JP2006133930A - Authentication processor, authentication processing method, and computer program - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a device and method for executing strict user authentication by using face image data. <P>SOLUTION: The various face image data of a registered user are registered, and a sequence is set by selecting a plurality of patterns at random from registered image data, and it is confirmed that the set sequence is not duplicated with the past execution sequence, and the user is made to execute an operation following the sequence, for example, the change of the expression of the face so that an image can be acquired, and collated with a registered pattern. Thus, the sequence which is different for each authentication processing is set differently from an operation following a fixed sequence so that user authentication can be executed. Consequently, processing to try to illegally establish authentication by using the image data of the user illegally photographed by a sneak shot is disabled, so that more strict user authentication can be realized. <P>COPYRIGHT: (C)2006,JPO&NCIPI

Description

  The present invention relates to an authentication processing device, an authentication processing method, and a computer program. More specifically, the present invention relates to an authentication processing apparatus, an authentication processing method, and a computer program that acquire user face image data and execute user authentication processing based on the acquired face image data.

  In access processing to confidential information, office entry management, ATMs in banks, etc., user authentication is performed and it is confirmed that the user is a registered authentic user, allowing access to data and entry into the room. Processing such as is performed.

  The most widely used user authentication process is to set a password corresponding to the user and to input the password to the user, or to give the user a magnetic card or IC card in which user information is recorded. After reading card information, authentication such as entering a password is often performed. Furthermore, recently, an apparatus that performs so-called biometric authentication such as a user's face, fingerprint, and eyeball iris has been developed and used.

  For example, in Patent Document 1, a user performs a predetermined operation in advance, the operation information is registered in a database as moving image data, and an operation registered by the user is executed in the authentication process, and the execution operation is performed by a camera. A system is disclosed in which a user is authenticated by performing a comparison and collation process between captured moving image data and registered moving image data.

  However, in the configuration described in Patent Document 1, it is necessary to record the user's actions as moving image information, and there is a problem that the amount of data becomes enormous when the number of users is large. There is a problem that it is necessary to perform the comparison between the acquired moving image data and the registered moving image data to increase the data processing load.

  Further, in the configuration described in Patent Document 1, a registered user only has operation information according to one fixed operation sequence as registration information, and an operation performed by the user at the time of authentication processing is different from unique registration data. The possibility of misrecognition becomes high, such as failure of user authentication, and there is a problem that the user is required to repeatedly execute the same operation for authentication processing.

  Furthermore, patent document 2 is disclosing the system which performs user authentication based on the time change of a user's face. This is a system that uses user face change pattern data as registration data, reads a user's face change from image data taken at the time of user authentication, and performs authentication by collating the acquired data with registered pattern data. As an example of the temporal change of the user's face, an example of a change in facial expression, a face orientation, a word, etc. is shown.

However, the example described in this document does not describe a configuration for instructing the user to change the face. The user is photographed during the authentication process, and the user's face change occurring at the time of the photographing is detected. Thus, the verification is performed with the registered data. Therefore, there is a problem that the accuracy of matching with the registered data is lowered when the user's face hardly changes.
2004-259255 No. 2003-233816

  The present invention has been made in view of the above-described problems, and instructed the user according to a sequence in which the facial expression, orientation, etc. of the user's face are set at random, and in accordance with the instruction information. By acquiring the user's face image data in time series and collating the acquired data with the registered data, the amount of data accumulated and the amount of data processing required by the authentication processing device can be reduced. An object of the present invention is to provide an authentication processing apparatus, an authentication processing method, and a computer program capable of reducing the occurrence rate of recognition.

The first aspect of the present invention is:
An authentication processing device,
A camera that acquires face image data of the user to be authenticated;
A user information storage unit storing a plurality of different registered face pattern images of registered users;
An execution sequence setting unit for setting a sequence composed of a plurality of different face patterns;
An output unit that presents the sequence set by the execution sequence setting unit to an authentication target user;
A sequence information storage unit that records the sequence information executed in the past authentication process in association with the user identifier;
An authentication unit that performs a matching process between the face image data of the user to be authenticated acquired by the camera and the registered face pattern image stored in the user information storage unit;
The execution sequence setting unit
A plurality of patterns are randomly selected from a plurality of different registered face pattern images of the registered user stored in the user information storage unit, and a sequence to be executed by the user to be authenticated is set and stored in the sequence information storage unit It is a configuration that sets a sequence that does not overlap with the executed sequence as an execution sequence,
The authentication unit
For each of a plurality of face patterns included in the sequence set by the execution sequence setting unit, collation processing between face image data acquired through the camera and a registered face pattern image stored in the user information storage unit is performed. An authentication processing apparatus is characterized by being configured to execute.

