JP2021073586A - Authentication program, authentication method and information processing device - Google Patents

Abstract

To enable a user having a right to use a service to easily use the service provided by a service provider.SOLUTION: A user 402 picks up images of a credit card 403 and an identification card 404 submitted to a card issuer by a user terminal 120, and transmits an authentication request containing image data 410 that represents these images to a card issuer server 110. The card issuer server 110 reads a card number of the credit card 403 from the image of the credit card 403 in the image data 410, and obtains identification card data on the user 402 to be stored in association with the card number. Next, the identification card 404 represented by the image data in the authentication request is checked up with the identification card represented by the obtained identification card data on the user 402. When they are consistent with each other, authentication succeeded information is transmitted to the user terminal 120. This enables the user 402 to use the service for card members.SELECTED DRAWING: Figure 4A

Description

The present invention relates to an authentication program, an authentication method, and an information processing device that assist a user who has the right to receive a service provided by a service provider to use the service.

Conventionally, for example, a card company that issues a credit card provides a service for card members that allows the card member to check the usage details of the credit card via the Internet. For example, a cardholder can access the website for cardholders prepared by the card company, enter the user ID and password issued by the card company, and be authenticated as the cardholder. It is possible to use such a service.

In the prior art, the financial institution server states that the customer plans to withdraw the account balance and the card on the service page for customers in Internet banking based on the account balance and the withdrawal schedule information for each customer who is a credit card user. There is a technique for generating a card withdrawal schedule screen that can also be confirmed (see, for example, Patent Document 1 below).

Japanese Unexamined Patent Publication No. 2004-102787

In the prior art, there is a problem that a service provided by a service provider to a specific user cannot be easily used even by a user who has the right to receive the service. For example, as described above, in the prior art, in order to use such a service, a user ID and a password are input to authenticate the cardholder. However, for example, for the elderly, the act of inputting a user ID or password, which is a list of alphabets and numbers, is a complicated and difficult task and cannot be easily performed. Therefore, in the prior art, even if the service provider provides the service, the service may not be effectively used, and the provision of the service may not lead to the improvement of customer satisfaction with the service provider.

An object of the present invention is to provide an authentication program, an authentication method, and an information processing device that allow a user who has the right to receive a service to easily use the service in order to solve the problems caused by the above-mentioned prior art. To do.

In order to solve the above-mentioned problems and achieve the object, the authentication program according to the present invention authenticates the first computer provided with the imaging device by providing an activation instruction button for receiving an operation instructing the activation of the imaging device. When the display screen that accepts the input of information related to the request is displayed and the operation for the activation instruction button is accepted, the imaging device is activated, the image data captured by the imaging device is acquired, and the acquired image data is acquired. The authentication request including the above is transmitted to a second computer that performs authentication based on the authentication request, and the process is executed.

Further, in the authentication method according to the present invention, a first computer provided with an imaging device is provided with an activation instruction button for receiving an operation instructing the activation of the imaging device to display a display screen for receiving input of information related to an authentication request. When the operation for the activation instruction button is received, the imaging device is activated, the image data captured by the imaging device is acquired, and the authentication request including the acquired image data is converted into the authentication request. It is characterized by performing a process of sending to a second computer that performs based authentication.

Further, the information processing apparatus according to the present invention is provided with an imaging device and an activation instruction button for receiving an operation instructing the activation of the imaging device to display a display screen for receiving input of information related to an authentication request, and displays the activation instruction. A computer that activates the image pickup device when an operation for a button is received, acquires image data captured by the image pickup device, and authenticates the authentication request including the acquired image data based on the authentication request. It is characterized by having a control unit for transmitting information to the computer.

According to the present invention, there is an effect that a user who has the right to receive the service can easily use the service.

FIG. 1 is a diagram showing an example of a system configuration of a service use support system according to the present embodiment. FIG. 2 is a block diagram showing an example of the hardware configuration of the computer that realizes the card company server according to the present embodiment. FIG. 3 is a block diagram showing an example of the hardware configuration of the computer that realizes the user terminal according to the present embodiment. FIG. 4A is a diagram showing an example of the first authentication method performed by the card company server of the present embodiment. FIG. 4B is a diagram showing an example of the second authentication method performed by the card company server of the present embodiment. FIG. 4C is a diagram showing an example of a third authentication method performed by the card company server of the present embodiment. FIG. 5 is a diagram showing an example of the cardholder information DB according to the present embodiment. FIG. 6 is a block diagram showing an example of the functional configuration of the card company server according to the present embodiment. FIG. 7 is a diagram showing an example of a start screen displayed by the user terminal according to the present embodiment. FIG. 8 is a diagram showing an example of a shooting screen displayed by the user terminal according to the present embodiment. FIG. 9 is a diagram showing an example of a category selection screen displayed by the user terminal of the present embodiment. FIG. 10 is a diagram showing an example of a menu screen displayed by the user terminal according to the present embodiment. FIG. 11 is a diagram showing an example of an authentication failure notification screen displayed by the user terminal according to the present embodiment. FIG. 12 is a diagram showing an example of an authentication image selection screen displayed by the user terminal of the present embodiment. FIG. 13 is a flowchart showing an example of the authentication request transmission process performed by the user terminal of the present embodiment. FIG. 14 is a flowchart showing an example of authentication success / failure information reception processing performed by the user terminal of the present embodiment. FIG. 15A is a flowchart (No. 1) showing an example of the authentication process performed by the card company server of the present embodiment. FIG. 15B is a flowchart (No. 2) showing an example of the authentication process performed by the card company server of the present embodiment. FIG. 15C is a flowchart (No. 3) showing an example of the authentication process performed by the card company server of the present embodiment.

Hereinafter, embodiments of the authentication program, authentication method, and information processing apparatus according to the present invention will be described in detail with reference to the attached drawings.

(Example of system configuration of service usage support system)
FIG. 1 is a diagram showing an example of a system configuration of a service use support system according to the present embodiment. In FIG. 1, the service use support system 100 includes a card company server 110 and a user terminal 120. In the service use support system 100, the card company server 110 and the user terminal 120 are communicably connected via the network 130. The network 130 is, for example, the Internet. The network 130 is not limited to the Internet, and may be a WAN (Wide Area Network), a LAN (Local Area Network), Wi-Fi (registered trademark), a mobile communication network, or the like.

The card company server 110 is an example of an information processing device according to the present invention. The card company server 110 is, for example, a server (computer) managed by a card company that issues a credit card used in a card payment system. A credit card is formed, for example, by printing or engraving the card number, expiration date, etc. of the credit card on a plastic plate of a predetermined size. Further, the credit card is provided with a storage medium in which information indicating the card number of the credit card and the like are stored. As this storage medium, an IC (Integrated Circuit) chip, a magnetic stripe, or the like is used.

The card number of a credit card is, for example, a multi-digit number (for example, 6 digits) that identifies the issuing card company and a plurality of digits (for example, 10) uniquely assigned to the credit card by the issuing card company. It is composed of digits) and numbers. As a result, the card number becomes a unique number for each credit card. A credit card is an example of a membership card according to the present invention, and a card number is an example of user identification information and a card identification information according to the present invention.

The card company server 110 has, for example, a storage unit 111. The storage unit 111 stores cardholder information and the like regarding a cardholder (card holder) who owns a credit card issued by a card company. The cardholder information will be described later with reference to FIG.

Further, the card company server 110 includes a communication unit. Through this communication unit, the card company server 110 can communicate with the user terminal 120. The card company server 110 is realized by a server computer, a workstation, a personal computer, or the like.

The card company provides a service for card members that allows the card member to check the usage details of the credit card, for example, by using a web page for the card member provided on the card company server 110. In addition, card companies distribute applications for card members to access web pages for card members (hereinafter referred to as "card member apps"). A card company is an example of a service provider according to the present invention. The service for cardholders is an example of a service provided by the service provider according to the present invention.

In this embodiment, an example in which the storage unit 111 is provided on the card company server 110 will be described, but the storage unit 111 may be provided outside the card company server 110. In this case, the storage unit 111 can be realized by a storage device that the card company server 110 can access via the network 130.

The user terminal 120 is a terminal (computer) used by the user. The user is, for example, a user who has the right to use the service for card members provided by the card company, that is, a card member. For example, the above-mentioned cardholder application is installed on the user terminal 120.

The user terminal 120 includes an input device that accepts input of various information. The input device of the user terminal 120 is, for example, a touch panel that accepts operations from the user. Further, the user terminal 120 includes an output device that outputs various information. The output device of the user terminal 120 is, for example, a display that displays various types of information.

Further, the user terminal 120 includes, for example, an imaging device that images an imaging target in response to an operation from the user. This imaging device is, for example, a camera. Further, the user terminal 120 includes a communication unit. Through this communication unit, the user terminal 120 can communicate with the card company server 110. The user terminal 120 is realized by a smartphone, a tablet terminal, a personal computer, or the like.

(An example of the hardware configuration of a computer that realizes the card company server 110)
FIG. 2 is a block diagram showing an example of the hardware configuration of the computer that realizes the card company server according to the present embodiment. In FIG. 2, the computer that realizes the card company server 110 includes a CPU (Central Processing Unit) 201, a memory 202, and a communication IF (Interface) 203. The CPU 201, the memory 202, and the communication IF 203 are connected by the bus 210.

The CPU 201 controls the entire computer that realizes the card company server 110. The memory 202 is used as a work area of the CPU 201, and stores various programs such as a boot program and various data used by these programs. For example, the memory 202 stores a cardholder information DB, which will be described later.

The memory 202 is realized by various memory devices (circuits) such as ROM (Read-Only Memory), RAM (Random Access Memory), HDD (Hard Disk Drive), HD (Hard Disk), SSD (Solid State Drive), and the like. can do.

The communication IF 203 is connected to the network 130 and controls an interface between the inside of the computer that realizes the card company server 110 and the outside of the computer. Specifically, the communication IF 203 controls the input / output of data between the computer that realizes the card company server 110 and another computer (for example, the user terminal 120).

(An example of the hardware configuration of a computer that realizes the user terminal 120)
FIG. 3 is a block diagram showing an example of the hardware configuration of the computer that realizes the user terminal according to the present embodiment. In FIG. 3, the computer that realizes the user terminal 120 includes a CPU 301, a memory 302, an output device 303, an input device 304, and a communication IF 305. The CPU 301, the memory 302, the output device 303, the input device 304, and the communication IF 305 are connected by the bus 310.

The CPU 301 controls the entire computer that realizes the user terminal 120. The memory 302 is used as a work area of the CPU 301, and stores various programs such as a boot program and various data used by these programs. The memory 302 can be realized by various memory devices (circuits) such as ROM, RAM, SSD, HDD and HD.

The output device 303 is, for example, a liquid crystal display or an organic EL (Electro-Luminescence) display that displays characters, images, and the like. The input device 304 includes keys for inputting characters, numerical values, various instructions, and the like, and inputs data. The input device 304 is, for example, a touch panel. Further, for example, when the computer that realizes the user terminal 120 is a personal computer, the input device 304 may be a keyboard, a mouse, a numeric keypad, or the like. The input device 304 outputs a signal corresponding to the input operation to the input device 304 to the CPU 301.

Further, the computer that realizes the user terminal 120 has a camera as an input device 304. The camera, for example, is controlled by the CPU 301 to take an image of an imaging target, generate image data, and output the generated image data to the CPU 301. Further, the camera may convert characters captured by using a barcode, an OCR function, or the like into data and output the characters to the CPU 301.

