JP2021140622A - Authentication method, information processing device, and authentication program - Google Patents

Abstract

To reduce the load of authentication processing in biometric authentication using a plurality of lists which respectively include identification information on a plurality of registrants.SOLUTION: A computer classifies each of a plurality of lists which respectively include pieces of identification information on a plurality of registrants into any group of a plurality of groups. The computer acquires biometric information on an authentication object person. The computer selects any list as a first comparison object list, from among one or more lists included in a first group of the plurality of groups. The computer performs authentication to the authentication object person on the basis of a first comparison result obtained by comparing registration biometric information associated with each of the pieces of identification information on a plurality of registrants included in the first comparison object list with the biometric information on the authentication object person.SELECTED DRAWING: Figure 5

Description

The present invention relates to an authentication method, an information processing device, and an authentication program.

Biometric authentication is a technique for verifying an identity using biometric features such as fingerprints, palm prints, and veins. In biometric authentication, the biometric features acquired from the person to be authenticated are compared (verified) with the biometric features registered in advance in the registration template, and based on the comparison result indicating whether or not the biometric features match. Authentication is performed for the person to be authenticated. The biological features registered in the registration template are sometimes called registered biological information.

In relation to biometric authentication, an authentication system using face authentication data extracted from a person's face image and vein authentication data extracted from a vein image is known (see, for example, Patent Document 1).

JP-A-2019-128880

In the multi-biometric authentication system that uses both the face image and the vein image of the palm, the registrants to be the target of vein authentication are narrowed down by using the feature amount of the face image of the authentication target person, and the narrowing list is generated. However, in an environment in which a plurality of users are simultaneously photographed by a plurality of cameras, a large number of narrowed-down lists in which the users are not specified are generated, which increases the load of vein authentication based on the vein image of the palm.

It should be noted that such a problem occurs not only in the multi-biometric authentication system in which the face image and the vein image of the palm are used together, but also in the multi-biometric authentication system in which the face image and other biometric information are used in combination. Further, such a problem occurs not only when the target person is narrowed down by using the feature amount of the face image but also when the target person is narrowed down by using another feature amount.

In one aspect, the present invention aims to reduce the load of authentication processing in biometric authentication using a plurality of lists including identification information of a plurality of registrants.

In one proposal, the computer classifies each of the plurality of lists, each containing the identification information of the plurality of registrants, into one of the plurality of groups. The computer acquires the biometric information of the person to be authenticated. The computer selects any list as the first comparison target list from one or more lists included in the first group among the plurality of groups. The computer uses the authentication target person based on the first comparison result of comparing the registered biometric information associated with each of the identification information of the plurality of registrants included in the first comparison target list with the biometric information of the authentication target person. Authenticate against.

According to one aspect, in biometric authentication using a plurality of lists including identification information of a plurality of registrants, the load of the authentication process can be reduced.

It is a figure which shows the multi-biometric authentication system. It is a figure which shows the narrowing list. It is a figure which shows the store to which a multi-biometric authentication system is applied. It is a functional block diagram of an information processing apparatus. It is a flowchart of biometric authentication processing. It is a functional block diagram of a biometric authentication system. It is a figure which shows the narrowing list which is not classified into a group. It is a figure which shows the group list. It is a figure which shows the classification process. It is a flowchart of the classification process performed by the server. It is a flowchart of the feature amount comparison process performed by a server. It is a flowchart of biometric authentication processing performed by a server. It is a functional block diagram of a biometric authentication system in which a client terminal determines a classification destination. It is a figure which shows the group information. It is a hardware block diagram of an information processing apparatus.

Hereinafter, embodiments will be described in detail with reference to the drawings.

Recently, biometric authentication is used for various purposes such as cashless payment in stores, ATMs (Automated Teller Machines) in banks, entry / exit management, and immigration inspection at airports.

FIG. 1 shows an example of a multi-biometric authentication system that uses both a face image and a vein image of the palm. The multi-biometric authentication system of FIG. 1 includes a client terminal 101, a server 102, a camera 103, and a vein sensor 104. The client terminal 101 includes a face information control unit 111, a display unit 112, and a vein information control unit 113. The server 102 includes a list generation unit 121, an authentication unit 122, a face library 123, a face DB (database) 124, a vein DB 125, and a vein library 126.

The face DB 124 is a database including identification information of a plurality of users who are registrants and registered feature amounts. The registered feature amount is extracted from the user's face image and registered in the face DB 124 in association with the user's identification information. The vein DB 125 is a database including identification information of a plurality of users who are registrants and registered vein data. The registered vein data is extracted from the vein image of the palm of the user and registered in the vein DB 125 in association with the user's identification information.

The face library 123 is a library for comparing the feature amount of the face image of the user 105 who is the authentication target with the registered feature amount registered in the face DB 124. The vein library 126 is a library for comparing the vein data of the palm of the user 105 with the registered vein data registered in the vein DB 125. In the multi-biometric authentication system of FIG. 1, vein authentication for the user 105 is performed by the following procedure.

(P1) The camera 103 photographs the face of the user 105 and outputs the face image to the client terminal 101.

(P2) The face information control unit 111 of the client terminal 101 extracts a feature amount from the face image of the user 105, and the client terminal 101 transmits the extracted feature amount to the server 102.

(P3) The list generation unit 121 of the server 102 uses the face library 123 to compare the feature amount of the face image of the user 105 with the registered feature amount registered in the face DB 124, thereby making the target of vein authentication. The registrants are narrowed down, and the narrowing list 131 is generated. Then, the list generation unit 121 outputs the narrowing list 131 to the authentication unit 122.

FIG. 2 shows an example of the narrowing list 131. In the narrowing list 131 of FIG. 2, UserId represents the identification information of the user registered in the face DB 124 and the vein DB 125. The narrowing list 131 of FIG. 2 includes "User_001" to "User_nnnn" as identification information. The number of identification information included in the narrowing list 131 is, for example, 1/100 to 1/1000 of the total number of registrants.

