JP5301365B2 - Authentication card, card authentication terminal, card authentication server, and card authentication system - Google Patents

Description

  The present invention relates to an authentication card, a card authentication terminal, a card authentication server, and a card authentication system, and more particularly, easily authenticates whether or not the user who uses the authentication card is the holder who is the owner of the card. The present invention relates to an authentication card, a card authentication terminal, a card authentication server, and a card authentication system.

  In modern times, as a method to improve the convenience and certainty of services provided in everyday society, a predetermined card is provided to those who receive the service, and whether or not the card user is the owner of a genuine card Many systems have been established that provide services based on the determination (authorization). For example, security cards and Basic Resident Registration Cards are known as the types of cards based on the premise of authentic cardholder authorization, and they are also applied to identification cards such as driver's licenses. To get.

  Among such cards, a credit card is known as one of many cards issued today. When a user performs shopping, not only shopping using cash, but also shopping using a credit card is increasing today. By shopping using a credit card in this way, it is possible to shop freely from a low-priced item to a high-priced item without carrying cash. Many credit cards are issued today.

  Magnetic cards and IC cards are known as common card types of credit cards. The major difference between a magnetic card and an IC card is due to the data recording capacity and the arithmetic processing function. The data recording capacity of the IC card is larger than the data recording capacity of the magnetic card, and the IC card is provided with an arithmetic processing function.

  When shopping using a magnetic card, the card information of the magnetic card is read by the terminal, and the read card information is transmitted from the terminal to a server connected through the network. This server has a credit card authentication function, and can determine the validity of the magnetic card based on the magnetic card information transmitted via the network. The server determines the legitimacy of the magnetic card based on the transmitted magnetic card information, and if it is determined to be legitimate, returns information permitting the use of the credit card from the server to the terminal. .

  Note that the determination of validity in the server is to determine whether or not the magnetic card itself is a valid card, and the user who uses the magnetic card is a genuine person (a valid user). It is not a judgment whether or not. The authentic owner of the card, that is, the person who is officially registered with the card company as the card owner is called a holder.

  When the validity of the magnetic card is recognized and the use of the card is permitted, an operator who operates the terminal (for example, a store clerk who uses the credit card) asks the user for a signature. Evaluate the user's legitimacy (whether or not the user is a holder) and use the credit card only when the operator confirms the legitimacy of the user (the user is the holder) Shopping can be performed.

  In this way, when determining the validity of a magnetic card, since card information is transmitted and received via a network, a third party can steal card information when the card information is transmitted to a server. There is sex. In the case of a magnetic card, it is possible to easily duplicate the card based on the stolen card information, so that the copied card can be obtained by a third party obtaining the holder's signature by some means. It becomes possible to shop illegally using the. Such card duplication is an illegal act called so-called skimming.

  In order to prevent such card damage due to skimming, IC card type credit cards are often used today. The IC card has an arithmetic processing function and a relatively large recording capacity (memory) as described above, and can perform processing as a small computer (see, for example, Patent Document 1). For this reason, information indicating the validity of the credit card and authentication information such as a password indicating the validity of the holder are recorded inside the IC card, and without checking the validity of the card at the server. The validity of the card can be determined by mutual authentication between the IC card and the terminal. In addition, since the IC card is provided with an arithmetic processing function, the validity of the terminal is also determined by the IC card by performing mutual authentication between the IC card and the terminal. In such mutual authentication between an IC card and a terminal, information on the IC card is not read out, but a determination is made on the IC card side based on necessary information. It is possible to effectively prevent leakage.

  When the validity of the IC card and the terminal is recognized, the operator authenticates the user by asking the user for a password or the like. Even when this user authentication is performed, the password entered by the user is input to the IC card, whereby an authentication determination is made as to whether or not the user is a holder inside the IC card, and the authentication is performed. Only the result will be output. For this reason, when an IC card is used, it is difficult to steal it by a third party, and it is possible to effectively prevent leakage of information recorded on the IC card and counterfeiting / duplication of the IC card. is there.

JP2008-181225

  However, even if an IC card is used, it cannot be guaranteed that it is absolutely safe. For example, when a personal identification number is used for user authentication, a third party can impersonate the holder by seeing the personal identification number. When a holder enters a PIN when using a credit card, it is relatively rare to enter a PIN after confirming that there are no peepers around it. Since there are many people who input, a possibility that a personal identification number will be stolen becomes high. When a third party steals the password entered in this way, the password can be obtained. By using this password, it becomes possible to impersonate the holder when the card is used. Therefore, when impersonating a holder by stealing a PIN, even if it is difficult to steal card information from the card itself, such as an IC card type credit card, a third party can easily You can shop with a credit card.

  In this way, even if the card information defense is enhanced by using an IC card, use of credit cards, security cards, etc. is not possible unless the user can strictly determine whether or not the user is a holder. It can be said that it is not possible to sufficiently secure the safety of a card that requires user authentication. For this reason, today, by printing a face photo of a holder on a credit card or the like, an operator handling the terminal compares the face of the user with the face photo of the holder printed on the credit card. Many methods are used to determine whether or not a user is a holder.

  However, when a third person replaces the face photograph printed on the card surface with his / her own face photograph, it is determined that the third party is the holder himself / herself. Furthermore, even if the photo is not replaced, if the third person resembles a holder, the photo may be determined as a holder based on the face photo. In particular, since the size of the credit card is regulated to a predetermined small size, the face photograph printed on the credit card also becomes a relatively small image, and there is a possibility that details may become unclear. For this reason, when a third party is relatively similar to the holder, there is a possibility that even if the operator confirms the face photograph, the operator may recognize it as a holder. In such a case, sufficient safety is obtained. It was difficult to secure.

  Also, today, as a method of determining the validity of the holder, the holder-specific biometric information such as fingerprint information and vein information is recorded in the IC card, and the biometric information of the person using the card and the IC card are recorded. A method of comparing the recorded biological information of the holder is also employed. However, when it is determined whether or not the user is a holder using biometric information, it is necessary to install an apparatus for performing biometric authentication in a store or the like, which causes problems such as installation costs. End up.

  In addition, a method of ensuring the safety by increasing the accuracy of determining the validity by determining the validity of the holder in combination with a plurality of authentication methods such as a signature, a password, biometric information, etc. If the authentication method is allowed to be used in combination, the burden of authentication when shopping with a credit card increases, and the convenience of the credit card may be impaired.

  The present invention has been made in view of the above problems, and an authentication card that allows an operator operating the terminal to easily and accurately determine whether or not the user of the authentication card is a holder. It is an object to provide a card authentication terminal, a card authentication server, and a card authentication system.

  In order to solve the above-described problems, an authentication card according to the present invention includes a target image composed of an image different from an authentication image that certifies the holder itself, and target feature information that partially defines a characteristic configuration of the target image. A deformation authentication image that is an image obtained by deforming the authentication image so as to approach the target image according to a predetermined deformation rate by using an image morphing technique, the deformation rate, and a characteristic of the deformation authentication image An authentication card used for a card authentication terminal capable of restoring the authentication image by using image restoration key information composed of deformation feature information partially defining a configuration, wherein the deformation is applied to a card surface. An authentication image is printed.

  Further, the card authentication terminal according to the present invention includes a target image composed of an image different from the authentication image proving the holder itself, target feature information partially defining a characteristic configuration of the target image, and an image morphing technique. Partially defining a deformation authentication image that is an image obtained by deforming the authentication image so as to approach the target image according to a predetermined deformation rate, and the deformation rate and a characteristic configuration of the deformation authentication image. By using the image restoration key information composed of the deformed feature information, the image processing means capable of restoring the authentication image, and the deformation authentication image of the deformation authentication image from the authentication card on which the deformation authentication image is printed on the card surface. And image reading means for performing a reading process.

  Furthermore, the card authentication system according to the present invention includes a target image composed of an image different from an authentication image for proving the holder itself, target feature information partially defining a characteristic configuration of the target image, and an image morphing technique. Partially defining a deformation authentication image that is an image obtained by deforming the authentication image so as to approach the target image according to a predetermined deformation rate, and the deformation rate and a characteristic configuration of the deformation authentication image. A card authentication terminal capable of restoring the authentication image by using image restoration key information composed of the modified feature information, and an authentication card on which the deformation authentication image is printed on the card surface, The card authentication terminal includes: an image reading unit that reads the deformation authentication image from an authentication card having the deformation authentication image printed on the card surface; And an image processing unit capable of restoring the authentication image by using the modified authentication image that has been read by the image and the image restoration key information other than the modified authentication image. Features.

  As described above, in the authentication card, the card authentication terminal, and the card authentication system according to the present invention, since the deformation authentication image is printed on the card surface, the image similar to the authentication image for proving the holder itself with the deformation authentication image. By doing so, the operator who performs the card authentication work can visually authenticate the holder by comparing the user of the card with the deformation authentication image printed on the card.

  Furthermore, by using the modified authentication image printed on the authentication card, the authentication image that can prove the holder itself can be restored by the card authentication terminal. Therefore, regardless of whether the modified authentication image is similar to the authentication image or not, the operator can compare the authentication image restored in the card authentication terminal with the user of the authentication card. However, the holder can be authenticated based on a stricter standard.

  Also, if the deformed authentication image becomes an image similar to the authentication image by the image morphing technology, the authentication card is stolen, and even if an authentication card stolen by a third party is used illegally, Since the deformation authentication image printed on the image is similar to the authentication image showing the holder itself, the operator compares the user of the authentication card with the deformation authentication image, so that the user is a genuine holder. It can be determined whether or not.

  Furthermore, in the authentication card, the card authentication terminal, and the card authentication system according to the present invention, the authentication image restoration process is performed by reading the deformation authentication image printed on the surface of the authentication card by the card reader means of the card authentication terminal. . For this reason, when the unauthorized user replaces the photograph printed on the authentication card with the photograph of the unauthorized user, the modified authentication image used for the authentication image restoration process is not a modified authentication image related to the original holder. The restored authentication image is different from the person who uses the authentication card (unauthorized user). Therefore, by comparing the restored authentication image with the card user's face, the operator can easily determine whether or not the card user is a genuine holder and effectively prevent unauthorized use. It becomes possible.

