JP2020060941A - Biometric authentication system, information processing device, and program - Google Patents

Abstract

To provide a biometric authentication system, an information processing device, and a program for enabling use of biometric authentication in a simpler manner.SOLUTION: A biometric authentication system 100 according to the present invention which uses biometric authentication, includes: a monitoring camera 102 that monitors an inside of a shop; a settlement terminal 103 that performs settlement using a settlement medium; reading means 104 for reading settlement information recorded in the settlement medium; and transmission means 109 for synchronizing identification of a verification image including a biometric authentication part of a user with reading of the settlement information, and individually transmitting, separately from the settlement information and via a network, at least image information acquired by the monitoring camera and the verification image, in the image information, acquired in synchronization with reading of the settlement information.SELECTED DRAWING: Figure 1

Description

  The present invention relates to a biometric authentication system, an information processing device and a program.

  2. Description of the Related Art Conventionally, biometric authentication has been used in the settlement of cash cards, credit cards, etc. for the purpose of preventing fraud such as skimming of payment information and snooping. However, the conventional biometric authentication method is complicated because the procedure of registering a finger vein or palm vein pattern, which is difficult to forge, as biometric information on the IC card after presenting the identification card at the counter or the like to verify the identity. The registration of biometric information has not progressed as much as the prevalence of IC cards themselves. Further, in the case of a card issuer without a counter, biometric information cannot be registered even if it has a biometric authentication function.

  Furthermore, in recent years, mobile terminals such as smart phones have become widespread, and electronic payment systems from smart phones have also become widespread, and the full-scale cashless payment era is about to come. Therefore, it is necessary to provide biometric authentication more simply and at a high security level as a highly secure authentication method other than the conventional authentication method such as a personal identification number.

  As a biometric authentication technology, a biometric information registration system is known in which a user himself / herself can register biometric information by using a terminal that can use biometric authentication without the need for identity verification at a counter or the like. (See, for example, Patent Documents 1 and 2).

  In addition to this, face images of an unspecified number of people are extracted from image information and still images acquired from multiple imaging devices installed in a building such as a surveillance camera to efficiently register and authenticate user biometric information. There is a known registration system that can be implemented (see, for example, Patent Document 3).

  The biometric information registration system described in Patent Document 1 registers biometric information acquired by a biometric information sensor of a payment terminal in an IC card after receiving a user's instruction. The settlement center holds the registration number corresponding to the biometric information generated by the IC card. As a result, it is possible to eliminate the need for personal identification at a window or the like when registering biometric information.

  The biometric information registration / authentication system described in Patent Document 2 is for verifying and authenticating at a game center or the like by storing biometric information read by a reading unit by a resident of an apartment or the like holding a finger in a data center. is there. Thereby, the biometric information can be used at a place different from the registered place.

  The registration system described in Patent Document 3 captures a face of a visitor or the like, registers a face image of a person who agrees with the registration, and temporarily registers a face image of a person who does not agree with the registration in a database. This can be used for, for example, establishing a company security system or an effective sales layout for department stores.

  In the biometric information registration system disclosed in Patent Document 1, the biometric information is acquired after the user's instruction is received, and the biometric information is stored in the IC card. Therefore, the biometric information is stored for each IC card. There is a problem in that it is bothersome to save, and if the IC card is not carried or lost, neither personal authentication nor payment can be performed.

  Further, the biometric information registration / authentication system described in Patent Document 2 registers biometric information regardless of the time of payment, and the registration system described in Patent Document 3 does not utilize biometric information for payment. None, the registered biometric information is not associated with the IC card.

JP, 2009-169809, A JP, 2005-170083, A JP, 2008-250755, A

  The present invention has been made in view of the above-mentioned problems of the prior art, and improves the security of cash cards, credit cards, and other cashless payments, and enables biometric authentication to be used more easily. It is intended to provide a system, an information processing device, and a program.

According to a preferred embodiment of the invention,
A biometric authentication system using biometric authentication,
A surveillance camera to monitor the inside of the store,
A payment terminal that makes payment using a payment medium,
Reading means for reading the payment information recorded on the payment medium;
The identification of the matching image including the biometric authentication part of the user and the reading of the payment information are synchronized, and at least the image information acquired by the surveillance camera and the image information are acquired in synchronization with the reading of the payment information. There is provided a biometric authentication system including: a sending unit that separates the verification image from the payment information and separately sends the verification image via a network.

According to a preferred embodiment of the present invention,
The surveillance camera and the payment terminal may not hold the payment information acquired by the reading unit, process the payment information, and prevent the payment information from passing through.

  Further, in a preferred embodiment of the present invention, the sending means sets the time stamp of payment start at the payment terminal to a first transmission packet including the collation image and a second transmission packet including the payment information for a coincidence of payment. Can be added as proof.

  Further, according to a preferred embodiment of the present invention, it is preferable that the biometric information is remotely acquired during entering the store, and the biometric information and the payment medium are associated and registered at the time of payment.

According to a preferred embodiment of the present invention,
An information processing device for payment using biometric authentication,
A CPU that controls the operation of the information processing device;
A memory that provides a storage space for processing by the CPU,
A storage device that stores a program executed by the CPU, data for processing, and an execution result,
At least image information acquired by the surveillance camera, and means for identifying a matching image that includes the biometric authentication site of the user in synchronization with the start of payment by the payment terminal among the image information,
Notifying the payment start of the payment terminal to a reading unit for reading the payment information recorded on the payment medium and a unit for acquiring the matching image, and providing a coincidence between the payment information and the matching image. Means and
Including,
An information processing apparatus can be provided which attaches a coincidence proof of payment to the collation image and the payment information, separates them, and sends them separately to the network.

According to a preferred embodiment of the invention,
A program executed by an information processing device for payment using biometrics authentication, wherein the program includes:
At least image information acquired by the surveillance camera, and means for identifying a matching image that includes the biometric authentication part of the user in synchronization with the start of payment of the payment terminal among the image information,
Notifying the payment start of the payment terminal to a reading unit for reading the payment information recorded on the payment medium and a unit for specifying the matching image, and providing a coincidence between the payment information and the matching image. means,
Function as
A payment coincidence proof is attached to the collation image and the payment information, separated, and separately sent to the network.
A program capable of executing information processing can be provided.

  According to the present invention, which has been made in view of the above-described problems of the prior art, it is possible to improve the security of cash cards, credit cards, and other cashless payments, and use biometric authentication more easily. It is possible to provide a biometric authentication system, method and program.

1 is a schematic diagram showing a preferred embodiment of a biometric authentication system. The figure showing functional block 200 of information processor 105 installed in a store side system. The figure showing functional block 300 of settlement terminal 103 of this embodiment. The figure showing functional block 400 of payment information reader 104 of this embodiment. The figure which showed the functional block 500 of the payment server 106 of a preferable embodiment. The figure which showed the data structure of the data which the payment server 106 produces | generates in a preferable embodiment. 7 is a flowchart showing a process of generating the temporary collation information shown in FIG. 6A in the preferred embodiment. The flowchart of the process at the time of starting payment at the store side. The flowchart explaining the process after receiving a collation image and payment information. 10 is a flowchart of processing on the side of the store to which control has been passed from step S909 in FIG. 6 is a flowchart of a process in which a user who is already registered in the biometric authentication system makes a payment without carrying a card. 12 is a flowchart of a process following FIG. 11 of a process in which a user who is already registered in the biometric authentication system makes a payment without carrying a card. The flowchart which shows the process of the modified example 1 of this embodiment. The flowchart which shows the process of the modification 2 when a user performs additional registration of another payment medium. The figure which shows the graphical user interface (GUI) displayed on the display device of a personal computer, a tablet terminal, or a smart phone in the modification 1 and the modification 2 when a user newly registers a payment medium in this embodiment. FIG. 9 is a diagram showing another embodiment of a GUI displayed on a display device of a personal computer, a tablet, or a smart phone when a user wants to confirm a payment medium or newly registers a card as a payment medium. FIG. 17 is a diagram showing an embodiment of a GUI displayed when a new card is registered in FIG. 16. The figure which shows 1800 of the biometrics system of the 2nd aspect in a preferable embodiment. The figure showing the exemplary functional block 1900 of the information processor which can be used by this embodiment.

