JP2013109736A - Identity confirmation device, identity confirmation system, identity confirmation method for the same system, and computer program - Google Patents

Abstract

PROBLEM TO BE SOLVED: To enhance accuracy of a mechanism which automatically detects spoofing.SOLUTION: On receiving an identity confirmation request, an operation processing device 32 acquires location information of a request generated point, calculates a distance and time difference between the acquired location information and a previous request generated point, on the basis of the calculated distance and time difference, determines whether the request generated point is within a permissible movable range of an applicant, and authenticates validity of the identity confirmation request. Or, the operation processing device 32 refers to a frequency of identity confirmation requests by the same applicant stored in a storage device 31, determines whether the frequency of identity confirmation requests within a predetermined time is normal, and authenticates validity of the identity confirmation request.

Description

  The present invention relates to a personal identification device, a personal identification system, and a personal identification method in the system, which are connected to a request terminal having a positioning device for positioning an occurrence point of a personal identification request of an applicant by a driver's license via the Internet network. And a computer program.

  Driver's licenses are frequently used for identification purposes as official documents with facial photographs. In recent years, due to advances in printing technology and the expansion of non-face-to-face transactions, elaborate counterfeit driver licenses that cannot be discerned at first glance have been issued, and bank accounts have been opened using driver licenses in the name of others and mobile phones have been used. Opportunities to make a contract and use it illegally for bank transfer fraud increased. For this reason, a driver's license was converted to an IC card from January 4, 2002 (hereinafter referred to as an IC card driver's license). An IC card driver's license is extremely difficult to create a falsified and forged driver's license and can prevent unauthorized use. The IC card driver's license is recorded on the IC chip with the contents written on the surface, and the recorded contents cannot be viewed unless the password is entered into the IC card reader.

  Conventionally, when authentication of vehicle start permission is performed using an IC card driver's license, information necessary for authentication is transmitted to the authentication server via wireless, and the vehicle start permission is also taken into account with information from the authentication server Is known (see, for example, Patent Document 1). According to this method, only authorized persons can drive a car by performing authentication based on information held in the IC card driving license. Also, because authentication information is sent to the authentication server for double authentication, it is possible to improve the accuracy of IC license authentication with a relatively simple configuration, effectively preventing car theft etc. Can do. Furthermore, since the authentication by the authentication server also serves as a position registration request, the current position of the car can be easily grasped, and the position of the stolen car can be easily detected when the car is stolen. .

Japanese Patent Laying-Open No. 2005-29070

  By the way, the driver's license has been converted into an IC card together with the Basic Resident Register etc., but since then there have been cases of spoofing. For example, only the photograph of the person (person who performs fraudulent activity) is used, and the case is caused using the IC card driver's license created. It has also been reported that a person impersonating a third party filed a license loss report with the police and then used a reissued photo of the “spoofer”. On the Internet, IC card driver's license, bank passbook with IC card, and mobile phone have been sold for tens of thousands of yen. In the past, there was a report that a veteran employee of a bank accidentally discovered a forged license at the window and reported it to the police to prevent the incident, but the discovery of a forged IC card driver's license It is a difficult technique. For this reason, the appearance of a mechanism for automatically and automatically detecting impersonation was expected.

  Further, in a conventional credit system, there is no method for confirming a request generation point for knowing where an identity confirmation request has been made. For this reason, there was no way to know even if there was an incorrect report from different addresses using several identical IC card driver licenses that differ only in facial photos.

  The present invention has been made to solve the above-described problems, and provides an identity verification apparatus, an identity verification system, an identity verification method in the same system, and a computer program that improve the accuracy of a mechanism for automatically detecting impersonation The purpose is to do.

  In order to solve the above-described problem, an identity verification apparatus according to a first aspect of the present invention is an identity verification apparatus connected to a request terminal via an Internet network from the request terminal via the Internet network. Each time an identity verification request of an applicant is received, a storage device that stores identity verification request history information including the request occurrence date and time, the request occurrence location or the number of request occurrences, and when the identity verification request is received, the request is generated The position information of the point is acquired, and the distance and time difference between the acquired position information and the request occurrence point generated immediately before stored in the storage device are calculated, and the calculated distance and time difference Determining whether or not the request occurrence point is within the allowable movement range of the applicant, or referring to the number of identification confirmation requests by the same applicant stored in the storage device, Determines whether user identification request number in the constant time, characterized by having a a processing unit to authenticate the user identification request

  According to the identity verification device according to the first aspect of the present invention, upon receiving the identity verification request, the arithmetic processing device acquires the location information of the request occurrence point, and the acquired location information and the occurrence of the request that occurred immediately before The distance and time difference between the points is calculated, and the validity of the identity verification request is verified by determining whether the request generation point is within the allowable movement range of the applicant based on the calculated distance and time difference. To do. Alternatively, the number of identity verification requests by the same applicant stored in the storage device is referred to, whether or not the number of identity confirmation requests within a predetermined time is determined, and the validity of the identity confirmation request is authenticated. For this reason, it is possible to check whether the same license is used at an abnormally separated place within a specified time, or whether the same license is used for identity verification an abnormal number of times. It is possible to provide a personal identification device that improves the accuracy of the automatic detection mechanism.

  Further, in the identity verification device according to the first aspect of the present invention, the request terminal includes a reading device for reading driving license information recorded on an IC chip built in the applicant's IC card driving license. The arithmetic processing unit receives declaration information created by the applicant read by the reading device, received along with the identity verification request, and IC card driving license information recorded on the IC chip; According to the present invention, the consistency of the driver's license information is determined by comparing the verification request point and the number of confirmation requests, in addition to the content of the person's declaration and the content recorded in the driver's license. Therefore, the accuracy of the mechanism for automatically detecting impersonation can be further improved.

Further, in the identity verification device according to the first aspect of the present invention, the request terminal includes a reading device for reading driving license information recorded on an IC chip built in the applicant's IC card driving license. The arithmetic processing unit collates the written information of the driver's license read by the reader and the IC card driver's license information recorded on the IC chip, which is received in response to the identity verification request. Then, the consistency determination of the driver's license information is performed. According to the present invention, in addition to the determination of the confirmation request point and the number of confirmation requests, it is possible to determine the consistency between the written contents of the driver's license and the contents recorded in the driver's license, so that impersonation is automatically detected. The accuracy of the mechanism will be further improved.

In the identity verification device according to the first aspect of the present invention, the arithmetic processing unit includes a counter and a warning flag, and sets an alarm point to be given to the counter based on a result of the consistency determination. When the total of the alarm points reaches a predetermined value, the warning flag is enabled and a message for alerting the requesting terminal is transmitted. According to the present invention, the user can know the level of alerting against fraud by the cumulative value of the alarm points, and since the warning flag is enabled, the user can recognize it as a fraudulent act with high probability. Convenience can be provided.

  In the identity verification device according to the first aspect of the present invention, the requesting terminal further includes a reading device that reads driving license information recorded on an IC chip built in the applicant's IC card driving license. And the arithmetic processing unit collates the report information received by the applicant with the identity verification request and the IC card driving license information recorded on the IC chip read by the reading device. The consistency determination of the driver's license information is performed. According to the present invention, in addition to the determination of the confirmation request point and the number of confirmation requests, the determination of the consistency between the content written on the driver's license and the content of the person's declaration and the written content on the driver's license and the built-in IC chip Therefore, the accuracy of the mechanism for automatically detecting impersonation can be improved.

  In the identity verification device according to the first aspect of the present invention, the request terminal further includes an imaging device for taking a photograph of the applicant's face, and the arithmetic processing unit is received in response to the identity verification request. The driver's license information is judged to be consistent by comparing the applicant's face photograph image with the face photograph image recorded on the IC chip. According to the present invention, in addition to the determination of the confirmation request point or the number of confirmation requests, it is also possible to determine the consistency between the driver's license and the declaration contents and / or the consistency determination based on a facial photograph, so that impersonation is automatically performed. The accuracy of the detection mechanism can be further improved.

