JP2024043927A - PROGRAM, INFORMATION PROCESSING APPARATUS AND INFORMATION PROCESSING METHOD - Google Patents

Abstract

There are provided a program, an information processing device, and an information processing method that can prevent loss of usability for a user while ensuring security when user authentication is performed multiple times to use a service.
[Solution] A program that enables a computer to realize a reception function that receives an authentication request from a first device to authenticate a user of a service, a primary authentication function that performs primary processing based on primary information for performing primary processing for authenticating the user in response to the authentication request, and a provision function that provides secondary information for performing secondary processing to a second device that performs secondary processing for authenticating the user based on the result of the primary processing.
[Selected figure] Figure 3

Description

The present invention relates to a program, an information processing device, and an information processing method.

BACKGROUND ART There is a known technology (for example, two-factor authentication or two-step authentication) that performs user authentication (hereinafter also referred to as "user authentication") multiple times when a user makes a transaction in a service. Patent Document 1 describes a first authentication process performed between a terminal that a user logs in to when using a service and an authentication server, and a second authentication process performed between the user's smartphone and the authentication server. An authentication system is disclosed that performs an authentication process. According to such technology, security can be ensured at a higher level than when user authentication is performed only once.

JP 2021-144598 A

Here, there is a demand for ensuring usability for users, such as efficiency, when using the service. However, in the above-mentioned Patent Document 1, since user authentication is performed multiple times, the processing time from the request for user authentication to its completion increases, and users end up having to wait that much. This may impair user usability.

In view of the above-mentioned problems, the present invention provides a program, an information processing device, and an information processing method that prevents deterioration of user usability while ensuring security when user authentication is performed multiple times when using a service. The purpose is to provide

A program according to one aspect of the present invention provides a computer with a reception function for receiving an authentication request for authenticating a service user from a first device, and a first authentication function for authenticating a user in response to the authentication request. A primary authentication function that executes a primary process based on primary information for executing the process, and a second device that executes a secondary process for user authentication based on the result of the primary process. , and a provision function of providing secondary information for executing secondary processing.

An information processing device according to one aspect of the present invention includes a reception unit that receives an authentication request for authenticating a service user from a first device, and a first process for user authentication in response to the authentication request. a primary authentication unit that executes a primary process based on primary information for executing the process; and a second device that executes a secondary process for user authentication based on the result of the primary process; and a providing unit that provides secondary information for performing secondary processing.

In an information processing method according to one aspect of the present invention, a computer receives an authentication request for authenticating a service user from a first device, and performs primary processing for user authentication in response to the authentication request. A second device executes a primary process based on the primary information for executing the process, and a second device executes a secondary process to authenticate the user based on the result of the primary process. Provide secondary information for

According to the present invention, when user authentication is performed multiple times to use a service, it is possible to prevent a loss of usability for the user while ensuring security.

FIG. 1 is a diagram for explaining an example of the system configuration of an authentication system according to the present embodiment. FIG. 1 is a diagram for explaining an overview of an authentication system according to an embodiment of the present invention. 1 is a diagram illustrating an example of a functional configuration of an authentication device according to an embodiment. It is a figure showing an example of operation of an authentication device concerning this embodiment. FIG. 4 is a diagram illustrating an example of the operation of the authentication device according to the present embodiment. FIG. 2 is a diagram illustrating an example of a hardware configuration of an authentication device according to the present embodiment.

A preferred embodiment of the present invention (hereinafter, referred to as "the present embodiment") will be described with reference to the attached drawings. Note that in each drawing, parts with the same reference numerals have the same or similar configurations.

In this invention, "part," "means," "device," or "system" does not simply mean physical means, but also includes cases where the functions of the "part," "means," "device," or "system" are realized by software. Furthermore, the functions of one "part," "means," "device," or "system" may be realized by a combination of two or more physical means, devices, or software modules, and the functions of two or more "parts," "means," "devices," or "systems" may be realized by one physical means, device, or software module.

1. System configuration
An example of the system configuration of an authentication system 1 according to this embodiment will be described with reference to Fig. 1. As shown in Fig. 1, the authentication system 1 includes a server device 100, a user device 200a of a user, a store device 200b of a store that uses a service (hereinafter also referred to as a "linked service") linked with the authentication system 1 or a store for providing the linked service, and a provider device 300 of a provider that provides the linked service. The user device 200a is one aspect of a first device that is a request source of an authentication request, which will be described later, and the user device 200a is one aspect of a second device that executes a secondary process, which will be described later. Note that the first device and the second device are typically different devices, but may be the same device.

The authentication system 1 ensures security by performing authentication (hereinafter also referred to as "user authentication") multiple times to confirm the validity of the user when the user uses the linked service. Specifically, in the authentication system 1, the server device 100 executes primary processing for user authentication (hereinafter also simply referred to as "primary processing") in response to a request from the user device 200a. After the primary process is executed, the store device 200b executes a secondary process (hereinafter also simply referred to as "secondary process") for user authentication of the same user.

Performing user authentication multiple times may mean, for example, performing multi-factor authentication such as two-factor authentication using multiple authentication factors, or performing multi-stage authentication such as two-stage authentication that performs authentication in stages. As another example, performing user authentication multiple times may mean performing two or more authentications with different authentication levels.

The authentication level may represent, for example, the strength of the authentication method. The authentication level may represent, for example, whether or not the authentication method is multi-factor authentication. The authentication level may represent, for example, whether or not the authentication method is multi-stage authentication. The authentication level may represent, for example, whether or not the authentication method is multi-path authentication.

The user authentication may be, for example, the authentication defined by NIST SP 800-63-3. The authentication level applied to the user authentication may be, for example, the AAL (Authentication Assurance Level) defined by NIST SP 800-63B as follows:
Level 1: Of the three authentication factors (knowledge, possession, and biometrics), one or more factors must be used, and there is a certain degree of trust in the person's authentication. In other words, it can be achieved by performing at least single-factor authentication.
Level 2: Of the three factors, multiple factors such as ID password + one-time password must be used, and there is a considerable degree of reliability in authenticating the person. Unlike level 3, level 2 can be achieved by using software as the second factor authentication method.
- Level 3: Two-factor authentication, and the second factor authentication method must use tamper-resistant hardware, and the reliability of identity authentication is very high (specifically, a PIN code + a card with an embedded IC chip (hereinafter also referred to as an "IC card") + My Number card, etc.).