  Furthermore, in an embodiment of the authentication processing device of the present invention, the authentication processing device further includes sequence information of a new execution sequence set by the execution sequence setting unit and applied to the authentication processing. It is the structure which performs the data update process stored in this.

  Furthermore, in an embodiment of the authentication processing device of the present invention, the registered face pattern image stored in the user information storage unit includes a face pattern image associated with an emotion expression and a user-specific face not associated with an emotion expression. The execution sequence setting unit randomly selects a plurality of patterns from a face pattern image associated with emotion expression and a user-specific registered face pattern image not associated with emotion expression. It is characterized in that it is configured to set a sequence to be selected and executed for an authentication target user.

  Furthermore, in an embodiment of the authentication processing device of the present invention, the authentication unit includes, for each of a plurality of face patterns included in the sequence set by the execution sequence setting unit, face image data acquired via the camera; Then, the collation process with the registered face pattern image stored in the user information storage unit is executed, and in the collation of a plurality of patterns, it is determined that the authentication is established on the condition that a matching rate equal to or higher than a predetermined threshold is obtained. It is the structure.

Furthermore, the second aspect of the present invention provides
Authentication method,
A sequence of selecting a plurality of patterns at random from a plurality of different registered face pattern images of a registered user stored in a user information storage unit storing a plurality of different registered face pattern images of the registered user and causing the user to be authenticated to execute Execution sequence for performing setting and setting a sequence that does not overlap with the executed sequence stored in the sequence information storage unit that records the sequence information executed in the past authentication process in association with the user identifier. Configuration steps;
An output step of presenting the sequence set by the execution sequence setting unit to the user to be authenticated;
An image acquisition step of acquiring face image data of the user to be authenticated by the camera;
For each of a plurality of face patterns included in the sequence set by the execution sequence setting unit, collation processing between face image data acquired through the camera and a registered face pattern image stored in the user information storage unit is performed. An authentication step to perform;
There exists in the authentication processing method characterized by having.

  Furthermore, in an embodiment of the authentication processing method of the present invention, the authentication processing method further includes setting sequence information of a new execution sequence set by the execution sequence setting unit and applied to the authentication process to the sequence information storage unit. And a step of executing a data update process stored in the storage.

  Furthermore, in one embodiment of the authentication processing method of the present invention, the registered face pattern image stored in the user information storage unit includes a face pattern image associated with an emotion expression and a user-specific information not associated with an emotion expression. The execution sequence setting step randomly selects a plurality of patterns from a face pattern image associated with emotion expression and a user-specific registered face pattern image not associated with emotion expression. A sequence to be selected and executed for the user to be authenticated is set.

  Furthermore, in one embodiment of the authentication processing method of the present invention, the authentication step includes, for each of a plurality of face patterns included in the sequence set in the execution sequence setting step, face image data acquired via the camera; Then, the collation process with the registered face pattern image stored in the user information storage unit is executed, and in the collation of a plurality of patterns, it is determined that the authentication is established on the condition that a matching rate equal to or higher than a predetermined threshold is obtained. It is characterized by that.

Furthermore, the third aspect of the present invention provides
A computer program for executing authentication processing on a computer,
A sequence of selecting a plurality of patterns at random from a plurality of different registered face pattern images of a registered user stored in a user information storage unit storing a plurality of different registered face pattern images of the registered user and causing the user to be authenticated to execute Execution sequence for performing setting and setting a sequence that does not overlap with the executed sequence stored in the sequence information storage unit that records the sequence information executed in the past authentication process in association with the user identifier. Configuration steps;
An output step of presenting the sequence set by the execution sequence setting unit to the user to be authenticated;
An image acquisition step of acquiring face image data of the user to be authenticated by the camera;
For each of a plurality of face patterns included in the sequence set by the execution sequence setting unit, collation processing between face image data acquired through the camera and a registered face pattern image stored in the user information storage unit is performed. An authentication step to perform;
There is a computer program characterized by comprising:

  Note that the computer program of the present invention is a recording medium provided in a computer-readable format for a computer system capable of executing various program codes, for example, a recording medium such as a CD, FD, or MO. A computer program that can be provided by a medium or a communication medium such as a network. By providing such a program in a computer-readable format, processing corresponding to the program is realized on the computer system.

