JP2019067075A - Biometric authentication device - Google Patents

Abstract

To make security and convenience of electronic money payment compatible in purchase of goods and services.SOLUTION: A biometric authentication device acquires a CID identifying a user and a face image. A face image group of store clerks is downloaded in advance, and the user is authenticated by collating the face image group with an obtained face image. When the authentication is successful, the biometric device requests a settlement device 114 to settle charges for a commodity purchased by the user, and when the settlement device 114 permits the settlement, the biometric device permits the purchase of the commodity. The CID may be associated with a plurality of face images. Then, the user may be authenticated on a condition that a newly obtained face image matches any of a user's face image group.SELECTED DRAWING: Figure 6

Description

  The present invention relates to a payment method using biometrics.

  In recent years, electronic money is rapidly spreading (see Patent Document 1). The user charges electronic money to an IC (Integrated Circuit) card by paying the consolidated cash (precharge), and holds the IC card over the payment terminal. The settlement terminal subtracts the electronic money from the IC card as the price of the product. The user can purchase a product only with the IC card within the charged amount.

Patent No. 4631705

  However, in the above-described fee collection method, if the electronic money charged in the IC card is exhausted, it is necessary to charge the IC card again. The user is restricted in purchasing activity by the charge amount of the IC card.

  In addition, there is a risk that another person will illegally consume electronic money if the IC card is stolen. Generally, by limiting the chargeable amount to a small amount, the damage amount when the IC card is stolen is suppressed. However, if the chargeable amount is suppressed too much, the above-mentioned problem is likely to occur because the charge is frequently required.

  The present invention is an invention completed based on the above problem recognition, and its main object is to achieve both the security and the convenience of electronic money payment in purchasing goods and services.

A biometric authentication device according to an aspect of the present invention includes an ID acquisition unit that acquires a first ID of a user, a biometric information acquisition unit that acquires second biometric information of the user, and a first ID and a first ID of the user. By referring to the first biometric information table in which the biometric information of each is associated in advance, and collating the first biometric information associated with the acquired first ID with the acquired second biometric information An authentication unit that authenticates the user, a settlement request unit that requests an external settlement apparatus to settle a charge for a product purchased by the user when it is determined that the user is fit, and a settlement that receives a settlement availability notification from the settlement apparatus A receiving unit and a purchase permission unit that permits purchase of a product when payment is permitted by the payment apparatus.
The term "merchandise" as used herein includes not only physical goods but also services such as medical and transportation (intangible goods), and may be anything that "gets utility by paying for consideration".

A biometric device according to another aspect of the present invention includes first and second authentication devices.
The first authentication device is connected to the second authentication device via a communication line.
The first authentication device includes an ID acquisition unit that acquires a first ID of a user, a biometric information acquisition unit that acquires second biometric information of the user, a first ID of the user, and the first biometric information. The user is authenticated by referring to the first biometric information table in which the user is associated in advance and collating the first biometric information associated with the acquired first ID with the acquired second biometric information. And an authentication unit, and when it is determined that the authentication is appropriate by the authentication, a third ID associated with the first ID in advance is transmitted to the second authentication apparatus, and the settlement is requested to be made for the payment of the product purchased by the user. A request unit, a payment reception unit for receiving a first payment approval notification from a second authentication device, and a purchase permission unit for permitting purchase of a product when payment is permitted by the second authentication device. .
The second authentication device is connected to the settlement device and the first authentication device via the communication line.
The second authentication device specifies a request reception unit that receives a settlement request including the third ID from the first authentication device, and specifies an account number associated with the third ID to settle the charge for the product. And a settlement notifier that transmits a first settlement availability notification to the first authentication device when the second settlement availability notification is received from the settlement device.

The biometric authentication device in another aspect of the present invention is connected to a payment terminal having a biometric authentication function via a communication network.
This device includes an ID acquisition unit for acquiring a first ID from a user, a biometric information transmission unit for transmitting, to a payment terminal, first biometric information associated with the first ID in advance, and biometric authentication from the payment terminal. An authentication result receiving unit that receives a result, a settlement request unit that requests settlement of charges for goods purchased by the user to an external settlement apparatus when it is determined that the user is fit by authentication, and a settlement availability notification from the settlement apparatus A payment receiving unit and a purchase permission unit for permitting purchase of a product when payment is permitted by the payment apparatus.

A biometric device according to another aspect of the present invention includes first and second authentication devices.
The first authentication device is connected to the second authentication device via a communication line.
The first authentication device includes an ID acquisition unit that acquires a first ID of a user, a biometric information transmission unit that transmits, to a payment terminal, first biometric information associated with the first ID in advance, and the payment terminal An authentication result receiving unit that receives a result of biometric authentication, and a product that a user purchases a third ID transmitted beforehand to the first ID when it is determined that the authentication results in a match. When the settlement is permitted by the second authentication device, the purchase request for the product is permitted when the second authentication device permits the settlement request unit which requests the settlement of the charge of the first payment, the settlement reception unit which receives the first settlement availability notification from the second authentication device And a purchase permission unit.
The second authentication device is connected to the settlement device and the first authentication device via the communication line.
The second authentication device specifies a request reception unit that receives a settlement request including the third ID from the first authentication device, and specifies an account number associated with the third ID to settle the charge for the product. And a settlement notifier that transmits a first settlement availability notification to the first authentication device when the second settlement availability notification is received from the settlement device.

  According to the present invention, security and convenience can be easily achieved at the same time when the consideration for goods and services is collected by electronic money.

It is a hardware block diagram of an electronic payment system. It is a functional block diagram of a biometrics device in a 1st embodiment. It is a data structure figure of a 2nd biometric information table. It is a data structure figure of a charge table. It is a data structure figure of an account table. It is a sequence diagram which shows the payment processing process in 1st Embodiment. It is a functional block diagram of a biometrics device in a 2nd embodiment. It is a sequence diagram which shows the payment processing process in 2nd Embodiment.

  Hereinafter, the embodiments of the present invention will be described divided into two embodiments of the first embodiment and the second embodiment. Hereinafter, the term "this embodiment" is used in the meaning which does not distinguish "the 1st embodiment" and "the 2nd embodiment" in particular.