  Here, the holder means a genuine owner of the authentication card and a person who is recognized as a regular owner when the authentication card is issued. The image reading means may be any means that can read a deformed authentication image from an authentication card printed on the card surface, and reads an image in one shot even if it can be read by scanning the image. (By a method such as shooting). Accordingly, the image reading method in the image reading means is not particularly limited.

  Further, the authentication card described above may be provided with a recording means capable of recording at least one piece of information among the image restoration key information excluding the modified authentication image.

  Further, the above-described card authentication terminal has card reader means capable of reading information recorded in the recording means of the authentication card, and the recording means of the authentication card includes the card authentication terminal other than the modified authentication image. At least one piece of information of the image restoration key information may be recorded.

  Further, in the above-described card authentication system, the authentication card has recording means capable of recording at least one piece of information of image restoration key information excluding the modified authentication image, and the card authentication terminal includes: A card reader capable of reading the information recorded in the recording means of the authentication card, and the image processing means of the card authentication terminal is the modified authentication that has been read by the image reading means. The authentication image may be restored by using an image and the image restoration key information that has been read by the card reader means.

  In this way, by recording at least one piece of information of the image restoration key information excluding the modified authentication image on the recording means of the authentication card, information necessary for restoring the authentication image in the card authentication terminal is stored in the card reader. It becomes possible to acquire from an authentication card using a means. For this reason, the card authentication terminal can reliably acquire the image restoration key information from the authentication card, and can smoothly perform the restoration process of the authentication image.

  On the other hand, the authentication card according to the present invention includes a target image composed of an image different from the authentication image proving the holder itself, target feature information partially defining a characteristic configuration of the target image, and an image morphing technique. Partially defining a deformation authentication image that is an image obtained by deforming the authentication image so as to approach the target image according to a predetermined deformation rate, and the deformation rate and a characteristic configuration of the deformation authentication image. An authentication card used for a card authentication terminal capable of restoring the authentication image by using the image restoration key information including the modified feature information, and the image restoration key information can be recorded. And a recording means for recording at least the deformation authentication image.

  Further, the card authentication terminal according to the present invention includes a target image composed of an image different from the authentication image proving the holder itself, target feature information partially defining a characteristic configuration of the target image, and an image morphing technique. Partially defining a deformation authentication image that is an image obtained by deforming the authentication image so as to approach the target image according to a predetermined deformation rate, and the deformation rate and a characteristic configuration of the deformation authentication image. By using the image restoration key information comprising the deformed feature information, the image processing means capable of restoring the authentication image, and the image restoration key from the recording means of the authentication card in which the image restoration key information is recorded. Card reader means capable of reading information, and at least the modified authentication image is recorded in the recording means of the authentication card. .

  Furthermore, the card authentication system according to the present invention includes a target image composed of an image different from an authentication image for proving the holder itself, target feature information partially defining a characteristic configuration of the target image, and an image morphing technique. Partially defining a deformation authentication image that is an image obtained by deforming the authentication image so as to approach the target image according to a predetermined deformation rate, and the deformation rate and a characteristic configuration of the deformation authentication image. By using image restoration key information composed of the modified feature information, a card authentication terminal capable of restoring the authentication image and a record capable of recording image restoration key information including at least the modified authentication image A card reader capable of reading information recorded in the recording means of the authentication card. And image processing means capable of restoring the authentication image by using the modified authentication image and other image restoration key information that has been read by the card reader means. To do.

  In this way, by recording the image restoration key information including at least the modified authentication image on the authentication card recording means, information necessary for restoring the authentication image in the card authentication terminal is obtained using the card reader means. It becomes possible to obtain from. For this reason, the card authentication terminal can reliably acquire the image restoration key information from the authentication card, and can smoothly perform the restoration process of the authentication image.

  Further, the card authentication terminal described above may include an image recording unit that records the target image, and the authentication card stores the image restoration key information other than the target image.

  Further, in the above-described card authentication system, the card authentication terminal includes an image recording unit that records the target image, and the image processing unit of the card authentication terminal includes the target image recorded in the image recording unit. The authentication image may be restored by using the modified authentication image that has been read and other image restoration key information.

  As described above, when the card authentication terminal is provided with the image recording means for recording the target image, it is not necessary to record the target image having a large amount of data in the authentication card or the like among the image restoration key information. Whether it is an IC card or a magnetic card generally used as an authentication card, there is a limit to the amount of data that can be recorded, and it is preferable to record a large amount of image data. There wasn't. For this reason, the amount of data recorded on the authentication card can be reduced by recording the target image having a large amount of data in the card authentication terminal.

  The card authentication terminal described above has terminal communication means capable of transmitting and receiving information to and from the card authentication server via a network, and the terminal communication means records the image restoration recorded in the card authentication server. Key information may be acquired from the card authentication server.

  Furthermore, the card authentication server according to the present invention includes a target image composed of an image different from the authentication image that proves the holder itself, target feature information that partially defines a characteristic configuration of the target image, and image morphing technology. Partially defining a deformation authentication image that is an image obtained by deforming the authentication image so as to approach the target image according to a predetermined deformation rate, and the deformation rate and a characteristic configuration of the deformation authentication image. A card authentication server connected via a network to a card authentication terminal capable of restoring the authentication image by using image restoration key information composed of the modified feature information, the modified authentication Key information recording means capable of recording at least one information of image restoration key information other than images, and the information recorded in the key information recording means , Characterized in that it comprises a server communication means capable of transmitting to the card authentication terminal via the network.

  Further, the card authentication system described above includes at least one of server communication means capable of transmitting information to the card authentication terminal via a network, and image restoration key information other than the modified authentication image. A card authentication server having key information recording means capable of recording information, wherein the card authentication terminal has terminal communication means capable of transmitting / receiving information to / from the card authentication server, and the card The image processing means of the authentication terminal includes the image restoration key information acquired by the terminal communication means from the key information recording means of the card authentication server via the network, the modified authentication image subjected to the reading process, and the other The authentication image may be restored by using image restoration key information.

  Further, the card authentication system described above includes at least one of server communication means capable of transmitting information to the card authentication terminal via a network and image restoration key information other than the modified authentication image. A card authentication server having a key information recording unit capable of recording information, wherein the card authentication terminal transmits / receives information to / from the card authentication server. An image processing means for the card authentication terminal, the target image recorded in the image recording means, and the terminal communication means via the network for the key of the card authentication server. Using the image restoration key information acquired from the information recording means, and the modified authentication image and other image restoration key information subjected to the reading process More, it may perform the restore of the authentication image.

  As described above, by recording at least one piece of image restoration key information other than the modified authentication image in the key information recording unit of the card authentication server, an image required for the authentication image restoration processing in the card authentication terminal. The restoration key information can be acquired via the network. For this reason, the card authentication terminal can reliably acquire the image restoration key information, and can smoothly perform the restoration process of the authentication image.

  In particular, a general card authentication terminal and a card authentication server employ a configuration in which information is transmitted and received after strict confirmation (authentication) of each legitimacy. Therefore, it is possible to prevent the image restoration key information from being accidentally transmitted to a third party by tightening mutual authentication, and applied between a general card authentication terminal and a card authentication server. It is possible to ensure the security in transmitting and receiving the image restoration key information by using a high authentication function.

  Further, when the card authentication terminal is provided with image recording means for recording a target image, it is not necessary to record a target image having a large amount of data among the image restoration key information on an authentication card or the like. Whether it is an IC card or a magnetic card generally used as an authentication card, there is a limit to the amount of data that can be recorded, and it is preferable to record a large amount of image data. There wasn't. For this reason, the amount of data recorded on the authentication card can be reduced by recording the target image having a large amount of data in the card authentication terminal.

  Further, when the card authentication terminal is provided with image recording means for recording the target image, the card authentication is performed through the network every time the target image having a large amount of data in the image restoration key information is restored. There is no need to send data from the server to the card authentication terminal. For this reason, it is possible to reduce the communication cost and communication burden in the data transmission / reception process.

  Further, in the above-described card authentication terminal, a target image collection including a plurality of images including the target image is recorded in the image recording means, and the terminal communication means receives the card image in the target image collection from the card authentication server. The specific information required for specifying the target image may be acquired, and the image processing unit may specify the target image from the target image collection based on the acquired specific information.

  As described above, the image to be recorded in the image recording means of the card authentication terminal is not limited to one image corresponding to the target image, but is used as a plurality of images made up of the target image collection. It is possible to prevent a target image from being easily determined by a third party.

  Further, by using the image obtained from the target image collection based on the specific information acquired from the card authentication server as the target image used for the restoration process of the authentication image, the third party can store the contents of the image recording means of the card authentication terminal. It is not possible to find a true target image from a plurality of images only by stealing. For this reason, it is possible to prevent the target image required for restoring the authentication image from being easily specified by a third party, and to improve the safety.

  In addition, the card authentication server described above corresponds to the card authentication terminal with a target image collection generating unit that generates a target image collection including a plurality of images including the target image, and an order of the images included in the target image collection. A replacement conversion means for performing replacement conversion, and specific information capable of specifying the target image from a plurality of images included in the target image collection subjected to replacement conversion, in association with the card authentication terminal. Specific information recording means, and the server communication means periodically transmits the target image collection generated by the target image collection generation means to the card authentication terminal, and from the card authentication terminal. The specific information may be transmitted to the card authentication terminal in response to the request.

  Further, in the above-described card authentication system, the card authentication server includes a target image collection generating unit that generates a target image collection including a plurality of images including the target image, and an order of the images included in the target image collection. Replacement conversion means for performing replacement conversion in association with the card authentication terminal, and identification information capable of specifying the target image from a plurality of images included in the replacement-converted target image collection, the card authentication terminal Specific information recording means for recording in association with the server, the server communication means periodically transmits the target image collection generated by the target image collection generation means to the card authentication terminal, The specific information can be transmitted to the card authentication terminal in response to a request from the card authentication terminal, and the terminal communication means is transmitted by the server communication means The target image collection is periodically acquired and recorded in the image recording unit, and the specific information transmitted from the server communication unit is acquired in response to the request, and the image processing unit of the card authentication terminal The target image may be specified from the target image collection based on the acquired specific information.

  Thus, by periodically transmitting a target image collection including a plurality of images including a target image to the card authentication terminal, it is possible to provide the card authentication terminal with a target image necessary for restoring the authentication image. Furthermore, by periodically sending the target image collection, the target image used for the authentication image can be changed at regular intervals, so that the target image used for restoring the authentication image is fixed to the same image. Can be suppressed.

