CN119992701A

CN119992701A - Method and system for intelligent gate inhibition remote authorization applied to banking system

Info

Publication number: CN119992701A
Application number: CN202510156438.7A
Authority: CN
Inventors: 朱礼华; 王欣娟; 王成玮; 王吉林; 王飞
Original assignee: Postal Savings Bank of China Ltd
Current assignee: Postal Savings Bank of China Ltd
Priority date: 2025-02-12
Filing date: 2025-02-12
Publication date: 2025-05-13

Abstract

The present application provides a method and system for remote authorization of intelligent access control applied to a bank system. It includes: obtaining relevant information of a target object, the target object is an object entering the bank through the access control system, the relevant information includes at least one or more of facial information, sound information, fingerprint information, intercom information and iris information, and the intercom information is the conversation information between the target object and the authorized object obtained through the intercom device; authenticating the target object according to the relevant information to obtain multiple verification results; when all the verification results indicate that the verification is passed, controlling the bank's access control to open. This solution solves the problems in the prior art that the traditional access control authorization capability is limited, and real-time monitoring and remote authorization cannot be achieved. Attackers can use forged facial information or steal other people's facial information to bypass the facial recognition function of the access control system, resulting in insufficient security.

Description

Method and system for intelligent gate inhibition remote authorization applied to banking system

Technical Field

The application relates to the technical field of entrance guard security, in particular to a method, a device, a computer program product and a system for intelligent entrance guard remote authorization applied to a banking system.

Background

The financial industry is the industry of centralized currency circulation, and banks are important storage and circulation channels of the currency, and the security system is more strictly protected than the common units. However, the conventional bank security protection schemes are all manually monitored, the conventional access control authorization capability is limited, real-time monitoring and remote authorization cannot be realized, and an attacker can use fake face information or steal face information of other people to bypass the face recognition function of the access control system, so that the security is insufficient.

Disclosure of Invention

The application mainly aims to provide a method, a device, a computer program product and a system for intelligent access remote authorization applied to a banking system, which are used for at least solving the problems that the traditional access remote authorization capability is limited, real-time monitoring and remote authorization cannot be realized in the prior art, and an attacker can use fake face information or steal face information of other people to bypass the face recognition function of the access system, so that the security is insufficient and the like.

In order to achieve the above purpose, according to one aspect of the present application, there is provided a method for intelligent entrance guard remote authorization applied to a banking system, comprising obtaining related information of a target object, wherein the target object is an object entering a banking through the entrance guard system, the related information at least comprises one or more of face information, sound information, fingerprint information, intercom information and iris information, the intercom information is dialogue information between the target object and an authorized object obtained through intercom equipment, the authorized object is an object granting right to enter the banking to the target object or not granting right to enter the banking to the target object, performing identity verification on the target object according to the related information to obtain a plurality of verification results, and controlling entrance guard opening of the banking under the condition that all verification results represent passing verification.

Optionally, performing identity verification on the target object according to the related information to obtain a plurality of verification results, wherein the method comprises the steps of extracting face features according to the face information, extracting sound features according to the sound information, performing text conversion on the sound information to obtain text features, performing feature fusion on the face features, the sound features and the text features to obtain comprehensive features, wherein the fusion mode comprises one or more of feature level fusion, decision level fusion, weighted average and deep learning fusion, and performing identity recognition according to the comprehensive features to obtain a first verification result.

Optionally, the identity recognition is performed according to the comprehensive characteristics to obtain a first verification result, wherein the first verification result comprises obtaining credential information, the credential information is information of an identity document of the target object, the first identity information of the target object is determined according to the credential information, the second identity information of the target object is determined according to the comprehensive characteristics, the first verification result is determined to be passing identity verification when the first identity information and the second identity information are successfully matched, and the first verification result is determined to be failed identity verification when the first identity information and the second identity information are failed to be matched.

Optionally, performing identity verification on the target object according to the related information to obtain a plurality of verification results, wherein the method comprises the steps of obtaining a preset fingerprint library, matching the fingerprint information with the preset fingerprint information, determining that the identity verification passes under the condition that the fingerprint information is successfully matched with any one of the preset fingerprint information to obtain a second verification result, and determining that the identity verification fails under the condition that the fingerprint information is failed to be matched with all of the preset fingerprint information to obtain the second verification result.

Optionally, performing identity verification on the target object according to the related information to obtain a plurality of verification results, wherein the verification results comprise obtaining remote verification information sent by a received remote terminal when the intercom information is obtained, wherein the remote verification information is decision information about whether to authorize opening the door of the target object or not sent by the remote terminal where the authorized object is located, determining that identity verification passes when the remote verification information characterizes that the door of the target object is authorized, and obtaining a third verification result when the remote verification information characterizes that the door of the target object is not authorized, and determining that identity verification fails when the remote verification information characterizes that the door of the target object is not authorized, so as to obtain the third verification result.

Optionally, in the process of controlling whether the access control of the bank is opened or not, the method further comprises the steps of obtaining a remote authentication result under the condition that the local authentication result represents that authentication is passed, wherein the remote authentication result is obtained by performing face recognition, manual verification and talkback confirmation through a remote server, controlling the access control of the bank to be opened under the condition that the face recognition authentication is passed, the manual verification authentication is passed and the talkback confirmation authentication is passed through the remote authentication result, generating an opening log, and storing the opening log in a database, wherein the opening log at least comprises one or more of opening operation time, the access control position of the bank and related information.

Optionally, after the target object is authenticated according to the related information to obtain a plurality of authentication results, the method further comprises generating alarm information when at least one authentication result indicates that authentication is not passed, controlling alarm equipment of a bank to alarm according to the alarm information, and sending the alarm information to a remote terminal.

According to another aspect of the application, an intelligent access control remote authorization device applied to a bank system is provided, and the intelligent access control remote authorization device comprises a first acquisition unit, a verification unit and a first control unit, wherein the first acquisition unit is used for acquiring related information of a target object, the target object is an object entering the bank through the access control system, the related information at least comprises one or more of face information, sound information, fingerprint information, intercom information and iris information, the intercom information is dialogue information between the target object and an authorized object acquired through intercom equipment, the authorized object is an object which grants the right of entering the bank to the target object or does not grant the right of entering the bank to the target object, the verification unit is used for carrying out identity verification on the target object according to the related information to obtain a plurality of verification results, and the first control unit is used for controlling the opening of the access control of the bank under the condition that all verification results represent verification pass.

According to a further aspect of the present application there is provided a computer program product comprising a computer program which when executed by a processor performs any of the steps of the method for intelligent access control remote authorization for banking systems.

According to a further aspect of the application there is provided a system for intelligent access remote authorization for use in a banking system comprising one or more processors, a memory, and one or more programs, wherein the one or more programs are stored in the memory and are configured to be executed by the one or more processors, the one or more programs comprising means for performing any of the methods of intelligent access remote authorization for use in a banking system.

By applying the technical scheme of the application, the identity of the target object can be verified in various identity verification modes, namely face recognition, voice recognition, fingerprint recognition and video intercom remote manual recognition, and the gate of the bank can be opened only if all verification passes, so that the security of the bank access control is greatly improved.

Drawings

The accompanying drawings, which are included to provide a further understanding of the application and are incorporated in and constitute a part of this specification, illustrate embodiments of the application and together with the description serve to explain the application. In the drawings:

Fig. 1 is a block diagram showing a hardware configuration of a mobile terminal for performing a method of intelligent access remote authorization applied to a banking system according to an embodiment of the present application;

Fig. 2 is a flow chart of a method for remote authorization of intelligent access control applied to a banking system according to an embodiment of the present application;

FIG. 3 shows an overall flow chart of the present solution;

fig. 4 shows a schematic flow chart of face recognition according to the present embodiment;

Fig. 5 shows a block diagram of an apparatus for intelligent access remote authorization applied to a banking system according to an embodiment of the present application.