  Hereinafter, the present invention will be described with reference to preferred embodiments, but the present invention is not limited to the embodiments described below. Note that the embodiments described below will be described by taking cashless payment such as credit card, debit card, smart phone payment, and money card as an example. However, in the present embodiment, cash is used from a bank ATM machine using a cash card. It can also be applied to withdraw payments.

  FIG. 1 is a schematic diagram showing a preferred embodiment of the biometric authentication system. In the biometric authentication system 100, a store system and a payment server 106 are connected via a network 101, and payment information on the store side is sent to the payment server 106 to enable payment processing.

  The system on the store side includes a monitoring camera 102, a payment terminal 103 such as a cash register device and an ATM terminal, a payment information reading device 104 for reading payment information from a payment medium such as a cash card, a credit card, and a smart phone, and an information processing device. 105 and.

  A plurality of surveillance cameras 102 are installed in the store, and constantly shoot the interior of the store, send image information to the information processing device 105, and store the image information acquired by the surveillance camera 102 as surveillance video in the store. The stored image information is sent to the settlement server 106 via the network 101 from the information processing apparatus 105 as the moving image information or as snapshots at predetermined intervals, for example. In addition, the video of the monitoring camera 102 can also be used when acquiring an inquiry image including biometric information of a person who makes a payment when the payment processing is started on the shop side.

  The acquisition of an exemplary query image is described below. Upon receiving the notification, the information processing apparatus 105 identifies the frame range of the moving image information of the surveillance camera 102 that captures the image of the user associated with the payment terminal 103. Then, when the identified moving image information is compressed information such as MP4, the I picture of the macro block can be selected and used as the matching image. Further, the frame corresponding to the time stamp of the notification can be motion-compensated and generated, and the generated image can be used as a matching image as a snapshot. Also, for sending biometrics information, for example, an I-picture or an uncompressed image used for motion compensation corresponding to it can be sent as snapshots at regular intervals.

  Hereinafter, in the present disclosure, a snapshot corresponds to a time stamp generated by motion compensation of an I picture of a macro block forming moving image information sent by the surveillance camera 102 or a frame corresponding to the time stamp of the notification. A snapshot can be used to send biometric information and also to send a matching image.

  Further, when the information processing apparatus 105 sends the biometric authentication information as a moving image to the settlement server 106, the settlement server 106 can execute the above-described processing. In the present embodiment, the information including the biometric authentication information from the surveillance camera 102 can be sent as moving image information or a snapshot, but it is sent as a snapshot from the information processing device 105 on the store side. The aspect is a preferable aspect for the purpose of reducing the processing overhead of the payment server 106.

  The inquiry image acquired at this time is sent from the information processing device 105 to the payment server 106, and biometric authentication of the payment information is enabled. The payment terminal 103 issues a trigger to the information processing device 105 when a person who makes a payment (hereinafter referred to as a user) uses a cash card, a credit card, a money card, or a smart phone to start the payment. Then, the information processing apparatus 105 is notified to cause the information processing apparatus 105 to acquire the matching image including the biometric information of the user. It is preferable to add a time stamp indicating the date and time when the settlement terminal 103 starts settlement to the notification. The time stamp is used by the payment server 106 for proof of coincidence of payment.

  Further, when there are a plurality of payment terminals 103 in the store, the payment terminal 103 can send the payment terminal identification information assigned to itself to the information processing apparatus 105 together with the notification.

  Further, the information processing apparatus 105 can send the settlement terminal identification information in addition to the inquiry image and the time stamp to the communication packet sent through the LAN 1 in order to prove the settlement coincidence in the settlement server 106.

  As described above, the collation image may be captured by the information processing apparatus 105 as a snapshot of the image of the monitoring camera 102, but may also be acquired by the payment terminal 103 or an imaging apparatus included in the information processing apparatus 105. Then, this can be sent to the settlement server 106 as a collation image.

  The payment information reading device 104 has a function of electronically reading the information stored in the IC chip and optically reading the screen display of the smart phone. The payment information reading device 104 stores the payment information as a non-holding, non-processing, non-passing environment. It is configured so that it can be processed. Note that the payment information in the present disclosure includes information recorded by the payment medium, such as user identification information, medium number, type, expiration date, and issuer.

  For this purpose, the surveillance camera 102, the payment terminal 103, and the information processing apparatus 105 are configured as a domain of LAN1 which is a virtual LAL in the embodiment shown in FIG. Further, the payment information reading device 104 is configured as a LAN2, which is a virtual LAN different from the LAN1, and cannot be mutually connected. In the present embodiment, the networks are separated as LAN1 and LAN2 because the store-side devices such as the monitoring camera 102, the payment terminal 103, and the information processing device 105 pass the payment information reading device 104 and the application (communication protocol and This is to prevent communication (meaning that the data protocol is managed on the application side), and the function of non-holding, non-processing, and non-passing the information acquired by the payment information reading device 104 by the store-side device. Any connection method will do as long as it is provided. In addition, the term “application” in the present embodiment refers to a program capable of controlling a machine and an information processing device, except for firmware.

  The payment information read by the payment information reading device 104 is sent to the router 109 that functions as a sending unit and further to the payment server 106, and the other store equipment, the monitoring camera 102, the payment terminal 103, and the information processing device 105 Since the payment information acquired by the payment information reading device 104 cannot be processed at all and communication is not possible, a held or non-passing configuration is realized.

  The verification image acquired by the monitoring camera 102, the information processing device 105, and the payment information read by the payment information reading device 104 are separately sent to the payment server 106 through the router 109, and are processed by the payment server 106 using the biometric authentication. Used. At this time, the payment information acquired by the payment information reading device 104 is sent as a transmission packet and then sent to the payment server 106, and the matching image is also sent as a separate transmission packet to the payment server 106. However, since both transmission packets include a common time stamp for providing the coincidence proof, even if the transmission packets arrive in a time-sequential manner due to congestion in the network transfer to the payment server 106, It is possible to provide sufficient coincidence for payment processing.

  The information processing device 105 controls the surveillance camera 102 and stores the moving image information acquired by the surveillance camera 102 in an appropriate storage device or SAN (Storage Area Network) because of the original function of the surveillance camera 102. In addition, in the present embodiment, the moving image acquired by the monitoring camera 102 can be sent to the settlement server 106 together with the store identification information and used to calculate the biometric feature amount.

  Further, in another embodiment, the information processing apparatus 105 creates a snapshot at the start of payment from the moving image from the monitoring camera 102 when the payment start is notified from the payment terminal 103 as a trigger, and the created snapshot. The shot is sent as a collation image of the settlement server 106 together with the store identification information, and the settlement server 106 can collate the biometric feature amount.

  In synchronization with the payment start notification from the payment terminal 103, the information processing apparatus 105 uses the signal line 110 for notifying that the payment processing has started, and makes a payment start payment to the payment information reading apparatus 104 described later. Notify with start time stamp and start reading payment information. Upon receiving the notification, the payment information reading device 104 reads the payment information, creates a transmission packet together with the time stamp, and sends the payment information and the time stamp to the payment server 106 via the independent LAN 2, router 109, and network 101. To do.

  If the internal clocks of payment terminal 103, payment information reading device 104, and information processing device 105 are synchronized by the NTP protocol, the process of sending the time stamp using signal line 110 is not necessary. Further, for example, when there are a plurality of payment terminals 103 in the signal line 110 or the store, the unique payment terminal identification information is received from the corresponding payment terminal 103, included in the communication packet, and sent to the payment server 106. can do.