  Furthermore, since the replacement conversion means replaces and converts the order of the images included in the target image collection in association with the card authentication terminal, the order of the target images in the target image collection distributed to each card authentication terminal is different. . For this reason, it is difficult to obtain the position of the target image from the pattern of the order of images included in the target image collection, and the risk that the target image is specified by a third party can be reduced.

  Further, in order to specify the target image from the target image collection subjected to the replacement conversion, it is necessary to access the card authentication server and acquire the specific information. For this reason, in order to restore the authentication image in the card authentication terminal, it is necessary to access the card authentication server that has been subjected to mutual authentication. As a result, the check function for specifying the target image is enhanced. Therefore, it is possible to ensure high security regarding the image restoration key information.

  In addition, the card authentication server described above has a classifying unit that classifies an image having a common feature from a plurality of prestored images by using a clustering technique, and the target image collection generating unit includes: The target image collection may be generated based on a plurality of images classified by the classification unit.

  In this way, a plurality of images constituting the target image collection are configured based on images having common features, and a modified authentication image is generated using the target image collection common to the features of the authentication image, whereby the authentication image Therefore, it is possible to generate a deformation authentication image similar to the authentication image without feeling uncomfortable. In this way, by generating a deformation authentication image that is similar to the authentication image and has no sense of incongruity, the operator compares the deformation authentication image printed on the authentication card with the face of the card user, so that the card user can It becomes possible to visually confirm whether or not.

  Furthermore, in the above-described card authentication terminal, the image restoration key information recorded on the authentication card is subjected to an encryption process that cannot be decrypted unless a predetermined decryption key is used, Terminal communication means obtains the decryption key from the card authentication server, and the image processing means restores the authentication image based on the image restoration key information decrypted by the obtained decryption key. You may do it.

  Further, the card authentication server described above has a decryption key recording unit that records a decryption key necessary for decrypting the image restoration key information of the encrypted authentication card, and the server communication unit includes: The decryption key may be transmitted in response to a request from the card authentication terminal.

  Furthermore, in the above-described card authentication system, the image restoration key information recorded on the authentication card is subjected to an encryption process that cannot be decrypted unless a predetermined decryption key is used. The authentication server has a decryption key recording means for recording the decryption key, and the server communication means of the card authentication server transmits the decryption key in response to a request from the card authentication terminal, The terminal communication means of the card authentication terminal acquires the decryption key from the card authentication server, and the image processing means of the card authentication terminal is encrypted based on the acquired decryption key. The authentication image may be restored by decrypting the image restoration key information of the authentication card.

  In this way, by applying encryption processing to a part of the image restoration key information recorded on the authentication card, the authentication card was stolen by a third party, and the recorded information was read out. Even in this case, it is possible to prevent the contents of the information from being easily known.

  Furthermore, in order to decrypt the encrypted image restoration key information, it is necessary to obtain a decryption key from the card authentication server. In the present invention, since the recording location of the encrypted image restoration key information (acquisition object: authentication card) and the recording location of the decryption key (acquisition object: card authentication server) are different, the image restoration key information is acquired. For this purpose, it is necessary to access two recording locations (acquisition targets) and acquire necessary information from each. For this reason, it is possible to improve the security for the image restoration key information, and to effectively prevent the content of the image restoration key information from leaking to a third party.

  According to the authentication card, the card authentication terminal, the card authentication server, and the card authentication system according to the present invention, the holder itself is proved by using the modified authentication image printed or recorded on the authentication card. Can be restored by the card authentication terminal, so the operator can compare the authentication image restored in the card authentication terminal with the card user, so that the operator can It is possible to authenticate whether or not is a holder.

  Even if the unauthorized user replaces the photo printed on the authentication card with the unauthorized user's photo, the authentication image is restored using the replaced image. The image is different from the person who uses the authentication card (unauthorized user). Therefore, by comparing the restored authentication image with the card user's face, the operator can easily determine whether or not the card user is a genuine holder, effectively preventing unauthorized use. It becomes possible to prevent.

It is the figure which showed schematic structure of the card | curd authentication system which concerns on this Embodiment. (A) is the figure which showed the authentication card and authentication image on which the deformation | transformation authentication image was printed, (b) is the figure which contrasted and showed the authentication image, the target image, and the deformation | transformation authentication image. It is the figure which showed schematic structure of the terminal which concerns on this Embodiment. It is the figure which showed schematic structure of the server which concerns on this Embodiment. It is the flowchart which showed the process which produces | generates the target image collection in the server which concerns on this Embodiment. It is the figure which showed the flowchart for calculating | requiring a synthesized image in the server which concerns on this Embodiment. 4 is a flowchart showing the contents of processing performed according to the card authentication method 1 by the control processing unit of the terminal according to the present embodiment. 5 is a flowchart showing the contents of processing performed in accordance with the card authentication method 2 by the control processing unit of the terminal according to the present embodiment. 5 is a flowchart showing the contents of processing performed in accordance with the card authentication method 3 by the control processing unit of the terminal according to the present embodiment. 5 is a flowchart showing the contents of processing performed according to the card authentication method 4 by the control processing unit of the terminal according to the present embodiment. 5 is a flowchart showing the contents of processing performed in accordance with the card authentication method 5 by the control processing unit of the terminal according to the present embodiment. It is a table | surface which shows the authentication method of the holder shown in contrast for every kind of card | curd and the kind of terminal.

  Hereinafter, embodiments of the present invention will be described with reference to the accompanying drawings.

  First, an image morphing technique for determining the validity of a card user and the validity of a card to be authenticated by the card user in the card authentication system according to the present embodiment will be described. Here, the card to be authenticated is a card that allows the card user to receive various services when the card user is authenticated as a holder, or that satisfies certain conditions. It means a card that proves that it is a party. For example, various cards such as a basic resident register card, an in-house security card, and a driver's license can be subject to authentication, but in the card authentication system according to the present embodiment, they are subject to authentication. Assume that a credit card is used as an example of the card.

[Image morphing technology]
In the card authentication system according to the present embodiment, by using a morphing technique, a genuine face photograph of a holder is obtained based on a face photograph that is similar to the holder printed on a credit card and a face photograph that is completely different from the holder. To restore. Since the operator determines the validity of the holder using the face photograph of the holder restored in this manner, it is easily and accurately determined whether or not the user corresponds to a genuine person (holder). It becomes possible.

  It should be noted that the face photograph that looks very similar to the holder does not necessarily have to be printed on the credit card, and is recorded as image data in the credit card recording unit 9 (see FIG. 2A), as will be described later. It may be. Furthermore, the face photograph printed on the credit card or the face photograph recorded on the credit card is not limited to the face photograph resembling the holder, and may be a face photograph not resembling the holder at all.

  The image morphing technique used in the card authentication system according to the present embodiment is disclosed in, for example, Japanese Patent Application Laid-Open No. 2007-219230. This image morphing technology generates an intermediate image without any sense of incongruity with the characteristics of the original image and the target image by synthesizing the original image and the target image based on a predetermined deformation rate (morphing rate). It is characterized by doing. Since the intermediate image generated in this way includes the elements of the original image and the elements of the target image, the image approximates the original image and also approximates the target image, and each element is synthesized without a sense of incongruity. Therefore, the intermediate image has no sense of incongruity.

  In order to generate the intermediate image, the original image, the feature vector of the original image, the target image, the feature vector of the target image, and the deformation rate m (where 0 ≦ m ≦ 1) of the image to be combined are required. . Here, the feature vector is a component common to the original image and the target image (for example, when both images are face images, “eyes”, “nose”, “ The characteristic portions in each face image such as “mouth” and “contour”) are extracted as vector information.

  When generating an intermediate image, using the feature vector of the original image and the feature vector of the target image, the coordinates of each deformation corresponding portion of the original image and the target image are represented by a deformation ratio m: 1−the deformation ratio m. The deformation corresponding position coordinates corresponding to the intermediate image are obtained by moving from the original image to the target image side at a ratio. Then, by assigning corresponding pixel values in the original image and the target image to the pixels of the coordinates corresponding to the obtained deformation corresponding location, an intermediate image of intermediate image = (1−m) × original image + m × target image is generated.

  In the card authentication system according to the present embodiment, the original image is a genuine photograph of the holder (hereinafter, this image is referred to as “authentication image”), and the target image is provided by a server (card authentication server) described later. (Hereinafter, this image is referred to as “target image”). Then, based on the authentic photograph of the holder (authentication image) and the image provided by the server (target image), an image that is similar to the authentic image of the holder and has no sense of incongruity is generated. (Hereinafter, this image will be referred to as a “deformed authentication image”) and printed on a credit card.

  Further, by using this image morphing technique, the face image (authentication image) of the holder is converted into a feature vector in a face photograph (deformed authentication image) printed on a credit card and a printed face photograph (deformed authentication image). (Deformation feature information), an image (target image) provided by the server, a feature vector (target feature information) in the image (target image) of the server, and a deformation rate can be restored. It has become. Therefore, in the card authentication system according to the present embodiment, the authentication image is restored based on the modified authentication image, the feature vector in the modified authentication image, the target image, the feature vector in the target image, and the deformation rate. Can do. In the present embodiment, these pieces of information are called image restoration key information.

[Overall configuration of card authentication system]
FIG. 1 is a block diagram showing a schematic configuration of a card authentication system according to the present embodiment. A card authentication system 1 according to the present embodiment is roughly configured by a server (card authentication server) 2, a terminal (card authentication terminal) 3, and a credit card (authentication card) 4. Are connected via the network 5. The server 2 and the terminal 3 use the image morphing technology as necessary to determine the data (image restoration key information) necessary for extracting the face photograph of the holder and the validity of the credit card 4 Information is transmitted and received via the network 5. The network 5 may be a dedicated line or may be a public communication line such as the Internet.

  In order to transmit and receive data between the server 2 and the terminal 3, an encryption technique is often used so that the data contents are not easily leaked to a third party. Various methods can be used as the encryption technique. In this embodiment, in order to encrypt data, and in order to determine the validity of the server 2 and the terminal 3, a public key cryptosystem is used. adopt.

