JP2002351838A - Authentication system, method for identifying individuals therein, and recording medium - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide an authentication system which is easy in identification of users by displaying image information prepared for each user on a screen, and excellent in entertainingness and identity, and to provide a method for identification of individuals in the authentication method and a recording medium. SOLUTION: The authentication system 100 connected with a management server 1, a registration terminal 11 and a browsing terminal 21 via a network N stores image data prepared by the management server 1 for identifying users at the registration terminal 11 and the personal data of the user concerned in correlating between them. Then, the above image data are transmitted to the browsing terminal 21 in accordance with the displayed instruction on the screen by the user of the browsing terminal 21 and displayed.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to an authentication system including a communication terminal and a server for authenticating a user accessed from the communication terminal via a network, a personal identification method in the authentication system, and a recording medium. .

[0002]

2. Description of the Related Art In recent years, with the rapid spread of the Internet, the importance of personal authentication means using a communication network has increased. As a conventional personal authentication means, when logging in to a Web site that provides various online services such as an auction, a bulletin board, and a community, a method in which a user who wants to use the service inputs an ID and a password registered in advance. It is a target. Also, in order to identify a user, attribute information such as a nickname and a name displayed on a Web site screen is mainly character information.

[0003]

However, in a conventional authentication system which displays only inorganic character information having low relevance to the user as identification information of the registered user, it is important in operating a Web site. It lacked the intuitive, easy-to-understand, entertaining, and unique features that attracted customers. In addition, it was difficult to find a desired user from large-scale Web sites with many participants, based on character information. Such a problem has caused the user to lose motivation to participate in the Web site.

Further, in the conventional personal authentication means for inputting ID or password which is character information, if a third party steals the ID or password or forgets the ID or password, the user cannot log in to a desired Web site. There was also a problem. Also, for the operator of the Web site, there is a risk that a third party may borrow an ID or password from a registered user and impersonate the registered user to use a service.

[0005] In order to solve the above problems, an object of the present invention is to display an image information created for each user on a screen, so that the user can be easily identified, and an authentication system which is excellent in entertainment and originality is provided. An object of the present invention is to provide a personal identification method and a recording medium in an authentication system.

[0006]

SUMMARY OF THE INVENTION In order to solve the above problems, an invention according to claim 1 is an authentication system comprising a communication terminal and a server for authenticating a user accessed from the communication terminal via a network. In the system (for example, the authentication system 100 of FIG. 1), the communication terminal (for example, the registration terminal 11 of FIG. 1) is a personal information (for example, personal data of the user b) of the user (for example, the user b of FIG. 1). ) (For example, the input unit 1 in FIG. 4)
3) and personal information transmitting means (for example, the communication control unit 1 in FIG. 4) for transmitting the personal information of the user input by the input means to the server via the network.
6), and the server (for example, the management server 1 in FIG. 1) receives the personal information of the user transmitted by the personal information transmitting means via the network (for example, FIG. 2) and an image for creating image information (for example, face image data B in FIG. 1) for identifying a user corresponding to the personal information after the personal information is received by the receiving means. Information creating means, storage means for storing the personal information received by the receiving means and the image information created by the image information creating means in association with each other (for example, the storage section 7 in FIG. 2)
And a screen by the user (for example, a service site)
Image information transmitting means for transmitting the image information stored in the storage means to the communication terminal via the network in accordance with the display instruction of (e.g., the communication control unit 5 in FIG. 2)
And the communication terminal (for example, the browsing terminal 2 in FIG. 1).
1) receiving means (for example, a communication control unit 26) for receiving the image information transmitted by the image information transmitting means of the server via the network, and displaying the image information received by the receiving means on the screen (For example, the CPU 22) for displaying the image at a predetermined position on the search result screen 141 (for example, the search result screen 141 in FIG. 7).

According to a seventh aspect of the present invention, there is provided a personal identification method in an authentication system including a communication terminal and a server for authenticating a user accessed from the communication terminal via a network. An input step of inputting information; a personal information transmission step of transmitting the personal information of the user input in the input step to the server via the network; and a user information transmitted in the personal information transmission step. A receiving step of receiving personal information via the network, and after receiving the personal information received in the receiving step, generating image information for creating image information for identifying a user corresponding to the personal information Storing the personal information received in the receiving step and the image information created in the image information creating step in association with each other. Transmitting the image information stored in the storing step to the communication terminal via the network in accordance with a screen display instruction by the user, and transmitting the image information in the server in the image information transmitting step. Receiving the received image information via the network, and a display control step of displaying the image information received in the receiving step at a predetermined position on the screen. Features.

