JP2012073724A - Portable terminal, user authentication method and program - Google Patents

Abstract

PROBLEM TO BE SOLVED: To shorten the time until enabling an authorized user to utilize a target function, and to make it difficult for an unauthorized user to notice imaging.SOLUTION: A portable terminal includes: a control section which starts a camera section when operation is started by a user, and allows operations until obtaining an authentication result; an authentication section for performing user authentication by collating a subject photographed by the camera section in predetermined timing with an image for authentication registered beforehand; and a position guiding section for displaying a graphic guiding a position of the subject to a proper position on a screen where contents of operation by the user are being displayed, for a predetermined period of time after the start of the camera section.

Description

  The present invention relates to a mobile terminal, a user authentication method, and a program, and more particularly, to a mobile terminal that performs user authentication using a camera, a user authentication method, and a program.

  According to Patent Document 1, authentication processing is started in the background when a numeric input is detected, and face authentication is executed by displaying a dummy call screen on the display unit until the authentication processing is completed. There is disclosed a portable terminal device that prevents the operator from detecting this.

  In Patent Document 2, the transaction screen is divided into a first area and a second area, the first area performs transaction operation guidance and input, the second area performs biometric authentication guidance, An automatic transaction apparatus is disclosed in which a transaction operation displayed in one area and a biometric authentication displayed in a second area can be operated in parallel.

JP 2009-135705 A JP 2007-109075 A

  However, when performing face authentication in a manner that is not perceived by the operator as in Patent Document 1, it becomes difficult for a legitimate user to notice that face authentication is also being performed. For this reason, there is a problem in that photographing cannot be performed at an appropriate position, user authentication fails or takes time, and convenience is lowered for a regular user.

  Moreover, in the portable terminal device of patent document 1, since a dummy call screen is displayed until user authentication is completed, there is also a problem that it takes a long time until the user can use the intended function. .

  On the other hand, if guidance for biometric authentication is given to a user as in Patent Document 2 in the mobile terminal, there is a concern that the mobile terminal may be destroyed or destroyed by an unauthorized user as described in Patent Document 1. .

  The present invention has been made in view of the circumstances described above, and the purpose of the present invention is to consider the convenience of a regular user and perform user authentication in a manner that can reduce the detectability of shooting by an unauthorized user. The object is to provide a portable terminal, a user authentication method, and a program.

  According to the first aspect of the present invention, when an operation is started by a user, the camera unit is activated, and a control unit that allows an operation until an authentication result is obtained, and the camera unit at a predetermined timing. An authentication unit that performs user authentication by comparing a photographed subject with a pre-registered authentication image, and a screen on which an operation content by the user is displayed for a predetermined period after activation of the camera unit. There is provided a portable terminal including a position guiding unit that displays a graphic for guiding the position to an appropriate position.

  According to the second aspect of the present invention, when an operation is started by a user, user authentication is performed by comparing a step of starting a camera and a subject imaged by the camera at a predetermined timing with a pre-registered authentication image. And a step of displaying a figure for guiding the position of the subject to an appropriate position on a screen on which the content of operation by the user is displayed for a predetermined period after the camera is activated, and the user authentication A user authentication method that allows an operation until an authentication result is obtained is provided. This method is associated with a specific machine called a portable terminal that performs user authentication by a camera.

  According to a third aspect of the present invention, there is provided a program to be executed by a computer mounted on a camera-equipped mobile terminal, which activates a camera in response to the start of an operation by a user and obtains an authentication result by user authentication. A process for allowing an operation to be performed, a process for performing user authentication by comparing a subject photographed at a predetermined timing with the camera and a pre-registered authentication image, and a predetermined period after the camera is activated by the user. There is provided a program for executing a process of displaying a figure for guiding the position of the subject to an appropriate position on a screen on which operation contents are displayed. This program can be recorded on a computer-readable storage medium. That is, the present invention can be embodied as a computer program product.

  According to the present invention, it is possible to shorten the time until the function intended by the authorized user can be used, and to make it difficult for an unauthorized user to detect the shooting.