First Embodiment
FIG. 1 is a hardware configuration diagram of the electronic settlement system 100. As shown in FIG.
In the electronic settlement system 100, a plurality of stores 108a, 108b... 108n (hereinafter collectively referred to as "store 108" when collectively referred to and when not particularly distinguished) for the biometric device 102, and a plurality of mobile phones Terminals 104 a, 104 b,... 104 n (hereinafter collectively referred to collectively as “mobile terminal 104” when collectively referred to or not distinguished) are connected via the Internet 106. The biometric authentication device 102 is also connected to the settlement device 114 and the biometric information storage unit 160 (external database). The settlement device 114 is a server operated by a credit card company or a bank.

Although details will be described later, in the electronic settlement system 100, the user is identified by two types of user IDs: CID (first ID) and PID (third ID). When a user registers with the electronic settlement system 100, a CID and a PID are issued. At the time of user registration, the user also registers his / her biometric information. The biological information storage unit 160 stores a biological information table (hereinafter, referred to as a “first biological information table”) that associates the CID (first ID) with the biological information. In the first biometric information table, biometric information of all users who have registered as users in the electronic settlement system 100 is registered.
Hereinafter, the user registered in the electronic settlement system 100 is also referred to as a “registered user”. The biometric information registered in the first biometric information table or a second biometric information table described later is referred to as "registered biometric information (first biometric information)". The biological information in the present embodiment is assumed to be a face image of the user. Therefore, registered biometric information is also referred to as "registered face image" as appropriate. The biometric information may be information other than face images (face feature information) as long as it represents information of human physical and behavioral features such as fingerprints, irises, veins, voiceprints, handwritings, palms, DNA (gene information), etc. .

  The portable terminal 104 in this embodiment assumes a smart phone. The portable terminal 104 may be a tablet terminal or a laptop PC. The portable terminal 104 and the Internet 106 are wirelessly connected but may be wired.

  The store 108 may be a retail store, a hospital, a restaurant, an amusement park, or the like. In the store 108, the relay device 112 is connected to the plurality of payment terminals 110a to 110f (hereinafter collectively referred to as "payment terminal 110" when collectively referred to or when not particularly distinguished) by a dedicated line. The settlement terminal 110 is a POS (Point Of Sale) terminal that accepts electronic settlement with a credit card. The relay device 112 is a device that relays information transmission and reception between the one or more payment terminals 110 and the biometric authentication device 102. The relay device 112 and the Internet 106 are connected by wire, but may be connected wirelessly.

  The entry detection device 116 is further connected to the relay device 112. At the time of user registration, CID (first ID) is recorded in the portable terminal 104 owned by the user. When the user enters the store 108, the user holds the portable terminal 104 over the entry detection device 116, and the entry detection device 116 detects the CID from the portable terminal 104. The entrance detection apparatus 116 may automatically detect the CID from the mobile terminal 104 of the shopper by wireless connection means such as Wi-Fi. The relay device 112 notifies the first authentication device 118 of the detected CID together with the store ID. The first authentication device 118 can recognize the user (visitor) who visits the store 108 by the entry detection device 116. The details of the process associated with the entrance detection will be described later.

The biometric device 102 includes a first authentication device 118 and a second authentication device 120.
The first authentication device 118 downloads the registered biometric information of the customer from the biometric information storage unit 160, and executes biometric authentication of the customer by the method described later. The second authentication device 120 settles the purchase price of the product with the settlement device 114. Details of the download of the registered biometric information from the biometric information storage unit 160 will also be described later.

  In order to register a user in the electronic settlement system 100, it is necessary for the user to contract a credit card for the settlement apparatus 114 in advance and to register an account number or a credit card number in the second authentication apparatus 120. The second authentication device 120 associates the PID (third ID) with the account number for each user and lists them (described later).

  In summary, when performing user registration in the biometric device 102 (electronic payment system 100), the user registers the account number or credit card number in the second authentication device 120 via the portable terminal 104 or the like. The second authentication device 120 associates the PID with the CID and issues it, and the portable terminal 104 registers only the CID. The PID and CID issued by the second authentication device 120 are registered in the first authentication device 118. On the other hand, the second authentication device 120 issues a PID, but does not register the PID. As a result, the CID (first ID) is registered in the portable terminal 104, and the CID (first ID) and the PID (third ID) are registered in association with each other in the first authentication device 118. The authentication device 120 is registered in association with the PID and an account number or the like.

  At the time of user registration, the user further captures a face image with the portable terminal 104, and transmits the face image to the first authentication device 118 together with the CID. The first authentication device 118 transmits the CID and the face image (biological information) to the biological information storage unit 160. In the first biometric information table of the biometric information storage unit 160, the CID and the face image (registered biometric information) are registered in association with each other. The biometric authentication function of the electronic settlement system 100 is exhibited on the premise of the above user registration. Registration of biometric information (face image) may be performed by the first authentication device 118, the entrance detection device 116, or another dedicated terminal (not shown) provided in the store 108. The user may register or re-register (described later) the face image by inputting the CID to the dedicated terminal or the like at the time of entering the store and photographing the face image at the dedicated terminal.

  The user holds the portable terminal 104 over the entrance detection device 116 when visiting the store. At this time, the entrance detecting apparatus 116 reads the CID from the portable terminal 104 by a known short distance communication technology such as NFC (Near Field Communication). The entrance detection device 116 transmits the CID to the first authentication device 118. The first authentication device 118 downloads registered biometric information corresponding to CID, in other words, a registered face image (first biometric information) of a customer from the biometric information storage unit 160. The first authentication device 118 always holds a biometric information table (hereinafter, referred to as a “second biometric information table”) which is a list of registered biometric information (face images) of the shopper for each store 108.

  The registered biometric information (face image) of all the registered users is recorded in the first biometric information table of the biometric information storage unit 160 in association with the CID. In the second biometric information table held by the first authentication device 118, registered biometric information (face image) of a visitor is registered in association with CID and PID. The second biometric information table is updated each time a user enters or leaves the store.

  The settlement terminal 110 includes a camera, and captures a face image (second biometric information) of the user at the time of purchase of a product. The settlement terminal 110 transmits the captured face image to the first authentication device 118 via the relay device 112 together with a product ID (hereinafter also referred to as “GID”) which is an ID for identifying a product.