Wherein the above figures include the following reference numerals:

102. processor, 104, memory, 106, transmission equipment, 108, input and output equipment.

Detailed Description

It should be noted that, without conflict, the embodiments of the present application and features of the embodiments may be combined with each other. The application will be described in detail below with reference to the drawings in connection with embodiments.

In order that those skilled in the art will better understand the present application, a technical solution in the embodiments of the present application will be clearly and completely described below with reference to the accompanying drawings in which it is apparent that the described embodiments are only some embodiments of the present application, not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the present application without making any inventive effort, shall fall within the scope of the present application.

It should be noted that the terms "first," "second," and the like in the description and the claims of the present application and the above figures are used for distinguishing between similar objects and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used may be interchanged where appropriate in order to describe the embodiments of the application herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.

For convenience of description, the following will describe some terms or terminology involved in the embodiments of the present application:

And the remote access authorization is that an access system authorizer can perform authorized door opening or refused door opening operation on the access system in a remote control center. Transmitting visitor credentials, images, videos and audios to a remote authorization person synchronously, and checking and completing authorization by the authorization person on a terminal of the remote authorization person.

The face passing technology is to use technical means to manufacture face information, identity card photos and the like which are illegally acquired into dynamic videos so as to crack face recognition verification programs.

And (3) local authentication, namely authenticating by the front-end equipment of the access control through reading the visitor certificate and shooting the scene face.

As described in the background art, in the prior art, the bank safety protection schemes are all manual monitoring, and the safety is insufficient, so as to solve the problems, and the embodiment of the application provides a method, a device, a computer program product and a system for intelligent access control remote authorization applied to a bank system.

The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention.

The method embodiments provided in the embodiments of the present application may be performed in a mobile terminal, a computer terminal or similar computing device. Taking the operation on a mobile terminal as an example, fig. 1 is a hardware structure block diagram of the mobile terminal of the method for remote authorization of intelligent access control applied to a banking system in an embodiment of the present application. As shown in fig. 1, a mobile terminal may include one or more (only one is shown in fig. 1) processors 102 (the processor 102 may include, but is not limited to, a microprocessor MCU or a processing device such as a programmable logic device FPGA) and a memory 104 for storing data, wherein the mobile terminal may also include a transmission device 106 for communication functions and an input-output device 108. It will be appreciated by those skilled in the art that the structure shown in fig. 1 is merely illustrative and not limiting of the structure of the mobile terminal described above. For example, the mobile terminal may also include more or fewer components than shown in fig. 1, or have a different configuration than shown in fig. 1.

The memory 104 may be used to store a computer program, for example, a software program of application software and a module, such as a computer program corresponding to a display method of device information in an embodiment of the present invention, and the processor 102 executes the computer program stored in the memory 104 to perform various functional applications and data processing, that is, to implement the above-described method. Memory 104 may include high-speed random access memory, and may also include non-volatile memory, such as one or more magnetic storage devices, flash memory, or other non-volatile solid-state memory. In some examples, the memory 104 may further include memory remotely located relative to the processor 102, which may be connected to the mobile terminal via a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof. The transmission device 106 is used to receive or transmit data via a network. Specific examples of the network described above may include a wireless network provided by a communication provider of the mobile terminal. In one example, the transmission device 106 includes a network adapter (Network Interface Controller, simply referred to as a NIC) that can connect to other network devices through a base station to communicate with the internet. In one example, the transmission device 106 may be a Radio Frequency (RF) module, which is configured to communicate with the internet wirelessly.

In this embodiment, a method of intelligent access remote authorization for a banking system is provided that operates on a mobile terminal, computer terminal, or similar computing device, it being noted that the steps illustrated in the flowchart of the figures may be performed in a computer system such as a set of computer executable instructions, and that although a logical sequence is illustrated in the flowchart, in some cases the steps illustrated or described may be performed in a different order than that illustrated herein.

Fig. 2 is a flow chart of a method for intelligent access control remote authorization applied to a banking system according to an embodiment of the present application. As shown in fig. 2, the method comprises the steps of:

Step S201, obtaining relevant information of a target object, wherein the target object is an object entering a bank through an access control system, the relevant information at least comprises one or more of face information, sound information, fingerprint information, intercom information and iris information, the intercom information is dialogue information between the target object and an authorized object obtained through intercom equipment, and the authorized object is an object which grants the right of entering the bank to the target object or does not grant the right of entering the bank to the target object;

specifically, in a smart entry remote authorization system, when an object (i.e., a "target object") requests entry into a bank, the first step is to collect a series of information related to the object. Such information includes at least one or more of the following types:

face information, which is to capture a face image of a target object through a camera for subsequent face recognition and comparison so as to verify the identity of the object.

Sound information, i.e., collecting the sound of the target object, including voice command or speaking content, through a microphone, can be used for voiceprint recognition or voice content analysis.

Fingerprint information if the system is configured with fingerprint identification function, fingerprint data of the target object is acquired through the fingerprint sensor and used for verifying the unique identity.

The intercom information is the dialogue content between the target object and the authorized object, and is recorded through intercom equipment integrated in the bank access control system. The intercom information is dynamic real-time information, and can be used for evaluating the intention, the behavior and the on-site environment condition of the visitor, so that the safety verification step is enhanced.

Iris information refers to biometric features extracted from the iris of the eye of the target subject. The iris is a colored annular region around the pupil in the eye, with rich texture and structure, and these features are captured and analyzed by iris recognition techniques. The iris recognition is characterized by high uniqueness and stability, and even in extreme cases, the iris characteristics are rarely changed, so that the iris information becomes an important basis for identity authentication in a high-security scene.

The term "authorized object" as referred to herein refers to a person who is given authority to decide whether or not a target object can enter a bank. The authorized object may be a security person, a system administrator or a specific administrator of the bank, and their decision determines whether the target object has legal rights to enter the bank based on the collected related information. If the authorized object considers the target object request to be reasonable, the security verification passes, and the authorized object grants the right for the target object to enter the bank, otherwise, the authorized object does not grant the right.

Step S202, carrying out identity verification on the target object according to the related information to obtain a plurality of verification results;

specifically, an identity verification process is started, and the identity of the target object is carefully checked and confirmed by using a mode of combining a multi-mode verification technology and manual verification. This process results in a plurality of verification results, each result corresponding to a type of information:

And (3) a face information verification result is that the system matches the face image of the target object with the face information of the authorized person registered in the database, and judges whether the facial features of the target object are consistent with the authorized person.

And (3) verifying the voice information, namely analyzing the voice characteristics of the target object by the system through voiceprint recognition, comparing the voice characteristics with voiceprints of known authorized personnel, and confirming the validity of the voice source.

And (3) fingerprint information verification results, namely if the fingerprint information is collected, comparing the fingerprint of the target object with fingerprint records stored in a database by the system to verify whether the fingerprints are matched.

And (3) checking the intercom information, namely after receiving a remote authorization request of the target object, the authorized object monitors the video stream, listens to the intercom record and directly talks, and manually checks and gives out a decision of passing or not according to the field condition and the behavior of the target object.

Each verification result is recorded by the system and if one or more verification results indicate a verification failure, the system will not proceed with the next door opening control.