It is a figure for demonstrating the outline | summary of this invention. It is another figure for demonstrating the outline | summary of this invention. It is a block diagram showing the structure of the portable terminal of the 1st Embodiment of this invention. It is a figure for demonstrating operation | movement of the portable terminal of the 1st Embodiment of this invention. It is a figure for demonstrating operation | movement of the portable terminal of the 2nd Embodiment of this invention. It is a figure for demonstrating operation | movement of the portable terminal of the 3rd Embodiment of this invention. It is a figure for demonstrating operation | movement of the portable terminal of the 4th Embodiment of this invention. It is a block diagram showing the structure of the portable terminal of the 5th Embodiment of this invention. It is a figure for demonstrating the deformation | transformation embodiment of this invention. It is a figure for demonstrating the deformation | transformation embodiment of this invention. It is a figure for demonstrating the deformation | transformation embodiment of this invention.

  First, the outline of the present invention will be described. The camera-equipped mobile terminal according to the present invention activates the camera when an operation is started by the user, and performs user authentication by collating with an authentication image registered in advance in parallel with an operation reception process from the user. The mobile terminal with a camera according to the present invention displays a figure for guiding the position of the subject to an appropriate position on a screen reflecting the operation content by the user for a predetermined period after the camera is activated.

  FIG. 1 is an example of display for guiding the position of a subject (face) to a proper position when a face image is used for user authentication. In the example of FIG. 1, as shown on the right side of the figure, the user's face is not within the imaging range θ of the camera of the mobile terminal. At this time, the camera-equipped mobile terminal according to the present invention displays figures M1 (appropriate) and M2 (subject) indicating the amount of deviation between the subject and the appropriate position, together with the telephone number of the other party who is inputting. The position of the figure can be calculated based on the eyes, nose, contour centerline, etc. of the captured face image.

  Thereafter, when the user who has seen the figures M1 (appropriate) and M2 (subject) tilts the mobile terminal so that the user's face is within the imaging range θ of the camera or moves the face to an appropriate position, FIG. As shown in FIG. 2, figures M1 (appropriate) and M2 (subject) representing the amount of deviation between the subject and the appropriate position are displayed in an overlapping manner.

  When a state as shown in FIG. 2 is detected, or after a certain period of time has elapsed since the camera was activated, a face image is taken, and the process immediately proceeds to authentication processing. If it is confirmed that the user is a valid user, the camera is activated. Thereafter, since the operation until the authentication result is obtained is allowed, the user can continue the desired operation (for example, pressing the remaining telephone number of the other party and the call button). On the other hand, if it is determined that the user is not a valid user despite the guidance to the appropriate position, the user is refused to press the call button, and a message such as “locked” is displayed.

As described above, according to the present invention, in the user authentication by the camera that is started together with the start of the specific operation, the subject position is guided to the appropriate position, so it is necessary to determine whether or not the user is an authorized user. Time can be shortened.

[First Embodiment]
Next, a first embodiment of the present invention will be described in detail with reference to the drawings. FIG. 3 is a block diagram showing the configuration of the mobile terminal according to the first exemplary embodiment of the present invention. Referring to FIG. 3, the portable device includes a control unit 11, a display unit 12, a key operation unit 13, a camera unit 14, an authentication image storage unit 15, a captured image storage unit 16, and an authentication unit 17. The configuration of the terminal 10 is shown. Note that the mobile terminal 10 includes various small terminals such as a mobile phone terminal equipped with a camera, a smartphone, and a commercial mobile terminal, as well as a digital camera whose camera is a main function.

  When an operation is started by the user, the control unit 11 activates the camera unit 14 to start imaging. In addition, the control unit 11 functions as a position guiding unit that displays a graphic for guiding the position of the subject to an appropriate position on a screen during a specific operation by the user for a predetermined period after the start of shooting. Further, the control unit 11 permits or restricts the use of the function that is about to be started by the specific operation based on the determination result in the authentication unit 17.

  The display unit 12 is configured by a liquid crystal display or the like that displays the content input from the key operation unit 13.

  The key operation unit 13 includes buttons that accept various user operations, a pointing device, and the like. Note that a touch panel may be employed as the key operation unit 13.

  The camera unit 14 is used not only for photographing the subject at the time of user authentication, but also for photographing a user authentication image (authentication image). The captured image is stored in the authentication image storage unit 15 or the captured image storage unit. 16.

  The authentication unit 17 performs user authentication by collating the images stored in the authentication image storage unit 15 and the captured image storage unit 16 and notifies the control unit 11 of the result.