  Further, in the identity verification device according to the first aspect of the present invention, the storage device further records telephone number usage history information in which a telephone number usage status is accumulated for a predetermined period, and the arithmetic processing unit includes: The telephone number usage history information is referred to, and the number of years of residence or the number of years of service is determined from the telephone number usage history included in the reporting information by the applicant, thereby authenticating the validity of the reporting information. According to the present invention, in addition to the determination of the confirmation request point or the number of confirmation requests, in addition to the determination of the consistency between the driver's license and the declaration contents, the consistency determination by the face photograph and / or the telephone number usage history Since it is possible to determine the consistency based on the number of years of residence or years of service, the accuracy of the mechanism for automatically detecting impersonation can be further improved.

  In order to solve the above-described problem, an identity verification system according to a second aspect of the present invention is a principal authentication system in which a request terminal and the request terminal are connected via an Internet network, and at least a storage device and a processing unit are included. An identity verification system comprising a confirmation device, wherein each time the processor receives an identity confirmation request from the requesting terminal via the Internet network, the request occurrence date and time, the request occurrence location or the request The identification information including the number of occurrences is accumulated in the storage device, and when the identity confirmation request is received, the location information of the request occurrence point is acquired, and the acquired location information and the storage device are accumulated. And calculating the distance and time difference between the request occurrence point and the request occurrence point that occurred immediately before the request, and the request occurrence point is determined to be the applicant by the calculated distance and time difference. It is determined whether or not it is within an allowable movement range, or it is determined whether or not it is the number of identity verification requests within a predetermined time by referring to the number of identity verification requests by the same applicant stored in the storage device, The validity of the identity verification request is authenticated, and the request terminal is responded via the Internet network.

  According to the identity verification system according to the second aspect of the present invention, when the identity processing request is received, the arithmetic processing unit acquires the location information of the request occurrence point, and the acquired location information and the occurrence of the request that occurred immediately before The distance and time difference between the points is calculated, and the validity of the identity verification request is verified by determining whether the request generation point is within the allowable movement range of the applicant based on the calculated distance and time difference. To respond to the requesting terminal. Alternatively, referring to the number of identity verification requests by the same applicant stored in the storage device, it is determined whether or not the number of identity confirmation requests within a predetermined time, and the validity of the identity verification request is authenticated and responded to the requesting terminal. To do. For this reason, it is possible to check whether the same license is used at an abnormally separated place within a specified time, or whether the same license is used for identity verification an abnormal number of times. It is possible to provide an identification system that improves the accuracy of the automatic detection mechanism.

  An identity verification method according to a third aspect of the present invention is an identity verification method used in an identity verification system comprising a request terminal and an identity verification device connected to the request terminal via an Internet network, Each time a request for verifying the applicant's identity is received from the requesting terminal via the Internet network, an identity verification request history storing step for storing the identity verification request history information including the request occurrence date and time, the request occurrence location or the request occurrence frequency. And receiving the identity verification request, obtains position information of the request occurrence point, a distance and a time difference between the obtained position information and the request occurrence point generated immediately before stored in the storage device, And determining whether the request occurrence point is within the allowable movement range of the applicant based on the calculated distance and time difference, or storing the storage The number of identification confirmation requests by the same applicant stored in the device is referred to, whether or not the number of identification confirmation requests within a predetermined time is determined, the validity of the identification confirmation request is authenticated, and the request is made via the Internet network. And an authentication step for responding to the terminal.

  According to the identity verification method according to the third aspect of the present invention, when the identity verification request is received in the authentication step, the location information of the request occurrence point is acquired, and the acquired location information and the request occurrence location that occurred immediately before are obtained. The distance and time difference between the two is calculated, and based on the calculated distance and time difference, it is determined whether or not the request occurrence point is within the allowable movement range of the applicant, and the validity of the identity verification request is authenticated. Respond to the requesting terminal. Alternatively, referring to the number of identity verification requests by the same applicant stored in the storage device, it is determined whether or not the number of identity confirmation requests within a predetermined time, and the validity of the identity verification request is authenticated and responded to the requesting terminal. To do. For this reason, it is possible to check whether the same license is used at an abnormally separated place within a specified time, or whether the same license is used for identity verification an abnormal number of times. It is possible to provide an identity verification method that improves the accuracy of the automatic detection mechanism.

  A computer program according to a fourth aspect of the present invention is a computer program that is executed on a computer and that is used for an identity verification apparatus connected to a requesting terminal via an Internet network, the computer program including the Internet network Each time a request for confirmation of the applicant's identity is received from the requesting terminal via the request confirmation date and time, and the identity confirmation request history accumulation process for accumulating the identity confirmation request history information including the request occurrence location or the request occurrence number; Upon receiving the identity verification request, obtain the location information of the request occurrence point, calculate the distance and time difference between the obtained location information and the request occurrence point generated immediately before the accumulation, It is determined whether the request generation point is within the allowable movable range of the applicant based on the calculated distance and time difference, or An authentication process for referring to the number of identity verification requests by the same applicant stored in the storage device, determining whether or not the number of identity confirmation requests within a predetermined time, and authenticating the validity of the identity confirmation request. It is characterized by making it.

  According to the computer program according to the fourth aspect of the present invention, when the personal identification request is received by the computer executing the authentication process, the position information of the request occurrence point is acquired, and the acquired position information and immediately before Calculate the distance and time difference between the requested request occurrence point and determine whether the request occurrence point is within the allowable movement range of the applicant based on the calculated distance and time difference. Authenticate the validity. Alternatively, the number of identity verification requests by the same applicant stored in the storage device is referred to, whether or not the number of identity confirmation requests within a predetermined time is determined, and the validity of the identity confirmation request is authenticated. For this reason, it is possible to check whether the same license is used at an abnormally separated place within a specified time, or whether the same license is used for identity verification an abnormal number of times. It is possible to provide a computer program that improves the accuracy of the automatic detection mechanism.

  According to the present invention, it is possible to provide a personal identification device, a personal identification system, a personal identification method in the system, and a computer program that improve the accuracy of a mechanism for automatically detecting impersonation.

It is a figure which shows an example of the connection structure of the identification system which concerns on embodiment of this invention. It is a block diagram which shows the structure of the identification apparatus which concerns on embodiment of this invention. It is a figure which shows an example of the data structure of the database which the identification apparatus which concerns on embodiment of this invention uses. It is a block diagram which shows the structure of the request | requirement terminal used with the identification system which concerns on embodiment of this invention. It is a flowchart which shows the basic operation | movement of the identification apparatus which concerns on embodiment of this invention. It is a flowchart which shows the confirmation log | history determination processing operation | movement of the principal confirmation apparatus which concerns on embodiment of this invention. It is a flowchart which shows the processing operation | movement of the consistency determination (1) of the identification apparatus which concerns on embodiment of this invention. It is a flowchart which shows the processing operation | movement of consistency determination (2) of the identification apparatus which concerns on embodiment of this invention. It is a flowchart which shows the processing operation of the consistency determination (3) of the personal identification apparatus which concerns on embodiment of this invention. It is a flowchart which shows the processing operation of the consistency determination (3) of the personal identification apparatus which concerns on embodiment of this invention. It is a flowchart which shows the processing operation | movement of the consistency determination (4) of the identification apparatus which concerns on embodiment of this invention. It is a flowchart which shows the processing operation | movement of the consistency determination (4) of the identification apparatus which concerns on embodiment of this invention. It is a flowchart which shows the processing operation | movement of consistency determination (5) of the identification apparatus which concerns on embodiment of this invention. It is a flowchart which shows the processing operation | movement of a consistency determination (6) of the identification apparatus which concerns on embodiment of this invention. It is a flowchart which shows the processing operation | movement of consistency determination (7) of the identification apparatus which concerns on embodiment of this invention. It is the figure which showed an example of the "reason display" used by the use condition determination process of the identification apparatus which concerns on embodiment of this invention in a table format.