  The first authentication device 118 executes face authentication by collating the received face image (second biometric information) with the registered face image (first biometric information) in the second biometric information table. If there is a registered face image matching the received face image, in other words, if the registered face image whose similarity is equal to or greater than the threshold is present in the second biometric information table (visitor's face image list), the authentication is successful, and the second authentication device 120 requests the settlement device 114 to settle the charge.

  In the present embodiment, payment is performed by the post-pay method at the time of product purchase. The user does not have to pre-charge the accumulated amount of money in advance to the IC card. Within the balance of the bank account, settlement is executed for the purchased portion. In addition, even if a credit card is stolen, security can be secured because face authentication is not successful unless the card holder is the original owner of the credit card.

FIG. 2 is a functional block diagram of the biometric device 102 in the first embodiment.
As mentioned above, biometric device 102 includes a first authentication device 118 and a second authentication device 120. Each component of the first authentication device 118 and the second authentication device 120 includes computing units such as a central processing unit (CPU) and various co-processors, storage devices such as memory and storage, and wired or wireless communication lines connecting them. And hardware that is stored in a storage device and that supplies processing instructions to a computing unit. The computer program may be configured by a device driver, an operating system, various application programs located in the upper layer of them, and a library that provides common functions to these programs. Each block described below indicates not a hardware unit configuration but a function unit block.
The same applies to the second embodiment.

(First authentication device 118)
The first authentication device 118 includes a communication unit 122, a data processing unit 124, and a data storage unit 126.
The communication unit 122 takes charge of communication processing with the portable terminal 104, the store 108, and the biometric information storage unit 160 via the Internet 106. Further, the communication unit 122 performs communication processing with the second authentication device 120 via the dedicated line (in the case where the operation subject of the first authentication device 118 and the second authentication device 120 is different, the Internet 106). The data storage unit 126 stores various data such as a second biological information table. The data processing unit 124 executes various processes based on the data acquired by the communication unit 122 and the data stored in the data storage unit 126. The data processing unit 124 also functions as an interface of the communication unit 122 and the data storage unit 126.

  The data processing unit 124 includes an authentication unit 142 and a store entrance management unit 144. The entry management unit 144 manages who is in which store by a method described later. The authentication unit 142 executes face authentication.

The communication unit 122 includes a biometric information table communication unit 128, an ID acquisition unit 130, a registration notification unit 132, a biometric information acquisition unit 134, a settlement request unit 136, a settlement reception unit 138, and a purchase permission unit 140.
The entry detection apparatus 116 acquires the CID from the portable terminal 104 when the user enters the store 108. The ID acquisition unit 130 acquires the CID and the store ID from the entrance detection device 116 via the relay device 112. Even when the user leaves the store, the entrance detection device 116 detects the CID from the portable terminal 104. As a result, the entrance management unit 144 can grasp who is in which store at any time. After the biometric information table communication unit 128 detects the CID of the user by the entry detection device 116, the biometric information table communication unit 128 acquires a registered face image (registered biometric information) of a visitor corresponding to the CID from the biometric information storage unit 160. Further, at the time of user registration, the biometric information table communication unit 128 registers a face image in the first biometric information table of the biometric information storage unit 160 in association with the CID. The entry management unit 144 updates the second biometric information table of the data storage unit 126 every time entry and exit are detected.

  The biometric information acquisition unit 134 receives a face image of the user captured by the settlement terminal 110 at the time of product purchase. The authentication unit 142 executes face authentication by determining whether a registered face image matching the face image of the user is present in the second biometric information table. When the face authentication is successful, the settlement request unit 136 requests the second authentication device 120 to settle the charge. The payment receiving unit 138 receives a payment availability notification (first payment availability notification) from the second authentication device 120. The purchase permission unit 140 permits the product purchase at the settlement terminal 110 when the settlement of the charge is completed in the settlement apparatus 114.

(Second authentication device 120)
The second authentication device 120 includes a communication unit 146, a data processing unit 148, and a data storage unit 150.
The communication unit 146 performs communication processing with the settlement device 114 and the first authentication device 118 via the dedicated line (in the case where the first authentication device 118 and the settlement device 114 are different from the operator 106, the Internet 106). The data storage unit 150 stores various data. The data processing unit 148 executes various processes based on the data acquired by the communication unit 146 and the data stored in the data storage unit 150. The data processing unit 148 also functions as an interface of the communication unit 146 and the data storage unit 150. The data storage unit 150 stores various items of information such as product charges and account numbers (details will be described later).

The communication unit 146 includes a request receiving unit 152, a settlement request unit 154, and a settlement notification unit 156.
The request reception unit 152 receives a request for settlement of charges from the settlement request unit 136 of the first authentication device 118. The settlement request unit 154 transmits a settlement request for the charge to the settlement apparatus 114. The settlement notification unit 156 receives information indicating settlement availability from the settlement apparatus 114, and transmits a settlement availability notification (first settlement availability notification) to the settlement receiving unit 138 of the first authentication device 118.

FIG. 3 is a data structure diagram of the second biometric information table 158. As shown in FIG.
The biometric information storage unit 160 stores a first biometric information table (not shown). In the first biometric information table, CIDs and face images (registered biometric information) are associated for all registered users. The second biometric information table 158 is stored in the data storage unit 126 of the first authentication device 118. In the second biometric information table 158, the CID (first ID), the PID (third ID), and the face image (first biometric information) are associated with each other. The face image is identified by a biometric information ID (hereinafter also referred to as "BID"). The second biometric information table 158 is obtained by extracting only the registered face image (registered biometric information) of the shopper from the first biometric information table.

  At the time of user registration, the data processing unit 124 associates the CID with the face image, and registers it in the first biological information table (biological information storage unit 160). Also, CID and PID are associated and recorded. In FIG. 3, a user with CID = C01 and PID = P03 (hereinafter referred to as “user (C01, P03)”) has registered a face image (B01). The user (C01, P03) inputs CID (C01) to the entrance detection apparatus 116 at the time of entrance. The biometric information table communication unit 128 acquires a registered face image (registered biometric information) of the user (C01) from the biometric information storage unit 160 in preparation for product purchase, and associates the second biometric information table 158 with CID and PID. Record.