[0008] The invention according to claim 8 is a readable program storing a program for controlling an authentication system comprising a communication terminal and a server for authenticating a user accessed from the communication terminal via a network. A recording medium, a program code for inputting the personal information of the user, and the input personal information of the user,
A program code to be transmitted to the server via the network, and the transmitted personal information of the user,
A program code for receiving via the network, a program code for creating image information for identifying a user corresponding to the personal information after the personal information is received, the received personal information, A program code for storing the image information in association with the image information, a program code for transmitting the stored image information to the communication terminal via the network in accordance with a screen display instruction by the user, and a transmitted image A program code for receiving information via the network;
A control program including a program code for displaying the received image information at a predetermined position on the screen is recorded.

Here, the image information creating means may be, for example, a server operated by an ECA operator which automatically creates image information and assigns the image information to each user. It may be created by referring to an appropriate part or the like and manually by the ECA operator. As a result, duplicate registration of similar image information by a plurality of users can be avoided, and user identification on the screen is facilitated.

According to the invention described in any one of the first, seventh and eighth aspects, the user of the authentication system can disclose image information for identifying himself / herself on a display screen that can be browsed by another user. . For this reason, other users, based on image information that is more intuitive than conventional character information,
A desired user can be easily identified from a plurality of users. In addition, by releasing image information that is more entertaining and unique than textual information to a large number of users, the willingness to participate and the ability to attract customers can be improved.

According to a second aspect of the present invention, in the first aspect, for example, the server collates the personal information input by the input means with the personal information stored in the storage means. An authentication unit (for example, the CPU 2 in FIG. 2) for authenticating the login of the user to the network may be further provided.

According to the invention described in claim 2, in addition to the effect of the invention described in claim 1, by restricting login to the network based on the input personal information, for example, it is provided on the network. The reliability of the authentication system can be improved by, for example, selecting users who participate in a membership-based Web site such as an online auction.

According to a third aspect of the present invention, in the first aspect of the present invention, for example, the communication terminal captures a user of the communication terminal to obtain imaging information (for example, imaging data). , The digital camera 1 of FIG.
5), wherein the server further comprises an authentication unit (for example, CPU2 in FIG. 1) for authenticating a login to the network by a user corresponding to the imaging information obtained by the imaging unit. May be.

According to the third aspect of the present invention, in addition to the effect of the first aspect of the present invention, by restricting login to the network based on the acquired imaging information, personal information such as plagiarism or lending / borrowing can be obtained. It is possible to provide an authentication system having both high reliability and recreational quality by preventing unauthorized use of the password. In addition, even when a registered user forgets personal information such as an ID and a password, there is also a convenience that the user can log in using the acquired imaging information.

According to a fourth aspect of the present invention, in the first aspect of the invention, for example, the communication terminal comprises:
An instruction selection unit (for example, the input unit 23) for instructing and selecting image information displayed on a screen by the display control unit;
The transmitting means of the server further reads personal information corresponding to the image information instructed and selected by the instruction selecting means from the storage means, transmits the personal information to the communication terminal via the network, The receiving means is
The personal information transmitted by the transmission means of the server,
Received via the network, the display control means is configured to display the personal information received by the receiving means together with the corresponding image information on a screen (for example, a personal information inquiry screen 142 in FIG. 8). You may.

According to the invention described in claim 4, claims 1 to
In addition to the effects of the invention described in 3, the user can easily refer to the personal information of another user corresponding to the image information browsed on the screen (service site). As a result, it becomes possible to identify a user who has both intuitive ease of understanding, entertainment, and originality, which are the features of image information, and practicality and certainty, which are the features of character information.

According to a fifth aspect of the present invention, in the fourth aspect of the present invention, for example, the storage means of the server stores the personal information of the user of the communication terminal in attribute information such as name, address, and date of birth. For example, the information is classified into the attribute data of the user b) and the identification information of the screen (for example, a general site) (for example,
The transmission means extracts at least one piece of attribute information corresponding to the identification information of the screen from among various kinds of attribute information stored in the storage means, and stores the attribute information. The attribute information transmitted by the transmission means of the server is received via the network, and the display control means receives the attribute information by the reception means. The configured attribute information may be displayed on a screen (for example, the personal information inquiry screen 142 in FIG. 8).

According to the invention described in claim 5, in addition to the effect of the invention described in claim 4, in addition to the effect of the identification information of the screen (general site) displayed on the communication terminal, the personal information of the user is displayed. Attribute information to be disclosed can be appropriately selected from among them, and the privacy of the registered user can be protected according to the setting of the site operator.

According to a sixth aspect of the present invention, in the invention according to any one of the first to third aspects, for example, the image information creating means of the server, after the personal information is received by the receiving means, Creating face image information (for example, face image data B in FIG. 1) for identifying a user corresponding to the information, wherein the storing means stores the personal information received by the receiving means and the personal information received by the image information creating means; The created face image information is stored in association with the image information transmitting means, and the image information transmitting means, in accordance with a screen display instruction by the user,
The face image information stored in the storage unit is transmitted to the communication terminal via the network, and the reception unit of the communication terminal transmits the face image information transmitted by the image information transmission unit of the server to the network. And the display control means may display the face image information received by the receiving means at a predetermined position on the screen.

