JP2020057291A - Authentication system and authentication method - Google Patents

Abstract

To provide an authentication system and an authentication method which easily and properly carries out personal authentication of a user.SOLUTION: The present invention is directed to an authentication system having a terminal apparatus and an authentication system. The terminal apparatus has a biometric information acquiring unit for, if an article which a user wants to buy from an automatic vending machine has some conditions for a purchaser, acquiring biometric information of the user. Either of the terminal apparatus and the authentication server has an authentication unit for carrying out authentication processing of determining whether or not a user is an authenticated user, by using the biometric information acquired by the biometric information acquiring unit and biometric information previously stored. The authentication server has an attribution information acquiring unit for acquiring attribution information of the user if the authentication unit determines that the user is an authenticated user, and a determining unit for determining, by using the attribution information acquired by the attribution information acquiring unit, whether or not the user satisfies the conditions and for permitting the use to purchase the article if it is determined that the user satisfies the conditions.SELECTED DRAWING: Figure 8

Description

  The present invention relates to an authentication system and an authentication method.

  2. Description of the Related Art Conventionally, there is known a technique for performing personal authentication using various biometrics such as veins, fingerprints, handprints, faces, voiceprints, and irises. Further, there is known a technique of reading data from an IC (Integrated Circuit) card in which personal information or the like is stored and performing personal authentication. For example, there is an automatic vending apparatus that identifies whether or not a purchaser is an adult from information on an IC card and restricts the purchase of cigarettes. Further, for example, there is known a car sharing service in which an IC card is given to a member who has registered in advance, and personal identification is performed using the IC card to unlock a vehicle.

JP-T-2006-504693

  However, in the related art, there is a problem that user authentication may not be performed easily and appropriately. For example, if a vending machine does not have an authentication function for a product such as liquor that has a purchaser's condition, the purchase of the user cannot be appropriately restricted. In other words, in the conventional vending apparatus, even minors can purchase alcoholic beverages, so that there is a problem that the purchase of the user cannot be restricted. Further, in the method of performing personal authentication using an IC card, the user is forced to carry the IC card, so that there is a problem that the burden on the user is large and the convenience is low.

  In order to solve the above problems and achieve the object, an authentication system according to the present invention is an authentication system having a terminal device and an authentication server, wherein the terminal device is a product that a user wants to purchase at a vending machine. About, when there is a purchaser's condition, it has a biometric information acquisition unit that acquires the biometric information of the user, and one of the terminal device and the authentication server is acquired by the biometric information acquisition unit An authentication unit that performs an authentication process to determine whether the user is a valid user by using biometric information and biometric information stored in advance, wherein the authentication server determines that the user is a valid user by the authentication unit. If it is determined that the attribute information is obtained by using the attribute information acquisition unit that acquires the attribute information of the user, and the attribute information acquired by the attribute information acquisition unit, Determining whether to satisfy the, if it is determined to satisfy the condition is characterized by having a determining unit for permitting purchase of the product.

  Further, the authentication method of the present invention is an authentication method executed by an authentication system having a terminal device and an authentication server, wherein the terminal device determines a condition of a purchaser for a product that a user wants to purchase at a vending machine. If there is, a biometric information acquisition step of acquiring the biometric information of the user, and either one of the terminal device and the authentication server is configured to store the biometric information acquired in the biometric information acquisition step and the biometric information stored in advance. Using the information, an authentication step of performing an authentication process to determine whether the user is a valid user, and the authentication server, if the user is determined to be a valid user by the authentication step, An attribute information acquiring step of acquiring the attribute information of the user, and the authentication server uses the attribute information acquired by the attribute information acquiring step, Determining whether to satisfy the serial condition, when it is determined to satisfy the condition is characterized by comprising a determination step that permits the purchase of the product.

  ADVANTAGE OF THE INVENTION According to this invention, there exists an effect that user identification of a user can be performed easily and appropriately.

FIG. 1 is a block diagram illustrating a configuration example of the authentication system according to the first embodiment. FIG. 2 is a block diagram illustrating a configuration example of the terminal device according to the first embodiment. FIG. 3 is a diagram showing an example of a QR code (registered trademark) displayed on a vending machine. FIG. 4 is a block diagram illustrating a configuration example of the authentication server according to the first embodiment. FIG. 5 is a diagram illustrating an example of data stored in the authentication information storage unit. FIG. 6 is a diagram illustrating an example of data stored in the attribute information storage unit. FIG. 7 is a diagram illustrating an example of data stored in the history information storage unit. FIG. 8 is a flowchart illustrating an example of a processing flow in the authentication server according to the first embodiment. FIG. 9 is a block diagram illustrating a configuration example of an authentication system according to the second embodiment. FIG. 10 is a block diagram illustrating a configuration example of a terminal device according to the second embodiment. FIG. 11 is a block diagram illustrating a configuration example of the authentication server according to the second embodiment. FIG. 12 is a diagram illustrating an example of data stored in the history information storage unit. FIG. 13 is a flowchart illustrating an example of a processing flow in the authentication server according to the second embodiment. FIG. 14 is a diagram illustrating a computer that executes a program.