Possession information includes, for example, device identification information that identifies a device (e.g., an information terminal such as a smartphone) that is a property owned by the user, and location information that indicates the location of a user's belongings (e.g., information about the property and the provider). The information may be distance information indicating the distance to the device 300 or information indicating GPS coordinates measured by a GPS (Global Positioning System) device.

Information about possessions held by a user may be provided to the server device 100 and/or the store device 200b directly, or indirectly via the cloud or the like as necessary, by communication based on a communication standard such as BLE (Bluetooth Low Energy), UWB (Ultra Wide Band), Wi-Fi (registered trademark), or short-range wireless communication (e.g., RFID (Radio Frequency IDentification) or NFC (Near Field Communication)), or may be provided to these devices by other methods.

The biometric information may be, for example, information related to the user's biometrics, such as appearance, fingerprints, palm prints, voice prints, and/or iris. The user may provide biometric information of the user to the server device 100, for example, through the user device 200a, the store device 200b, or a detection device described later.

The stored information may be, for example, information that identifies a user in the authentication system 1 (hereinafter also referred to as "user identification information"), a card number used to settle a transaction, an account number, a telephone number, an account name such as an email address, a password, a signature or figure entered or selected by the user, a free-entry or multiple choice answer to a given question, or any other information that is stored by the user and can be obtained by the server device 100. The user enters or selects the stored information through, for example, an input device provided on the user device 200a or a store device 200b installed in the store, and provides the stored information to the server device 100.

The authentication method is a method by which the authentication system 1 authenticates a user. For example, the authentication method may be based on at least one of possession information related to possessions held by the user (for example, a terminal device such as the user device 200a described later), biometric information related to the user's body, and memory information stored by the user. In other words, the authentication method may be based only on possession information, biometric information, and memory information, or may be an authentication method that includes two or more pieces of information among possession information, biometric information, and memory information. In other words, when the authentication method is based on possession information and biometric information, the authentication system 1 authenticates a user who makes a payment in a transaction in a linked service (hereinafter also simply referred to as a "transaction") based on possession information and biometric information. In addition, the authentication method may be based on information other than possession information, biometric information, and memory information. Hereinafter, authentication based on possession information is also referred to as "possession authentication", authentication based on biometric information is also referred to as "biometric authentication", and authentication based on memory information is also referred to as "memory authentication".

The server device 100, the user device 200a, the store device 200b, and the provider device 300 are connected to each other via a network N.

The server device 100 is an information processing device capable of communicating with the user device 200a, the store device 200b, and the provider device 300. The server device 100 executes a specific program to provide a wallet function (hereinafter also referred to as an "online wallet") that can be used by a user in an online environment for various transactions in the linked service. For example, a user can store payment method information (described later) in the online wallet. This allows the user to access the online wallet from various devices in an online environment and to settle transactions using the stored payment method information. The server device 100 also provides an authentication function for user authentication for the linked services provided by the provider device 300 and/or the wallet function of its own device. This authentication function executes, for example, a primary process for user authentication.

The provider device 300 is an information processing device used by the provider, and is capable of communicating with the user device 200a, the store device 200b, and the provider device 300. The provider device 300 executes a specific program to realize a server function that provides a linked service to a user.

The user device 200a is an information processing device used by a user, and is, for example, a mobile device such as a smartphone, a laptop, or a tablet. By executing a predetermined program, the user device 200a accepts various requests from users, and cooperates with the server device 100 and/or provider device 300 to perform user authentication when logging into a cooperative service. After logging in, the website of the cooperative service or a screen of an application dedicated to the cooperative service is output.

The store device 200b is an information processing device used in a store, and is, for example, a POS cash register terminal, a tablet terminal, or a handy terminal. For example, the store device 200b may have a reader function that reads product information about products sold at the store where it is installed or information about services provided at the store. Furthermore, as another example, the store device 200b may not have the reader function, and an external device such as a card reader connected to the store device 200b may have the reader function. The store device 200b has, for example, a POS cash register function that accepts input of information regarding products or services (hereinafter also referred to as "products, etc."), and calculates the total price of the accepted products, etc. (in other words, transaction amount). may be provided.

Network N is configured by a wireless network or a wired network. Examples of the network N include a mobile phone network, a PHS (Personal Handy-phone System) network, a wireless LAN (Local Area Network), communication compliant with IEEE802.11 (so-called WI/Fi (registered trademark)), 3G (3rd Generation), LTE (Long Term Evolution), 4G (4th Generation), 5G (5th Generation), WiMax (registered trademark), infrared communication, visible light communication, Bluetooth (registered trademark), wired LAN, telephone line, There are power line communications, power line networks, networks compliant with IEEE1394, etc.

<2. Overview＞
With reference to FIG. 2, an overview of the primary processing and secondary processing for user authentication in the authentication system 1 will be explained. In this example, the linked services are (a) a membership service that users who use the services provided by the provider can join and accumulate points that can be used for various payments when using the services; and (b) an existing membership service. An example in which a service provided face-to-face with a user (hereinafter also referred to as "face-to-face service") is provided at store A will be described. Further, in this example, an example in which the face-to-face service is a retail service in which products are sold at store A will be described.

(0) As shown in FIG. 2, the provider device 300 provides the server device 100 with primary information for executing the primary process prior to the primary process. (1) When entering store A, the server device 100 receives an authentication request for user authentication (hereinafter simply " (also referred to as "authentication request") and executes primary processing. Specifically, the primary processing involves (a) identifying the user, and (b) authenticating the identified user, based on the primary information of the user's reference included in the user authentication request. Specifically, it is determined whether or not the user is the user by comparing the primary information of the verification destination with the primary information of the verification source registered in advance.

The primary information includes, for example, user identification information for identifying each user, primary authentication method information indicating the authentication method used for user authentication in the primary process, and each use according to the primary authentication method information. The information may include personal belongings information, biometric information, and/or memory information of the person. Further, the primary information may include, for example, location information of the user (specifically, the user device 200a). Further, the primary information may include a primary information validity period indicating a period during which the primary information is valid. Hereinafter, the user's property information, biometric information, and/or memory information will also be collectively referred to as "authentication information."