  The user (C01) causes the camera of the payment terminal 110 to capture his face at the time of product purchase. The authentication unit 142 determines whether or not a face image that matches the acquired face image (second biometric information) is registered in the second biometric information table 158 using known image authentication technology.

  The user (store clerk) who has entered the store 108 is managed as needed by the entry management unit 144 as described above. When the user (C01, P03) enters the store 108a, the entry management unit 144 registers the player (C01, P03) in the list of visitors of the store 108a (not shown). Further, the biometric information table communication unit 128 extracts face information (B01) corresponding to the user (C01) from the enormous amount of face information registered in the first biometric information table (biological information storage unit 160), It registers in the 2nd biometric information table 158 as a collation candidate. By extracting the registered face information of the visitor as the matching candidate in the second biometric information table 158, the face authentication process at the time of product purchase can be promptly executed.

  For example, when 100,000 registered users exist, 100,000 face images are registered in the first biometric information table (the biometric information storage unit 160). It may take enormous processing time to compare face images acquired at the time of product purchase with registered face images of 100,000 people one by one. On the other hand, if the number of visitors is 10, if the second biometric information table 158 including only the face images of the 10 people is created in advance, it is possible to limit the face images to be compared for 10 persons at the time of purchase. The processing cost of the face image can be rationally reduced by narrowing down the matching candidates at the time of arrival detection.

  Multiple registered face images may be associated with one CID. For example, it is assumed that ten face images of the user (C01, P01) are registered. The authentication unit 142 calculates the similarity between the face image obtained when the user (C01, P01) purchases a product and each of the ten registered face images. The authentication unit 142 may authenticate the user on the condition that the degree of similarity is equal to or more than a predetermined threshold value for all ten registered face images, and the predetermined number or more, for example, five or more registered face images. The user may be authenticated on the condition that the similarity is equal to or higher than a threshold. The authentication unit 142 may authenticate the user on the condition that the similarity is greater than or equal to the threshold value for any of the 10 registered face images, or the average value of the similarity for each of the 10 registered face images A condition that the median value, the minimum value, the maximum value or the like is equal to or more than the threshold may be used.

  The threshold of similarity may be variable according to the purchase amount of the product. The authentication unit 142 sets the threshold value of similarity to 90% when the product purchase amount is 1,000 yen or less, and sets the threshold value to 92% when 1,000 yen or more and less than 10,000 yen, and 10,000 yen or more The threshold may be set to 95% at the time of. According to such a control method, the security can be enhanced as the purchase price is larger.

  Similarly, the number of registered face images that should be equal to or greater than the threshold may be made variable according to the purchase amount of the product. The authentication unit 142 authenticates the user if there is one or more registered face images whose similarity is equal to or greater than the threshold when the product purchase amount is 1,000 yen or less, and the similarity is equal to or more than 1,000 yen and less than 10,000 yen. The condition for user authentication is that there are three or more registered face images for which the threshold is equal to or greater than the threshold, and the condition for user authentication that there are eight or more registered face images for which the similarity is equal to or greater than the threshold if 10,000 yen or more. It may be Also by such a control method, stricter authentication can be performed as the purchase price is larger.

  Human faces change with age. Therefore, it is necessary to keep the registered face information fresh for stable face recognition. The registration notification unit 132 is a notification that instructs the portable terminal 104 of the user to re-register face information (hereinafter referred to as “re-registration instruction”) when a predetermined validity period has elapsed since the user registered face information. Send). The effective period may be variable according to the age of the user. Since the change in face of a child is large with growth, the effective period should be set short. The registration notification unit 132 sets a half year as a valid period for users under 10 years old. Since the aging of the face of an adult is slow, the effective period may be set longer. The registration notification unit 132 sets the effective period to 2 years for users 20 years of age and older. The user having received the re-registration instruction re-registers face information at the store 108. The biometric information table communication unit 128 updates the face image of the first biometric information table upon re-registration.

  When entry is detected by the entry detection device 116, the registration notification unit 132 may transmit a re-registration instruction if the validity period of the new entry person has passed. That is, two of the expiration of the effective period and the entrance detection may be set as the transmission condition of the re-registration instruction. The entrance detection device 116 may include a camera. When the user receives a re-registration instruction when entering the store, the user inputs a face image with the camera of the entry detection device 116. The first authentication device 118 re-registers the face image in the first biometric information table by associating the face image captured at this time with the CID. If the face image is re-registered at the time of product purchase, there is a possibility that the customer turnover rate may deteriorate. In addition, forcing the process of re-registration at the product purchase stage may make the user's convenience worse. It is desirable to re-register the face image at a timing different from the timing for purchasing the product, in other words, at a timing that does not cause inconvenience to the user or other customers.

FIG. 4 is a data structure diagram of the charge table 170. As shown in FIG.
The charge table 170 is stored in the data storage unit 126 of the first authentication device 118. The charge table 170 registers the charge for each product. The charge table 170 is set by the operator of the biometric device 102 at the time of new registration of a product. In the charge table 170, the GID and the charge are associated on a one-to-one basis. At the time of product purchase, the payment terminal 110 transmits GID as well as face information to the first authentication device 118. When the authentication unit 142 succeeds in face authentication, the settlement request unit 136 refers to the charge table 170 to specify the charge of the product, and requests the second authentication device 120 to settle the charge.

FIG. 5 is a data structure diagram of the account table 162. As shown in FIG.
The account table 162 is stored in the data storage unit 150 of the second authentication device 120. The account table 162 associates PIDs with account numbers or credit card numbers. The account number of the account table 162 is registered based on the declaration from the player when the user is registered in the electronic settlement system 100.

  If face authentication is successful in the first authentication device 118, the settlement request unit 136 transmits the PID and the purchase amount to request the second authentication device 120 for settlement. The settlement request unit 154 refers to the account table 162, designates the account number or the credit card number corresponding to the PID, and requests the settlement apparatus 114 to settle the charge.

FIG. 6 is a sequence diagram showing a payment process in the first embodiment.
The process shown in FIG. 6 is executed when the registered user purchases a product. Here, it is assumed that the user inputs the CID when entering the store, and the biometric information table communication unit 128 acquires the registered face image of the user from the biometric information storage unit 160 and the second biometric information table 158 is updated. When purchasing a product, the user causes a face image (biometric information) to be captured in accordance with an instruction from the payment terminal 110 (S12).