  Other objects, features, and advantages of the present invention will become apparent from a more detailed description based on embodiments of the present invention described later and the accompanying drawings. In this specification, the system is a logical set configuration of a plurality of devices, and is not limited to one in which the devices of each configuration are in the same casing.

  According to the configuration of the present invention, various face image data of a registered user is registered in advance, and the authentication processing apparatus randomly selects a plurality of patterns from these registered image data, and sets a sequence including the selected patterns. Further, it is confirmed that the setting sequence does not overlap with the past execution sequence, and the user is caused to perform an operation in accordance with the sequence, for example, facial expression change, etc., to acquire an image, and to collate with a registered pattern Therefore, unlike the operation along the fixed sequence, a different sequence is set for each authentication process and authentication is executed. Therefore, for example, it is not possible to perform a process of illegally establishing authentication using image data of a user illegally photographed by hidden photography or the like, and stricter user authentication is realized.

  Furthermore, according to the configuration of the present invention, the registration data that does not correspond to facial expression such as [laughter], that is, [user-specific registration information] is included in the execution sequence, so that the facial expression known only to the user can be matched. As a result, it is possible to execute a stricter authentication process.

  The details of the authentication processing apparatus, authentication processing method, and computer program of the present invention will be described below with reference to the drawings. First, with reference to FIG. 1, the configuration and processing outline of the authentication processing apparatus of the present invention will be described. As shown in FIG. 1, the authentication processing apparatus of the present invention includes a camera 101, a face image data extraction unit 102, an authentication unit 103, an execution sequence setting unit 104, an information storage unit 105, an output unit 106, and an input unit 107. The information storage unit 105 includes a user information storage unit 111 that stores user information in which registered user identifiers and registered user face image data are associated with each other, and is executed for a user during a user authentication process executed in the past. An instruction sequence storage unit 112 that stores sequence information such as completed facial expression change instructions in association with user identifiers and a data storage unit 113 that stores various data processing programs and the like are included.

First, an outline of processing of the authentication processing apparatus 100 of the present invention will be described. When executing the authentication process of the user 10 by the authentication processing apparatus 100,
For example, the authentication processing device 100 may
1. First, please look for [laughing].
2. Next, please look for [anger].
Instructing the expression in a randomly determined sequence, or changing the orientation of the face. The user performs a process of changing the facial expression and face orientation according to the instruction sequence. The authentication device captures these images with the camera 102 and performs authentication by comparing with user information registered in advance.

  As shown in FIG. 2, the user information storage unit 111 shown in FIG. 1 stores data associating registered user identifiers with registered user face image data. The registered user registers a plurality of predetermined facial expressions or facial images whose orientations are changed in advance. As shown in FIG. 2, each user has a registered facial expression pattern as shown in FIG. 2: facial expression pattern P01: [laughter], facial expression pattern P02: [anger], facial expression pattern P03: [surprise], ... facial expression pattern Pnn: [sadness] A facial expression pattern corresponding to a preset emotion such as is registered. Furthermore, [user-specific registration information] is registered as an expression pattern Pmm that is not associated with a specific emotion. This [user-specific registration information] is a unique registered facial expression determined by each user, and is a pattern that is not associated with a specific emotion.

  The authentication processing device 100 randomly selects a plurality of registered patterns from these registered patterns, determines a sequence in which the selected registered patterns are set in time series, and changes the facial expression to the user along the determined sequence. Request. For example, the expression pattern P01: [laughter] → P02: [anger], P03: [surprise] → Pnn: [sadness], Pmm: [unique registration pattern] → P01: [laughter].

  However, if the same sequence is applied during authentication processing, facial expression data that matches the authentication sequence is stored as image data, such as being observed by a third party and illegally capturing facial image data. There may be a situation where the authentication process is established by the authentication applied.