Further, for example, when the computer that realizes the user terminal 120 is a personal computer, the input device 304 may be a scanner that reads characters, images, and the like. Further, the input device 304 may include a microphone for inputting voice or the like. The microphone converts the speaker's voice input as analog data into analog / digital to generate digital format audio data, and outputs the generated audio data to the CPU 301.

The communication IF 305 is connected to the network 130 and controls an interface between the inside of the computer that realizes the user terminal 120 and the outside of the computer. Specifically, the communication IF 305 controls the input / output of data between the computer that realizes the user terminal 120 and another computer (for example, the card company server 110). Further, the communication IF305 may be connected to a telephone line network and used for voice communication.

(Example of authentication method performed by the card company server 110)
Next, an example of the authentication method performed by the card company server 110 will be described. FIG. 4A is a diagram showing an example of the first authentication method performed by the card company server of the present embodiment. In FIG. 4A, the user 402 who wishes to issue a credit card of the card company 401 applies for membership to the card company 401 (see FIG. 4A (1)).

At the time of application for membership, the user 402 declares his / her name, contact information, income, etc. to the card company 401 and submits (a copy of) the identification card to the card company 401. The identification card submitted by the user 402 is an identification card of a type specified in advance by the card company 401, and the card company 401 knows the external features (for example, shape, pattern, and color) in advance. It is a certificate. The identification card submitted by the user 402 is, for example, a driver's license or an Individual Number Card.

The card company 401 examines whether or not to issue a credit card to the user 402 in response to the membership application from the user 402. In the example described here, it is assumed that the card company 401 determines as a result of the examination that it issues a credit card to the user 402. In this case, the card company 401 associates the card information of the credit card 403 issued to the user 402 with the user information of the user 402 and the identification card data related to the identification card submitted by the user 402. The cardholder information is registered in the card company server 110 (storage unit 111) (see FIG. 4A (2)).

Here, the card information is, for example, information indicating the card number and the expiration date of the credit card 403. The user information is, for example, information indicating the name and contact information of the user 402. The ID card data is, for example, information obtained by image analysis of an ID card image representing the ID card submitted by the user 402. Specifically, for example, the identification card data is information indicating the feature points of the identification card image. Further, the identification card data may be image data of the identification card image.

Then, the card company 401 ships the credit card 403 to the user 402 (see FIG. 4A (3)). As a result, the user 402 becomes a card member of the card company 401 and has the right to receive the service for the card member provided by the card company 401. After receiving the credit card 403, the user 402 accesses the web page for card members provided on the card company server 110 by receiving the authentication by the following first authentication method to the third authentication method, for example, and the card. It will be possible to use services for members.

(1st authentication method)
First, the first authentication method will be described. The first authentication method is an authentication method using an identification card submitted by the credit card 403 and the user 402 to the card company 401. When receiving the authentication by the first authentication method, the user 402 activates the card member application installed on the user terminal 120, and photographs the credit card 403 and the identification card 404 with the camera of the user terminal 120. The identification card 404 is an identification card submitted by the user 402 to the card company 401 at the time of application for membership, and is, for example, a driver's license of the user 402.

In this case, the user terminal 120 transmits the first authentication request including the image data obtained by the above shooting to the card company server 110 (see FIG. 4A (4)). In the example described here, it is assumed that the user 402 takes a picture of the credit card 403 and the identification card 404 side by side at the same time. In this case, the user terminal 120 transmits the first authentication request including the image data 410 representing the image in which the credit card 403 and the identification card 404 are arranged to the card company server 110.

In this case, the card company server 110 detects a credit card image representing a credit card and an identification card image representing a predetermined identification card from the image represented by the image data included in the received first authentication request (FIG. 4A). See (5)). The predetermined identification card is an identification card of a type specified by the card company 401, and is an identification card whose appearance characteristics are grasped in advance by the card company 401. An example of a method for detecting a credit card image and an identification card image will be described later.

In the example described here, the image represented by the image data 410 includes an image of a credit card 403 and an identification card 404. Therefore, the card company server 110 detects the credit card image and the identification card image from the image represented by the image data included in the received first authentication request.

When the credit card image and the identification card image are detected in this way, the card company server 110 acquires the card number written on the credit card from the detected credit card image (see FIG. 4A (6)). In the example described here, the card company server 110 acquires the card number of the credit card 403 by reading the card number written on the credit card 403 from the image of the credit card 403. As a result, the card company server 110 can acquire the card number of the credit card 403. At this time, the card company server 110 may also read the expiration date and the name written on the credit card 403 from the image of the credit card 403.

Then, the card company server 110 uses the card number acquired in FIG. 4A (6) as a search key to search the cardholder information including this card number from the storage unit 111 (FIG. 4A (7)). In the example described here, since the card company server 110 has acquired the card number of the credit card 403, the card member information including the card number of the credit card 403 is searched. As a result, the card company server 110 can search the card member information of the user 402.

Further, when the expiration date and the like are also read in FIG. 4A (6), in FIG. 4A (7), the cardholder information is searched by using the combination of the read card number and the expiration date as a search key. You can do it. In this way, the card company server 110 can prevent, for example, from succeeding in the authentication by the first authentication method based on the credit card image of the expired credit card.

When the card member information is searched, the card company server 110 determines the identity indicated by the ID card data based on the ID card data of the card member information and the ID card image detected in FIG. 4A (5). Check whether the certificate and the ID card represented by the detected ID card image are the same (see FIG. 4A (8)). An example of this collation method will be described later. In the example of FIG. 4A, both the identification card shown by the identification card data and the detected identification card image are for the same identification card 404. Therefore, the card company server 110 has the same identification card as a result of verification. Judge that it is a book.

When it is determined that the identification cards are the same in this way, the card company server 110 transmits the authentication success information that enables the use of the service for the card member of the user 402 to the user terminal 120 (see FIG. 4A (9)). ). As a result, the user 402 can use the service for card members.

On the other hand, if the cardholder information is not searched in FIG. 4A (7), or if it is determined in FIG. 4A (8) that the identification cards are not the same, the card company server 110 does not send the authentication success information. For example, the authentication failure information indicating that the authentication has failed is transmitted to the user terminal 120. In this case, if the user 402 wants to use the service for card members, he / she needs to be authenticated by the first authentication method again or be authenticated by another authentication method.

As described above, according to the first authentication method, the user 402 photographs the credit card 403 and the identification card 404 by the user terminal 120, and makes a first authentication request including these image data to the card company. By transmitting to the server 110, it becomes possible to use the service for card members. That is, for example, the user 402 registers the user terminal 120 in the card company server 110 prior to receiving the authentication by the first authentication method, or inputs the user ID and password when receiving the authentication by the first authentication method. Even if you do not do this, you can use the service for cardholders by authenticating with the first authentication method.

As a result, the card company server 110 can simplify the user 402 to use the service for the card member, and can promote the use of the service for the card member of the user 402. Therefore, the card company 401 can improve the convenience of the user 402 by the service for the card member and improve the customer satisfaction of the user 402 with respect to the card company 401.

Further, the card company server 110 includes, for example, a user terminal 120 used for the previous first authentication and a user terminal 120 used for the current first authentication for the user 402 to use the service for card members. If they are different, the cardholder information of the user 402 may be referred to and the contact information of the user 402 may be notified to that effect (for example, a message such as "there was a login from a different terminal").

Further, when the user terminal 120 used for the previous first authentication and the user terminal 120 used for the first authentication this time are different from each other, the card company server 110 tells the card company to that effect. The employee may be notified, and the employee of the card company may notify the user 402 by a letter or the like. For example, if the user terminal 120 transmits the first authentication request including the terminal identification information of the own terminal to the card company server 110, the card company server 110 receives the terminal identification information of the first authentication request. It becomes possible to detect that the user terminals 120 used for the first authentication are different. The terminal specific information will be described later.

Further, in the above-described example, the user terminal 120 is provided with an image pickup device such as a camera and transmits an authentication request including image data captured by the image pickup device to the card company server 110, but the present invention is not limited to this. For example, when a digital camera different from the user terminal 120 and the user terminal 120 are connected by short-range wireless communication such as Bluetooth (registered trademark) or Wi-Fi, the digital camera captures an image. Data can be transmitted to the user terminal 120. In this case, the user terminal 120 may transmit the authentication request including the image data received from the digital camera to the card company server 110.

(Second authentication method)
Next, the second authentication method will be described. FIG. 4B is a diagram showing an example of the second authentication method performed by the card company server of the present embodiment. In FIG. 4B, the same parts as those in FIG. 4A are designated by the same reference numerals, and the description thereof will be omitted as appropriate.

The second authentication method is an authentication method using an authentication image preset by the user 402 for the card company server 110. That is, when receiving the second authentication method, the user 402 registers a desired image as an authentication image in the card company server 110 in advance (see FIG. 4B (10)). For example, the user 402 can register a desired image as an authentication image in the card company server 110 by receiving the authentication by the first authentication method described above and using the service for card members. In response to this registration, the card company server 110 stores information including authentication image data related to the authentication image of the user 402 as the card member information of the user 402.

Here, the authentication image data may be, for example, image data representing an authentication image registered by the user 402, or information obtained by image analysis of the authentication image registered by the user 402. There may be. When the information obtained by image analysis of the authentication image is used as the authentication image data, the authentication image data may be, for example, information indicating the feature points of the authentication image. In the example described here, in order to register the image of the favorite pen 405 as the authentication image, the user 402 makes an authentication image registration request including the image data 421 representing the image of the pen 405 taken by the card company server. It is transmitting to 110.

Further, when receiving the authentication by the second authentication method, the user 402 registers, for example, the terminal specific information of the user terminal 120 in the card company server 110 in advance. The terminal identification information is information that identifies the user terminal 120, that is, information that identifies the user 402 who uses the user terminal 120. The terminal specific information is information indicating a telephone number or e-mail address of the user terminal 120, a serial number of the user terminal 120, or the like. Further, the terminal specific information may be information indicating the MAC address of the user terminal 120, information indicating an ID assigned to the cardholder application installed on the user terminal 120, or the like. For example, the user 402 can register the terminal specific information in the card company server 110 by using the service for card members after being authenticated by the first authentication method described above, as in the case of registering the image for authentication. .. In response to this registration, the card company server 110 stores information including the terminal specific information of the user 402 as the card member information of the user 402.

Then, when the user 402 is authenticated by the second authentication method, the card member application installed on the user terminal 120 is activated, and according to the instruction of the card member application, the user 402 is registered in the card company server 110 by the camera of the user terminal 120. Take the same subject as the authentication image.

In this case, when the user terminal 120 receives a shooting instruction (for example, pressing the shutter button) from the user 402 and performs shooting, the user terminal 120 includes the image data obtained by this shooting and the terminal identification information of the own terminal. The authentication request is transmitted to the card company server 110 (see FIG. 4B (11)). In the example described here, it is assumed that the user 402 takes a picture of the pen 405 in the same manner as the authentication image. In this case, the user terminal 120 transmits a second authentication request including the image data 422 representing the image of the pen 405 to the card company server 110.

Further, the user terminal 120 performs predetermined processing on the image data, such as rotating or deforming the image data obtained by the above shooting so that the second collation unit 609, which will be described later, can easily collate the image data. May be good. In this case, the processing content by the user terminal 120 may be appropriately specified by the user, or may be preset for the card member application by the card company or the like.

Further, the user terminal 120 may divide the image data obtained by the above shooting to generate a front view, a side view, an elevation view, and the like. In addition, the user terminal 120 takes a plurality of shots (different angles) with respect to the user 402, for example, "shoot the front", "shoot the side", "shoot the top", and so on. A second authentication request including a plurality of image data obtained by these images may be transmitted by instructing the image to be taken from the image.