  DESCRIPTION OF EMBODIMENTS Hereinafter, embodiments for carrying out the present invention (hereinafter referred to as embodiments) will be described in detail with reference to the accompanying drawings. Note that the same number is assigned to the same element throughout the description of the embodiment.

(Configuration of the embodiment)
FIG. 1 is a diagram illustrating an example of a connection configuration of the identification system according to the present embodiment. The identity verification system 100 shown in FIG. 1 is a request terminal 1 that includes a position positioning device that includes, for example, a GPS (Global Positioning System) receiver for positioning the location where an applicant's identity verification request is generated by an IC card driver's license 101. The request terminal 1 includes an identity verification device 3 connected via the Internet network (IP: Internet Protocol network). The request terminal 1 is managed and operated on the user side, such as a bank, a credit company, consumer finance, a mail order company, or a hotel. The identity verification device 3 is a so-called client server system managed and operated on the service provider side that examines and responds to the identity verification request based on the IC card license of the applicant sent for credit from the user. Takes form.

  In addition to the PC (Personal Computer) main body and the GPS receiver described above, the request terminal 1 includes license information recorded on an IC chip built in the IC card driver's license 101 and a declaration document 102 created at the time of application. It is assumed that a peripheral device is provided with a reading device for reading the image and a photographing device such as a Web (World Wide Web) camera that takes a photograph of the applicant's face. Details of the request terminal 1 will be described later.

  As shown in FIG. 2, the identity verification device 3 includes a storage device 31 and an arithmetic processing device 32, and the arithmetic processing device 32 receives an IC card driving license of the applicant from the requesting terminal 1 via the IP network 2. Each time a personal identification request based on the request is received, personal identification request history information including the request occurrence date and time, the request occurrence point, or the number of request occurrences is accumulated in the storage device 31. And the arithmetic processing unit 32 will acquire the positional information on a request | requirement generation | occurrence | production point, if the identity verification request | requirement is received, and the distance between the acquired positional information and the request | requirement generation | occurrence | production point generated immediately before accumulate | stored in the memory | storage device 31 And the time difference are calculated, and it is determined whether or not the request occurrence point is within the allowable movement range of the applicant based on the calculated distance and time difference. Alternatively, the number of identity verification requests by the same applicant stored in the storage device 31 is referred to determine whether the number is the number of identity confirmation requests within a predetermined time, and the validity of the identity confirmation request is authenticated. Then, it responds to the requesting terminal 1 via the IP network 3.

  As the storage device 31, for example, a semiconductor memory such as a DRAM (Dynamic Random Access Memory), a large capacity auxiliary memory such as an HDD (Hard Disc Drive), and the like are mounted. In addition to a program area (not shown) in which a computer program of the present invention to be described later is allocated and stored in the storage device 31, a password management table 310, a request history information DB (Data Base) 311, a license information DB 312, a telephone It includes a data area to which the number use history information DB 313 is allocated and stored. The arithmetic processing unit 32 responds to the identity verification request issued from the requesting terminal 1 by sequentially reading out the computer program and executing it while referring to the various databases 310, 311, 312, 313.

  An example of the data structure of these tables and DB is shown in FIG. FIG. 3A shows data items of the password management table 310 that stores the password of the IC card driver's license 101 that is input by the reporter when requesting identification. The password management table 310 includes data items of “password (PW)”, “name (company name)”, “address”, “phone number”, and “business type code”. FIG. 3B shows data items of the request history information DB 311 in which the request confirmation history of the identity confirmation request is accumulated. The request history information DB 311 includes at least data items of “time stamp”, “license number”, “position information”, and “identification confirmation result information”. Note that the request history information DB 311 may further record a data item for “number of times of identity verification request” as a data item.

  FIG. 3C shows data items of the license information DB 312 in which the driver's declaration information and the license information recorded in the IC chip in which the IC card driving license is built and read by the reading device are stored. The license information DB 312 includes at least data items of “license number”, “personal declaration information”, and “IC chip reading information”. The license information DB 312 may include a photograph of the photographed face of the applicant.

  The password management table 310, the request history information DB 311, and the license information DB 312 are all created and stored by the arithmetic processing device 32 every time there is an identity confirmation request from the requesting terminal 1 via the IP network 2. In the identity verification device 3 according to the present embodiment, the location information is recorded only in the request history information DB 311, but may be recorded in either the password management table 310 or the license information DB 312.

  FIG. 3D shows data items of the telephone number history information DB 313. The telephone number history information DB 313 includes at least data items of “phone number”, “reason display”, and “survey date”. The applicant has already filed a patent application for a self-supporting telephone number cleaning system that uses this telephone number history information DB 313 to determine whether or not a telephone number of a desired telephone number subscriber is valid. Nos. 117235, 2002-232583, 2006-33870, and 2006-67006.

  FIG. 16 shows a typical example of “reason display” returned from the exchange when a telephone number is transmitted on an ISDN (Integrated Digital Service) network. The reason indication from the digital exchange follows the basic call control procedure of the circuit-switched call defined in JT-Q931 by the TTC (Telephone and Telephone Technical Committee) standard based on the CCITT (International Telegraph and Telephone Consultative Committee) recommendation. NTT publishes a reason display in technical data of INS (Information Network System) net service.

  The telephone number screening system collects JT-Q931 (Layer 3) information using a call control message with the exchange. The reason display from the exchange includes "001: missing number", "016: normal", "022: subscriber number change", "028: invalid number", etc. At the same time, the survey date is stored in the telephone number history information DB 313.

  In addition to “in-use telephone number” and “unused telephone number”, the reason display from the switchboard is broadly classified as “A: a telephone number that can be removed even if it is in use”, “B: unused. Even if it is a phone number (telephone number during message guidance for relocation), (telephone number during message guidance for contact) "," C: phone number during message guidance for wrong number message ", (guidance for messages not currently used) Phone number) ”,“ D: phone number that has been used this time from an unused phone number in the previous survey ”, and the like. The collected telephone number, reason display, survey date, and other data at the time of the survey are stored in a database, and the telephone number history information DB 313 can be constructed by performing this process periodically or as needed. it can.

  Returning to FIG. Each time the processing unit 32 receives an applicant's identity confirmation request from the requesting terminal 1 via the IP network 2, it stores the identity confirmation request history information including the request occurrence date and time, the request occurrence location or the number of request occurrences. 31 (request history information DB 311). When the processing unit 32 receives the identity confirmation request, the arithmetic processing unit 32 acquires the position information of the request generation point, and the acquired position information and the request generation point generated immediately before being stored in the storage device (request history information DB 311). A function for calculating the distance and time difference between them and determining whether the request occurrence point is within the allowable movable range of the applicant based on the calculated distance and time difference and authenticating the validity of the identity verification request Have Alternatively, referring to the number of identity verification requests by the same applicant stored in the storage device 31 (request history information DB 311), it is determined whether or not the number of identity confirmation requests within a predetermined time, and the validity of the identity confirmation request is authenticated. It has the function to do.

  For this reason, the arithmetic processing unit 32 has an authentication processing unit 320, a network interface unit 321, and a confirmation history determination unit 322, as the structure of the computer program of the present invention that executes the above functions is expanded and shown. And a consistency determination unit 323 and a usage status determination unit 324.

  When receiving the identity confirmation request from the requesting terminal 1 via the network interface unit 321, the authentication processing unit 320 sequentially activates the confirmation history determination unit 322, the consistency determination unit 323, and the usage status determination unit 324, and the respective determination results Or obtains a determination result based on an arbitrary combination selected from the confirmation history determination unit 322, the consistency determination unit 323, and the usage state determination unit 324, and uses the determination result as the network interface unit 321 and the IP network 2. The sequence control for the identity verification method of the present invention, which is handed over to the requesting terminal 1 via, is performed.