  Hereinafter, embodiments of an authentication system and an authentication method according to the present application will be described in detail with reference to the drawings. The embodiment does not limit the authentication system and the authentication method according to the present invention.

[First Embodiment]
In the following embodiments, the configuration of the authentication system 100, the configuration of the terminal device 10, the configuration of the authentication server 20, and the processing flow of the authentication server 20 according to the first embodiment will be sequentially described. The effect of the embodiment will be described. In the following description, a case in which authentication is performed on the authentication server 20 side will be described. However, the present invention is not limited to such an authentication method. For example, biometric authentication is performed on the terminal device 10 side based on a predetermined standard technology. May be performed.

[Configuration of Authentication System]
FIG. 1 is a block diagram illustrating a configuration example of the authentication system according to the first embodiment. The authentication system 100 according to the first embodiment includes a terminal device 10, an authentication server 20, and a vending machine 30, and the terminal device 10, the authentication server 20, and the vending machine 30 are connected to each other via a network 40. ing. The configuration illustrated in FIG. 1 is merely an example, and the specific configuration and the number of each device are not particularly limited.

  The terminal device 10 is, for example, a terminal device owned by a user such as a smartphone and a tablet. An authentication application is downloaded to the terminal device 10. The terminal device 10 starts the authentication application in response to a user operation, and obtains the biometric information of the user when there is a purchaser condition for a product that the user intends to purchase in the vending machine 30. Then, the obtained biological information is transmitted to the authentication server. The configuration of the terminal device 10 will be described later in detail with reference to FIG.

  The authentication server 20 acquires the user's biometric information from the terminal device 10 and performs an authentication process to determine whether the user is a valid user using the biometric information of the user and biometric information stored in advance. In addition, the authentication server 20 may apply any method such as fingerprint authentication, palm print authentication, iris authentication, and face authentication as a method of the authentication process, or may combine a plurality of authentication processes. Then, when the authentication server 20 determines that the user is a valid user, the authentication server 20 acquires the attribute information of the user, determines whether or not the condition is satisfied using the acquired attribute information, and determines whether the condition is satisfied. When it is determined that the condition is satisfied, the purchase of the product is permitted, and the vending machine 30 is notified of the permission of the purchase of the product.

  The vending machine 30 is a device that sells a product specified by a purchaser. The vending machine 30 sells, for example, products such as sake and cigarettes whose purchasers have age restrictions. In addition, when the vending machine 30 receives a notice of permission to purchase a product from the authentication server 20 for a user who wants to purchase alcohol or cigarette, the vending machine 30 sells the product to the user. The vending machine 30 displays a QR code corresponding to each of the commodities that can be purchased. The QR code is read by the camera 12 (see FIG. 2) of the terminal device 10 to specify the commodities to be purchased by the user. can do.

  That is, the authentication system 100 performs an operation of reading a product QR code instead of performing an operation of pressing a button when selecting a product. Then, in the authentication system 100, the biometric authentication by the authentication server 20 is completed, and it is determined that the user is an adult based on the age of the user, so that a product such as beer can be purchased. Thereby, in the authentication system 100, it is possible to easily restrict the purchase of the user for the product having the condition of the purchaser.

[Configuration of terminal device]
Next, the configuration of the terminal device 10 will be described with reference to FIG. FIG. 2 is a block diagram illustrating a configuration example of the terminal device according to the first embodiment. As shown in FIG. 2, the terminal device 10 includes a communication processing unit 11, a camera 12, a control unit 13, and a storage unit 14. The processing of each unit of the terminal device 10 will be described below.

  The communication processing unit 11 controls communication regarding various types of information. For example, the communication processing unit 11 transmits biometric information such as fingerprint information to the authentication server 20. The camera 12 captures an image according to a user operation.

  The storage unit 14 stores data and programs required for various processes by the control unit 13. For example, the storage unit 14 is a semiconductor memory device such as a random access memory (RAM) or a flash memory, or a storage device such as a hard disk or an optical disk.

  The control unit 13 has an internal memory for storing programs and required data that define various processing procedures and the like, and executes various processes by using these. It has an acquiring unit 13a, a biological information acquiring unit 13b, and a biological information transmitting unit 13c. Here, the control unit 13 is an electronic circuit such as a CPU (Central Processing Unit) or an MPU (Micro Processing Unit), or an integrated circuit such as an ASIC (Application Specific Integrated Circuit) or an FPGA (Field Programmable Gate Array).