  In public key cryptography, the key used for data encryption and the key used for decryption are separated, and the key used for encryption cannot be decrypted. It is a mechanism that cannot easily find the key. The key owner manages only the key used for decryption so that it is not known to others (decryption key = secret key), and the key used for encryption can be widely disclosed (encrypted) Key = public key). Note that the public key does not necessarily need to be disclosed, and a method that does not disclose it according to the method of use can also be used. When data is encrypted and transmitted / received, the sender transmits the data after obtaining the public key disclosed by the receiver and encrypting the data. Since the encrypted data can be decrypted only with the private key of the receiver, the contents are not decrypted even if intercepted by a third party on the way, and information leakage can be prevented.

  In addition, in the data transmission / reception between the terminal 3 and the server 2 according to the present embodiment, the public key cryptosystem described above is used, but the encryption method is not limited to the public key cryptosystem, and other encryption schemes are used. May be adopted. For example, the key used for encryption and the key used for decryption may be the same key encryption method, and even when the common key encryption method is adopted, the management of key information is thoroughly performed. As a result, data leakage can be suppressed.

  Furthermore, a one-time key may be used as a key used for encryption. A one-time key is a key that can be used only once. When using a one-time key, a password (one-time key) with seemingly random numbers is generated by combining the holder's PIN number and time information (minute information). Data is encrypted using a password, and data is transmitted from the terminal 3 to the server 2. The server 2 can confirm whether or not the password is generated by a genuine user by using a similar algorithm. The one-time key has a feature that changes every short time, for example, every minute. Even if the one-time key (password) is stolen, the valid period is one minute as an example at the maximum. . Furthermore, since the one-time key is used only once and is not used repeatedly (that is, disposable), it is possible to ensure high safety.

  The above-described encryption method encrypts information recorded on the credit card in order to prevent information recorded on the credit card 4 from being stolen by a third party and easily leaking the contents. It can also be used when performing. For example, before issuing the credit card 4, after encrypting the information with the secret key, the encrypted information is recorded on the credit card 4. By recording the encrypted information on the credit card 4, it is difficult to easily know the contents even if a third party steals the information recorded on the credit card 4. Become.

  When it becomes necessary to confirm the contents of the information recorded on the credit card 4, mutual authentication between the credit card 4 and the terminal 3 is performed as described later, and further, mutual authentication between the terminal 3 and the server 2 is performed. After the credit card 4 and the terminal 3 are validated by the terminal 3, the terminal 3 transmits the public key to the server 2, and the server 2 decrypts the information recorded on the credit card 4 using the received public key. The decryption key for encryption is encrypted, and the encrypted decryption key is sent to the terminal 3.

  The terminal 3 receives the decryption key from the server 2, decrypts the acquired decryption key with the private key corresponding to the public key used in the server 2, and uses the decrypted decryption key as the decryption key. By using it, the information read from the credit card 4 can be decrypted.

  As the credit card 4, two types of cards, that is, a magnetic card and an IC card can be used. The magnetic card is different from the IC card in that the data recording capacity of the card is small and the arithmetic processing function in the credit card 4 is not provided. In the present embodiment, the case where an IC card is mainly used will be described, and the case where a magnetic card is used will be supplementarily described. However, regardless of which card is used, image morphing technology is used. Thus, it is possible to obtain the characteristic configuration and effect of the present invention that the holder is authenticated.

  On the surface of the credit card 4, as shown in FIG. 2A, using the image morphing technique described above, an authentic image (authentication image) 6 of the holder and an image (target image) provided by the server 2 are used. A deformation authentication image 8 deformed based on this is printed.

  FIG. 2B shows a face photograph showing the authentication image 6, a face photograph showing the target image 7, a face photograph showing the deformation authentication image 8 when the deformation rate m is set to 0.5, It is shown. The authentication image 6, the target image 7, and the deformation authentication image 8 shown in FIGS. 2A and 2B are merely examples, and are not limited to these images.

  As shown in FIG. 2B, the deformation authentication image 8 is not the same as the genuine face photograph of the holder, but is a similar face photograph including the characteristic elements of the target image 7. However, with this degree of similarity, the holder can be confirmed based on the deformation authentication image 8, so that the operator can change the holder based on the face photograph (deformation authentication image 8) printed on the credit card 4. It is possible to perform authentication. In addition, the deformation authentication image 8 is an image generated by the image morphing technique. However, since the image does not feel uncomfortable, even when the deformation authentication image 8 itself is observed, it does not feel uncomfortable.

  Further, the credit card 4 is provided with a recording unit (recording unit) 9 capable of recording a part of the image restoration key information necessary for restoring the authentication image 6 based on the image morphing technique. . Details of the image restoration key information will be described later.

[Terminal configuration]
As shown in FIG. 3, the terminal 3 includes a card reader unit (card reader unit) 10, an image scanning unit (image reading unit) 11, an image recording unit (image recording unit) 12, and a communication unit (terminal communication unit). ) 13, a control processing unit (image processing means) 14, and an image display unit 15.

  The image scanning unit 11 has a function of reading the deformation authentication image 8 printed on the credit card 4. The card reader unit 10 has a function of reading data (image restoration key information and the like) recorded in the recording unit 9 of the credit card 4. When an IC card is used as the credit card 4, the card reader unit 10 can not only read data recorded on the IC card but also input necessary information to the IC card. Yes. The IC card can perform information authentication processing based on the input information, and the card reader unit 10 reads the authentication processing result from the IC card, so that the credit card 4 and the terminal 3 Authentication can be performed.

  The image recording unit 12 is configured by a general storage device such as a hard disk or an SSD (Solid State Drive). The image recording unit 12 can record a plurality of images (a target image collection described later) acquired from the server 2. The image recording unit 12 temporarily records data read from the credit card 4 by the card reader unit 10 and data of the modified authentication image 8 read from the credit card 4 by the image scanning unit 11. The communication unit 13 is configured by a general network interface card (LAN (Local Area Network) card) or the like, and is used for transmission / reception of data with the server 2.

  The control processing unit 14 has a function of performing various processes in the terminal 3, and includes a CPU (Central Processing Unit) that performs arithmetic processing, a ROM (Read-Only Memory) that records a program related to holder authentication processing, A RAM (Random Access Memory) used as a work area is used. The control processing unit 14 has a role of restoring the authentication image 6 based on the target image 7, the modified authentication image 8, the image restoration key information, and the like. When an IC card is used as the credit card 4, the control processing unit 14 has a role of performing authentication processing between the credit card 4 and the terminal 3 by operating the card reader unit 10. Further, when a magnetic card is used as the credit card 4, the card information is transmitted to the server 2 via the communication unit 13, and the authentication information returned from the server 2 is acquired via the communication unit 13. Thus, it has a role of performing authentication processing of the magnetic card.

  Further, the control processing unit 14 transmits authentication information of the terminal 3 that can identify the terminal 3 to the server 2 via the communication unit 13, and returns a response from the server 2 to the transmitted authentication information of the terminal 3. By receiving the authentication information via the communication unit 13, it has a function of performing an authentication process between the terminal 3 and the server 2. The control processing unit 14 also has a role of performing encryption / decryption processing using the public key cryptosystem described above in information transmission / reception processing with the server 2.

  The image display unit 15 is configured by a liquid crystal display, a CRT display, or the like, and has a role of allowing the operator to visually recognize the authentication image 6 restored by the image decoding process by the control processing unit 14. Since the authentication image 6 displayed on the image display unit 15 is a genuine face photo of the holder restored based on the image restoration key information, the operator uses the face photo displayed on the image display unit 15 and the holder. By comparing, the holder can be reliably authenticated.

  The authentication image 6 displayed on the image display unit 15 is desirably displayed so that only the operator can visually recognize it. For this reason, it is also possible to use a display technique that can switch whether or not the image display unit 15 can be visually recognized depending on the viewing angle. Further, since the authentication image 6 is not limited to a flat one, the authentication image 6 is a stereoscopic image, and the image display unit 15 is a display capable of stereoscopically viewing the stereoscopic image with the naked eye, thereby authenticating the holder. The accuracy can be improved.

  Further, when the credit card 4 is stolen and the deformed authentication image printed on the card surface is forged by being replaced with an unauthorized user's face photo or the like, the replaced face photo is authenticated as a deformed authentication image. Even if the image restoration processing is performed, the genuine face photograph of the holder is not displayed, and of course, the face photograph is different from the face photograph of the unauthorized user, so it is possible to easily determine whether the card has been forged. Further, even if a person similar to a face photo printed on the credit card 4 tries to use the credit card 4 as a holder, the face image (authentication image 6) of the genuine holder is displayed on the image display unit 15. Therefore, it is possible to determine an unauthorized user of the credit card 4.

[Server configuration]
As shown in FIG. 4, the server 2 includes a communication unit (server communication unit) 20, a control unit (target image collection generation unit, replacement conversion unit, classification unit) 21, and a terminal information recording unit (decryption key recording unit). , Specific information recording unit) 22, target image recording unit 23, and holder information recording unit (key information recording unit) 24.

  The communication unit 20 has a function of transmitting / receiving data to / from the terminal 3 connected via the network 5. In FIG. 1, only two terminals 3 connected to the server 2 via the network 5 are shown for convenience, but the number of terminals 3 connected to the server 2 is limited to two. Instead, in general, a plurality of terminals 3 are connected. In addition, the server 2 according to the present embodiment is connected to the Internet, and can collect images that can be the target of the target image 7 from images published on the Internet.

  The terminal information recording unit 22, the target image recording unit 23, and the holder information recording unit 24 are configured by a general storage device such as a hard disk or an SSD (Solid State Drive) like the image recording unit 12 of the terminal 3. .

  In the terminal information recording unit 22, information related to the terminal 3 connected via the network 5 is recorded. By using information for each terminal 3 recorded in the terminal information recording unit 22, the server 2 can authenticate the terminal 3. The information for each terminal 3 includes, for example, a terminal ID (identification number information), a terminal type, information on a user or administrator of the terminal, terminal installation location information, and the like.

  The terminal information recording unit 22 has a decryption key used for decrypting the encrypted credit card information when the information recorded in the recording unit 9 of the credit card 4 is encrypted. In addition, when encryption processing is performed in transmission / reception of information with the terminal 3, a decryption key or the like used for decrypting the encryption is recorded.

  Further, the terminal information recording unit 22 receives the target image collection including a plurality of images including the target image 7, identification information for identifying each image, and the authentication image 6 from among the images constituting the target image collection. Information (specific information, position information) and the like for specifying the target image 7 required for restoration is recorded.