  When receiving the identity confirmation request under the control of the authentication processing unit 320, the confirmation history determination unit 322 acquires the position information of the request occurrence point, and stores the acquired position information and the storage device 31 (request history information DB 311). Calculate the distance and time difference from the request occurrence point that occurred immediately before being accumulated, and determine whether the request occurrence point is within the allowable movement range of the applicant based on the calculated distance and time difference. Or, referring to the number of person confirmation requests by the same applicant stored in the storage device 31 (request history information DB 311), it is determined whether or not the number of person confirmation requests is within a predetermined time, and the validity of the person confirmation request is confirmed. Authenticate and hand over to the authentication processing unit 320.

  Consistency determination unit 323 is controlled by authentication processing unit 320 to receive declaration information by the applicant, which is received in response to the identity confirmation request, and IC card driver's license information recorded on the IC chip read by the reading device. The driver license information is checked for consistency and handed over to the authentication processing unit 320. The consistency determination unit 323 also determines the consistency of the driver's license information by comparing the applicant's face photo image received with the identity verification request with the face photo image recorded on the IC chip. The authentication processing unit 320 may be handed over. The consistency determining unit 323 includes a counter 320a that counts alarm points, which will be described later, and a warning flag 320b that turns on a warning display. Details of the counter 320a and the warning flag 320b will be described later.

  The usage status determination unit 324 refers to the telephone number usage history information DB 313 under the control of the authentication processing unit 320, determines the number of years of residence or the number of years of service from the usage history of the telephone number included in the reporting information by the applicant, and reports The validity of the information is authenticated and handed over to the authentication processing unit 320.

  FIG. 5 is a diagram illustrating a configuration of the request terminal 1. As shown in FIG. 5, the request terminal 1 includes a control unit 10, a storage unit 11, a GPS receiver 12, an imaging unit 13, an IC reader unit 14, an OCR (Optical Character Reader) scanner unit 15, The communication control unit 16 and the display unit 17 are included.

  The control unit 10 generates an identity verification request based on the IC card license, transmits the identity verification request to the identity verification device 3 via the communication control unit 16 and the IP network 2, and identifies the identity verification that is an authentication result by the identity verification device 3. Is displayed on the display unit 17. In addition to storing a program for this purpose in a partial area of the storage unit 11, the location information of the location where the identity verification request is sent, which is attached to the identity verification request, is incorporated in the IC card driver's license 101. The license information recorded by the IC chip, the declaration document by the person himself / herself, the face photo image, etc. are temporarily stored.

  Here, the location information of the identity verification request occurrence point is the GPS receiver 12, and the license information recorded by the IC chip built in the IC card driving license 101 is the declaration document created by the applicant from the IC reader unit 14. 102 is generated by the OCR scanner unit 15, and the face photograph image is generated by the imaging unit 13, and transmitted to the identity verification device 3 via the communication control unit 16 and the IP network 2.

  If the OCR scanner unit 15 is a color scanner, it can identify even the display color on the IC card driver's license 101. Therefore, each time a user confirms the user's identity confirmation, the control unit 10 returns the driver's license information and address information such as the driver's license information 102 by the applicant's declaration, and the IC card driver's license 101 captured in the image. Are converted into digital data and stored in the storage unit 11, and transmitted to the identity verification device 3 via the communication control unit 16 and the IP network 2. At this time, since the driver's license information is automatically converted into digital data, the OCR scanner unit 15 is provided with a simple tool used only for proofreading the conversion result. In addition, the colors of green, blue, gold, etc. displayed on the validity period display column of the license required for identity verification and the display characters of the Public Safety Commission displayed below the face photo, etc. It can be captured clearly and transmitted to the identity verification device 2.

  Further, since the IC reader unit 14 captures a face photo image from the IC chip built in the IC card driver's license 101, it can be added to the license information DB 312. As a result, if the face photo image of the same license information at the previous (immediate) determination recorded in the request history information DB 311 and the face photo image at the current determination are different, 1 (display unit 17) can display an alarm (attention message) and can provide a more advanced determination result. Further, in the identity verification device 3, a face photograph image of a reporter photographed by the request terminal 1 (imaging unit 13), a face photograph image recorded on an IC chip built in the IC card license 101, and license information. By matching the three face photographic images of the face photographic images recorded in the DB 312, it becomes possible to identify the person with higher accuracy.

  In the claims, the GPS receiver 12 is expressed as a positioning device, the imaging unit 13 as an imaging device, the IC reader unit 14 and the OCR scanner unit 15 are collectively expressed as a reading device.

  The communication control unit 16 is a communication adapter that serves as an interface with the identity verification device 3 connected via the IP network 2. For example, according to a TCP / IP (Transmission Control Protocol / Internet Protocol) protocol, an identity verification request generated by the control unit 10 is transmitted to the identity verification device 3 via the IP network 2, and the identity verification device 3 transmits the IP network 2. Receive authentication result via. The display unit 17 displays an authentication result including an alarm by the identity verification device 3 and also displays various types of information generated by the control unit 10. For example, an LCD (Liquid crystal Device) or an organic EL (OLED: Organic) This is a display monitor having Electro-Luminescence) as a display device.

(Operation of the embodiment)
5 to 15 are flowcharts showing the operation of the identity verification device 3 according to this embodiment. Hereinafter, the operation of the personal identification device 3 according to the present embodiment shown in FIG. 2 will be described in detail with reference to the flowcharts of FIGS.

  First, the basic operation of the personal identification device 3 will be described with reference to the flowchart of FIG. When the personal identification device 3 (authentication processing unit 320) receives the personal identification request from the requesting terminal 1 via the network interface unit 321 ("YES" in step S11), the request generation point attached to the personal identification request and transmitted is sent. Position information and time are acquired (step S12). Then, under sequence control by the authentication processing unit 320, the confirmation history determination unit 322 determines between the acquired position information and the request occurrence point generated immediately before stored in the storage device 31 (request history information DB 311). A distance and time difference are calculated, and a confirmation history determination process is executed to determine whether or not the current request occurrence point is within the allowable movement range of the applicant based on the calculated distance and time difference (step S13).

  A detailed procedure of the confirmation history determination process is shown in FIG. According to FIG. 6, the confirmation history determination unit 322 obtains the address information of the request occurrence point that is the location of the request terminal 1 from the latitude and longitude information measured by the request terminal 1 (GPS receiver 12) (step S131). . The address information of the request occurrence point obtained here is recorded in the request history information DB 311 and the license information DB 312 together with the license information of the IC card driving license 101. Subsequently, the confirmation history determination unit 322 reads the address information of the request occurrence point including the latest person confirmation request time and latitude / longitude of the same license number from the request history information DB 311 (step S132). Then, the most recent read confirmation request time and the address information of the request occurrence point are compared with the present confirmation request occurrence time and the address information of the confirmation request point, and the distance and time difference between them are calculated. (Step S133). Since the method for calculating the distance based on the principle of triangulation or the like from the latitude and longitude information is well known, the description thereof is omitted here.

  Next, the confirmation history determination unit 322 determines whether there is a falsification by determining whether the calculated distance is a normally reachable distance. For example, if there is a request for identity verification from Osaka and Tokyo within 2 hours from a claimant who has an IC card driver's license 101 with the same license number, the identity verification will be performed immediately before the confirmation request point where the identity verification request was made. The distance between the requested confirmation request points is found to be a distance within the impossible travel time. In this case, the confirmation history determination unit 322 is false for the identity confirmation request at the impossible distance. Certify.

  Note that here, the confirmation history determination unit 322 calculates the distance and time difference between the position information of the request occurrence point acquired when the identity confirmation request is received and the position information of the request occurrence point generated immediately before. Then, it is determined whether or not the distance between the request generation points is within the allowable movement range of the applicant, and the validity of the identity verification request is authenticated. In addition, the validity of the identity confirmation request is determined by referring to the data item of the number of identity confirmation requests by the same applicant stored in the request history information DB 311 and determining whether the number of identity confirmation requests within a predetermined time. May be authenticated.

  In the identity verification device 3 according to the present embodiment, a password management table 310 is also allocated and stored in a partial area of the storage device 31. As described above, the password management table 310 stores the business type together with the company outline such as company name, address, and telephone. This industry is provided with an industry code that can distinguish banks, credit companies, consumer finance, mail order companies, hotels, and the like. Therefore, it is stored as a history including when and in which industry, which company requested the identity verification determination, and the determination result.