According to the invention of claim 6, claims 1 to
In addition to the effects of the invention described in 3, the user of the authentication system can disclose desired face image information registered by the user on a screen that can be browsed by another user. For this reason, other users can easily identify a desired user based on the face image even from the screen of a large-scale service site with many participants, which is difficult to identify from character information. Further, by opening a face image that can identify a user to an unspecified number of viewers, an effect of suppressing slander to others can be expected.

[0021]

Embodiments of the present invention will be described below in detail with reference to the drawings. 1 to 8 are diagrams showing an embodiment of an authentication system to which the present invention is applied.

First, the configuration will be described. FIG. 1 is a diagram schematically illustrating an overall configuration of an authentication system 100 according to the present embodiment, and conceptually illustrating transmission and reception of various types of information in the authentication system 100. As shown in FIG.
In the authentication system 100, the management server 1 and the registration terminal 11 are connected to each other, and the management server 1 and the plurality of viewing terminals 21,
31 and 41 are connected to each other via a network N.

The network N is generally a dedicated line or the Internet to which various line forms such as a public line such as ISDN (Integrated Services Digital Network) or wireless communication can be applied, but from the viewpoint of reliability of information management. It is preferable that the network has security. The management server 1 and the registration terminal 11
Means that various kinds of information can be transmitted and received via satellite communication such as CS (Communication Satellite).

Next, each device constituting the authentication system 100 will be described in detail. The management server 1, for example,
ECA (Entertainment Certificate Authorit), an identity assurance agency that centrally manages the personal information of many users
y) operated by the operator. In the following description, the former is referred to as a "service site" and the latter is referred to as a "general site" in order to clarify the distinction between a website provided by this ECA operator and a website provided by another operating company. And

FIG. 2 is a block diagram showing a schematic internal configuration of the management server 1 shown in FIG. 2, the management server 1 includes a CPU 2, an input unit 3, a display unit 4, a communication control unit 5, a RAM 6, and a storage unit 7, and each unit is connected by a bus 8.

CPU (Central Processing Unit) 2
Stores, in a work area in the RAM 6, an application program designated from among various application programs corresponding to the management server 1 stored in the storage unit 7, and various instructions or data input from the input unit 3. Various processes are executed in accordance with the application program stored in the RAM 6 in accordance with the input instruction or data, and the processing results are stored in a work area in the RAM 6 and displayed on the display unit 4. Then, the processing result stored in the work area is stored in a storage destination in the storage unit 7 designated by the input unit 3.

The input unit 3 includes a keyboard having cursor keys, numeric input keys, various function keys, and the like, and a mouse as a pointing device. The input unit 3 outputs to the CPU 2 a pressing signal of a key pressed by the keyboard. An operation signal from the mouse is output to the CPU 2. Display unit 4
Is composed of a CRT (Cathode Ray Tube), a liquid crystal display unit, etc., and performs screen display based on display data input from the CPU 2.

The communication control unit 5 has a modem (MODEM: MO
dulator / DEModulator), terminal adapter (TA:
Terminal Adapter) or a router for communicating with the registration terminal 11 and a plurality of browsing terminals 21, 31, 41 connected to a network N composed of a telephone line, an ISDN line, a dedicated line or the like. Perform control. Further, by providing a satellite antenna and a decoder, it is possible to perform satellite communication with the CS. A RAM (Random Access Memory) 6 forms a work area for storing designated programs, input instructions, input data, processing results, and the like.

The storage section 7 stores a server application program corresponding to the management server 1, a user registration processing program, an authentication / image display processing program, data processed by these programs, data of a service site, and the like. I do.

The storage unit 7 stores a personal information management DB (Da
ta Base) 71. As shown in FIG. 3A, the personal information management DB 71 has a user ID storage area 71 therein.
a, name storage area 71b, nickname storage area 71
c, birth date storage area 71d, address (approximate) storage area 7
1e, an address (details) storage area 71f, a native junior high school name storage area 71g, a password storage area 71h, and a feature amount storage area 71i. The personal data transmitted from the registration terminal 11 is stored in the user's , "Nickname", "date of birth", "address (summary)", "address (details)", "hometown junior high school", "password" and so on. It is configured.

For example, in FIG. 3A, in the personal information management DB 71, “Ichiro Tanaka”, “Ichiro”, and “January 1967” are stored as personal data relating to the user whose “user ID” is “001”. January "," Tokyo ward ",
“XX1-1-1-301”, “XX Junior High School”, “hfd6as
Attribute data such as "u4" is stored in an updatable manner. Note that the present invention is not limited to the example shown in FIG. 3A, and classification items such as "sex", "hobby", and "occupation" are added. Then, the attribute data may be classified and recorded in more detail.