  Therefore, in the authentication processing device 100 of the present invention, sequence information executed in authentication processing executed at least in the past for a certain period is stored in the sequence information storage unit 112, and a sequence determined at the time of new authentication processing Are controlled so as not to overlap with these executed sequences.

  A configuration example of data stored in the sequence information storage unit 112 is shown in FIG. As illustrated in FIG. 3, the sequence information storage unit 112 records a user ID as a user identifier and a sequence executed in the past authentication process in association with each other. In the illustrated example, execution sequence data for the past n times are stored. For example, for the first user [u01ab88761], the instruction sequence S1 in the most recent authentication process is a sequence of patterns P01 → P03, and the instruction sequence S2 before that is a sequence of patterns P02 → P01, n times. The previous instruction sequence Sn indicates that the sequence is the pattern P03 → P01.

  The executed sequence of the first user [u01ab88761] is shown in FIG. 4 in association with a specific facial expression. The instruction sequence S1 in the latest authentication process is a sequence of patterns P01 → P03. As shown in the figure, the sequence of P01 [laughter] → [surprise], and the instruction sequence S2 before that is the pattern P02 [anger] → P01. An instruction sequence Sn n times before, which is a sequence of [laughing], is a sequence of pattern P03 [surprise] → P01 [laughing].

  The stored data in the sequence information storage unit 112 is updated each time a new authentication process is executed, the oldest data (n-th previous data) is deleted, and the newly executed instruction sequence information is stored.

  In the authentication processing apparatus 100 of the present invention, the sequence executed in the authentication processing that has been executed in the past is stored in the sequence information storage unit 112, and the registration sequence information is referred to during the new authentication processing. Then, a new sequence that does not overlap is newly set and executed by the user.

  With reference to the block diagram of FIG. 1, the flow of processing when executing user authentication processing will be described. The user 10 as the person to be authenticated inputs information for identifying the user, such as a user ID and a password, to the input unit 107 when executing the authentication process. The execution sequence setting unit 104 confirms whether the user identification information input by the user is registered in the user information storage unit 111 of the information storage unit 105, and if the registration is confirmed, a sequence such as a facial expression requested to the user To decide. For example, a sequence such as [laughter] → [anger] or [surprise] → [sadness].

  In this sequence determination process, the execution sequence setting unit 104 acquires information stored in the sequence information storage unit 112, that is, sequence information that has been executed in the past authentication process as described with reference to FIG. The newly set sequence is set so as not to coincide with these executed sequences.

When the execution sequence setting unit 104 determines the sequence, the instruction information is presented to the user via the output unit 106. For example,
Step 1. First, please look for [laughing].
Step 2. Next, please look for [anger].
The instruction information is presented to the user.

  The camera 101 acquires image data of the user 10 who is making a facial expression according to the instruction. The face image data extraction unit 102 extracts an image of the face image area from the captured image data of the camera 101 and inputs it to the authentication unit 103. The authentication unit 103 acquires the registered image information of the user stored in the user information storage unit 111 of the information storage unit 105 according to the sequence, and executes a collation process.

  If the image photographed by the camera 101 and the registered image data stored in the user information storage unit 111 match, it is determined that authentication is established, and if they do not match, it is determined that authentication is not established. In addition, processing such as pattern matching is applied to the degree of coincidence determination, and a predetermined similarity range is defined in advance, and it is the same when it is determined that there is an acquired image and a registered image in a predetermined similarity range as well as complete matching It is determined that the image is a human image and authentication is established. In this example, a processing example is shown in which two patterns such as [laughter] → [anger] and [surprise] → [sadness] are applied. The level of authentication establishment can be set in various ways, for example, whether the image matches the image as a condition for establishment of authentication, or if the image coincidence of only one pattern is confirmed.

  In the above-described embodiment, an example in which the authentication process is executed by setting a sequence in which two facial expression patterns are applied in one authentication process has been described. However, authentication in which a sequence of three or more patterns is set is also possible. . With reference to FIG. 5, a description will be given of a processing example in which a sequence including three patterns is set, and when two or more patterns match as a result of the pattern matching processing, authentication is determined to be established.

