determination (corresponding to a person requiring attention) is set, the fraudulent application determination result 100 is transmitted to the business terminal 50, and the applicant is registered in the gray list database 45. If the first fraudulent application determination and the second fraudulent application determination are not made in the above-mentioned flow chart for fraudulent application determination, the fraudulent application determination unit 130 sets the fraudulent application determination result 100 to the business operator at the end of the fraudulent application determination. Send to terminal 50.
  • the application data receiving unit 110 corresponds to the "application data receiving unit”
  • the applicant database 40 corresponds to the "applicant database”
  • the application data comparing unit 120 corresponds to the "application data comparing unit”.
  • the fraudulent application determination unit 130 corresponds to the "fraudulent application determination unit”
  • the fraudulent application detection device 30 corresponds to the "fraud application detection device”
  • the gray list database 45 corresponds to the "gray list database”.

Abstract

[Problem] To provide a fraud detection device for checking and authenticating a person online, an application fraud detection method, and an application fraud detection program. [Solution] An application fraud detection device 30 comprises: an application data reception unit 110 that receives an appearance and identification matter for an applicant and a terminal identifier of an application terminal; an applicant database 40 that accumulates the received data; an applicant data comparison unit 120 that compares the appearance and identification matter for the applicant with an appearance and identification matter for a previous applicant; and an application fraud determination unit 130 that executes first application fraud determination when a previous applicant whose appearance is similar to the appearance of the applicant is found yet the identification matter for the applicant and the identification matter for the previous applicant do not match, or when a previous applicant whose identification matter matches the identification matter for the applicant is found yet the appearance of the applicant and the appearance of the previous applicant are dissimilar.