  The payment server 106 manages an authentication information DB 107 and a payment information DB 108. The DB is an abbreviation for a database, and can be configured by using any conventionally known database program such as a relational database, an object-oriented database and the like. For example, a query such as SQL (Structured Query Language) Preferably, data associated with the query can be extracted in response to the processing.

  The authentication information DB 107 also has a function of a user information DB, and in the present embodiment, biometric information is extracted from the video sent from the surveillance camera 102, various characteristic amounts are calculated from the biometric information, and a specific user is identified. Information, store time information, biometric feature values, etc. are associated and registered.

  Further, the payment information DB 108 registers the user's card information, payment medium information and other payment information in association with the user. In the present embodiment, as the payment information DB 108, the one already constructed by a conventional card company or another entity having a payment approval function can be used as it is as long as the authentication information DB 107 can be referred to. Further, in the embodiment shown in FIG. 1, the authentication information DB 107 and the payment information DB 108 are shown as separately configured DBs, but as long as mutual reference is possible and security is secured, they are implemented as the same DB schema. You can also do it.

  The payment server 106 continuously receives the video of the surveillance camera 102 sent from a specific attachment, and from the biometric information of the user to the biometric feature amount during the period from when the user comes to the store to the payment. Is calculated and the number of times the user is detected is counted to improve the user identification.

  In addition, the payment server 106 receives the matching image acquired by the information processing apparatus 105 and the payment information in association with each other as separate reception packets in response to the start of payment at the store. The matching image and the payment information related to the same payment are determined by using the time stamp or the time stamp included in each received packet and the unique payment terminal identification information. Therefore, even if the reception packet of the matching image and the reception packet of the payment information from the same store are received apart from each other in time series in combination with other reception packets, the coincidence of the payment processing can be maintained. it can.

  When the settlement server 106 receives the collation image and the payment information, the settlement server 106 calculates a biometric feature amount from the collation image, and the calculated biometric feature amount is temporarily collated in a high-speed mass storage device such as SSD. The payment processing using biometric authentication is enabled according to the number of times the user is matched with the information and matched in the store. The temporary collation information will be described later in more detail.

  The settlement server 106 uses the biometric feature amount to approve the settlement of the user who has successfully collated a predetermined number of times in the temporary collation information, notifies the store of the approval information according to the result of the approval, and completes the settlement. Let In addition, in other cases, the payment server 106 does not perform payment on the store side by not approving the payment, and prevents the occurrence of illegal payment. Further, the biometric authentication information is acquired while the user walks in the store, and the association between the user and the biometric authentication information is completed. Therefore, the user can make a payment using biometric authentication without performing a complicated biometric information registration process.

  In the present embodiment, by performing the biometric authentication process described above, payment by biometric authentication can be performed while minimizing the burden on the user. Further, since the payment information reading device 104 is configured not to communicate with each device of the system on the store side, the payment information such as the card information and the information displayed on the smart phone is not held and processed by the device on the store side. In addition, payment processing with a high security level that does not pass through the device on the store side becomes possible.

  Transactions between the store system of the preferred embodiment and the payment server 106 are shown in FIGS. 1 (i)-(iV). First, in (i), the image information from the monitoring camera 102 is constantly sent to the payment server 106, the authentication information of the user present in the store is accumulated as temporary collation information, and in (ii) the payment is started. At the same time, the verification image of the user and the payment information are associated with each other and sent to the payment server 106 to request an approval process using the biometric authentication by the payment server 106.

  After that, the approval information from the payment server 106 is received in (iii), the payment processing is performed in the payment terminal according to the approval result, and the payment amount is notified to the payment server 106 in (iv). Transaction ends.

  The functional blocks of the store system in the preferred embodiment will be described below. FIG. 2 shows a functional block 200 of the information processing device 105 installed in the store system. The information processing device 105 includes an information processing device such as a personal computer, a workstation, or a tablet computer, is connected to a LAN 201 that connects devices on the store side, and communicates with the payment terminal 103 and the monitoring camera 102. There is.

  The information processing device 105 includes a network interface 202, an authentication information sending unit 203, a device control unit 204, and a synchronization control unit 205. The network interface 202 is configured to include a NIC and the like, and information other than payment information acquired from the payment terminal 103, the monitoring camera 102, the payment server 106, a cash card, a credit card, a smart phone, etc. via the LAN 201. It enables cashless payment using biometrics by communicating with each other.

  The device control unit 204 includes a CPU, a memory, a mass storage device, and the like, and enables control of the entire information processing device 105. The authentication information sending unit 203 also has a function of sending the moving image information acquired by the monitoring camera 102 as it is or as snapshots at appropriate intervals so that the payment server 106 can calculate the biometric feature amount.

  Further, the authentication information sending unit 203 receives the notification from the synchronization control unit 205, and specifies the matching image including the biometric information of the user from the moving images acquired by the monitoring camera 102. In addition, a moving image taken by the monitoring camera 102 for in-store monitoring can be sent to the settlement server 106 by sending it to the router 109 functioning as sending means in parallel with sending the collation image.

  For this purpose, the authentication information sending unit 203 may include a moving image codec. The authentication information sending unit 203 sends the image acquired by the monitoring camera 102 to the payment server 106 regularly or periodically. Further, in synchronization with the start of the payment process, a process is executed in which at least the coincidence certificate of the payment start is attached to the identified inquiry image and the inquiry image is sent to the payment server 106.

  The synchronization control unit 205 provides a means for providing a coincidence, and when receiving the notification of the settlement start from the settlement terminal 103, an inquiry synchronized with the settlement start in the moving image sent from the monitoring camera 102 in synchronization with the settlement start. The image for use is specified by the authentication information sending unit 203. The identification of the inquiry image in the present disclosure means a process of decoding a synchronized frame of a moving image or a process of identifying an I picture of a macroblock including a synchronized frame of a moving image, or both.

  Further, the synchronization control unit 205 acquires the time stamp and the payment terminal identification information included in the payment start notification. Further, in synchronization with this, the payment information reading device 104 is activated to cause the payment information reading device 104 to read the payment information.

  In another embodiment, the payment terminal 103 and the payment information reading device 104 form a network separated by VLAN, but a binary signal can be transmitted by a low level connection such as SCSI or USB. May be connected to. This binary signal can include a flag for notifying payment start, a time stamp, and a payment terminal identification number. In this embodiment, the information processing device 105 and the payment information reading device 104 can be operated in synchronization with the start of payment triggered by the payment terminal 103.

  Further, in the exemplary embodiment to be described, the synchronization control unit 205 is described as a functional unit of the information processing device 105, but the payment terminal 103 and the payment information reading device 104 are functionally and cost-wise synchronous control functions. The synchronization control unit 205 can be configured in any of the payment terminal 103 and the payment information reading device 104 as long as it can be configured to provide.

  In the preferred embodiment, the authentication information sending unit 203 sends the inquiry image to the payment server 106 via the router 109 together with at least the store identification information and the payment start time stamp when the matching image is acquired. The store identification information is used by the settlement server 106 to limit the range in which the biometric information of the user is searched and to improve the efficiency of the search.

  Further, the store identification information, the payment start time stamp, or, if necessary, the payment terminal identification information is sent to associate the image of the user with the payment information. The payment terminal identification information is used as a coincidence proof of payment together with a time stamp when a plurality of payment terminals 103 are installed on the store side and a plurality of pieces of payment information are independently sent from the same store. .

  FIG. 3 shows a functional block 300 of the payment terminal 103 of this embodiment. The payment terminal 103 includes a network interface 302, a display control unit 303, an input control unit 304, and a payment processing unit 305. The display control unit 303 can be configured by an LCD, a touch panel, or the like, displays the processing status of the payment terminal 103, and enables the shop staff to perform payment processing. Further, the payment terminal 103 mutually communicates with the information processing device 105 via the LAN 201 and performs payment processing based on the approval information from the payment server 106.