FIG.
(A) Pattern P01 [laughing] → Pattern P03 [Surprise] → Pattern P02 [Anger]
(B) Pattern P02 [anger] → Pattern P01 [laughter] → Pattern P05 [Sadness]
(C) Pattern P03 [surprise] → Pattern P05 [Sadness] → Pattern P01 [Laughter]
Each instruction sequence is shown.

  For example, in the authentication process, (a) is an example in which a result of matching is obtained in the matching process of the three patterns included in the instruction sequence, that is, the matching process between the camera captured image and the registered image. It is determined that user authentication is established. (B) shows an example in which two patterns are matched in the three patterns included in the instruction sequence, but one pattern is not matched. In this case as well, it is determined that the user authentication has been established. To do. (C) is an example in which one pattern matches in the matching process of three patterns included in the instruction sequence, but the two patterns do not match. In this case, the user authentication is not established. judge.

  This example is an example in which an authentication level is set to establish authentication on condition that two patterns match among three patterns included in the sequence. In this example, the authentication is established when the coincidence rate is [2/3] or more. Various levels of such authentication establishment conditions can be set depending on whether the conditions need to be strict.

  When it is necessary to tighten the level of the authentication establishment condition, the number of patterns included in the sequence is increased to increase the matching rate as a threshold value. For example, 5 patterns are included in the sequence, and all the matches of the 5 patterns are used as a condition. Alternatively, a setting is made such that the coincidence rate [4/5] or more is used as a condition for establishing authentication. On the other hand, when the level of the authentication establishment condition is set low, the number of patterns included in the sequence is decreased to lower the matching rate as a threshold value. For example, two patterns are included in the sequence, and one of the two patterns is set as an authentication establishment condition.

  Next, a processing sequence of authentication processing executed in the authentication processing device of the present invention will be described with reference to the flowchart shown in FIG.

  In step S101, user identification information is input from the user to be authenticated. This may be user ID registered in the authentication processing device or user-identifiable data that can be acquired by the authentication processing device. For example, user information in which the user ID and password are associated with each other in the authentication processing device. In the case of recording, it may be configured to execute a process of inputting a password and deriving a user ID from the input password.

  In step S102, it is determined whether or not the user ID is recorded as the registered user ID of the user information stored in the user information storage unit 111. If the user is not a registered user (step S103: No), the process proceeds to step S111, and it is determined that the authentication is not established, and the process ends.

  When the user ID input by the user matches the registered user ID stored in the user information storage unit 111 (step S103: Yes), the process proceeds to step S104, and the execution sequence setting unit 104 displays the user information storage unit 111. A plurality of image patterns are randomly selected from a plurality of registered image pattern data registered as face image data of the corresponding user ID in the user information stored in the execution information S (Pa, Pb,... Pn) is set at random. Here, a sequence composed of n patterns is set.

  Next, in step S105, the execution sequence setting unit 104 refers to the previously executed sequence information (see FIGS. 3 and 4) stored in the sequence information storage unit 112 of the information storage unit 105 and sets the sequence. Is not duplicated with a previously executed sequence stored in the sequence information storage unit 112. Note that the information to be determined is registration information corresponding to the same user ID.

  If it is determined that the set sequence overlaps with a previously executed sequence stored in the sequence information storage unit 112 (step S106: Yes), the process returns to step S104, and a sequence setting process by random pattern selection is performed. Try again.

  If it is determined that the setting sequence does not overlap with a previously executed sequence stored in the sequence information storage unit 112 (step S106: No), an operation instruction for the user is executed in accordance with the setting sequence in step S107. . The operation instruction is given via the output unit 106.

  Next, in step S108, the user's operation in accordance with the instruction is captured by the camera 101, and the face image data extracted by the face image data extraction unit 102 is compared with the registered image data stored in the user information storage unit. Is executed in the authentication unit 103. This collation process is sequentially executed according to the setting sequence. That is, the collating process for each pattern included in the execution sequence S (Pa, Pb,... Pn) set in step S104 is sequentially executed.

  In step S109, the comparison result for each pattern included in the execution sequence S (Pa, Pb,... Pn) is compared with a predetermined authentication condition threshold value. For example, 5 patterns are included in the sequence, and all the matches of the 5 patterns are used as a condition. Alternatively, a determination process is performed based on a preset authentication condition threshold such as a condition for establishing authentication with a match rate [4/5] or higher.