Description

本人確認、本人認証の不正申請検知装置、不正申請検知方法、および不正申請検知プログラムIdentity verification, identity verification fraudulent application detection device, fraudulent application detection method, and fraudulent application detection program
 本発明は、顔認証などを用いて本人確認、本人認証をする場合における、不正申請検知装置、不正申請検知方法、および不正申請検知プログラムに関する。 The present invention relates to a fraudulent application detection device, a fraudulent application detection method, and a fraudulent application detection program in the case of identity verification and identity verification using face recognition or the like.
 従来から、顔認証などを用いて本人確認、本人認証する場合における、不正な申請の検知方法について研究および開発が行われている。例えば、特許文献1(特開2017-120570号公報)には、口座開設等の申込登録を行うシステムにおいて、悪意のある申込者が、繰り返し行う不正な申込を防止する方法について開示されている。 Conventionally, research and development have been conducted on methods for detecting fraudulent applications in the case of identity verification and identity verification using face recognition or the like. For example, Patent Document 1 (Japanese Unexamined Patent Publication No. 2017-12570) discloses a method for preventing a malicious applicant from repeatedly making an unauthorized application in a system for registering an application such as opening an account.
 特許文献1に記載の不正な申込を防止する方法は、申込者の端末装置から口座開設等の申し込みに必要なデータを入力し、該データに基づいて口座開設等の申込登録を行うシステムにおいて、口座開設等に必要な証明書データを入力するカメラと、証明書データを送信する送信部とを備えた携帯端末装置と、証明書データを受信する受信部と、受信した証明書データの真偽を判定する真偽判定部と、携帯端末装置と携帯端末装置から過去に入力された証明書データのチェック結果を対応付けた履歴情報を記憶する履歴情報記憶部と、真偽判定部の判定結果および履歴情報に基づき証明書データの総合判定を行う総合判定部と、総合判定部の判定結果情報を送信する送信部とを備えた申込登録サーバとを備えた不正申込防止システムである。 The method for preventing fraudulent applications described in Patent Document 1 is to input data necessary for application for account opening, etc. from the terminal device of the applicant, and to register the application for account opening, etc. based on the data. A mobile terminal device equipped with a camera for inputting certificate data necessary for opening an account, a transmitting unit for transmitting certificate data, a receiving unit for receiving certificate data, and authenticity of the received certificate data. The authenticity determination unit, the history information storage unit that stores the history information associated with the check results of the certificate data input in the past from the mobile terminal device and the mobile terminal device, and the determination result of the authenticity determination unit. It is a fraudulent application prevention system including an application registration server including a comprehensive judgment unit that performs comprehensive judgment of certificate data based on history information and a transmission unit that transmits judgment result information of the comprehensive judgment unit.
 また、特許文献2(特開2018-163677号公報)には、不正アクセスであるとの可能性がある情報をブラックリストとしてデータベース化し、同様の不正アクセスを効率的に検出することが可能なサービス提供システム、サービス提供方法、照合装置、照合方法およびコンピュータプログラムについて開示されている。 Further, Patent Document 2 (Japanese Unexamined Patent Publication No. 2018-163677) is a service capable of efficiently detecting similar unauthorized access by creating a database of information that may be unauthorized access as a black list. The provision system, service provision method, collation device, collation method and computer program are disclosed.
 特許文献2に記載の不正アクセス検出システムは、WEBサーバと認証サーバを備える。WEBサーバは、ユーザの情報を認証サーバに提供し、正規のユーザであると判断したユーザにサービスを提供するサービス提供手段と、ユーザのWEBサーバに対する動作の情報を照合サーバに送信する送信手段を有する。認証サーバは、ユーザの情報に基づきユーザが正規のユーザか否か判断する判断手段と、ユーザが正規のユーザではない確率を照合サーバから受信する受信手段とを有する。
 また、照合サーバは、正規のユーザの動作の情報を記録したホワイトリストデータベースと、ホワイトリストデータベース中のレコードに該当しないと判断された場合に登録されるブラックリストデータベースとを含み、ユーザの動作の情報をブラックリストデータベース中のデータを比較し、その近似の程度から、ユーザが正規のユーザではない指標を算出し、認証サーバに送信する。 The unauthorized access detection system described in Patent Document 2 includes a WEB server and an authentication server. The WEB server provides a service providing means for providing the user's information to the authentication server and providing the service to the user determined to be a legitimate user, and a transmitting means for transmitting the operation information of the user to the WEB server to the collation server. Have. The authentication server has a determination means for determining whether or not the user is a legitimate user based on the user's information, and a receiving means for receiving the probability that the user is not a legitimate user from the matching server.
In addition, the collation server includes a whitelist database that records information on the behavior of a legitimate user and a blacklist database that is registered when it is determined that the record does not correspond to the record in the whitelist database. The information is compared with the data in the blacklist database, and the index that the user is not a legitimate user is calculated from the degree of approximation and sent to the authentication server.
 また、特許文献3(特開2004-259253号公報)には、本人認証の時に、本人の顔画像だけではなく、要注意人物の顔画像に照合する本人認証装置が開示されている。 Further, Patent Document 3 (Japanese Unexamined Patent Publication No. 2004-259253) discloses a personal authentication device that collates not only a face image of a person but also a face image of a person requiring attention at the time of personal authentication.
 特許文献3に記載の本人認証装置では、利用者が本人であることを認証する本人認証装置であって、利用者の顔を撮像する撮像部と、撮像部により撮像された利用者の顔画像を、予め保持されている特定の人物の顔画像と比較する特定人物比較部と、本人の顔画像を、記憶装置から取得する本人画像取得部と、撮像部によって撮像された利用者の顔画像と、本人画像取得部によって取得された本人の顔画像とが同一の人物の画像であるか否かを、特定人物比較部による比較結果に基づいて異なる判断方法で判断する認証部とを備える。 The personal authentication device described in Patent Document 3 is a personal authentication device that authenticates that the user is the person, and is an image pickup unit that captures the user's face and a user's face image captured by the image pickup unit. A specific person comparison unit that compares the image of the person with the face image of the specific person held in advance, a person image acquisition unit that acquires the person's face image from the storage device, and a user's face image captured by the image pickup unit. And an authentication unit that determines whether or not the person's face image acquired by the person's image acquisition unit is an image of the same person by a different determination method based on the comparison result by the specific person comparison unit.
 また、特許文献4(特開2019-086971号公報)には、より利便性が高い顔画像を用いた本人確認システムおよび本人確認方法が開示されている。 Further, Patent Document 4 (Japanese Unexamined Patent Publication No. 2019-086971) discloses a more convenient identity verification system and identity verification method using a face image.
 特許文献4に記載の本人確認システムでは、本人確認サーバは、携帯電話のカメラで撮影した免許証の証明画像データと、ユーザの顔画像データとを受信する画像データ受信部と、証明画像データから文字データを取得する文字取得部と、証明画像データの顔画像と顔画像データとを照合しスコアを取得するスコア取得部と、スコアが閾値以上である場合に顔認証可と判定する顔認証判定部と、判定結果と文字データに含まれる個人特定データとを携帯端末に送信する顔判定結果送信部とを備える。顔認証判定部は、スコアが閾値近傍である場合に、携帯端末から受信した位置データが住所に近傍していれば顔認証可と判定し、認証結果が顔認証可である場合に、携帯端末が個人特定データを銀行サーバ7に送信する認証済データ送信部を備える。 In the identity verification system described in Patent Document 4, the identity verification server is based on an image data receiving unit that receives the certification image data of the license taken by the camera of the mobile phone, the face image data of the user, and the certification image data. The character acquisition unit that acquires character data, the score acquisition unit that collates the face image and face image data of the certification image data and acquires the score, and the face recognition determination that determines that face authentication is possible when the score is equal to or higher than the threshold value. It is provided with a unit and a face determination result transmission unit that transmits the determination result and the personal identification data included in the character data to the mobile terminal. When the score is near the threshold value, the face recognition determination unit determines that face recognition is possible if the position data received from the mobile terminal is close to the address, and if the authentication result is face recognition, the mobile terminal. Provided an authenticated data transmission unit that transmits personal identification data to the bank server 7.
 また、特許文献5(特開2020-087461号公報)には、セキュリティ性を向上させた本人認証システム、認証器、プログラムおよび本人認証方法が開示されている。 Further, Patent Document 5 (Japanese Unexamined Patent Publication No. 2020-087461) discloses a personal authentication system, an authenticator, a program, and a personal authentication method with improved security.
 特許文献5に記載の本人認証システムでは、ユーザが所持するカメラを備えた携帯端末と、携帯端末に対して通信可能に接続された本人認証サーバと、を備えた本人認証システムにおいて、携帯端末は、ユーザの本人確認の際にカメラを介して取得した、運転免許証を所持した所持者の顔の画像である顔画像を、照合画像として照合画像記憶部に記憶させる画像記憶処理部と、サービス利用時に、カメラを介してサービス利用者の顔画像を取得し、照合画像記憶部に記憶された照合画像と照合する顔画像取得照合部と、顔画像取得照合部による照合結果を、本人認証サーバに送信する照合結果送信部と、を備える。本人認証サーバは、照合結果に基づいて、サービスの利用を許可するサービス利用許可部を備える。 In the personal authentication system described in Patent Document 5, in the personal authentication system including a mobile terminal equipped with a camera possessed by the user and a personal authentication server connected to the mobile terminal so as to be communicable, the mobile terminal is a personal authentication system. , An image storage processing unit that stores a face image, which is an image of the face of the holder holding a driver's license, acquired through a camera when verifying the identity of the user in the collation image storage unit as a collation image, and a service. At the time of use, the face image acquisition collation unit that acquires the face image of the service user via the camera and collates it with the collation image stored in the collation image storage unit, and the collation result by the face image acquisition collation unit are stored in the personal authentication server. It is provided with a collation result transmission unit for transmitting to. The personal authentication server includes a service use permission unit that permits the use of the service based on the collation result.
特開2017-120570号公報Japanese Unexamined Patent Publication No. 2017-12570 特開2018-163677号公報Japanese Unexamined Patent Publication No. 2018-163677 特開2004-259253号公報Japanese Unexamined Patent Publication No. 2004-259253 特開2019-086971号公報Japanese Unexamined Patent Publication No. 2019-086971 特開2020-087461号公報Japanese Unexamined Patent Publication No. 2020-087461
 近年、情報通信技術の発展および、顧客の利便性を追求する事業者のサービス向上により、インターネットを通じた取引が拡大している。例えば、金融機関は、インターネットを通じて、口座開設または資金移動等の様々な金融サービスを展開している。
 一方で、こうしたインターネット取引は、対面取引と比べ匿名性が高く、犯罪者によるサービスの不正利用が増大している。
 そのため、金融機関をはじめとした事業者は、インターネットを通じたサービス提供時に、オンラインでの本人確認および本人認証を行うことにより、自社サービスの濫用を防止に取り組んでいる。
 オンラインでの本人確認では、一般的に、事業者が提供するソフトウェアで撮影した本人容貌データ、および、運転免許証等の本人容貌付き本人確認書類の画像データにより、本人確認書類に記載された本人特定事項(例えば、氏名、生年月日、住所、運転免許証番号など)の確認、ならびに本人容貌データと本人確認書類の画像データとの一致を確認している。しかしながら、犯罪者による本人特定事項(例えば、氏名、生年月日、住所、運転免許証番号など)の偽り、および、他人または架空の人物へのなりすまし、が絶えないのが現状である。なぜならば、本人確認書類の偽造は容易であり、かつ、精巧なものを画像データから見破ることは困難であるからである。
 また、オンラインでの本人認証ではID・パスワードをはじめとした認証手段等により、本人確認済みの顧客本人がサービスにアクセスすることを認可するものであるが、犯罪者によるフィッシング等によりパスワードが詐取され、不正アクセスが拡大している現状がある。 In recent years, transactions via the Internet have expanded due to the development of information and communication technology and the improvement of services of businesses pursuing customer convenience. For example, financial institutions are developing various financial services such as opening an account or transferring funds through the Internet.
On the other hand, such Internet transactions are more anonymous than face-to-face transactions, and the unauthorized use of services by criminals is increasing.
Therefore, businesses such as financial institutions are working to prevent abuse of their services by performing online identity verification and identity verification when providing services via the Internet.
In online identity verification, in general, the identity described in the identity verification document is based on the identity verification data taken by the software provided by the business operator and the image data of the identity verification document with the identity such as a driver's license. We confirm specific matters (for example, name, date of birth, address, driver's license number, etc.), and confirm that the identity verification data matches the image data of the identity verification document. However, the current situation is that criminals are constantly misrepresenting their identity (for example, name, date of birth, address, driver's license number, etc.) and impersonating another person or a fictitious person. This is because the forgery of the identity verification document is easy, and it is difficult to detect the elaborate one from the image data.
In addition, in online identity verification, the customer whose identity has been confirmed is authorized to access the service by means of authentication such as ID and password, but the password is stolen by phishing by a criminal. , The current situation is that unauthorized access is expanding.
 特許文献1に記載の不正な申込を防止する方法では、真偽判定部で運転免許証の画像データ等に記載された文字・記号等が所定のルールに適合するかを調べ、申し込みデータの真偽を判定する。また、履歴情報記憶部では携帯端末装置の端末IDを履歴情報テーブルに記録された端末IDと比較し、過去において、その端末IDが偽造と判定されたものであるかどうかを判定する。特許文献1の方法の場合、偽造された運転免許証であっても、運転免許証の画像データ等に記載された文字・記号等が所定のルールに適合していれば不正な申込ではないと判断される恐れがある。 In the method of preventing an unauthorized application described in Patent Document 1, the authenticity determination unit checks whether the characters, symbols, etc. described in the image data of the driver's license conform to the predetermined rules, and the truth of the application data is obtained. Judge false. Further, the history information storage unit compares the terminal ID of the mobile terminal device with the terminal ID recorded in the history information table, and determines whether or not the terminal ID has been determined to be forged in the past. In the case of the method of Patent Document 1, even if the driver's license is forged, if the characters, symbols, etc. described in the image data of the driver's license conform to the predetermined rules, it is not an illegal application. There is a risk of being judged.