The feature storage area 71i contains a CPU.
2 is stored. Here, the feature amounts are the entire face, hairstyle, eyebrows, and eyebrows of the user to be authenticated when logging in to the service site.
The data is a combination of two-dimensional information “x” such as contour shapes of eyes, nose, and lips, and three-dimensional information “y” such as unevenness on the face surface. In the feature amount storage area 71i, for example, “user I
Numerical data of “x: 130, y: 345” is stored as “feature amount” corresponding to the user whose “D” is “001”.

The storage unit 7 stores an image information management DB 72
Is provided. FIG. 3B is a diagram illustrating an example of data storage in the image information management DB 72. As shown in FIG. 3B, the image information management DB 72 has a user ID storage area 72 therein.
a, which has an image data storage area 72b, and is configured to store image data capable of identifying a corresponding user for each user ID.

For example, in FIG. 3B, the image information management DB 72 stores image data A for a user whose “user ID” is “001”. When image data has not been issued, as in the case of the user whose “user ID” is “003”, no data is stored in the image data storage area 72b.

The storage unit 7 stores a registration information management DB 73
Is provided. As shown in FIG. 3 (c), the registration information management DB 73 stores URLs (hereinafter referred to as “site URLs (Un
iform Resource Locators) ". ), And a registration item storage area 73b for storing item number data of attribute data registered in the site corresponding to the site URL.

In FIG. 3C, the registration information management DB 7
In item 3, for example, numerical data of “1, 3, 4, 5” can be updated as item numbers corresponding to attribute data that can be browsed on a general site screen related to “www.abc.co.jp” Is stored in The category is not limited to the example shown in FIG. 3C, and the category to be displayed can be arbitrarily determined, such as storing the item number data to be displayed by user ID or storing the site number by site operating company. It is. The management server 1 centralizes data in the authentication system 100 by collectively managing the data stored in these DBs.

The recording medium 7a is fixedly provided in the storage section 7 or is detachably mounted. The recording medium 7a has a system program corresponding to the management server 1 and various processing corresponding thereto. It is possible to store programs and data, files, and the like processed by these programs. Each of these processing programs is stored in the form of a readable program code, and the CPU 2 sequentially executes operations according to the program code.

The registration terminal 11 is, for example, a communication terminal such as a digital content terminal suitable as a fixture installed in a convenience store or a record store. The registration terminal 11 is connected to the management server 1 shown in FIG. 1, and between the registration terminal 11 and the management server 1, for example, a two-way type between a set top box and a portable terminal at home. A multimedia network for communication or a network for broadcasting such as FM as well as communication may be used, or a POS system (Point Of Sales System:
A terminal of a point-of-sale authentication system) may be used.

FIG. 4 is a block diagram showing a schematic internal configuration of registration terminal 11 shown in FIG. In FIG.
The registration terminal 11 includes a CPU 12, an input unit 13, and a display unit 1.
4, digital camera 15, communication control unit 16, ROM1
7 and a RAM 18, and each unit is connected by a bus 19.

The CPU 12 stores, in a work area in the RAM 18, a program designated from the programs corresponding to the registration terminal 11 stored in the ROM 17, various instructions or data input from the input unit 13,
Various processes are executed in accordance with the program stored in the RAM 18 in accordance with the input instruction or the input data, and the processing results are stored in a work area in the RAM 18 and displayed on the display unit 14.

The input unit 13 includes a keyboard having cursor keys, numeric input keys (numeric keys), various function keys, and the like, and a mouse as a pointing device, and outputs to the CPU 12 a press signal of a key pressed by the keyboard. At the same time, a mouse operation signal is output to the CPU 12. For example, in the user registration process described later, the input unit 13 inputs various attribute data such as a name, a nickname, a date of birth, an address, a home junior high school, and a password of the user of the registration terminal 11 as personal data. In an authentication process described later, attribute data such as a nickname and a password necessary for logging in to the network N are input from the various attribute data.

The display section 14 is constituted by a CRT or a color liquid crystal display section. The display screen section is integrally formed with a touch panel, and is based on display data (operation contents and image data) inputted from the CPU 12. Perform screen display.

The digital camera 15 is a CCD (Charge C)
Oupled Device), and a photographic lens of an optical system composed of the image pickup device and a predetermined lens group is exposed to an image pickup unit (not shown). Set the imaging area. Then, the image is focused on the user facing the digital camera 15 and the captured image data is output to the CPU 12.

The communication control section 16 has a communication control function for transmitting and receiving image data and attribute data to and from the management server 1 via a communication line at the time of user registration processing and authentication / image display processing to be described later.

The ROM (Read Only Memory) 17 has a CP
U12 stores a system program and the like for controlling each unit in the registration terminal 11. The RAM 18 forms a work area for storing designated programs, input instructions, input data, processing results, and the like.