  The settlement terminal 110 transmits input information including a GID identifying a product and a face image to the relay apparatus 112 (S14), and the relay apparatus 112 transmits the input information to the first authentication apparatus 118 (S16). The authentication unit 142 of the first authentication device 118 performs face authentication with reference to the second biometric information table 158 (S18). As a result of the authentication, the matching face image was not registered in the second biometric information table 158, more specifically, the face image whose similarity degree is equal to or higher than the threshold was not registered in the second biometric information table 158 At times (hereinafter referred to as “failure”), the purchase permission unit 140 of the first authentication device 118 does not permit the product purchase. Here, the following description will be made assuming that the face image is matched (hereinafter referred to as “success”) as a result of the authentication.

  After completion of the authentication, the settlement request unit 136 calculates the purchase price with reference to the charge table 170, and transmits a settlement request including the PID and the purchase amount to the second authentication device 120 (S20). The request reception unit 152 of the second authentication device 120 receives the settlement request, the settlement request unit 154 refers to the account table 162, specifies the account number, and the settlement device 114 specifies the account number and the purchase amount. To (S22).

  The settlement apparatus 114 executes settlement processing when the balance of the designated bank account is equal to or more than the purchase amount (S24). The settlement notification unit 156 transmits a settlement availability notification (second settlement availability notification) to the second authentication device 120 (S26). The settlement notification unit 156 of the second authentication device 120 receives the settlement availability notification, and transmits a settlement availability notification (first settlement availability notification) to the first authentication device 118 (S28).

If the withdrawal of the purchase amount from the account balance has been completed (S30), the purchase permission unit 140 of the first authentication device 118 transmits a permission notification to the relay device 112 (S32). The relay device 112 transfers the permission notification to the corresponding settlement terminal 110 (S34). When the withdrawal is unsuccessful, the purchase permission unit 140 does not permit the product purchase. The payment terminal 110 completes the product purchase process on condition that the permission notification has been received (S36).
As described above, when the face authentication is successful and the purchase amount can be debited from the account, the settlement terminal 110 permits the purchase of the product.

Second Embodiment
In the first embodiment, it has been described that face authentication (biometric authentication) is performed by the first authentication device 118. In the second embodiment, the settlement terminal 110 has a face authentication (biometric authentication) function, and the settlement terminal 110 executes face authentication. The hardware configuration of the electronic settlement system 100 in the second embodiment is the same as the hardware configuration of the electronic settlement system 100 in the first embodiment.

FIG. 7 is a functional block diagram of the biometric device 102 in the second embodiment.
In FIG. 7, the roles of the functional blocks given the same reference numerals in FIG. 2 are the same as those described in relation to FIG. A biometric information transmission unit 164 and an authentication result reception unit 166 are added to the communication unit 122 of the first authentication device 118 of the second embodiment.

  The biometric information transmission unit 164 transmits the registered face image (second biometric information table 158) to the settlement terminal 110 via the relay device 112. The authentication result receiving unit 166 receives the result of face authentication from the payment terminal 110.

FIG. 8 is a sequence diagram showing a payment process in the second embodiment.
The settlement terminal 110 acquires a face image of the user at the time of product purchase (S12). Here, it is assumed that the CID of the user has been acquired before the purchase of the product, and the second biometric information table 158 is also updated. The settlement terminal 110 transmits input information including the GID of the product to the relay apparatus 112 (S14), and the relay apparatus 112 transmits the input information to the first authentication apparatus 118 (S16). The biometric information transmission unit 164 transmits the second biometric information table 158 to the settlement terminal 110 via the relay device 112 (S38, S40).

  The settlement terminal 110 collates the transferred second biometric information table 158 with the face image acquired in S12, and executes face authentication (S44). When the authentication fails, the payment terminal 110 does not permit the product purchase. Here, the following description will be made on the assumption that the authentication is successful.

  The settlement terminal 110 transmits the authentication result (authentication success) to the first authentication device 118 via the relay device 112 (S44, S46), and the authentication result receiving unit 166 receives the authentication result. The subsequent processing steps are the same as those in S20 and after in FIG.

The electronic settlement system 100 has been described above based on the embodiment.
According to the present embodiment, it is not necessary to charge the IC card with cash in advance for electronic money payment. The user can purchase goods at the payment terminal 110 without being interrupted for charging. There is also the merit that the "prepayment" of charge is unnecessary and the financial burden on the user is reduced. The electronic money payment also includes credit card payment.

  By capturing a face image and executing face recognition, unauthorized use associated with stealing of the portable terminal 104 (CID) is suppressed. Even if face authentication is not actually performed, acquiring biometric information such as a face image at the settlement terminal 110 is considered to greatly contribute to crime deterrence.

  In the first authentication device 118, CID and PID are associated. On the other hand, the CID is registered in the portable terminal 104 and the data storage unit 150 but the PID is not registered. The second authentication device 120 identifies the account number based on the PID. In other words, biometric authentication is performed based on CID, and balance confirmation is performed based on PID. Since the second authentication device 120 has the PID but does not have the CID, the CID does not leak from the second authentication device 120. On the other hand, since the biometric information storage unit 160 and the portable terminal 104 do not have the PID, the PID does not leak from the biometric information storage unit 160 or the like. Security is enhanced by performing two confirmation processes using two IDs, CID and PID.

  The operation load of the biometric device 102 is also reduced. In the case of the method of charging to the IC card, since the charge amount (balance) recorded on the IC card is a "deposit," the operator is obliged to strictly manage this. In the present embodiment, since payment is performed for each purchase of a product or payment is performed with a short-term credit, there is an advantage that the operator is relieved of the burden associated with deposit management.

  When the user enters the store 108, the entry detection device 116 detects the CID from the portable terminal 104. Also, even when the user leaves the store 108, the entry detection apparatus 116 detects the CID from the portable terminal 104. With the entrance detection device 116, the first authentication device 118 can recognize the visitor. The entrance detection apparatus 116 may detect the CID from the portable terminal 104 without making the user aware by wireless communication means such as Wi-Fi.