 特許文献2に記載の不正アクセス検出方法では、OS,ブラウザ、言語、IPアドレス、時間、ページ遷移等の動作の情報をチェックし、同じユーザであるにもかかわらず、動作の情報が異なる場合には、悪意のある第三者の不正なアクセスの可能性が高いと判断することで不正なアクセスを防止しているが、悪意のある第三者の不正なアクセスの可能性が高いと判断するためには、事前に例えば20回以上の正常なアクセスデータが必要であり、この不正アクセス検出方法を単独で用いることはリスクが高いと考えられる。 In the unauthorized access detection method described in Patent Document 2, operation information such as OS, browser, language, IP address, time, and page transition is checked, and when the operation information is different even though the user is the same user. Prevents unauthorized access by determining that there is a high possibility of unauthorized access by a malicious third party, but determines that there is a high possibility of unauthorized access by a malicious third party. For this purpose, for example, normal access data of 20 times or more is required in advance, and it is considered that there is a high risk of using this unauthorized access detection method alone.
 特許文献3に記載の本人認証装置では、撮像部により撮像された利用者の顔画像を、予め保持されている特定の人物の顔画像と比較し、利用者の顔画像が特定の人物の顔画像と類似しているときには、撮像部によって撮像された利用者の顔画像と、本人画像取得部によって取得された本人の顔画像とが同一の人物の画像であるか否かをより厳しく判断するものである。
 しかし、この場合、本人画像取得部によって取得された本人の顔画像がもともと本人のものでない場合、すなわち最初の登録時に氏名、生年月日等を偽って登録した場合には、本人でないのに本人であると認証される可能性がある。 In the personal authentication device described in Patent Document 3, the face image of the user captured by the imaging unit is compared with the face image of a specific person held in advance, and the face image of the user is the face of the specific person. When it is similar to the image, it is more strictly determined whether or not the user's face image captured by the imaging unit and the person's face image acquired by the person's image acquisition unit are the same person's image. It is a thing.
However, in this case, if the face image of the person acquired by the person image acquisition department is not originally the person's, that is, if the name, date of birth, etc. are falsely registered at the time of the first registration, the person is not the person. May be authenticated.
 特許文献4、および特許文献5に記載の本人確認システムでは、免許証の証明画像データとユーザの顔画像データとを照合することで本人確認としており、免許証が偽造された場合には、誤って本人であると認証される可能性がある。 In the identity verification system described in Patent Document 4 and Patent Document 5, the identity verification is performed by collating the proof image data of the driver's license with the face image data of the user, and if the license is forged, an error is made. There is a possibility that you will be authenticated.
 本発明の主な目的は、オンラインでの本人確認および本人認証の不正申請検知装置、不正申請検知方法、および不正申請検知プログラムを提供することにある。
 オンラインでの本人確認申請では、本人容貌データ、本人特定事項(例えば、氏名、生年月日、住所、運転免許証番号など)、利用者の端末識別子の組み合わせは一意に定まるはずである。この特徴を利用し、犯罪者の本人特定事項の偽り、および、他人または架空の人物へのなりすましを検知する。すなわち、同一の本人容貌データに対して、複数の本人特定事項の申し込みがあった場合、同一の本人特定事項に対して、複数の本人容貌データの申し込みがあった場合、および同一の端末識別子から複数の本人容貌データ・本人特定事項の申し込みがあった場合に、第1不正判定として検知する。
 さらに、本人確認申請時の本人特定事項、住所、電話番号、アクセス元のIPアドレスについて、商用データベース(ブラックリスト)を活用し、該当した場合は、第1不正判定として検知してもよい。
 また、第1不正判定がされた本人容貌データ、本人特定事項、端末識別子をグレーリストデータベースに登録し、オンラインでの本人確認および本人認証時に、これを参照することにより、同一の犯罪者によるさらなる不正利用を防止する。すなわち、グレーリストデータベースに登録された本人容貌データ、本人特定事項、端末識別子いずれかのデータによる申請やアクセスが行われた場合に第2不正判定として検知する。
 本発明の他の目的は、犯罪者がサービスを提供する複数の事業者に、同じ本人容貌データと複数の異なる本人特定事項とで、または、複数の異なる本人容貌データと同じ本人特定事項とで、または、同じ端末識別子と複数の異なる本人特定事項・本人容貌データとで本人確認を申請した場合にも、確実に不正申請を検知できる不正申請検知装置、不正申請検知方法、および不正申請検知プログラムを提供することにある。
 不正申請検知装置が単一の事業者でクローズしている場合には、例えば、同一の本人容貌データと複数の異なる本人特定事項で、それぞれ別の事業者に本人確認、本人認証を申請しても不正を検知できない。本発明は、このような場合にも確実に不正を検知できる不正申請検知装置、不正申請検知方法、および不正申請検知プログラムを提供する。 A main object of the present invention is to provide an online identity verification and authentication fraudulent application detection device, a fraudulent application detection method, and a fraudulent application detection program.
In an online identity verification application, the combination of personal appearance data, personal identification items (for example, name, date of birth, address, driver's license number, etc.) and user's terminal identifier should be uniquely determined. Utilizing this feature, it detects the deception of a criminal's identity and the impersonation of another person or a fictitious person. That is, when multiple personal appearance data are applied for the same personal appearance data, when multiple personal appearance data are applied for the same personal identification matter, and from the same terminal identifier. When there are multiple applications for personal appearance data and personal identification items, it is detected as the first fraud judgment.
Further, the commercial database (black list) may be utilized for the personal identification items, the address, the telephone number, and the IP address of the access source at the time of the personal verification application, and if applicable, it may be detected as the first fraud determination.
In addition, by registering the personal appearance data, personal identification items, and terminal identifiers that have been first fraudulently determined in the gray list database and referencing them during online identity verification and personal authentication, further by the same criminal. Prevent unauthorized use. That is, when an application or access is made by any of the personal appearance data, the personal identification item, and the terminal identifier registered in the gray list database, it is detected as the second fraud determination.
Another object of the present invention is to provide a plurality of businesses to which a criminal provides a service with the same personal appearance data and a plurality of different personal identification matters, or with a plurality of different personal appearance data and the same personal identification matter. Or, a fraudulent application detection device, fraudulent application detection method, and fraudulent application detection program that can reliably detect fraudulent applications even when applying for identity verification with the same terminal identifier and multiple different personal identification items / personal appearance data. Is to provide.
If the fraudulent application detection device is closed by a single business operator, for example, apply for identity verification and personal authentication to different business operators with the same personal appearance data and multiple different personal identification items. Cannot detect fraud. The present invention provides a fraudulent application detection device, a fraudulent application detection method, and a fraudulent application detection program that can reliably detect fraud even in such a case.
 (1)
 一局面に従う本人確認、本人認証の不正申請検知装置は、申請者の本人容貌データと、申請者の本人特定事項データと、申請者の申請端末の端末識別子データとのうちの、少なくともいずれかを受信する申請データ受信部と、申請データ受信部で受信した、本人容貌データと本人特定事項データと端末識別子データとを蓄積する申請者データベースと、申請者の本人容貌データを申請者データベースに蓄積された従前の申請者の本人容貌データと比較する申請データ比較部と、申請データ比較部で申請者の本人容貌データと類似する従前の申請者の本人容貌データが発見された場合において、申請者の本人特定事項データと従前の申請者の本人特定事項データとが一致していない場合には、第1不正申請判定を行う不正申請判定部と、を含む。
 なお、申請者の本人特定事項データとは、例えば申請者の氏名、生年月日、住所、運転免許証番号など、その他任意の情報である。 (1)
The fraudulent application detection device for identity verification and identity verification that follows one aspect can use at least one of the applicant's identity data, the applicant's identity identification data, and the terminal identifier data of the applicant's application terminal. The application data receiving unit to be received, the applicant database that stores the personal appearance data, the personal identification matter data, and the terminal identifier data received by the application data receiving unit, and the personal appearance data of the applicant are stored in the applicant database. When the application data comparison department that compares the personal appearance data of the previous applicant and the application data comparison department finds the personal appearance data of the previous applicant that is similar to the personal appearance data of the applicant, the applicant If the personal identification matter data and the personal identification matter data of the previous applicant do not match, the fraudulent application determination unit that makes the first fraudulent application determination is included.
The personal identification matter data of the applicant is, for example, the applicant's name, date of birth, address, driver's license number, and other arbitrary information.
 本人特定事項が同一の別人が存在する確率は非常に低く、したがって、本人容貌が類似していて本人特定事項が異なる申請者が発見された場合は、申請者または従前の申請者のうちの少なくともどちらかが不正申請をしている可能性が高いと考え、第1不正申請判定を行う。 It is very unlikely that there will be another person with the same personal identification, so if an applicant with similar personal appearance and different personal identification is found, at least one of the applicants or previous applicants. Considering that there is a high possibility that one of them has made a fraudulent application, the first fraudulent application judgment is made.
 (2)
 第2の発明にかかる本人確認、本人認証の不正申請検知装置は、一局面に従う本人確認、本人認証の不正申請検知装置において、申請データ比較部は、さらに、申請者の本人特定事項データを申請者データベースに蓄積された従前の申請者の本人特定事項データと比較し、不正申請判定部は、申請データ比較部で申請者の本人特定事項データと一致する従前の申請者の本人特定事項データが発見された場合において、申請者の本人容貌データと従前の申請者の本人容貌データとが類似していない場合には、第1不正申請判定を行ってもよい。 (2)
The identity verification and identity verification fraud application detection device according to the second invention is the identity verification according to one aspect, and the application data comparison unit further applies for the applicant's identity identification matter data in the identity verification fraud application detection device. Compared with the previous applicant's personal identification matter data accumulated in the person database, the fraudulent application judgment department has the previous applicant's personal identification matter data that matches the applicant's personal identification matter data in the application data comparison department. In the case of discovery, if the personal appearance data of the applicant and the personal appearance data of the previous applicant are not similar, the first fraudulent application determination may be performed.
 本人特定事項が一致していて本人容貌が類似していない場合、同一人物が別の本人特定事項の人物に成りすましている可能性が高いと考えられるので、第1不正申請判定をおこなう。 If the personal identification items match and the personal appearances are not similar, it is highly likely that the same person is impersonating another person with different personal identification items, so the first fraudulent application judgment is made.
 (3)
 第3の発明にかかる本人確認、本人認証の不正申請検知装置は、一局面または第2の発明にかかる本人確認、本人認証の不正申請検知装置において、申請データ比較部は、さらに、申請者の端末識別子データを申請者データベースに蓄積された従前の申請者の端末識別子データと比較し、不正申請判定部は、申請データ比較部で申請者の端末識別子データと一致する従前の申請者の端末識別子データが発見された場合において、申請者の本人容貌データと従前の申請者の本人容貌データとが類似していない場合、または、申請者の本人特定事項データと従前の申請者の本人特定事項データとが一致していない場合には、第1不正申請判定を行ってもよい。 (3)
The identity verification and identity verification fraud application detection device according to the third invention is the identity verification and identity verification fraud application detection device according to one aspect or the second invention. The terminal identifier data is compared with the terminal identifier data of the previous applicant stored in the applicant database, and the fraudulent application judgment unit is the terminal identifier of the previous applicant that matches the terminal identifier data of the applicant in the application data comparison unit. When the data is found, the applicant's personal appearance data and the previous applicant's personal appearance data are not similar, or the applicant's personal identification matter data and the previous applicant's personal identification matter data If they do not match, the first fraudulent application determination may be made.
 端末識別子としては、例えば、「オペレーティング・システム(OS)の種類およびバージョン、ブラウザ(BROWSER)の種類およびバージョン、および端末機種などの端末情報の組み合わせ」、または、「端末にインストールしたソフトウェアに対して発行するUUID(UNIVERSALLY UNIQUE IDENTIFIER)」等などが利用できる。 The terminal identifier may be, for example, "a combination of terminal information such as an operating system (OS) type and version, a browser (BROWSER) type and version, and a terminal model", or "for software installed on the terminal". The issued UUID (UNIVERSALLY UNIQUE IDENTIFIER) "etc. can be used.
 (4)
 第4の発明にかかる本人確認、本人認証の不正申請検知装置は、一局面から第3の発明にかかる本人確認、本人認証の不正申請検知装置において、不正申請判定部で第1不正申請判定された申請者の本人容貌データと本人特定事項データと端末識別子データとを記録するグレーリストデータベースを含んでもよい。 (4)
The fraudulent application detection device for identity verification and personal authentication according to the fourth invention is the fraudulent application detection device for identity verification and personal authentication according to the third invention from one aspect, and the fraudulent application determination unit determines the first fraudulent application. It may include a gray list database that records the applicant's personal appearance data, personal identification matter data, and terminal identifier data.