  Further, the input control unit 304 can be composed of a POS device, a ten-key device, or a pen input device using a touch panel in some cases, and enables input to the payment terminal 103. The payment processing unit 305 notifies the information processing device 105 and the payment information reading device 104 of the start of payment, collects the usage charge of the user, and processes the approval / disapproval of payment based on the approval information from the payment server 106. .

  FIG. 4 shows a functional block 400 of the payment information reading device 104 of this embodiment. The payment information reading device 104 includes a payment information reading unit 401 and a network interface 402. When the payment information reading device 104 receives the payment start notification from the payment terminal 103 together with the time stamp, the payment information reading device 104 reads the payment information from the payment medium and makes payment to the payment server 106 from the network interface 402 via the LAN 201 directly through the router 109. Send information. As described above, at least the store identification information and the time stamp are attached to the payment information, and even when the payment information is separately transmitted via the network, the payment server 106 can display the inquiry image of the user. It is possible to link with payment information.

  FIG. 5 shows a functional block 500 of the payment server 106 of the preferred embodiment. The payment server 106 can be configured by an information processing device such as a server computer, a general-purpose computer, or a super computer, and processes transactions with many store-side systems via the LAN 501 and the network interface 502. . Note that the function block 500 of the payment server 106 is shown by omitting functions such as a firewall and a gateway / router for convenience of description.

  The payment server 106 includes a biometric information processing unit 503, a biometric information registration unit 504, and a biometric information matching unit 506. The biometric information processing unit 503 constantly receives the image information sent from the surveillance camera 102 of the store system, and processes the biometric authentication information of the user existing in the store. The biometric information processing unit 503 can identify the same user by using, for example, the color pattern of clothing of the user existing in the store or other characteristics of the biometric information, and use the biometric information for authentication. The feature amount is calculated and registered in association with each user.

  When the biometric information processing unit 503 detects a new user, the biometric information processing unit 503 assigns a temporary ID to the new user, calculates a feature amount from shape features such as faces and ears, and registers the feature amount in the store user table. The payment server 106 determines the image information from the surveillance camera 102 that is constantly sent, counts the number of times the user is detected in a specific store, and prevents an erroneous determination of the presence of the user in the store.

  When the user requests payment at the store, the biometric information registration unit 504 determines whether the user already has the payment information. If the user has the payment information, the biometric information registration unit 504 determines whether the user has the payment information. The biometric information of the user is registered in the authentication information DB 107 as the authentication information in association with the payment information. If the user does not have the payment information, the biometric information together with the payment information is registered in the authentication information DB 107 and the payment information DB 108 as the authentication information together with the payment information.

  The mode in which the user does not have the payment information occurs when the user uses a payment medium other than a cash card, a credit card, and a smart phone payment, such as a transportation money card or a convenience store money card. In a preferred embodiment, it is possible to add a biometric authentication function to a payment medium other than a cash card or a credit card for cashless payment while minimizing the burden on the user.

  When the biometric information collating unit 506 receives the collation image sent in synchronization with the settlement process together with the store identification information and the time stamp information from the store system, the biometric information collating unit 506 calls the biometric information processing unit 503 to calculate the biometric feature amount. The authentication information DB 107 is collated with the calculated biometric feature amount and store identification information as search keys. The biometric information collating unit 506 outputs the collation result to the collation result output unit 507 and enables the approval process based on the collation result.

  Furthermore, the payment server 106 includes a consent information processing unit 505, a payment information management unit 508, and an approval information output unit 509. The consent information processing unit 505 inquires whether or not to register the biometric information acquired in the store system as the authentication information when the user has not previously registered the biometric information in the payment medium. . As a result of the inquiry, when the user agrees to register the biometric information as the authentication information, the biometric information is registered in the authentication information DB as the authentication information for the payment medium. If the user does not wish to register, the biometric information is discarded, and payment by an authentication method that does not use the biometric information is possible.

  The payment information management unit 508 has a function of managing the payment information of the user, and in the present embodiment, the payment medium of the user who requested the payment by the payment medium not registered in the payment information DB 108 is the payment medium. It also provides a function of additionally registering information such as the type, ID number, user identification information such as name and date of birth, and registration date. It should be noted that in another embodiment, when the user wants to delete, it also has a function of deleting the payment medium designated by the user.

  The approval information output unit 509 refers to the output of the matching result output unit 507, determines whether to approve the payment based on the biometric information of the user registered in the payment information DB 108, and displays the result of the judgment. , And returns it to the payment terminal 103 of the system on the store side through the network 101 to enable payment processing.

  Furthermore, the payment server 106 includes a payment result notification unit 510. When the payment medium is a credit card, a debit card, or a cashless payment using a smart phone, the payment result notification unit 510 sends user information to a credit company, a bank, or a smart phone carrier, respectively. By notifying store information, time stamp, amount of money, applicable items, etc., it is possible to withdraw money by cashless settlement, pay the store side, and charge the user.

  If the payment medium is a transportation money card or a convenience money card, the payment amount will be withdrawn when the approval information is notified to the store system by the approval information output unit 509. No special processing is performed.

  FIG. 6 is a diagram showing a data structure of temporary collation information generated by the payment server 106 in the preferred embodiment. The data structure shown in FIG. 6 can be implemented by using store identification information as an index. By implementing it as the data structure of FIG. 6, even if there are users of the payment medium of tens of millions of units, the number of records of each data becomes the number of records equivalent to the users existing in a specific store, which is large. Even at a large-scale store, it will fit in at most several thousands to tens of thousands of records. Therefore, the retrieval efficiency of the biometric feature amount can be significantly improved.

  FIG. 6A is a data structure for the settlement server 106 to store a transitional result of processing the image information generated by each store-side system and sent from the store-side system, and is updated in real time. Is. Further, FIG. 6B is a data structure of the authentication information that stores the user authentication information stored in the authentication information DB 107. FIG. 6C is a data structure that stores payment information for registering information such as a card type registered by the user, an issuer, card information, and a registration date according to a preferred embodiment for each user. Note that the data structures of FIGS. 6A, 6B, and 6C have been described as being constructed in different databases for convenience of description, but further separated according to a specific application. It can be done or integrated as needed.

  The data structure of FIG. 6A is referred to as temporary collation information, can be updated at high speed, and is formed in a large-capacity memory such as SSD so that it can be erased every business day of the store. It is preferable that the temporary identification, the feature amount, and the cumulative count value of the number of collations are registered using the store identification information as an index. The temporary ID is generated each time a new user is collated, the feature amount generated by using the biometric information of the new user is registered, and the number of collations is incremented.

  For example, the biometric feature amount that can be used in the present embodiment can be a feature amount of a face or an auricle. For example, https: // www. jstage. jst. go. jp / article / itej / 61/4 / 61_4_447 / _pdf can be used.

  In addition to this, a Gabor feature amount extracted by Gabor transformation and principal component analysis from the relative positional relationship of the seven vertices, which are constituents of the user's auricle, is used. For example, https: // www. sit. ac. jp / media / 2016_01_minamidani. pdf) can be used, and the algorithm for calculating the biometric feature amount is not particularly limited in the present embodiment.

  After that, the biometric feature amount of the portion including the biometric information of the image sent from the surveillance camera 102 installed in the same store is calculated, and the feature amount that matches the already obtained biometric feature amount within the allowable range is obtained. In this case, the same user is detected again and the number of detections is incremented. This process is repeated to accumulate the number of detections.

  The data structure of FIG. 6B is a data structure managed by the authentication information DB 107. In the embodiment to be described, the data structure of FIG. 6B will be described as a mode in which biometric information is added to conventional authentication information. Conventional authentication information authenticates a user with a user ID and a password (PASS). When a user who has already registered a user ID and a password is detected more than a set number of times in a specific store, payment processing by biometric authentication is performed according to the method of the present disclosure.