The detection device includes, for example, an imaging device such as a camera that captures a face image of the user as the user's biometric information, an image sensor that processes the image captured by the imaging device to generate biometric information, and an imaging device and an image sensor. It may also be a face authentication sensor that performs facial authentication by comparing the generated biometric information with the biometric information of the comparison source, and/or a beacon that acquires the location information of the user device 200a of the user. . The detection device is a device installed near the entrance of the store A, and when a user enters the store A, the detection device is a device that connects the user device 200a with contact or non-contact short-range communication (for example, Wi-Fi). -Fi, Bluetooth (registered trademark), NFC, etc.) or a QR code (registered trademark) to detect the user device 200a.

(2) If the user is successfully authenticated as a result of the primary processing (in other words, if it is determined that the user is the user), the server device 100 executes the secondary processing of the user. , provides the secondary information of the collation source to the store device 200b installed in the store A, which is used for buying and selling products sold at the store A. While this information is being provided, the user can spend free time choosing products to purchase at store A and trying out the selected products.

The secondary information may include, for example, like the primary information, user identification information of each user, secondary authentication method information indicating the authentication method used in user authentication in the secondary process, and authentication information of each user according to the secondary authentication method information. The primary authentication method information and the secondary authentication method information may indicate different authentication methods (e.g., primary is possession authentication and secondary is knowledge authentication, etc.) or may be the same authentication method (e.g., both primary and secondary are possession authentication, etc.). In addition, the secondary information may include a secondary information validity period indicating the period during which the secondary information is valid.

For example, if the server device 100 succeeds in authenticating the user as a result of the primary processing, the server device 100 sends transaction-related processing (hereinafter also referred to as “transaction processing”) to the store device 200b, or the details of the transaction during the transaction processing. Transaction permission information indicating that execution of the process to be confirmed (hereinafter also referred to as "confirmation process") is permitted may be provided together with the secondary information or separately from the secondary information. The transaction permission information may, for example, permit execution of transaction processing or confirmation processing when user authentication is successful as a result of secondary processing. The store device 200b may output on the screen a message indicating that the transaction is permitted, as indicated by the provided transaction permission information.

(3) When a user purchases a product, the store device 200b executes a secondary process to authenticate the user. Specifically, when the secondary information of the matching target is input from the user or the user device 200a or other possession, the secondary process (a) identifies the user and (b) authenticates the identified user, specifically, by matching the secondary information of the matching target with the acquired secondary information of the matching source to determine whether or not the user is the user. In addition, the store device 200b may delete the acquired secondary information, for example, immediately after the secondary process is completed, when a predetermined period has passed since the completion, or when a predetermined date is reached. This predetermined period and/or the predetermined date may be set, for example, by the secondary information validity period.

(4) The user or store clerk sends the product information of each of the one or more products to be purchased and the payment method information of the payment method used for the purchase and sale of this product to the store device 200b as the contents of the order, that is, the contents of the transaction. Enter. The store device 200b receives the input of a confirmation instruction from the user or the clerk regarding the input transaction details, and executes a confirmation process to confirm the transaction details. The product information may include, for example, a JAN code indicated by a barcode attached to the product to be purchased.

(5) The in-store device 200b transmits transaction information indicating the result of the confirmation process of (4) above to the server device 100. In addition, the in-store device 200b transmits secondary processing result information indicating the result of the secondary processing of (3) above to the server device 100 together with the transaction information or separately from the transaction information.

The transaction information is information related to a transaction. The transaction information includes, for example, transaction identification information for identifying each transaction, the contents of each transaction (for example, the product or service to be traded, the transaction amount, and/or the payment method information used for the transaction), the transaction date and time, the status of the transaction processing (for example, the transaction contents are being accepted, the confirmation processing is completed, or the processing is temporarily suspended to wait for the transaction availability information or the transaction condition information described below, the confirmation processing is interrupted due to a processing error, etc.), and a payment instruction for settling each transaction (when the confirmation processing is completed). The transaction processing is a process related to a user's transaction in the linked service. For example, in the case of a transaction for buying and selling goods, the transaction processing may be at least one of (a) accepting an order for the goods, (b) calculating the subtotal and total amount (transaction amount) of the accepted order, (c) outputting the contents of the order on the screen of the in-store device 200b, and (d) accepting a confirmation instruction from the user (or a store clerk) regarding the outputted contents of the order.

Payment method information includes, for example, type information indicating the type of payment method (e.g., credit card payment, debit card payment, or electronic money payment), payment method identification information for identifying the payment method (e.g., card number or account number), payment service provider identification information providing the payment method, user identification information of the user using the payment method, security information for the security of the payment method, etc.

(6) Based on the transaction confirmation information transmitted from the store device 200b and the payment method information regarding payment methods available to the user, the server device 100 performs a process for settling the confirmed transaction using this payment method. Execute payment processing.

(7) The server device 100 transmits the transaction confirmation information and the payment processing information indicating the result of the payment processing described above in (6) to the provider device 300.

According to the above configuration, the primary processing for user authentication is executed by the server device 100 when entering the store, and the secondary processing is executed by the edge-side store device 200b at the time of transaction, so that the authentication request is The user does not have to wait in front of the store device 200b until multiple user authentications are completed. Therefore, the user can spend free time selecting products and trying out products during this time. Therefore, when the authentication system 1 performs user authentication multiple times when using a cooperative service, it is possible to ensure security and prevent usability for the user from being impaired.

<3. Functional configuration>
The functional configuration of the server device 100 according to this embodiment will be described with reference to FIG. 3. As shown in FIG. 3, the server device 100 includes a control section 110, a communication section 120, and a storage section 130.

The control unit 110 includes a reception unit 111, a provision unit 112, and an authentication unit 113. Further, the control unit 110 may include, for example, an acquisition unit 114, a payment processing unit 115, an identity verification unit 116, and/or a registration unit 117.