(P4) The vein sensor 104 photographs the palm of the user 105 and outputs a vein image to the client terminal 101.

(P5) The vein information control unit 113 of the client terminal 101 extracts vein data from the vein image of the palm of the user 105, and the client terminal 101 transmits the extracted vein data to the server 102.

(P6) The authentication unit 122 of the server 102 acquires the registered vein data associated with the identification information included in the narrowing list 131 from the vein DB 125. Then, the authentication unit 122 performs vein authentication for the user 105 by comparing the vein data of the user 105 with the registered vein data acquired from the vein DB 125 using the vein library 126.

(P7) The server 102 transmits the authentication result of the vein authentication for the user 105 to the client terminal 101. The authentication result includes, for example, registrant identification information corresponding to the vein data of user 105.

(P8) The vein information control unit 113 of the client terminal 101 outputs the authentication result to the display unit 112, and the display unit 112 displays the authentication result on the screen.

According to such a multi-biometric authentication system, it is possible to narrow down the registrants to be subject to vein authentication for the user 105. Therefore, the processing time of vein authentication can be shortened as compared with the case where all registrants are subject to vein authentication. However, the process of acquiring the registered vein data corresponding to the identification information of the narrowing list 131 from the vein DB 125 still takes a long time.

FIG. 3 shows an example of a store to which the multi-biometric authentication system of FIG. 2 is applied. The store shown in FIG. 3 is, for example, a convenience store, and the store is provided with a drink corner 201, a food corner 202, a book corner 203, shelves 204-1 to shelves 204-4, and a counter 205. A cache register 207-1 and a cache register 207.2 are installed on the counter 205.

The cameras 211-1 to 211-5 are installed on the ceiling of the store, the vein sensor 212-1 is installed near the cash register 207-1, and the vein sensor 212-2 is installed near the cash register 207.2. Will be installed in.

Beverages are displayed in the drink corner 201, food is displayed in the food corner 202, and books are displayed in the book corner 203. Products are also displayed on shelves 204-1 to 204-4. Users 213-1 to 213-6, who are customers of the store, enter the store from the entrance 206, pick up the products in the store, move to the counter 205, and settle the purchased products by cashless payment or the like. ..

In this case, the client terminal 101 of FIG. 2 is installed inside the store, and the server 102 is installed outside the store. The client terminal 101 and the server 102 communicate with each other via a communication network. Cameras 211-11 to Cameras 211-5 photograph users 213-1 to 213-6 who are shopping, and output the captured images to the client terminal 101. The vein sensor 212-1 and the vein sensor 212-2 photograph the palms of the users 213-1 to 213-6 and output the vein image to the client terminal 101.

According to such a multi-biometric authentication system, the narrowing list 131 can be generated by using the feature amount of the face image of the user 213-1 before the user 213-1 moves to the counter 205. Further, since the process of acquiring the registered vein data corresponding to the identification information of the narrowing list 131 from the vein DB 125 can be completed in advance, the authentication time experienced by the user 213-1 at the time of payment can be shortened.

However, when a plurality of users are simultaneously photographed by a plurality of cameras installed in the store, a large number of narrowing list 131s in which the users are not specified are accumulated in the server 102 in chronological order. Since it is not known which narrowing list 131 contains the identification information of the user 213-1, when performing vein authentication for the user 213-1 using the vein sensor 212-1, referring to a large number of narrowing lists 131 in order. , Vein data comparison is repeated. Therefore, it takes a long time for the authentication to succeed based on the narrowing list 131 including the identification information of the user 213-1.

FIG. 4 shows an example of a functional configuration of the information processing device (computer) of the embodiment. The information processing device 401 of FIG. 4 includes a classification unit 411, an acquisition unit 412, a selection unit 413, and an authentication unit 414.

FIG. 5 is a flowchart showing an example of biometric authentication processing performed by the information processing device 401 of FIG. First, the classification unit 411 classifies each of the plurality of lists including the identification information of the plurality of registrants into one of the plurality of groups (step 501).

Next, the acquisition unit 412 acquires the biometric information of the person to be authenticated (step 502). Next, the selection unit 413 selects any list as the first comparison target list from one or a plurality of lists included in the first group among the plurality of groups (step 503). Then, the authentication unit 414 is based on the first comparison result of comparing the registered biometric information associated with each of the identification information of the plurality of registrants included in the first comparison target list with the biometric information of the authentication target person. , Authenticate the person to be authenticated (step 504).

According to the information processing device 401 of FIG. 4, the load of the authentication process can be reduced in the biometric authentication using a plurality of lists including the identification information of the plurality of registrants.

FIG. 6 shows a functional configuration example of the biometric authentication system including the information processing device 401 of FIG. The biometric authentication system of FIG. 6 includes a client terminal 601, an image pickup device 602, a biometric sensor 603, a communication network 604, and a server 605.

The biometric authentication system of FIG. 6 may be, for example, a system included in a store payment system, a financial institution's financial processing system, an entry / exit management system, or an airport immigration inspection system. In the case of a store payment system, the imaging device 602 is installed on the ceiling or wall of the store, and the biosensor 603 is installed near the cash register.

The client terminal 601 is an information processing device that acquires a video and a biological image of a person to be authenticated, and is a video acquisition unit 611, a biological image acquisition unit 612, a face information control unit 613, a biological information control unit 614, a storage unit 615, and communication. A unit 616 and an output unit 617 are included.

The server 605 corresponds to the information processing device 401 of FIG. 4, and includes a face recognition unit 621, a generation unit 622, a selection unit 623, a biometric authentication unit 624, a communication unit 625, and a storage unit 626. The generation unit 622, the communication unit 616, the selection unit 623, and the biometric authentication unit 624 correspond to the classification unit 411, the acquisition unit 412, the selection unit 413, and the authentication unit 414 in FIG. 4, respectively.