 以前の本人申請において、不正な申請を行った申請者はその後の本人申請でも不正な申請を行う可能性がある。したがって、第1不正申請判定または第2不正申請判定とされた申請者の本人容貌と本人特定事項と端末識別子とを記録するグレーリストデータベースを作成し、これを利用することで、不正申請検知の網羅性を高めることができる。 The applicant who made a fraudulent application in the previous personal application may also make a fraudulent application in the subsequent personal application. Therefore, by creating a gray list database that records the personal appearance of the applicant who was judged as the first fraudulent application judgment or the second fraudulent application judgment, the personal identification matter, and the terminal identifier, and using this, fraudulent application detection can be performed. Comprehensiveness can be improved.
 (5)
 第5の発明にかかる本人確認、本人認証の不正申請検知装置は、第4の発明にかかる本人確認、本人認証の不正申請検知装置において、グレーリストデータベースは、申請者に関する任意のデータの登録を可能としてもよい。例えば、申請者にサービスを提供する事業者、あるいはシステム提供事業者が、自動または手動で、データを登録することができるようにしてもよい。 (5)
In the identity verification and identity verification fraud application detection device according to the fifth invention, the identity verification and identity verification fraud application detection device according to the fourth invention, the gray list database registers arbitrary data related to the applicant. It may be possible. For example, the business operator that provides the service to the applicant or the system provider may be able to automatically or manually register the data.
 この場合、申請者にサービスを提供する事業者、あるいはシステム提供事業者等の判断により、必要なデータをグレーリストデータベースに登録することができる。 In this case, the necessary data can be registered in the gray list database at the discretion of the business operator that provides the service to the applicant, the system provider, or the like.
 (6)
 第6の発明にかかる本人確認、本人認証の不正申請検知装置は、第4または第5の発明にかかる本人確認、本人認証の不正申請検知装置において、さらに、申請者の本人容貌データをグレーリストデータベースに蓄積された従前の申請者の本人容貌データと比較し、不正申請判定部は、申請データ比較部で申請者の本人容貌データと類似する従前の申請者の本人容貌データが発見された場合において、第2不正申請判定を行ってもよい。 (6)
The identity verification and identity authentication fraud application detection device according to the sixth invention is the identity verification and identity authentication fraud application detection device according to the fourth or fifth invention, and further, the applicant's personal appearance data is graylisted. Compared with the personal appearance data of the previous applicant accumulated in the database, the fraudulent application judgment department finds the personal appearance data of the previous applicant similar to the personal appearance data of the applicant in the application data comparison department. In, the second fraudulent application determination may be made.
 この場合、申請者と本人容貌データが類似する従前の申請者がグレーリストデータベースの中にいるかどうかを検索することで、不正申請検知の網羅性を高めることができる。 In this case, it is possible to improve the comprehensiveness of fraudulent application detection by searching whether or not a previous applicant whose personal appearance data is similar to that of the applicant is in the gray list database.
 (7)
 第7の発明にかかる本人確認、本人認証の不正申請検知装置は、第4から第6の発明にかかる本人確認、本人認証の不正申請検知装置において、申請データ比較部は、さらに、申請者の本人特定事項データをグレーリストデータベースに蓄積された従前の申請者の本人特定事項データと比較し、不正申請判定部は、申請データ比較部で申請者の本人特定事項データと同一の従前の申請者の本人特定事項データが発見された場合において、第2不正申請判定を行ってもよい。 (7)
The fraudulent application detection device for identity verification and identity verification according to the seventh invention is the identity verification and fraudulent application detection device for identity verification according to the fourth to sixth inventions. The personal identification matter data is compared with the personal identification matter data of the previous applicant stored in the gray list database, and the fraudulent application judgment department is the same as the personal identification matter data of the applicant in the application data comparison department. When the personal identification matter data of the above is found, the second fraudulent application determination may be made.
 この場合、申請者と本人特定事項が一致する従前の申請者がグレーリストデータベースの中にいるかどうかを検索することで、不正申請検知の網羅性を高めることができる。 In this case, it is possible to improve the comprehensiveness of fraudulent application detection by searching whether the previous applicant whose personal identification item matches the applicant is in the gray list database.
 (8)
 第8の発明にかかる本人確認、本人認証の不正申請検知装置は、第4から第7の発明にかかる本人確認、本人認証の不正申請検知装置において、申請データ比較部は、さらに、申請者の端末識別子データをグレーリストデータベースに蓄積された従前の申請者の端末識別子データと比較し、不正申請判定部は、申請データ比較部で申請者の端末識別子データと一致する従前の申請者の端末識別子データが発見された場合において、第2不正申請判定を行ってもよい。 (8)
The identity verification and identity authentication fraud application detection device according to the eighth invention is the identity verification and identity authentication fraud application detection device according to the fourth to seventh inventions. The terminal identifier data is compared with the terminal identifier data of the previous applicant stored in the gray list database, and the fraudulent application judgment unit is the terminal identifier of the previous applicant that matches the terminal identifier data of the applicant in the application data comparison unit. When the data is found, the second fraudulent application determination may be made.
 この場合、申請者と端末識別子データが一致する従前の申請者がグレーリストデータベースの中にいるかどうかを検索することで、不正申請検知の網羅性を高めることができる。 In this case, it is possible to improve the comprehensiveness of fraudulent application detection by searching whether the previous applicant whose terminal identifier data matches the applicant is in the gray list database.
 (9)
 第9の発明にかかる本人確認、本人認証の不正申請検知装置は、一局面から第8の発明にかかる本人確認、本人認証の不正申請検知装置において、申請者データベースおよびグレーリストデータベースは、申請者にサービスを提供する複数の事業者を横断して構築されてもよい。 (9)
The identity verification and identity verification fraud application detection device according to the ninth invention is the identity verification and identity verification fraud application detection device according to the eighth invention from one aspect, and the applicant database and the gray list database are the applicants. It may be built across multiple operators that provide services to.
 不正な本人確認の申請を行う申請者は、複数の銀行など、サービスを提供する複数の事業者に、同じ本人容貌データと複数の異なる本人特定事項とで、または複数の異なる本人容貌と同じ本人特定事項とで、または同じ端末と複数の異なる本人特定事項・本人容貌とで、口座開設などの申込をすることが多い。
 第4の発明にかかる本人確認、本人認証の不正申請検知装置では、複数の事業者間で、同じ本人容貌データと複数の異なる本人特定事項とで、または複数の異なる本人容貌と同じ本人特定事項とで、または同じ端末と複数の異なる本人特定事項・本人容貌とで口座開設などの申込をした場合にも、不正な申込であると判定することができる。
 また、ある事業者でグレーリストデータベースに記録された場合には、他の事業者へ本人確認、本人認証などの申込をした場合にも、不正な申込であると検知することができる。 An applicant who applies for fraudulent identity verification may contact multiple businesses that provide services, such as multiple banks, with the same personal appearance data and multiple different personal identification items, or with multiple different personal appearances. In many cases, applications such as opening an account are made with specific matters, or with the same terminal and multiple different personal identification matters / personal appearances.
In the fraudulent application detection device for identity verification and personal authentication according to the fourth invention, the same personal appearance data and a plurality of different personal identification matters are used among a plurality of businesses, or a plurality of different personal appearances and the same personal identification matters. Even if an application for opening an account or the like is made with the same terminal and a plurality of different personal identification matters / personal appearances, it can be determined that the application is fraudulent.
Further, when a certain business operator records the data in the gray list database, it can be detected as an illegal application even when an application for identity verification, identity verification, etc. is made to another business operator.
 (10)
 第10の発明にかかる本人確認、本人認証の不正申請検知装置は、一局面から第9の発明にかかる本人確認、本人認証の不正申請検知装置において、申請データ受信部は、さらに、申請者の申請時のアクセス元IPアドレスを受信し、不正申請判定部は、IPアドレスに不審な点がある場合に、第1不正申請判定を行ってもよい。
 IPアドレスに不審な点がある場合とは、例えば、IPアドレスの国コードが日本でない場合、あるいは、匿名ネットワークを使用していると思われる場合などである。 (10)
The identity verification and identity verification fraud application detection device according to the tenth invention is the identity verification and identity verification fraud application detection device according to the ninth invention from one aspect. Upon receiving the access source IP address at the time of application, the fraudulent application determination unit may make the first fraudulent application determination when there is a suspicious point in the IP address.
The case where there is a suspicious point in the IP address is, for example, the case where the country code of the IP address is not Japan, or the case where it seems that an anonymous network is used.
 不正な本人申請を行う申請者は、国外のネットワークを経由して申請している場合、または、匿名ネットワークを経由して申請している場合がある。
 第5の発明にかかる本人確認、本人認証の不正申請検知装置では、このような場合に不正な申込であると検知することができる。 Applicants who make fraudulent personal applications may apply via a foreign network or via an anonymous network.
The fraudulent application detection device for identity verification and personal authentication according to the fifth invention can detect a fraudulent application in such a case.
 (11)
 第11の発明にかかる本人確認、本人認証の不正申請検知装置は、一局面から第10の発明にかかる本人確認、本人認証の不正申請検知装置において、申請データ受信部は、さらに、申請者の住所を受信し、不正申請判定部は、申請者の住所が実在していない住所である場合、または、不審な住所である場合に第1不正申請判定を行ってもよい。 (11)
The identity verification and identity verification fraud application detection device according to the eleventh invention is the identity verification and identity verification fraud application detection device according to the tenth invention from one aspect. Upon receiving the address, the fraudulent application determination unit may make the first fraudulent application determination when the applicant's address is a non-existent address or a suspicious address.
 不正な口座開設または利用者登録の申し込みでは、申込者の住所として架空の住所を記載している場合がある。
 第11の発明にかかる本人確認、本人認証の不正申請検知装置では、申込書に記載された住所が実在する住所でない場合、または空き家である等の場合には、不正な申込であると検知することができる。不正な申込であるかどうかを検知するにあたっては、例えば、申請者の住所を商用データベース等、任意のデータまたは情報と照合してもよい。 In the case of fraudulent account opening or user registration application, a fictitious address may be listed as the applicant's address.
The fraudulent application detection device for identity verification and personal authentication according to the eleventh invention detects that the application is fraudulent if the address described in the application form is not an existing address or if the house is vacant. be able to. In detecting whether the application is fraudulent, for example, the address of the applicant may be collated with arbitrary data or information such as a commercial database.
 (12)
 第12の発明にかかる本人確認、本人認証の不正申請検知装置は、一局面から第11の発明にかかる本人確認、本人認証の不正申請検知装置において、申請データ受信部は、さらに、申請者の電話番号を受信し、不正申請判定部は、申請者の電話番号が存在していない、または不審な電話番号である場合に第1不正申請判定を行ってもよい。 (12)
The fraudulent application detection device for identity verification and identity verification according to the twelfth invention is the identity verification and fraudulent application detection device for identity verification according to the eleventh invention from one aspect. Upon receiving the telephone number, the fraudulent application determination unit may make the first fraudulent application determination when the applicant's telephone number does not exist or is a suspicious telephone number.
 不正な口座開設または利用者登録の申し込みでは、申込者の電話番号として架空の電話番号や利用料金の支払いが滞っている電話番号を記載している場合がある。
 第12の発明にかかる本人確認、本人認証の不正申請検知装置では、申込書に記載された電話番号が実在する電話番号でない場合、または利用料金の支払いが滞っている電話番号等である場合には、不正な申込であると検知することができる。不正な申込であるかどうかを検知するにあたっては、例えば、申請者の電話番号を商用データベース等、任意のデータまたは情報と照合してもよい。 In the case of fraudulent account opening or user registration application, a fictitious telephone number or a telephone number for which payment of usage fees has been delayed may be listed as the applicant's telephone number.
In the fraudulent application detection device for identity verification and personal authentication according to the twelfth invention, when the telephone number described in the application form is not an actual telephone number, or when the payment of the usage fee is delayed, etc. Can detect that the application is fraudulent. In detecting whether or not the application is fraudulent, the applicant's telephone number may be collated with arbitrary data or information such as a commercial database.
 (13)
 第13の発明にかかる本人確認、本人認証の不正申請検知装置は、一局面から第12の発明にかかる本人確認、本人認証の不正申請検知装置において、不正申請判定部は、申請者の本人特定事項データが要注意人物に該当する場合に第1不正申請判定を行ってもよい。 (13)
The fraudulent application detection device for identity verification and personal authentication according to the thirteenth invention is the identity verification and fraudulent application detection device for personal authentication according to the twelfth invention from one aspect. The first fraudulent application determination may be made when the matter data corresponds to a person requiring attention.
 この場合、要注意人物に対して、第1不正申請判定を行うことができる。 In this case, the first fraudulent application determination can be made for the person requiring attention.
 (14)
 他の局面に従う本人確認、本人認証の不正申請検知方法は、申請者の本人容貌データと、申請者の本人特定事項データと、申請者の申請端末の端末識別子データとのうちの少なくともいずれか、を受信する申請データ受信ステップと、
 申請データ受信ステップで受信した、本人容貌データと本人特定事項データと端末識別子データとを申請者データベースに蓄積する申請データ蓄積ステップと、
 申請者の本人容貌データを申請者データベースに蓄積された従前の申請者の本人容貌データと比較するとともに、申請者の本人特定事項データを申請者データベースに蓄積された従前の申請者の本人特定事項データと比較する申請データ比較ステップと、
 申請データ比較ステップで、申請者の本人容貌データと類似する従前の申請者の本人容貌データが発見された場合において、申請者の本人特定事項データと従前の申請者の本人特定事項データとが一致していない場合、または、
 申請データ比較ステップで、申請者の本人特定事項データと一致する従前の申請者の本人特定事項データが発見された場合において、申請者の本人容貌データと従前の申請者の本人容貌データとが類似していない場合には、第1不正申請判定を行う、不正申請判定ステップと、を含む。 (14)
The method for detecting identity verification and fraudulent application for identity verification according to other aspects is at least one of the applicant's identity data, the applicant's identity identification data, and the terminal identifier data of the applicant's application terminal. And the application data receiving step to receive
The application data storage step for storing the personal appearance data, personal identification data, and terminal identifier data received in the application data reception step in the applicant database,