In this way, the card company server 110 can register a plurality of images of one subject as authentication images, and uses the plurality of images to collate the authentication images described later. It becomes possible to perform, and it becomes possible to improve the accuracy of the collation.

Further, the user terminal 120 may display an image represented by the image data obtained by the above shooting on the display. At the time of this display, the user terminal 120 directly displays, for example, an image represented by the image data obtained by the above shooting. Further, by causing the card company server 110 to return the image data included in the second authentication request to the user terminal 120, the image represented by the image data may be displayed on the user terminal 120.

As a result, the user can confirm whether the expected image (imaging result) can be obtained from the image displayed on the user terminal 120, and the collation accuracy of the second collation unit 609, which will be described later, is improved. It will also be possible to shoot again. Specifically, for example, when the user thinks that the captured image is dark, he / she can use a light or the like provided in the user terminal 120 to illuminate the subject and then re-photograph the image.

In this case, the card company server 110 uses the terminal identification information included in the received second authentication request as a search key to search the cardholder information including the terminal identification information from the storage unit 111 (see FIG. 4B (12)). ). When the card member information is searched, the card company server 110 acquires the authentication image data of the searched card member information from the storage unit 111. Then, the card company server 110 collates the acquired image data for authentication with the image represented by the image data 422 of the second authentication request to see if they have taken the same subject (FIG. 4B (13). )reference). An example of this collation method will be described later.

In the example of FIG. 4B, both the image shown by the authentication image data and the image represented by the image data 422 of the second authentication request are obtained by photographing the same pen 405, so that the card company server 110 collates. As a result, it is determined that the subject is the same.

When it is determined that the same subject has been photographed in this way, the card company server 110 transmits the authentication success information enabling the use of the service for the card member of the user 402 to the user terminal 120 (FIG. 4B (FIG. 4B). 14)). As a result, the user 402 can use the service for card members.

On the other hand, if the cardholder information is not searched in FIG. 4B (12), or if it is determined in FIG. 4B (13) that the same subject is not photographed, the card company server 110 transmits the authentication success information. Instead, for example, the authentication failure information indicating that the authentication has failed is transmitted to the user terminal 120. In this case, if the user 402 wants to use the service for card members, he / she needs to be authenticated by the second authentication method again or be authenticated by another authentication method.

As described above, according to the second authentication method, the user 402 captures the same subject as the authentication image preset by the user terminal 120 with respect to the card company server 110, and the image data thereof. By transmitting the second authentication request including the above to the card company server 110, the service for card members can be used. That is, the user 402 uses the service for cardholders by being authenticated by the second authentication method by using his / her favorite image as a password instead of a list of characters such as alphabets and numbers that are difficult to remember and forget. It becomes possible.

As a result, the card company server 110 can simplify the user 402 to use the service for the card member, and can promote the use of the service for the card member of the user 402. Therefore, the card company 401 can improve the convenience of the user 402 by the service for the card member and improve the customer satisfaction of the user 402 with respect to the card company 401.

Further, for example, when an image obtained by photographing a mass-produced product is used as an image for authentication, the strength of authentication by the second authentication method may be lower than the strength of authentication by the first authentication method. Therefore, as described above, the registration of the image for authentication can be performed only when the service for cardholders is used after being authenticated by the first authentication method, which is considered to be stronger than the authentication by the second authentication method. You may.

Further, in the above-described example, when the second authentication method is used, the user 402 captures the same subject as the authentication image, but the present invention is not limited to this. For example, the user terminal 120 stores the image data 421 of the authentication image, and when using the second authentication method, causes the user 402 to select the image data 421 from the list of the stored image data. You may do it. In this case, the user terminal 120 transmits a second authentication request including the image data 421 of the image selected by the user 402 to the card company server 110. In this way, the user 402 can use the service for cardholders by being authenticated by the second authentication method even when the same subject as the authentication image cannot be photographed.

(Third authentication method)
Next, the third authentication method will be described. FIG. 4C is a diagram showing an example of a third authentication method performed by the card company server of the present embodiment. In FIG. 4C, the same parts as those in FIGS. 4A and 4B are designated by the same reference numerals, and the description thereof will be omitted.

Similar to the second authentication method, the third authentication method is also an authentication method using an authentication image preset by the user 402 for the card company server 110. That is, when receiving the third authentication method, the user 402 registers a desired image as an authentication image in the card company server 110 in advance. Further, when receiving the authentication by the third authentication method, the user 402 registers, for example, the terminal specific information of the user terminal 120 in the card company server 110 in advance.

Then, when the user 402 is authenticated by the third authentication method, the user 402 activates the cardholder application installed on the user terminal 120 and performs an operation for receiving the authentication by the third authentication method. When the user terminal 120 receives this operation, it transmits a third authentication request including the terminal specific information to the card company server 110 indicating that the user terminal 120 is authenticated by the third authentication method (see FIG. 4C (21)).

The card company server 110 uses the terminal specific information included in the received third authentication request as a search key to search the cardholder information including the terminal specific information from the storage unit 111 (see FIG. 4C (22)). When the cardholder information is searched, the card company server 110 acquires the authentication image data of the searched cardholder information from the storage unit 111 (see FIG. 4C (23)). Further, the card company server 110 acquires dummy image data different from the acquired authentication image data (see FIG. 4C (24)).

The dummy image data may be any image as long as it represents an image different from the acquired authentication image data. The card company server 110 may, for example, acquire dummy image data stored in advance in the storage unit 111 by an employee of the card company 401, or acquire dummy image data via the network 130. May be good.

Then, the card company server 110 transmits the acquired third authentication data including the authentication image data and the dummy image data to the user terminal 120 (see FIG. 4C (25)). In the example described here, the third authentication data including the image data 421 representing the pen 405 as the image data for authentication, the image data 431 representing the mug cup as the dummy image data, and the image data 432 representing the key is sent to the user terminal 120. It is assumed that it has been sent.

The user terminal 120 displays an image represented by the authentication image data and the dummy image data based on the received third authentication data, and receives an operation from the user 402 to select one of the displayed images. .. In the example described here, the user 402 accepts an operation of selecting one of the images such as the image data 421, the image data 431, and the image data 432.

Then, when any image is selected by the user 402, the user terminal 120 transmits the selected image information indicating the selected image to the card company server 110 (see FIG. 4C (26)). In the example described here, since the image represented by the image data 421, that is, the image of the pen 405 is selected by the user 402, the selected image information indicating that the image represented by the image data 421 is selected is transmitted to the card company server 110. It is assumed that

The card company server 110 determines whether or not the authentication image is selected by the user 402 based on the received selected image information (see FIG. 4C (27)). In the example described here, since the image represented by the image data 421 is selected, the card company server 110 determines that the authentication image is selected.

When it is determined that the authentication image is selected in this way, the card company server 110 transmits the authentication success information enabling the use of the service for the card member of the user 402 to the user terminal 120 (FIG. 4C (28)). reference). As a result, the user 402 can use the service for card members.

On the other hand, if the cardholder information is not searched in FIG. 4C (22), or if it is determined in FIG. 4C (27) that the authentication image is not selected, the card company server 110 transmits the authentication success information. Instead, for example, the authentication failure information indicating that the authentication has failed is transmitted to the user terminal 120. In this case, if the user 402 wants to use the service for card members, he / she needs to be authenticated by the third authentication method again or be authenticated by another authentication method.

As described above, according to the third authentication method, the user 402 selects an authentication image preset for the card company server 110 from the images displayed based on the third authentication data. By doing so, it becomes possible to use the service for card members. That is, the user 402 uses the service for cardholders by being authenticated by the third authentication method by using his / her favorite image as a password instead of a list of characters that are difficult to remember and forget, such as alphabets and numbers. It becomes possible.

As a result, the card company server 110 can simplify the user 402 to use the service for the card member, and can promote the use of the service for the card member of the user 402. Therefore, the card company 401 can improve the convenience of the user 402 by the service for the card member and improve the customer satisfaction of the user 402 with respect to the card company 401.

Further, according to the third authentication method, for example, even when the user 402 cannot perform shooting using the user terminal 120 (for example, when he / she is in a dark environment), the third authentication method It will be possible to use the service for cardholders after being authenticated by.

In the present embodiment, an example in which the card company server 110 can perform authentication by any of the first authentication method to the third authentication method will be described, but the present invention is not limited to this. The card company server 110 may perform only authentication by at least one of the first authentication method to the third authentication method.

Further, the card company server 110 may be capable of performing authentication by another authentication method in addition to the authentication by the first authentication method to the third authentication method. As another authentication method, for example, an authentication method that asks the user where the image for authentication was taken (hereinafter referred to as "fourth authentication method") can be considered.

When the fourth authentication method is adopted, the user terminal 120 includes a position information acquisition unit that acquires the position information of the own terminal. The position information acquisition unit is, for example, a GPS (Global Positioning System) unit. In this case, when the user terminal 120 takes a picture in response to an operation from the user, the user terminal 120 generates image data including the position information of the own terminal at that time. Then, the user terminal 120 is the image data selected by the user, and by transmitting the image data including the position information to the card company server 110, the card company server 110 uses the image data as the image data for user authentication. To memorize.

In this case, when the card company server 110 receives the fourth authentication request requesting the user terminal 120 to be authenticated by the fourth authentication method, the image represented by the authentication image data and "This was taken in what prefecture." The fourth authentication data for displaying a message such as "?" Is transmitted to the user terminal 120. Then, the card company server 110 receives the information indicating the location input by the user from the user terminal 120, collates the information indicating the received location with the location information of the authentication image data, and these are the same location. If it is shown, the authentication success information is transmitted to the user terminal 120 so that the user can use the service for card members.

Further, the present invention is not limited to this, and the card company server 110 may perform authentication using the authentication image, the question registered by the user, and the answer to the question (hereinafter referred to as "fifth authentication"). In this case, the user terminal 120 sends information indicating a question (for example, "Who got this?" And an answer (for example, "Mother") received from the user to the card company server 110 together with the image data for authentication. It is transmitted, linked with these, and stored in the card company server 110.

In this case, when the card company server 110 receives the fifth authentication request requesting authentication by the fifth authentication method from the user terminal 120, the card company server 110 displays the image represented by the authentication image data and the question registered by the user. The fifth authentication data to be generated is transmitted to the user terminal 120. Then, the card company server 110 receives the information indicating the answer input by the user from the user terminal 120, and collates the information indicating the received answer with the information indicating the answer associated with the authentication image data. If these show the same contents, the authentication success information is transmitted to the user terminal 120 so that the user can use the service for card members.

Even if authentication is performed by such another authentication method, the user can recall words from his / her favorite image instead of a list of hard-to-remember and easy-to-forget characters such as alphabets and numbers. It is possible to use the service for cardholders by receiving authentication instead of a password. Therefore, the card company server 110 can simplify the user 402 to use the service for the card member, and can promote the use of the service for the card member of the user 402.

(Example of information stored in the storage unit 111)
Next, an example of the information stored in the storage unit 111 will be described. FIG. 5 is a diagram showing an example of the cardholder information DB according to the present embodiment. The storage unit 111 stores, for example, the cardholder information DB 500 shown in FIG. The cardholder information DB 500 stores, for example, cardholder information associated with a card number, expiration date, name, contact information, terminal identification information, identification data, authentication image data, user ID and password.

In the cardholder information, the card number indicates the card number of the credit card issued by the card company. As described above, the card number is an example of the user's identification information according to the present invention. In the cardholder information, the name indicates the name of the cardholder who owns the credit card of each card number, for example, the name in Japanese notation and the name in Roman letters, respectively. In the cardholder information, the expiration date indicates the expiration date of the credit card of each card number. For example, in the case of the expiration date "04/18", it indicates that the expiration date is valid until "the end of April 2018".