[Reception Department]
The reception unit 111 receives various information and/or various requests from a first device (eg, user device 200a), a second device (eg, store device 200b), and/or provider device 300, etc. The reception unit 111 may accept various types of information in any manner. For example, the receiving unit 111 may receive and accept a message indicating an authentication request including primary information or secondary information of the verification destination from these devices. As another example, the reception unit 111 may allow the user to input the primary information or secondary information of the comparison destination on a screen output to the first device or the second device and receive the information. Further, the reception unit 111 may receive various information by using, for example, an API implemented by the server device 100 or an SDK library compatible with the authentication system 1. The receiving unit 111 receives, for example, an authentication request for authenticating a service user from a first device such as the user device 200a.

For example, if the second device cannot determine that a transaction is possible according to the transaction conditions indicated in the transaction condition information (hereinafter also simply referred to as “trade conditions”), the reception unit 111 sends a determination from the second device as to whether the transaction is possible. A higher order determination request for making a request may be accepted. The case where it cannot be determined that the transaction is possible may be, for example, a case where the second device is unable to determine whether the transaction is possible, and/or a case where it is determined that the transaction is not possible because the transaction conditions are not satisfied.

[Provision Department]
The providing unit 112 provides various information to the first device, the second device, and/or the provider device 300. The providing unit 112 may provide various information in any manner. For example, the providing unit 112 may transmit a data file or a message including the secondary information to these devices in an event-driven manner. As another example, the providing unit 112 may provide the secondary information and/or the transaction information to these devices via an API or SDK library implemented by the providing unit 112. As another example, the providing unit 112 may cause the secondary information and/or the transaction information to be referenced on a screen outputted to the user device 200a. The providing unit 112 provides the secondary information for executing the secondary processing to the second device that executes the secondary processing for authenticating the user based on the result of the primary processing. For example, when the user authentication is successful as a result of the primary processing, the providing unit 112 may provide the second device with the secondary information to be used as a reference source.

According to the above configuration, the providing unit 112 provides the second device with secondary information for the secondary processing based on the result of the primary processing for user authentication, so that the second device can execute the secondary processing for user authentication. For example, since the secondary information is provided when the user authentication of the primary processing is successful, security can be ensured. Furthermore, by separating the devices that execute the primary processing and the secondary processing, rather than executing the primary processing and the secondary processing together on the same device, i.e., the server device 100, the user can make effective use of the time between these processes. Therefore, when user authentication is performed multiple times to use the linked service, it is possible to prevent the loss of usability for the user while ensuring security.

The providing unit 112 may provide the second device with transaction permission information based on the result of the primary processing, for example. Specifically, the providing unit 112 may provide the second device with transaction permission information when the user authentication of the primary processing is successful. The transaction permission information may, for example, permit the execution of a transaction process or a confirmation process based on the result of the secondary processing. Specifically, the transaction permission information may permit the execution of a confirmation process when the user authentication is successful as a result of the secondary processing. The transaction permission information may, for example, permit the execution of a transaction process or a confirmation process for each transaction, or may permit one or more transaction processes or one or more confirmation processes executed during a predetermined period. The second device may execute these processes in each transaction, for example, with the successful user authentication of the secondary processing and the acquisition of the provided transaction permission information as conditions for executing the transaction process or the confirmation process.

The providing unit 112 may provide, for example, the provider device 300 with primary processing result information indicating the result of the primary processing. The primary processing result information may include, for example, (a) information on the identified user (e.g., user identification information, etc.), (b) information indicating the result of determining whether the identified user is the user in the user authentication of the primary processing, i.e., information indicating whether the authentication was successful or unsuccessful, and (c) information indicating the authentication method used in the user authentication in (b) above. In addition, for example, when the confirmation process of the user's transaction in the linked service has been completed, the providing unit 112 may provide the provider device 300 with transaction information together with or instead of the primary processing result information.

The providing unit 112 may provide the second device with the secondary information depending on whether or not a transaction is possible, for example, as indicated by the transaction availability information acquired by the acquiring unit 114. Specifically, when the transaction availability information indicates that a transaction is possible, the providing unit 112 may provide the second device with the secondary information. On the other hand, when the transaction availability information indicates that a transaction is not possible, the providing unit 112 may cancel providing the secondary information to the second device. When canceling the provision of the secondary information in this way, the providing unit 112 may provide the second device with information indicating that a transaction is not possible, instead of the secondary information.

According to the above configuration, the providing unit 112 can provide the secondary information based on the information on whether or not the user can make a transaction, which is stored (in other words, stored) by the provider device 300. In this case, the second transaction device may determine that the transaction is possible based on obtaining the provided secondary information. For example, if the provider device 300 is inquired about the possibility of the transaction for the first time when the transaction process is executed on the second device, the user will have to wait for the time required for this inquiry and the response. Therefore, since the provider device 300 can be inquired about the possibility of the transaction in advance before the transaction is executed on the second device and secondary information can be provided based on the result, it is possible to prevent the usability of the user from being impaired. In addition, rather than storing the secondary information in the second device in advance, it is possible to provide the secondary information only when the transaction indicates the possibility of the transaction each time a transaction is made, so that the storage of the secondary information on the second device can be kept to a minimum and security can be ensured.

The providing unit 112 may, for example, provide the second device with transaction condition information acquired from the provider device 300. In this case, the second device may execute transaction processing related to the transaction based on the provided transaction condition information. Specifically, the second device may execute transaction processing when the transaction information and/or transaction history information of the user satisfies the transaction conditions indicated by the transaction condition information.

According to the above configuration, without inquiring the provider device 300, the second device located on the edge side can determine whether or not a transaction is possible based on the transaction conditions. Therefore, the time the user is kept waiting can be shortened, and usability for the user can be prevented from being impaired. Furthermore, if the second device is connected to the server device 100 or the provider device 300 via a wide area communication network such as the Internet as network N, regardless of the state of this connection, transactions can be made in the second device. It is possible to determine whether or not the For this reason, especially when a transaction is settled by cash, a debit from the balance deposited in the local wallet function of the user device 200a, a debit from the balance of an IC card owned by the user, etc., the second device, Even if communication with the server device 100 or provider device 300 is not possible, transactions can be settled.

For example, the providing unit 112 may provide the second device with the higher ranking determination result information acquired by the acquiring unit 114. In this case, the second device may execute transaction processing regarding the transaction based on the provided higher rank determination result information. The higher-order determination result information is information indicating the result of the determination of whether the transaction is possible or not (for example, whether the transaction is possible or not) by the provider device 300. According to such a configuration, even if the transaction is a high-value transaction or a special transaction in which the second device on the edge side cannot determine whether or not the transaction is possible, the transaction is performed based on the inquiry to the higher-level provider device 300 and the response. processing can be executed. Therefore, it is possible to handle a wide variety of transactions.