  Next, the user selects a product to be purchased and causes the payment terminal 110 to capture a face image. If a face image that matches the user's face image, and more strictly, has a similarity to the user's face image equal to or greater than the threshold, is registered in the second biometric information table 158, the electronic payment by credit card or the like is automatically performed. In other words, it is performed without forcing the user to perform additional work such as input of a personal identification number or a signature. Even if the user does not bring a wallet or an IC card, shopping can be completed simply by bringing the portable terminal 104 or the like in which the CID is registered.

  When the user's entry is detected, the first authentication device 118 updates the second biometric information table 158 in preparation for face authentication at the time of purchase. In the second biometric information table 158, face images of only the shoppers are registered. For this reason, the number of face images registered in the second biometric information table 158 is much smaller than that in the first biometric information table. Since only the registered face image of the visitor registered in the second biometric information table 158 is to be collated, face authentication can be performed at high speed. In other words, since it is possible to secure a long matching time per one time, it becomes easy to execute face recognition with high accuracy.

  Suppose that an unauthorized user P1 steals the portable terminal 104 of the regular user P2 and then visits the store 108. In this case, since the CID of the authorized user P2 is detected by the entrance detection device 116, the first authentication device 118 recognizes the authorized user P2 as a visitor and downloads the registered face image of the authorized user P2. For this reason, face authentication of the unauthorized user P1 fails. Even if the fraudulent user P1 steals the CID, there will be no fraudulent spending from the bank account of the legitimate user P2.

  Conventionally, when using a credit card, identification is often performed with a personal identification number or a signature. In the present embodiment, a face image is used instead of a password or a signature. The face image has a merit that it has high identifiability compared with the personal identification number and the like and the input burden is also small. In addition, since the registered face image to be the collation candidate is narrowed down to that of the shopper, there is also an advantage that the processing time required for face authentication can be reduced.

  The present invention is not limited to the above-described embodiment and modification, and the components can be modified and embodied without departing from the scope of the invention. Various inventions may be formed by appropriately combining a plurality of components disclosed in the above-described embodiment and modifications. Moreover, some components may be deleted from all the components shown in the above-mentioned embodiment and modification.

  Although it has been described that the electronic payment system 100 is configured by the portable terminal 104, the biometric authentication device 102, the relay device 112, the payment terminal 110, and the entrance detection device 116, part of the functions of the biometric device 102 is the payment terminal 110 or It may be realized by the relay device 112, or part of the functions of the settlement terminal 110 and the relay device 112 may be assigned to the biometric authentication device 102. Also, a third device other than the biometric authentication device 102, the payment terminal 110, and the relay device 112 may play a part of the functions of these devices.

  An aggregate of the functions of the payment terminal 110, the relay apparatus 112, and the biometric device 102 described with reference to FIGS. 2 and 7 can also be grasped as one “information processing apparatus” as a whole. How to distribute a plurality of functions necessary to realize the present invention to one or more hardwares will be considered in consideration of the processing capability of each hardware, the specifications required of the electronic settlement system 100, etc. Should be determined.

  Similarly, the first authentication device 118 and the second authentication device 120 may be integrally formed, or a part of the functions of the first authentication device 118 may be configured as a part of the second authentication device 120. Alternatively, part of the functions of the second authentication device 120 may be configured as part of the first authentication device 118, or the third device may be part of the functions of the first authentication device 118 and the second authentication device 120. May be responsible.

  The settlement terminal 110 may be a vending machine or a railway ticket vending machine. The settlement terminal 110 may be formed as a reception terminal of a hospital.

  In the present embodiment, it has been described that the first authentication device 118 updates the second biometric information table 158 when the entry detection device 116 detects a user's visit. The second biometric information table 158 is not limited to the site of the store 108, and may be a user who has entered a predetermined area in the store 108. For example, when a user enters from a payment terminal 110 into a predetermined range, the entrance detection device 116 may detect the CID of the user. The settlement terminal 110 and the entrance detection device 116 may be formed as an integrated device. In addition, when a user enters a parking lot attached to the store 108, the entry detection device 116 may detect the CID. In this case, the vehicle number may be used as the CID.

  When targeting a hospital or a hotel, the user may input a CID when making a medical treatment reservation via the Internet 106. The first authentication device 118 may prepare the second biometric information table 158 for the prospective visitor by downloading the biometric information corresponding to the CID from the biometric information storage unit 160 at the time of reservation. In any case, the acquisition of the CID and the update of the second biometric information table 158 may be performed prior to the actual purchase behavior (face authentication). In other words, after the first step of acquiring the CID and updating the second biometric information table 158, the second step of executing face authentication may be performed.

  When the face authentication fails, the authentication unit 142 may authenticate the user based on the additional authentication information (second ID) other than the face information. The additional authentication information may be a password, or may be biometric information of a type different from a face image (first biometric information) such as a fingerprint or an iris. The first authentication device 118 prepares an ID table in which the CID and the additional authentication information are associated with each other. The first authentication device 118 compares the additional authentication information acquired from the user with the additional authentication information registered in the ID table, and permits the product purchase if the collation is successful (hereinafter referred to as “additional authentication”). Further, when the authentication by the additional authentication information is successful, the face image obtained at this time may be newly registered in the first biometric information table. For example, suppose that a user (C01) fails in face authentication but succeeds in additional authentication. At this time, the biometric information acquisition unit 134 may newly register the face image acquired from the user (C01) as the face image of the user (C01).

  Multiple face images may be associated with one CID. For example, when the similarity between the face image F1 acquired from the user (C01) and the registered face image F2 is equal to or greater than a threshold, the authentication unit 142 may associate C01 with the face image F1. According to such a control method, since the latest face image can be associated with the CID every time the face recognition is successful at the time of product purchase, it is easy to hold the latest face image of the user as the registered face image.

  The authentication unit 142 may change the authentication level according to the degree of similarity. For example, when the similarity of the face image is equal to or greater than the threshold T1, the authentication unit 142 permits the purchase of a product. You may allow the purchase. On the other hand, when the similarity of the face image is less than the threshold T2, the authentication unit 142 may not permit the product purchase. Not only the similarity but also the product purchase may be permitted on the condition of additional authentication as well as face authentication when the product purchase amount is equal to or greater than a predetermined amount. Security may be prioritized when purchasing high-priced products, and processing efficiency may be prioritized when purchasing fixed-price products such as daily necessities.