Although the schematic internal configuration of the registration terminal 11 has been described above, the essential components of the browsing terminal 21 are the same as those of the registration terminal 11 described above. Illustration and explanation of the configuration are omitted. That is, in the following description, the viewing terminal 21 is a CPU
22, an input unit 23, a display unit 24, a digital camera 25,
It is assumed that the communication control unit 26, the ROM 27, the RAM 28, and the bus 29 are configured.

The browsing terminals 31 and 41 are the browsing terminals 2
Not only a mobile phone and a personal computer as shown in FIG. 1 but also an electronic organizer, a portable game machine, etc. as long as the mobile phone and the personal computer have both a communication function and an image display function. PDA (Personal Digital Assistanc)
e). For convenience of explanation, the registration terminal 1
1 and the browsing terminal 21 are configured separately, but they may be the same terminal.

Next, the operation of this embodiment will be described. First, a series of processes executed in the authentication system 100 will be described with reference to the drawings. FIG.
As a premise of an authentication / image display process to be described later, the present invention relates to a user registration process executed and controlled between the management server 1 and the registration terminal 11 in order to pre-register the feature amount of the imaging data and personal data in the management server 1 9 is a flowchart illustrating an example of an operation.

First, in step S1, the registration terminal 11
Acquires the image data of the user b by photographing the face image of the user corresponding to the user ID “002” (hereinafter, referred to as “user b”) with the digital camera 15. Note that a configuration may be adopted in which a scanner is provided in the registration terminal 11 as a means for acquiring the imaging data, and reading is performed from a photograph or document inserted by the user. This makes it possible to provide an easy and reliable operation environment even for children and elderly people who are not good at operating the digital camera 15.

In the next step S2, the CPU 12 causes the display unit 14 to display the image data acquired in step S1. After the image data is displayed, when the image data to be transmitted to the management server 1 is determined by the transmission instruction operation of the user b (step S3), the CPU 12 causes the communication control unit 16 to transmit the determined image data to the management server 1 (step S3). Step S4).

When the transmitted image data is received by the communication control unit 5 of the management server 1, the CPU 2 calculates the characteristic amount of the image data (step S5). That is, the CPU 2 determines the entire face, hairstyle, eyebrows, eyes,
By combining the two-dimensional information “x” such as the contour shapes of the nose and lips and the three-dimensional information “y” such as the unevenness of the face surface, unique data for authenticating the user b is obtained. This data is numerical data such as "x: 091, y: 225".

Next, the CPU 2 adds “002” as the user ID to the feature amount calculated in step S5, and sets the user ID in the personal information management DB 71 (see FIG. 3A).
It is stored in the feature amount storage area 71i corresponding to "002" (step S6).

In the next step S7, when the personal data to be registered in the management server 1 is inputted by the input operation of the user b (step S7), the CPU 12 sends the inputted personal data from the communication control unit 16 to the management server 1. (Step S8). This personal data includes, for example, name,
The attribute data is composed of attribute data such as a nickname and a password. After all of the attribute data is input, the attribute data is collectively transmitted to the management server 1 as personal data.

When the personal data is received by the communication control unit 5 of the management server 1, the CPU 2 stores the personal data in the user ID “002” added in step S6.
Are stored in the storage areas 71b to 71h of the various attribute data corresponding to (step S9).

When the personal data is registered, the management server 1
Creates the face image data B of the user b and stores it in the image data storage area 72b corresponding to the user ID "002" in the image information management DB 72 (step S10). At this time, the management server 1 may automatically create (issue) image data, or may manually create image data by referring to the imaging data received in step S5 and the personal data stored in step S9. Is also good. The process of creating image data by manual operation includes not only the process of correcting or correcting the contours and colors of the imaged data, but also the process of animating the imaged data, synthesizing the imaged data with another image data, and the like.

In step S10, an example has been described in which the ECA operator creates arbitrary image data for each user. However, the image data created by the user himself is stored in the management server 1.
May be transmitted to the user, or desired image data may be selected from a plurality of existing image data. However, in this case, it is necessary to prepare a plurality of image data in the storage unit 7 in advance.

FIG. 6 is a flowchart showing an example of an operation related to an authentication / image display process executed and controlled between the management server 1 and the browsing terminal 21 after the end of the above-described user registration process. First, an authentication process executed to authenticate the login to the service site that the user b desires to view will be described. In step S11, the browsing terminal 21 transmits, for example, the face image of the user b to the digital camera 1
The photographing data is acquired by photographing in step S5. next,
The CPU 12 transmits the acquired imaging data from the communication control unit 16 to the management server 1 via the network N (Step S12).

The image data is transmitted to the communication control unit 5 of the management server 1.
When received by the CPU 2, the CPU 2 calculates the feature amount of the received imaging data, and checks the feature amount stored in the feature amount storage area 71i of the personal information management DB 71 (step S13). That is, the CPU 2 compares the feature amount of the received imaging data with the existing feature amount, and searches for a user with the smallest difference between the feature amounts. In addition, depending on the type of imaging data and the device configuration of the viewing terminal 21, in addition to the face image, biometric information unique to the user such as a fingerprint, a retinal blood vessel pattern, and a palm print can be read and collated.