The communication unit 616 of the client terminal 601 and the communication unit 625 of the server 605 can communicate with each other via the communication network 604. The communication network 604 is, for example, a LAN (Local Area Network) or a WAN (Wide Area Network).

The image pickup device 602 is a camera having an image pickup element such as a CCD (Charge-Coupled Device) or a CMOS (Complementary Metal-Oxide-Semiconductor), and captures an image of a person to be authenticated. The image captured by the image pickup apparatus 602 includes a plurality of consecutive images in time series. The image at each time is sometimes called a frame. The image pickup apparatus 602 outputs the captured image to the client terminal 601.

The biological sensor 603 is, for example, a vein sensor, a fingerprint sensor, an image sensor (camera), or the like, and photographs a living body such as a palm or a finger to acquire a biological image such as a vein image, a fingerprint image, or a palm print image. For example, when the biosensor 603 is a vein sensor, the biosensor 603 irradiates the palm with near infrared rays or the like to photograph blood vessels or the like inside the hand. The biological sensor 603 outputs the acquired biological image to the client terminal 601.

In the case of a store payment system, the image pickup device 602 captures an image of a customer who is shopping in the store. Then, when the customer clears the purchased product, the biosensor 603 acquires the bioimage of the customer as the bioimage of the person to be authenticated.

First, the image acquisition unit 611 of the client terminal 601 acquires an image from the image pickup device 602 and stores it in the storage unit 615. The face information control unit 613 performs face recognition for each image included in the video, and extracts a face image showing the face. Then, the face information control unit 613 extracts the feature amount of the face image from the extracted face image.

As the feature amount of the face image, for example, HAAR-Like feature amount, HOG (Histograms of Oriented Gradients) feature amount, SIFT (Scaled Invariance Feature Transform) feature amount, SURF (Speeded-Up Robust Features) feature amount, etc. should be used. Can be done. The feature amount of the face image may be a feature amount generated by a CNN (Convolutional Neural Network). The data format of the feature quantity is, for example, a multidimensional vector.

Next, the communication unit 616 transmits the feature amount of the face image to the server 605. The communication unit 625 of the server 605 receives the feature amount of the face image from the client terminal 601.

The storage unit 626 stores the face DB 631, the living body DB 632, the face library 633, and the living body library 634. The face DB 631 is a database including identification information of a plurality of users who are registrants and registered feature amounts. The registered feature amount is extracted from the user's face image and registered in the face DB 631 in association with the user's identification information. The biological DB 632 is a database containing identification information and registered biological information of a plurality of users who are registrants. The registered biological information is extracted from the biological image of the user and registered in the biological DB 632 in association with the user's identification information.

The face library 633 is a library for comparing the feature amount of the face image received from the client terminal 601 with the registered feature amount registered in the face DB 631. The biological library 634 is a library for comparing the biological information received from the client terminal 601 with the registered biological information registered in the biological DB 632.

The face recognition unit 621 performs face recognition processing using the feature amount of the face image received from the client terminal 601. In the face recognition process, the face recognition unit 621 calculates the degree of similarity between the feature amount of the face image received from the client terminal 601 and each registered feature amount included in the face DB631 by using the face library 633.

As the similarity between the two features, for example, a score calculated from the distance between the two multidimensional vectors can be used. In this case, the smaller the distance, the larger the score, and the larger the distance, the smaller the score. As the distance between the two multidimensional vectors, a Hamming distance, an Euclidean distance, a cosine distance, a Levenshtein distance, or the like can be used.

The generation unit 622 generates a narrowing list including the narrowed-down registrant identification information by narrowing down the registrants based on the similarity calculated by the face recognition unit 621. Then, the generation unit 622 generates the group list 635 by classifying each of the plurality of narrowing lists into one of the plurality of groups, and stores the group list 635 in the storage unit 626.

Next, the biological image acquisition unit 612 of the client terminal 601 acquires the biological image of the person to be authenticated from the biological sensor 603 and stores it in the storage unit 615. The biometric information control unit 614 extracts the biometric information from the biometric image of the authentication target person, and the communication unit 616 transmits the biometric information of the authentication target person to the server 605.

The communication unit 625 of the server 605 receives the biometric information from the client terminal 601. The selection unit 623 selects any group included in the group list 635, and selects one of the refined lists included in the selected group as the comparison target list.

The biometric authentication unit 624 acquires the registered biometric information corresponding to each identification information included in the comparison target list from the biometric DB 632, and compares the acquired registered biometric information with the received biometric information. Then, the biometric authentication unit 624 authenticates the authentication target person based on the comparison result, generates the authentication result 636, and stores it in the storage unit 626.

The biometric authentication unit 624 calculates, for example, the similarity between the received biometric information and each registered biometric information, and authenticates the identification information associated with the registered biometric information having a similarity greater than the threshold value T1. It is stored in the storage unit 626 as 636. As a result, the person to be authenticated is specified. The communication unit 625 transmits the authentication result 636 to the client terminal 601.

The communication unit 616 of the client terminal 601 receives the authentication result 636 from the server 605. The output unit 617 outputs the authentication result 636.

FIG. 7 shows an example of a refined list that is not grouped. When a large number of facial features are extracted from the image of the image pickup apparatus 602 and a large number of narrowing lists are generated, each narrowing list is selected in the order indicated by the arrows, and the authentication target person is based on the selected narrowing list. Is authenticated.

If the narrowing list 701 to the narrowing list 704 contains the identification information of the authentication target person and the other narrowing list does not include the identification information of the authentication target person, the authentication target is when the narrowing list 701 is selected. The person is identified and the authentication is successful. In this case, the authentication process based on the plurality of refined lists 711 selected before the refined list 701 is wasted. Therefore, the generation unit 622 classifies the narrowing list of FIG. 7 into a plurality of groups.