Further, in the cardholder information, the contact information indicates the contact information of the card member who owns the credit card of each card number, and for example, indicates the telephone number or e-mail address of the user terminal 120 used by each card member. In the cardholder information, the terminal identification information is information that identifies the user terminal 120 used by the card member who owns the credit card of each card number, and is, for example, the serial number of the user terminal 120 used by each card member. And MAC address.

Further, the terminal specific information is another example of the user identification information according to the present invention as described above, and as shown in the present embodiment, the terminal specific information is the identification information of the terminal (for example, the user terminal 120) provided with the imaging device. It may be. By storing the user's identification information (for example, a card number) and the identification information (terminal identification information, for example, a serial number or MAC address) of a terminal provided with an imaging device in advance, the card company server 110 can be stored. , It becomes possible to identify the user's identification information (that is, the user) from the terminal's identification information. Further, the telephone number or e-mail address of the user terminal 120 may be used as the terminal specific information.

Further, in the cardholder information, the identification card data indicates the identification card data related to the identification card of the card member who owns the credit card of each card number. The identification card data is, for example, image data of an identification card image representing the identification card. Further, the identification card data may be information indicating an image analysis result obtained by image-analyzing the identification card image (for example, information indicating feature points of the identification card image).

Further, in the cardholder information, the authentication image data indicates the authentication image data related to the authentication image registered by the card member who owns the credit card of each card number. The authentication image data is, for example, image data representing an authentication image. Further, the authentication image data may be information indicating an image analysis result obtained by image-analyzing the authentication image (for example, information indicating feature points of the authentication image).

Further, in the cardholder information, the user ID is a user ID for the cardholder service of the cardholder who owns the credit card of each card number. In the cardholder information, the password is a password for the cardholder service of the cardholder who owns the credit card of each card number.

The card number, expiration date, name, contact information, identification data, user ID and password information in the cardholder information are stored in the cardholder information DB 500 by an employee of the card company, for example, when issuing a credit card. Will be done. Further, the terminal specific information and the identification card data in the card member information are stored in the card member information DB 500 by the card member who uses the service for the card member. Further, the card member can appropriately change the contact information, the image data for authentication, the user ID, the password, etc. in the card member information of the card member by using the service for the card member, for example.

In addition to the illustrated information, the cardholder information includes information indicating the address, income, place of employment, available amount, credit card usage details, etc. of the cardholder who owns the credit card of each card number. It may be possible to do so.

(Example of functional configuration of card company server 110)
Next, an example of the functional configuration of the card company server 110 will be described. FIG. 6 is a block diagram showing an example of the functional configuration of the card company server according to the present embodiment. First, the functional part of the card company server 110 when the authentication is performed by the first authentication method will be described. When the authentication is performed by the first authentication method, the card company server 110 may have, for example, a reception unit 600, an authentication request acquisition unit 601, an image analysis unit 602, a determination unit 603, a card information acquisition unit 604, and a search unit 605. It includes a first collation unit 606 and an output control unit 607.

The reception unit 600 receives various information transmitted from the user terminal 120 or the like to the card company server 110. The reception unit 600 outputs the received information to the authentication request acquisition unit 601. The reception unit 600 is realized by, for example, the communication IF 203 shown in FIG. The reception unit 600 is an example of the reception means according to the present invention.

The authentication request acquisition unit 601 acquires an authentication request including image data from the information received from the reception unit 600, and outputs the acquired image data of the authentication request to the image analysis unit 602. The authentication request acquisition unit 601 is realized, for example, by the CPU 201 shown in FIG. 2 executing a program stored in the memory 202.

The image analysis unit 602 performs image analysis of the image represented by the image data input from the authentication request acquisition unit 601, and from the image, a credit card image representing a credit card issued by the card company, and a predetermined type of identification. Detects an ID image that represents a certificate (for example, a driver's license).

For example, an employee of a card company registers in advance a pattern that is a condition for detecting as a credit card image in the image analysis unit 602. By doing so, the image analysis unit 602 compares the registered pattern with the image represented by the input image data, so that the image represented by the input image data includes the credit card image. If so, the credit card image can be detected.

Similarly, an employee of the card company registers in advance a pattern that is a condition for being detected as an identification card image (for example, a pattern that is a condition for being detected as an image of a driver's license) in the image analysis unit 602. In this way, the image analysis unit 602 compares the registered pattern with the image represented by the input image data, so that the image represented by the input image data includes the identification image. If so, the identification image can be detected.

The image analysis unit 602 outputs the image analysis result to the determination unit 603. The image analysis unit 602 outputs, for example, information indicating whether or not a credit card image is detected and whether or not an identification card image is detected as a result of image analysis of the input image data to the determination unit 603. .. The image analysis unit 602 is realized, for example, by the CPU 201 shown in FIG. 2 executing a program stored in the memory 202.

Based on the image analysis result input from the image analysis unit 602, the determination unit 603 determines whether or not the image represented by the image data of the authentication request includes a credit card image and an identification card image. When, for example, the determination unit 603 receives information indicating that the credit card image has been detected from the image analysis unit 602, the determination unit 603 determines that the image represented by the image data of the authentication request includes the credit card image. On the contrary, when the determination unit 603 receives the information indicating that the credit card image was not detected from the image analysis unit 602, the determination unit 603 determines that the image represented by the image data of the authentication request does not include the credit card image. To do.

Similarly, when the determination unit 603 receives, for example, information indicating that the identification card image has been detected from the image analysis unit 602, the identification unit image is included in the image represented by the image data of the authentication request. Judge that there is. On the contrary, when the determination unit 603 receives the information indicating that the identification card image has not been detected from the image analysis unit 602, the identification unit image is not included in the image represented by the image data of the authentication request. Is determined.

When the determination unit 603 determines that the image represented by the image data of the authentication request includes both the credit card image and the identification card image, the determination unit 603 informs the image analysis unit 602 of the detected credit card image as card information. Instruct the acquisition unit 604 to input. The determination unit 603 is realized, for example, by the CPU 201 shown in FIG. 2 executing a program stored in the memory 202. The determination unit 603 is an example of the determination means according to the present invention.

The image analysis unit 602 inputs the detected credit card image to the card information acquisition unit 604 according to the instruction received from the determination unit 603. At this time, the image analysis unit 602 trims the detected credit card image portion from the image represented by the image data input to the image analysis unit 602, and sends only the credit card image to the card information acquisition unit 604. Make sure to enter it. By doing so, the image handled by the card information acquisition unit 604 can be made smaller, so that the processing load of the card information acquisition unit 604 can be reduced.

The card information acquisition unit 604 acquires the card number written on the credit card represented by the credit card image based on the credit card image input from the image analysis unit 602. For example, an employee of a card company registers in advance information indicating an area (part) to be read as a card number in the card information acquisition unit 604 from a credit card image. Then, the card information acquisition unit 604 reads the character string written in the registered area of the input credit card image as the card number. A known and arbitrary character recognition technique may be used for character recognition.

Further, the card information acquisition unit 604 may read not only the card number but also the expiration date from the credit card image. Even in this case, for example, an employee of the card company registers in advance information indicating an area to be read as an expiration date from the credit card image in the card information acquisition unit 604. Then, the card information acquisition unit 604 may read the character string written in the registered area of the input credit card image as the expiration date. Similarly, the card information acquisition unit 604 may also read the name from the credit card image.

The card information acquisition unit 604 outputs information indicating the acquired card number to the search unit 605. Further, when the card information acquisition unit 604 reads the expiration date from the credit card image and acquires it, the card information acquisition unit 604 also outputs the information indicating the acquired expiration date to the search unit 605. Similarly, when the card information acquisition unit 604 reads the name from the credit card image and acquires the name, the card information acquisition unit 604 also outputs the information indicating the acquired name to the search unit 605. The card information acquisition unit 604 is realized, for example, by the CPU 201 shown in FIG. 2 executing a program stored in the memory 202. The card information acquisition unit 604 is an example of the acquisition means according to the present invention.

The search unit 605 uses the card number received from the card information acquisition unit 604 as a search key to search the card member information including the received card number from the card member information DB 500. Further, when the search unit 605 receives the expiration date in addition to the card number from the card information acquisition unit 604, the search unit 605 searches for the card member information including the received card number and the expiration date. Similarly, when the search unit 605 also receives a name from the card information acquisition unit 604, the search unit 605 searches for cardholder information including the received name.

When the cardholder information is searched, the search unit 605 outputs the searched cardholder information to the first collation unit 606. Further, when the cardholder information is searched, the search unit 605 instructs the image analysis unit 602 to input the detected identification card image into the first collation unit 606. The search unit 605 is realized, for example, by the CPU 201 shown in FIG. 2 executing a program stored in the memory 202.

The image analysis unit 602 inputs the detected identification card image to the first collation unit 606 according to the instruction received from the search unit 605. At this time, the image analysis unit 602 trims the detected part of the identification card image from the image represented by the image data input to the image analysis unit 602, and displays only the identification image as the first collation unit. Make sure to enter in 606. By doing so, the image handled by the first collating unit 606 can be made smaller, so that the processing load of the first collating unit 606 can be reduced.

The first collation unit 606 acquires the identification card data from the cardholder information received from the search unit 605, and also acquires the identification card image input from the image analysis unit 602. Then, the first collation unit 606 collates the acquired identification card data with the input identification card image. As a result, the first collation unit 606 determines whether or not the identification card indicated by the acquired identification card data and the identification card represented by the input identification card image are the same identification card.

The first collation unit 606 first detects, for example, the feature points of the input identification card image. Then, the first collation unit 606 compares the feature points of the detected ID card image with the feature points indicated by the acquired ID card data, and determines whether or not these differences are smaller than the preset threshold value. To judge. If the difference in the feature points is less than the threshold value, the first collation unit 606 uses the same ID card as the ID card indicated by the acquired ID card data and the ID card represented by the input ID card image. Judge that there is. On the contrary, if the difference between the feature points is equal to or more than the threshold value, the first collation unit 606 has the same identification as the identification card indicated by the acquired identification card data and the identification card represented by the input identification card image. Judge that it is not a certificate.

Here, an example in which the first collation unit 606 performs the process of detecting the feature points of the identification card image has been described, but the present invention is not limited to this. For example, the image analysis unit 602 may perform a process of detecting the feature points of the identification card image, and output the process result to the first collation unit 606.

Further, the first collation unit 606 further confirms the shooting date and time (for example, time stamp) of the image data of the first authentication request at the time of the above collation, and for example, the shooting date and time of the image data is the reception date and time of the first authentication request. It may be determined whether the difference between the two is within a predetermined range (for example, within one day). In this case, the first collation unit 606 outputs information indicating that the collation was successful when it is determined that the collation is within the predetermined range by this determination.

In this way, the card company server 110 confirms whether the credit card and the identification card, which are the subjects in the image represented by the image data of the first authentication request, are in the user's hand, and there is a high possibility that the credit card and the identification card are in the user's hand. If (ie, the user is likely to be the legitimate owner of the credit card and ID card), authentication by the first authentication method can be successful.

The first collation unit 606 outputs the collation result to the output control unit 607. When, for example, the first collation unit 606 determines that the identification card indicated by the acquired identification card data and the identification card represented by the input identification card image are the same identification card, that fact is determined. Is output to the output control unit 607. Further, in this case, the first collation unit 606 instructs, for example, the search unit 605 to input the searched cardholder information to the output control unit 607. The search unit 605 inputs the searched cardholder information to the output control unit 607 according to the instruction received from the first collation unit 606. The first collation unit 606 is realized, for example, by the CPU 201 shown in FIG. 2 executing a program stored in the memory 202. The search unit 605 and the first collation unit 606 are examples of collation means according to the present invention.