  The target image collection is distributed from the server 2 to the terminal 3 at regular intervals. When the terminal 3 restores the authentication image 6, the terminal 3 collects the target image collection distributed by the server 2. Therefore, it is necessary to specify the target image 7 used for restoring the authentication image 6. Information used when specifying the target image 7 is referred to as position information. In the target image collection, the arrangement order of the images constituting the target image collection is determined for each terminal 3, and information indicating the alignment position of the target image 7 in such a target image collection is position information. Accordingly, in the terminal information recording unit 22, identification information for identifying each image and a position (position information, specific information) indicating the order of alignment of the target images 7 in the target image collection are associated with the terminal 3. Are recorded.

  Since each image has identification information for identifying each image as described above, a specific image (for example, the target image 7 used in the image morphing process) is extracted. Can be extracted by searching for the image of the identification information of the target image 7 from the images recorded in the image recording unit 12.

  The target image recording unit 23 records a large number of images and feature vectors corresponding to the images. The images recorded in the target image recording unit 23 are classified by an image classification process described later.

  The holder information recording unit 24 records various information related to the holder such as the holder ID (identification number information), the type of the credit card 4, and personal information (address, name, etc.) of the holder. The holder information recording unit 24 can record information (such as an authentication image restoration key) necessary for restoring an authentication image by image restoration processing. The server 2 can specify the type of the credit card 4 and the holder based on the card information received from the terminal 3 and the information on the holder recorded in the holder information recording unit 24. Based on the specific contents, authentication processing of the credit card 4 in the case of a magnetic card, transmission processing of an authentication image restoration key, and the like are performed.

  The control unit 21 has a function of performing various processes. For example, authentication processing with the terminal 3 described above, authentication processing of a magnetic card when a magnetic card is used for the credit card 4, encryption processing used for data transmission / reception with the terminal 3, Performs processing such as compressing and sending image collections. Further, the control unit 21 performs a target image collection distribution process that is periodically transmitted to the terminal 3, an image collection process performed via the Internet, a collected image classification process, and the like.

  The image collection processing in the server 2 can be realized, for example, by collecting human face photographic images published on the Internet. The image of the face image to be collected usually has the characteristics that the eyes, nose, mouth, and ears are located at the same position and has a similar head outline. By making a determination based on these characteristic arrangement positions based on the above, it is possible to automatically collect only face photographs. As described above, when the server 2 collects images, the control unit 21 circulates the Internet via the communication unit 20 to collect the face photograph image and record it in the target image recording unit 23.

  Further, when the credit card company operates and manages the server 2, many face photographs requested to be submitted to the user for the purpose of printing on the credit card 4 are stored. For this reason, in the credit card company, after explaining all matters out of the accumulated face photograph data that the user is permitted to use as the target image (the image can be disclosed to the public, the user By using the face photograph image that is permitted to be used as the target image according to the embodiment, it is possible to easily and quickly collect many images. When using facial photograph data, the control unit 21 causes the target image recording unit 23 to record facial photograph data to be used.

  Next, the control unit 21 of the server 2 performs classification processing of images recorded in the target image recording unit 23. When the modified authentication image 8 similar to the authentication image 6 is generated using the image morphing technique, the face photo image is similar to the extent that no uncomfortable feeling is generated between the deformation authentication image 8 and the authentication image 6. Is desirable. Therefore, it is desirable that the target image 7 used when generating the deformation authentication image 8 is an image similar to the authentication image 6.

  Specifically, when the authentication image 6 is a female face photo, it is desirable that the target image 7 is also a female face photo. When the authentication image 6 is a white face photo, it is desirable that the target image 7 is also a white face photo. Furthermore, when the target image 7 is an infant face photo, the target image 7 is also preferably an infant face photo. As described above, when the deformation authentication image 8 is generated using the image morphing technique, in order to prevent a sense of incongruity between the deformation authentication image 8 and the authentication image 6, the target of the target image 7 is It is preferable to use an image similar to the authentication image 6. Therefore, the control unit 21 configures the target image collection by extracting an image similar to the authentication image 6.

  When extracting similar images, images can be classified using classification patterns of skin color (for example, about 3 to 5 types) and facial contours (for example, about several dozen types) in the face image. By classifying images using such conditions, it is possible to generate a target image collection that can correspond to various authentication images. Note that the number of images required to generate the target image collection is considered to be about several hundred to several thousand.

  As described above, the control unit 21 collects images having similar characteristics for each predetermined size by classifying the skin color of the face image, the contour of the face, and the gender determined based on the face image. To create a target image collection.

  As a method for automatically performing image classification processing, various clustering methods proposed in the field of pattern analysis can be used. For example, the k-means method is known as a clustering method. This k-means method is a representative example of a non-hierarchical clustering method, and a representative prototype is given to each of a fixed number of clusters (for example, k), and each individual is made the closest prototype. Perform clustering by assigning. Once the individual is assigned, the process of calculating a new prototype from the assigned individual is repeated until the prototype calculation and the assignment of the individual converge until the appropriate prototype estimation and data division are performed. Done. In general, in the case of multivariate numerical data, an average value (mean) is used as a prototype of a cluster, so that k means are referred to as a k-means method.

  In the case of classifying images using the k-means method, there is a feature that the classification result differs each time classification processing is performed. In the card authentication system 1 according to the present embodiment, this feature can be used as an advantage. That is, it is preferable that images constituting the target image collection have predetermined similar features by clustering processing, but each image constituting the target image collection is constituted by different images while having similar features. It is desirable. By periodically changing the image configured in this way to a different image, it is possible to improve safety without giving a sense of incongruity to the deformation authentication image 8 created using the image morphing technique. Become.

  In the case where the images constituting the target image collection are changed, when the target image collection used to generate the deformation authentication image 8 printed on the credit card 4 is included in the target image collection. The target image 7 cannot be changed to another image. For this reason, when the image constituting the target image collection is changed, the image changing process is performed only on an image that is not used as the target image 7 as a change target.

  FIG. 5 is a flowchart showing a process of generating a target image collection for each classified class by extracting a predetermined number (KA) of images from the plurality of images classified by the control unit 21. It is.

  First, as an initial setting, the control unit 21 sets a value of the counter k to 1, and also sets a value of a constant KA indicating the number of images in the target image collection (step S.1). In the card authentication system 1 according to the present embodiment, for example, KA is set to 30 sheets. In the present embodiment, since the value of the constant KA is set to the number of images, the counter k is a variable indicating the total number of images added in the process. Note that the values of the constant KA and the counter k are not necessarily limited to the number of images, and the constant KA may be the minimum data capacity of the target image collection. In this case, the counter k is a variable indicating the total data amount of the images added in the process.

  Next, the control unit 21 randomly extracts one image of a predetermined category recorded in the target image recording unit 23 (step S.2), and sets the target image recording unit as an image that can constitute the target image collection. The identification number of the extracted image is recorded in the predetermined area 23 (step S.3). Further, the control unit 21 extracts the feature vector of the extracted image (step S.4), and records the feature vector in a predetermined area of the target image recording unit 23 in correspondence with the extracted image identification number ( Step S.5).

  Thereafter, the control unit 21 adds 1 to the value of the counter k (k = k + 1) (step S.6), and determines whether or not the value of the counter k is smaller than the constant KA (step S.7). ). When the counter k is not a value smaller than the constant KA (No in step S.7), the control unit 21 determines that an image corresponding to (or more than) the number of the constant KA has been extracted, and for each KA. It is interpreted that the target image collection constituted by the images and the feature vectors of the respective images have been secured, and the processing is terminated.

  On the other hand, if the counter k is a value smaller than the constant KA (Yes in step S.7), the control unit 21 determines that only a number of images less than the constant KA have been extracted, and the next The image extraction process (the process after step S.2) is repeatedly executed.

  As described above, the control unit 21 of the server 2 collects a plurality of images (human face images) via the Internet or acquires a plurality of images accumulated in advance, and then classifies the collected images as k. A target configured based on a similar face image by automatically performing KA images out of each classified image and calculating a feature vector. The image collection and the feature vectors of all the images constituting the target image collection can be obtained.

  Note that the card authentication system 1 according to the present embodiment employs a configuration (automatic classification method) in which the control unit 21 of the server 2 automatically performs classification processing of a plurality of images. Is not limited to the automatic classification method by the control unit 21. For example, when the image classification process is performed by a complete mechanical judgment process (automatic classification method) by the control unit 21, a classification that is difficult to judge as meaningful from the human viewpoint may be performed. obtain. That is, even if two images are considered similar by human judgment, the control unit 21 may classify the two images as different classes. Therefore, a manual classification method (Manual Classification) in which images are classified while being checked by the human eye so that the situation conforms to human judgment criteria, and some images are manually classified by humans. Furthermore, it is also possible to use a semi-automatic classification method (Semi-Automatic Classification) in which the control unit 21 automatically performs classification processing based on manually classified images.

  In the manual classification method, classification is performed while confirming images with human eyes, and thus there is a tendency that the processing load for labeling becomes heavy when the number of collected images is large. In particular, when the target image collection is regularly updated, it seems that it is difficult to classify images using only the manual classification method.

  On the other hand, the semi-automatic classification method extracts some sample images from a large number of images, and performs image classification processing by a manual classification method based on the extracted images. Thereafter, by using the result of classification of the sample images performed based on the manual classification method as known information, all the remaining images are classified using the automatic classification method.

  That is, when performing automatic classification (machine classification) by the control unit 21, semi-supervised learning using known classification information is used. Various algorithms have been developed for such a semi-automatic classification method. In the card authentication system 1 according to the present embodiment, a TSVM (Transductive Support Vector Machine) algorithm can be used (“T. Joachims,“ Transductive Inference for Text Classification using Support Vector Machines ”, 16th ICML, p. 200-209 (1999)). Also, an NNC-Tree (Nearest Neighbor Classification Tree) algorithm (“Takefumi Tsuji,“ Multivariable Decision Tree Construction System, Multivariable Decision Tree Construction Method, and Program for Constructing Multivariate Decision Tree ”, Japanese Patent Application Laid-Open No. 21441 (see Japanese Patent Application No. 2006-34343) is an algorithm proposed on the premise of supervised learning, but can also be applied to semi-automatic classification processing.