FIG. 8 shows an example of a group list 635 including the refined list of FIG. The tpUserID represents the identification information of the group, the feature amount represents the feature amount of the face image representing the group, and the narrowing list represents one or more narrowing lists included in the group.

In the group list 635 of FIG. 8, four groups of "tpUser_1" to "tpUser_4" are registered. For example, the feature amount of the group "tpUser_1" is "repFD1", and the group "tpUser_1" includes eight refined lists. Further, the feature amount of the group "tpUser_3" is "repFD3", and the group "tpUser_3" includes the narrowing list 701 to the narrowing list 704.

The generation unit 622 determines which group to classify each narrowing list based on the similarity between the plurality of narrowing lists of the feature amount associated with each narrowing list. As the feature amount associated with the narrowing list, the feature amount of the face image received from the client terminal 601 when the narrowing list is generated is used.

In this case, the narrowing list generated from each of the plurality of face images similar to each other is classified into the same group, and it is highly possible that the person appearing in those face images is the same user. In other words, by using the narrowed list included in each group for the authentication process, there is a high possibility that the authentication target person shown in the face image of the group is identified.

For example, the selection unit 623 selects groups one by one in the order indicated by the arrows, and selects a narrowing list as a comparison target list from the selected groups. Each time the comparison target list is selected, the biometric authentication unit 624 acquires the registered biometric information corresponding to each identification information included in the selected comparison target list, and the biometric information of the authentication target person and the registered biometric information are combined. Calculate the similarity between them.

The biometric authentication unit 624, for example, when the calculation of the similarity based on the first refined list of each of the four groups is completed, identifies the identification information having the maximum similarity among the identification information contained in the four refined lists. Identify the information. Then, when the similarity of the identified identification information is larger than the threshold value T1, the biometric authentication unit 624 identifies the identification information as the identification information of the authentication target person.

The biometrics unit 624 does not necessarily have to calculate the similarity using a narrowed list of all groups. When the similarity exceeding the threshold value T1 first appears in the middle of the similarity calculation, the biometric authentication unit 624 may specify the identification information having the similarity as the identification information of the authentication target person.

If the first refined list of any group does not contain any identification information whose similarity exceeds the threshold T1, the biometrics unit 624 will use the second refined list of each of the four groups to do the same. Repeat the process of. If the second refined list of any group does not contain identification information whose similarity exceeds the threshold T1, the biometric authentication unit 624 repeats the same process for the third and subsequent refined lists.

As described above, the narrowing list 701 to the narrowing list 704 of the group "tpUser_3" includes the identification information of the authentication target person. Therefore, when the narrowing list 701 is selected as the first narrowing list of the group "tpUser_3", the authentication target person is specified and the authentication succeeds.

In this case, the only wasteful authentication process is the authentication process based on the first narrowed list of the group "tpUser_1" and the group "tpUser_1". Therefore, useless authentication processing can be reduced and the load of authentication processing can be reduced as compared with the case of using a narrowing list that is not classified into groups. This speeds up the authentication process performed by the biometric authentication unit 624.

The number of groups included in the group list 635 may be 3 or less, or 5 or more.

Next, a specific example of the classification process for classifying the narrowed list will be described. The generation unit 622 calculates the degree of similarity between the feature amount of the face image received from the client terminal 601 and the feature amount of each group included in the group list 635. When the similarity with any existing group is larger than the threshold value T2, the generation unit 622 registers the narrowing list generated by using the feature amount of the received face image as the narrowing list of the group.

On the other hand, when the similarity to any group is equal to or less than the threshold value T2, the generation unit 622 adds a new group to the group list 635. Then, the generation unit 622 registers the feature amount of the received face image as the feature amount of the new group, and the narrowing list generated by using the feature amount of the received face image is used as the narrowing list of the new group. to register.

FIG. 9 shows an example of a classification process for classifying the narrowed list. In the classification process, the degree of similarity between the feature amount “FD” of the face image received from the client terminal 601 and each of the feature amounts “repFD1” to the feature amount “repFD3” included in the group list 635 is calculated.

FIG. 9A shows an example of a classification process for classifying a narrowed list into existing groups. In this example, the narrowing list 704 is generated using the feature amount “FD” of the received face image. When the similarity to the feature amount "repFD1" and the feature amount "repFD2" is equal to or less than the threshold value T2 and the similarity to the feature amount "repFD3" is larger than the threshold value T2, the narrowing list 704 is the narrowing list of the group "tpUser_3". It is added at the end.

FIG. 9B shows an example of a classification process for classifying the narrowed list into new groups. In this example, the narrowing list 901 is generated using the feature amount "FD" of the received face image. When the similarity to the feature amount "repFD1" to the feature amount "repFD3" is equal to or less than the threshold value T2, the narrowing list 901 is classified into a new group "tpUser_4", and the feature amount "FD" is the group "tpUser_4". It is registered as the feature amount "repFD4" of.

FIG. 10 is a flowchart showing an example of the classification process performed by the server 605 of FIG. First, the communication unit 625 receives the feature amount “FD” of the face image from the client terminal 601 (step 1001). Next, the generation unit 622 compares the received feature amount “FD” with the feature amount of each group included in the group list 635, and determines the classification destination of the narrowing list based on the feature amount “FD” (step). 1002).

Next, the generation unit 622 checks whether or not the determined classification destination is an existing group (step 1003). When the classification destination is an existing group (step 1003, YES), the generation unit 622 generates a narrowing list using the feature amount “FD”, and adds the generated narrowing list to the narrowing list of the group (step 1003, YES). Step 1004).

On the other hand, when the classification destination is a new group (step 1003, NO), the generation unit 622 adds a new group to the group list 635 (step 1005). Then, the generation unit 622 generates a narrowing list using the feature amount "FD", registers the feature amount "FD" as a feature amount of a new group, and uses the generated narrowing list as a narrowing list of a new group. Register (step 1004).