  The image acquisition unit 13a acquires an image of a code corresponding to a product that the user wants to purchase in the vending machine 30. Specifically, the image acquisition unit 13a acquires an image of a QR code corresponding to each product sold by the vending machine 30. For example, when the authentication application is activated by the user and the camera 12 captures the QR code of the vending machine 30, the image acquisition unit 13 a acquires an image of the captured QR code.

  For example, in the vending machine 30, as illustrated in FIG. 3, a QR code corresponding to each purchaseable product is displayed. FIG. 3 is a diagram showing an example of a QR code displayed on a vending machine. In the example of FIG. 3, the vending machine 30 displays different QR codes for A beer, B beer, and C beer, respectively. The camera 12 captures a QR code corresponding to a product that the user wants to purchase, and the image acquisition unit 13a acquires an image of the QR code. The QR code includes a product ID for identifying the corresponding product, vending machine information, and the like.

  The biometric information acquisition unit 13b acquires biometric information of the user when there is a purchaser condition for a product that the user intends to purchase. Specifically, the biometric information acquisition unit 13b specifies a product that the user intends to purchase from the image of the QR code, and obtains the biometric information of the user when there is a purchaser condition for the product. . For example, the biometric information acquisition unit 13b acquires the biometric information of the user when the product that the user wants to purchase is alcoholic beverages from the image of the QR code. For example, the biometric information acquisition unit 13b determines the fingerprint image when fingerprint authentication is performed, the palm print image when palm print authentication is performed, the iris image when iris authentication is performed, or the face authentication. When it is performed, a face image is acquired as biological information. In the following, description will be mainly given assuming that the authentication server 20 performs fingerprint authentication.

  The biological information transmitting unit 13c transmits the biological information acquired by the biological information acquiring unit 13b to the authentication server 20. For example, the biometric information transmitting unit 13c includes a fingerprint image acquired by the biometric information acquiring unit 13b, a user ID for identifying a user, a product ID for identifying a product that the user wants to purchase, and a vending machine ID for identifying a vending machine. Is transmitted to the authentication server 20.

[Authentication server configuration]
Next, the configuration of the authentication server 20 will be described with reference to FIG. FIG. 4 is a block diagram illustrating a configuration example of the authentication server according to the first embodiment. As shown in FIG. 4, the authentication server 20 includes a communication processing unit 21, a control unit 22, and a storage unit 23. The processing of each unit of the authentication server 20 will be described below.

  The communication processing unit 21 controls communication regarding various types of information. For example, the communication processing unit 21 receives the authentication request from the terminal device 10 and transmits a permission to purchase a product to the vending machine 30.

  The storage unit 23 stores data and programs necessary for various processes performed by the control unit 22. In particular, the storage unit 23 includes an authentication information storage unit 23a, an attribute information storage unit 23b, and a history information storage unit 23c. Having. For example, the storage unit 23 is a semiconductor memory device such as a RAM or a flash memory, or a storage device such as a hard disk or an optical disk.

  The authentication information storage unit 23a stores biometric information for authentication of a user registered in advance. For example, as illustrated in FIG. 5, the authentication information storage unit 23a stores a “user ID” that uniquely identifies a user and “authentication information” that is biometric information for authenticating the user. FIG. 5 is a diagram illustrating an example of data stored in the authentication information storage unit. In the example of FIG. 5, the authentication information storage unit 23a stores fingerprint information (for example, a fingerprint image) as authentication information.

  The attribute information storage unit 23b stores user attribute information. For example, as illustrated in FIG. 6, the attribute information storage unit 23b stores attribute information such as “name” and “age” in association with “user ID”. FIG. 6 is a diagram illustrating an example of data stored in the attribute information storage unit.

  The history information storage unit 23c stores information on the purchase history of the user. For example, as illustrated in FIG. 7, the history information storage unit 23c stores information on a product such as a “product name” for each user in association with a “product ID” that uniquely identifies a product purchased by the user. Remember. FIG. 7 is a diagram illustrating an example of data stored in the history information storage unit. Note that, in the example of FIG. 7, only the history information regarding “user A” is illustrated, but the history information storage unit 23c stores the same history information for other users.

  The control unit 22 has an internal memory for storing programs and required data that define various processing procedures and the like, and executes various processes by using these. It has a unit 22a, an attribute information acquiring unit 22b, a determining unit 22c, an issuing unit 22d, and a display control unit 22e. Here, the control unit 22 is an electronic circuit such as a CPU or an MPU, or an integrated circuit such as an ASIC or an FPGA.

  The authentication unit 22a acquires the user's biometric information from the terminal device 10 and performs an authentication process to determine whether the user is a valid user using the biometric information of the user and biometric information stored in advance. For example, the authentication unit 22a acquires the user ID and the fingerprint information of the user from the terminal device 10, compares the fingerprint information of the user with the fingerprint information stored in the authentication information storage unit 23a, and when they match, If the user is determined to be a valid user, and if they do not match, authentication processing is performed to determine that the user is not a valid user.