Step S203, controlling the entrance guard of the bank to open under the condition that all the verification results represent verification pass.

Specifically, in the intelligent access control system, the system performs the final door opening operation only if all the participating authentication steps pass, i.e., all the authentication results characterize the authentication pass. This means that if the face information, sound information, fingerprint information (if applicable) and intercom information of the target object are all confirmed as legal and safe, the system will send a command to the entrance guard execution device to control the bank door to open automatically, allowing the target object to enter.

Through the embodiment, the identity of the target object can be verified in various identity verification modes, namely face recognition, voice recognition, fingerprint recognition and video intercom remote manual recognition, and the gate of the bank can be opened only through all verification, so that the security of the bank access control is greatly improved.

In the existing scheme, the timeliness of the access control authorization mode is low, when the concurrency of authorization requests of the website is high, website personnel can wait for a long time, customer experience is poor, and the accuracy of the authorization personnel and the safety of the flow cannot be guaranteed by the authorization personnel generally adopting a traditional manual authorization mode. The scheme only depends on the face recognition technology of the first terminal, the novel face passing technology cannot be effectively prevented, and secondly, the open operation log is not recorded, so that tracing of the source tracing dangerous event is difficult.

Specifically, according to the bank security regulations, a security access control system is arranged at a bank business place, and the technical means such as access control card swiping and face recognition are included, so that only authorized personnel can enter the place, and the effectiveness of security management is guaranteed. The access control device for the vault access personnel is an extremely important component part in the security system, but the traditional access authorization capability is limited, real-time monitoring and remote authorization cannot be realized, the modern management requirement cannot be met, and an attacker can bypass the face recognition function of the access system by using fake face information or stealing the face information of other people. Therefore, the application provides a scheme of intelligent gate inhibition remote authorization applied to a bank system, as shown in fig. 3, local authentication is carried out through gate inhibition front-end equipment, whether credentials and faces of visitors are consistent or not is identified, after the local authentication is passed, a remote authorization request is sent to a system (or a server side), a multi-mode face recognition module is carried out, video photo comparison, manual verification and talkback confirmation are carried out through the server side, gate opening operation can be carried out after the three passes, and an operation log of the remote authorization gate opening operation is recorded and managed, thereby helping an authorized person to monitor and track the record of authorized gate opening, and ensuring the safety and traceability system of the gate inhibition system to record the gate opening log.

The method comprises the steps of carrying out identity verification on the target object according to the related information to obtain a plurality of verification results, extracting face features according to the face information, wherein the face features at least comprise one or more of face contours, expressions and heat distribution, extracting sound features according to the sound information, wherein the sound features at least comprise one or more of tones, volume, tone colors and voiceprints, carrying out text conversion on the sound information to obtain text features, carrying out feature fusion on the face features, the sound features and the text features to obtain comprehensive features, and carrying out identity recognition according to the comprehensive features to obtain a first verification result, wherein the fusion mode comprises one or more of feature level fusion, decision level fusion, weighted average and deep learning fusion.

In the scheme, the security protection capability of financial places such as banks can be obviously improved, unauthorized entry is effectively prevented, and meanwhile, the accuracy and the efficiency of identity verification are further improved through comprehensive analysis of multi-mode information.

Specifically, the system not only extracts the characteristics based on the traditional face image, but also obtains the heat distribution of the face by using the thermal infrared image, and combines the facial contour and expression information captured by visible light to form a more comprehensive and multidimensional face characteristic set. The comprehensiveness is helpful for the system to accurately identify the target object under different environmental conditions (such as illumination change, shielding condition and the like), and the robustness and accuracy of identification are improved.

In addition to the facial features, the system also extracts rich sound features from the sound information, including pitch, volume, timbre, voiceprint, and the like. Voiceprint features can identify individual speech patterns, while pitch, volume, timbre, etc., help identify specific emotional states or speaker context, providing additional dimensions and information for identification.

By converting the collected audio information into text features, the system is able to understand and analyze the speech content of the target object. This capability is particularly useful in intelligent access remote authorization systems, where it can be used to determine the intent and instructions of a target object, and even detect potentially threatening languages. Text conversion helps to enhance the understanding and reaction capabilities of the system, enabling it to more intelligently assess security conditions.

And fusing the face features, the sound features and the text features to obtain a comprehensive feature. The system supports various fusion modes including feature level fusion, decision level fusion, weighted average, deep learning fusion and the like. By adopting the fusion strategies, the system can select the most appropriate fusion mode according to different safety scenes and requirements so as to improve the identification accuracy and the decision capability of the system. For example, feature level fusion can combine information of different modes at an early stage of feature extraction, decision level fusion is performed after each feature is independently judged, weighted average can consider importance of different features, and deep learning fusion automatically learns association among features through a neural network, so that recognition performance is improved.

And finally, the system uses the comprehensive characteristics to carry out identity recognition to obtain a first verification result. Because the comprehensive characteristics contain information of a plurality of modes, the identification mode can provide higher identification precision and safety, and the misjudgment risk possibly brought by single characteristic identification is reduced. The first verification result is based on comprehensive analysis of the face, sound and speech content of the target object, and provides a key basis for subsequent remote authorization decisions.

Specifically, the local authentication is performed by the front-end access equipment, whether the credentials and the face of the visitor are consistent is recognized, and after the local authentication is passed, the multi-mode face recognition module is entered, as shown in fig. 4, and the main process of multi-mode face recognition comprises the following steps:

1) And data acquisition, namely acquiring different types of data such as face images, thermal infrared images, audio and video by using entrance guard front-end equipment such as a camera, an infrared camera, a sound sensor and the like. Compared with the traditional single-mode face image acquisition mode, the multi-mode face recognition system can acquire various information, such as face images, voiceprints and the like. The acquisition speed of the information is relatively high, a multi-mode database can be quickly established, and a quick face recognition process is realized;

2) Preprocessing the data of different types acquired in the step 1), including denoising, standardization, feature extraction and the like, wherein the multi-mode face recognition system generally adopts a parallel processing mode to preprocess various information at the same time, and the data preprocessing process of face recognition can be accelerated by fully utilizing computing resources;

3) Feature extraction, namely extracting useful features from different types of data, such as extracting facial contours and expression features from a face image, extracting voice features from sound, extracting face heat distribution features from a thermal infrared image, and the like. The traditional single-mode face recognition can influence the recognition effect due to factors such as light rays, angles and the like, so that the authentication time is long, and the multi-mode face recognition system utilizes various information to perform feature extraction and matching, so that more comprehensive and accurate feature information can be obtained, misrecognition or missing recognition caused by the influence of the single factor is reduced, and the recognition speed is improved;

4) And (3) a fusion algorithm, namely learning association and connection among the different types of features through a Cross-modal learning model (Cross-Modal Learning Model). Data of different modes are input into different convolutional neural networks for feature extraction, a graph rolling network is trained by face picture feature data, a hidden Markov acoustic model is trained by audio features, and phonemes output by the acoustic model are input into a pre-trained text model Bert. Through the combined training of the picture model, the acoustic model and the text model, different types of characteristics can be used as input to learn the interrelationship between the picture model, the acoustic model and the text model together, and simultaneously, a multi-mode database and the model are continuously updated through the training process so as to adapt to new face characteristics and environmental changes, thereby maintaining the timeliness and the accuracy of the system;

5) And (3) identifying and verifying, namely verifying the characteristics fused by using the cross-modal learning model and the visitor credentials and judging whether the characteristics are matched with the visitor credentials.