The output control unit 607 outputs authentication success information that enables the user who made the authentication request to use the service for card members based on the verification result received from the first verification unit 606. For example, when the output control unit 607 receives from the first collation unit 606 a collation result indicating that the identification card indicated by the identification card data and the identification card represented by the identification card image are the same identification card. Outputs authentication success information to. The output destination of the authentication success information is, for example, the contact information of the card member indicated by the card member information input from the search unit 605, that is, the user terminal 120 used by the user who has sent the authentication request.

Further, in the present embodiment, the card company server 110 is also responsible for providing services for card members, but the present invention is not limited to this. For example, when a web page for card members is provided on a server other than the card company server 110, the server is responsible for providing services for card members. In this case, the output control unit 607 may output the authentication success information to the server provided with the web page for cardholders. In this case, the destination of the server to which the authentication success information is output is set in advance for the card company server 110 by, for example, an employee of the card company. The output control unit 607 is realized, for example, by the CPU 201 shown in FIG. 2 executing a program stored in the memory 202, or by the communication IF 203.

Next, the functional part of the card company server 110 when the authentication by the second authentication method is performed will be described. Hereinafter, the same description as in the case where the authentication by the first authentication method is performed will be omitted as appropriate. When authentication is performed by the second authentication method, the card company server 110 may have, for example, a reception unit 600, an authentication request acquisition unit 601, an image analysis unit 602, a search unit 605, an output control unit 607, and a terminal specific information acquisition unit. 608 and a second collating unit 609 are provided.

When the authentication by the second authentication method is performed, the authentication request acquisition unit 601 acquires an authentication request including image data and terminal specific information from the information received from the reception unit 600, and obtains the authentication request. The image data is output to the image analysis unit 602, and the acquired terminal specific information is input to the terminal specific information acquisition unit 608.

The image analysis unit 602 performs image analysis of the image represented by the image data input from the authentication request acquisition unit 601 and detects, for example, a collation target image used for collation of the second collation unit 609 from the image. The collation target image is an image representing the main subject among the images represented by the input image data. The image representing the main subject is, for example, an image of a central portion (a region within a predetermined range from the center) of the images represented by the input image data. Further, the image representing the main subject may be an image having a contour estimated to occupy the largest proportion in the image as a result of performing contour detection of the image represented by the input image data. The image analysis unit 602 outputs the image analysis result to the second collation unit 609.

The terminal specific information acquisition unit 608 acquires the terminal specific information input from the authentication request acquisition unit 601 and outputs the acquired terminal specific information to the search unit 605. The terminal specific information acquisition unit 608 is realized, for example, by the CPU 201 shown in FIG. 2 executing a program stored in the memory 202.

The search unit 605 uses the terminal specific information received from the terminal specific information acquisition unit 608 as a search key to search the card member information including the received terminal specific information from the card member information DB 500. When the cardholder information is searched, the search unit 605 outputs the searched cardholder information to the second collation unit 609. Further, when the cardholder information is searched, the search unit 605 instructs the image analysis unit 602 to input the detected collation target image into the second collation unit 609.

The second collation unit 609 acquires the authentication image data from the cardholder information received from the search unit 605, and also acquires the collation target image input from the image analysis unit 602. Then, the second collation unit 609 collates the authentication image represented by the acquired authentication image data with the input collation target image. As a result, the second collation unit 609 determines whether or not the subject represented by the acquired authentication image data and the subject represented by the input collation target image are the same.

Similar to the first collation unit 606, the second collation unit 609 first detects, for example, the feature points of the input collation target image. Then, the second collation unit 609 compares the feature points of the detected collation target image with the feature points indicated by the acquired authentication image data, and determines whether or not these differences are smaller than the preset threshold value. judge. If the difference between the feature points is less than the threshold value, the second collation unit 609 determines that the subject represented by the acquired authentication image data and the subject represented by the input collation target image are the same. On the contrary, if the difference between the feature points is equal to or larger than the threshold value, the second collation unit 609 determines that the subject represented by the acquired authentication image data and the subject represented by the input collation target image are different.

Further, the second collation unit 609 further confirms the shooting date and time (for example, time stamp) of the image data of the second authentication request at the time of the above collation, and for example, the shooting date and time of the image data is the reception date and time of the second authentication request. It may be determined whether the difference between the two is within a predetermined range (for example, within one week). In this case, the second collation unit 609 outputs information indicating that the collation was successful when it is determined that the collation is within the predetermined range by this determination.

In this way, does the card company server 110 have the object (that is, the same object as the subject in the authentication image) in the image represented by the image data of the second authentication request in the user's hand? If the possibility is high (that is, the user is likely to be the legitimate owner of the subject in the authentication image), the authentication by the second authentication method can be successful. ..

The second collation unit 609 outputs the collation result to the output control unit 607. When, for example, the second collation unit 609 determines that the subject represented by the acquired authentication image data and the subject represented by the input collation target image are the same, the second collation unit 609 outputs information indicating that fact. Output to 607. Further, in this case, the second collation unit 609 instructs, for example, the search unit 605 to input the searched cardholder information to the output control unit 607. The search unit 605 inputs the searched cardholder information to the output control unit 607 according to the instruction received from the second collation unit 609. The second collation unit 609 is realized, for example, by the CPU 201 shown in FIG. 2 executing a program stored in the memory 202. The search unit 605 and the second collation unit 609 are other examples of the collation means according to the present invention.

The output control unit 607 outputs authentication success information that enables a user who wishes to use the service for card members to use the service for card members, based on the collation result received from the second collation unit 609. The output control unit 607 outputs authentication success information when, for example, the second collation unit 609 receives a collation result indicating that the subject represented by the authentication image data and the subject represented by the collation target image are the same. To do. The output destination of the authentication success information is, for example, the contact information of the card member indicated by the card member information input from the search unit 605, that is, the user terminal 120 used by the user who has sent the authentication request.

Further, when the authentication is performed by the second authentication method, the authentication request acquisition unit 601 is designated by the user who wishes to use the service for card members from the information input to the card company server 110 from the user terminal 120 or the like. An authentication request may be obtained that further includes information indicating the classified category. In this case, for example, as shown in FIG. 9, the user terminal 120 displays the category selection screen 900 when transmitting the authentication request, and accepts the category selection from the user. Then, the user terminal 120 transmits an authentication request including information indicating the category selected by the user to the card company server 110. As a result, the authentication request acquisition unit 601 can acquire the authentication request including the information indicating the category.

When the authentication request acquisition unit 601 acquires the authentication request including the information indicating the category, the authentication request acquisition unit 601 outputs the information indicating the acquired category to the image analysis unit 602. In this case, the image analysis unit 602 performs image analysis of the image represented by the input image data based on the information indicating the input category.

Specifically, the image analysis unit 602 detects an image of the input category from the image represented by the input image data. For example, an employee of a card company registers in advance a pattern to be detected as an image of the category in the image analysis unit 602 for each category prepared in advance. For example, in the case of the category "writing instrument", the employee of the card company registers in advance a pattern in the image analysis unit 602 for detecting an image such as a pencil, a pen, or a fountain pen as an image of the category "writing instrument".

As a result, the image analysis unit 602 is designated as the image represented by the input image data by comparing the pattern registered for the designated category with the image represented by the input image data. If an image of the category is included, that image can be detected. Then, the image analysis unit 602 outputs the image of the category detected in this way to the second collation unit 609 as a collation target image.

In this way, the user can be authenticated by the second authentication method by the image showing the subject intended by the user. Therefore, it is possible to increase the possibility that the user who knows the authentication image succeeds in the authentication by the second authentication method, and it is possible to improve the convenience of this user. Further, in this way, the image analysis unit 602 only needs to perform the image analysis within the range of the designated category, so that the processing load of the card company server 110 can be reduced.

Further, as described above, when a plurality of images of one subject are registered as authentication images in the card company server 110, the card company server 110 may use the registered plurality of images or the corresponding images. The authentication image may be collated using the information obtained by image analysis of a plurality of images (for example, information indicating the feature points of each image).

Further, when performing authentication by the second authentication method, the card company server 110 may further include an authentication image registration request acquisition unit (not shown) and an authentication image registration unit. In this case, the reception unit 600 outputs the information received from the user terminal 120 or the like to the authentication image registration request acquisition unit. The authentication image registration request acquisition unit acquires an authentication image registration request including image data and terminal specific information from the information received from the reception unit 600, and sends the acquired authentication image registration request to the authentication image registration unit. Output. The authentication image registration request acquisition unit is realized, for example, by the CPU 201 shown in FIG. 2 executing a program stored in the memory 202.

The authentication image registration unit registers the authentication image data in the cardholder information DB 500 based on the authentication image registration request received from the authentication image registration request acquisition unit. The authentication image registration unit uses, for example, the terminal specific information of the authentication image registration request received from the authentication image registration request acquisition unit as a search key, and searches the card member information including this terminal specific information from the card member information DB 500. To do.

When the cardholder information is searched, the authentication image registration unit registers the image data of the authentication image registration request received from the authentication image registration request acquisition unit as the authentication image data of the searched cardholder information. .. In addition, the image registration unit for authentication uses the information indicating the image analysis result obtained by image analysis of the image data of the image registration request for authentication received from the image registration request acquisition unit for authentication as the searched cardholder information. It may be registered as image data for authentication. The authentication image registration unit is realized, for example, by the CPU 201 shown in FIG. 2 executing a program stored in the memory 202.

Further, the card company server 110 may further include a card usage information acquisition unit 621 and an authentication image registration guide unit 622 when performing authentication by the second authentication method. In this case, the reception unit 600 also receives information transmitted from a store terminal (for example, a credit inquiry terminal such as a CAT terminal) of a store (so-called "member store") that supports card payment to the card company server 110. Then, the reception unit 600 further outputs the received information to the card usage information acquisition unit 621.

The card usage information acquisition unit 621 acquires information related to card payment from the information received from the reception unit 600. The information related to card payment is, for example, information including card information (for example, a card number) of a credit card used for card payment. In addition, the information related to the card payment may include information indicating the store where the card payment was made. The card usage information acquisition unit 621 outputs the acquired card usage information to the authentication image registration guide unit 622. The card usage information acquisition unit 621 is realized, for example, by the CPU 201 shown in FIG. 2 executing a program stored in the memory 202.

The authentication image registration guidance unit 622 generates authentication image registration guidance information for guiding the registration of the authentication image based on the information related to the card payment received from the card usage information acquisition unit 621. The authentication image registration guidance information is information including a message such as "Would you like to register an image of a product purchased by card payment as an authentication image?" Further, when the information related to the card payment includes the information indicating the store, the authentication image registration guide unit 622 may, for example, "purchase the product at the XX store by the card payment" based on the information indicating the store. The authentication image registration guidance information including a message such as "Would you like to register the image as an authentication image?" May be generated.

When the authentication image registration guidance unit 622 generates the authentication image registration guidance information, for example, the generated authentication image registration guidance information and the card information of the received card payment information are combined and sent to the output control unit 607. Output. The authentication image registration guide unit 622 is realized, for example, by the CPU 201 shown in FIG. 2 executing a program stored in the memory 202.