  When the authentication unit 22a determines that the user is a valid user, the attribute information acquisition unit 22b acquires the attribute information of the user. For example, when the authentication unit 22a determines that the user is a valid user, the attribute information acquisition unit 22b determines the attribute information of the user corresponding to the user ID included in the authentication request transmitted from the terminal device 10 ( For example, age) is acquired from the attribute information storage unit 23b.

  The determining unit 22c determines whether or not the condition is satisfied using the attribute information acquired by the attribute information acquiring unit 22b, and if it is determined that the condition is satisfied, permits the purchase of the product. . For example, when the age of the user acquired by the attribute information acquisition unit 22b is 20 years or older, the determination unit 22c determines that the purchase condition of beer is satisfied, and purchases the product from the vending machine 30. Notify permission. If the determination unit 22c determines that the purchase condition is satisfied, the determination unit 22c may perform a payment process for the product, or may perform automatic payment from an online account or credit associated with the user.

  When the determining unit 22c determines that the condition is satisfied, the issuing unit 22d acquires the purchase history corresponding to the user ID from the history information storage unit 23c, and sends the coupon to the terminal device 10 according to the purchase history. Issue to For example, the issuing unit 22d issues a coupon that can discount the purchased product this time or issues a discount coupon that can be used next time as a privilege of purchasing a plurality of predetermined products from the purchase history corresponding to the user ID. Or it is possible. The issuing unit 22d may issue a coupon for a related product such as a snack when the product purchased this time is liquor. Furthermore, the issuing unit 22d may issue a coupon that can be used in a store (for example, a karaoke store) or the like near the current position of the user by specifying the position of the terminal device 10 or the vending machine 30. .

  When the determination unit 22c determines that the condition is satisfied, the display control unit 22e outputs an advertisement for selling a product that the user wants to purchase to the terminal device 10 or the automatic device according to the purchase history corresponding to the user. Control is performed so as to be displayed on the vending machine 30. For example, the display control unit 22e specifies a product of interest to the user from the purchase history corresponding to the user ID, and controls to display an advertisement related to the product of interest to the user.

  In the above description, the case where the authentication process is performed on the authentication server 20 side has been described. However, the authentication process may be performed on the terminal device 10 side. In this case, the authentication unit 22a and the authentication information storage unit It is assumed that the terminal device 10 has a functional unit corresponding to 23a. Then, the terminal device 10 transmits the authentication result to the authentication server 20 instead of transmitting the biometric information to the authentication server 20.

[Authentication server processing procedure]
Next, an example of a processing procedure by the authentication server 20 according to the first embodiment will be described with reference to FIG. FIG. 8 is a flowchart illustrating an example of a processing flow in the authentication server according to the first embodiment.

  As illustrated in FIG. 8, when the authentication unit 22a of the authentication server 20 receives the biometric information of the user from the terminal device 10 (Yes at Step S101), the authentication unit 22a uses the biometric information of the user and the biometric information stored in advance. Then, an authentication process is performed to determine whether the user is a valid user (step S102). For example, the authentication unit 22a acquires the user ID and the fingerprint information of the user from the terminal device 10, compares the fingerprint information of the user with the fingerprint information stored in the authentication information storage unit 23a, and when they match, If the user is determined to be a valid user, and if they do not match, authentication processing is performed to determine that the user is not a valid user.

  If the authentication unit 22a determines that the user is not a valid user (No at Step S103), the process ends. If the authentication unit 22a determines that the user is a valid user (Yes at Step S103), the attribute information acquisition unit 22b acquires the user attribute information (Step S104). For example, when the authentication unit 22a determines that the user is a valid user, the attribute information acquisition unit 22b determines the attribute information of the user corresponding to the user ID included in the authentication request transmitted from the terminal device 10 ( For example, age) is acquired from the attribute information storage unit 23b.

  Subsequently, the determination unit 22c determines whether the condition is satisfied, using the attribute information acquired by the attribute information acquisition unit 22b (Step S105). As a result, when determining that the condition is satisfied (Yes at Step S105), the determining unit 22c permits purchase of the product (Step S106). For example, when the age of the user acquired by the attribute information acquisition unit 22b is 20 years or older, the determination unit 22c determines that the purchase condition of beer is satisfied, and purchases the product from the vending machine 30. Notify permission. If the determining unit 22c determines that the condition is not satisfied (No at Step S105), the process ends. If the authentication unit 22a determines that the user is not a valid user in step S103, or determines that the condition is not satisfied in step S106, the terminal device 10 or the automatic vending machine displays a screen indicating that the product cannot be purchased. The information may be displayed on the device 30.