Specifically, first, the system extracts useful features from data of different modalities. For example, visual features such as facial contours, expressions, textures and the like are extracted from an RGB face image, temperature distribution features of a face are extracted from a thermal infrared image, and acoustic features such as fundamental frequency, tone, speed and the like of voice are extracted from a sound signal.

Feature extraction and learning are performed on face images using Convolutional Neural Networks (CNNs). CNNs are adept at processing image data and are able to automatically learn patterns and structures in images, generating high-dimensional image feature vectors. The acoustic features are modeled using a Hidden Markov Model (HMM) or a variant thereof, such as a Deep Hidden Markov Model (DHMM). HMMs are capable of capturing timing characteristics in speech signals, modeling the dynamic characteristics of speech to identify specific sound patterns. The pre-trained text model Bert is used to process and understand phoneme information extracted from audio, convert sound features into possible text meanings, e.g., to aid in authentication by recognizing specific voice commands or language habits.

Features extracted from different modalities are fused together through a cross-modality learning model (e.g., a multi-modality convolutional neural network, a multi-modality attention mechanism model, etc.), and associations and links between these features are learned and understood together. This process allows the model to understand the individual from multiple angles, for example, by considering both facial expressions and acoustic features while speaking, to more accurately determine the identity and emotional state of the individual.

Specifically, the scheme of the application provides a two-way defending line authentication strategy of the entrance guard front-end equipment and the multi-mode face recognition, wherein the two-way recognizing strategy of the multi-mode face recognition is performed again through the local authentication of the entrance guard front-end equipment, the acquisition and the uploading of different types of data to a server side, and the security and the timeliness of an entrance guard system are improved while the face passing technology is effectively prevented.

Specifically, a deep learning technology is introduced into the multi-mode face recognition module, and particularly, an adaptive illumination compensation algorithm, a shielding detection algorithm and an emotion analysis-based expression recognition technology can be adopted for aiming at light rays, shielding, expression changes and other influence factors under different environments so as to enhance the recognition performance of the system under a complex scene. Meanwhile, a three-dimensional face model is built by introducing a 3D face scanning technology, so that the utilization of depth information by the system is improved, and the 'face passing' attack by using a two-dimensional photo or video is further prevented.

Specifically, the "face-passing" technology generally refers to an attack method in which an attacker bypasses a face recognition system based on a single modality (such as a 2D image) through technical means. An attacker can use high-definition face photos or videos of victims, display the photos or videos in front of a camera of access control front-end equipment through equipment such as a smart phone or a tablet computer, and try to deceive the image-based face recognition system. This attack approach takes advantage of the recognition capabilities of the system for 2D images, without regard to the authenticity and dynamics of the images. Depth forging (Deepfake) technology, which is a more advanced face-passing method, is used by an attacker to synthesize facial expressions and actions of one person onto the video of another person in real time by using a depth learning technology, so as to generate a seemingly real video stream for cheating an access control system. The synthesized face video has high deceptive performance, can simulate the true response of a victim under different angles and expressions, and increases the concealment and complexity of attack. 3D printing or die manufacturing, an attacker may use a three-dimensional model of the face of a victim, make a realistic mask or head model through 3D printing or die manufacturing and other technologies, and then display the model in front of an access control system in an attempt to bypass face recognition based on depth information. This approach to attacks is ineffective for image-based face recognition systems, but can pose a threat to some systems based on thermal infrared or 3D scanning techniques.

In particular, the introduction of the multi-modal face recognition module aims to effectively prevent the above-mentioned "face-over" attack. By simultaneously analyzing the face image, the thermal infrared image, the audio and video data, the system can detect and verify the authenticity and dynamic characteristics of the face, for example, the thermal infrared image can detect the temperature distribution of the real face, the audio data can verify whether the sound characteristics of the visitor are matched with the face, the video stream can analyze the dynamic expression and action of the face and whether the background environment is normal, and the additional verification means greatly increase the difficulty of an attacker to bypass the access control system.

In particular, sound features are in the field of voiceprint recognition and speech analysis, and refer to features that can uniquely or partially uniquely identify a person's sound, which can be extracted from a speech signal and used in a variety of applications such as authentication, emotion analysis, health monitoring, etc.

Specifically, after the face authentication is passed, multiple identity verification modes can be performed on the account of the target object, for example, multiple identity verification modes such as fingerprint identification, card swiping, strong password and the like are combined to strictly control the identity of the target object.

Specifically, in the authentication link, besides the traditional multiple authentication modes such as fingerprint recognition, card swiping, strong password, etc., the authentication link can also include iris scanning, palm print recognition, vein recognition, etc., so as to increase the difficulty and security of authentication. These biological features have high uniqueness and stability, are difficult to forge, and can effectively prevent the invasion of illegal authorized personnel.

In addition, abnormal access modes such as frequent access attempts, access requests in non-working time and the like can be identified, early warning is automatically triggered, and early warning information is simultaneously sent to authorized personnel and security team in real time so as to immediately take action.

In some embodiments, the identity recognition is performed according to the comprehensive characteristics to obtain a first verification result, which may be specifically achieved by obtaining credential information, where the credential information is information of an identity document of the target object, determining first identity information of the target object according to the credential information, determining second identity information of the target object according to the comprehensive characteristics, determining that the first verification result is that the identity verification is passed if the first identity information and the second identity information are successfully matched, and determining that the first verification result is that the identity verification is failed if the first identity information and the second identity information are failed.

In the scheme, the authentication of the certificate information and the analysis of the multi-mode characteristics are combined, so that the threat of 'face attack' and other single-mode information counterfeiting can be further effectively defended. Because the verification of the certificate information provides static identity verification, the analysis of the multi-mode characteristics increases the dimension of dynamic verification, and the successful matching of the two parties can confirm that the identity verification passes, thereby greatly improving the safety barrier of the system.

Specifically, the system first obtains information of an identification document of a target object, such as an identification card, an employee card or any other certificate containing the identification information, through the access front-end equipment. This may be achieved by NFC, RFID reader or Optical Character Recognition (OCR) technology, ensuring that the system is able to accurately read and parse information on the document.

After the credential information is parsed, the system will extract and determine the first identity information of the target object from it. This typically includes key data such as name, certificate number, photograph, etc. for preliminary comparison with authorized person information in the database to ensure that the target object has basic access rights.

In the previous process, the system has extracted and fused the face features, sound features and text features of the target object to form a comprehensive feature vector. Based on this integrated feature, the system determines second identity information of the target object through advanced machine learning algorithms (e.g., deep neural networks). The process is not only simple face recognition or voiceprint matching, but also based on the deep analysis of multi-mode information, a more comprehensive and accurate identity authentication basis is provided.

The system verifies that the first identity information (obtained from the document) matches the second identity information (determined based on the integrated feature). If the two identity information are consistent, the identity of the target object is confirmed by the multi-mode information, and the system determines that the first verification result is that the identity verification is passed. Otherwise, if the matching fails, whether an error occurs in the comparison of the certificate information and the facial features or an inconsistency is found in the voiceprint or other feature analysis, the system will determine that the first verification result is that the identity verification fails, and reject the entry request of the target object.

Visitor credentials (Visitor Credentials) are information or credentials used to verify the identity of a visitor, which are an important component of access control systems that control the access of personnel. In banks or similar environments with high security requirements, visitor credentials typically contain identification documents, electronic credentials, subscription information, passwords, or PIN codes.

Identification documents the visitor may need to present a valid identification document, such as an identification card, passport, employee's card or membership card, which typically has personal photograph, name, identification number, etc. information thereon for initially confirming the visitor's identity. In some cases, the system may also require the visitor to enter specific information on the certificate, such as a certificate number or a birthday, for further verification.