When the classification destination is an existing group, the existing narrowing list of the group may include registrants having a face similar to the feature amount “FD”. Therefore, the process of generating the narrowed list using the feature amount "FD" may be omitted. As a result, it is possible to suppress the addition of a similar refined list.

FIG. 11 is a flowchart showing an example of the feature amount comparison process in step 1002 of FIG. First, the generation unit 622 sets the flag F indicating the classification destination to false (step 1101). false indicates that the classification destination is a new group.

Next, the generation unit 622 performs the loop processing of steps 1102 to 1104 for each group included in the group list 635. First, the generation unit 622 calculates the similarity between the feature amount “FD” and the feature amount of the group (step 1102), and compares the similarity with the threshold value T2 (step 1103).

When the similarity is larger than the threshold value T2 (step 1103, YES), the generation unit 622 sets the truth in the flag F (step 1104). true indicates that the classification destination is an existing group. On the other hand, when the similarity is equal to or less than the threshold value T2 (step 1103, NO), the generation unit 622 does not change the value of the flag F.

Therefore, when the loop processing for all the groups is completed and the similarity is larger than the threshold value T2 for any one or more groups, F = true. On the other hand, when the similarity is equal to or less than the threshold value T2 for all the groups, F = false.

In step 1003 of FIG. 10, the generation unit 622 determines whether the classification destination is an existing group or a new group based on the value of the flag F. When the similarity is larger than the threshold value T2 for a plurality of groups, the existing group having the maximum similarity is determined as the classification destination group.

When the similarity is larger than the threshold value T2, the generation unit 622 may end the process immediately after setting the truth in the flag F. In this case, the existing group having the similarity is determined as the classification destination group.

FIG. 12 is a flowchart showing an example of biometric authentication processing performed by the server 605 of FIG.
First, the communication unit 625 receives the biometric information of the person to be authenticated from the client terminal 601 (step 1201).

Next, the server 605 performs the loop processing of steps 1202 to 1206 for each narrowing list included in the group list 635. The outer loop represents an iteration for each of the multiple refined lists contained in each group. The inner loop represents an iteration for each of the multiple groups.

First, the selection unit 623 sets 1 in the control variable i (i = 1 to N) indicating the group, and sets 1 in the control variable j (j = 1 to M) indicating the narrowing list of each group. N represents the number of groups included in the group list 635, and is an integer of 2 or more. M represents the maximum value of the number of refined lists included in each group, and is an integer of 1 or more. The selection unit 623 checks whether or not the j-th refined list exists in the i-th group of the group list 635 (step 1202).

When the j-th refined list exists in the i-th group (step 1202, YES), the selection unit 623 selects the refined list as the comparison target list (step 1203).

Next, the biometric authentication unit 624 acquires the registered biometric information corresponding to each identification information included in the comparison target list from the biometric DB 632 (step 1204). Then, the biometric authentication unit 624 authenticates the person to be authenticated by comparing the acquired registered biometric information with the received biometric information (step 1205), and checks whether or not the authentication is successful (step 1206). ).

In step 1205, if the registrant corresponding to the biometric information of the authentication target person is specified, it is determined that the authentication is successful, and if the registrant corresponding to the biometric information of the authentication target person is not specified, the authentication fails. It is judged.

If the refined list does not exist (steps 1202, NO) or authentication fails (steps 1206, NO), the server 605 increments i by 1 and repeats the processes of steps 1202 to 1206.

If the refined list does not exist when i = N (steps 1202, NO) or authentication fails (steps 1206, NO), the server 605 sets i to 1 and increments j by 1. The process of steps 1202 to 1206 is repeated.

When i = N and j = M, the narrowing list does not exist (steps 1202, NO) or the authentication fails (steps 1206, NO), the server 605 ends the loop process. Then, the biometric authentication unit 624 generates an authentication result 636 indicating a failure, and the communication unit 625 transmits the authentication result 636 to the client terminal 601 (step 1207).

If the authentication is successful (steps 1206, YES), the server 605 ends the loop process. Then, the biometric authentication unit 624 generates an authentication result 636 including the identification information of the specified registrant, and the communication unit 625 transmits the authentication result 636 to the client terminal 601 (step 1207).

In this case, the process of selecting a new refined list and the process of authenticating the authentication target person based on the new refined list are suppressed. Therefore, since the processing for the j-th refined list of the i + 1-th and subsequent groups and the processing for the j + 1-th and subsequent narrow-down lists of all groups are omitted, the biometric authentication process can be terminated quickly.

In the biometric authentication system of FIG. 6, instead of the feature amount of the face image, another feature amount indicating the feature of the user's clothes, skeleton, etc. shown in the image can be used to generate a narrowing list. In this case, the storage unit 626 of the server 605 stores a DB including another feature amount instead of the face DB631, and the client terminal 601 extracts another feature amount from the image and transmits it to the server 605.

In addition, the generation unit 622 can also determine which group to classify each narrowing list based on the similarity between the plurality of narrowing lists of the identification information included in each narrowing list.

In this case, the generation unit 622 generates a narrowing list by using the feature amount of the face image received from the client terminal 601, and the generated narrowing list is similar to each narrowing list included in the group list 635. Calculate the degree. As the similarity between the two refined lists, for example, the ratio of the number of identification information contained in both of the two refined lists to the total number of identification information contained in each refined list can be used.

The generation unit 622 obtains the statistical value of the similarity for one or more narrowed lists included in each group, and if the statistical value of any of the groups is larger than the threshold value T3, determines the group as the classification destination. As the statistical value, an average value, a median value, a mode value, a maximum value, or the like can be used. When the statistical values of all the groups are equal to or less than the threshold value T3, the generation unit 622 determines a new group as the classification destination.