  In this way, by referring to the request history that is the result of the past determination, the applicant who has the same IC card driver's license 101 as the current determination result applies for a loan many times within a certain period and applies for credit. Alternatively, it is possible to make an action determination such as purchasing an article to an abnormal degree. In addition, since it is possible to make a comprehensive judgment by comparing the previous judgment result with the current judgment result, it is possible to perform credit with high accuracy. For example, even if the name and address are the same, the license numbers do not match, or even if the license numbers match, even if the name and address are different, they are adopted as a comprehensive judgment element and alarmed. In this comprehensive determination, it goes without saying that the search of the request history information DB 311 employs not only a license number but also an individual confirmation request history referred to by a plurality of searches by name and address search.

  Returning to FIG. The confirmation history determination unit 322 delivers the above-described confirmation history determination processing result to the authentication processing unit 320. The authentication processing unit 320 determines that the confirmation history determination unit 322 determines that the point of the current identity verification request is not within the allowable movement range of the applicant and meets the alarm condition (step S14 “YES”). An alarm response indicating that it is a falsification is sent to the requesting terminal 1 that has requested the identity confirmation via the network interface unit 321. On the other hand, when the confirmation history determination unit 322 determines that the current request occurrence point is within the allowable movement range of the applicant and does not meet the alarm condition (“NO” in step S14), the process proceeds to the next consistency determination process. .

  In executing the consistency determination process, the authentication processing unit 320 receives the identification information by the applicant, the IC card, which is read by the OCR scanner unit 15 attached when the identity verification request is received via the network interface unit 321. The driver's license cover information and the driver's license information recorded on the IC chip read by the IC reader unit 14 are acquired and delivered to the consistency determining unit 323 (step S15). In response to this, the consistency determination unit 323 performs consistency between these pieces of information to determine consistency of the driving license information (step S16). At this time, the consistency determination unit 323 also compares the applicant's face photo image received in response to the identity confirmation request with the face photo image recorded on the IC chip built in the IC card driver's license 101. . A detailed procedure of the consistency determination process (step S16) is shown in FIG.

  Prior to the detailed procedure of the consistency determination process (step S16), the license information printed on the IC card driving license 101 or recorded on the built-in IC chip will be described. The unique license number printed or recorded on the IC card driver's license has a 12-digit number from N1 to N12. The first two digits, N1 and N2, indicate the prefecture code for which the license was obtained for the first time. Hokkaido [10], Hakodate [11], Asahikawa [12], Kushiro [13], Kitami [14], Aomori [20], Iwate [21], Miyagi [22], Akita [23], Yamagata [24], Fukushima [25], Tokyo [30], Ibaraki [40], Tochigi [41], Gunma [42], Saitama [43], Chiba [44], Kanagawa [45], Niigata [46], Yamanashi [47], Nagano [48], Shizuoka [49], Toyama [50], Ishikawa [51], Fukui [52], Gifu [53], Aichi [54], Mie [55], Shiga [60], Kyoto [61], Osaka [62], Hyogo [63], Nara [64], Wakayama [65], Tottori [70], Shimane [71], Okayama [72], Hiroshima [73], Yamaguchi [74], Tokushima [80], Kagawa [81], Ehime [82], publicly known [83], Fukuoka [90], Saga [91], Nagasaki [92], Kumamoto [93], Oita [94], Miyazaki [95], Kagoshima [96], Okinawa [97].

  N3 and N4 in the third to fourth digits from the beginning indicate the last two digits of the year of the year when the license was first acquired. For example, when acquired in 1999, it becomes “99”. N5 to N10 in the 5th to 10th digits from the top are not disclosed. N11 of 11 digits from the head indicates a check digit, and it has been found that the check digit calculation method is a modulus 11 weight calculation formula. For example, the weight is sequentially multiplied by 2,3,4,5,6,7,2,3,4,5 from the last N10 digits, the sum is divided by 11, and the remainder X is obtained. It has been found to be a check digit value. More specifically, if the license number is [123456789032], 0 * 2 + 9 * 3 + 8 * 4 + 7 * 5 + 6 * 6 + 5 * 7 + 4 * 2 + 3 * 3 + 2 * 4 + 1 * 5 = 195, and the remainder obtained by dividing this by 11 8 and 11−8 = 3, the check digit value becomes 3.

  N12 of 12 digits from the top is the number of reissues. If it is the first reissue, it is “1”, and if it is the second, “2”, and the number of reissues is displayed.

  Here, the color and validity period of the driver's license will be described. The fifth row from the top row of the license (the bottom row of the [Grant] row) displays the valid date, and the driving status and license update history status can be seen at a glance with color display. For example, from the first acquisition until the first renewal (or other license acquisition) is green, the validity period is 3 years and when another license is acquired, it is green. After the initial renewal, it is blue and valid for 5 and 3 years. No accident and no violation for 5 years after obtaining the license is gold. In this case, the license is valid for 5 years.

  The valid period of the license issued when an unlicensed person obtains the license for the first time is uniformly “the day one month after the third birthday after the day of taking the aptitude test”. ing. If a person who has some kind of license obtains another type of license, a new driver's license is issued in exchange for the previous license, and the validity period of the new license is as follows. That is, the “excellent driver” means a person who has been continuously licensed for 5 years or more and has never committed a violation in the past 5 years. “General driver” means a person who has been continuously licensed for 5 years or more, and has been violated only once for 3 years or less. In addition, a “violating driver” must have a license for 5 years or more, and the violation score for the past 5 years is 2 or more A person who exceeds 3 points.

  On the condition of the IC card driving license information described above, the consistency determination unit 323 includes the contents of the declaration document 102 created by the applicant, the license information recorded in the IC card driving license 101, and the IC card driving license. 101, the contents written in the table 101, the license information recorded in the IC card driver's license 101, and the consistency of general items are determined. Hereinafter, the consistency determination process of these license information will be described in detail with reference to the flowcharts of FIGS.

  First, in the consistency determination (1) process between the content of the declaration document 102 and the license information recorded in the IC card driver's license 101 shown in the flowchart of FIG. It is determined whether or not they match (step S101). If the names do not match (step S101 “NO”), the consistency determination unit 323 sets the alarm point 999 in the built-in counter 323a and sets the warning flag 323b to ON (step S102). In response to this, the authentication processing unit 320 can respond via the network interface unit 321 and the IP network 2 with an alarm that the requesting terminal 1 that has requested the identity verification has been forged.

  On the other hand, if the names match (step S101 “YES”), the consistency determination unit 323 continues to determine the date of birth (step S103). When the dates of birth do not match (step S103 “NO”), the consistency determination unit 323 sets the alarm point 999 in the built-in counter 323a and sets the warning flag 323b to ON (step S104). As a result, the authentication processing unit 320 can respond with an alarm that the requesting terminal 1 that has requested the identity verification has been forged via the network interface unit 321 and the IP network 2.

  Subsequently, when the dates of birth match (step S103 “YES”), the consistency determination unit 323 determines an address match (step S105). When the addresses do not match (step S105 “NO”), the consistency determination unit 323 sets the alarm point 999 in the built-in counter 323a and sets the warning flag 323b to ON (step S106). As a result, the authentication processing unit 320 can respond with an alarm that the requesting terminal 1 that has requested the identity verification has been forged via the network interface unit 321 and the IP network 2.

  When the addresses match (step S105 “YES”), the consistency determination unit 323 determines whether the face photos match (step S107). If the face photos do not match (step S107 “NO”), the consistency determination unit 323 sets the alarm point 999 in the built-in counter 323a and sets the warning flag 323b to ON (step S108). As a result, the authentication processing unit 320 can respond with an alarm that the requesting terminal 1 that has requested the identity verification has been forged via the network interface unit 321 and the IP network 2.