[Authentication Department]
The authentication unit 113 executes processing related to user authentication in response to the authentication request received by the reception unit 111.

The authentication unit 113 includes a primary authentication unit 113a. In response to an authentication request, the primary authentication unit 113a executes a primary process for user authentication based on the primary information.

[Acquisition section]
The acquisition unit 114 acquires various information from the first device, the second device, and/or the provider device 300, etc. The acquisition unit 114 may acquire, for example, from the provider device 300, transaction availability information indicating whether or not a transaction to be executed in the second device is available, which is provided in response to the primary processing result information and/or the transaction information.

The acquisition unit 114 may acquire, for example, secondary information provided from the provider device 300 according to the primary processing result information. Specifically, the acquisition unit 114 may acquire, from the provider device 300, secondary information provided as a result of successful user authentication as a result of the primary processing. According to such a configuration, since the server device 100 acquires the secondary information only when the primary authentication is successful, rather than storing the secondary information in advance, the server device 100 stores the secondary information. can be kept to the necessary minimum and security can be ensured.

The acquisition unit 114 may acquire, for example, from the provider device 300, transaction condition information indicating transaction conditions for determining whether or not a transaction in the linked service is possible. The transaction conditions include, for example, an upper limit on the transaction amount (hereinafter also referred to as "upper amount"), an upper limit on the number of transactions that are performed after determining that the transaction conditions are satisfied in the second device, and types of transactions that are permitted (for example, buying and selling transactions involving the provision of services or goods, loans, factoring, remittance transactions, transfer of value such as electronic money, etc.), etc.

The acquisition unit 114 may acquire the higher rank determination result information from the provider device 300, for example, as a response to the higher rank determination request transmitted by the transmitting unit 121.

The acquisition unit 114 may acquire additional authentication information for performing additional authentication from the provider device 300, for example, when the transaction conditions indicate that a transaction is possible on the condition that additional authentication of the user is performed. The additional authentication information may include, for example, user identification information of each user, additional authentication method information indicating the authentication method used in the additional authentication, authentication information of each user according to the additional authentication method information, and the like, similar to the primary information. The additional authentication method information may indicate an authentication method different from the primary authentication method information and the secondary authentication method information, or may be the same authentication method. The acquisition unit 114 may, for example, refer to the transaction conditions information, and if applicable, transmit a request to acquire additional authentication information to the provider device 300, and acquire the additional authentication information in response thereto.

The second device may execute a confirmation process to confirm the contents of the transaction in the linked service based on the result of the secondary processing. In this case, the acquisition unit 114 may acquire, for example, from the second device, secondary processing result information indicating the result of the secondary processing executed in the confirmation process, and transaction confirmation information indicating the result of the confirmation process.

[Payment processing department]
The payment processing unit 115 executes payment processing to settle the transaction using the payment method indicated in the payment method information, based on the payment method information and the transaction information indicating that the confirmation process has been completed. Further, the payment processing unit 115 may execute payment processing for settling the transaction, for example, further based on the secondary processing result information.

For example, if the payment method indicated in the payment method information is credit card payment, the payment processing unit 115 may send a credit card payment instruction including the transaction amount and payee information to the server of the credit card company based on the credit card information (e.g., card number, member name, expiration date, security code, etc.) among the user's payment method information managed in the online wallet. Also, if the payment method indicated in the payment method information is direct deposit, the payment processing unit 115 may send an instruction to transfer the transaction amount from the user's account to the account of the business partner (e.g., the owner of store A) to the server of the financial institution such as a bank that manages the user's account.

[Identity Verification Department]
The identity verification unit 116 verifies the user's identity based on the user's verification information. This identity verification is to electronically confirm that the user is the real person (so-called eKYC), for example, by the National Institute of Standards and Technology (NIST). It may also be Identity Proofing specified by SP 800-63-3. Confirmation information is information related to the user's identity confirmation, such as the user's name, address, contact information, information regarding the user's My Number card used for identity confirmation, and/or the user's information used for identity confirmation. It may also include information regarding the driver's license, etc.

The identity verification unit 116 may perform identity verification, for example, when (a) an account is issued for the user to use the wallet function and/or authentication function of the server device 100, (b) an account is issued for the user in a linked service, or (c) the reception unit 111 receives a request for additional identity verification of the user from the second device. In the case of (c), for example, if a store clerk judges that the user's appearance or behavior is suspicious, the request for additional verification may be sent from the in-store device 200b, which is the second device, to the server device 100.

[Registration section]
The registration unit 117 registers user information related to the user provided from the user device 200a or the like in the storage unit 130. For example, the registration unit 117 may register the user information in the storage unit 130 in association with the primary information, secondary information, and/or transaction information of the same user.

The user information may be, for example, user identification information for identifying the user (e.g., an account ID issued by the server device 100, etc.), personal information of the user (e.g., name, address, telephone number, email address, password), information of the card or device (e.g., the user device 200a) used for payment by the user (e.g., a card number, a device MAC address, or an IP address, etc.). The user information may also include, for example, authentication method information indicating one or more authentication methods available to the user, and authentication information corresponding to one or more authentication methods indicated by the authentication method information. The user information may also include, for example, information regarding the user's account issued by the linked service (e.g., an account ID, payment method information linked to the account, etc.).

[Communication Department]
The communication unit 120 communicates various information and/or with a first device (for example, user device 200a), a second device (for example, store device 200b), and/or provider device 300, etc. via network N. Send and receive various requests.

The communication unit 120 may include, for example, a transmitter 121. The transmitter 121 transmits the upper rank determination request received from the second device to the provider device 300. Further, the transmitting unit 121 may transmit, for example, the additional authentication information acquired by the acquiring unit 114 to the second device. According to such a configuration, for transactions that require a higher authentication level or security, the second device on the edge side performs additional authentication to satisfy the higher authentication level or provide higher security. It can be secured.

[Memory unit]
The storage unit 130 stores, for example, user information, payment method information, primary information, secondary information, and/or transaction information, etc., in association with each other.