  At the start of payment, the information processing device 105 of the store-side system acquires the matching image including the biometric information of the user, reads the payment information in synchronization with the start of payment, and separates the matching image and the payment information from each other. The packet is separated and sent to the settlement server 106.

  This process is the information sent by the arrow of the settlement request in FIG. In the embodiment described, the user is detected three times in the store, so the payment permission condition is satisfied. At this time, the payment approval of the user will be described below assuming that the password, the user ID, and the like have been successfully obtained and successfully completed without using biometrics by the conventional method. At this stage, if the user does not register the authentication with the biometric information and the user consents to the registration of the biometric information as the authentication information, the biometric feature value registered in the record of the temporary ID 3 in FIG. 6A. Is added as a new record of the data in FIG. 6B and written in the corresponding record. If the user does not agree with the biometric authentication, the conventional payment process is executed as it is.

  Further, the date information when the feature amount is updated is registered in the data structure of FIG. The reason for this is that the biometric information may become older and may not match the current user, so that it is added to determine the update. The update date to be added may be given by the payment server 106 on its own, but the time stamp for payment start at the time of update can also be used as the update date.

  In this way, biometric authentication information can be added to the existing authentication information DB 107. From the next use, the user can perform the payment process using biometric authentication by matching the feature amount acquired from the matching image with the feature amount registered in FIG. 6A.

  FIG. 6C shows an embodiment of a data structure managed by the payment information DB 108 of the preferred embodiment. In the data structure shown in FIG. 6C, a user ID, a medium type, an issuer, a medium ID such as a card number, and an expiration date thereof are registered. In the present embodiment, as a medium type, in addition to a payment medium using a credit card, a cash card, a debit card, an electronic money card, NFC, biometric authentication is also performed for two-dimensional barcode information sent from a smart phone or the like. Can be added.

  Regarding the user who is registered for the first time in the biometric authentication system of the present embodiment, when agreeing to the authentication processing by biometric authentication, the medium information such as the card number and type of the payment medium sent together with the payment request is shown in FIG. It will be registered as a new record in the payment information DB 108 shown.

  Although the settlement process using the biometric authentication of the present disclosure has been schematically described above with reference to FIG. 6, the process of the present embodiment will be described more specifically below using the flowcharts shown in FIGS. 7 to 14. .

<Payment preparation using temporary verification information>
FIG. 7 is a flowchart showing a process of generating the temporary collation information shown in FIG. 6A in the preferred embodiment. The surveillance camera 102 installed on the store side acquires image information including biometric information during the period in which the store is open in S700, and sends it to the settlement server as a moving image or a snapshot at predetermined intervals. The settlement server receives the biometric information in step S701, calculates the biometric feature amount of the user, and then searches the temporary collation information shown in FIG. 6A in step S701. In step S703, it is determined whether or not the biometric feature amount is stored in the temporary collation information. If the biometric feature amount is not stored (no), it is determined that a new user is detected, and in step S704, the temporary collation information is stored. A record is newly added, a biometric feature amount is registered, and the process proceeds to step S706.

  If it is determined in step S703 that the data is held (yes), the process is branched to step S709, the number of times of matching is updated in step S709, and the number of times of matching set in step S710, for example, the threshold value. = 3 or more is determined.

  If the number of collations is less than the threshold value (no), the process branches to step S700, and reception of biometric information from the store side is repeated. On the other hand, when it is determined that the number of collations is equal to or more than the threshold value (yes), it is determined in step S711 whether or not a payment request from the store is received. When the payment request is received (yes), the process is performed in step S712. In step S806 and 807 in FIG. 8, the payment information and the matching image are acquired.

If it is determined in step S703 that the biometric feature amount is not stored (no), the biometric feature amount calculated in step S704 is registered in the temporary collation information, and it is determined in step S705 whether or not it has already been searched. . If not searched (no), biometric authentication information in the authentication information DB 107 is searched in step S706. As a result of the search, if the user ID is registered (yes), the temporary user ID is added to the actual user ID and the biometric feature amount registered in the temporary collation information is updated with the record of the corresponding user ID in FIG. 6B. . At the time of updating, the time stamp indicating the updated date and time is also updated. Moreover, the item of the time stamp may not be provided for a specific use. After that, the number of collations is updated in step S709, and the control is passed to step S710 to enable the number of collations to be integrated.
By using the above process, when the biometric authentication information has been successfully retrieved, the biometric feature and the user ID have already been associated with each other. It is possible to search the payment information DB 108 using the collation judgment in the information.

<Start of payment processing>
FIG. 8 is a flowchart of a process when payment is started on the shop side. The payment terminal 103 inquires of the user about the payment method, changes the processing depending on whether the payment is made using the payment medium or a payment method other than the payment medium, and the user makes the payment without using the payment medium in step S801. (No), payment is performed without using a payment medium, that is, cash payment is performed in step S802.

  On the other hand, when the user wishes to make a payment using the payment medium (yes), the process is branched to step S803, and a trigger is sent to the monitoring camera 102 and the payment information reading device 104 to notify it. In step S804, the collation image for biometric authentication is acquired, and in step S805, the payment information reading device 104 is activated to acquire the payment information, and the payment information is associated with the payment server independently. Send to 106. Further, in Modification 1 in the case where it is desired to register the payment medium from the GUI after the biometric feature amount of the user is provisionally registered (No), the process branches to FIG. 13 via the point G. The process of branching to the point G can guide the selection by presenting options to the user after the user makes a cash settlement.

  In the embodiment shown in FIG. 8, the trigger = notification is described as being sent to the monitoring camera 102, but in the embodiment in which the information processing apparatus 105 acquires the image from the monitoring camera 102 and sends it to the settlement server 106. The one destination of the trigger is the information processing device 105. In either mode, the matching image and the payment information are sent to the payment server 106 as separate packets in the store system in a non-storing, non-processing, and non-passing mode. In steps S806 and S807, the payment server 106 receives the verification image and the payment information, and passes control to the point A, whereby the payment processing using biometric authentication is started.

  FIG. 9 is a flowchart illustrating processing after receiving the matching image and the payment information. The settlement server 106, to which control has been passed from point A in FIG. 8, calculates the feature amount from the matching image, searches the authentication information in the authentication information DB 107 in step S901, and determines the feature amount as the authentication information in step S902. Determine if there is. If the biometric feature amount exists (yes), it is determined in step S903 whether a certain period has elapsed since the previous registration. If the certain period has not elapsed (no), the process branches to step S915, and the payment information is returned. If it is determined that the payment information is registered and it is determined that the payment information exists in step S916 (yes), the process branches to step S906 to notify that the payment information is normal, and in step S907, the biological feature amount is used. Approve the payment. If the payment information is not found in the determination in step S916 (no), the process branches to step S911 to notify that there is no payment information in which the biometric feature amount is registered, and control is passed to step S912. If the biometric feature amount of the authentication information has passed for a certain period (yes), the authentication information DB 107 is updated with the newly obtained biometric feature amount in step S904. After that, the control is passed to step S915, and the processes of steps S916 to S912 are executed. Note that the matching image at the time of payment by the user is an imaging device (for example, a camera with built-in payment terminal, a webcam, or the payment terminal 103) that is provided near the payment terminal 103, such as a cash register device, for capturing the image for verification. It can be acquired by using the surveillance camera 102) which is exclusively used for photographing. The acquired matching image can be used to update the biometric feature amount in the authentication information DB 107.