The applicant's personal appearance data is compared with the previous applicant's personal appearance data stored in the applicant database, and the applicant's personal identification data is stored in the applicant database. Application data comparison step to compare with data,
When the applicant's personal appearance data similar to the applicant's personal appearance data is found in the application data comparison step, the applicant's personal identification data and the previous applicant's personal identification data are one. If you haven't done so, or
When the previous applicant's personal identification data that matches the applicant's personal identification data is found in the application data comparison step, the applicant's personal appearance data and the previous applicant's personal appearance data are similar. If not, the fraudulent application determination step of performing the first fraudulent application determination is included.
 他の局面に従う本人確認、本人認証の不正申請検知方法は、一局面および第2の発明にかかる本人確認、本人認証の不正申請検知装置に対応する、不正申請検知方法の発明である。 The method for detecting fraudulent applications for identity verification and personal authentication according to other aspects is an invention of a fraudulent application detection method corresponding to the fraudulent application detection device for identity verification and personal authentication according to the first aspect and the second invention.
 (15)
 さらに他の局面に従う本人確認、本人認証の不正申請検知プログラムは、申請者の本人容貌データと、申請者の本人特定事項データと、申請者の申請端末の端末識別子データとのうちの少なくともいずれか、を受信する申請データ受信処理と、
 申請データ受信処理で受信した、本人容貌データと本人特定事項データと端末識別子データとを申請者データベースに蓄積する申請データ蓄積処理と、
 申請者の本人容貌データを申請者データベースに蓄積された従前の申請者の本人容貌データと比較するとともに、申請者の本人特定事項データを申請者データベースに蓄積された従前の申請者の本人特定事項データと比較する申請データ比較処理と、
 申請データ比較処理で、申請者の本人容貌データと類似する従前の申請者の本人容貌データが発見された場合において、申請者の本人特定事項データと従前の申請者の本人特定事項データとが一致していない場合、または、
 申請データ比較処理で、申請者の本人特定事項データと一致する従前の申請者の本人特定事項データが発見された場合において、申請者の本人容貌データと従前の申請者の本人容貌データとが類似していない場合には、第1不正申請判定を行う、不正申請判定処理と、を含む。 (15)
The fraudulent application detection program for identity verification and identity verification that follows other aspects is at least one of the applicant's identity data, the applicant's identity identification data, and the terminal identifier data of the applicant's application terminal. , The application data reception process to receive, and
The application data storage process that stores the personal appearance data, personal identification data, and terminal identifier data received in the application data reception process in the applicant database,
The applicant's personal appearance data is compared with the previous applicant's personal appearance data stored in the applicant database, and the applicant's personal identification data is stored in the applicant database. Application data comparison processing to compare with data and
When the applicant's personal appearance data similar to the applicant's personal appearance data is found in the application data comparison process, the applicant's personal identification data and the previous applicant's personal identification data are one. If you haven't done so, or
When the applicant's personal identification data that matches the applicant's personal identification data is found in the application data comparison process, the applicant's personal appearance data and the previous applicant's personal appearance data are similar. If not, the fraudulent application determination process for performing the first fraudulent application determination is included.
 さらに他の局面に従う本人確認、本人認証の不正申請検知プログラムは、一局面および第2の発明にかかる本人確認、本人認証の不正申請検知装置に対応する、不正申請検知プログラムの発明である。 The identity verification and fraudulent application detection program according to the other aspects is the invention of the fraudulent application detection program corresponding to the identity verification and the fraudulent application detection device for the identity verification according to the first aspect and the second invention.
実施の形態における、不正申請検知装置を含む、本人確認または本人認証シ  ステムの模式的概念図である。It is a schematic conceptual diagram of the identity verification or the identity authentication system including the fraudulent application detection device in the embodiment. 不正申請検知装置の構成を示す模式図である。It is a schematic diagram which shows the structure of the fraudulent application detection device. 申請者データベースの一例を示す表である。It is a table showing an example of the applicant database. グレーリストデータベースの一例を示す表である。It is a table which shows an example of a gray list database. 本人容貌、本人特定事項、および申請端末識別子による不正申請判定の一例  を示す模式的フローチャートである。It is a schematic flowchart which shows an example of fraudulent application judgment by a person's appearance, a person's identification matter, and an application terminal identifier. グレーリストデータベースとの対比による不正申請判定の一例を示す模式的  フローチャートである。It is a schematic flowchart showing an example of fraudulent application judgment by comparison with the gray list database. アクセス元IPアドレス、住所、電話番号、および要注意人物対比による不  正申請判定の一例を示す模式的フローチャートである。It is a schematic flow chart showing an example of an incorrect application judgment based on the access source IP address, address, telephone number, and comparison of persons requiring attention.
 以下、図面を参照しつつ、本発明の実施の形態について説明する。以下の説明では、同一の部品には同一の符号を付してある。それらの名称および機能も同じである。したがって、それらについての詳細な説明は繰り返さない。 Hereinafter, embodiments of the present invention will be described with reference to the drawings. In the following description, the same parts are designated by the same reference numerals. Their names and functions are the same. Therefore, the detailed description of them will not be repeated.
[実施の形態]
 (不正申請検知装置30を含む本人確認または本人認証システム60の全体構成)
 図1は本実施の形態にかかる不正申請検知装置30を含む本人確認または本人認証システム60の模式的全体構成図であり、図2は不正申請検知装置30の構成の一例を示す模式図である。 [Embodiment]
(Overall configuration of identity verification or identity authentication system 60 including fraudulent application detection device 30)
FIG. 1 is a schematic overall configuration diagram of an identity verification or identity authentication system 60 including a fraudulent application detection device 30 according to the present embodiment, and FIG. 2 is a schematic diagram showing an example of the configuration of the fraudulent application detection device 30. ..
 図1に示すように、本人確認または本人認証システム60は申請者端末10、受付端末20、不正申請検知装置30、事業者端末50で構成されている。なお、不正申請検知装置30には申請者データベース40およびグレーリストデータベース45が含まれているが、この申請者データベース40およびグレーリストデータベース45は、他の本人確認または本人認証システム60に含まれる不正申請検知装置30と共通のデータベースとなっている。
 申請者端末10から、本人容貌、本人特定事項、住所、電話番号などの申請者申し込みデータ70が受付端末20に送信される。また、受付端末20は、申請者端末10のOSの種類およびバージョン、ブラウザの種類およびバージョン、端末機種名などの組み合わせによる端末識別子、申請者端末10のIPアドレスを入手する。
 受付端末20が受信した本人容貌、本人特定事項、住所、電話番号などの申請者申し込みデータ70は事業者端末50に送信される。
 また、受付端末20が受信した本人容貌、本人特定事項、住所、電話番号などの申請者申し込みデータ70と申請者端末10の端末識別子、IPアドレスとを含めた申請データ80は不正申請検知装置30にも送信される。
 不正申請検知装置30は受信した申請データ80を申請者データベース40に蓄積するとともに、自らの不正申請検知装置30および他の不正申請検知装置30によって申請者データベース40に蓄積された申請データ80を用いて不正申請の有無を判定し、不正申請判定結果100を事業者端末50に送信する。 As shown in FIG. 1, the identity verification or identity authentication system 60 includes an applicant terminal 10, a reception terminal 20, a fraudulent application detection device 30, and a business operator terminal 50. The fraudulent application detection device 30 includes an applicant database 40 and a gray list database 45, and the applicant database 40 and the gray list database 45 are fraudulently included in another identity verification or identity authentication system 60. It is a common database with the application detection device 30.
The applicant terminal 10 transmits the applicant application data 70 such as the person's appearance, personal identification matters, address, and telephone number to the reception terminal 20. Further, the reception terminal 20 obtains a terminal identifier based on a combination of the OS type and version of the applicant terminal 10, the browser type and version, the terminal model name, and the like, and the IP address of the applicant terminal 10.
The applicant application data 70 such as the personal appearance, personal identification matters, address, and telephone number received by the reception terminal 20 is transmitted to the business terminal 50.
Further, the application data 80 including the applicant application data 70 such as the personal appearance, personal identification matters, address, and telephone number received by the reception terminal 20 and the terminal identifier and IP address of the applicant terminal 10 is the fraudulent application detection device 30. Will also be sent.
The fraudulent application detection device 30 stores the received application data 80 in the applicant database 40, and also uses the application data 80 stored in the applicant database 40 by its own fraudulent application detection device 30 and another fraudulent application detection device 30. The presence or absence of fraudulent application is determined, and the fraudulent application determination result 100 is transmitted to the business terminal 50.
 図2に示すように、不正申請検知装置30は申請データ受信部110、申請データ比較部120、不正申請判定部130、申請者データベース40およびグレーリストデータベース45で構成されている。申請者データベース40およびグレーリストデータベース45は、他の本人確認または本人認証システム60に含まれる不正申請検知装置30と共通のデータベースとなっている。
 申請データ受信部110が受信した本人容貌、本人特定事項、住所、電話番号、申請者端末10の端末識別子、IPアドレスなどは申請者データベース40に蓄積されるとともに申請データ比較部120に送られる。
 申請データ比較部120は申請者の本人容貌、本人特定事項、申請者端末10の端末識別子、IPアドレスなどを申請者データベース40に蓄積されたデータと比較し、比較した結果は不正申請判定部130に送られる。
 不正申請判定部130は申請データ比較部120から送られた申請者のデータと申請者データベース40に蓄積されたデータとの比較結果、および、例えば住所実在判定、電話番号実在判定、IPアドレス判定などの商用データベースを用いて、本人確認の申請が不正かどうかを判定する。不正申請判定の詳細については、(不正申請判定フローチャート)で後述する。
 不正申請判定結果100は事業者端末50に送信されるとともに、新規に不正申請と判定された場合には、グレーリストデータベース45に追加される。 As shown in FIG. 2, the fraudulent application detection device 30 includes an application data receiving unit 110, an application data comparison unit 120, a fraudulent application determination unit 130, an applicant database 40, and a gray list database 45. The applicant database 40 and the gray list database 45 are common databases with the fraudulent application detection device 30 included in the other identity verification or identity authentication system 60.
The personal appearance, personal identification matters, address, telephone number, terminal identifier of the applicant terminal 10, IP address, etc. received by the application data receiving unit 110 are stored in the applicant database 40 and sent to the application data comparison unit 120.
The application data comparison unit 120 compares the applicant's personal appearance, personal identification items, terminal identifier of the applicant terminal 10, IP address, etc. with the data stored in the applicant database 40, and the result of the comparison is the fraudulent application determination unit 130. Will be sent to.
The fraudulent application determination unit 130 compares the data of the applicant sent from the application data comparison unit 120 with the data stored in the applicant database 40, and for example, address existence determination, telephone number existence determination, IP address determination, etc. Use our commercial database to determine if your identity verification application is fraudulent. The details of the fraudulent application determination will be described later in (Flowchart for determining fraudulent application).
The fraudulent application determination result 100 is transmitted to the business operator terminal 50, and when a new fraudulent application is determined, it is added to the gray list database 45.
 (申請者データベース40の構成例)
 図3に申請者データベース40の一例を示す。
 申請者データベース40は、本人特定事項データ、本人容貌データ、申請端末識別子、アクセス元IPアドレス、住所などが記載されている。本人特定事項データとは例えば、氏名、生年月日、住所、運転免許証番号などである。 (Configuration example of applicant database 40)
FIG. 3 shows an example of the applicant database 40.
The applicant database 40 contains personal identification matter data, personal appearance data, application terminal identifier, access source IP address, address, and the like. The personal identification matter data is, for example, a name, a date of birth, an address, a driver's license number, and the like.
 (グレーリストデータベース45の構成例)
 図4にグレーリストデータベース45の一例を示す。
 グレーリストデータベース45には、上記申請者データベース40のデータに加えて、不正申請判定結果100が記載されている。なお、不正申請判定結果100の欄には、「本人容貌使いまわし」、「本人特定事項使いまわし」などと具体的に記載することが望ましい。
 また、グレーリストデータベース45には申請者にサービスを提供する事業者による任意のデータの登録を可能にしてもよい。 (Configuration example of gray list database 45)
FIG. 4 shows an example of the gray list database 45.
In the gray list database 45, in addition to the data of the applicant database 40, the fraudulent application determination result 100 is described. In the column of the fraudulent application determination result 100, it is desirable to specifically describe "reuse of personal appearance", "reuse of personal identification matters", and the like.
Further, the gray list database 45 may allow a business operator who provides a service to the applicant to register arbitrary data.
 (不正申請判定のフローチャート)
 図5から図7に、不正申請判定のフローチャートを示す。図5は、本人容貌、本人特定事項、および申請端末識別子による不正申請判定のフローチャートであり、図6はグレーリストデータベース45との対比による不正申請判定のフローチャートであり、図7はアクセス元IPアドレス、住所、電話番号、および要注意人物対比による不正申請判定のフローチャートである。 (Flow chart of fraudulent application judgment)
5 to 7 show a flowchart of fraudulent application determination. FIG. 5 is a flowchart of fraudulent application determination based on the person's appearance, personal identification items, and application terminal identifier, FIG. 6 is a flowchart of fraudulent application determination by comparison with the gray list database 45, and FIG. 7 is an access source IP address. , Address, telephone number, and a flowchart of fraudulent application determination by comparison with persons requiring attention.