The output control unit 607 outputs the card information received from the authentication image registration guide unit 622 to the search unit 605, and inquires the search unit 605 of the card member information corresponding to the card information. In response to this inquiry, the search unit 605 searches the card member information DB 500 for the card member information corresponding to the card information received from the output control unit 607, and when the card information is searched, outputs and controls the card member information. Output to unit 607. Then, the output control unit 607 transmits the authentication image registration guidance information received from the authentication image registration guidance unit 622 to the contact information of the searched cardholder information. As a result, the card company server 110 can transmit the authentication image registration guidance information to the card member who purchased the product by the card payment, and can prompt the registration (update) of the authentication image.

By registering the authentication image according to the authentication image registration guidance information, the user can register the image of the product recently purchased with the credit card as the authentication image. Therefore, the user can be authenticated by the second authentication method using an image that is easy for the user to remember, such as an image of a product recently purchased with a credit card, as an authentication image. In addition, the user can periodically update his / her own authentication image (every time the card is settled) by registering the authentication image according to the authentication image registration guidance information. It is possible to prevent authentication from being performed by an authentication image leaked to a third party.

Next, the functional part of the card company server 110 when the authentication by the third authentication method is performed will be described. Hereinafter, the same description as in the case where the authentication by the first authentication method and the authentication by the second authentication method are performed will be omitted as appropriate. When authentication is performed by the third authentication method, the card company server 110 may have, for example, a reception unit 600, a search unit 605, an output control unit 607, a terminal specific information acquisition unit 608, a third authentication request acquisition unit 610, and authentication. The image inquiry unit 611 and the selected image information acquisition unit 612 are provided.

When the authentication is performed by the third authentication method, the reception unit 600 sends the information received by being transmitted from the user terminal 120 or the like to the card company server 110 to the third authentication request acquisition unit 610 and the selected image information. Output to the acquisition unit 612. The third authentication request acquisition unit 610 acquires the third authentication request including the terminal specific information from the information received from the reception unit 600, and transfers the acquired terminal specific information of the third authentication request to the terminal specific information acquisition unit 608. input. The third authentication request acquisition unit 610 is realized, for example, by the CPU 201 shown in FIG. 2 executing a program stored in the memory 202.

The terminal specific information acquisition unit 608 acquires the terminal specific information input from the third authentication request acquisition unit 610, and outputs the acquired terminal specific information to the search unit 605. The search unit 605 uses the terminal specific information received from the terminal specific information acquisition unit 608 as a search key to search the card member information including the received terminal specific information from the card member information DB 500. When the cardholder information is searched, the search unit 605 outputs the searched cardholder information to the authentication image inquiry unit 611.

The authentication image inquiry unit 611 acquires the authentication image data from the cardholder information received from the search unit 605. Further, the authentication image inquiry unit 611 acquires arbitrary dummy image data from the dummy image data stored in the memory 202. For example, a large number of dummy image data are stored in the memory 202 in advance, and the authentication image inquiry unit 611 acquires a plurality of dummy image data from the dummy image data. As the number of dummy image data acquired by the authentication image inquiry unit 611 is increased, the strength of authentication by the third authentication method can be increased.

Then, the authentication image inquiry unit 611 generates a third authentication data including the acquired authentication image data and dummy image data. The authentication image inquiry unit 611 determines, for example, the display order of the images represented by the acquired authentication image data and the dummy image data (for example, which image corresponds to each of the image selection buttons 1201 in FIG. 12). , Authentication image data, dummy image data, and third authentication data including information indicating the display order of the images represented by these are generated.

Further, the authentication image inquiry unit 611 stores, for example, the generated third authentication data in the memory 202 in association with the cardholder information received from the search unit 605. As a result, the generated third authentication data and the selected image information received from the selected image information acquisition unit 612, which will be described later, can be linked by any information included in the cardholder information (for example, terminal specific information). it can.

Further, the authentication image inquiry unit 611 outputs the generated third authentication data to the output control unit 607. Further, in this case, the authentication image inquiry unit 611 instructs, for example, the search unit 605 to input the searched cardholder information to the output control unit 607. The search unit 605 inputs the searched cardholder information to the output control unit 607 according to the instruction received from the authentication image inquiry unit 611. The authentication image inquiry unit 611 is realized by the CPU 201 shown in FIG. 2 executing a program stored in the memory 202.

The output control unit 607 outputs the third authentication data received from the authentication image inquiry unit 611 to the terminal of the user who desires to use the service for card members. The output destination of the third authentication data is, for example, the contact information of the card member indicated by the card member information input from the search unit 605, that is, the user terminal 120 used by the user who has sent the third authentication request.

Further, the selected image information acquisition unit 612 acquires the selected image information indicating the image selected by the user from the information received from the reception unit 600, and inputs the acquired selected image information to the authentication image inquiry unit 611. .. Further, the selected image information includes, for example, terminal specific information of the user terminal 120 of the transmission source. The selected image information acquisition unit 612 is realized, for example, by the CPU 201 shown in FIG. 2 executing a program stored in the memory 202.

The authentication image inquiry unit 611 reads, for example, the third authentication data stored in the memory 202 in association with the terminal identification information based on the terminal identification information of the selected image information received from the selection image information acquisition unit 612. .. Then, the authentication image inquiry unit 611 determines whether or not the authentication image is selected based on the authentication image data of the read third authentication data and the received selected image information.

Specifically, for example, it is assumed that the information indicating the display order of each image of the read third authentication data indicates that the display order of the authentication images is second. In this case, if the received selected image information indicates that the second image is selected (for example, the image selection button 1201b described later is pressed), the authentication image inquiry unit 611 is the authentication image. Is selected.

On the other hand, if the received selected image information indicates that an image other than the second image has been selected, the authentication image inquiry unit 611 determines that the authentication image has not been selected. Then, the authentication image inquiry unit 611 outputs the determination result (inquiry result) to the output control unit 607. At this time, the authentication image inquiry unit 611 also outputs, for example, the cardholder information stored in the memory 202 in association with the third authentication data to the output control unit 607.

The output control unit 607 outputs authentication success information that enables a user who wishes to use the service for card members to use the service for card members, based on the determination result received from the image inquiry unit 611 for authentication. The output control unit 607 outputs authentication success information, for example, when it is determined that the authentication image has been selected. The output destination of the authentication success information is, for example, the contact information of the card member indicated by the card member information input from the authentication image inquiry unit 611, that is, the user terminal 120 used by the user who has transmitted the third authentication request. The reception unit 600, the search unit 605, the output control unit 607, the authentication image inquiry unit 611, and the selected image information acquisition unit 612 are examples of the inquiry means according to the present invention.

Further, when the card company server 110 authenticates by the third authentication method, the authentication image registration request acquisition unit, the authentication image registration unit, and the card usage information acquisition are the same as when the authentication is performed by the second authentication method. A unit 621, an authentication image registration guide unit 622, and the like may be provided.

Further, in the present embodiment, the card company server 110 performs any authentication by the first authentication method to the third authentication method, but is not limited to this, and any of the first authentication method to the third authentication method. Only the authentication by the authentication method may be performed.

For example, when only the authentication by the first authentication method is performed, the card company server 110 does not have to have a functional unit other than the functional unit described in the above-mentioned example of performing the authentication by the first authentication method. .. Similarly, when only the authentication by the second authentication method is performed, the card company server 110 does not have to have a functional unit other than the functional unit described in the example of performing the authentication by the second authentication method described above. Good. Further, when only the authentication by the third authentication method is performed, the card company server 110 does not have to have a functional unit other than the functional unit described in the above-described example of performing the authentication by the third authentication method. ..

(An example of the start screen displayed by the user terminal 120)
Next, a display example of the user terminal 120 will be described. FIG. 7 is a diagram showing an example of a start screen displayed by the user terminal according to the present embodiment. The user terminal 120 displays the start screen 700 shown in FIG. 7, for example, when the cardholder application is started.

The start screen 700 is provided with a user ID input box 701, a password input box 702, a login button 703, a first login camera button 704, and a second login camera button 705. When the user wants to be authenticated by the user ID and password, he / she enters the user ID in the user ID input box 701 and the password in the password input box 702 by operating the user terminal 120, and presses the login button 703. Just tap (for example).

On the other hand, when the user wants to be authenticated by the first authentication method, he / she may press the first login camera button 704 by operating the user terminal 120. Further, when the user wants to be authenticated by the second authentication method, he / she may press the second login camera button 705 by operating the user terminal 120. When the first login camera button 704 or the second login camera button 705 is pressed, the user terminal 120 activates the camera of the user terminal 120 and displays the shooting screen shown in FIG. That is, the first login camera button 704 and the second login camera button 705 are examples of activation instruction buttons that instruct the activation of the imaging device of the user terminal 120, and the start screen 700 is a display provided with the activation instruction button. This is an example of the screen.

(Example of shooting screen displayed by user terminal 120)
FIG. 8 is a diagram showing an example of a shooting screen displayed by the user terminal according to the present embodiment. On the shooting screen 800 shown in FIG. 8, the image 801 being captured by the camera of the user terminal 120 is displayed. In the example shown in FIG. 8, the camera of the user terminal 120 captures a credit card and a driver's license. Therefore, the image being imaged 801 is an image including a credit card image 801a representing a credit card and a driver's license image 801b representing a driver's license.

Further, on the shooting screen 800, a message (in the illustrated example, "Please shoot XX") is displayed to guide the user to the target to be shot. This message is, for example, "Please take a picture of your credit card and ID card" when the first login camera button 704 is pressed, and "Registered" when the second login camera button 705 is pressed. Please shoot the same subject as the authentication image. "

Further, the shooting screen 800 is provided with a shutter button 802. When the shutter button 802 is pressed, the user terminal 120 stores the image data representing the image being imaged 801 at that time in the memory 302, and transmits an authentication request including the image data to the card company server 110. Then, the user terminal 120 displays the menu screen shown in FIG. 10 when the authentication success information is received from the card company server 110 by transmitting the authentication request. On the other hand, when the user terminal 120 receives the authentication failure information from the card company server 110, the user terminal 120 displays the authentication failure notification screen shown in FIG.

(Example of category selection screen displayed by user terminal 120)
FIG. 9 is a diagram showing an example of a category selection screen displayed by the user terminal of the present embodiment. For example, when the second login camera button 705 is pressed, the user terminal 120 displays the category selection screen 900 shown in FIG. 9 before displaying the shooting screen 800.

The category selection screen 900 is provided with a category selection button 901 corresponding to a category predetermined as the category of the image for authentication by the card company. In the present embodiment, the card company prepares "person", "pet", "writing tool", etc. as the category of the image for authentication. Therefore, as the category selection button 901, a category selection button 901a corresponding to the category "person", a category selection button 901b corresponding to the category "pet", a category selection button 901c corresponding to the category "writing tool", and the like are provided. ing.

Therefore, if the authentication image registered in the card company server 110 is an image of a person such as his / her face, the user may press the category selection button 901a. Further, if the authentication image registered in the card company server 110 is an image of a pet such as a dog or a cat, the user may press the category selection button 901b. Then, if the authentication image registered in the card company server 110 is an image of a writing instrument such as a fountain pen or a pen, the user may press the category selection button 901c. Then, when the second login camera button 705 is pressed, the user terminal 120 transmits an authentication request including information indicating the category selected by the user by the category selection screen 900 to the card company server 110.

(Example of menu screen displayed by user terminal 120)
FIG. 10 is a diagram showing an example of a menu screen displayed by the user terminal according to the present embodiment. The menu screen 1000 shown in FIG. 10 is provided with a service selection button 1001 corresponding to each service prepared by the card company as a service for card members. In the present embodiment, the card company provides a service for card members, such as registration of an image for authentication, inquiry of usage details, and inquiry of available amount. Therefore, as the service selection button 1001, the service selection button 1001a corresponding to the registration of the authentication image, the service selection button 1001b corresponding to the inquiry of the usage details, the service selection button 1001c corresponding to the inquiry of the available amount, and the like are provided. Has been done.