<4. Operation example>
An example of the operation of the authentication system 1 will be described with reference to FIGS. 4 and 5. Note that the order of processing and units of processing shown in FIGS. 4 and 5 are merely examples, and may be changed as appropriate.

FIG. 4 is a sequence diagram showing the flow of processing from an authentication request to execution of primary processing in the authentication system 1 and interactions between devices. As shown in FIG. 4, the user device 200a receives an authentication request operation for user authentication from a service user (S10). The user device 200a transmits the received authentication request to the store device 200b (S11). The store device 200b further transmits the transmitted authentication request to the server device 100 (S12).

The reception unit 111 of the server device 100 receives the authentication request transmitted above (S13). In response to this authentication request, the primary authentication unit 113a of the server device 100 executes the primary process based on the primary information (S14).

If the user authentication is successful as a result of the above-mentioned primary processing, the user device 200a, the store device 200b, the server device 100, and the provider device 300 execute processing within the upper part of the area indicated by the composite fragment alt1 (alternative1). Specifically, the providing unit 112 of the server device 100 provides the secondary information and the transaction permission information to the store device 200b (in other words, transmits them to the store device 200b. The same applies below) (S15). The providing unit 112 also provides the provider device 300 with primary processing result information indicating that the user authentication was successful as a result of the above-mentioned primary processing (S17). The provider device 300 extracts transaction conditions for determining whether or not the corresponding user can make a transaction based on the provided primary processing result information (S18). The provider device 300 provides the server device 100 with transaction condition information indicating the extracted transaction conditions (S19). The acquiring unit 114 of the server device 100 acquires the provided transaction condition information (S20). The providing unit 112 of the server device 100 provides the acquired transaction condition information and first processing result information to the store device 200b (S21). The store device 200b acquires the provided first processing result information and transaction condition information (S22). The store device 200b provides the acquired first processing result information to the user device 200a (S23). The user device 200a outputs on a screen or the like a message indicating that the user authentication indicated by the first processing result information was successful (S24).

If user authentication fails as a result of the above-mentioned first processing, the user device 200a, the store device 200b, the server device 100, and the provider device 300 execute processing within the lower part of the area indicated by the combined fragment alt1. Specifically, the providing unit 112 of the server device 100 provides the store device 200b with first processing result information indicating that user authentication has failed as a result of the above-mentioned first processing (S25). The store device 200b provides this provided first processing result information to the user device 200a (S26). The user device 200a outputs on a screen or the like a message indicating that user authentication has failed as indicated by the first processing result information (S27).

Figure 5 is a sequence diagram showing the process flow and interactions between each device in authentication system 1 from accepting a transaction through secondary processing to executing settlement processing of the transaction after the primary processing in Figure 4 is completed. As shown in Figure 5, the in-store device 200b accepts an input operation of transaction information for a transaction in the linked service from a user or a store clerk (S30). The in-store device 200b determines whether the transaction indicated by the transaction information satisfies the transaction conditions indicated by the transaction condition information (S31).

When the transaction satisfies the transaction conditions indicated by the acquired transaction condition information, the user device 200a, store device 200b, server device 100, and provider device 300 perform the processing in the upper part of the area indicated by composite fragment alt2 (alternative2). Execute. Specifically, the store device 200b receives an input operation for secondary information to be compared from the user (S32). The store device 200b executes secondary processing for user authentication, such as comparing the received secondary information of the verification destination with the acquired secondary information of the verification source (S33).

If the user authentication is successful as a result of the above secondary processing, the user device 200a, store device 200b, server device 100, and provider device 300 execute the process in the upper part of the area indicated by composite fragment alt3 (alternative3). do. Specifically, the store device 200b executes a confirmation process to confirm the details of the transaction indicated in the transaction information based on the acquired transaction permission information (S34). The store device 200b transmits secondary processing result information indicating that user authentication was successful as a result of the secondary processing, and transaction information indicating the result of the executed confirmation processing to the server device 100 (S35). The payment processing unit of the server device 100 determines the user's available payment methods based on the transmitted secondary processing result information and transaction information and the user's payment method information stored in the storage unit 130 as an online wallet function. A payment process is executed to settle the transaction using the payment means (S36). The transmitter 121 of the server device 100 transmits payment processing result information indicating the result of this payment processing to the store device 200b (S37). The store device 200b outputs the payment processing result indicated by the transmitted payment processing result information on a screen or the like (S38).

If the user authentication fails as a result of the secondary processing, the user device 200a, store device 200b, server device 100, and provider device 300 execute the processing in the upper part of the area indicated by the composite fragment alt3. Specifically, the store device 200b outputs on the screen or the like that this user authentication has failed (S39).

The user device 200a, the store device 200b, the server device 100, and the provider device 300 execute the process in the lower part of the area indicated by the composite fragment alt2 when the transaction satisfies the transaction conditions indicated by the acquired transaction condition information. Specifically, the store device 200b outputs an error that prohibits the transaction on the screen or the like (S40).

<5. Hardware configuration>
With reference to FIG. 6, an example of a hardware configuration when the server device 100 described above is implemented by the computer 800 will be described. Note that the functions of each device can also be realized by dividing into a plurality of devices.

As shown in FIG. 6, the computer 800 includes a processor 801, a memory 803, a storage device 805, an input I/F section 807, a data I/F section 809, a communication I/F section 811, and a display device. Contains 813.

Processor 801 controls various processes in computer 800 by executing programs stored in memory 803. For example, each functional unit included in the control unit 110 of the server device 100 can be realized by the processor 801 executing a program temporarily stored in the memory 803.

The memory 803 is a storage medium such as a RAM (Random Access Memory). The memory 803 temporarily stores the program code of the program executed by the processor 801 and data required when the program is executed.

The storage device 805 is a nonvolatile storage medium such as a hard disk drive (HDD) or flash memory. A storage device 805 stores an operating system and various programs for realizing each of the above configurations. In addition, the storage device 805 can also store a table for registering various information such as user information, and a DB for managing the table. Such programs and data are referenced by the processor 801 by being loaded into the memory 803 as needed.

The input I/F unit 807 is a device for receiving input from the user. Specific examples of the input I/F unit 807 include a keyboard, a mouse, a touch panel, various sensors, and wearable devices. Input I/F section 807 may be connected to computer 800 via an interface such as a USB (Universal Serial Bus).