  Although omitted in FIG. 3, when the mobile terminal 10 is a device having a communication function such as a mobile phone terminal, a smartphone, or a business mobile terminal, other communication units are added (FIG. 8). Communication section 18).

  As described above, the authentication image storage unit 15 or the captured image storage unit 16 of the mobile terminal 10 illustrated in FIG. 3 can be configured using the flash memory and the memory of the mobile terminal 10, and the control unit 11 and the authentication unit 17 are It can be realized by a computer program that causes a computer mounted on the portable terminal 10 to execute the above-described processing using its hardware.

  Next, the operation of this embodiment will be described in detail with reference to the drawings. FIG. 4 is a diagram for explaining the operation of the mobile terminal according to the first embodiment of this invention.

  As shown in FIG. 4, when the portable terminal 10 is operated to the key operation unit 13 (A1 in FIG. 4), the control unit 11 activates the camera unit 14 to start photographing (FIG. 4). C1).

  When the user continues to operate the key operation unit 13, the result of the operation is displayed on the display unit 12 (A5 in FIG. 4).

  At the same time, the control unit 11 displays a graphic for guiding the position of the subject to an appropriate position on the display unit 12 based on the image taken by the camera unit 14. Thereafter, the camera unit 14 stores an image captured at a predetermined timing in the captured image storage unit 16 (C3 in FIG. 4). As the predetermined timing, as shown in FIG. 2, the figure M1 (appropriate) indicating the amount of deviation between the subject and the appropriate position, the timing at which M2 (subject) overlaps, the timing at which a certain distance is approached, Alternatively, it is possible to employ a time after a certain period of time has elapsed since the activation of the camera unit 14 (that is, a time when a sufficient user can move the subject to an appropriate position has elapsed).

  The authentication unit 17 compares the image stored in the captured image storage unit 16 with the image stored in the authentication image storage unit 15 and determines whether or not the user who operates the key operation unit 13 is a regular user. A determination (user authentication) is performed (C4 in FIG. 4), and the result is output to the control unit 11 (C5 in FIG. 4).

  As a result of the user authentication, if it is determined that the user is a regular user (Yes in the determination “regular user?” In FIG. 4), the control unit 11 continues to allow the operation (A5 in FIG. 4).

  On the other hand, when a determination result indicating that the user is not a regular user is obtained (No in the determination “regular user?” In FIG. 4), the control unit 11 performs control so that subsequent operations are restricted and cannot be used (B1 in FIG. 4). ). At the same time, the control unit 11 displays on the display unit 12 that the operation is being restricted.

  As described above, in the present embodiment, the authentication operation is started in parallel with the operation start, and the display for guiding the subject to the appropriate position is performed, so that the operation of the authorized user can be performed quickly without interruption. There is an effect that user authentication can be completed.

  Moreover, in this embodiment, since it is set as the aspect which is hard to detect the timing which is imaged, possibility that an unauthorized user will take a countermeasure can be reduced.

[Second Embodiment]
Next, a second embodiment of the present invention in which changes are made to the first embodiment will be described with reference to the drawings.

  In the first embodiment described above, even if the user is a regular user, it is conceivable that the captured environment is dark, the orientation of the user's face is not front, or the verification fails depending on conditions. After the operation is started, if it is not possible to confirm that the user is a regular user by the first shooting, it is possible to repeat the shooting and verification again.

  However, as described above, in the present invention in which user authentication is performed in parallel with the start of the user's operation, the extension of the authentication period allows the user to restrict the use for a time longer than necessary. Become.

  Therefore, in the second embodiment of the present invention, security is enhanced by limiting the authentication time with a timer. In addition, since it can be produced in consideration of the state where it is easy to collate if it is a regular user, for example, the owner of the portable terminal 10, the convenience is not greatly impaired.

  Since the second embodiment of the present invention can be realized with a configuration equivalent to that of the first embodiment, the following description will focus on differences in operation.

  FIG. 5 is a diagram for explaining the operation of the mobile terminal according to the second embodiment of the present invention. The difference from the operation of the first embodiment shown in FIG. 4 is that not only the camera unit 14 but also the timer is operated (T1 in FIG. 5) at the start of the user operation, and within a certain time (in FIG. 5). If the authentication process is not completed during the “measurement” period of T3), it is determined that a timeout has occurred (T5 in FIG. 5), and a result indicating that the user is not a regular user is returned.