 まず、図5の本人容貌、本人特定事項、および申請端末識別子による不正申請判定のフローチャートについて説明する。
(S1)申請データ受信部110が本人容貌、本人特定事項、申請端末識別子、IPアドレス、住所、電話番号などのデータを受信する。
(S2)申請データ受信部110は受信したデータを申請者データベース40に送り、申請者データベース40は受け取ったデータを蓄積する。このとき、申請データ受信部110は受信したデータを申請データ比較部120にも送る。
(S3、S4)申請データ比較部120は、申請データ受信部110から送られた本人容貌を申請者データベース40に蓄積されたデータの本人容貌と比較し、本人容貌の類似した申請者が申請者データベース40の中にいるかどうかを確認する。比較結果は不正申請判定部130に送られる。
(S5-S7)不正申請判定部130は、送られてきた比較結果に基づき、本人容貌の類似した申請者が申請者データベース40の中にいる場合には、申請者の本人特定事項を本人容貌の類似した申請者の本人特定事項と比較する。申請者の本人特定事項と本人容貌の類似した申請者の本人特定事項とが異なる場合には、第1不正申請判定(本人容貌使いまわし)とし、不正申請判定結果100を事業者端末50に送信するとともに、申請者をグレーリストデータベース45に登録する。 First, the flow chart of the person's appearance, the person's identification item, and the fraudulent application determination based on the application terminal identifier will be described with reference to FIG.
(S1) The application data receiving unit 110 receives data such as a person's appearance, a person's identification item, an application terminal identifier, an IP address, an address, and a telephone number.
(S2) The application data receiving unit 110 sends the received data to the applicant database 40, and the applicant database 40 stores the received data. At this time, the application data receiving unit 110 also sends the received data to the application data comparison unit 120.
(S3, S4) The application data comparison unit 120 compares the personal appearance sent from the application data receiving unit 110 with the personal appearance of the data stored in the applicant database 40, and the applicant with a similar personal appearance is the applicant. Check if you are in database 40. The comparison result is sent to the fraudulent application determination unit 130.
(S5-S7) Based on the comparison result sent, if there is an applicant with a similar personal appearance in the applicant database 40, the fraudulent application determination unit 130 identifies the applicant's personal appearance. Compare with similar applicant's identity identification items. If the personal identification matter of the applicant and the personal identification matter of the applicant with similar personal appearance are different, the first fraudulent application judgment (reuse of the personal appearance) is made and the fraudulent application judgment result 100 is transmitted to the business terminal 50. At the same time, the applicant is registered in the gray list database 45.
(S8、S9)申請データ比較部120は、申請データ受信部110から送られた本人特定事項を申請者データベース40に蓄積されたデータの本人特定事項と比較し、本人特定事項が同一の申請者が申請者データベース40の中にいるかどうかを確認する。比較結果は不正申請判定部130に送られる。
(S10-S12)不正申請判定部130は、送られてきた比較結果に基づき、申請者と本人特定事項が同一の申請者が申請者データベース40の中にいる場合には、申請者の本人容貌を本人特定事項が同一の申請者の本人容貌と比較する。申請者の本人容貌と本人特定事項が同一の申請者の本人容貌とが異なる場合には、第1不正申請判定(本人特定事項使いまわし)とし、不正申請判定結果100を事業者端末50に送信するとともに、申請者をグレーリストデータベース45に登録する。 (S8, S9) The application data comparison unit 120 compares the personal identification items sent from the application data receiving unit 110 with the personal identification items of the data stored in the applicant database 40, and the applicant has the same personal identification items. Check if is in the applicant database 40. The comparison result is sent to the fraudulent application determination unit 130.
(S10-S12) Based on the comparison result sent, the fraudulent application determination unit 130 shows the applicant's personal appearance when the applicant and the applicant with the same personal identification items are in the applicant database 40. Is compared with the personal appearance of the applicant who has the same personal identification matters. If the personal appearance of the applicant and the personal appearance of the same applicant are different from each other, the first fraudulent application judgment (reuse of the personal identification matter) is made and the fraudulent application judgment result 100 is transmitted to the business terminal 50. At the same time, the applicant is registered in the gray list database 45.
(S13、S14)申請データ比較部120は、申請データ受信部110から送られた端末識別子を申請者データベース40に蓄積されたデータの端末識別子と比較し、端末識別子が同一の申請者が申請者データベース40の中にいるかどうかを確認する。比較結果は不正申請判定部130に送られる。
(S15-S18)不正申請判定部130は、送られてきた比較結果に基づき、端末識別子が同一の申請者が申請者データベース40の中にいる場合には、申請者の本人容貌を端末識別子が同一の申請者の本人容貌と比較する。申請者の本人容貌が端末識別子が同一の申請者の本人容貌と類似している場合はさらに、申請者の本人特定事項を端末識別子が同一の申請者の本人特定事項と比較する。申請者の本人容貌が端末識別子が同一の申請者の本人容貌と類似していない場合、または、申請者の本人特定事項と端末識別子が同一の申請者の本人特定事項とが異なる場合には、第1不正申請判定(端末識別子使いまわし)とし、不正申請判定結果100を事業者端末50に送信するとともに、申請者をグレーリストデータベース45に登録する。 (S13, S14) The application data comparison unit 120 compares the terminal identifier sent from the application data reception unit 110 with the terminal identifier of the data stored in the applicant database 40, and the applicant with the same terminal identifier is the applicant. Check if you are in database 40. The comparison result is sent to the fraudulent application determination unit 130.
(S15-S18) In the fraudulent application determination unit 130, when an applicant having the same terminal identifier is in the applicant database 40 based on the sent comparison result, the terminal identifier determines the personal appearance of the applicant. Compare with the personal appearance of the same applicant. When the personal appearance of the applicant is similar to the personal appearance of the applicant having the same terminal identifier, the personal identification item of the applicant is further compared with the personal identification matter of the applicant having the same terminal identifier. If the personal appearance of the applicant is not similar to the personal appearance of the same applicant with the same terminal identifier, or if the personal identification items of the applicant and the personal identification items of the same applicant with the same terminal identifier are different, As the first fraudulent application determination (reuse of terminal identifier), the fraudulent application determination result 100 is transmitted to the business terminal 50, and the applicant is registered in the gray list database 45.
 次に、図6のグレーリストデータベース45との対比による不正申請判定のフローチャートについて説明する。
(S19、S20)申請データ比較部120は、申請データ受信部110から送られた本人容貌をグレーリストデータベース45に蓄積されたデータの本人容貌と比較し、本人容貌が類似した申請者がグレーリストデータベース45の中にいるかどうかを確認する。比較結果は不正申請判定部130に送られる。
(S21、S22)申請データ比較部120は、申請データ受信部110から送られた本人特定事項をグレーリストデータベース45に蓄積されたデータの本人特定事項と比較し、本人特定事項が同一の申請者がグレーリストデータベース45の中にいるかどうかを確認する。比較結果は不正申請判定部130に送られる。
(S23、S24)申請データ比較部120は、申請データ受信部110から送られた端末識別子をグレーリストデータベース45に蓄積されたデータの端末識別子と比較し、端末識別子が同一の申請者がグレーリストデータベース45の中にいるかどうかを確認する。比較結果は不正申請判定部130に送られる。
(S25)不正申請判定部130は、送られてきた比較結果に基づき、申請者と本人容貌が類似した申請者がグレーリストデータベース45の中にいる場合、申請者と本人特定事項が同一の申請者がグレーリストデータベース45の中にいる場合、または、申請者と端末識別子が同一の申請者がグレーリストデータベース45の中にいる場合、第2不正申請判定とし、不正申請判定結果100を事業者端末50に送信する。 Next, a flowchart of fraudulent application determination by comparison with the gray list database 45 of FIG. 6 will be described.
(S19, S20) The application data comparison unit 120 compares the personal appearance sent from the application data receiving unit 110 with the personal appearance of the data stored in the gray list database 45, and the applicant with similar personal appearance is the gray list. Check if you are in database 45. The comparison result is sent to the fraudulent application determination unit 130.
(S21, S22) The application data comparison unit 120 compares the personal identification items sent from the application data receiving unit 110 with the personal identification items of the data stored in the gray list database 45, and the applicant has the same personal identification items. Check if is in the gray list database 45. The comparison result is sent to the fraudulent application determination unit 130.
(S23, S24) The application data comparison unit 120 compares the terminal identifier sent from the application data reception unit 110 with the terminal identifier of the data stored in the gray list database 45, and the applicant with the same terminal identifier is the gray list. Check if you are in database 45. The comparison result is sent to the fraudulent application determination unit 130.
(S25) Based on the comparison result sent, the fraudulent application determination unit 130 makes an application in which the applicant and the person-identifying matter have the same identity when there is an applicant having a similar appearance to the applicant in the gray list database 45. If a person is in the gray list database 45, or if an applicant with the same terminal identifier as the applicant is in the gray list database 45, the second fraudulent application determination is made and the fraudulent application determination result 100 is set as the business operator. Send to the terminal 50.
 次に、図7の、アクセス元IPアドレス、住所、電話番号、および要注意人物対比による不正申請判定の一例を示す模式的フローチャートについて説明する。
(S27、S28およびS32、33)不正申請判定部130は、IPアドレス判定用の商用データベースを用いて、アクセス元のIPアドレスが日本以外のIPアドレスか、または匿名ネットワークで用いられているIPアドレスである場合など、IPアドレスに不審な点がある場合には、第1不正申請判定(IPアドレス不審)とし、不正申請判定結果100を事業者端末50に送信するとともに、申請者をグレーリストデータベース45に登録する。
(S29およびS32、S33)不正申請判定部130は、住所実在判定用の商用データベースを用いて、申請者の住所が実在する住所であるかどうかを確認し、実在する住所でない場合には、第1不正申請判定(住所不審)とし、不正申請判定結果100を事業者端末50に送信するとともに、申請者をグレーリストデータベース45に登録する。
(S30およびS32、S33)不正申請判定部130は、電話番号実在判定用の商用データベースを用いて、申請者の電話番号が実在する電話番号であるかどうかを確認し、実在する電話番号でない場合には、第1不正申請判定(電話番号不審)とし、不正申請判定結果100を事業者端末50に送信するとともに、申請者をグレーリストデータベース45に登録する。
(S31およびS32、S33)不正申請判定部130は、要注意人物検索用の商用データベースを用いて、申請者が要注意人物に該当するかどうかを確認し、要注意人物に該当する場合には、第1不正申請判定(要注意人物該当)とし、不正申請判定結果100を事業者端末50に送信するとともに、申請者をグレーリストデータベース45に登録する。
 なお、上記不正申請判定のフローチャートにおいて、第1不正申請判定および第2不正申請判定がなされない場合には、不正申請判定部130は、不正申請判定終了時、その不正申請判定結果100を事業者端末50に送信する。 Next, a schematic flowchart showing an example of fraudulent application determination based on the access source IP address, address, telephone number, and person requiring attention will be described with reference to FIG. 7.
(S27, S28 and S32, 33) The fraudulent application determination unit 130 uses a commercial database for IP address determination, and the IP address of the access source is an IP address other than Japan, or an IP address used in an anonymous network. If there is a suspicious point in the IP address, such as in the case of Register at 45.
(S29 and S32, S33) The fraudulent application determination unit 130 confirms whether the applicant's address is a real address by using a commercial database for determining the existence of the address, and if it is not the real address, the first 1 The fraudulent application determination (address suspicious) is made, the fraudulent application determination result 100 is transmitted to the business terminal 50, and the applicant is registered in the gray list database 45.
(S30 and S32, S33) The fraudulent application determination unit 130 confirms whether the applicant's telephone number is an existing telephone number by using a commercial database for determining the existence of the telephone number, and if it is not an existing telephone number. The first fraudulent application determination (phone number suspicious) is set, the fraudulent application determination result 100 is transmitted to the business terminal 50, and the applicant is registered in the gray list database 45.
(S31 and S32, S33) The fraudulent application determination unit 130 uses a commercial database for searching for a person requiring attention to confirm whether or not the applicant corresponds to a person requiring attention, and if it corresponds to a person requiring attention. , The first fraudulent application determination (corresponding to a person requiring attention) is set, the fraudulent application determination result 100 is transmitted to the business terminal 50, and the applicant is registered in the gray list database 45.
If the first fraudulent application determination and the second fraudulent application determination are not made in the above-mentioned flow chart for fraudulent application determination, the fraudulent application determination unit 130 sets the fraudulent application determination result 100 to the business operator at the end of the fraudulent application determination. Send to terminal 50.
 本実施の形態においては申請データ受信部110が「申請データ受信部」に相当し、申請者データベース40が「申請者データベース」に相当し、申請データ比較部120が「申請データ比較部」に相当し、不正申請判定部130が「不正申請判定部」に相当し、不正申請検知装置30が「不正申請検知装置」に相当し、グレーリストデータベース45が「グレーリストデータベース」に相当する。 In this embodiment, the application data receiving unit 110 corresponds to the "application data receiving unit", the applicant database 40 corresponds to the "applicant database", and the application data comparing unit 120 corresponds to the "application data comparing unit". However, the fraudulent application determination unit 130 corresponds to the "fraudulent application determination unit", the fraudulent application detection device 30 corresponds to the "fraud application detection device", and the gray list database 45 corresponds to the "gray list database".
 本発明の好ましい一実施の形態は上記の通りであるが、本発明はそれだけに制限されない。本発明の精神と範囲から逸脱することのない様々な実施の形態が他になされることは理解されよう。さらに、本実施の形態において、本発明の構成による作用および効果を述べているが、これら作用および効果は、一例であり、本発明を限定するものではない。 A preferred embodiment of the present invention is as described above, but the present invention is not limited thereto. It will be appreciated that various embodiments are made that do not deviate from the spirit and scope of the invention. Further, in the present embodiment, the actions and effects according to the constitution of the present invention are described, but these actions and effects are examples and do not limit the present invention.
  30 不正申請検知装置
  40 申請者データベース
  45 グレーリストデータベース
  70 申請者申し込みデータ
 110 申請データ受信部
 120 申請データ比較部
 130 不正申請判定部
 