  When acquiring a face image, the user may be required to make a predetermined facial expression. For example, face recognition may be performed on the condition that the face image when winking is performed and the face image when tongue-out is performed. Alternatively, face recognition may not be performed when such a predetermined expression is given. By setting not only the CID and the face image but also the expression as an authentication condition, the security level in the electronic settlement system 100 can be easily improved. In addition to the expression, wearing conditions such as wearing a hat or a pose such as putting a forefinger on the nose may be used as the authentication condition.

  According to the electronic settlement system 100 in the present embodiment, the user can shop with a so-called “face pass” without having a wallet. The present invention is widely applicable to the biometric authentication method shown in the present embodiment and the purchase of goods and services. It is often annoying to buy a ticket, such as a ticket for an amusement park attraction. According to the biometric authentication method shown in the present embodiment, if CID is input when entering the amusement park, it is possible to determine the availability by just performing face authentication in the attraction.

  When the settlement terminal 110 detects a plurality of face images in face authentication, the settlement terminal 110 may select a person to be paid. For example, it is assumed that the user (C01) and the user (C02) visit a store and purchase goods by two people. At this time, it is assumed that the settlement terminal 110 acquires face images of two users, and the first authentication device 118 performs face authentication for both of them. When the user (C01) pays, the user (C01) touches his / her image out of the images of the two persons appearing on the touch panel screen of the payment terminal 110. At this time, the biometric device 102 may execute the payment process for the account of the user (C01).

  Face recognition is also effective for products that minors can not purchase, such as alcohol and cigarettes. Currently, the user can purchase alcohol and the like by self-reporting that he is 20 years old or older. However, it is rare to strictly check the age of over 20 years of age, and the age confirmation by the identification card presentation significantly impairs the convenience of the user. The authentication unit 142 may calculate the estimated age from the face image by known image recognition technology. Then, only when the estimated age is less than 20 years, the user may be asked for strict age confirmation. In fact, for most people, just looking at the face can determine whether they are minors or not. Therefore, for most users, it is possible to check the age of the user without requiring explicit confirmation of the age. It is only necessary to use age confirmation with a license or the like as a purchase condition only for a user who is judged as a minor while being an adult due to a child's face.

  In the present embodiment, it has been described that the first biometric information table in which the biometric information of all registered users is registered and the second biometric information table 158 in which only the biometric information of the visitor is registered are used properly. It is not essential to use the second biometric information table 158, and the biometric device 102 may execute face authentication by directly referring to the first biometric information table. For example, when the number of registered users is small and face authentication can be performed fast enough, the first authentication device 118 may execute face authentication based on the first biometric information table.

  In the present embodiment, it has been described that the user can purchase a product as long as the user's bank account balance is equal to or more than the purchase amount. As a modification, in the second authentication device 120, a "debit limit amount" may be set.

  The user's face changes with age. For example, children may change their face as they grow, and users may change their hair style. Therefore, it is desirable that the face image (first biometric information) associated in the first biometric information table be appropriately updated. When the user's face image (second biometric information) is acquired, the authentication unit 142 collates the acquired face image with the registered face image. If the accuracy rate is a first threshold, for example, 80% or more, it is considered as an authentication success, and if less than 80%, as an authentication failure.

  Here, the registered face image is not updated if the matching rate is greater than the first threshold, for example, 90% or more. On the other hand, when the relevance ratio is equal to or more than the first threshold and less than the second threshold, for example, 80% or more and less than 90%, the authentication unit 142 registers the newly acquired face image as a face image for next authentication. Do. According to such a control method, it is possible to appropriately maintain the face image for authentication (first biometric information) while capturing a slight change of the user's face. Note that the face image registered in the past may be updated based on the newly registered face image, or a face image may be additionally registered while maintaining the face image registered in the past.

  At the time of authentication in the settlement terminal 110, it is not zero that a face other than the user who is trying to purchase a product may be reflected in the camera of the settlement terminal 110 and face authentication may be performed by another person's face. Therefore, in face recognition, the user may clearly instruct execution. For example, the authentication unit 142 may execute face authentication by pressing a predetermined determination button after the user captures a face on the camera. A gesture instruction unit (not shown) of the payment terminal 110 sets a screen or voice to be a preset face authentication start condition such as "Please close your eyes" or "Please stare at" for the user. May be instructed.

  The CID may be registered in a portable item other than the portable terminal 104. For example, the CID may be registered in a readable state to a credit card, a cell phone strap, a wristband or the like. The CID may be registered in a wrist band or the like as a two-dimensional code such as a QR code (registered trademark). The user may cause the entrance detection device 116 to read the CID by holding the wristband over the entrance detection device 116.

  Reference Signs List 100 electronic payment system 102 biometric authentication device 104 portable terminal 106 Internet 108 store 110 payment terminal 112 relay device 114 payment device 116 entrance detection device 118 first authentication device 120 second authentication device 120 122 communication unit 124 data processing unit 126 data storage unit 128 biometric information table communication unit 130 ID acquisition unit 132 registration notification unit 134 biometric information acquisition unit 136 payment request unit 138 payment reception unit 140 purchase permission Division 142 authentication unit 144 entry management unit 146 communication unit 148 data processing unit 150 data storage unit 152 request reception unit 154 settlement request unit 156 settlement notification unit 158 second biometric information table 160 living body Information storage unit, 162 account table, 164 biometric information Shin unit, 166 the authentication result receiving unit, 170 charge table

Claims (15)