Therefore, when the user wants to register the authentication image, he / she may press the service selection button 1001a. When the service selection button 1001a is pressed, the user terminal 120 first displays the category selection screen 900 shown in FIG. 9, and accepts the user to select the category of the authentication image to be registered. After that, the user terminal 120 displays the shooting screen 800 shown in FIG. 8 and causes the user terminal 120 to shoot the authentication image to be registered. Then, the user terminal 120 transmits an authentication image registration request including image data representing the selected category and the captured image to the card company server 110 to register the authentication image data and the category.

Further, when registering the authentication image, the user terminal 120 causes the user to perform a plurality of shootings, and transmits an authentication image registration request including the plurality of image data obtained by these shootings to the card company server 110. You may do so. In this case, the card company server 110, for example, analyzes the image represented by each image data of the authentication image registration request, and acquires information indicating these feature points. Then, the card company server 110 can improve the detection accuracy of the authentication image by detecting the authentication image using the information indicating the feature points acquired in this way.

On the other hand, when the user wants to inquire the usage details of his / her credit card, he / she may press the service selection button 1001b. When the service selection button 1001b is pressed, the user terminal 120 accesses the user's credit card usage statement inquiry website provided on the card company server 110 and displays the website. Further, when the user wants to inquire about the available amount of his / her credit card, he / she may press the service selection button 1001c. When the service selection button 1001c is pressed, the user terminal 120 accesses the website for inquiring the available amount of the user's credit card provided on the card company server 110, and displays the website.

Further, for example, by providing a button corresponding to the registration of biometric authentication as the service selection button 1001, the user can register the biometric information such as his / her fingerprint and iris in the card company server 110 by using the service for card members. You may do so. In this case, the user terminal 120 is provided with, for example, a fingerprint sensor, activates the fingerprint sensor when the button corresponding to the registration of biometric authentication is pressed, and acquires the fingerprint information of the user by the fingerprint sensor. Then, the user terminal 120 transmits the acquired fingerprint information to the card company server 110. Further, in this case, the user terminal 120 activates the camera when the button corresponding to the registration of biometric authentication is pressed, and transmits information indicating the user's iris photographed by the camera to the card company server 110. You may.

By doing so, the user can register biometric information such as his / her fingerprint and iris in the card company server 110 by using the service for card members. Further, when the biometric information of the user is registered, the card company server 110 can be authenticated by the biometric information registered in the card company server 110 when the user subsequently uses the service for card members. You may.

In this way, when the user is logged in to the service for card members (the service for card members is available), a new image can be used for the next and subsequent services for card members. It may be registered as an authentication image for this purpose. At this time, not only the authentication image (for example, the user's belongings) but also biometric information such as the user's fingerprint and iris may be registered.

(Example of authentication failure notification screen displayed by user terminal 120)
FIG. 11 is a diagram showing an example of an authentication failure notification screen displayed by the user terminal according to the present embodiment. On the authentication failure notification screen 1100 shown in FIG. 11, a message indicating that the authentication has failed (“Authentication failed” in the illustrated example) is displayed. Further, on the authentication failure notification screen 1100, a message asking the user whether or not to be authenticated by the third authentication method (in the illustrated example, "Do you want to authenticate by selecting an authentication image?") Is displayed. .. Then, on the authentication failure notification screen 1100, a "Yes" button 1101 for selecting to receive the authentication by the third authentication method and a "No" button for selecting not to receive the authentication by the third authentication method are displayed. 1102 is provided.

Therefore, when the user wants to be authenticated by the third authentication method, the user may press the "Yes" button 1101. When the "Yes" button 1101 is pressed, the user terminal 120 transmits a third authentication request indicating that the user is authenticated by the third authentication method to the card company server 110. Then, the user terminal 120 displays the authentication image selection screen shown in FIG. 12 when the third authentication data is received from the card company server 110 by transmitting the third authentication request.

On the other hand, when the user is not authenticated by the third authentication method, the user may press the "No" button 1102. When the "No" button 1102 is pressed, the user terminal 120 does not send the third authentication request to the card company server 110. In this case, the user terminal 120 does not display the authentication image selection screen shown in FIG.

(Example of authentication image selection screen displayed by user terminal 120)
FIG. 12 is a diagram showing an example of an authentication image selection screen displayed by the user terminal of the present embodiment. The authentication image selection screen 1200 is provided with an image selection button 1201 corresponding to an image represented by each of the authentication image data and the dummy image data included in the third authentication data received by the user terminal 120 from the card company server 110. Be done.

In the example shown in FIG. 12, the user may press the image selection button 1201a of the image selection buttons 1201 if he / she wants to select the image at the left end of the uppermost row as the authentication image. Further, for example, if the user wants to select the image in the center of the uppermost row as the image for authentication, the user may press the image selection button 1201b of the image selection buttons 1201. Then, for example, if the user wants to select the image at the right end of the uppermost row as the authentication image, the user may press the image selection button 1201c among the image selection buttons 1201.

When any one of the image selection buttons 1201 is pressed, the user terminal 120 transmits selected image information indicating the selected image to the card company server 110. Then, the user terminal 120 displays the menu screen 1000 shown in FIG. 10 when the authentication success information is received from the card company server 110 by transmitting the selected image information.

On the other hand, when the user terminal 120 receives the authentication failure information from the card company server 110, the user terminal 120 displays the authentication failure notification screen 1100 shown in FIG. Further, on the authentication failure notification screen 1100 in this case, a message indicating that the authentication has failed is displayed, while a message asking the user whether to receive the authentication by the third authentication method, the "Yes" button 1101 or "No". The button 1102 and the like may not be displayed.

(Example of processing performed by the user terminal 120)
Next, an example of the processing performed by the user terminal 120 will be described. FIG. 13 is a flowchart showing an example of the authentication request transmission process performed by the user terminal of the present embodiment. When the user terminal 120 starts the cardholder application and displays the start screen 700, for example, the user terminal 120 performs the process shown in FIG.

In FIG. 13, the user terminal 120 determines whether or not the first login camera button 704 is pressed (step S1301). When it is determined that the first login camera button 704 is pressed (step S1301: Yes), the user terminal 120 activates the camera of the user terminal 120 (step S1302) and displays the shooting screen 800 (step S1303).

Then, the user terminal 120 determines whether or not the shutter button 802 has been pressed (step S1304). When it is determined that the shutter button 802 is not pressed (step S1304: No), the user terminal 120 waits until the shutter button 802 is pressed.

When it is determined that the shutter button 802 is pressed (step S1304: Yes), the user terminal 120 stores the image data of the image 801 being imaged (step S1305). Further, the user terminal 120 acquires, for example, the terminal specific information of the own terminal by referring to the setting information stored in the user terminal 120 (step S1306).

Then, the user terminal 120 transmits an authentication request including the image data stored in the process of step S1305 and the terminal identification information acquired in the process of step S1306 to the card company server 110 (step S1307), and FIG. 13 shows. The processing shown is finished. Further, when the first login camera button 704 is pressed, the user terminal 120 transmits, for example, in step S1307, a first authentication request indicating that the user is authenticated by the first authentication method to the card company server 110.

Further, when it is determined that the first login camera button 704 is not pressed (step S1301: No), the user terminal 120 determines whether or not the second login camera button 705 is pressed (step S1308). When it is determined that the second login camera button 705 is pressed (step S1308: Yes), the user terminal 120 displays the category selection screen 900 (step S1309).

Then, the user terminal 120 determines whether or not the category has been selected by pressing any of the category selection buttons 901 (step S1310). If it is determined that the category is not selected (step S1310: No), the user terminal 120 waits until the category is selected. When it is determined that the category is selected (step S1310: Yes), the user terminal 120 shifts to the process of step S1302.

In the process of step S1307 performed by pressing the second login camera button 705, the user terminal 120 transmits an authentication request including information indicating a category for which selection has been accepted by the process of step S1310 to the card company server 110. To do. Further, when the second login camera button 705 is pressed, the user terminal 120 transmits, for example, in step S1307, a second authentication request indicating that the user is authenticated by the second authentication method to the card company server 110.

Further, when it is determined that the second login camera button 705 is not pressed (step S1308: No), the user terminal 120 determines whether or not the login button 703 is pressed (step S1311). When it is determined that the login button 703 is not pressed (step S1311: No), the user terminal 120 proceeds to the process of step S1301.

If it is determined that the login button 703 has been pressed (step S1311: Yes), the user terminal 120 proceeds to the process of step S1306. In the process of step S1307 performed by pressing the login button 703, the user terminal 120 transmits an authentication request including the input contents to the user ID input box 701 and the password input box 702 to the card company server 110.

FIG. 14 is a flowchart showing an example of authentication success / failure information reception processing performed by the user terminal of the present embodiment. When the user terminal 120 transmits an authentication request by the process of step S1307, for example, the user terminal 120 performs the process shown in FIG.

In FIG. 14, the user terminal 120 determines whether or not the authentication success information has been received from the card company server 110 (step S1401). When it is determined that the authentication success information has been received from the card company server 110 (step S1401: Yes), the user terminal 120 displays the menu screen 1000 (step S1402).

Then, the user terminal 120 determines whether or not the selection button (service selection button 1001a) corresponding to the registration of the authentication image is pressed (step S1403). When it is determined that the selection button corresponding to the registration of the authentication image is not pressed (step S1403: No), the user terminal 120 ends the process shown in FIG.

When it is determined that the selection button corresponding to the registration of the authentication image is pressed (step S1403: Yes), the user terminal 120 displays the category selection screen 900 (step S1404). Then, the user terminal 120 determines whether or not the category has been selected by pressing any of the category selection buttons 901 (step S1405).

If it is determined that the category is not selected (step S1405: No), the user terminal 120 waits until the category is selected. When it is determined that the category is selected (step S1405: Yes), the user terminal 120 activates the camera of the user terminal 120 (step S1406) and displays the shooting screen 800 (step S1407).

Then, the user terminal 120 determines whether or not the shutter button 802 is pressed (step S1408). When it is determined that the shutter button 802 is not pressed (step S1408: No), the user terminal 120 waits until the shutter button 802 is pressed.

When it is determined that the shutter button 802 is pressed (step S1408: Yes), the user terminal 120 stores the image data of the image 801 being imaged (step S1409), and stores the terminal specific information set for the user terminal 120. Acquire (step S1410). Then, the user terminal 120 transmits an authentication image registration request including the image data stored in the process of step S1305 and the terminal specific information acquired in the process of step S1306 to the card company server 110 (step S1411). The process shown in FIG. 14 is terminated.

If it is determined that the authentication success information has not been received (step S1401: No), the user terminal 120 determines whether or not the authentication failure information has been received (step S1412). When it is determined that the authentication failure information has not been received (step S1412: No), the user terminal 120 proceeds to the process of step S1401. When it is determined that the authentication failure information has been received (step S1412: Yes), the user terminal 120 displays the authentication failure notification screen 1100 (step S1413).

Then, the user terminal 120 determines whether or not to receive the authentication by the third authentication method (step S1414). In the process of step S1414, the user terminal 120 makes an affirmative determination when the "Yes" button 1101 is pressed, and makes a negative determination when the "No" button 1102 is pressed. When it is determined that the authentication by the third authentication method is not received (step S1414: No), the user terminal 120 ends the process shown in FIG.