Electronic certificates in systems with a high degree of digitization, the visitor certificate may exist in electronic form, such as a two-dimensional code, NFC tag, or electronic pass in a specific application (App). The certificates can be generated by a system, a visitor is shown by a mobile phone and other devices, and the system performs identity verification by reading information in the electronic certificates.

Subscription information for a particular visit, such as a visit by a bank guest client, the system may require the visitor to subscribe ahead of time and generate temporary access credentials based on the subscription information. The reservation information may include visitor name, reservation time, access destination, etc. for rapidly verifying the visitor's reservation status on the day of access, ensuring access order and compliance.

The visitor credential may also include a password or PIN code, sometimes, that the visitor needs to enter the correct password to pass authentication. The dual verification mode combining the physical certificate and the password improves the security level and prevents the physical certificate from being stolen.

In the specific implementation process, the identity verification is carried out on the target object according to the related information to obtain a plurality of verification results, and the method can be realized by obtaining a preset fingerprint library, wherein the preset fingerprint library comprises a plurality of preset fingerprint information, matching the fingerprint information with the plurality of preset fingerprint information, determining that the identity verification passes under the condition that the fingerprint information is successfully matched with any one of the preset fingerprint information to obtain a second verification result, and determining that the identity verification fails under the condition that the fingerprint information is failed to be matched with all the preset fingerprint information to obtain the second verification result.

In this scheme, fingerprint identification is a highly personalized way of biometric authentication, difficult to replicate and forge. By comparing the fingerprint database with a preset fingerprint database, the system can effectively prevent unauthorized persons from impersonating authorized persons to carry out remote authorization operation, and the safety protection capability of the system is enhanced. Because the fingerprints have extremely high uniqueness, the matching process can achieve extremely high accuracy. Even under the environmental conditions such as light, humidity change, fingerprint identification's accuracy still can be guaranteed, the misrecognition that leads to because of environmental factor has been reduced.

Specifically, in an access control system, a preset fingerprint library is a series of fingerprint information of authorized personnel stored in advance by the system, and the information is recorded into a database when the system is initialized or the authorized personnel are registered. The establishment of the preset fingerprint library ensures that the system can possess a reference standard for subsequent real-time fingerprint matching and identity verification.

When an authorized person (i.e., a bank staff or an administrator who has authority to perform a remote authorization operation) needs to log in to the system to perform an authorization operation, they need to place a finger on the fingerprint sensor of the entrance guard front-end device. The sensor captures the real-time fingerprint information and sends the information to the server. And the server processing system compares the received real-time fingerprint information with a plurality of preset fingerprint information in a preset fingerprint library one by one, and searches whether a matched fingerprint template exists or not.

To improve the accuracy of verification, the system may require authorized personnel to press the fingerprint multiple times to ensure that the captured fingerprint information is sufficiently clear and complete.

Once the real-time fingerprint information is captured, the access control front-end equipment uploads the information to the server side. The server processing system compares the received real-time fingerprint information with a plurality of preset fingerprint information in a preset fingerprint library one by one. The comparison process may include feature point based matching, line direction based matching, etc. to determine the similarity of the real-time fingerprint to the preset fingerprint.

If the real-time fingerprint information is successfully matched with any preset fingerprint information in the preset fingerprint library, the identity of the authorized personnel is confirmed, the system determines that the identity verification is passed, and a second verification result is obtained as 'pass', namely the authorized personnel is allowed to perform remote authorization operation.

If the real-time fingerprint information cannot be matched with all the preset fingerprint information, the system determines that the identity verification fails and obtains a second verification result of 'failed', and the remote authorization operation request of the person is refused.

Specifically, the authorized person takes his fingerprint on the remote authorization terminal device through a special fingerprint sensor. The fingerprint sensor may be a capacitive type, an optical type, an ultrasonic type, or the like, and among them, the capacitive type sensor is widely used for its high accuracy and reliability. The sensor converts the texture and minutiae of the fingerprint surface into digital signals.

The original fingerprint image obtained by the sensor is sent to a fingerprint identification algorithm for feature extraction. The fingerprint recognition algorithm can recognize and extract key characteristic points of the fingerprint, such as termination points, bifurcation points, line directions, intervals and the like of lines. These feature points constitute the "feature templates" of the fingerprint, which are the basis for subsequent comparison.

The extracted fingerprint feature templates are sent to a multi-mode face recognition module at the server side for fingerprint comparison. The server stores registered fingerprint templates of authorized personnel, and judges whether the registered fingerprint templates are matched by comparing the transmitted characteristic templates with the stored templates. If the matching degree reaches or exceeds a preset threshold value, the fingerprint verification is considered to pass, otherwise, the verification fails.

In some embodiments, the authentication of the target object according to the related information to obtain a plurality of authentication results may be specifically achieved by obtaining remote authentication information sent by a received remote terminal when the intercom information is obtained, where the remote authentication information is determination information about whether the target object is authorized to be opened or not sent by the remote terminal where the authorized object is located, determining that the authentication passes when the remote authentication information characterizes that the target object is authorized to be opened, and obtaining a third authentication result when the remote authentication information characterizes that the target object is not authorized to be opened, and determining that the authentication fails when the remote authentication information characterizes that the target object is not authorized to be opened, thereby obtaining the third authentication result.

In the scheme, the intercom confirmation mechanism allows the authorized object to directly communicate with the target object, any abnormal situation such as abnormal behavior of the target object or potential threat in the environment can be timely found and processed, and dynamic response capability and safety are enhanced.

Specifically, after the entrance guard front-end equipment completes preliminary local authentication (such as through preliminary matching of certificate information, faces and fingerprints) and remote verification of multi-mode features, the system starts a talkback confirmation mechanism. The target object (i.e., the person requesting access to the bank) will talk back in real time to the remote terminal (typically the authorized person's desktop or mobile device) through the microphone and speaker of the access front-end device. The intercom information includes, but is not limited to, the voice characteristics of the target object, real-time conversation content, and any other voice information that facilitates identity verification.

The authorized object (namely, a bank staff or an administrator who has the right to perform remote authorization operation) receives a remote verification request from the access control system on the remote terminal, and the request comprises the credential information, the face characteristics, the sound characteristics and the real-time condition during intercom of the target object. The authorized object checks the identity of the target object manually by looking at and listening to the information, and decides whether to authorize the door opening. This decision information is sent back to the access control system via the remote terminal as part of the remote verification information.

The remote authentication information is a critical binary decision that explicitly indicates whether the authorized object agrees with the target object's entry request. This information may be a simple "grant" or "reject" signal, or may contain additional description or requirements of the grant object to cope with the particular situation.

After the access control system receives the remote verification information, final identity verification judgment is carried out according to the decision in the information. If the remote verification information indicates that the authorized object agrees to authorize the door opening, the system determines that the authentication passes, and a third verification result is obtained as pass. This means that the identity of the target object is fully confirmed, including multimodal feature matching and manual verification of authorized objects, and the system will perform a door opening operation, allowing the target object to enter the bank.

In contrast, if the remote authentication information indicates that the authorized object refuses to authorize the door opening, the system will determine that the authentication fails, and the third authentication result is "failed". This may be due to authorized objects finding anomalies in the audit, such as target objects not conforming to credential information, abnormal performance in intercom, etc., or decisions made for higher security considerations. In this case, the access control system will remain in the closed state, rejecting the entry request of the target object.