[Effect of First Embodiment]
In the authentication system 100 according to the first embodiment, the terminal device 10 acquires the biometric information of the user when there is a purchaser condition for a product that the user wants to purchase at the vending machine 30, The acquired biometric information is transmitted to the authentication server 20. Further, the authentication server 20 acquires the user's biometric information from the terminal device 10 and performs an authentication process to determine whether the user is a valid user using the biometric information of the user and the biometric information stored in advance. If it is determined that the user is a legitimate user, attribute information of the user is obtained, it is determined whether or not the condition is satisfied using the attribute information, and it is determined that the condition is satisfied. In that case, the purchase of the product is permitted. For this reason, in the authentication system 100, it is possible to easily and appropriately perform user authentication.

  In the above description, a vending machine has been described as an example, but the present invention is not limited to this, and the present invention may be applied to other devices. For example, the present invention may be applied to an unmanned cash register. You may make it. For example, when a user checks a product at an unmanned cash register, if alcohol or the like is included, a QR code is displayed on the display of the cash register, and the terminal device 10 reads an image. Then, the same processing as described above is performed by the terminal device 10 and the authentication server 20 to perform personal authentication and determination as to whether or not the user is an adult. Allow purchase of.

[Second embodiment]
In the above-described first embodiment, the case where the authentication server performs user authentication when the user purchases a product from the vending machine 30 has been described. However, the present invention is not limited to this. When a user rents a vehicle such as a bicycle, the authentication server may authenticate the user.

  Therefore, in the following, in the authentication system 100A according to the second embodiment, a description will be given of a case where the authentication server authenticates the user when the user rents a vehicle such as a car or a bicycle in the car sharing service. Car sharing services are becoming popular. The car sharing service is a framework in which registered members share vehicles such as automobiles and bicycles. The car sharing service has the merit that, compared to the conventional rental car service, a sharing car can be easily used with a simple fee even in a short time.

  FIG. 9 is a block diagram illustrating a configuration example of an authentication system according to the second embodiment. An authentication system 100A according to the second embodiment includes a terminal device 10A, an authentication server 20A, and an automobile 60, and the terminal device 10A and the authentication server 20A are connected to each other via a network 40. The configuration illustrated in FIG. 9 is merely an example, and the specific configuration and the number of each device are not particularly limited.

  The terminal device 10A is, for example, a terminal device owned by the user such as a smartphone or a tablet. An authentication application is downloaded to the terminal device 10A. The terminal device 10A acquires the biometric information of the user and transmits the acquired biometric information to the authentication server when the authentication application is activated by the operation of the user and the user intends to rent the car 60. . The configuration of the terminal device 10A will be described later in detail with reference to FIG.

  The authentication server 20A acquires the biometric information of the user from the terminal device 10A, and performs an authentication process of determining whether the user is a valid user using the biometric information of the user and the biometric information stored in advance. Note that the authentication server 20A may apply any method of fingerprint authentication, palm print authentication, iris authentication, face authentication, or the like as an authentication processing method, or may combine a plurality of authentication processes. If the authentication server 20A determines that the user is a legitimate user, the authentication server 20A obtains the user's attribute information or the user's history information, and uses the obtained attribute information or the history information to charge for the use of the vehicle. To determine. If the authentication server 20A determines that the user is a valid user, the authentication server 20A performs control to unlock the key of the automobile 60, and makes the automobile 60 available to the user. Note that the control processing for unlocking the key of the automobile 60 may use any known method.

  The car 60 is a vehicle provided by a car sharing service. The car 60 is a vehicle that can be used only by a user determined to be a valid user in the authentication processing. It should be noted that the usage fee and insurance fee of the car are determined according to attribute information such as the age and nationality of the user or history information such as the mileage of the user.

  That is, the authentication system 100A performs the authentication process and determines the price of the car provided by the car sharing service using the attribute information or the history information. Can be operated with the key unlocked, and an appropriate fee according to the user can be determined.

[Configuration of terminal device]
Next, the configuration of the terminal device 10A will be described with reference to FIG. FIG. 10 is a block diagram illustrating a configuration example of a terminal device according to the second embodiment. As shown in FIG. 10, the terminal device 10A has a communication processing unit 11, a control unit 13, and a storage unit 14. The processing of each unit of the terminal device 10 will be described below.

  The communication processing unit 11 controls communication regarding various types of information. For example, the communication processing unit 11 transmits biometric information such as fingerprint information to the authentication server 20A.

  The storage unit 14 stores data and programs required for various processes by the control unit 13. For example, the storage unit 14 is a semiconductor memory device such as a RAM or a flash memory, or a storage device such as a hard disk or an optical disk.

  The control unit 13 has an internal memory for storing programs and required data that define various processing procedures and the like, and executes various processing by using these. It has an information acquisition unit 13d and a biological information transmission unit 13e. Here, the control unit 13 is an electronic circuit such as a CPU or an integrated circuit such as an ASIC or an FPGA.