  Next, with reference to the flowchart of FIG. 8, the processing operation of the consistency determination (2) between the table of the IC card driver's license 101 and the license information recorded in the IC card driver's license 101 will be described. In FIG. 8, the processing in steps S111 to S116 is the same as the processing in each of steps S101 to S106 in FIG. When the addresses match (step S115 “YES”), the consistency determination unit 323 determines whether the delivery dates match (step S117). If the delivery dates do not match (step S117 “NO”), the consistency determination unit 323 sets the alarm point 999 in the built-in counter 323a and sets the warning flag 323b to ON (step S168). As a result, the authentication processing unit 320 can respond with an alarm that the requesting terminal 1 that has requested the identity verification has been forged via the network interface unit 321 and the IP network 2.

  If the delivery dates match (step S117 “YES”), the consistency determination unit 323 determines expiration date matching (step S119). When the expiration dates do not match (step S119 “NO”), the consistency determination unit 323 sets the alarm point 999 in the built-in counter 323a and sets the warning flag 323b to ON (step S120). As a result, the authentication processing unit 320 can respond with an alarm that the requesting terminal 1 that has requested the identity verification has been forged via the network interface unit 321 and the IP network 2.

  When the expiration dates match (step S119 “YES”), the consistency determination unit 323 determines whether the license conditions match (step S121). If the license conditions do not match (step S121 “NO”), the consistency determination unit 323 sets the alarm point 999 in the built-in counter 323a and sets the warning flag 323b to ON (step S122). As a result, the authentication processing unit 320 can respond with an alarm that the requesting terminal 1 that has requested the identity verification has been forged via the network interface unit 321 and the IP network 2.

  If the license conditions match (step S121 “YES”), the consistency determination unit 323 determines whether the license numbers match (step S123). If the license conditions do not match (step S123 “NO”), the consistency determination unit 323 sets the alarm point 999 in the built-in counter 323a and sets the warning flag 323b to ON (step S124). As a result, the authentication processing unit 320 can respond with an alarm that the requesting terminal 1 that has requested the identity verification has been forged via the network interface unit 321 and the IP network 2.

  Next, the check contents (consistency determination (3)) of each data item of the IC card driver's license 101 will be described with reference to the flowchart of FIG. In FIG. 9, the consistency determination unit 323 first refers to the effective period and compares the effective period with the current date and time (step S <b> 131). Here, if the validity period is not greater than or equal to the current date and time (step S131 “NO”), the consistency determination unit 323 sets the alarm point 30 in the counter 323a (step S132). Subsequently, the consistency determination unit 323 performs check digit calculation of the license number (step S133). Here, the N11 digit check digit is checked using the modulus 11 weight calculation formula. If they do not match (step S134 “NO”), the alarm point 70 is set in the counter 323a (step S135).

  Subsequently, the consistency determination unit 323 checks the first-time license acquisition prefecture code (step S136). Here, it is checked whether or not the prefecture codes N1 and N2 are in the above example code. If it is not in the example code (“NO” in step S136), the consistency determining unit 323 sets the alarm point 70 in the counter 323a (step S137). Next, the consistency determination unit 323 checks the acquisition year of the first year (step S138). Here, it is determined whether or not the license numbers N3 and N4 match the year of the first license acquisition year, and if there are multiple license acquisition years, whether or not it matches one of the license acquisition years Is also determined. Here, when a mismatch is found (step S138 “NO”), the alarm point 70 is set in the counter 323a (step S139).

  Next, the consistency determination unit 323 checks the number of reissues (Step S140). The reissue check is performed by referring to the reissue number N12. Here, when the number of reissues is 1 (step S140 “YES”), when the alarm point is 30 and when the number of reissues is 2 (“YES” at step S142), when the alarm point is 50 and the number of reissues is 3 or more (step) S144. “YES”), alarm points 70 are set in the counters 323a, respectively (steps S141, S143, S145).

  Subsequently, the consistency determination unit 323 determines whether or not the validity period is 3 years (step S146). Here, the first license acquisition year (the oldest date in the “second / small / hara”, “other”, and “two types” columns) is compared with the validity period. If they match (step S146 “YES”), the consistency determination unit 323 further determines whether or not the display color is green (step S147). When the display color is green (step S147 “YES”), the consistency determination unit 323 calculates the calculation date YYMMDD from the first license acquisition year +3, the birth month +1, and the birthday (step S148). Then, it is determined whether or not the calculated date = YYMMDD matches the effective period (step S149). If they match (step S149 “YES”), the general check is terminated without doing anything. If they do not match (step S149 “NO”), the alarm point 70 is set in the counter 323a and the general check is terminated. .

  When it is determined that the display color determination process in step S147 is not green (“NO” in step S147), the consistency determination unit 323 determines another license after obtaining the first license according to the flowchart shown in FIG. Is determined (step S151). If no other license has been acquired (step S151 “NO”), the alarm point 70 is set in the counter 323a (step S152), and if another license has been acquired (step S151 “YES”). ") And the display color is further determined (step S152). If the display color is blue (step S153 “YES”), nothing is done. If it is not blue (step S153 “NO”), the alarm point 70 is set in the counter 323a (step S154).

  In the validity period determination process in step S146, if there is a mismatch (step S146 “NO”), the consistency determination unit 323 first determines whether or not the validity period is 5 years according to the flowchart of FIG. 10B. (Step S155). If the result is NO (step S155 “NO”), it is further determined whether or not the display color is blue (step S156). If the display color is blue (step S156 “” YES), nothing is done, and if it is not blue (step S156 “NO”), the alarm point 70 is set in the counter 323a (step S157).

  On the other hand, in the effective period determination process of step S155, when it is determined to be effective (step S155 “YES”), the consistency determination unit 323 determines whether or not the display color is gold according to the flowchart of FIG. Is performed (step S158). Here, nothing is done in the case of gold, and when there is no gold (“NO” in step S158), it is further determined whether or not it is blue (step S159). Here, when it is determined that the color is blue (step S159 “YES”), nothing is performed and when it is determined that the color is not blue (step S159 “NO”), the alarm point 70 is set in the counter 323a (step S160). .

  Next, the examination eligibility check (consistency determination (4)) by the consistency determination unit 323 will be described with reference to the flowcharts of FIGS. In FIG. 11, the consistency determination unit 323 first obtains a license from the year of the first license acquisition (the oldest date among the “second, small, original”, “other”, and “two types” columns) and the date of birth. The age (YY) of time is calculated (step S161). Then, from the license type in the oldest column, the examination qualification is checked based on the examination qualification table (first-class, second-class, provisional license, examination qualification by age is described) (FIG. 12). Steps S162 to S164, S167, S168, S170, S171, S173 to S175, S177, S178, S180, S181, S183, S184, S186, S187, S189, S190, and Steps S201, S202, S204, and S205 of FIG. , S207, S208, S210, S211, S213, S214).

  Here, if it is determined that the examination eligibility is satisfied (steps S164 “YES”, S168 “YES”, S175 “YES”, S178 “YES”, S181 “YES”, S184 “YES” in FIG. 11), S187 “YES”, S190 “YES”, and steps S202 “YES”, S205 “YES”, S208 “YES”, S211 “YES”, and S214 “YES”, respectively) in FIG. If nothing is done and it is determined that the examination eligibility is not satisfied (steps S164 “NO”, S168 “NO”, S175 “NO”, S178 “NO”, S181 “NO”, S184 “NO”, S187 “ NO ”, S190“ NO ”, and steps S202“ NO ”, S205“ NO ”, S208“ NO ”, S21 of FIG. “NO”, S214 “NO”), the alarm point 70 is set in the counter 323a (steps S165, S169, S172, S176, S182, S185, S188, S191 in FIG. 11 and steps S203, S206, S209 in FIG. 12). , S212, S215).