By determining the classification destination group based on the similarity of the identification information included in the narrowing list, it is possible to make the identification information included in the narrowing list different among the groups. Therefore, there is a high possibility that the person to be authenticated is identified only by selecting one by one from a plurality of groups and performing the authentication process.

By the way, in the biometric authentication system of FIG. 6, the server 605 determines the classification destination of the narrowing list, but the client terminal can also determine the classification destination.

FIG. 13 shows an example of a functional configuration of a biometric authentication system in which a client terminal determines a classification destination. The biometric authentication system of FIG. 13 includes a client terminal 1301-1 to a client terminal 1301-K, a communication network 1302, and a server 1303. K is an integer greater than or equal to 1. The communication network 1302 is, for example, a LAN or WAN.

Each client terminal 1301-p (p = 1 to K) has a configuration in which the face information control unit 613 is replaced with the face information control unit 1311 in the client terminal 601 of FIG. The server 1303 has a configuration in which the generation unit 622 is replaced with the generation unit 1321 in the server 605 of FIG. In the case of a store payment system, the client terminals 1301-1 to 1301-K are installed in the same store.

The storage unit 615 of the client terminal 1301-p stores group information including a part of the information in the group list 635.

FIG. 14 shows an example of group information. The group information of FIG. 14 includes information on the tpUserID and the feature amount in the group list 635 of FIG. The client terminal 1301-p may receive the group information from the server 1303, or may receive the group information from another client terminal 1301-p received from the server 1303.

The face information control unit 1311 performs face recognition for each image included in the image acquired by the image acquisition unit 611, extracts a face image showing the face, and features the face image from the extracted face image. Is extracted. Then, the face information control unit 1311 determines the classification destination of the narrowing list generated from the feature amount of the face image by using the group information stored in the storage unit 615.

The face information control unit 1311 can determine the classification destination of the narrowing list by the same processing as the feature amount comparison processing of FIG. The communication unit 616 transmits the classification destination information indicating the classification destination group together with the feature amount of the face image to the server 1303.

The communication unit 625 of the server 1303 receives the feature amount of the face image and the classification destination information from the client terminal 1301-p. Then, the generation unit 1321 generates a narrowing list by the same processing as in steps 1003 to 1005 of FIG. 10, and classifies the narrowing list into the classification destination group.

According to the biometric authentication system of FIG. 13, the client terminal 1301-p and the server 1303 share the group information, so that the client terminal 1301-p can determine the classification destination, and the load on the server 1303 is increased. It will be further reduced.

When the classification destination is an existing group, the client terminal 1301-p may omit the transmission of the feature amount of the face image and the classification destination information. As a result, it is possible to suppress the generation and addition of a similar narrowing list, and it is possible to reduce the load on the communication network 1302.

The configuration of the information processing device 401 in FIG. 4 is only an example, and some components may be omitted or changed depending on the use or conditions of the information processing device 401.

The configurations of the biometric authentication systems of FIGS. 1, 6 and 13 are merely examples, and some components may be omitted or changed depending on the use or conditions of the biometric authentication system. For example, the face DB 631 and the living body DB 632 may be stored in a database external to the server 605 or the server 1303. In this case, the server 605 or the server 1303 acquires the registered feature amount of the face DB 631 and the registered biological information of the biological DB 632 from an external database and stores them in the storage unit 626.

The flowcharts of FIGS. 5 and 10 to 12 are merely examples, and some processes may be omitted or changed depending on the configuration or conditions of the information processing device 401 or the biometric authentication system.

The narrowing list shown in FIG. 2 is only an example, and the narrowing list changes according to the feature amount of the face image. The store shown in FIG. 3 is only an example, and the location of the camera and vein sensor in the store changes depending on the store. The narrowing list shown in FIG. 7, the group list 635 shown in FIGS. 8 and 9, and the group information shown in FIG. 14 are merely examples, and the narrowing list, the group list 635, and the group information are features of the face image. It changes according to the amount.

FIG. 15 shows a hardware configuration example of the information processing device 401 of FIG. 4, the client terminal 601 and the server 605 of FIG. 6, the client terminal 1301-p of FIG. 13, and the information processing device used as the server 1303.

The information processing device of FIG. 15 includes a CPU (Central Processing Unit) 1501, a memory 1502, an input device 1503, an output device 1504, an auxiliary storage device 1505, a medium drive device 1506, and a network connection device 1507. These components are hardware and are connected to each other by bus 1508. When the information processing device is the client terminal 601, the image pickup device 602 and the biosensor 603 of FIG. 6 may be connected to the bus 1508.

The memory 1502 is, for example, a semiconductor memory such as a ROM (Read Only Memory), a RAM (Random Access Memory), or a flash memory, and stores a program and data used for processing. The memory 1502 can be used as the storage unit 615 or the storage unit 626 of FIGS. 6 and 13.

The CPU 1501 (processor) operates as the classification unit 411, the selection unit 413, and the authentication unit 414 of FIG. 4 by executing a program using, for example, the memory 1502.

By executing the program, the CPU 1501 also operates as the image acquisition unit 611, the biological image acquisition unit 612, the face information control unit 613, and the biological information control unit 614 in FIG. By executing the program, the CPU 1501 also operates as the face authentication unit 621, the generation unit 622, the selection unit 623, and the biometric authentication unit 624 of FIG. The CPU 1501 also operates as the face information control unit 1311 and the generation unit 1321 in FIG. 13 by executing the program.

The input device 1503 is, for example, a keyboard, a pointing device, or the like, and is used for inputting an instruction or information from an operator. The output device 1504 is, for example, a display device, a printer, a speaker, or the like, and is used for making an inquiry to an operator or outputting a processing result. The output device 1504 can be used as the output unit 617 of FIGS. 6 and 13. The processing result may be the authentication result 636.