  The biological information acquisition unit 13d acquires the biological information of the user when the user uses the vehicle. Specifically, the biometric information acquisition unit 13d acquires the biometric information of the user when the authentication application is activated by the user. For example, the biometric information acquisition unit 13d performs a fingerprint image when fingerprint authentication is performed, a palm print image when palm print authentication is performed, an iris image when iris authentication is performed, and a face image when face authentication is performed. When it is performed, a face image is acquired as biological information. In the following, description will be given mainly on the assumption that fingerprint authentication is performed in the authentication server 20A.

  The biological information transmitting unit 13e transmits the biological information acquired by the biological information acquiring unit 13d to the authentication server 20A. For example, the biometric information transmitting unit 13e sends an authentication request including the fingerprint image acquired by the biometric information acquiring unit 13d, the user ID for identifying the user, and the vehicle ID of the automobile 60 to be rented by the user to the authentication server 20A. Send to

[Authentication server configuration]
Next, the configuration of the authentication server 20A will be described with reference to FIG. FIG. 11 is a block diagram illustrating a configuration example of the authentication server according to the second embodiment. As shown in FIG. 11, the authentication server 20A has a communication processing unit 21, a control unit 22, and a storage unit 23. The processing of each unit of the authentication server 20A will be described below.

  The communication processing unit 21 controls communication regarding various types of information. For example, the communication processing unit 21 receives an authentication request from the terminal device 10 and transmits an authentication result to the terminal device 10A.

  The storage unit 23 stores data and programs necessary for various kinds of processing by the control unit 22. Particularly relevant to the present embodiment are an authentication information storage unit 23d, an attribute information storage unit 23e, and a history information storage unit 23f. Having. For example, the storage unit 23 is a semiconductor memory device such as a RAM or a flash memory, or a storage device such as a hard disk or an optical disk.

  The authentication information storage unit 23d stores biometric information for user authentication registered in advance. For example, the authentication information storage unit 23d stores “user ID” that uniquely identifies a user and “authentication information” that is biometric information for authenticating the user. The attribute information storage unit 23e stores user attribute information. For example, the attribute information storage unit 23e stores attribute information such as “name” and “age” in association with “user ID”.

  The history information storage unit 23f stores information about the driving history of the user. For example, as illustrated in FIG. 12, the history information storage unit 23f associates each user's “user ID” with “distance”, which is the total distance traveled by the user, and types of driving licenses. A certain "license type" is stored. FIG. 12 is a diagram illustrating an example of data stored in the history information storage unit. The information illustrated in FIG. 12 is an example, and the history information storage unit 23f may store an accident history and the like.

  The control unit 22 has an internal memory for storing programs and required data that define various processing procedures and the like, and executes various processes by using these. Unit 22f, a user information acquisition unit 22g, and a determination unit 22h. Here, the control unit 12 is an electronic circuit such as a CPU or an MPU, or an integrated circuit such as an ASIC or an FPGA.

  The authentication unit 22f acquires the biometric information of the user from the terminal device 10A, and determines whether the user is a valid user using the biometric information of the user and the biometric information stored in advance. For example, the authentication unit 22f acquires the user's user ID and fingerprint information from the terminal device 10A, compares the user's fingerprint information with the fingerprint information stored in the authentication information storage unit 23d. If the user is determined to be a valid user, and if they do not match, authentication processing is performed to determine that the user is not a valid user.

  When the authentication unit 22f determines that the user is a valid user, the user information acquisition unit 22g acquires user attribute information or user history information. The user information acquisition unit 22g acquires, for example, age and nationality as attribute information of the user. In addition, the user information acquisition unit 22g stores, for example, the travel distance of the user, the license type, the accident history, and the like as the user history information.

  The determining unit 22h determines a fee for using the vehicle using the attribute information or the history information acquired by the user information acquiring unit 22g. For example, when the age of the user is higher than a predetermined threshold, that is, when the user is elderly, the determination unit 22h sets the usage fee and the insurance premium of the car 60 relatively high. Further, for example, when the traveling distance of the user is short or the type of the driver's license is “gold”, the determining unit 22h sets the usage fee and the insurance premium of the automobile 60 relatively low. Note that the usage fee and the insurance fee of the vehicle 60 may be determined separately, or the usage fee of the vehicle 60 may include the insurance fee.

[Authentication server processing procedure]
Next, an example of a processing procedure by the authentication server 20A according to the second embodiment will be described with reference to FIG. FIG. 13 is a flowchart illustrating an example of a processing flow in the authentication server according to the second embodiment.