  If the pattern matching rate is equal to or higher than the threshold (step S109: Yes), the process proceeds to step S110, and it is determined that the authentication is established. If the pattern matching rate is less than the threshold (step S109: No), the process proceeds to step S111. It is determined that authentication has not been established.

  Next, the process proceeds to step S112, where the sequence information of the sequence executed this time, that is, the sequence information of the execution sequence S (Pa, Pb,... Pn) is stored in the sequence information storage unit 112 as the executed sequence information and the processing is terminated. .

  The user authentication process is performed by the above process. As understood from the above description, in the authentication processing device of the present invention, various face image data of the registered user are registered in advance, and the authentication processing device selects a plurality of patterns at random from these registered image data. , Set the sequence consisting of the selected pattern, further confirm that the setting sequence does not overlap with the past execution sequence, let the user perform an action according to the sequence, for example, facial expression change, to acquire the image, Unlike the operations that follow a fixed sequence, authentication is performed by setting a different sequence for each authentication process. Processing that attempts to illegally establish authentication using image data becomes impossible, and stricter user authentication is realized.

  In addition, registration data that does not correspond to facial expressions such as laughter described with reference to FIG. 2, that is, [user-specific registration information] shown in FIG. It can be included as a processing pattern, and a stricter authentication processing is realized by this processing.

  Further, the input unit 107 shown in FIG. 1 is configured to be able to input voice, and the voice print data of the registered user is stored in the user information storage unit 111 of the information storage unit 105 in advance, and the authentication unit 103 is based on the face image data described above. It is good also as a structure which performs authentication based on voiceprint data while performing authentication.

[Hardware configuration example]
Finally, a hardware configuration example of the user authentication processing apparatus that executes the above-described processing will be described with reference to FIG.

  A CPU (Central Processing Unit) 501 is a control unit that executes processes according to various computer programs describing an execution sequence of each process such as an OS (Operating System) and the user authentication process described in the above embodiment. .

  A ROM (Read Only Memory) 502 stores programs used by the CPU 501, calculation parameters, and the like. A RAM (Random Access Memory) 503 stores programs used in the execution of the CPU 501, parameters that change as appropriate during the execution, and the like. These are connected to each other by a host bus 504 including a CPU bus.

  The host bus 504 is connected to an external bus 506 such as a PCI (Peripheral Component Interconnect / Interface) bus via a bridge 505.

  A keyboard 508 and a pointing device 509 are input devices operated by the user. The display 510 includes a liquid crystal display device, a CRT (Cathode Ray Tube), or the like, and displays various types of information as text and images.

  An HDD (Hard Disk Drive) 511 includes a hard disk, drives the hard disk, and records or reproduces a program executed by the CPU 501 and information. The hard disk can serve as the user information storage unit 111, the sequence information storage unit 112, and the data storage unit 113 shown in FIG. Further, various computer programs such as various data processing programs are stored.

  The drive 512 reads data or a program recorded on a removable recording medium 521 such as a magnetic disk, an optical disk, a magneto-optical disk, or a semiconductor memory, and the data or program is read out from the interface 507 and the external bus 506. , And supplied to the RAM 503 connected via the bridge 505 and the host bus 504. Similarly to the hard disk, the removable recording medium 521 can also serve as the user information storage unit 111, the sequence information storage unit 112, and the data storage unit 113 shown in FIG.

  The connection port 514 is a port for connecting the external connection device 522 and has a connection unit such as USB or IEEE1394. The connection port 514 is connected to the CPU 501 and the like via the interface 507, the external bus 506, the bridge 505, the host bus 504, and the like. The communication unit 515 is connected to a network and executes data communication processing with the outside.

  Note that the hardware configuration example of the information processing apparatus illustrated in FIG. 7 is an example of a single apparatus configured by applying a basic PC configuration, and the information processing apparatus of the present invention has the configuration illustrated in FIG. However, the present invention is not limited to this, and any configuration that can execute the processing described in the above-described embodiments may be used.

  The present invention has been described in detail above with reference to specific embodiments. However, it is obvious that those skilled in the art can make modifications and substitutions of the embodiments without departing from the gist of the present invention. In other words, the present invention has been disclosed in the form of exemplification, and should not be interpreted in a limited manner. In order to determine the gist of the present invention, the claims should be taken into consideration.