An ID acquisition unit for acquiring a first ID of the user;
A biometric information acquisition unit for acquiring the second biometric information of the user;
The first biometric information table in which the first ID of the user and the first biometric information are associated in advance, and the first biometric information associated with the acquired first ID, and the acquisition An authentication unit that authenticates the user by collating the acquired second biometric information;
A settlement request unit which requests an external settlement apparatus to settle the charge for the product purchased by the user when it is determined that the certification is suitable by authentication;
A settlement receiving unit that receives a settlement availability notification from the settlement apparatus;
A purchase permission unit that permits the purchase of the product when the settlement device permits the settlement;
A biometric authentication device comprising:   The biometric authentication apparatus according to claim 1, wherein the biometric information is a face image.   The authentication unit performs authentication based on the first biometric information and the second biometric information as the second biometric information when the user makes a predetermined facial expression or a facial expression other than the predetermined facial expression. The biometric authentication device according to claim 2, characterized in that it is executed.   The authentication unit is configured to authenticate the user when the second biometric information matches any one of a plurality of first biometric information previously associated with the acquired first ID. The biometric authentication device according to any one of Items 1 to 3. The ID acquisition unit acquires a first ID of the user before the user designates a product to be purchased.
When the first ID is acquired, the authentication unit registers, in a second biological information table, first biological information which is associated in advance with the first ID in the first biological information table.
The biological information acquisition unit acquires the second biological information when the user purchases the product.
The authentication unit authenticates the user by collating the first biometric information registered in the second biometric information table with the acquired second biometric information. The biometric authentication device according to any one of 1 to 4. When the authentication based on the first biological information and the second biological information fails, the ID acquisition unit further acquires a second ID of the user.
The authentication unit refers to an ID table in which a first ID and a second ID are associated in advance, and is a combination of the acquired first ID and second ID registered in the ID table? The biometric authentication device according to any one of claims 1 to 5, wherein the user is authenticated by determining whether the user is not.   When the authentication unit succeeds in the authentication based on the first ID and the second ID, the acquired second biological information is used as new first biological information corresponding to the first ID. The biometric authentication device according to claim 6, wherein the biometric authentication device registers the information in the first biometric information table.   When the authentication unit succeeds in the authentication based on the first biological information and the second biological information, the second biological information is used as the new first biological information corresponding to the first ID. The biometric authentication apparatus according to any one of claims 1 to 7, wherein the biometric authentication apparatus is registered in the first biometric information table.   When the authentication unit matches two or more pieces of first biometric information among the plurality of pieces of first biometric information that are associated in advance with the acquired first ID, the acquired second biometric information matches The biometric authentication device according to any one of claims 1 to 8, wherein the user is authenticated.   A registration notification unit for instructing the user to re-register the first biometric information when a predetermined validity period has elapsed after the first biometric information is registered in the first biometric information table; The biometric apparatus according to any one of claims 1 to 9, comprising: A first and a second authentication device,
The first authentication device is
It is connected with the second authentication device via a communication line,
An ID acquisition unit for acquiring a first ID of the user;
A biometric information acquisition unit for acquiring the second biometric information of the user;
The first biometric information associated with the acquired first ID with reference to a first biometric information table in which the first ID of the user and the first biometric information are associated in advance; An authentication unit that authenticates the user by collating the second biometric information;
A settlement request unit that transmits a third ID associated in advance to the first ID to the second authentication device when it is determined that the authentication is appropriate by authentication, and requests settlement of a charge for a product purchased by the user When,
A payment reception unit that receives a first payment availability notification from the second authentication device;
And a purchase permission unit that permits the purchase of the product when the second authentication device permits the payment.
The second authentication device is
Connected to the payment apparatus and the first authentication apparatus via a communication line,
A request receiving unit for receiving a settlement request including the third ID from the first authentication device;
A settlement request unit that requests the settlement apparatus to settle the charges for the product by designating an account number associated with the third ID;
A payment notification unit that transmits the first payment availability notification to the first authentication device when a second payment availability notification is received from the payment device. Connected via a communication network to a payment terminal equipped with a biometric authentication function,
An ID acquisition unit that acquires a first ID from a user;
A biometric information transmission unit that transmits, to the settlement terminal, first biometric information that is associated in advance with the first ID;
An authentication result receiving unit that receives a result of biometric authentication from the payment terminal;
A settlement request unit which requests an external settlement apparatus to settle the charge of the product purchased by the user when it is determined that the certification is suitable by authentication;
A settlement receiving unit that receives a settlement availability notification from the settlement apparatus;
A purchase permission unit which permits the purchase of the product when the settlement device permits the settlement;
A biometric authentication device comprising: A first and a second authentication device,
The first authentication device is
It is connected with the second authentication device via a communication line,
An ID acquisition unit for acquiring a first ID of the user;
A biometric information transmission unit that transmits, to a settlement terminal, first biometric information that is associated in advance with the first ID;
An authentication result receiving unit that receives a result of biometric authentication from the payment terminal;
A settlement request unit that transmits a third ID associated in advance to the first ID to the second authentication device when it is determined that the authentication is appropriate by authentication, and requests settlement of a charge for a product purchased by the user When,
A payment reception unit that receives a first payment availability notification from the second authentication device;
And a purchase permission unit that permits the purchase of the product when the second authentication device permits the payment.
The second authentication device is
Connected to the payment apparatus and the first authentication apparatus via a communication line,
A request receiving unit for receiving a settlement request including the third ID from the first authentication device;
A settlement request unit that requests the settlement apparatus to settle the charges for the product by designating an account number associated with the third ID;
A payment notification unit that transmits the first payment availability notification to the first authentication device when a second payment availability notification is received from the payment device. A function of acquiring a first ID of a user;
A function of acquiring second biometric information of the user;
The first biometric information table in which the first ID and the first biometric information are associated in advance, and the first biometric information associated in advance with the acquired first ID, and the acquired A function of authenticating the user by collating the second biometric information;
A function of requesting an external settlement apparatus to settle a charge for a product purchased by the user when it is determined that the certification is suitable by authentication;
A function of receiving a settlement availability notification from the settlement device;
A biometric authentication support program which causes a computer to exhibit a function of permitting the purchase of the product when the payment is permitted by the payment apparatus. A function of acquiring a first ID of a user;
A function of transmitting to the settlement terminal the first biometric information correlated with the ID by referring to a first biometric information table in which the first ID and the first biometric information are associated in advance;
A function of receiving a result of biometric authentication from the payment terminal;
A function of requesting an external settlement apparatus to settle a charge for a product purchased by the user when it is determined that the certification is suitable by authentication;
A function of receiving a settlement availability notification from the settlement device;
A biometric authentication support program which causes a computer to exhibit a function of permitting the purchase of the product when the payment is permitted by the payment apparatus.

Images