When it is determined that the authentication by the third authentication method is received (step S1414: Yes), the user terminal 120 transmits the third authentication request to the card company server 110 (step S1415). Then, the user terminal 120 determines whether or not the third authentication data has been received from the card company server 110 (step S1416).

When it is determined that the third authentication data has not been received (step S1416: No), the user terminal 120 waits until the third authentication data is received. When it is determined that the third authentication data has been received (step S1416: Yes), the user terminal 120 displays the authentication image selection screen 1200 (step S1417).

Then, the user terminal 120 determines whether or not an image has been selected by pressing any of the image selection buttons 1201 (step S1418). When it is determined that the image is not selected (step S1418: No), the user terminal 120 waits until the image is selected. When it is determined that the image is selected (step S1418: Yes), the user terminal 120 transmits the selected image information indicating the selected image to the card company server 110 (step S1419), and ends the process shown in FIG. To do. Although not shown, when the user terminal 120 receives the authentication success information by transmitting the selected image information by the process of step S1419, the user terminal 120 displays the menu screen 1000 in the same manner as the process of step S1402.

(Example of processing performed by the card company server 110)
Next, an example of the processing performed by the card company server 110 will be described. FIG. 15A is a flowchart (No. 1) showing an example of the authentication process performed by the card company server of the present embodiment. FIG. 15B is a flowchart (No. 2) showing an example of the authentication process performed by the card company server of the present embodiment. FIG. 15C is a flowchart (No. 3) showing an example of the authentication process performed by the card company server of the present embodiment.

The card company server 110 determines whether or not the third authentication request has been received from the user terminal 120 (step S1501). When it is determined that the third authentication request has not been received (step S1501: No), the card company server 110 determines whether or not an authentication request other than the third authentication request has been received from the user terminal 120 (step S1502). ). When it is determined that no authentication request other than the third authentication request has been received (step S1502: No), the card company server 110 proceeds to the process of step S1501.

When it is determined that an authentication request other than the third authentication request has been received (step S1502: Yes), the card company server 110 responds to the received authentication request with the user ID and password (that is, the user ID input box 701 and the password input box 702). It is determined whether or not the information (contents input to) is included (step S1503).

When it is determined that the authentication request includes the user ID and password information (step S1503: Yes), the card company server 110 uses the user ID and password as a search key to obtain the card member information from the card member information DB 500. Search (step S1504). In the process of step S1504, the card company server 110 searches for cardholder information including information on the user ID and password that matches the user ID and password used as the search key.

Then, the card company server 110 determines whether or not the card member information has been searched (step S1505). When it is determined that the cardholder information has been searched (step S1505: Yes), the card company server 110 transmits the authentication success information to the user terminal 120 (step S1506), and ends the processes shown in FIGS. 15A to 15C. .. As a result, the user can register the authentication image by, for example, receiving authentication using the user ID and password and using the service for card members.

On the other hand, when it is determined that the cardholder information has not been searched (step S1505: No), the card company server 110 transmits the authentication failure information to the user terminal 120 (step S1507), and the processes shown in FIGS. 15A to 15C. To finish.

If it is determined that the authentication request does not include the user ID and password information (step S1503: No), the card company server 110 performs an image analysis process for image analysis of the received image data of the authentication request (step S1503: No). Step S1508). In the process of step S1508, the card company server 110 performs image analysis for detecting the credit card image or the ID card image, for example, using a pattern that is a condition for detecting the credit card image or the ID card image.

Further, in the process of step S1508, the card company server 110 performs image analysis to detect the collation target image when, for example, the credit card image or the identification card image cannot be detected. When detecting the collation target image, the card company server 110 detects, for example, an image of a specific portion (for example, a central portion) of the images represented by the received image data of the authentication request. Further, when the received authentication request contains information indicating the category, as described above, the card company server 110 detects the received authentication request as an image of the category based on the information indicating the category. May be used to perform image processing to detect the collation target image.

Next, the card company server 110 determines whether or not the image represented by the image data of the received authentication request includes the credit card image and the identification card image (step S1509).

When it is determined that the credit card image and the identification card image are included (step S1509: Yes), the card company server 110 reads the card number and the expiration date from the received authentication request credit card image (step S1510). , The card member information is searched from the card member information DB 500 using the read card number and the expiration date as the search key (step S1511). In the process of step S1511, the card company server 110 searches for cardholder information including the card number used as the search key, the card number matching the expiration date, and the expiration date information.

Further, in the process of step S1510, the card company server 110 may further read the name from the credit card image represented by the image data of the received authentication request. Then, in this case, in the process of step S1511, the card company server 110 may search the card member information from the card member information DB 500 using the read card number, expiration date, and name as search keys.

Next, the card company server 110 determines whether or not the cardholder information has been searched (step S1512). If it is determined that the cardholder information has not been searched (step S1512: No), the card company server 110 proceeds to the process of step S1507. On the other hand, when it is determined that the cardholder information has been searched (step S1512: Yes), the card company server 110 acquires the identification data of the searched cardholder information (step S1513). Then, the card company server 110 collates the ID card image represented by the received authentication request image data with the ID card image represented by the acquired ID card data (step S1514), and these are the same ID card. (Step S1515).

If it is determined that the identification cards are the same (step S1515: Yes), the card company server 110 proceeds to the process of step S1506. If it is determined that the identification cards are not the same (step S1515: No), the card company server 110 proceeds to the process of step S1507.

Further, when the card company server 110 determines that the credit card image and the identification card image are not included in the process of step S1509 (step S1509: No), the card company server 110 proceeds to the process of step S1516 shown in FIG. 15B. The cardholder information is searched from the cardholder information DB 500 using the terminal specific information of the received authentication request as a search key (step S1516). In the process of step S1516, the card company server 110 searches for the cardholder information including the terminal specific information that matches the terminal specific information used as the search key.

Next, the card company server 110 determines whether or not the cardholder information has been searched (step S1517). If it is determined that the cardholder information has not been searched (step S1517: No), the card company server 110 proceeds to the process of step S1507. On the other hand, when it is determined that the cardholder information has been searched (step S1517: Yes), the card company server 110 acquires the authentication image data of the searched cardholder information (step S1518). Then, the card company server 110 collates the image represented by the received image data of the authentication request with the authentication image represented by the acquired authentication image data (step S1519), and these images the same subject. (Step S1520).

If it is determined that the subjects are the same (step S1520: Yes), the card company server 110 proceeds to the process of step S1506. If it is determined that the subjects are not the same (step S1520: No), the card company server 110 proceeds to the process of step S1507.

Further, when the card company server 110 determines that the third authentication request has been received by the process of step S1501 (step S1501: Yes), the card company server 110 proceeds to the process of step S1521 shown in FIG. 15C, which is the same as the process of step S1516. In addition, the cardholder information is searched from the cardholder information DB 500 using the terminal specific information of the received authentication request as a search key (step S1521).

Next, the card company server 110 determines whether or not the cardholder information has been searched (step S1522). If it is determined that the cardholder information has not been searched (step S1522: No), the card company server 110 proceeds to the process of step S1507. On the other hand, when it is determined that the cardholder information has been searched (step S1522: Yes), the card company server 110 acquires the authentication image data of the searched cardholder information (step S1523), and subsequently obtains dummy image data. Acquire (step S1524).

Then, the card company server 110 transmits the third authentication data including the acquired authentication image data and the dummy image data to the user terminal 120 (step S1525), and whether or not the selected image information is received from the user terminal 120. (Step S1526). If it is determined that the selected image information has not been received (step S1526: No), the card company server 110 waits until the selected image information is received. When it is determined that the selected image information has been received (step S1526: Yes), the card company server 110 determines whether or not the authentication image has been selected based on the received selected image information (step S1527).

When it is determined that the authentication image is selected (step S1527: Yes), the card company server 110 proceeds to the process of step S1506. If it is determined that the authentication image has not been selected (step S1527: No), the card company server 110 proceeds to the process of step S1507.

As described above, according to the card company server 110, a user who has the right to receive the service for card members provided by the card company can easily use the service, and the service for card members by the user can be easily used. Usage can be promoted.

In the present embodiment, the case where the information processing apparatus according to the present invention is applied to the card company server 110 of the card company has been described, but the present invention is not limited to this. For example, if it is possible to share various information between different industries using the API (Application Processing Interface) of a credit card, the server of a company other than the card company (for example, a bank server or an insurance company). The information processing apparatus according to the present invention can also be realized by the server).

Further, in the present embodiment, an example in which the service provider is a card company has been described, but the present invention is not limited to this. The service provider may be a business operator (for example, a company) that provides services for users who have been registered as members in advance. Further, in the present embodiment, an example in which a card company that is a service provider issues a credit card equivalent to a membership card has been described, but the service provider does not have to issue a membership card. Even in this case, the user can register the authentication image by using the service by the service provider by receiving the authentication using the user ID or password, for example. It is possible to receive authentication by the second authentication method or the third authentication method using.

Further, the authentication method described in the present embodiment can be realized by executing a program prepared in advance on a computer such as a personal computer or a workstation. This certification program can be used on computer-readable storage media such as hard disks, flexible disks, CD (Compact Disk) -ROM, MO (Magnet-Optical disk), DVD (Digital Versaille Disk), and USB (Universal Serial Bus) memory. It is stored and executed by being read from the storage medium by a computer. In addition, this authentication program may be distributed via a network such as the Internet.

As described above, according to the present invention, a user who has the right to receive the service can easily use the service.

The following additional notes are further disclosed with respect to the above-described embodiment.

(Appendix 1) To the first computer equipped with an imaging device,
A start instruction button for receiving an operation for instructing the start of the image pickup device is provided to display a display screen for receiving input of information related to an authentication request.
When the operation for the activation instruction button is received, the imaging device is activated, the image data captured by the imaging device is acquired, and the image data is acquired.
The authentication request including the acquired image data is transmitted to a second computer that performs authentication based on the authentication request.
A control program characterized by executing processing.

As described above, the authentication program, the authentication method and the information processing device according to the present invention are useful for the authentication program, the authentication method and the information processing device that make it easy for the user to use the service provided by the service provider. In particular, it is suitable for authentication programs, authentication methods, and information processing devices that make it easy for users who have the right to use the service to use the service provided by the service provider only for a specific user. There is.

100 Service usage support system 110 Card company server 111 Storage unit 120 User terminal 130 Network

Claims (3)

In the first computer equipped with an image pickup device,
A start instruction button for receiving an operation for instructing the start of the image pickup device is provided to display a display screen for receiving input of information related to an authentication request.
When the operation for the activation instruction button is received, the imaging device is activated, the image data captured by the imaging device is acquired, and the image data is acquired.
The authentication request including the acquired image data is transmitted to a second computer that performs authentication based on the authentication request.
An authentication program characterized by executing processing. The first computer equipped with the image pickup device
A start instruction button for receiving an operation for instructing the start of the image pickup device is provided to display a display screen for receiving input of information related to an authentication request.
When the operation for the activation instruction button is received, the imaging device is activated, the image data captured by the imaging device is acquired, and the image data is acquired.
The authentication request including the acquired image data is transmitted to a second computer that performs authentication based on the authentication request.
An authentication method characterized by performing processing. Imaging device and
A start instruction button for receiving an operation for instructing the start of the image pickup device is provided to display a display screen for receiving input of information related to an authentication request.
When the operation for the activation instruction button is received, the imaging device is activated, the image data captured by the imaging device is acquired, and the image data is acquired.
A control unit that transmits the authentication request including the acquired image data to a computer that performs authentication based on the authentication request.
An information processing device characterized by being equipped with.

Images