The data I/F unit 809 is a device for inputting data from outside the computer 800. A specific example of the data I/F unit 809 is a drive device for reading data stored in various storage media. The data I/F unit 809 may be provided outside the computer 800. In that case, the data I/F unit 809 is connected to the computer 800 via an interface such as a USB.

The communication I/F unit 811 is a device for performing data communication with a device external to the computer 800 via the Internet N by wire or wirelessly. It is also conceivable that the communication I/F section 811 is provided outside the computer 800. In that case, the communication I/F unit 811 is connected to the computer 800 via an interface such as a USB.

The display device 813 is a device for displaying various types of information. Specific examples of the display device 813 include a liquid crystal display, an organic EL (Electro-Luminescence) display, and a display of a wearable device. The display device 813 may be provided outside the computer 800. In that case, the display device 813 is connected to the computer 800 via, for example, a display cable. In addition, when a touch panel is used as the input I/F unit 807, the display device 813 can be configured as an integral part of the input I/F unit 807.

Note that this embodiment is an example for explaining the present invention, and is not intended to limit the present invention to this embodiment alone. Furthermore, the present invention can be modified in various ways without departing from the gist of the invention. Furthermore, a person skilled in the art can adopt an embodiment in which each element described below is replaced with an equivalent, and such an embodiment is also included in the scope of the present invention.

The components of the server device described in the above embodiment are assumed to be implemented in cooperation with other hardware by the processor 801 executing a program stored in the storage device 805. In other words, these components are assumed to be software or firmware, and also corresponding hardware, and in both concepts, they are also described as "functions," "means," "parts," "processing circuits," "units," or "modules," and can be interpreted as such.

[Modified example]
Although the present invention has been described based on the above embodiments, the present invention also includes the following cases.

[Modification 1]
Although not shown in the above embodiment, the detection device may detect people, including people other than the user, who enter a store that uses or provides a linked service, and identify the user from among the detected people. In this example, the first device is a detection device for detecting a user who enters the store. The detection device detects, for example, belongings or living bodies of each person in the store or near the store. Based on the result of this detection, the detection device generates belongings information about the detected belongings or biometric information about the living body, and transmits it to the server device 100. The server device 100 obtains the transmitted belongings information or biometric information. The server device 100 may identify the user from among people in the store or near the store based on the acquired belongings information or biometric information, and authenticate the identified user.

The linked service may include, for example, a face-to-face service in a store. In this case, the acquisition unit 114 may acquire, for example, possession information regarding possessions of each person in the store or near the store, and/or biometric information regarding each person's biometric information. The control unit 110 of the server device 100 may also include, for example, an identification unit (not shown), which identifies the user from among people in the store or near the store based on user information regarding the user, possession information, and/or biometric information. The primary authentication unit 113a may execute primary processing for the user identified by the identification unit, for example, even if the reception unit 111 does not receive an authentication request from the first device.

According to the above configuration, in face-to-face services at a store, the detection device can automatically detect a user who enters the store and execute the primary process, without the user having to operate the user device 200a or the like to request authentication. This can improve usability for users. In particular, when biometric authentication such as facial recognition of the user is used as the primary authentication, there is a possibility that people other than the user themselves may be detected. Even in such cases, the user can be identified and authenticated.

The transmitting unit 121 may, for example, transmit an acquisition request to the provider device 300 requesting to acquire the primary information of the user specified by the specifying unit. The acquisition unit 114 may acquire primary information from the provider device 300, for example, as a response to this acquisition request. The primary authentication unit 113a may perform primary processing for authenticating the identified user based on the acquired primary information. According to such a configuration, even if the server device 100 does not hold the primary information of the identified user, it can be acquired as needed, such as when the user enters the store. Therefore, the security (especially confidentiality) of primary information can be strengthened.

[Modification 2]
In the above embodiment, an example has been described in which, as the primary processing, (A) a user is identified and (B) the identified user is authenticated based on the primary information of the user matching destination included in the request for user authentication. However, the primary processing according to the present invention is not limited to this. The primary processing may, for example, only identify the above (A) user or its candidates (hereinafter also referred to as "user candidates"). For example, the identification unit of the server device 100 identifies one or more people detected by the detection device as user candidates. The acquisition unit 114 transmits a request to acquire secondary information from the provider device 300 for the one or more identified user candidates, and acquires the secondary information as the acquisition request. The identification unit may identify the user candidate for which secondary information has been acquired (i.e., a candidate whose secondary information is stored in the provider device 300 as a user of the linked service) as a user. Then, the provision unit 112 may provide the acquired secondary information to a second device that executes a secondary processing for authenticating the identified user.

For example, when a face recognition sensor or the like is used as a detection device, the server device 100 may be able to obtain biometric information such as a facial image of the user from the detection device, but may not be able to obtain information that can identify the user (e.g., user identification information). Furthermore, in biometric authentication using the user's biometric information, the user may not be uniquely identified. According to the above configuration, even in such a case, if the user's secondary information can be obtained from the provider device 300, the secondary information can be provided to the second device, making it possible to perform authentication of the user. This can improve usability for the user.

[Modification 3]
At least a part of each configuration included in the server device 100 according to the above embodiment may be included in a first device such as the user device 200a, a second device such as the store device 200b, and/or the provider device 300. .

[Modification 4]
In the above embodiment, an example was explained in which secondary processing for user authentication is executed in a transaction in a cooperative service, but the authentication system according to the present invention can be applied even when no transaction occurs in a cooperative service. be. For example, if the cooperative service is an access control service, the authentication system 1 is used to manage access to a predetermined building and/or to a predetermined area in the access control service. Users who can enter and leave the building and/or who can enter and leave the room may be authenticated.

The authentication system according to the present invention can also be applied to, for example, authentication of contractual actions that do not involve payment. The linked service may be, for example, a service related to a contractual action that does not involve payment, such as a points transaction service, a remittance transaction service, and/or a service related to the exchange of coupons.