Specifically, after the identity verification of the authorized person passes, if the video on site can be read, the talkback can be directly initiated to communicate with the visitor (i.e. the target object) through the talkback equipment associated with the video channel if the abnormal behavior of the visitor is found.

The scheme provides a safer and more effective authorization process, wherein multiple identity verification modes such as fingerprint identification, card swiping and password are adopted for authorized personnel, efficient communication is conducted in real time for abnormal behaviors of users through video channel linkage intercom, finally operation logs of remote authorization door opening operation are recorded and managed, the authorized personnel are helped to monitor and track the record of authorization door opening, and safety and traceability of an access control system are ensured.

Specifically, the "intercom" function refers to a mechanism that enables an authorized person to communicate with a person requesting access in real time through a two-way audio or video call after receiving an authorization request from an access control front-end device at a remote control center. The implementation of this function usually requires integrating a voice or video intercom module on the entrance guard front-end equipment, and equipping the control terminal of the authorized person with a corresponding intercom function.

When the visitor passes preliminary authentication (such as card swiping and face recognition) at the access control front-end equipment and sends a remote authorization request, the system automatically establishes a communication link between the authorized person and the visitor. This is typically accomplished through microphones and speakers integrated on the access front-end device and remote authorization terminal.

Once the link is established, the authorized person and the visitor can conduct real-time conversation, the authorized person can inquire the purpose, identity confirmation details or observe the reaction of the visitor, and the visitor can also explain the situation or answer the questions to the authorized person.

The method comprises the steps of obtaining a remote authentication result under the condition that a local authentication result represents that authentication is passed, wherein the remote authentication result is obtained by face recognition, manual verification and talkback confirmation through a remote server, controlling the entrance guard of a bank to be opened under the condition that the remote authentication result represents that the face recognition authentication is passed, the manual verification authentication is passed and the talkback confirmation authentication is passed, generating an opening log, and storing the opening log in a database, wherein the opening log at least comprises one or more of opening operation time, an entrance guard position of the bank and related information.

In the scheme, the generation and storage of the door opening log provide detailed entry records for banks, so that safety audit and event tracking are facilitated. When a security event occurs, the problem source can be rapidly positioned by referring to the door opening log, the specific time and place of the event, the related personnel information and decision basis are known, and the investigation and the processing of the event are facilitated.

The local authentication result is obtained by performing local authentication through the entrance guard front-end equipment.

Therefore, the existing door control remote authorization system has the following defects that (1) the technology of 'passing a human face' cannot be prevented, namely the door control system is bypassed by utilizing face recognition, and the safety is insufficient, (2) an authorized person mostly adopts a traditional manual authorization mode, whether a target object has authority to open a door and the rationality of an authorization process cannot be guaranteed, (3) linkage intercom cannot be carried out, efficient communication is carried out on abnormal behaviors of a user in real time, and (4) the post tracking and positioning are difficult for dangerous door opening events.

The application enters a scheme of intelligent gate inhibition remote authorization applied to a banking system, local authentication is carried out through gate inhibition front-end equipment, after the local authentication passes, a remote authorization request is sent to a server, a multi-mode face recognition module, manual auditing and talkback confirmation are carried out through the server, a gate opening operation can be carried out after the three passes, an operation log of the remote authorization gate opening operation is recorded and managed, an authorized person is helped to monitor and track the record of the authorized gate opening, and the safety and traceability of the gate inhibition system are ensured.

Specifically, when the system completes all verification procedures and determines that a remote authorized door opening operation can be performed, the system will generate a detailed door opening log. The log is a key document for recording each access control operation and is used for tracking and managing personnel information entering a bank, and traceability and safety of the operation are ensured.

The generated door opening log is stored in a database, and the design of the database needs to consider the security and the access efficiency of the data. The stored door opening log should be encrypted to protect sensitive information, and at the same time, a corresponding backup mechanism should be used to prevent data loss. The database should also support fast searching and data extraction so that security administrators can quickly obtain access control records at any point in time.

Specifically, under the condition that an authorized person agrees to the remote door opening request, the system records a door opening operation log, and through the remote door opening authorization log record, the authorized person can timely know the remote door opening authorization condition, find abnormal operation or safety risk and perform corresponding processing and precautionary measures. Meanwhile, the monitoring and performance evaluation of the system running condition are facilitated, and the safety and management efficiency of the access control system are improved.

Specifically, the door opening log record is an important component for monitoring, auditing and post-hoc traceability in the intelligent access control remote authorization system. The method records the related information of each authorized door opening operation in detail, helps security management personnel track and analyze the door access activity, and ensures the transparency and safety of the operation.

Specifically, the door opening log record typically includes key information such as operation time, operator information, visitor information, access point location, operation type, operation result, intercom record, environmental information, and the like.

And the operation time is recorded, namely the specific time of the authorized door opening operation, including the date and the time stamp, is accurate to seconds, and is convenient for tracking the time line of the event.

The operator information includes an authorized person ID, an authorized person name, an authorized person role, or a department. The authorized person ID records a unique identification of an authorized person performing a remote authorization operation. The name of the authorized person, the name of the person who performs the authorization. The role or department of the authorized personnel, the role or the department of the authorized personnel in the bank or the organization is helpful for knowing the rights distribution and the use condition.

The visitor information includes visitor ID or credential information, visitor name, visitor biometric. Visitor ID or credential information, the unique identification of the person attempting access or access credential information used by it is recorded. Visitor name, name of person attempting to enter. Visitor biometric, biometric information such as fingerprint, face image, etc. is recorded for authentication.

The door control point position is used for specifically recording the installation position of the door control equipment or the controlled entrance, such as a 'national treasury entrance 1', 'a bank hall west door', and the like, so that the door control equipment is convenient to position and manage.

The type of operation is to record whether the operation is to remotely authorize opening of the door access, or deny access, or other special commands such as emergency locking.

The operation result is recorded as to whether the door is successfully opened or not and any reasons for failure, such as invalid credentials, unmatched biological characteristics and the like.

And (3) intercom record, namely if an intercom function is used in the remote authorization process, recording the conversation content between the authorized personnel and the visitor, and facilitating audit and safety analysis.

And the environmental information is recorded, such as on-site video or audio clips, illumination conditions, external environmental states and the like, and additional verification basis and event background are provided.

In some embodiments, after the target object is authenticated according to the related information to obtain a plurality of authentication results, the method further comprises the steps of generating alarm information when at least one authentication result indicates that authentication is not passed, controlling alarm equipment of a bank to alarm according to the alarm information, and sending the alarm information to a remote terminal.

In the scheme, when the identity verification fails, the immediate alarm response can quickly cause the alertness of surrounding personnel, prevent potential illegal invasion and protect the safety of banking assets and personnel. Meanwhile, the remote notification mechanism ensures that even safety management personnel not on site can intervene in time, and the speed and efficiency of emergency response are improved.

In particular, in a multi-modal intelligent access control system, the authentication process may include multiple stages, such as credential information authentication, biometric identification (face, voice, fingerprint, etc.), authorized personnel auditing, and the like. If, at any one of the verification stages, the system determines that the identity verification of the target object fails, i.e., the verification result characterizes that the identity verification fails, the system immediately initiates a security emergency response.

When the system detects that at least one of the verification results is not passed, it generates an alarm message. The alarm information contains details about the failed verification, such as the type of failed verification (credential information mismatch, biometric identification error, etc.), basic information of the target object (if captured), a time stamp of the failed verification, the entrance guard position, etc. The design of the alarm information should ensure the integrity and clarity of the information so that the security manager can quickly understand the situation.