  30 Fraudulent application detection device 40 Applicant database 45 Gray list database 70 Applicant application data 110 Application data receiving unit 120 Application data comparison unit 130 Fraud application judgment unit

Claims (15)

  1.  申請者の本人容貌データと、前記申請者の本人特定事項データと、前記申請者の申請端末の端末識別子データとのうちの、少なくともいずれかを受信する申請データ受信部と、
     前記申請データ受信部で受信した、前記本人容貌データと前記本人特定事項データと前記端末識別子データとを蓄積する申請者データベースと、
     前記申請者の前記本人容貌データを前記申請者データベースに蓄積された従前の申請者の前記本人容貌データと比較する申請データ比較部と、
     前記申請データ比較部で前記申請者の前記本人容貌データと類似する前記従前の申請者の前記本人容貌データが発見された場合において、前記申請者の前記本人特定事項データと前記従前の申請者の前記本人特定事項データとが一致していない場合には、第1不正申請判定を行う不正申請判定部と、を含む、本人確認、本人認証の不正申請検知装置。     An application data receiving unit that receives at least one of the applicant's personal appearance data, the applicant's personal identification matter data, and the terminal identifier data of the applicant's application terminal.
    An applicant database that stores the personal appearance data, the personal identification matter data, and the terminal identifier data received by the application data receiving unit.
    An application data comparison unit that compares the personal appearance data of the applicant with the personal appearance data of the previous applicant stored in the applicant database.
    When the applicant's personal appearance data similar to the applicant's personal appearance data is found in the application data comparison unit, the applicant's personal identification matter data and the previous applicant's personal appearance data are found. A fraudulent application detection device for identity verification and personal authentication, including a fraudulent application determination unit that determines a first fraudulent application when the personal identification matter data does not match.
  2.  前記申請データ比較部は、さらに、前記申請者の前記本人特定事項データを前記申請者データベースに蓄積された従前の申請者の前記本人特定事項データと比較し、
     前記不正申請判定部は、前記申請データ比較部で前記申請者の前記本人特定事項データと一致する前記従前の申請者の前記本人特定事項データが発見された場合において、前記申請者の前記本人容貌データと前記従前の申請者の前記本人容貌データとが類似していない場合には、前記第1不正申請判定を行う、請求項1に記載の本人確認、本人認証の不正申請検知装置。     The application data comparison unit further compares the personal identification matter data of the applicant with the personal identification matter data of the previous applicant stored in the applicant database.
    When the fraudulent application determination unit finds the personal identification matter data of the previous applicant that matches the personal identification matter data of the applicant in the application data comparison unit, the personal appearance of the applicant. The fraudulent application detection device for identity verification and personal authentication according to claim 1, which performs the first fraudulent application determination when the data and the personal appearance data of the previous applicant are not similar.
  3.  前記申請データ比較部は、さらに、前記申請者の前記端末識別子データを前記申請者データベースに蓄積された従前の申請者の前記端末識別子データと比較し、
     前記不正申請判定部は、前記申請データ比較部で前記申請者の前記端末識別子データと一致する前記従前の申請者の前記端末識別子データが発見された場合において、前記申請者の前記本人容貌データと前記従前の申請者の前記本人容貌データとが類似していない場合、または、前記申請者の前記本人特定事項データと前記従前の申請者の前記本人特定事項データとが一致していない場合には、前記第1不正申請判定を行う、請求項1または2に記載の本人確認、本人認証の不正申請検知装置。     The application data comparison unit further compares the terminal identifier data of the applicant with the terminal identifier data of the previous applicant stored in the applicant database.
    When the fraudulent application determination unit finds the terminal identifier data of the previous applicant that matches the terminal identifier data of the applicant in the application data comparison unit, the fraudulent application determination unit and the personal appearance data of the applicant When the personal appearance data of the previous applicant is not similar, or when the personal identification matter data of the applicant and the personal identification matter data of the previous applicant do not match. The fraudulent application detection device for identity verification and identity verification according to claim 1 or 2, which performs the first fraudulent application determination.
  4.  前記不正申請判定部で前記第1不正申請判定された前記申請者の前記本人容貌データと前記本人特定事項データと前記端末識別子データとを記録するグレーリストデータベースを含む、請求項1から3のいずれか1項に記載の本人確認、本人認証の不正申請検知装置。 Any of claims 1 to 3, including a gray list database that records the personal appearance data, the personal identification matter data, and the terminal identifier data of the applicant whose first fraudulent application is determined by the fraudulent application determination unit. The fraudulent application detection device for identity verification and identity verification described in item 1.
  5.  前記グレーリストデータベースは、前記申請者に関する任意のデータの登録を可能とする、請求項4に記載の本人確認、本人認証の不正申請検知装置。 The gray list database is the fraudulent application detection device for identity verification and personal authentication according to claim 4, which enables registration of arbitrary data related to the applicant.
  6.  前記申請データ比較部は、さらに、前記申請者の前記本人容貌データを前記グレーリストデータベースに蓄積された従前の申請者の前記本人容貌データと比較し、
     前記不正申請判定部は、前記申請データ比較部で前記申請者の前記本人容貌データと類似する前記従前の申請者の前記本人容貌データが発見された場合において、第2不正申請判定を行う、請求項4または5に記載の本人確認、本人認証の不正申請検知装置。     The application data comparison unit further compares the personal appearance data of the applicant with the personal appearance data of the previous applicant stored in the gray list database.
    The fraudulent application determination unit makes a second fraud application determination when the application data comparison unit finds the personal appearance data of the previous applicant similar to the personal appearance data of the applicant. The fraudulent application detection device for identity verification and identity verification according to item 4 or 5.
  7.  前記申請データ比較部は、さらに、前記申請者の前記本人特定事項データを前記グレーリストデータベースに蓄積された従前の申請者の前記本人特定事項データと比較し、
     前記不正申請判定部は、前記申請データ比較部で前記申請者の前記本人特定事項データと同一の前記従前の申請者の前記本人特定事項データが発見された場合において、第2不正申請判定を行う、請求項4から6のいずれか1項に記載の本人確認、本人認証の不正申請検知装置。     The application data comparison unit further compares the personal identification matter data of the applicant with the personal identification matter data of the previous applicant stored in the gray list database.
    The fraudulent application determination unit makes a second fraud application determination when the application data comparison unit finds the same personal identification matter data of the previous applicant as the personal identification matter data of the applicant. , The fraudulent application detection device for identity verification and personal authentication according to any one of claims 4 to 6.
  8.  前記申請データ比較部は、さらに、前記申請者の前記端末識別子データを前記グレーリストデータベースに蓄積された従前の申請者の前記端末識別子データと比較し、
     前記不正申請判定部は、前記申請データ比較部で前記申請者の前記端末識別子データと一致する前記従前の申請者の前記端末識別子データが発見された場合において、第2不正申請判定を行う、請求項4から7のいずれか1項に記載の本人確認、本人認証の不正申請検知装置。     The application data comparison unit further compares the terminal identifier data of the applicant with the terminal identifier data of the previous applicant stored in the gray list database.
    The fraudulent application determination unit makes a second fraud application determination when the application data comparison unit finds the terminal identifier data of the previous applicant that matches the terminal identifier data of the applicant. The fraudulent application detection device for identity verification and identity verification according to any one of items 4 to 7.
  9.  前記申請者データベースおよび前記グレーリストデータベースは、前記申請者にサービスを提供する複数の事業者を横断して構築される、請求項1から8のいずれか1項に記載の本人確認、本人認証の不正申請検知装置。 The identity verification and identity verification according to any one of claims 1 to 8, wherein the applicant database and the gray list database are constructed across a plurality of businesses that provide services to the applicant. Fraud application detection device.
  10.  前記申請データ受信部は、さらに、前記申請者の申請時のアクセス元IPアドレスを受信し、
     前記不正申請判定部は、前記IPアドレスに不審な点がある場合に、前記第1不正申請判定を行う、請求項1から9のいずれか1項に記載の本人確認、本人認証の不正申請検知装置。     The application data receiving unit further receives the access source IP address at the time of application of the applicant, and receives the application data receiving unit.
    The fraudulent application determination unit performs the first fraudulent application determination when there is a suspicious point in the IP address, the identity verification according to any one of claims 1 to 9, and the fraudulent application detection of personal authentication. Device.
  11.  前記申請データ受信部は、さらに、前記申請者の住所を受信し、
     前記不正申請判定部は、前記申請者の住所が実在していない住所である場合、または不審な住所である場合に前記第1不正申請判定を行う、請求項1から10のいずれか1項に記載の本人確認、本人認証の不正申請検知装置。     The application data receiving unit further receives the address of the applicant and receives the address of the applicant.
    The fraudulent application determination unit makes the first fraudulent application determination when the applicant's address is a non-existent address or a suspicious address, according to any one of claims 1 to 10. A fraudulent application detection device for identity verification and identity verification as described.
  12.  前記申請データ受信部は、さらに、前記申請者の電話番号を受信し、
     前記不正申請判定部は、前記申請者の電話番号が存在していない、または不審な電話番号である場合に前記第1不正申請判定を行う、請求項1から11のいずれか1項に記載の本人確認、本人認証の不正申請検知装置。     The application data receiving unit further receives the telephone number of the applicant and receives the telephone number of the applicant.
    The fraudulent application determination unit according to any one of claims 1 to 11, wherein the fraudulent application determination unit makes the first fraudulent application determination when the applicant's telephone number does not exist or is a suspicious telephone number. Identity verification and identity verification fraudulent application detection device.
  13.  前記不正申請判定部は、前記申請者の前記本人特定事項データが要注意人物に該当する場合に前記第1不正申請判定を行う、請求項1から12のいずれか1項に記載の本人確認、本人認証の不正申請検知装置。 The identity verification according to any one of claims 1 to 12, wherein the fraudulent application determination unit determines the first fraudulent application when the applicant's personal identification matter data corresponds to a person requiring attention. Fraudulent application detection device for personal authentication.
  14.  申請者の本人容貌データと、前記申請者の本人特定事項データと、前記申請者の申請端末の端末識別子データとのうちの少なくともいずれか、を受信する申請データ受信ステップと、
     前記申請データ受信ステップで受信した、前記本人容貌データと前記本人特定事項データと前記端末識別子データとを申請者データベースに蓄積する申請データ蓄積ステップと、
     前記申請者の前記本人容貌データを前記申請者データベースに蓄積された従前の申請者の前記本人容貌データと比較する申請データ比較ステップと、
     前記申請データ比較ステップで前記申請者の前記本人容貌データと類似する前記従前の申請者の前記本人容貌データが発見された場合において、前記申請者の前記本人特定事項データと前記従前の申請者の前記本人特定事項データとが一致していない場合には、第1不正申請判定を行う、不正申請判定ステップと、を含む、本人確認、本人認証の不正申請検知方法。     An application data receiving step for receiving at least one of the applicant's personal appearance data, the applicant's personal identification matter data, and the terminal identifier data of the applicant's application terminal.
    An application data storage step for storing the personal appearance data, the personal identification matter data, and the terminal identifier data received in the application data receiving step in the applicant database, and
    An application data comparison step for comparing the personal appearance data of the applicant with the personal appearance data of the previous applicant stored in the applicant database, and
    When the personal appearance data of the previous applicant similar to the personal appearance data of the applicant is found in the application data comparison step, the personal identification matter data of the applicant and the previous applicant A method for detecting fraudulent applications for identity verification and personal authentication, which includes a fraudulent application determination step of performing a first fraudulent application determination when the personal identification matter data does not match.
  15.  申請者の本人容貌データと、前記申請者の本人特定事項データと、前記申請者の申請端末の端末識別子データとのうちの少なくともいずれか、を受信する申請データ受信処理と、
     前記申請データ受信処理で受信した、前記本人容貌データと前記本人特定事項データと前記端末識別子データとを申請者データベースに蓄積する申請データ蓄積処理と、
     前記申請者の前記本人容貌データを前記申請者データベースに蓄積された従前の申請者の前記本人容貌データと比較する申請データ比較処理と、
     前記申請データ比較処理で、前記申請者の前記本人容貌データと類似する前記従前の申請者の前記本人容貌データが発見された場合において、前記申請者の前記本人特定事項データと前記従前の申請者の前記本人特定事項データとが一致していない場合には、第1不正申請判定を行う、不正申請判定処理と、を含む、本人確認、本人認証の不正申請検知プログラム。
     