In the next step S14, the CPU 2 determines whether or not there is a feature that matches the feature of the received image data. The criterion for matching / mismatching depends on the collation method, but it is not necessary that the two-dimensional information “x” and the three-dimensional information “y” numerical values completely match. When it is determined that there is a feature amount that matches the feature amount corresponding to the user b in the feature amount storage area 71i (step S14; Ye)
In s), the management server 1 permits the login to the service site designated by the user b (step S1).
5).

Next, an image display process executed to display face image data on a logged-in service site screen will be described with reference to screen display examples of FIGS. First, in step S16, the CPU 2 acquires all user IDs included in the service site.
For example, when the designated service site is the auction site in FIG. 7, the user IDs of the sellers included in the service site are “001”, “002”,
“003” and “004” are acquired.

Next, the CPU 2 reads out image data (for example, face image data A, B, C) corresponding to the user ID obtained in step S16 from the image data storage area 72b of the image information management DB 72 (step S16). S1
7), place it at the seller display position on the service site screen. Next, the CPU 2 causes the browsing terminal 21 to transmit the data of the service site where the face image data is arranged via the network N. Then, the CPU 22 of the browsing terminal 21 receiving the data causes the display unit 24 to display a service site screen including the face image data (step S1).
8).

FIG. 7 is a diagram showing a screen display example of a service site including face image data A, B, and C when "Christmas" is specified as a search keyword. FIG.
As shown in, the search result screen 141 lists auction-related information such as the photograph, title, current price, number of bids, remaining time, etc. of the exhibited product in addition to the face image data of the seller who registered the personal data. Is displayed. In such an online auction CtoC transaction, the credibility of the seller and the sense of security of the buyer are important factors for attracting customers.
A user who has registered personal data with the ECA operator can increase the reliability by being able to refer to the personal data by other users, and can take a position superior to a user who is not displayed in terms of transaction. Such a transactional advantage also contributes to personal data registration and image data creation by new users.

The face image data A, B, C functions as a personal information inquiry button 141a. That is, in step S19, the CPU 22 waits for a selection operation of the personal information inquiry button 141a displayed as a face image for identifying an exhibitor. For example, when the user of the browsing terminal 21 selects the face image data B from the input unit 23 (Step S19; Yes), the CPU 2 sets the registration item corresponding to the URL of the service site displayed on the display unit 24. The item number is read from the registration item storage area 73b of the registration information management DB 73 (Step S20). And
The CPU 2 reads the personal data corresponding to the item number and the face image data selected in step S19 from the personal information management DB 71, and causes the display unit 24 to display the data together with the face image data (step S21).

FIG. 8 is a view showing an example of a screen display when the face image of the user b is selected. As shown in FIG. 8, the “personal information registration status list” on the personal information inquiry screen 142 includes registration items “name”, “nickname”, “birth date”,
The personal data of the user b including various attribute data of “address (summary)” and “hometown junior high school” is displayed. At this time, for example, attribute data of the ECA guarantee is displayed in red and non-guaranteed data is displayed in black.
It may be configured such that the presence or absence of the identity assurance by the CA operator can be identified at a glance.

Also, “registration status to general site” includes
A list of registered items of the user b registered in the operating company of the search Web site usually used as a portal site is displayed. For example, the site URL “www.abc.co.j
When the detailed information button 142a corresponding to "p" is selected, the registered items "1. name", "3. date of birth",
Attribute data corresponding to “4. Address (summary)” and “5. Address (details)” are displayed. Further, an additional registration button 14
By selecting the 2b and the registration deletion button 142c, these attribute data can be added or deleted.

As described above, according to the authentication system 100 to which the present invention is applied, image data (hereinafter, referred to as “signature image”) created by an ECA operator is used.
By displaying it as user identification information on the service site screen viewed by the viewing terminal 21, the viewer of the service site can identify each user at a glance, thereby increasing convenience and entertainment. In addition, by using a unique signature image that belongs only to the registered user, the uniqueness can be enhanced and the user's willingness to participate in the service site can be improved.

Further, when logging in to the service site from the browsing terminal 21, by collating the feature amount stored in advance with the feature amount of the imaging data of the viewer, the login to the network by the non-registered user can be restricted. Therefore, it is possible to prevent the unauthorized use of the service by a third party who has stolen or borrowed or borrowed personal data, thereby improving the reliability of the present system. In addition, if biometric information such as a face and a fingerprint is used, the user can log in even if the user forgets the ID or password.

By constructing the authentication system 100 as described above, the ECA operator who operates the management server 1 can use a large number of customers acquired by taking advantage of the convenience, amusement, and uniqueness of the signature image. Business development is also possible, such as continuously collecting site usage fees from a general site operator using the guarantee, and charging a signature image registration fee and an advertising fee. Further, at any site on the network, the registered user is represented by the same and specific signature image, so that an unspecified number of user information crossing the network can be managed in an integrated manner.