  The series of processes described in the specification can be executed by hardware, software, or a combined configuration of both. When executing processing by software, the program recording the processing sequence is installed in a memory in a computer incorporated in dedicated hardware and executed, or the program is executed on a general-purpose computer capable of executing various processing. It can be installed and executed.

  For example, the program can be recorded in advance on a hard disk or ROM (Read Only Memory) as a recording medium. Alternatively, the program is temporarily or permanently stored on a removable recording medium such as a flexible disk, a CD-ROM (Compact Disc Read Only Memory), an MO (Magneto optical) disk, a DVD (Digital Versatile Disc), a magnetic disk, or a semiconductor memory. It can be stored (recorded). Such a removable recording medium can be provided as so-called package software.

  The program is installed on the computer from the removable recording medium as described above, or is wirelessly transferred from the download site to the computer, or is wired to the computer via a network such as a LAN (Local Area Network) or the Internet. The computer can receive the program transferred in this manner and install it on a recording medium such as a built-in hard disk.

  The various processes described in the specification are not only executed in time series according to the description, but may be executed in parallel or individually as required by the processing capability of the apparatus that executes the processes. Further, in this specification, the system is a logical set configuration of a plurality of devices, and the devices of each configuration are not limited to being in the same casing.

  As described above, according to the configuration of the present invention, various face image data of a registered user are registered in advance, and the authentication processing device randomly selects a plurality of patterns from these registered image data, and selects the selected pattern. Set the sequence consisting of the following, confirm that the setting sequence does not overlap with the past execution sequence, let the user perform actions along the sequence, for example, facial expression changes, etc. Therefore, unlike the operation along the fixed sequence, a different sequence is set for each authentication process and authentication is executed. Therefore, for example, it is not possible to perform a process of illegally establishing authentication using image data of a user illegally photographed by hidden photography or the like, and stricter user authentication is realized.

  Furthermore, according to the configuration of the present invention, the registration data that does not correspond to facial expression such as [laughter], that is, [user-specific registration information] is included in the execution sequence, so that the facial expression known only to the user can be matched. As a result, it is possible to execute a stricter authentication process.

It is a figure explaining the structure of the authentication processing apparatus of this invention. It is a figure explaining the data structural example of the user information stored in the user information storage part of the authentication processing apparatus of this invention. It is a figure explaining the data structural example of the sequence information stored in the sequence information storage part of the authentication processing apparatus of this invention. It is a figure explaining the specific example of sequence information. It is a figure explaining the example of an authentication process to which the sequence which consists of 3 patterns is applied. It is a figure which shows the flowchart explaining the procedure of the user authentication process which the authentication processing apparatus of this invention performs. It is a figure explaining the hardware structural example of the authentication processing apparatus of this invention.

Explanation of symbols

DESCRIPTION OF SYMBOLS 10 User 100 Authentication processing apparatus 101 Camera 102 Face image data extraction part 103 Authentication part 104 Execution sequence setting part 105 Information storage part 106 Output part 107 Input part 111 User information storage part 112 Sequence information storage part 113 Data storage part 501 CPU (Central Processing Unit)
502 ROM (Read-Only-Memory)
503 RAM (Random Access Memory)
504 Host bus 505 Bridge 506 External bus 507 Interface 508 Keyboard 509 Pointing device 510 Display 511 HDD (Hard Disk Drive)
512 drive 514 connection port 515 communication unit 521 removable recording medium 522 external connection device

Claims (9)