          Application data reception processing for receiving at least one of the applicant's personal appearance data, the applicant's personal identification matter data, and the terminal identifier data of the applicant's application terminal.
    The application data storage process for accumulating the personal appearance data, the personal identification matter data, and the terminal identifier data received in the application data reception process in the applicant database.
    The application data comparison process for comparing the personal appearance data of the applicant with the personal appearance data of the previous applicant stored in the applicant database, and
    When the personal appearance data of the previous applicant similar to the personal appearance data of the applicant is found in the application data comparison process, the personal identification matter data of the applicant and the previous applicant A fraudulent application detection program for identity verification and personal authentication, including fraudulent application determination processing, which performs a first fraudulent application determination when the personal identification matter data does not match.
PCT/JP2021/027773 2020-10-22 2021-07-27 Fraud detection device for checking and authenticating person, application fraud detection method, and application fraud detection program WO2022085265A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
JP2022556417A JPWO2022085265A1 (en) 2020-10-22 2021-07-27
GB2307441.2A GB2616145A (en) 2020-10-22 2021-07-27 Fraud detection device for checking and authenticating person, application fraud detection method, and application fraud detection program

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2020177094 2020-10-22
JP2020-177094 2020-10-22

Publications (1)

Publication Number Publication Date
WO2022085265A1 true WO2022085265A1 (en) 2022-04-28

Family

ID=81290436

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2021/027773 WO2022085265A1 (en) 2020-10-22 2021-07-27 Fraud detection device for checking and authenticating person, application fraud detection method, and application fraud detection program

Country Status (3)

Country Link
JP (1) JPWO2022085265A1 (en)
GB (1) GB2616145A (en)
WO (1) WO2022085265A1 (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2004265231A (en) * 2003-03-03 2004-09-24 Toshiba Corp Face picture recording system and method
JP2008181310A (en) * 2007-01-24 2008-08-07 Toshiba Corp Authentication server and authentication program
WO2016043197A1 (en) * 2014-09-16 2016-03-24 新日鉄住金ソリューションズ株式会社 Management system, portable terminal device, management method, information processing method and program
WO2018229927A1 (en) * 2017-06-15 2018-12-20 株式会社C-Grip Identification system, identification device, identification method, and program
JP2020047093A (en) * 2018-09-20 2020-03-26 富士ゼロックス株式会社 Information processing system, information processing device, and program

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2004265231A (en) * 2003-03-03 2004-09-24 Toshiba Corp Face picture recording system and method
JP2008181310A (en) * 2007-01-24 2008-08-07 Toshiba Corp Authentication server and authentication program
WO2016043197A1 (en) * 2014-09-16 2016-03-24 新日鉄住金ソリューションズ株式会社 Management system, portable terminal device, management method, information processing method and program
WO2018229927A1 (en) * 2017-06-15 2018-12-20 株式会社C-Grip Identification system, identification device, identification method, and program
JP2020047093A (en) * 2018-09-20 2020-03-26 富士ゼロックス株式会社 Information processing system, information processing device, and program

Also Published As

Publication number Publication date
GB202307441D0 (en) 2023-07-05
JPWO2022085265A1 (en) 2022-04-28
GB2616145A (en) 2023-08-30

Similar Documents

Publication Publication Date Title
US20190325439A1 (en) Systems and methods for verifying identities in transactions
US8924285B2 (en) Building whitelists comprising voiceprints not associated with fraud and screening calls using a combination of a whitelist and blacklist
US8396711B2 (en) Voice authentication system and method
JP4097040B2 (en) Tokenless identification system for approval of electronic transactions and electronic transmissions
US20160127359A1 (en) Compliant authentication based on dynamically-updated crtedentials
US20090018934A1 (en) System and Method for defense ID theft attack security service system in marketing environment
US20120084203A1 (en) System and method for secure transactions using device-related fingerprints
US20090307141A1 (en) Secure Card Services
US10050958B2 (en) Validating biometrics without special purpose readers
CN102790674A (en) Authentication method, equipment and system
CN102197407A (en) System and method of secure payment transactions
KR20070036125A (en) Network security and fraud detection system and method
JP2011523726A (en) Method for temporarily personalizing a communication device
JP4107580B2 (en) User authentication system and user authentication method
US11658962B2 (en) Systems and methods of push-based verification of a transaction
Krishnaprasad et al. A Study on Enhancing Mobile Banking Services using Location based Authentication
GB2437761A (en) Virtual identity and authentication employing a mobile device
KR101583698B1 (en) Authentication system and method for device attempting connection
US20070162402A1 (en) Securing of electronic transactions
WO2022085265A1 (en) Fraud detection device for checking and authenticating person, application fraud detection method, and application fraud detection program
JP2019050014A (en) Account opening system, account opening method, and program
JP2001312476A (en) Individual authenticating device for network, authenticated transaction system, and individual authentication system
KR20040040412A (en) Management System and method of Social Security number
Sharma et al. Secure branchless banking
KR20110087885A (en) System and method for service security

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 21882406

Country of ref document: EP

Kind code of ref document: A1

ENP Entry into the national phase

Ref document number: 2022556417

Country of ref document: JP

Kind code of ref document: A

ENP Entry into the national phase

Ref document number: 202307441

Country of ref document: GB

Kind code of ref document: A

Free format text: PCT FILING DATE = 20210727

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 21882406

Country of ref document: EP

Kind code of ref document: A1