  Next, the validity period check (consistency determination (5)) by the consistency determination unit 323 will be described with reference to the flowchart of FIG. In FIG. 13, the consistency determination unit 323 determines the effective period based on the display color. The valid period is 3 years and 5 years for blue, and only 5 years for gold according to the display color. For green, the valid period has been described in the general check in FIGS. 9 and 10. Therefore, in step S221, it is determined whether or not the display color is blue, and in step S222, whether or not it is gold. Here, if it is determined that the color is blue or gold, the consistency determination unit 323 calculates the effective period based on the rule = YYMMDD from the date of issue (steps S223 and S224). Then, it is determined whether or not the calculated YYMMDD is in the valid period (steps S225 and S226). If it is within the valid period, nothing is done. If the valid period has passed (steps S225 “NO”, S226 “NO”), the alarm point 70 is set in the counter 323a (steps S227, S228). .

  If there is a display color other than green, blue, or gold (step S231 “NO”), the consistency determination unit 323 sets the alarm point 70 in the counter 323a (step S232).

  Next, an elderly person check (consistency determination (6)) by the consistency determination unit 323 will be described with reference to the flowchart of FIG. Here, when the age calculated from the date of birth is 70 years based on the date of delivery (step S241 “YES”), the consistency determination unit 323 determines that the date of delivery +4 and the month of birth date + 1. Calculation date YYMMDD is calculated from the birthday (step S242), and it is determined whether this YYMMDD matches the valid period (step S243). If they match (step S243 “YES”), nothing is done and if they do not match (step S243 “NO”), the consistency determination unit 323 sets the alarm point 70 in the counter.

  If the age is 71 years or older (step S241 “NO”), the consistency determination unit 323 calculates the calculation target date = YYMMDD from the grant year + 3, the month of birth date + 1, and the birthday (step S246). ), It is determined whether or not the YYMMDD matches the effective period (step S247). If they match (step S247 “YES”), nothing is done and if they do not match (step S243 “NO”), the consistency determination unit 323 sets the alarm point 70 in the counter.

  In the above-described series of consistency determination processing, the description of the flowchart is omitted for the address check, but whether or not the address matches the name of the prefecture in the prefecture of the Issuing Public Safety Commission We will check. Here again, the consistency determination unit 323 does nothing if they match, and sets the alarm point 70 in the counter if they do not match. It is also determined whether the address matches the address registered in the address master at the prefectural city level. If they match, nothing is done. If they do not match, an alarm point 70 is set in the counter. These checks are performed for each data item of the license to prevent spoofing.

  FIG. 15 shows a flow of comprehensive determination by consistency determination (7). According to FIG. 15, the consistency determination unit 323 adds up the alarm points set in each consistency determination process with reference to the counter 323a (step S151). Here, if the total number of accumulated alarm points is 999 or more (step S252 “YES”), the IC card driver's license used for confirmation in this column is forged and the above-described series of The consistency determination process is interrupted (step S253). If the total point is 999 or less (step S252 “NO”) and 70 or more (step S254 “YES”), it may be transmitted to the requesting terminal 1 so that a “warning” display is displayed ( Step S255). If the total points are 70 or more, in most cases, it is likely that the license is a counterfeit license. If the total point is not less than 0 and not more than 70 (steps S254 “NO”, S256 “YES”), it responds to the requesting terminal 1 so that a display for prompting “attention” is made (step S257).

  As described above, consistency between the declaration information created by the applicant and the license information recorded in the IC card driver's license 101, the written contents of the driver's license and the IC card driver's license recorded in the IC card driver's license The consistency with the contents can be determined, and by using this in combination with the determination of the confirmation request point or the number of confirmation requests, the accuracy of the mechanism for automatically detecting impersonation can be further improved. In addition, the user can know the level of alerting to fraud by the cumulative value of the alarm points, and it can be recognized as fraudulent activity with a high probability when the warning flag is turned on, which improves usability and provides convenience. Can do. In addition, although the identification apparatus 3 according to the present embodiment has been described as transmitting a warning message to the requesting terminal 1 with the warning flag 323b enabled when the alarm point reaches a predetermined value, Any mechanism may be used as long as it is not limited and any unauthorized action is notified to the requesting terminal 2 side. For example, if the request terminal 1 has a built-in voice output device, a voice message for calling attention, a beep sound, a color display or flashing for calling the display device, etc. can be considered.

  Returning to FIG. The consistency determination unit 323 passes the above-described consistency determination processing result to the authentication processing unit 320. If the consistency determination unit 323 determines that the alarm point is 70 or more and the alarm condition is met (step S17 “YES”), the authentication processing unit 320 notifies the requesting terminal 1 of an alarm via the network interface unit 321. Do. On the other hand, if the confirmation history determination unit 322 determines that the alarm point is 70 or less and does not match the alarm condition (“NO” in step S17), the process proceeds to a use status determination process for the next telephone number.

  In executing the telephone number usage status determination process (step S19), the authentication processing unit 320 reads the telephone number history information DB 313 allocated and stored in a predetermined area of the storage device 21 and stores it in the usage status determination unit 324. Deliver (step S18). In response to this, the usage status determination unit 324 determines the number of years of residence or the number of years of service from the usage history of the telephone number included in the reporting information by the applicant, and executes usage status determination processing for authenticating the validity of the reporting information ( Step S19).

  The applicant has already commercialized telephone number history information (product name “DocBe11: registered trademark”), and has a track record of reducing significant financial fraud at financial institutions. Therefore, using the telephone number history information DB 213 allocated and stored in a partial area of the storage device 21, a reason display for a predetermined period retrieved based on a designated telephone number (phone number declared by the applicant) (see FIG. If 8) is used for the determination of the telephone number usage status, it is possible to perform a more advanced identity verification determination.

  For example, the usage history of the applicant's home phone number or work phone number is determined based on the phone number history information DB 313. For example, if the usage period is very short, such as 2 months or 6 months, the declared residence The consistency with the years, years of service, etc. is determined (step S20). If the alarm condition is met (step S20 “YES”), the application can be rejected because it is suspected to be false. Here, a case where the alarm condition is met is, for example, a case where the number of years of residence in the application form is 3 years and the usage history of the telephone number is 2 months. In this way, double and triple checks have the effect of greatly reducing fraud applications.

(Effect of embodiment)
As described above, according to the identity verification device 3 according to the present embodiment, when receiving the identity verification request, the arithmetic processing device 32 acquires the location information of the request generation point, and the acquired location information and the immediately preceding location information are generated. The distance and time difference from the requested request point is calculated, and the calculated distance and time difference are used to determine whether or not the request point is within the allowable movement range of the applicant. Authentication, or referring to the number of identity verification requests by the same applicant stored in the storage device 31 to determine whether or not the number of identity verification requests within a predetermined time, and authenticate the identity verification request To do. For this reason, it is possible to check whether the same license is used at an abnormally separated place within a specified time, or whether the same license is used for identity verification an abnormal number of times. The accuracy of the automatic detection mechanism can be improved. The identity verification device 3 according to the present embodiment is particularly noticeable when used to find a plurality of forged driver's licenses that differ only in a face photograph or a plurality of forged driver's licenses that differ only in a license number. Effects can be obtained. It goes without saying that the identity verification device 3 according to the present embodiment can exhibit the same effect not only when a driver's license is used but also when used for identity verification such as a passport and a health insurance card.

  The arithmetic processing unit 32 collates the applicant's declaration information received in response to the identity confirmation request with the IC card driving license information recorded on the IC chip read by the reading device, thereby driving license information. Judgment of consistency is performed. In this way, in addition to the determination of the confirmation request point or the number of confirmation requests, determination of the consistency between the contents written on the driver's license and the contents of the person's declaration and the written contents on the driver's license and the recording on the built-in IC chip Since the consistency with the contents can be determined, the accuracy of the mechanism for automatically detecting impersonation can be further improved. Furthermore, the arithmetic processing unit 32 compares the applicant's face photo image received with the identity verification request with the face photo image recorded on the IC chip to determine the consistency of the driver's license information. In this way, in addition to the determination of the confirmation request point or the number of confirmation requests, it is possible to determine the consistency between the driver's license and the content of the declaration and / or the consistency determination based on a facial photograph, so that impersonation is automatically detected. The accuracy of the mechanism will be further improved.