An authentication processing device,
A camera that acquires face image data of the user to be authenticated;
A user information storage unit storing a plurality of different registered face pattern images of registered users;
An execution sequence setting unit for setting a sequence composed of a plurality of different face patterns;
An output unit that presents the sequence set by the execution sequence setting unit to an authentication target user;
A sequence information storage unit that records the sequence information executed in the past authentication process in association with the user identifier;
An authentication unit that performs a matching process between the face image data of the user to be authenticated acquired by the camera and the registered face pattern image stored in the user information storage unit;
The execution sequence setting unit
A plurality of patterns are randomly selected from a plurality of different registered face pattern images of the registered user stored in the user information storage unit, and a sequence to be executed by the user to be authenticated is set and stored in the sequence information storage unit It is a configuration that sets a sequence that does not overlap with the executed sequence as an execution sequence,
The authentication unit
For each of a plurality of face patterns included in the sequence set by the execution sequence setting unit, collation processing between the face image data acquired through the camera and the registered face pattern image stored in the user information storage unit is performed. An authentication processing apparatus characterized by being configured to execute. The authentication processing device further includes:
The data update process for storing the sequence information of a new execution sequence set by the execution sequence setting unit and applied to the authentication process in the sequence information storage unit is executed. Authentication processing equipment. The registered face pattern image stored in the user information storage unit includes a face pattern image associated with emotional expression and a user-specific registered face pattern image not associated with emotional expression,
The execution sequence setting unit
A configuration in which a plurality of patterns are randomly selected from a face pattern image associated with an emotion expression and a user-specific registered face pattern image not associated with an emotion expression, and a sequence to be executed by an authentication target user is set. The authentication processing apparatus according to claim 1, wherein the authentication processing apparatus is provided. The authentication unit
For each of a plurality of face patterns included in the sequence set by the execution sequence setting unit, collation processing between face image data acquired through the camera and a registered face pattern image stored in the user information storage unit is performed. The authentication processing apparatus according to claim 1, wherein the authentication processing apparatus is configured to perform authentication and determine whether or not the authentication has been established on the condition that a matching rate equal to or higher than a predetermined threshold is obtained in the collation of a plurality of patterns. Authentication method,
A sequence of selecting a plurality of patterns at random from a plurality of different registered face pattern images of a registered user stored in a user information storage unit storing a plurality of different registered face pattern images of the registered user and causing the user to be authenticated to execute Execution sequence for performing setting and setting a sequence that does not overlap with the executed sequence stored in the sequence information storage unit that records the sequence information executed in the past authentication process in association with the user identifier. Configuration steps;
An output step of presenting the sequence set by the execution sequence setting unit to the user to be authenticated;
An image acquisition step of acquiring face image data of the user to be authenticated by the camera;
For each of a plurality of face patterns included in the sequence set by the execution sequence setting unit, collation processing between face image data acquired through the camera and a registered face pattern image stored in the user information storage unit is performed. An authentication step to perform;
An authentication processing method characterized by comprising: The authentication processing method further includes:
6. The step of executing a data update process of storing sequence information of a new execution sequence set by the execution sequence setting unit and applied to an authentication process in the sequence information storage unit. Authentication processing method. The registered face pattern image stored in the user information storage unit includes a face pattern image associated with emotional expression and a user-specific registered face pattern image not associated with emotional expression,
The execution sequence setting step includes:
Selecting a plurality of patterns at random from the face pattern image associated with the emotion expression and the registered face pattern image unique to the user not associated with the emotion expression, and setting a sequence to be executed by the user to be authenticated. The authentication processing method according to claim 5, wherein: The authentication step includes
For each of a plurality of face patterns included in the sequence set in the execution sequence setting step, collation processing between face image data acquired via the camera and a registered face pattern image stored in the user information storage unit is performed. 6. The authentication processing method according to claim 5, wherein the authentication processing method is executed and determination of establishment of authentication is performed on the condition that a matching rate equal to or higher than a predetermined threshold is obtained in the collation of a plurality of patterns. A computer program for executing authentication processing on a computer,
A sequence of selecting a plurality of patterns at random from a plurality of different registered face pattern images of a registered user stored in a user information storage unit storing a plurality of different registered face pattern images of the registered user and causing the user to be authenticated to execute An execution sequence for performing a process of setting a sequence that does not overlap with an executed sequence stored in a sequence information storage unit in which sequence information executed in a past authentication process is recorded in association with a user identifier while performing setting Configuration steps;
An output step of presenting the sequence set by the execution sequence setting unit to the user to be authenticated;
An image acquisition step of acquiring face image data of the user to be authenticated by the camera;
For each of a plurality of face patterns included in the sequence set by the execution sequence setting unit, collation processing between face image data acquired through the camera and a registered face pattern image stored in the user information storage unit is performed. An authentication step to perform;
A computer program characterized by comprising:

Images