  As illustrated in FIG. 13, when the authentication unit 22f of the authentication server 20A receives the biometric information of the user from the terminal device 10A (Yes at Step S201), the authentication unit 22f uses the biometric information of the user and the biometric information stored in advance. An authentication process is performed to determine whether the user is a valid user (step S202). For example, the authentication unit 22f acquires the user's user ID and fingerprint information from the terminal device 10A, compares the user's fingerprint information with the fingerprint information stored in the authentication information storage unit 23d. If the user is determined to be a valid user, and if they do not match, authentication processing is performed to determine that the user is not a valid user.

  If the authentication unit 22f determines that the user is not a valid user (No at Step S203), the process ends. When the authentication unit 22f determines that the user is a valid user (Yes at Step S203), the user information acquisition unit 22g acquires the attribute information and the history information of the user (Step S204). For example, when the authentication unit 22f determines that the user is a legitimate user, the user information acquisition unit 22g determines the attribute information of the user corresponding to the user ID included in the authentication request transmitted from the terminal device 10 ( For example, the age information and the history information (the mileage of the user, the license type, the accident history, etc.) are acquired from the attribute information storage unit 23e.

  Subsequently, the determining unit 22h determines a fee for using the vehicle using the attribute information or the history information acquired by the user information acquiring unit 22g (Step S205). For example, when the age of the user is higher than a predetermined threshold, that is, when the user is elderly, the determination unit 22h sets the usage fee and the insurance premium of the car 60 relatively high. Further, for example, when the traveling distance of the user is short or the type of the driver's license is “gold”, the determining unit 22h sets the usage fee and the insurance premium of the automobile 60 relatively low.

[Effect of Second Embodiment]
In the authentication system 100A according to the second embodiment, when the user uses the vehicle, the terminal device 10A acquires the biometric information of the user and transmits the acquired biometric information to the authentication server. The authentication server 20A acquires the biometric information of the user from the terminal device 10A, and performs an authentication process of determining whether the user is a valid user using the biometric information of the user and biometric information stored in advance. If the authentication server 20A determines that the user is a legitimate user, the authentication server 20A acquires the user's attribute information or the user's history information, and uses the acquired attribute information or the history information to charge the use of the vehicle. To determine. Therefore, in the authentication system 100A, it is possible to determine an appropriate fee according to the user after confirming that the user is a valid user.

[System configuration, etc.]
Each component of each device illustrated is a functional concept, and does not necessarily need to be physically configured as illustrated. That is, the specific form of distribution / integration of each device is not limited to the one shown in the figure, and all or a part thereof may be functionally or physically distributed / arbitrarily divided into arbitrary units according to various loads and usage conditions. Can be integrated and configured. Further, all or any part of each processing function performed by each device can be realized by a CPU and a program analyzed and executed by the CPU, or can be realized as hardware by wired logic.

  Further, of the processes described in the present embodiment, all or a part of the processes described as being performed automatically can be manually performed, or the processes described as being performed manually can be performed. Can be automatically or entirely performed by a known method. In addition, the processing procedures, control procedures, specific names, and information including various data and parameters shown in the above documents and drawings can be arbitrarily changed unless otherwise specified.

[program]
Further, it is also possible to create a program in which the processing executed by each device described in the above embodiment is described in a computer-executable language. For example, it is also possible to create a program in which a process executed by each device according to the embodiment is described in a computer-executable language. In this case, the same effects as in the above embodiment can be obtained by the computer executing the program. Further, the same processing as in the above embodiment may be realized by recording such a program on a computer-readable recording medium and reading and executing the program recorded on the recording medium by a computer.

  FIG. 14 is a diagram illustrating a computer that executes a program. As illustrated in FIG. 14, the computer 1000 includes, for example, a memory 1010, a CPU 1020, a hard disk drive interface 1030, a disk drive interface 1040, a serial port interface 1050, a video adapter 1060, and a network interface 1070. These units are connected by a bus 1080.

  The memory 1010 includes a ROM (Read Only Memory) 1011 and a RAM 1012 as illustrated in FIG. The ROM 1011 stores, for example, a boot program such as a BIOS (Basic Input Output System). The hard disk drive interface 1030 is connected to a hard disk drive 1090 as illustrated in FIG. The disk drive interface 1040 is connected to the disk drive 1100 as illustrated in FIG. For example, a removable storage medium such as a magnetic disk or an optical disk is inserted into the disk drive 1100. The serial port interface 1050 is connected to, for example, a mouse 1110 and a keyboard 1120 as illustrated in FIG. The video adapter 1060 is connected to, for example, a display 1130 as illustrated in FIG.

  Here, as exemplified in FIG. 14, the hard disk drive 1090 stores, for example, an OS 1091, an application program 1092, a program module 1093, and program data 1094. That is, the above-described program is stored in, for example, the hard disk drive 1090 as a program module in which an instruction to be executed by the computer 1000 is described.