  If the biometric feature value is not found in step S902 (no), the process branches to step S905 to search for payment information. If the payment information is found in step S914 (yes), the biometric authentication abnormality is notified to the store system in step S910. The settlement terminal 103, which has received the biometrics abnormality notification in step S910, displays the settlement refusal notification on its display screen in step S911. At this point, the payment server 106 searches using the payment information such as the biometric amount and the card number as a search key. For this reason, if the corresponding payment information does not exist, it means unregistered payment information, and if there is payment information associated with the biometric information that cannot be retrieved, it is determined as the payment information of another person, and the payment medium Means unauthorized use of. In this respect, the process for registering the biometric feature amount differs from the process when the biometric feature amount is not found.

  In the case of this mode, there is a possibility that the payment medium in which the biometric feature amount is not registered has been presented. Therefore, when the user requests the presentation of the alternative payment medium in step S912 and the user presents the alternative payment medium ( yes), and transfer control to point D. If the user does not present the alternative payment medium (no), the biometric authentication is unsuccessful, and the process ends in step S913.

  On the other hand, when there is no payment information in step S914 (no), the store system receives a notification that the biometric authentication information is unregistered in step S908, and registers the biometric authentication with the user in step S909. After confirming whether or not to carry out, the control is passed to the point C.

<Biometrics information and new user registration>
FIG. 10 is a flowchart of the process on the side of the store to which the control is passed from step S909 of FIG. The process of FIG. 10 starts at point C with control passed from step S909. In step S1001, acquisition of consent information by the user is displayed on the display screen of a touch panel display connected to the information processing device 105 or the payment terminal 103, and the user is requested to input the consent information. In step S1004, it is determined whether or not the user's consent is obtained, and if the user's consent is obtained (yes), the agreement information is sent to the settlement server 106 in step S1005.

  When the settlement server 106 receives the consent information, since the biometric feature quantity of the user is already stored as the temporary collation information, the settlement server 106 stores the biometric information of the user in the authentication information DB 107 shown in FIG. 6B in step S1009. The feature amount is updated as the latest written information, and in step S1006, the store system is notified of the completion of registration of the biometric authentication information, and the temporary ID is returned, that is, the temporary ID is invalidated.

  When the user accesses the settlement server 106 for the first time, since the user authentication information is not registered in the authentication information DB 107 of FIG. 6B, a new record is added to FIG. 6B. In addition, the biometric feature quantity of a new user is added.

  At this stage, since the user's payment medium information has not been sent, the data structure in FIGS. 6B and 6C still has a void part. Therefore, the payment server 106 thereafter prompts the user to input the personal identification number in step S1007, requests the complementation of the settlement information, and when the personal identification number is valid, executes the normal settlement in step S1008. Complete the process. After that, a new record is added to the payment information DB 108, and the payment information of the user is entered in the new record, whereby the new user registration process of the payment server 106 is completed.

  The process of step S1007 is a process of confirming that the user who has used the payment medium at that time is an authorized owner of the payment medium. If this process fails, a process of deleting the authentication information and the biometric feature amount registered in step S1009 can be adopted in order to prevent the unauthorized use.

  Further, as a second modification of the present embodiment, there is provided a process in which the user who has completed the input of the personal identification number and normally makes a payment is offline and registers the payment using the biometric authentication. The second modification can be implemented by passing control from step S1007 to the process of FIG. 14 via point H.

  On the other hand, if the user's consent is not obtained in step S1004 (no), a notification indicating that biometric authentication is not registered is displayed in step S1002, and normal settlement without using biometric feature values, such as password input or Perform payment by signature.

<Use of users who do not carry cards>
An embodiment in which a user who is already registered in the biometric authentication system makes a payment without carrying a card will be described below with reference to FIGS. 11 and 12. Note that in the embodiment of FIG. 11, the surveillance camera 102 once sends image information to the information processing apparatus 105, and, for example, the information processing apparatus 105 selects I pictures from the image information at regular intervals to create a snapshot, In this embodiment, the snapshot is sent to the payment server 106. When this configuration is adopted, the transaction band between the information processing device 105 and the payment server 106 can be saved, and the calculation and verification processing of the biometric feature amount by the payment server 106 can be made more efficient.

The process of FIG. 11 is started in step S1100 by notifying the store clerk that the user has forgotten the payment medium, causing the store clerk to notify the settlement start, and causing the settlement terminal 103 to generate the trigger described in FIG. It In step S1102, the image information including the authentication site from the surveillance camera 102 sent to the information processing apparatus 105 in step S1101 is received. It is needless to say that this process is performed as part of the monitoring function of the monitoring camera 102, and the moving image information acquired by the monitoring camera 102 is stored in an appropriate storage device managed by the information processing device 105 or the like. That's a good thing.
Further, in the present embodiment, since the store clerk confirms that the user is a living body, it is possible to prevent unauthorized use that attacks the vulnerability of the system with an image displayed on the tablet.

  When the information processing apparatus 105 acquires moving image information such as MP4, AVI, and Moving JPEG, it creates snapshots at regular intervals, for example, and sends it to the settlement server 106 as biometric information. The payment server 106 receives the biometric information in step S1103 and calculates the biometric feature amount. In the present embodiment, this processing is sent as a still image, so that the payment server 106 can omit the decoding processing and can significantly reduce the image processing load.

  In the process of FIG. 11 as well, the payment terminal 103 sends a synchronized trigger to the information processing device 105 and the payment information reading device 104 to notify the information processing device 105 and the payment information reading device 104, and secures the coincidence between the biometric information and the payment information. Needless to say. Also, in the process of FIG. 11, the temporary inquiry process is executed, but it is not shown in the flowchart for simplification of description.

  In step S1104, the biometric feature amount is searched, and in step S1105, it is determined whether the biometric feature amount is held. If the payment information is present in step S1105 (yes), it is determined in step S1106 whether the payment information is present, the registered payment information is sent to the store system, and in step S1112, the appropriate means of the store system is set. , Receive registration payment information. In step S1113, the store-side system displays the registered settlement information managed by the settlement server 106 in association with the biometric feature amount on a display device such as a touch panel. In step S1105, if there is no biometric feature quantity (no), the store side is notified of the registration information abnormality in step S1109, and the store side system displays settlement refusal on the display screen in step S1110 and ends the settlement. Then, in step S1111 the transaction of the user is completed. The registered payment information that is actually displayed is not the payment information itself, but information that can identify the user's card type and partially confidential or encrypted information that can inquire the identification number of the actual authentication medium such as the card. Thus, the information that enables the inquiry to the settlement server 108 can be obtained.

  After that, in response to the user's selection operation in step S1114, registered payment information is acquired in the store system in step S1114 and sent to the payment server 106 in step S1115. The payment server 106 that has received the registered payment information passes the processing to the point E.

  On the other hand, if the payment information does not exist in step S1107 (no), a notification is issued to the store system as a registration information error. When the store system receives the registration information abnormality in step S1109, the store system displays settlement refusal on the display screen in step S1110 to end the settlement, and in step S1111 ends the transaction of the user. Therefore, it is possible to prevent unauthorized use using biometrics. In addition, even when the user has a plurality of payment media, it is possible to securely prompt the user to select the card regardless of whether the card is not carried. Further, in the present embodiment, the settlement information cannot be retrieved unless the biometric feature value is registered, so that an abnormality is notified, and the settlement information is deleted on the system side for some reason or the expiration date has passed. For example, due to the above reasons, the mode in which the abnormality is notified in the search of the payment information is also notified as the abnormality.

  FIG. 12 is a flowchart of processing subsequent to point E in FIG. The process of FIG. 12 is passed from the point E of FIG. 11, and the payment information DB 108 is searched for the detailed information of the registered payment information in step S1201. In step S1202, the credit determination and balance determination regarding the retrieved payment medium are executed by inquiring to another credit center, for example, and it is determined in step S1213 whether or not the credit determination is normal. The determination in step S1213 Is normal (yes), the normal settlement of the store system is notified.

  Upon receipt of the payment success notification, the store system completes the normal payment in step S1215 using the payment medium selected by the user. Note that the processing of credit determination and balance determination is not the gist of the present invention, and thus detailed description will not be given.