  Thereby, in addition to the effect of 1st Embodiment, it becomes possible to improve security more.

[Third Embodiment]
Next, from the same viewpoint as the second embodiment, a third embodiment of the present invention in which the first embodiment is modified will be described with reference to the drawings.

  In the second embodiment described above, the authentication time is limited by a timer. However, in the third embodiment, operations with a high security level, such as browsing / operation of the address book, browsing / transmission / reception of mail, browsing / transmission of images, If the authentication process is completed and it is confirmed that the user is a legitimate user before the operation, browsing / operation of the outgoing / incoming call history, use of the IC card function, etc., the above function can be used as it is. Other than that, the operation is restricted.

  Since the third embodiment of the present invention can also be realized with a configuration equivalent to that of the first embodiment, the following description will focus on differences in operation.

  FIG. 6 is a diagram for explaining the operation of the mobile terminal according to the third embodiment of the present invention. The difference from the operation of the first embodiment shown in FIG. 4 is that the authentication process is not completed until the user's operation is started and the use of the specific function is started (A3 in FIG. 6). Therefore, it is determined that the authentication has failed (No for “regular user?” In FIG. 5), and operation restriction is performed.

  As described above, this embodiment can further improve security, as in the second embodiment.

[Fourth Embodiment]
In the first to third embodiments described above, when user authentication by the camera cannot be performed, the operation is uniformly restricted. However, an environment where the subject cannot be photographed, for example, a dark face is recognized. Use in places where it is impossible is also possible.

  Therefore, in this embodiment, even when user authentication by the camera fails as described above, other user authentication processing is performed so that the user can be confirmed. As the other user authentication processing, various methods such as authentication by inputting a password and collation of a user's voice can be adopted.

  Since the fourth embodiment of the present invention can also be realized with a configuration equivalent to that of the first embodiment, the following description will focus on differences in operation.

  FIG. 7 is a diagram for explaining the operation of the mobile terminal according to the fourth embodiment of the present invention. The difference from the operation of the first embodiment shown in FIG. 4 is that when it is not confirmed that the user is a regular user by the user authentication by the camera (No of “regular user?” In FIG. 7), When the second authentication process (D4 in FIG. 7) is executed and it is confirmed that the user is a legitimate user, the user's operation is allowed to continue.

  At this time, the image taken at C3 in FIG. 7 or the image taken again after the second authentication process is saved (replaced or added to the existing authentication image) and used as the next authentication image. It may be used. Thereby, the determination rate of a regular user can be improved at the time of next user authentication. Of course, if the place is dark and the face cannot be recognized (inquiries to the user as to whether or not to save the image, and can be detected by the average value or histogram of the luminance value of the photographed image), the image is not saved. You may do it.

[Fifth Embodiment]
In the first to fourth embodiments described above, it has been described that the authentication unit 17 is provided on the mobile terminal 10 side, but a configuration in which user authentication is performed using an external authentication server can also be employed.

  FIG. 8 is a block diagram showing a configuration of a mobile terminal according to the fifth exemplary embodiment of the present invention. The difference from the first embodiment shown in FIG. 3 is that a communication unit 18 is provided instead of the authentication unit 17 of the mobile terminal 10 and communicates with the authentication unit 27 of the external authentication server 20 to perform the authentication process. It is configured to do.

  As the operation of the present embodiment, the same operation as that of the first to fourth embodiments described above can be adopted, and the description thereof is omitted.

  In the present embodiment, it is possible to hold more authentication images or perform collation by a high-performance authentication engine. It is also possible to perform other user authentication when accessing the authentication server 20.

  The preferred embodiments of the present invention have been described above. However, the present invention is not limited to the above-described embodiments, and further modifications, replacements, and replacements may be made without departing from the basic technical idea of the present invention. Adjustments can be made. For example, in the above-described embodiment, the figure M1 (appropriate) and M2 (subject) are used to represent the distance between the subject and the proper position, and the subject position is guided to the proper position. It is also possible to adopt a configuration that guides the position of the subject to an appropriate position with a figure that can point in the direction of an arrow symbol or the like (see symbols M3 and M6 in FIGS. 9 and 11).