  In the above description, a configuration has been described in which a similar image is obtained by classifying a plurality of images collected by the control unit 21 of the server 2. When performing such classification processing, it is necessary to obtain an image that is the center of data in each class. Such a central image can be obtained by combining a plurality of images, and the naturalness of the central image can be maintained by using such a composite image. Further, each image constituting the target image collection can be an image obtained by combining a plurality of images. By using such a composite image, an image of a person who does not actually exist as the target image can be used as the target image, so that safety can be improved.

  FIG. 6 is a diagram showing a flowchart for obtaining a composite image. The control unit 21 extracts one image from the images that are the generation target of the composite image, and sets the extracted image as the initial composite image (step S.11). Then, the control unit 21 extracts a feature vector corresponding to the initial composite image and sets it as a feature vector of the initial composite image (step S.12). Thereafter, the control unit 21 performs initial setting.

  Specifically, 2 is set as the value of the counter c used for the composite image calculation process, and the value of the constant N indicating the composite number of images is set (step S.13). In the present embodiment, for example, N is 30 sheets. In the present embodiment, since the value of the constant N is set to the number of images, the counter c is a variable indicating the total number of images synthesized in the process. Note that the values of the constant N and the counter c are not necessarily limited to the number of images, and may be the total data capacity of an image in which the constant N is combined. In this case, the counter c is a variable indicating the total data amount of the image added in the process.

  After the initial setting, the control unit 21 extracts the next image from the image recorded in the target image recording unit 23 (step S.14), and obtains a feature vector of the extracted image (step S.15). Note that the feature vector extraction process (step S.12) corresponding to the first composite image and the feature vector extraction process (step S.14) corresponding to the extracted image are similar to the above-described classification process. An automatic method for obtaining a feature vector by automatically recognizing a feature point related to the eyes, eyebrows, mouth, nose, ears, etc. A manual method for obtaining a feature vector by recognizing a feature point related to an ear or the like, and first, the control unit 21 automatically selects a feature point related to the eye, eyebrow, mouth, nose, ear, or the like. And semi-automatic method for obtaining a feature vector after human recognition of the recognition content.

  In this embodiment, a method for obtaining a feature vector by an automatic method is used. However, a feature vector extraction method is not limited to the automatic method, and a manual method and a semi-automatic method may be used. . When the image morphing technique is applied to the generation of a moving image or the like, an automatic method can be used because it is difficult to visually determine even if there is some error in the calculation of the feature vector. In addition, it can be determined that it is desirable to use the semi-automatic method instead of the automatic method in order to prevent a sense of incongruity from occurring in the finally generated deformation authentication image 8.

  Next, the control unit 21 performs step S. 11 (first synthesized image: step S.11), its feature vector (step S.12), the next extracted image (step S.14), and its feature vector (step S.15). ) To obtain a feature vector of the composite image based on the deformation rate r [c] and generate a composite image (step S.16). The value of the deformation rate r [c] is obtained by 1 / c.

  Thereafter, the control unit 21 adds 1 to the value of the counter c (c = c + 1) (step S.17), and determines whether or not the value of the counter c is larger than the constant N (step S.18). ). When the counter c is larger than the constant N (Yes in step S.18), the control unit 21 generates a composite image using an image corresponding to (or more than) the number of the constant N. It is judged that it was possible. Then, the control unit 21 causes the target image recording unit 23 to record the finally generated composite image (step S.19), and the feature vector corresponding to this final composite image is stored in the image recording unit of the terminal 3. 12 (step S.20), the process is terminated.

  On the other hand, when the value of the counter c is not larger than the constant N (No in step S.18), the next image is extracted from the target image recording unit 23 and synthesized (step S.14 and subsequent steps). Step 2) is repeated. Since the deformation rate is set to 1 / c, the repetitive processing gradually reduces the deformation rate, and finally all the images (N images) are substantially equal. A composite image synthesized at a ratio is generated. The composite image generated in this way can be used as a final composite image. Note that the composition ratio of the finally generated composite image is not limited to the composition of all the images synthesized at a substantially equal ratio, and may be synthesized at a different ratio for each image.

  As described above, the method for extracting an image has been described in the control unit 21 of the server 2. However, in the above description, the image morphing technique is used to approximate the face photograph of the holder (authentication image 6). The method of selecting an image having a high similarity to the authentication image 6 so that a non-deformed authentication image 8 can be generated is described. A method for selecting the target image 7 similar to the authentication image 6 from the images constituting the target image collection in this way is called a selection method based on similarity. On the other hand, the target image selection method is not limited to the selection method based on similarity, and other selection methods can be used.

  For example, a random selection method for arbitrarily selecting one from the target image collection, or a desired target image 7 of the holder from among M (usually one digit number) images most similar to the authentication image 6. Use the limited selection method to select, the target image 7 that resembles the favorite movie star, singer, hero, etc. of the holder, or the preference selection method that selects the target image 7 that is more beautiful or handsome than you Can do.

  When the random selection method is used, since the target image 7 is unexpected, a modified authentication image 8 that does not necessarily resemble the given authentication image 6 is created. However, when the deformation authentication image 8 is generated based on the random selection method, the face photograph (deformation authentication image 8) printed on the credit card does not resemble the holder himself and may become an uncomfortable image. There is. For this reason, there is a possibility that customer satisfaction and reliability with respect to the credit card 4 may be reduced.

  On the other hand, in the case of adopting the limited selection method, as in the case of the application for the telephone number, a plurality of modified authentication images 8 can be presented to the card applicant (holder) and the one that the applicant likes can be selected from them. It is possible to do so. If a face photograph is printed on the credit card 4 using the selected deformation authentication image 8, the customer satisfaction can be increased.

  Further, when the preference selection method is used, the deformation authentication image 8 is generated so that the user's face photo is brought close to the selected face photo, so that the user's selected image (for example, the face of a longing person) It is possible to generate a deformation authentication image 8 that is closer to (photo) and to improve customer satisfaction. The preference selection method is highly likely to be favored by young customers and female customers.

  In addition, when the deformation | transformation authentication image 8 is produced | generated using the target image 7 with high similarity to the authentication image 6 of a holder, although the face photograph printed on the credit card 4 becomes an image similar to a holder, Thus, it has a feature that the photos are not completely the same. When the deformation authentication image 8 similar to the holder is used for authentication with a person similar to the deformation authentication image 8, the person similar to the deformation authentication image 8 is similar to the deformation face photograph of the holder, There is a high possibility that the original face photograph of the holder is judged to be dissimilar. This is a phenomenon that similar similarity is usually not similar, that is, a person's face photo and a person similar to a genuine person's deformed face photo are generally likely to be judged as dissimilar. It uses properties. By using such a property, unauthorized use of a credit card can be suppressed and safety can be ensured.

  Further, the control unit 21 of the server 2 has a function of transmitting the target image collection recorded in the target image recording unit 23 to the terminal 3. In transmitting the target image collection, the server 2 transmits the target image collection to each terminal 3 after performing replacement conversion (shuffle) of the images constituting the target image collection. This replacement conversion process is performed so as to be different depending on the terminal 3. Accordingly, in the target image collection on which the replacement conversion process has been performed, the order (which position) the specific target image 7 exists in the target image collection differs for each terminal 3. For this reason, the terminal 3 that has acquired the target image collection cannot determine which target image 7 is the processing target in the restoration process of the authentication image 6. Therefore, the terminal 3 needs to acquire from the server 2 position information (specific information) indicating where the target image 7 used for the restoration process exists in the target image collection.

  When the terminal 3 acquires the position information from the server 2, the server 2 and the terminal 3 are strictly authenticated, and only when it is determined that the authentic terminal 3 has accessed, the server 2 to the terminal 3. The position information is transmitted to. For this reason, it is possible to prevent the target image 7 used for the image restoration process from leaking to the unauthorized terminal, and to prevent the authentication image 6 of the holder from being easily restored. Become. Information relating to the replacement conversion process is recorded in the terminal information recording unit 22 of the server 2 in association with the identification number of the terminal 3.

に変換する処理を意味する。ここで、Ｋは画像の数、ｊは端末のＩＤ（識別番号情報）、

は１からＫまでの整数であり、Ｉ^ｊの要素は重複しない。またＩ^ｊのｋ番目の要素は、置換変換前のもとの目標画像集におけるｋ番目に位置した目標画像７が、置換変換処理後に変動した位置を示している。 Here, the permutation conversion is a sequence I ⁰ = [1, 2,..., K],

It means processing to convert to. Where K is the number of images, j is the terminal ID (identification number information),

Is an integer from 1 to K, and the elements of I ^j do not overlap. The k-th element of I ^j indicates a position where the k-th target image 7 in the original target image collection before the replacement conversion has changed after the replacement conversion process.

For example, it is assumed that the k-th target image in the target image collection before replacement conversion is used when generating the deformation authentication image 8 of a certain credit card. On the other hand, the target image collection that is transmitted from the server 2 to the terminal 3 and stored in the image recording unit 12 of the terminal 3 is the target image collection that has undergone the replacement conversion process in the server 2, and thus the target image 7 The order has been changed. In such a situation, the target image 7 required for the restoration process of the authentication image 6 in the target image collection stored in the terminal 3 is obtained by using the replacement transformation I ^j determined based on the terminal 3. It becomes possible to ask easily.

  The control unit 21 of the server 2 has a function of transmitting the target image collection recorded in the target image recording unit 23 to the terminal 3 as described above. Since the data capacity becomes larger than the data, if the target image collection is transmitted as it is, there is a possibility that the transmission burden on the communication line is increased. Furthermore, it can be said that the image itself is preferably subjected to encryption processing for transmission / reception.

  For this reason, in the card authentication system 1 according to the present embodiment, a method of compressing the target image collection before encryption is adopted as a technique for reducing the calculation cost of encryption / decryption of the target image collection. As a method for reducing the burden of encryption and decryption, an image compression technique called k-PCA can be used.

  Regarding the k-PCA method, “CF Lv and QF Zhao,“ k-PCA: a semi-universal encoder for image compression, ”International Journal of Pervasive Computing and Communications, 2007, Vol. 3, No. 2, p. 205-220 '', `` CF Lv and QF Zhao, `` Integration of Data Compression and Cryptography: Another Way to Increase the Information Security '' Proc. Of IEEE 21st International Conference on Advanced Information Networking and Applications (AINA07), Niagara Falls, Canada , May, 2007, p.543-547 ”, the description is omitted here.