  On the other hand, in step S1213, when the credit and balance judgments are not normal (no), the settlement error is notified to the store system. Upon receipt of the settlement abnormality in step S1216, the store system displays settlement refusal on the display device, for example, in step S1217 to notify the user that the selected registration information cannot be used, and in step S1218, selects alternative settlement information. Encourage.

  If the user selects end without selecting alternative payment information in step S1218, the process ends in step S1219. On the other hand, when the user selects the alternative payment information in step S1218, the (yes) process is transferred from point F to step S1113 in FIG. 11 to enable the selection of the alternative payment information.

  According to the above processing, even if the user does not have a card, it is possible to select an available card and use the biometric authentication to make a secure cashless payment.

<Modification 1>
Modification 1 is a modification in which a user newly registers a payment medium. FIG. 13 is a flowchart showing the process of the first modification of the present embodiment. The process shown in FIG. 13 is a modified example in the case of performing payment using a payment medium in step S802 of FIG. The process of FIG. 13 is started by passing control from point G of FIG. 8, confirming the registration of the biospecific value in step S1301, and asking the user whether to agree to the registration of the biospecific value in step S1302. Inquire.

  As a result of the inquiry, when the user agrees to the registration of the biospecific value, the user is prompted to input the personal identification number in step S1303, and at the same time, the information processing device 15 uses the video information sent from the surveillance camera 102. The collation image including the biometric authentication part of the person is generated, and the personal identification number, the collation image, and the settlement server 106 are transmitted in step S1304. The payment server 106 calculates the biometric unique value from the received matching image, updates the temporary matching information in step S1308, and notifies the store-side system of the completion of temporary registration. Upon receiving the provisional registration completion notice in step S1305, the store system outputs the information included in the provisional registration completion notice to the receipt and ends the process.

  A QR code (registered trademark) or other two-dimensional bar code for guiding to the URL for main registration is printed on the receipt, and the user can change the URL to the URL within a certain period after printing, for example, within 3 days. By accessing and entering the password, main registration is possible. Since the password of the payment medium is set in the URL, the main registration cannot be performed even if another person picks it up and accesses it. Through the above processing, it becomes possible to register another payment medium held by the user in association with the biometric information.

<Modification 2>
Modification 2 is a modification in which the user additionally registers another payment medium. The process of FIG. 14 is started after the control is passed from the point H of FIG. 10, and the personal identification number and the biometric information are sent to the settlement server 106 in step S1401. Note that, at this time, it is the same in that the image including the biometric authentication part acquired by the monitoring camera 102 or the collation image generated from the image is sent to the settlement server 106. When the settlement server 106 receives the personal identification number and the collation image, the settlement server 106 calculates the biometric unique value and compares it with the temporary collation information to identify the user, and in step S1404, registers the user information in the settlement server 106. , Notify the store system. The store system receives the user registration completion notification in step S1402, prints the information on a receipt, and outputs the receipt.

  A QR code (registered trademark) or other two-dimensional bar code for guiding to the URL for main registration is printed on the receipt, and the user can change the URL to the URL within a certain period after printing, for example, within 3 days. By accessing and entering the password, main registration is possible. Since the password of the payment medium is set in the URL, the main registration cannot be performed even if another person picks it up and accesses it. Through the above processing, it becomes possible to register another payment medium held by the user in association with the biometric information.

  FIG. 15 shows a graphical user interface (GUI) that is displayed on the display device of a personal computer, a tablet terminal or a smart phone in Modification 1 and Modification 2 when a user newly registers a payment medium in the present embodiment. Show. FIG. 15A is an input screen, and FIG. 15B is an exemplary warning message. When the user desires to use the biometric information in association with the payment medium, various information is input from the GUI of FIG. 15A, and the registration is instructed from the “registration” button. The biometric authentication information is registered in association with each other, and the payment using the biometric authentication is possible at the store or all the stores where the system of the present embodiment is introduced.

  FIG. 15B is a warning screen displayed when the user requests the registration process from the GUI of FIG. 15A and inputs a password of another payment medium. In this case, the payment medium registration process can be ended, the GUI of FIG. 15 can be newly displayed, and the process can be repeated.

  FIG. 16 is another embodiment of the GUI displayed on the display device of a personal computer, a tablet, or a smart phone when the user wants to confirm the payment medium or newly registers a card as the payment medium. FIG. 16A is displayed, for example, when registration is performed from the receipts of the modified example 1 and the modified example 2, and the GUI of FIG. 16B is displayed when the user inputs the mail address and password registered in advance. It is displayed that the user can browse the card list or add new payment medium information such as card information.

  FIG. 17 shows an embodiment of the GUI displayed when registering a new card in FIG. 17A is a GUI for displaying a card list, and FIG. 17B is a GUI for newly registering a card. When the user selects card information registration in FIG. 16B, the GUI shown in FIG. 17A is displayed. When the user clicks edit, the card information can be edited, and when "Add" is selected, the GUI of FIG. 17B is displayed to the user. The user inputs information such as a credit card, debit card, and money card that he / she wants to newly register from the GUI of FIG. 17 (b), and selects “Register” after input, and the card is newly registered with biometric authentication information. It

  FIG. 18: is a figure which shows 1800 of the biometrics system of the 2nd aspect in a preferable embodiment. The biometric authentication system 1800 shown in FIG. 18 is configured to include the same functional means as the embodiment shown in FIG. 1, and the processing of the store side system and the processing of the settlement server 106 are the same as those of the first embodiment shown in FIG. It is similar to the form.

  In the system of FIG. 18, in order to further improve the security of payment information such as card information, a VPN (Virtual Private Network) is used for the communication connection between the payment information reading device 104 and the payment server 106. I'm building. In the embodiment of FIG. 1, the VLAN is used to cut off the network connection, but the VLAN settings can be relatively flexibly changed, so that the VLANs can be connected to each other due to inconvenience during maintenance or the like. Cannot be denied. For this reason, in the system of FIG. 18, two types of routers 109 and 111 are installed on the store side so that VPN communication is performed between the payment information reading device 104 and the payment server 106, and complete communication with other in-store devices. Communication is cut off. In the third embodiment, the payment information reading means 104 and the payment server 106 are connected to each other in a wireless communication network such as WiFi, 4G, or 5G to eliminate theft due to unauthorized interception of information in the wireless communication network. As long as it is possible, it can be used in this embodiment.

  Even in this case, a synchronized trigger is sent to the information processing device 105, the monitoring camera 102, and the payment information reading device 104 at the same time as the payment is started, so that the coincidence between the payment process and the biometric authentication information is secured. ing. The first embodiment and the second embodiment can be appropriately selected according to the demands of the system and the store while considering the cost and security.

  FIG. 19 is a diagram showing exemplary functional blocks of the information processing device 1900 that can be used in this embodiment. Note that the information processing apparatus 1900 shown in FIG. 10 can be speeded up, slowed down, increased in capacity, or decreased in capacity depending on the function of the information processing apparatus, and the HDD apparatus is appropriately replaced with SSD or HDD and SSD. It goes without saying that and can be used together. Further, by deleting or adding the functional part required for the processing, the configuration can be modified so as to be compatible with the information processing device 105, the payment terminal 103, the payment information reading device 104, and the payment server 106 of the present embodiment.

  As the information processing apparatus 1900, a personal computer, a workstation, a server-dedicated machine, a general-purpose supercomputer, or the like can be used. The information processing apparatus 1900 generally includes a central processing unit (CPU) 1901, a cache memory 1902 that enables high-speed access of data used by the CPU 1901, and a solid-state memory device such as RAM or DRAM that enables the processing of the CPU 1901. And a system memory 1903 formed from

  The CUP 1901, the cache memory 1902, and the system memory 1903 are connected to other devices or drivers of the information processing device 1900, for example, the graphics adapter 1906 and the network adapter (NIC) 1908 via the system bus 1919. It is connected. The graphics adapter 1906 is connected to the display device 1907 via the bus and displays the processing result by the CPU 1901 on the display screen. Further, the network adapter 1908 connects the information processing apparatus 1900 to the network at the transport layer level and the physical layer level and establishes a session with a client (not shown).