  The various data described in the above embodiment is stored as program data in, for example, the memory 1010 or the hard disk drive 1090. Then, the CPU 1020 reads the program module 1093 and the program data 1094 stored in the memory 1010 and the hard disk drive 1090 into the RAM 1012 as necessary, and executes various processing procedures.

  The program module 1093 and the program data 1094 relating to the program are not limited to being stored in the hard disk drive 1090, but may be stored in, for example, a removable storage medium and read by the CPU 1020 via the disk drive or the like. . Alternatively, the program module 1093 and the program data 1094 relating to the program are stored in another computer connected via a network (LAN (Local Area Network), WAN (Wide Area Network), or the like), and are connected via a network interface 1070. It may be read by the CPU 1020.

  The above embodiments and modifications thereof are included in the invention disclosed in the claims and equivalents thereof, as are included in the technology disclosed in the present application.

10, 10A terminal device 11, 21 communication processing unit 12 camera 13, 22 control unit 13a image acquisition unit 13b biometric information acquisition unit 13c biometric information transmission unit 14, 23 storage unit 20 authentication server 22a authentication unit 22b attribute information acquisition unit 22c determination Unit 22d issuing unit 22e display control unit 23a authentication information storage unit 23b attribute information storage unit 23c history information storage unit 30 vending machine 40 network 100 authentication system

Claims (8)

An authentication system having a terminal device and an authentication server,
The terminal device,
For a product that the user wants to purchase at the vending machine, when there is a condition of a purchaser, the user has a biometric information acquisition unit that acquires biometric information of the user,
One of the terminal device and the authentication server,
Using biometric information acquired by the biometric information acquisition unit and biometric information stored in advance, an authentication unit that performs an authentication process to determine whether the user is a valid user,
The authentication server,
When the authentication unit determines that the user is a valid user, an attribute information acquisition unit that acquires the attribute information of the user,
Using the attribute information acquired by the attribute information acquisition unit, to determine whether the condition is satisfied, if it is determined that the condition is satisfied, a determination unit that allows the purchase of the product, An authentication system comprising: The terminal device further includes an image acquisition unit that acquires an image of a code corresponding to a product that the user wants to purchase,
The biometric information acquisition unit specifies a product that the user wants to purchase from the image of the code, and obtains the biometric information of the user when there is a purchaser condition for the product. The authentication system according to claim 1, which performs the authentication.   2. The authentication server according to claim 1, further comprising an issuing unit that issues a coupon according to a purchase history corresponding to the user when the determination unit determines that the condition is satisfied. Authentication system described in.   The authentication server, when it is determined that the condition is satisfied by the determination unit, according to the purchase history corresponding to the user, the terminal device or an advertisement that sells a product that the user wants to purchase. The authentication system according to claim 1, further comprising a display control unit that controls display on the vending machine.   2. The authentication system according to claim 1, wherein when determining that the condition is satisfied, the determination unit permits the purchase of the product and performs a payment process on the product. 3. An authentication method executed by an authentication system having a terminal device and an authentication server,
The terminal device, for a product that the user wants to purchase at the vending machine, if there is a purchaser condition, a biometric information acquisition step of acquiring biometric information of the user,
Either the terminal device or the authentication server uses the biometric information obtained in the biometric information obtaining step and biometric information stored in advance to perform an authentication process of determining whether the user is a valid user. Authentication process to be performed;
If the authentication server is determined by the authentication step that the user is a valid user, attribute information acquisition step of acquiring the attribute information of the user,
The authentication server determines whether or not the condition is satisfied by using the attribute information acquired in the attribute information acquiring step, and when it is determined that the condition is satisfied, purchases the product. An authentication method, comprising: determining a permission. An authentication system having a terminal device and an authentication server,
The terminal device,
When the user uses the vehicle, having a biological information acquisition unit to acquire the biological information of the user,
One of the terminal device and the authentication server,
Using biometric information acquired by the biometric information acquisition unit and biometric information stored in advance, an authentication unit that performs an authentication process to determine whether the user is a valid user,
The authentication server,
When the authentication unit determines that the user is a valid user, a user information acquisition unit that acquires attribute information of the user or history information of the user,
A determining unit for determining a fee for use of the vehicle using attribute information or history information acquired by the user information acquiring unit. An authentication method executed by an authentication system having a terminal device and an authentication server,
The terminal device, when a user uses a vehicle, a biological information obtaining step of obtaining biological information of the user,
Either the terminal device or the authentication server uses the biometric information obtained in the biometric information obtaining step and biometric information stored in advance to perform an authentication process of determining whether the user is a valid user. Authentication process to be performed;
The authentication server, if the user is determined to be a valid user by the authentication step, a user information acquisition step of acquiring attribute information of the user or history information of the user,
A determining step of determining, by the authentication server, a fee for using the vehicle using the attribute information or the history information acquired in the user information acquiring step.

Images