The auxiliary storage device 1505 is, for example, a magnetic disk device, an optical disk device, a magneto-optical disk device, a tape device, or the like. The auxiliary storage device 1505 may be a flash memory or a hard disk drive. The information processing device can store programs and data in the auxiliary storage device 1505 and load them into the memory 1502 for use. The auxiliary storage device 1505 can be used as the storage unit 615 or the storage unit 626 of FIGS. 6 and 13.

The medium drive device 1506 drives the portable recording medium 1509 to access the recorded contents. The portable recording medium 1509 is a memory device, a flexible disk, an optical disk, a magneto-optical disk, or the like. The portable recording medium 1509 may be a CD-ROM (Compact Disk Read Only Memory), a DVD (Digital Versatile Disk), a USB (Universal Serial Bus) memory, or the like. The operator can store programs and data in the portable recording medium 1509 and load them into the memory 1502 for use.

As described above, the computer-readable recording medium that stores the programs and data used for processing is a physical (non-temporary) recording such as a memory 1502, an auxiliary storage device 1505, or a portable recording medium 1509. It is a medium.

The network connection device 1507 is a communication interface circuit that is connected to the communication network 604 or the communication network 1302 and performs data conversion associated with the communication. The information processing device can receive programs and data from an external device via the network connection device 1507, load them into the memory 1502, and use them. The network connection device 1507 can be used as the communication unit 616 or the communication unit 625 of FIGS. 6 and 13.

It is not necessary for the information processing apparatus to include all the components shown in FIG. 15, and some components may be omitted depending on the application or conditions. For example, if the interface with the operator is unnecessary, the input device 1503 and the output device 1504 may be omitted. When the information processing device does not use the portable recording medium 1509 or the communication network, the medium driving device 1506 or the network connecting device 1507 may be omitted.

Having described in detail the embodiments of the disclosure and its advantages, those skilled in the art will be able to make various changes, additions and omissions without departing from the scope of the invention as expressly stated in the claims. Let's do it.

The following additional notes will be further disclosed with respect to the embodiments described with reference to FIGS. 1 to 15.
(Appendix 1)
Each of the plurality of lists containing the identification information of the plurality of registrants is classified into one of the plurality of groups.
Obtain the biometric information of the person to be authenticated
From one or more lists included in the first group among the plurality of groups, one of the lists is selected as the first comparison target list, and the list is selected.
Based on the first comparison result of comparing the registered biometric information associated with each of the identification information of the plurality of registrants included in the first comparison target list with the biometric information of the authentication target person, the authentication target person Authenticate against
An authentication method characterized by a computer performing processing.
(Appendix 2)
In the process of classifying each of the plurality of lists into any group, the plurality of the plurality of lists are each classified based on the similarity between the plurality of lists of the feature quantities associated with each of the plurality of lists. The authentication method according to Appendix 1, which includes a process of determining which group to classify into.
(Appendix 3)
The process of classifying each of the plurality of lists into any group is based on the similarity between the plurality of lists of the identification information of the plurality of registrants included in each of the plurality of lists. The authentication method according to Appendix 1, wherein the authentication method includes a process of determining which group is to be classified into the plurality of groups.
(Appendix 4)
In the process of authenticating the authentication target person based on the first comparison result, when the registrant corresponding to the biometric information of the authentication target person is not specified, one or one of the plurality of groups included in the second group. Select one of the multiple lists as the second comparison target list, and select one of them.
Based on the second comparison result of comparing the registered biometric information associated with each of the identification information of the plurality of registrants included in the second comparison target list with the biometric information of the authentication target person, the authentication target person Authenticate against
In the process of authenticating the authentication target person based on the first comparison result, when the registrant corresponding to the biometric information of the authentication target person is specified, the process of selecting the second comparison target list and the above-mentioned Suppressing the process of authenticating the person to be authenticated based on the second comparison result.
The authentication method according to any one of Supplementary note 1 to 3, wherein the computer further executes the process.
(Appendix 5)
A classification unit that classifies each of a plurality of lists containing identification information of a plurality of registrants into one of a plurality of groups.
The acquisition department that acquires the biometric information of the person to be authenticated, and
A selection unit that selects any list as the first comparison target list from one or more lists included in the first group among the plurality of groups.
Based on the first comparison result of comparing the registered biometric information associated with each of the identification information of the plurality of registrants included in the first comparison target list with the biometric information of the authentication target person, the authentication target person And the certification department that certifies against
An information processing device characterized by being equipped with.
(Appendix 6)
The classification unit classifies each of the plurality of lists into any of the plurality of groups based on the similarity between the plurality of lists of the feature amounts associated with the plurality of lists. The information processing apparatus according to Appendix 5, wherein the information processing apparatus is characterized in that.
(Appendix 7)
The classification unit puts each of the plurality of lists into any of the plurality of groups based on the similarity between the plurality of lists of identification information of the plurality of registrants included in each of the plurality of lists. The information processing apparatus according to Appendix 5, characterized in that it determines whether to classify.
(Appendix 8)
When the registrant corresponding to the biometric information of the authentication target person is not specified in the process of authenticating the authentication target person based on the first comparison result, the selection unit is the second group among the plurality of groups. Select one of the one or more lists included in the second comparison target list, and select one of them as the second comparison target list.
The authentication unit is based on the second comparison result of comparing the registered biometric information associated with each of the identification information of the plurality of registrants included in the second comparison target list with the biometric information of the authentication target person. , Authenticate the person to be authenticated,
When the registrant corresponding to the biometric information of the authentication target person is specified in the process of authenticating the authentication target person based on the first comparison result, the information processing device displays the second comparison target list. Suppressing the process of selecting and the process of authenticating the authentication target person based on the second comparison result.
The information processing apparatus according to any one of Supplementary note 5 to 7, wherein the information processing device is characterized by the above.
(Appendix 9)
Each of the plurality of lists containing the identification information of the plurality of registrants is classified into one of the plurality of groups.
Obtain the biometric information of the person to be authenticated
From one or more lists included in the first group among the plurality of groups, one of the lists is selected as the first comparison target list, and the list is selected.
Based on the first comparison result of comparing the registered biometric information associated with each of the identification information of the plurality of registrants included in the first comparison target list with the biometric information of the authentication target person, the authentication target person Authenticate against
An authentication program that lets a computer perform processing.
(Appendix 10)
In the process of classifying each of the plurality of lists into any group, the plurality of the plurality of lists are each classified based on the similarity between the plurality of lists of the feature quantities associated with each of the plurality of lists. 9. The authentication program according to Appendix 9, which includes a process of determining which group to classify into.
(Appendix 11)
The process of classifying each of the plurality of lists into any group is based on the similarity between the plurality of lists of the identification information of the plurality of registrants included in each of the plurality of lists. 9. The authentication program according to Appendix 9, which includes a process of determining which group among the plurality of groups is to be classified.
(Appendix 12)
In the process of authenticating the authentication target person based on the first comparison result, when the registrant corresponding to the biometric information of the authentication target person is not specified, one or one of the plurality of groups included in the second group. Select one of the multiple lists as the second comparison target list, and select one of them.
Based on the second comparison result of comparing the registered biometric information associated with each of the identification information of the plurality of registrants included in the second comparison target list with the biometric information of the authentication target person, the authentication target person Authenticate against
In the process of authenticating the authentication target person based on the first comparison result, when the registrant corresponding to the biometric information of the authentication target person is specified, the process of selecting the second comparison target list and the above-mentioned Suppressing the process of authenticating the person to be authenticated based on the second comparison result.
The authentication program according to any one of Supplementary note 9 to 11, wherein the computer further executes the process.