  An I / O bus bridge 1906 is further connected to the system bus 1919. A storage device 1909 such as a hard disk is connected to the downstream side of the I / O bus bridge 1906 via an I / O bus 1912 such as PCI by IDE, ATA, ATAPI, SATA, SCSI, USB, or the like. . Further, an input device 1910 such as a pointing device such as a keyboard and a mouse is connected to the I / O bus 1912 via a bus such as a USB and receives an input and a command from an operator such as a system administrator.

  More specifically, examples of the CPU used by the information processing apparatus 10 include Core2Quad (registered trademark), Core (registered trademark) i3 to i9, Xeon (registered trademark), and CPUs compatible with these. be able to.

  The operating system (OS) used is MacOS (trademark), Windows (registered trademark), Windows (registered trademark) 200X Server, UNIX (registered trademark), AIX (registered trademark), LINUX (registered trademark), or Other suitable OS can be mentioned. Further, the information processing apparatus 10 stores an application program that operates on the above-described OS and is described in an object-oriented programming language such as C ++, Visual C ++, VisualBasic, Java (registered trademark), Perl, or Ruby, Run.

According to a preferred embodiment of the present invention, which has been made in view of the above-mentioned problems of the prior art, it is possible to improve the security of cash cards, credit cards, and other cashless payments, and use biometric authentication more easily. It is possible to provide a biometric authentication system, an information processing device, and a program that enable the above. further,
In a preferred embodiment of the present invention, for example, even if a cash card or a credit card is illegally acquired and the password is asked, the biometric authentication is performed without being recognized by the party who illegally uses the malicious code. It is possible to prevent illegal use by a certain user. In addition, malicious users can be clearly identified and prompt notification can be made, which is effective in preventing crime.

  Although the present invention has been described above with reference to the embodiments illustrated in the drawings, the present invention is not limited to the embodiments illustrated in the drawings, and a person skilled in the art can think of other embodiments, additions, changes, deletions, and the like. The present invention can be modified within the scope of the present invention, and is included in the scope of the present invention as long as the effects and advantages of the present invention are exhibited in any of the aspects.

100: Biometric authentication system 101: Network 102: Surveillance camera 103: Payment terminal 104: Payment information reading device 105: Information processing device 106: Payment server 109, 111: Router 110: Signal line 200: Functional block 202: Interface 203: Authentication Information sending unit 204: Device control unit 205: Synchronization control unit 300: Functional block 302: Interface 303: Display control unit 304: Input control unit 305: Payment processing unit 400: Functional block 401: Payment information reading unit 402: Interface 500: Function block 502: Interface 503: Biometric information processing unit 504: Biometric information registration unit 505: Consent information processing unit 506: Biometric information collation unit 507: Collation result output unit 508: Payment information management unit 509: Approval information output unit 510: Already result notification unit

According to a preferred embodiment of the invention,
A surveillance camera to monitor the inside of the store,
A payment terminal that makes payment using a payment medium,
A reading unit that reads the payment information recorded on the payment medium, adds a time stamp of payment start as a payment coincidence proof, and generates a second transmission packet including the payment information .
An information processing apparatus that receives a trigger generated in synchronization with the start of payment and acquires a verification image including at least the biometric authentication site of the user acquired by the monitoring camera ,
A time stamp of the payment start at the payment terminal is added to the collation image synchronized with the reading of the payment information to generate a first transmission packet, which is separated from the second transmission packet including the payment information. There is provided a biometric authentication system including a transmission means for separately transmitting to a network.

Further, according to a preferred embodiment of the present invention , the biometric information of the user is remotely acquired by the monitoring camera while entering the store, and the biometric information at the time of payment, the payment medium used at the time of payment, and the user are displayed. It is preferable to register with a payment server for payment .

According to a preferred embodiment of the present invention,
An information processing device for payment using biometric authentication,
A CPU that controls the operation of the information processing device;
A memory that provides a storage space for processing by the CPU,
A storage device that stores a program executed by the CPU, data for processing, and an execution result,
A means for receiving a trigger generated in synchronization with the start of payment and acquiring a matching image including at least the biometric authentication part of the user acquired by the monitoring camera ;
The payment terminal settlement start timestamp acquired in synchronization with the start settlement performs settlement using the settlement medium, received as coincidence proof of payment, to add to the coincidence proof of the payment start the verification image Means and
Including,
A first transmission packet including the verification image and the time stamp as the coincidence proof is generated, and payment information including the payment start time stamp as the payment coincidence proof is generated, and a reading device for reading the payment information is generated. Separated from the second transmission packet and sent separately to the network,
An information processing device can be provided.

According to a preferred embodiment of the present invention, a program executed by an information processing device for payment using biometrics authentication, wherein the program comprises:
Means for receiving a trigger generated in synchronization with the start of payment and acquiring a matching image including at least the biometric authentication part of the user acquired by the monitoring camera ;
The payment terminal settlement start timestamp acquired in synchronization with the start settlement performs settlement using the settlement medium, received as coincidence proof of payment, to add to the coincidence proof of the payment start the verification image Means and
Including,
A first transmission packet including the verification image and the time stamp as the coincidence proof is generated, and payment information including the payment start time stamp as the payment coincidence proof is generated, and a reading device for reading the payment information is generated. Separated from the second transmission packet and sent separately to the network,
A program capable of executing information processing can be provided.

Claims (6)

A biometric authentication system using biometric authentication,
A surveillance camera to monitor the inside of the store,
A payment terminal that makes payment using a payment medium,
Reading means for reading the payment information recorded on the payment medium;
The identification of the matching image including the biometric authentication part of the user and the reading of the payment information are synchronized, and at least the image information acquired by the surveillance camera and the image information are acquired in synchronization with the reading of the payment information. And a sending unit that sends the matching image separately from the payment information via a network.   The biometric authentication system according to claim 1, wherein the monitoring camera and the payment terminal do not hold, process, or pass the payment information acquired by the reading unit.   3. The sending unit adds a time stamp of payment start at the payment terminal to a first transmission packet including the verification image and a second transmission packet including the payment information as a coincidence proof of payment. The biometric authentication system described in.   The biometrics authentication system according to claim 1, wherein the biometrics information is remotely acquired while entering the store, and the biometrics information and the payment medium are associated and registered at the time of payment. An information processing device for payment using biometric authentication,
A CPU that controls the operation of the information processing device;
A memory that provides a storage space for processing by the CPU,
A storage device that stores a program executed by the CPU, data for processing, and an execution result,
At least image information acquired by the surveillance camera, and means for identifying a matching image that includes the biometric authentication site of the user in synchronization with the start of payment by the payment terminal among the image information,
Notifying the payment start of the payment terminal to a reading unit for reading the payment information recorded on the payment medium and a unit for acquiring the matching image, and providing a coincidence between the payment information and the matching image. Means and
Including,
An information processing device, which attaches a coincidence proof of payment to the collation image and the payment information, separates them, and sends them separately to a network. A program executed by an information processing device for payment using biometrics authentication, wherein the program includes:
At least image information acquired by the surveillance camera, and means for identifying a matching image that includes the biometric authentication part of the user in synchronization with the start of payment of the payment terminal among the image information,
The payment start of the payment terminal is notified to a reading means for reading the payment information recorded on the payment medium and a means for specifying the matching image, and a coincidence between the payment information and the matching image is provided. means,
Function as
A payment coincidence proof is attached to the collation image and the payment information, separated, and separately sent to the network.
Information processing executable program.