[Modification 5]
In the above embodiment, the following two methods (a) and (b) are described as examples for determining whether or not a transaction can be carried out. However, these two methods may be used selectively depending on the circumstances.
(A) The upper provider device 300 determines whether or not a transaction can be made, and transmits transaction permission information indicating the result of the determination to the second device on the edge side via the server device 100. The second device executes a transaction process according to the permission or non-permission of the transaction indicated by the transaction permission information.
(i) Transaction condition information is transmitted to a second device on the edge side, and the second device determines whether or not to permit the transaction based on the transaction conditions indicated by the transaction condition information.

As an example of using the above two methods (A) and (B) depending on the situation, for example, when the server device 100 executes the primary processing and transmits the primary processing result information of this primary processing to the provider device 300, it may make an acquisition request to acquire transaction information from the second device that executes the transaction processing of the transaction in the linked service. In response to this acquisition request, if the transaction information cannot be acquired because it has not yet been accepted by the second device, or if the transaction information can be acquired but the transaction processing status is not "processing completed (of the confirmation processing)", the server device 100 may select and execute the above method (B). On the other hand, if the transaction information can be acquired and the transaction processing status of the transaction information is "processing completed (of the confirmation processing)", the server device 100 may select and execute the above method (A). With this configuration, an efficient method can be selected depending on the status of the transaction processing, such as having the upper device determine whether the transaction can be performed or having the second device on the edge side determine whether the transaction can be performed using the transaction conditions.

[Modification 6]
In the above embodiment, an example of a face-to-face service in which face-to-face transactions are performed as one of the cooperative services has been described, but the transactions according to the present invention are not limited to this. The transaction according to the present invention may be, for example, a transaction of an online service provided online. The online service may be, for example, an SNS service such as Metaverse and/or an EC service. When applying the authentication system according to the present invention to online service transactions, the second device that performs the secondary processing is (a) the user device used by the user (in this case, the first device and the second device may be the same device), (a) a device that executes transaction processing for online transactions different from the server device 100 (hereinafter also referred to as a “transaction device”), or the like. For example, the server device 100 provides secondary information for executing secondary processing to a user device or transaction device that executes secondary processing for user authentication, based on the result of the primary processing. It's okay. The user device or transaction device executes secondary processing based on the provided secondary information.

1... authentication system, 100... server device, 110... control unit, 111... reception unit, 112... provision unit, 113... authentication unit, 114... acquisition unit, 115... payment processing unit, 116... identity verification unit, 117... registration unit, 120... communication unit, 130... storage unit, 200a... user device, 200b... store device, 300... provider device, 800... computer, 801... processor, 803... memory, 805... storage device, 807... input I/F unit, 809... data I/F unit, 811... communication I/F unit, 813... display device.

Claims (11)

On the computer,
a reception function for receiving an authentication request for authenticating a user of the service from the first device;
a primary authentication function that executes a primary process for authenticating the user in response to the authentication request based on primary information for executing the primary process;
and a providing function of providing secondary information for executing a secondary process to a second device that executes a secondary process for authenticating the user based on a result of the primary process.
program. The second device executes transaction processing regarding the user's transaction in the service,
The providing function provides primary processing result information indicating the result of the primary processing to a provider device of the service provider,
causing the computer to realize an acquisition function of acquiring transaction propriety information indicating propriety of the transaction provided according to the primary processing result information from the provider device;
The providing function provides the secondary information to the second device depending on whether the transaction is possible or not indicated by the transaction possibility information.
The program according to claim 1. The acquisition function acquires the secondary information provided in response to the primary processing result information from the provider device,
The providing function provides the acquired secondary information to the second device.
The program according to claim 2. causing the computer to realize an acquisition function of acquiring transaction condition information indicating transaction conditions for determining whether or not a transaction is possible in the service from a provider device of the service provider;
The providing function provides the transaction condition information to the second device,
The second device executes transaction processing regarding the transaction based on the transaction condition information.
The program according to claim 1. the reception function, when the second device cannot determine that the transaction is possible under the transaction conditions, receives from the second device a higher-level determination request for requesting a determination of whether or not the transaction is possible;
A transmission function is realized in the computer to transmit the higher-level determination request to the provider device;
The acquisition function acquires, from the provider device, higher-level determination result information indicating a result of the determination as a response to the higher-level determination request;
The providing function provides the higher-level determination result information to the second device,
The second device executes a transaction process for the transaction based on the higher-level determination result information.
The program according to claim 4. When the transaction conditions indicate that the transaction is possible on the condition that the user performs additional authentication, the acquisition function acquires additional authentication from the provider device to perform the additional authentication. get information,
causing the computer to realize a transmission function of transmitting the acquired additional authentication information to the second device;
The program according to claim 4. the second device executes a confirmation process for confirming the content of the transaction in the service based on a result of the secondary process;
causing the computer to realize an acquisition function of acquiring secondary processing result information indicating a result of the secondary processing and transaction information indicating a result of the confirmation processing from the second device;
a payment processing function that executes a payment process for settling the transaction by the payment means based on payment means information related to the payment means available to the user, the secondary processing result information, and the transaction information;
The program according to claim 1. The service includes face-to-face service at a store,
an acquisition function for acquiring possession information regarding possessions of each person in the store or in the vicinity of the store and/or biometric information regarding each person;
an identification function for identifying the user from among people in or near the store based on user information related to the user, the possession information, and/or the biometric information;
the primary authentication function executes the primary process for the identified user even if the reception function does not receive the authentication request.
The program according to claim 1. causing the computer to realize a transmission function of transmitting an acquisition request to a provider device of the service provider, the acquisition request requesting acquisition of the primary information of the specified user;
The acquisition function acquires the primary information from the provider device in response to the acquisition request,
The primary authentication function executes the primary process based on the acquired primary information.
The program according to claim 8. a reception unit that receives an authentication request for authenticating a service user from the first device;
a primary authentication unit that executes the primary process based on primary information for executing the primary process for authenticating the user in response to the authentication request;
A providing unit that provides secondary information for executing the secondary processing to a second device that executes secondary processing for authenticating the user based on the result of the primary processing. ,
Information processing device. The computer is
receiving an authentication request for authenticating a service user from a first device;
In response to the authentication request, performing the primary processing based on primary information for performing primary processing for authentication of the user,
providing secondary information for executing the secondary processing to a second device that executes the secondary processing for authenticating the user based on the result of the primary processing;
Information processing method.

Images