  Thus, by using k-PCA, it is possible to generate compressed target image data and an image compression key used for compression. Of the data generated in this way, if only the image compression key can be encrypted and transmitted from the server 2 to the terminal 3, the compressed target image collection is not specially encrypted. It is possible to transmit the target image collection to the terminal 3 via the public network 5 such as the Internet. Further, since the data amount of the image compression key is much smaller than the data amount of the target image collection, the processing load required for performing encryption and decryption of the target image collection is very low.

  Next, a method for authenticating the holder by restoring the holder authentication image 6 using the card authentication system 1 described above will be described.

As described above, in the card authentication system 1 according to the present embodiment,
(1) A holder deformation authentication image 8 printed on the credit card 4;
(2) a feature vector in the deformation authentication image 8;
(3) the target image 7 used for the image morphing process;
(4) a feature vector in the target image 7;
(5) When generating the deformation authentication image 8, the authentication image 6 of the holder (the authenticity of the holder) is based on the image restoration key information configured by the deformation rate indicating the deformation ratio of the authentication image 6 with respect to the target image 7. Face photo image).

  For this reason, the information (1) to (5) described above is required for the restoration process of the authentication image 6, and at least some of the information is managed so as not to be known to a third party. There is a need to. Further, when restoring the authentication image 6, it is necessary to ensure that the terminal 3 can obtain such information.

  Here, the deformation authentication image 8 is printed on the surface of the credit card 4. Therefore, by reading the deformation authentication image 8 printed on the credit card 4 by the image scanning unit 11 of the terminal 3, the deformation authentication image 8 required for the restoration process of the authentication image 6 can be acquired.

  Note that the operator can confirm the holder with the naked eye by comparing the deformation authentication image 8 printed on the credit card 4 with the face of the holder. However, since the face photo printed on the credit card is small, it is not easy to compare details in detail.

  In the present embodiment, an example in which the deformation authentication image 8 is printed on the surface of the credit card 4 will be described. However, the deformation authentication image 8 is not limited to the configuration printed on the surface of the credit card 4. It may be recorded in the recording unit 9 of the credit card 4. When the deformation authentication image 8 is recorded in the recording unit 9 of the credit card 4, the card reader unit 10 of the terminal 3 can read the deformation authentication image 8 from the credit card 4. It is not necessary to provide the portion 11.

  Further, in the present embodiment, as described above, a case where the deformation authentication image 8 is generated using the target image 7 having a high similarity to the authentication image 6 of the holder will be described. The image is not limited to the image similar to the authentication image 6 of the above, and a face photo that does not resemble the holder at all, for example, a face photo of an actor or singer that the holder adores or a character photo may be used. . As described above, when the deformation authentication image 8 is generated using the target image that is not similar to the authentication image 6 of the holder, the authentication image 6 and the target image 7 are images that are not similar, and therefore, the deformation authentication. The image 8 may also be an image that does not resemble the authentication image 6. Even if the deformation authentication image 8 is not similar to the authentication image 6, the operator uses the deformation authentication image 8 and the target image 7 based on the authentication image 6 obtained by the reverse image morphing technique. Since it is possible to easily determine whether or not the holder itself is, it is possible to ensure robust safety.

In the present embodiment, since the deformation authentication image 8 is printed on the surface of the credit card 4, it is one of the points of the invention how the terminal 3 acquires the remaining image restoration key information. As a method for the terminal 3 to acquire the image restoration key information,
(1) When all the image restoration key information other than the modified authentication image 8 is recorded in the recording unit 9 of the credit card 4 and the holder is authenticated, the terminal 3 is recorded on the credit card 4 by the card reader unit 10. A method for acquiring image restoration key information other than the modified authentication image 8.
(2) Only the target image 7 having a large data amount in the image restoration key information is recorded in the terminal 3 in advance, and the image restoration key information other than the modified authentication image 8 and the target image 7 is stored in the recording unit 9 of the credit card 4. A method in which the terminal 3 obtains the remaining image restoration key information (information other than the target image 7 and the modified authentication image 8) recorded on the credit card 4 from the card reader unit 10 when recording and authenticating the holder.
(3) The image recovery key information other than the modified authentication image 8 is configured to be recorded in the server 2, and when the holder is authenticated, the terminal 3 accesses the server 2 via the network 5 and the modified authentication image 8. A method for acquiring image restoration key information other than the above.
(4) Only the target image 7 having a large data amount in the image restoration key information is recorded in the terminal 3 in advance, and the image restoration key information other than the modified authentication image 8 and the target image 7 is recorded in the server 2. A method in which the terminal 3 accesses the server 2 via the network 5 and acquires the remaining image restoration key information (information other than the target image 7 and the modified authentication image 8) when the holder is authenticated.
(5) Only the target image 7 having a large data amount in the image restoration key information is recorded in the terminal 3 in advance, and part of the image restoration key information other than the modified authentication image 8 and the target image 7 is recorded on the credit card 4. In the same way, the server 3 records a part of the image restoration key information other than the modified authentication image 8 and the target image 7, and when the holder 3 is authenticated, the terminal 3 is a card reader. A part of the image restoration key information recorded on the credit card 4 is obtained from the unit 10 and the server 2 is accessed via the network 5 to obtain a part of the image restoration key information (all remaining information not obtained). How to get).
There are five possible methods. These methods will be described sequentially.

[Card authentication method 1]
First, when all the image restoration key information other than the modified authentication image 8 is recorded in the recording unit 9 of the credit card 4 and the holder is authenticated, the terminal 3 is recorded in the credit card 4 by the card reader unit 10. A method for acquiring image restoration key information other than the authentication image 8 will be described.

  FIG. 7 is a flowchart showing the processing contents in the control processing unit 14 of the terminal 3. The control processing unit 14 executes the process shown in FIG. 7 according to the program recorded in the ROM.

  The control processing unit 14 first performs an authentication process with the credit card 4 (step S.31). When the credit card 4 is an IC card, the control processing unit 14 outputs information necessary for authentication to the credit card 4, and uses the arithmetic processing function of the IC card to make the credit card 4 side. The mutual authentication between the terminal 3 and the credit card 4 is determined, and the authentication result is determined by the terminal 3 based on the authentication result information returned from the credit card 4.

  On the other hand, when the credit card 4 is a magnetic card, the terminal 3 reads the card information of the credit card 4 via the card reader unit 10, and the server 3 stores information related to the terminal 3 (terminal information) and the card information together. 2 to send. The server 2 authenticates the validity of the terminal 3 and the credit card 4 based on the terminal information and card information acquired from the terminal 3. When the authentication is successful, the server 2 transmits an authentication result indicating that the terminal 3 and the credit card 4 are valid to the terminal.

  When the credit card 4 is a magnetic card, it is difficult to record the image restoration key information other than the modified authentication image 8 in the credit card due to the data recording capacity of the magnetic card. For this reason, when the authentication method according to the card authentication method 1 is used, generally an IC card is often used as a credit card.

  By the method described above, the authentication result of the credit card 4 is acquired at the terminal 3, and the control processing unit 14 of the terminal 3 determines whether the card is valid based on the acquired authentication result (step S.32). . When it is determined that the authentication result is not valid (No in step S.32), the control processing unit 14 determines that the credit card 4 is illegal and notifies the credit card 4 that it is illegal use. Is displayed on the image display unit 15 or the like to warn the operator (step S.33), and the card authentication process is terminated. In this way, by determining the validity of the credit card 4, unauthorized use of the card can be prevented.

  On the other hand, when it is determined that the authentication result is valid (Yes in step S.32), the control processing unit 14 reads the deformation authentication image 8 printed on the credit card 4 with the image scanning unit 11 ( Step S.34). By reading the deformation authentication image 8 by the image scanning unit 11 in this way, it is possible to acquire the deformation authentication image 8 which is one of the image restoration key information.

  In the present embodiment, step S.A. 31, not only the validity of the credit card 4 but also the validity of the terminal 3 is determined. The process of reading the deformation authentication image 8 shown in 34 is not performed. However, if the terminal 3 is unauthorized, even if the deformation authentication image 8 is read by the unauthorized terminal, there is no problem. This is because the deformation authentication image 8 itself is not a face photograph of the holder (authentication image) itself, but is information that has been deformed and is supposed to be originally disclosed. For this reason, even if it is read by an unauthorized terminal, the face photograph (authentication image) of the authentic holder cannot be obtained, and even if only the modified authentication image 8 on the assumption of disclosure is obtained, If the image restoration key information cannot be acquired, the authentication image 6 cannot be obtained.

  Next, the control processing unit 14 accesses the credit card 4 via the card reader unit 10 and acquires image restoration key information other than the modified authentication image 8 (step S.35). In the credit card 4, step S.E. In the authentication process shown in FIG. 31, the reading of the image restoration key information is permitted only when the authentication that the terminal 3 is valid is performed. On the other hand, step S.I. In the authentication process shown in FIG. 31, when it is determined that the terminal 3 is not valid, the credit card 4 has illegally accessed the image restoration key information by refusing the request for the image restoration key information by the control processing unit 14. To prevent it.

  Since all the image restoration key information other than the modified authentication image 8 is recorded in the credit card 4 according to the card authentication method 1, the control processing unit 14 acquires the image restoration key information from the credit card 4. It becomes possible to acquire the feature vector of the authentication image 8, the target image 7, the feature vector of the target image 7, and the deformation rate.

  When the image restoration key information recorded on the credit card 4 is information recorded on the card after being encrypted, the control processing unit 14 of the terminal 3 transmits the public key to the server 2. The decryption key for decrypting the image restoration key information recorded on the credit card 4 and encrypted with the public key is received from the server 2. Then, the control processing unit 14 of the terminal 3 decrypts the image restoration key information acquired from the credit card 4 via the card reader unit 10 using the decryption key received from the server 2, so that the modified authentication image is obtained. 8 feature vectors, the target image 7, the feature vector of the target image 7, and the deformation rate.

  Then, the control processing unit 14 obtains the authentication image 6 based on the modified authentication image 8 read by the image scanning unit 11 and other image restoration key information acquired from the credit card 4 (step S.36). Then, the control processing unit 14 displays the obtained authentication image 6 on the image display unit 15 (step S.37), thereby providing the operator with a genuine face photograph of the holder.