After the alarm information is generated, the system can automatically control alarm equipment in the bank to alarm. This may include activating an audible and visual alarm, triggering an alarm sound, sending an alarm signal to a monitoring center, etc. The speed of response of the alarm device and the choice of alert mode are critical and should ensure that attention from surrounding personnel and security management personnel can be quickly drawn without undue panic.

In addition to local alarms, the system also sends alarm information to a remote terminal, such as a security manager's cell phone, tablet computer, or a specialized security monitoring system. The instant notification of the remote terminal enables the security manager who is not on site to respond quickly, and the remote monitoring or the on-site processing is conducted according to the alarm information.

Always, a big attack point of the access control system is that an attacker uses fake face information or steals face information of other people to bypass face recognition of access control front-end equipment, namely a face passing technology, the scheme of the application not only has the face recognition function of the access control front-end equipment, but also carries out multi-mode face recognition on a server side according to different types of data sent by the front-end access control equipment, and improves the safety and recognition accuracy of the access control system; the method and the system ensure the effectiveness of the identity of the authorized personnel, carry out high-efficiency communication aiming at abnormal behaviors of the user in real time through linkage intercom of the video channel, record the operation log of remote authorized door opening operation and aim at dangerous door opening events, thereby being convenient for tracking and positioning afterwards.

The embodiment of the application also provides a device for remote authorization of the intelligent access control applied to the banking system, and the device for remote authorization of the intelligent access control applied to the banking system can be used for executing the method for remote authorization of the intelligent access control applied to the banking system. The device is used for realizing the above embodiments and preferred embodiments, and is not described in detail. As used below, the term "module" may be a combination of software and/or hardware that implements a predetermined function. While the means described in the following embodiments are preferably implemented in software, implementation in hardware, or a combination of software and hardware, is also possible and contemplated.

The device for remote authorization of intelligent access control, which is applied to a banking system and provided by the embodiment of the application, is introduced as follows.

Fig. 5 is a block diagram of a device for remote authorization of intelligent access to a banking system according to an embodiment of the present application. As shown in fig. 5, the apparatus includes:

A first obtaining unit 10, configured to obtain related information of a target object, where the target object is an object entering a bank through an access control system, the related information at least includes one or more of face information, sound information, fingerprint information, intercom information, and iris information, the intercom information is dialogue information between the target object obtained through intercom equipment and an authorized object, and the authorized object is an object for which the target object is granted right to enter the bank or is not granted right to enter the bank;

A verification unit 20, configured to perform identity verification on the target object according to the related information, so as to obtain a plurality of verification results;

The first control unit 30 is configured to control opening of the entrance guard of the bank when all the verification results indicate that verification is passed.

The verification unit comprises a first extraction module, a second extraction module, a conversion module, a fusion module and an identification module, wherein the first extraction module is used for extracting face features according to the face information, the face features at least comprise one or more of face contours, expressions and heat distribution, the second extraction module is used for extracting sound features according to the sound information, the sound features at least comprise one or more of tone, volume, tone and voiceprint, the conversion module is used for performing text conversion on the sound information to obtain text features, the fusion module is used for performing feature fusion on the face features, the sound features and the text features to obtain comprehensive features, the fusion mode comprises one or more of feature level fusion, decision level fusion, weighted average and depth learning fusion, and the identification module is used for performing identity identification according to the comprehensive features to obtain a first verification result.

In some embodiments, the identification module includes an acquisition sub-module, a first determination sub-module, a second determination sub-module, a third determination sub-module, and a fourth determination sub-module, where the acquisition sub-module is configured to acquire credential information, the credential information is information of an identification document of the target object, the first determination sub-module is configured to determine first identity information of the target object according to the credential information, the second determination sub-module is configured to determine second identity information of the target object according to the integrated feature, the third determination sub-module is configured to determine that the first verification result is that the identity verification passes if the first identity information and the second identity information are successfully matched, and the fourth determination sub-module is configured to determine that the first verification result is that the identity verification fails if the first identity information and the second identity information are failed.

The verification unit comprises a first acquisition module, a matching module, a first determination module and a second determination module, wherein the first acquisition module is used for acquiring a preset fingerprint library, the preset fingerprint library comprises a plurality of preset fingerprint information, the matching module is used for matching the fingerprint information with the preset fingerprint information, the first determination module is used for determining that identity verification passes under the condition that the fingerprint information is successfully matched with any one of the preset fingerprint information to obtain a second verification result, and the second determination module is used for determining that identity verification fails under the condition that the fingerprint information is failed to be matched with all of the preset fingerprint information to obtain the second verification result.

In some embodiments, the verification unit includes a second obtaining module, a third determining module and a fourth determining module, where the second obtaining module is configured to obtain, when the intercom information is obtained, remote verification information sent by the received remote terminal, where the remote verification information is determination information that whether to authorize the door to the target object sent by the remote terminal where the authorized object is located, the third determining module is configured to determine that the identity verification passes when the remote verification information characterizes that the door to the target object is authorized, and obtain a third verification result, and the fourth determining module is configured to determine that the identity verification fails when the remote verification information characterizes that the door to the target object is not authorized, and obtain the third verification result.

The device comprises a first acquisition unit, a second control unit and a first generation unit, wherein the first acquisition unit is used for acquiring a remote authentication result when a local authentication result represents authentication is passed in the process of controlling whether an entrance guard of a bank is opened or not, the remote authentication result is obtained by a remote server for face recognition, manual verification and talkback confirmation, the second control unit is used for controlling the entrance guard of the bank to be opened when the remote authentication result represents that the face recognition authentication is passed, the manual verification authentication is passed and the talkback confirmation authentication is passed, the first generation unit is used for generating an opening log, and the opening log is stored in a database, wherein the opening log at least comprises one or more of opening operation time, an entrance guard position of the bank and related information.

In some embodiments, the apparatus further includes a second generating unit, a third control unit, and a sending unit, where the second generating unit is configured to generate, after performing authentication on the target object according to the related information and obtaining a plurality of authentication results, alarm information if at least one of the authentication results characterizes that the authentication is not passed, the third control unit is configured to control an alarm device of a bank to alarm according to the alarm information, and the sending unit is configured to send the alarm information to a remote terminal.

The intelligent access control remote authorization device applied to the bank system comprises a processor and a memory, wherein the first acquisition unit, the verification unit, the first control unit and the like are stored in the memory as program units, and the processor executes the program units stored in the memory to realize corresponding functions. The modules are all located in the same processor, or the modules are respectively located in different processors in any combination.

The processor includes a kernel, and the kernel fetches the corresponding program unit from the memory. The kernel can be provided with one or more than one kernel, and the problem of insufficient safety due to manual monitoring in the bank safety protection scheme in the prior art is solved by adjusting kernel parameters.

The memory may include volatile memory, random Access Memory (RAM), and/or nonvolatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM), among other forms in computer readable media, the memory including at least one memory chip.

The embodiment of the invention provides a computer readable storage medium, which comprises a stored program, wherein the device where the computer readable storage medium is located is controlled to execute the method for intelligent gate inhibition remote authorization applied to a banking system when the program runs.

The embodiment of the invention provides a processor which is used for running a program, wherein the method for remotely authorizing intelligent access control applied to a banking system is executed when the program runs.

The embodiment of the invention provides equipment, which comprises a processor, a memory and a program stored in the memory and capable of running on the processor, wherein the method steps of intelligent access control remote authorization at least applied to a banking system are realized when the processor executes the program. The device herein may be a server, PC, PAD, cell phone, etc.