A general site operating company affiliated with an ECA operator displays, on a service site screen, excellent customers whose identities have been assured by utilizing user information integratedly managed by the ECA operator. Company site U
There is an advantage that many can be obtained via RL.

The description in the present embodiment is as follows.
This is a preferred example of the authentication system according to the present invention, and the present invention is not limited to this. For example, in the above-described embodiment, the user authentication is performed by comparing the feature amount of the user registered in advance with the feature amount of the imaging data captured at the time of login. Any device having a function of displaying identifiable image data may be used. That is, the user of the registration terminal 11 performs user authentication by inputting at least one attribute data of personal data including a user ID, a password, or a name, an address, and the like, and transmitting the attribute data to the management server 1. Alternatively, the configuration may be such that the user authentication itself is not performed. This allows more users to use the service site with a simple operation.

As described above, the image data to be created is not limited to face image data, and can be freely selected according to the user's preference, such as character data and caricature. Further, the image data may be a flat image, a three-dimensional image, a still image, or a moving image. Further, communication between users can be further improved by creating character data and voice data such as self-introductions and comments in combination with image data.

Further, in the above-described embodiment, a Web site screen has been described as an example of a screen on which image data is displayed. However, the present invention is not limited to this, and a screen of an online bulletin board formed on the network N and various communication terminals May be displayed. In addition, the detailed configuration and detailed operation of each device can be appropriately changed without departing from the spirit of the present invention.

[0073]

According to the present invention, the user of the authentication system displays image information for identifying himself / herself on a display screen that can be viewed by another user. Can be disclosed. Therefore, other users can easily identify a desired user from a plurality of users based on image information that is more intuitive than conventional character information. In addition, by releasing image information that is more entertaining and unique than textual information to a large number of users, the willingness to participate and the ability to attract customers can be improved.

According to the second aspect of the present invention, in addition to the effect of the first aspect of the present invention, by restricting the login to the network based on the input personal information, for example, it is provided on the network. The reliability of the authentication system can be improved by, for example, selecting users who participate in a membership-based Web site such as an online auction.

According to the third aspect of the present invention, in addition to the effects of the first aspect of the present invention, by restricting login to the network based on the acquired imaging information, personal information such as plagiarism or lending and borrowing can be obtained. It is possible to provide an authentication system having both high reliability and recreational quality by preventing unauthorized use of the password. In addition, even when a registered user forgets personal information such as an ID and a password, there is also a convenience that the user can log in using the acquired imaging information.

According to the invention described in claim 4, claims 1 to 1 are provided.
In addition to the effects of the invention described in any one of 3 above, the user can easily refer to personal information of another user corresponding to the image information browsed on the screen (service site) screen. As a result, it becomes possible to identify a user who has both intuitive ease of understanding, entertainment, and originality, which are the features of image information, and practicality and certainty, which are the features of character information.

According to the invention described in claim 5, in addition to the effect of the invention described in claim 4, in addition to the effect of the identification information of the screen (general site) displayed on the communication terminal, the personal information of the user is displayed. Attribute information to be disclosed can be appropriately selected from among them, and the privacy of the registered user can be protected according to the setting of the Web site operator.

According to the invention as set forth in claim 6, claims 1 to
In addition to the effects of the invention described in any one of 3 above, a user of the authentication system can disclose desired face image information registered by the user on a screen that can be browsed by another user. For this reason, other users, even on the screen of a large service site with many participants, which is difficult to identify from text information,
A desired user can be easily identified based on the face image. Further, by opening a face image that can identify a user to an unspecified number of viewers, an effect of suppressing slander to others can be expected.

[Brief description of the drawings]

FIG. 1 is a diagram illustrating an overall configuration of an authentication system according to an embodiment of the present invention.

FIG. 2 is a block diagram illustrating a schematic internal configuration of the management server of FIG. 1;

3A and 3B are diagrams illustrating an example of data storage of various databases in a storage unit, where FIG. 3A illustrates an image information management DB;
(B) is a figure which shows a personal information management DB, (c) is a figure which shows a registration information management DB.

FIG. 4 is a block diagram showing a schematic internal configuration of the registration terminal of FIG. 1;

FIG. 5 is a diagram showing a flowchart of a user registration process executed by a CPU in the authentication system.

FIG. 6 is a diagram showing a flowchart of an authentication / image display process executed by a CPU in the authentication system.

7 is a diagram showing an example of an image data display screen displayed on a display unit in the image display processing of FIG.

8 is a diagram showing an example of a personal data display screen displayed on the display unit in the image display processing of FIG.