  Instead of the figures M1 (appropriate) and M2 (subject) in the above-described embodiment, a graph indicating the distance between the subject and the appropriate position is displayed, or a pointer indicating the position of the subject is displayed with the appropriate position as the center of the screen. A configuration that informs the user of the appropriate position of the subject using a technique can also be adopted.

  Also, instead of the above-mentioned figures, it is possible to adopt a configuration in which the distance between the subject and the appropriate position is notified by changing the shape of the character or cursor being operated by the user (see symbol M3 in FIG. 9) and the display position. It is. For example, in the example of FIG. 9, an arrow M <b> 3 notifying the appropriate position is displayed at the cursor position of the telephone number input by the user. Further, for example, in the example of FIG. 10, the appropriate position of the subject is represented by the figure M4, and the current position of the subject is represented by the display position M5 of the telephone number input by the user. In addition, it is also possible to give a role as a sign that guides the position of the subject to an appropriate position by adding light and shade to the inputted character, or giving a sense of perspective.

  Of course, as shown in FIG. 11, it is also possible to employ a configuration in which an arrow M6 for guiding the position of the subject to an appropriate position is displayed in parallel with various icon groups at the top of the screen of the mobile terminal.

  The first to fifth embodiments described above can be combined as appropriate. For example, it is also possible to adopt a configuration in which user authentication is terminated at both the arrival of a certain time (timeout determination) in the second embodiment and the point in time when the use of a specific function in the third embodiment is started.

DESCRIPTION OF SYMBOLS 10 Mobile terminal 11 Control part 12 Display part 13 Key operation part 14 Camera part 15, 25 Authentication image storage part 16 Captured image storage part 17, 27 Authentication part 18 Communication part 20 Authentication server M1-4, M6 figure M5 Character display position

Claims (9)

When the operation is started by the user, the control unit that activates the camera unit and permits the operation until an authentication result is obtained;
An authentication unit that performs user authentication by comparing a subject photographed at a predetermined timing by the camera unit with a pre-registered authentication image;
A position guiding unit for displaying a figure for guiding the position of the subject to an appropriate position on a screen on which the operation content by the user is displayed for a predetermined period after the camera unit is activated;
Mobile terminal equipped with.   2. The position guide unit displays a figure indicating a distance between a current position of the characteristic part of the subject and a target position of the characteristic part of the subject using an image of the subject imaged by the camera unit. Mobile device.   The portable terminal according to claim 1 or 2, wherein a shooting timing of an image used for user authentication is determined based on a distance between a current position of the feature portion of the subject and a target position of the feature portion of the subject.   In place of the figure, the position guiding unit may include a character or cursor input by a specific operation by the user according to a distance between a current position of the feature portion of the subject and a target position of the feature portion of the subject. The portable terminal according to claim 2 or 3, wherein the shape or the display position is changed.   The user authentication by the authentication unit is determined to have failed in user authentication if the user authentication is not completed within a predetermined time or before a specific function is activated by the user's operation. Mobile device.   When the user authentication by the authentication unit is not completed within a predetermined time, the user authentication by another authentication unit is executed. When the user authentication by the other authentication unit is successful, the authentication image at the next user authentication is performed. The mobile terminal according to claim 1, wherein the update operation is performed.   The mobile phone according to any one of claims 1 to 6, wherein user authentication is performed using an authentication server that is arranged on a network and performs authentication processing using a pre-registered authentication image instead of user authentication by the authentication unit. Terminal. When an operation is started by the user, starting the camera;
Performing user authentication by comparing a subject photographed at a predetermined timing by the camera with a pre-registered authentication image;
Displaying a figure for guiding the position of the subject to an appropriate position on a screen on which operation details by the user are displayed for a predetermined period after the camera is activated;
Including
A user authentication method that allows an operation until an authentication result by the user authentication is obtained. A program to be executed by a computer mounted on a camera-equipped mobile terminal,
In response to the start of the operation by the user, the camera is activated, and the process allows the operation until an authentication result by user authentication is obtained;
A process of performing user authentication by comparing a subject photographed at a predetermined timing by the camera with a pre-registered authentication image;
A process of displaying a figure for guiding the position of the subject to an appropriate position on a screen on which operation details by the user are displayed for a predetermined period after the camera is activated;
A program that executes

Images