A computer program product comprising a non-volatile computer readable storage medium storing a computer program which, when executed by a processor, implements the steps of the method of intelligent access remote authorization for a banking system described above in various embodiments of the application.

The application also provides a system for intelligent access remote authorization applied to a banking system, which comprises one or more processors, a memory and one or more programs, wherein the one or more programs are stored in the memory and are configured to be executed by the one or more processors, and the one or more programs comprise a method for executing any one of the intelligent access remote authorization applied to the banking system.

It will be appreciated by those skilled in the art that the modules or steps of the invention described above may be implemented in a general purpose computing device, they may be concentrated on a single computing device, or distributed across a network of computing devices, they may be implemented in program code executable by computing devices, so that they may be stored in a storage device for execution by computing devices, and in some cases, the steps shown or described may be performed in a different order than that shown or described herein, or they may be separately fabricated into individual integrated circuit modules, or multiple modules or steps of them may be fabricated into a single integrated circuit module. Thus, the present invention is not limited to any specific combination of hardware and software.

It will be appreciated by those skilled in the art that embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.

The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

In one typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.

The memory may include volatile memory in a computer-readable medium, random Access Memory (RAM) and/or nonvolatile memory, etc., such as Read Only Memory (ROM) or flash RAM. Memory is an example of a computer-readable medium.

Computer readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of storage media for a computer include, but are not limited to, phase change memory (PRAM), static Random Access Memory (SRAM), dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), digital Versatile Disks (DVD) or other optical storage, magnetic cassettes, magnetic disk storage or other magnetic storage devices, or any other non-transmission medium which can be used to store information that can be accessed by a computing device. Computer-readable media, as defined herein, does not include transitory computer-readable media (transmission media), such as modulated data signals and carrier waves.

It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises an element.

From the above description, it can be seen that the above embodiments of the present application achieve the following technical effects:

1) The intelligent access control remote authorization method applied to the bank system can verify the identity of the target object through various identity verification modes, namely face recognition, voice recognition, fingerprint recognition and video intercom remote manual recognition, and only if all verification passes, the gate of the bank can be opened, so that the security of the access control of the bank is greatly improved.

2) The intelligent access control remote authorization device applied to the bank system can verify the identity of the target object in various identity verification modes, namely face recognition, voice recognition, fingerprint recognition and video intercom remote manual recognition, and only if all verification passes, the bank gate can be opened, so that the security of the bank access control is greatly improved.

The above description is only of the preferred embodiments of the present application and is not intended to limit the present application, but various modifications and variations can be made to the present application by those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present application should be included in the protection scope of the present application.

Claims

1. A method for intelligent access control remote authorization applied to a banking system, comprising the steps of:

Acquiring related information of a target object, wherein the target object is an object entering a bank through an access control system, the related information at least comprises one or more of face information, sound information, fingerprint information, intercom information and iris information, the intercom information is dialogue information between the target object and an authorized object acquired through intercom equipment, and the authorized object is an object which grants the right of entering the bank to the target object or does not grant the right of entering the bank to the target object;

carrying out identity verification on the target object according to the related information to obtain a plurality of verification results;

and controlling the entrance guard of the bank to be opened under the condition that all verification results represent verification pass.

2. The method according to claim 1, wherein authenticating the target object according to the related information results in a plurality of authentication results, comprising:

Extracting face features according to the face information, wherein the face features at least comprise one or more of face contours, expressions and heat distribution;

extracting sound characteristics according to the sound information, wherein the sound characteristics at least comprise one or more of tone, volume, tone color and voiceprint;

performing text conversion on the sound information to obtain text characteristics;

Carrying out feature fusion on the face features, the sound features and the text features to obtain comprehensive features, wherein the fusion mode comprises one or more of feature level fusion, decision level fusion, weighted average and deep learning fusion;

and carrying out identity recognition according to the comprehensive characteristics to obtain a first verification result.

3. The method of claim 2, wherein performing identity recognition based on the integrated feature to obtain a first verification result comprises:

Acquiring credential information, wherein the credential information is information of an identity document of the target object;

Determining first identity information of the target object according to the credential information;

determining second identity information of the target object according to the comprehensive characteristics;

Under the condition that the first identity information and the second identity information are successfully matched, determining that the first verification result is that the identity verification is passed;

And under the condition that the matching of the first identity information and the second identity information fails, determining that the first verification result is that the identity verification fails.

4. The method according to claim 1, wherein authenticating the target object according to the related information results in a plurality of authentication results, comprising:

acquiring a preset fingerprint library, wherein the preset fingerprint library comprises a plurality of pieces of preset fingerprint information;

matching the fingerprint information with a plurality of preset fingerprint information;

Under the condition that the fingerprint information is successfully matched with any one of the preset fingerprint information, determining that the identity verification passes, and obtaining a second verification result;

and under the condition that the fingerprint information fails to match all the preset fingerprint information, determining that the identity verification fails, and obtaining a second verification result.

5. The method according to claim 1, wherein authenticating the target object according to the related information results in a plurality of authentication results, comprising:

Under the condition that the intercom information is obtained, obtaining remote verification information sent by a received remote terminal, wherein the remote verification information is decision information, sent by the remote terminal where the authorized object is located, of whether to authorize the door opening of the target object or not;

Under the condition that the remote verification information characterizes that the door is authorized to be opened to the target object, the authentication is confirmed to pass, and a third verification result is obtained;

And under the condition that the remote verification information characterizes that the door is not authorized to be opened for the target object, determining that the identity verification fails, and obtaining a third verification result.

6. The method according to any one of claims 1 to 5, wherein in controlling whether the access control of the bank is open, the method further comprises:

under the condition that the local authentication result representation passes authentication, a remote authentication result is obtained, wherein the remote authentication result is obtained by face recognition, manual verification and intercom confirmation through a remote server;

Controlling the entrance guard of the bank to be opened under the conditions that the remote authentication result represents that the face recognition authentication passes, the manual verification authentication passes and the talkback confirmation authentication passes;

and generating a door opening log, and storing the door opening log in a database, wherein the door opening log at least comprises one or more of door opening operation time, a door control position of a bank and the related information.

7. The method according to any one of claims 1 to 5, wherein after authenticating the target object based on the related information, the method further comprises:

generating alarm information under the condition that at least one verification result represents that identity verification fails;

Controlling alarm equipment of a bank to alarm according to the alarm information;

and sending the alarm information to a remote terminal.

8. An intelligent access control remote authorization device applied to a banking system, which is characterized by comprising:

The first acquisition unit is used for acquiring related information of a target object, wherein the target object is an object entering a bank through an access control system, the related information at least comprises one or more of face information, sound information, fingerprint information, intercom information and iris information, the intercom information is dialogue information between the target object acquired through intercom equipment and an authorized object, and the authorized object is an object which grants the right of entering the bank to the target object or does not grant the right of entering the bank to the target object;

The verification unit is used for carrying out identity verification on the target object according to the related information to obtain a plurality of verification results;

the first control unit is used for controlling the entrance guard of the bank to be opened under the condition that all verification results represent verification pass.

9. A computer program product comprising a computer program, characterized in that the computer program when executed by a processor carries out the steps of the method for intelligent access control remote authorization for banking systems as claimed in any one of claims 1 to 7.

10. A system for intelligent access remote authorization for use in a banking system, comprising one or more processors, memory, and one or more programs, wherein the one or more programs are stored in the memory and configured to be executed by the one or more processors, the one or more programs comprising a method for performing the intelligent access remote authorization for use in a banking system of any one of claims 1 to 7.