[Explanation of symbols]

 Reference Signs List 1 management server 2 CPU 3 input unit 4 display unit 5 communication control unit 6 RAM 7 storage unit 71 personal information management DB 72 image information management DB 73 registration information management DB 7a recording medium 8 bus 11 registration terminal 12, 22, CPU 13, 23 Input unit 14, 24 Display unit 141 Search result screen 142 Personal information inquiry screen 15, 25 Digital camera 16, 26 Communication control unit 17, 27 ROM 18, 28 RAM 19, 29 Bus 21, 31, 41 Browsing terminal 100 Authentication system N network

Claims (8)

[Claims] 1. An authentication system comprising a communication terminal and a server for authenticating a user accessed from the communication terminal via a network, wherein the communication terminal comprises: an input unit for inputting personal information of the user; Personal information transmitting means for transmitting the personal information of the user input by the input means to the server via the network, wherein the server transmits the personal information of the user transmitted by the personal information transmitting means. Receiving means for receiving personal information via the network; after receiving the personal information by the receiving means, image information creating means for creating image information for identifying a user corresponding to the personal information; Correspondence between the personal information received by the receiving means and the image information created by the image information creating means Storage means for attaching and storing the image information, and image information transmission means for transmitting the image information stored in the storage means to the communication terminal via the network, in accordance with a screen display instruction by the user, A receiving unit that receives the image information transmitted by the image information transmitting unit of the server via the network; and displays the image information received by the receiving unit at a predetermined position on the screen. An authentication system, comprising: display control means. 2. The server according to claim 1, further comprising: authentication means for comparing personal information input by said input means with personal information stored in said storage means to authenticate said user to log in to said network. The authentication system according to claim 1, further comprising: 3. The communication terminal further comprises: a photographing means for photographing a user of the communication terminal to acquire imaging information, wherein the server comprises: a user corresponding to the imaging information acquired by the imaging means. 2. The authentication system according to claim 1, further comprising an authentication unit that authenticates a login to the network. 4. The communication terminal further comprises: instruction selection means for instructing and selecting image information displayed on a screen by the display control means, wherein the transmission means of the server is instructed and selected by the instruction selection means. The personal information corresponding to the received image information is read from the storage unit and transmitted to the communication terminal via the network. The reception unit of the communication terminal reads the personal information transmitted by the transmission unit of the server into the network. The authentication system according to any one of claims 1 to 3, wherein the display control unit displays the personal information received by the receiving unit together with corresponding image information on a screen. . 5. The storage means of the server classifies the personal information of the user of the communication terminal into attribute information such as name, address, date of birth, etc., and stores the information in association with screen identification information. Transmitting means for extracting at least one piece of attribute information corresponding to the identification information of the screen from various kinds of attribute information stored in the storage means, and transmitting the attribute information to the communication terminal via the network; Receiving means for receiving the attribute information transmitted by the transmitting means of the server via the network, and displaying the attribute information received by the receiving means on a screen. Claim 4
Authentication system described. 6. The image information creating means of the server, after the personal information is received by the receiving means, creates face image information for identifying a user corresponding to the personal information; The personal information received by the receiving unit and the face image information created by the image information creating unit are stored in association with each other, and the image information sending unit is configured to: The face image information stored in the storage unit is transmitted to the communication terminal via the network, and the reception unit of the communication terminal transmits the face image information transmitted by the image information transmission unit of the server to the network. The display control means displays the face image information received by the receiving means at a predetermined position on the screen. The authentication system according to any one of claims 1 to 3. 7. An individual identification method in an authentication system comprising a communication terminal and a server for authenticating a user accessed from the communication terminal via a network, wherein an input step of inputting personal information of the user is provided. And transmitting the personal information of the user input in the input step to the server via the network; and transmitting the personal information of the user transmitted in the personal information transmitting step to the network. Receiving the personal information received in the receiving step,
An image information creating step of creating image information for identifying a user corresponding to the personal information, and the personal information received in the receiving step is associated with the image information created in the image information creating step. A storing step of storing; an image information transmitting step of transmitting the image information stored in the storing step to the communication terminal via the network in accordance with a screen display instruction by the user; and an image information of the server. A receiving step of receiving the image information transmitted in the transmitting step via the network, and a display controlling step of displaying the image information received in the receiving step at a predetermined position on the screen. Personal identification method in the authentication system. 8. A readable recording medium recording a program for controlling an authentication system comprising a communication terminal and a server for authenticating a user accessed from the communication terminal via a network, comprising: A program code for inputting the personal information of the user, a program code for transmitting the input personal information of the user to the server via the network, and the transmitted personal information of the user via the network. A program code for creating image information for identifying a user corresponding to the personal information after the personal information has been received, a received personal information, and the created image information. With the program code to be stored in association with the display instruction of the screen by the user, A program code for transmitting the stored image information to the communication terminal via the network; a program code for receiving the transmitted image information via the network; and displaying the received image information on the screen. A recording medium characterized by recording a control program including: a program code to be displayed at a predetermined position;