  Further, the arithmetic processing device 32 refers to the telephone number usage history information (telephone number history information DB 313) allocated and stored in a partial area of the storage device 31, and uses the telephone number usage history included in the declaration information by the applicant. Judging the years of residence or years of service, and verifying the validity of the declaration information. For this reason, determination of the confirmation request point or the number of confirmation requests, determination of consistency between the driver's license and the declaration contents, consistency determination by facial photograph and / or determination of consistency by years of residence or years of service from telephone number usage history Therefore, the accuracy of the mechanism for automatically detecting impersonation can be further improved.

  In addition, according to the above-described identity verification device 3 according to the present embodiment, each time the identity verification request is transmitted from the requesting terminal 1, a password authorized for each user is issued. Can be judged including the type of business. Further, according to the identity verification device 3 according to the present embodiment, the determination result, the determination date and time, and the license information used for the determination are all recorded in the storage device 31 as the confirmation history information. The history that is the past determination result of the same license can be provided to the requesting user, and the comprehensive determination result that also refers to the determination result and the history can be provided to the user. The user can make a determination not only based on the license information of the applicant alone but also based on the history of the same license.

  In addition, according to the identity verification device 3 according to the present embodiment, it has been described that the location information of the request occurrence point of the identity verification is acquired from the position positioning device (GPS receiver 12) provided in the request terminal 1, but the request terminal 1 If the installation position is managed by information indicating an address or latitude / longitude, the information can be used to replace the position positioning device, and the same effect can be obtained. Further, according to the identity verification device 3 according to the present embodiment, only the identity verification example by the Web using the IP network 2 has been described. However, by distributing a software package, an automatic examination system on the user side (company) Applications such as application to the above are also conceivable. Further, according to the identity verification device 3 according to the present embodiment, only the identity verification by the IC card driver's license has been described. However, an IC chip such as a Juki card, a passport, a health insurance card, etc. is used for identity verification. It can be applied to all certificates when they are built in.

  As mentioned above, although this invention was demonstrated using embodiment, it cannot be overemphasized that the technical scope of this invention is not limited to the range as described in the said embodiment. It will be apparent to those skilled in the art that various modifications or improvements can be added to the above-described embodiments. Further, it is apparent from the scope of the claims that the embodiments added with such changes or improvements can be included in the technical scope of the present invention.

DESCRIPTION OF SYMBOLS 1 Request terminal 2 IP network 3 Identity verification apparatus 10 Control part 11 Storage part 12 GPS receiver 13 Imaging part 14 IC reader part 15 OCR scanner part 16 Communication control part 31 Storage apparatus 32 Processing unit 100 Identity verification system 101 IC card driving license Certificate 102 Declaration document 310 Password management table 311 Request history information DB
312 License Information DB
313 Telephone number history information DB
320 Authentication processing unit 321 Network interface unit 322 Confirmation history determination unit 323 Consistency determination unit 323a Counter
323b Warning flag 324 Usage status determination unit

Claims (9)

The requesting terminal is an identity verification device connected via the Internet,
A storage device that stores identity confirmation request history information including the request occurrence date and time, the request occurrence point or the number of request occurrences, each time an identity confirmation request of the applicant is received from the request terminal via the Internet network;
When the identity verification request is received, position information of the request occurrence point is acquired, and a distance and a time difference between the acquired position information and the request occurrence point generated immediately before being stored in the storage device are calculated. Then, it is determined whether the request generation point is within the allowable movement range of the applicant based on the calculated distance and time difference, or an identity verification request by the same applicant stored in the storage device An arithmetic processing device that refers to the number of times, determines whether or not the number of times of identity verification request within a predetermined time, and authenticates the validity of the identity verification request;
A personal identification device characterized by comprising: The request terminal includes a reading device that reads driver's license information recorded on an IC chip built in the applicant's IC card driver's license,
The arithmetic processing unit includes:
The driver's license is verified by comparing the declaration information created by the applicant read by the reader and the IC card driver's license information recorded on the IC chip, which is received with the identity verification request. The identity verification apparatus according to claim 1, wherein the identification information consistency determination is performed. The request terminal includes a reading device that reads driver's license information recorded on an IC chip built in the applicant's IC card driver's license.
The driver's license information is collated with the written information of the driver's license read by the reader and the IC card driver's license information recorded on the IC chip, which is received in response to the identity verification request. The identity verification apparatus according to claim 1, wherein the consistency determination is performed. The arithmetic processing unit includes:
A counter and a warning flag, setting an alarm point to be given to the counter based on the result of the consistency determination, and enabling the warning flag when the total of the alarm points reaches a predetermined value The identity verification device according to claim 2 or 3, wherein a message for alerting the requesting terminal is transmitted. The request terminal further comprises an imaging device for taking a photo of the applicant's face,
The arithmetic processing unit includes:
The driver's license information is checked for consistency by comparing the applicant's face photo image received with the identity verification request with the face photo image recorded on the IC chip. The identity verification device according to any one of claims 2 to 4. The storage device further records telephone number usage history information in which the usage status of the telephone number is accumulated for a predetermined period,
The arithmetic processing unit includes:
The telephone number usage history information is referred to, the number of years of residence or the number of years of service is determined from the usage history of the telephone number included in the reporting information by the applicant, and the validity of the reporting information is authenticated. The identity verification device according to any one of 1 to 5. The requesting terminal and the requesting terminal are connected via an Internet network, and are an identity verification system comprising at least an identity verification device composed of a storage device and an arithmetic processing unit,
The arithmetic processing unit includes:
Each time a request for verifying the applicant's identity is received from the requesting terminal via the Internet network, the request confirmation date and time, and the identity confirmation request history information including the request occurrence point or the request occurrence number is accumulated in the storage device,
When the identity verification request is received, position information of the request occurrence point is acquired, and a distance and a time difference between the acquired position information and the request occurrence point generated immediately before being stored in the storage device are calculated. Then, it is determined whether the request generation point is within the allowable movement range of the applicant based on the calculated distance and time difference, or an identity verification request by the same applicant stored in the storage device The identity verification system characterized by referring to the number of times, determining whether or not the number of identity verification requests is within a predetermined time, authenticating the validity of the identity verification request, and responding to the requesting terminal via the Internet network . A requesting terminal, and the requesting terminal is an identity verification method used in an identity verification system comprising an identity verification device connected via an Internet network,
Each time a request for verifying the applicant's identity is received from the requesting terminal via the Internet network, the identity verification request history storage for storing the identity verification request history information including the request occurrence date and time, the request occurrence location or the request occurrence frequency. Steps,
When the identity verification request is received, position information of the request occurrence point is acquired, and a distance and a time difference between the acquired position information and the request occurrence point generated immediately before being stored in the storage device are calculated. Then, it is determined whether the request generation point is within the allowable movement range of the applicant based on the calculated distance and time difference, or an identity verification request by the same applicant stored in the storage device An authentication step of referring to the number of times, determining whether or not the number of times of identity verification request within a predetermined time, authenticating the validity of the identity verification request and responding to the requesting terminal via the Internet network;
A personal identification method in the personal identification system, comprising: A computer program that is executed on a computer and used for an identity verification device connected via the Internet network,
In the computer,
Each time a request for verifying the applicant's identity is received from the requesting terminal via the Internet network, the identity verification request history storage for storing the identity verification request history information including the request occurrence date and time, the request occurrence location or the request occurrence frequency. Processing,
Upon receiving the identity verification request, obtain the location information of the request occurrence point, calculate the distance and time difference between the obtained location information and the request occurrence point generated immediately before the accumulation, Based on the calculated distance and time difference, it is determined whether the request generation point is within the allowable movement range of the applicant, or the number of identification confirmation requests by the same applicant stored in the storage device is referred to And a computer program for determining whether or not the number of identity verification requests is within a predetermined time, and executing authentication processing for authenticating the validity of the identity verification request.

Images