101, 601, 1301-1 to 1301-K Client terminal 102, 605, 1303 Server 103, 211-1 to 211-5 Camera 104, 212-1, 212-2 Vein sensor 105, 213-1 to 213-6 User 111, 613, 1311 Face information control unit 112 Display unit 113 Vein information control unit 121 List generation unit 122, 414 Authentication unit 123 Face library 124 Face DB
125 venous DB
126 Intravenous Library 131, 701-704, 711, 901 Narrowing List 201 Drink Corner 202 Food Corner 203 Book Corner 204-1 to 204-4 Shelf 205 Counter 206 Entrance 207-1, 207.2 Cash Register 401 Information Processing Device 411 Classification Unit 412 Acquisition unit 413, 623 Selection unit 602 Imaging device 603 Biometric sensor 604, 1302 Communication network 611 Video acquisition unit 612 Biometric image acquisition unit 614 Biometric information control unit 615, 626 Storage unit 616, 625 Communication unit 617 Output unit 621 Face authentication Part 622, 1321 Generation part 624 Biometric authentication part 633 Face library 634 Biometric library 635 Group list 636 Authentication result 1501 CPU
1502 Memory 1503 Input device 1504 Output device 1505 Auxiliary storage device 1506 Media drive device 1507 Network connection device 1508 Bus 1509 Portable recording medium

Claims (6)

Each of the plurality of lists containing the identification information of the plurality of registrants is classified into one of the plurality of groups.
Obtain the biometric information of the person to be authenticated
From one or more lists included in the first group among the plurality of groups, one of the lists is selected as the first comparison target list, and the list is selected.
Based on the first comparison result of comparing the registered biometric information associated with each of the identification information of the plurality of registrants included in the first comparison target list with the biometric information of the authentication target person, the authentication target person Authenticate against
An authentication method characterized by a computer performing processing. In the process of classifying each of the plurality of lists into any group, the plurality of the plurality of lists are each classified based on the similarity between the plurality of lists of the feature quantities associated with each of the plurality of lists. The authentication method according to claim 1, further comprising a process of determining which group to classify into the group of. The process of classifying each of the plurality of lists into any group is based on the similarity between the plurality of lists of the identification information of the plurality of registrants included in each of the plurality of lists. The authentication method according to claim 1, further comprising a process of determining which group among the plurality of groups. In the process of authenticating the authentication target person based on the first comparison result, when the registrant corresponding to the biometric information of the authentication target person is not specified, one or one of the plurality of groups included in the second group. Select one of the multiple lists as the second comparison target list, and select one of them.
Based on the second comparison result of comparing the registered biometric information associated with each of the identification information of the plurality of registrants included in the second comparison target list with the biometric information of the authentication target person, the authentication target person Authenticate against
In the process of authenticating the authentication target person based on the first comparison result, when the registrant corresponding to the biometric information of the authentication target person is specified, the process of selecting the second comparison target list and the above-mentioned Suppressing the process of authenticating the person to be authenticated based on the second comparison result.
The authentication method according to any one of claims 1 to 3, wherein the computer further executes the process. A classification unit that classifies each of a plurality of lists containing identification information of a plurality of registrants into one of a plurality of groups.
The acquisition department that acquires the biometric information of the person to be authenticated, and
A selection unit that selects any list as the first comparison target list from one or more lists included in the first group among the plurality of groups.
Based on the first comparison result of comparing the registered biometric information associated with each of the identification information of the plurality of registrants included in the first comparison target list with the biometric information of the authentication target person, the authentication target person And the certification department that certifies against
An information processing device characterized by being equipped with. Each of the plurality of lists containing the identification information of the plurality of registrants is classified into one of the plurality of groups.
Obtain the biometric information of the person to be authenticated
From one or more lists included in the first group among the plurality of groups, one of the lists is selected as the first comparison target list, and the list is selected.
Based on the first comparison result of comparing the registered biometric information associated with each of the identification information of the plurality of registrants included in the first comparison target list with the biometric information of the authentication target person, the authentication target person Authenticate against
An authentication program that lets a computer perform processing.

Images