  The operator compares the authentication image 6 of the holder displayed on the image display unit 15 with the face of the user of the credit card 4, so that the user of the credit card 4 is the holder himself who is the genuine owner. It can be confirmed visually. In particular, since the authentication image 6 displayed on the image display unit 15 is larger and more detailed than the face photograph printed on the credit card 4, it is possible to improve the determination accuracy at the time of authentication. Further, the authentication image 6 is a photograph of the face of the holder himself / herself, and is not an image similar to the face photograph of the holder himself / herself like the deformation authentication image 8. For this reason, since the details of the details of the holder can be compared when performing authentication of the holder, the accuracy of authentication of the holder can be improved, and safety can be further increased.

[Card authentication method 2]
Next, only the target image 7 having a large amount of data in the image restoration key information is recorded in the terminal 3 in advance, and image restoration key information other than the modified authentication image 8 and the target image 7 is stored in the recording unit 9 of the credit card 4. A method for the terminal 3 to acquire the remaining image restoration key information (information other than the target image 7 and the modified authentication image 8) recorded on the credit card 4 from the card reader unit 10 when recording and authenticating the holder. explain.

  In the card authentication method 1 described above, all the image restoration key information other than the modified authentication image 8 is recorded on the credit card 4. However, when the credit card 4 is a magnetic card, all the image restoration keys are stored. There is a problem that it is difficult to record information. For this reason, only the target image 7 having a large amount of data among the image restoration key information is recorded in advance in the image recording unit 12 of the terminal 3 instead of the credit card 4, thereby reducing the data amount of the image restoration key information. It can be reduced.

  If the target image 7 and the modified authentication image 8 are excluded, the data amount of the image restoration key information can be reduced to about several tens to several hundred bytes. Further, since the target image 7 is image information that is not related to the personal information of the holder at all, it is not always necessary to use a different target image 7 for each holder, and a common face image is used when generating the deformation authentication image 8. 7 can also be used.

  Furthermore, not only the target image 7 used for the image morphing process but also a target image collection composed of a plurality of images including the target image 7 is replaced and converted, and then periodically distributed from the server 2 to the terminal 3. By performing the replacement conversion process in this way, it is possible to prevent the target image 7 used for the image morphing process from being easily leaked to a third party. In addition, by periodically delivering the target image collection from the server 2 to the terminal 3, the target image 7 (that is, a part of the image restoration key information) to be used is changed every certain period. It is possible to ensure high safety.

  Further, when the authentication image is restored based on the target image collection according to the present embodiment, the terminal 3 does not acquire position information indicating the position of the target image 7 corresponding to the image restoration key information from the server 2. The target image 7 used for the authentication process cannot be specified. For this reason, unless the terminal authentication or card authentication in the server 2 is performed, the location information cannot be acquired by the terminal 3, and as a result, the authentication judgment check system in the card authentication processing can be further strengthened. Become.

  In the case of a general magnetic card, the amount of information that can be recorded is very small (for example, the amount of information for 72 characters), so the data amount is reduced by excluding the target image 7 and the deformation authentication image 8. Even image restoration key information reduced to several tens of bytes to several hundreds of bytes is difficult to record in the card. The card authentication method 2 is not a card whose recording capacity is extremely small as described above, and does not have an arithmetic processing function like an IC card, but an image whose data amount is reduced to several tens to several hundreds of bytes. For restoration key information, a card having a recording capacity that can be recorded as data will be referred to as a magnetic card for the sake of convenience.

  FIG. 8 is a flowchart showing the processing contents in the control processing unit 14 of the terminal 3. In the image recording unit 12 of the terminal 3, a target image collection composed of a plurality of images is distributed and recorded from the server 2 in advance.

  The control processing unit 14 first performs an authentication process with the credit card 4 (step S.41). When the credit card 4 is an IC card, the control processing unit 14 outputs information necessary for authentication to the credit card 4, and uses the arithmetic processing function of the IC card to make the credit card 4 side. The mutual authentication between the terminal 3 and the credit card 4 is determined, and the authentication result is determined by the terminal 3 based on the authentication result information returned from the credit card 4.

  On the other hand, when the credit card 4 is a magnetic card, the terminal 3 reads the card information of the credit card 4 via the card reader unit 10, and the server 2 combines information (terminal information) about the terminal 3 and the card information together. Send to. The server 2 authenticates the validity of the terminal 3 and the credit card 4 based on the terminal information and card information acquired from the terminal 3. When the authentication is successful, the server 2 transmits an authentication result indicating that the terminal 3 and the credit card 4 are valid to the terminal 3.

  The control processing unit 14 of the terminal 3 determines whether the credit card 4 is valid based on the acquired authentication result (step S.42). If it is determined that the authentication result is not valid (No in step S.42), the control processing unit 14 causes the image display unit 15 or the like to display a message notifying that the credit card 4 is illegally used (step S42). S.43), the card authentication process is terminated.

  On the other hand, when it is determined that the authentication result is valid (Yes in step S.42), the control processing unit 14 reads the deformation authentication image 8 printed on the credit card 4 with the image scanning unit 11 ( In step S.44), the modified authentication image 8 which is one of the image restoration key information is acquired.

  Next, the control processing unit 14 reads the card information and the image restoration key information recorded on the credit card 4 by the terminal 3 via the card reader unit 10 (step S.45). Image restoration key information other than the target image 7 can be acquired by this processing (step S.45) and the above-described reading processing of the modified authentication image 8 (step S.44).

  The control processing unit 14 of the terminal 3 includes information related to the terminal 3 (terminal information) and step S.3. The card information read in 45 and the request for the position information of the target image 7 used when obtaining the authentication image 6 are transmitted to the server 2 (step S.46). The server 2 authenticates the validity of the terminal 3 and the credit card 4 based on the terminal information and card information acquired from the terminal 3. When it is determined that the terminal 3 and the credit card 4 are valid, the position information of the target image 7 is transmitted to the terminal 3 in response to a request from the terminal 3. As for the transmission / reception processing between the server 2 and the terminal 3, the encryption processing is used using the public key cryptosystem as described above.

  If the credit card 4 is a magnetic card, step S.E. In the credit card authentication process shown in FIG. 41, it is also possible to request the position information at the same time. In the case of using a magnetic card, it is necessary to transmit the card information and the terminal information to the server 2. This is because the same processing as that shown in FIG.

  Thereafter, the control processing unit 14 of the terminal 3 acquires the position information transmitted from the server 2 (step S.47), and specifies the target image 7 used for obtaining the authentication image 6 based on the acquired position information. (Step S.48).

  Then, the control processing unit 14 reads the deformation authentication image 8 read using the image scanning unit 11, the target image 7 specified based on the position information, and the remaining image restoration key information read using the card reader unit 10. Based on the above, the authentication image 6 is obtained (step S.49). Then, the control processing unit 14 displays the obtained authentication image 6 on the image display unit 15 (step S.50), thereby providing the operator with a genuine face photograph of the holder.

  The operator visually confirms whether the user of the credit card 4 is the holder himself / herself by comparing the authentication image 6 of the holder displayed on the image display unit 15 with the face of the user of the credit card 4. It becomes possible to do.

  As described above, when the method described in the card authentication method 2 is used, a part of the image restoration key information can be recorded in the terminal 3 as compared with the method described in the card authentication method 1. If the image restoration key information recorded on the credit card 4 is stolen by 4 being stolen by a third party, the authentication image 6 is not likely to be restored.

  Further, since it is not necessary to record image information with a large data capacity on the credit card 4, it can be easily used in a magnetic card or the like having a recordable recording unit if the image restoration key information has a reduced data amount. It becomes possible.

[Card authentication method 3]
Subsequently, the image recovery key information other than the modified authentication image 8 is configured to be recorded in the server 2. When the holder is authenticated, the terminal 3 accesses the server 2 via the network 5 to change the modified authentication image 8. A method for acquiring image restoration key information other than the above will be described.

  In the card authentication method 1 and the card authentication method 2 described above, the configuration in which a part of the image restoration key information is recorded on the credit card 4 has been described. However, there is a limit to the amount of data that can be recorded on the card, even if the credit card 4 is an IC card as well as a magnetic card. Further, when image restoration key information is recorded on the credit card 4, when the credit card 4 is stolen and information is read out, and the read information is subjected to advanced decryption, There is a problem that the information of the holder including the image restoration key information may be leaked.

  Therefore, in the card authentication system 1 shown in the card authentication method 3, the image restoration key information is recorded not in the credit card 4 but in the holder information recording unit 24 of the server 2, and the terminal 3 performs image restoration from the server 2 as necessary. A configuration for acquiring key information is adopted.

  FIG. 9 is a flowchart showing the processing contents in the control processing unit 14 of the terminal 3. The control processing unit 14 executes the process shown in FIG. 9 according to the program recorded in the ROM.

  The control processing unit 14 first performs an authentication process with the credit card 4 (step S.61). When the credit card 4 is an IC card, the control processing unit 14 outputs information necessary for authentication to the credit card 4, and uses the arithmetic processing function of the IC card to make the credit card 4 side. The mutual authentication between the terminal 3 and the credit card 4 is determined, and the authentication result is determined by the terminal 3 based on the authentication result information returned from the credit card 4.

  On the other hand, when the credit card 4 is a magnetic card, the terminal 3 reads the card information of the credit card 4 via the card reader unit 10, and the server 2 combines information (terminal information) about the terminal 3 and the card information together. Send to. The server 2 authenticates the validity of the terminal 3 and the credit card 4 based on the terminal information and card information acquired from the terminal 3. When the authentication is successful, the server 2 transmits an authentication result indicating that the terminal 3 and the credit card 4 are valid to the terminal 3.

  By the method described above, the authentication result of the credit card 4 is acquired in the terminal 3, and the control processing unit 14 of the terminal 3 determines whether the card is valid based on the acquired authentication result (step S.62). . When it is determined that the authentication result is not valid (No in step S.62), the control processing unit 14 determines that the credit card 4 is illegal and notifies the credit card 4 that it is illegal use. Is displayed on the image display unit 15 or the like to warn the operator (step S.63), and the card authentication process is terminated. In this way, by determining the validity of the credit card 4, unauthorized use of the card can be prevented.

  On the other hand, when it is determined that the authentication result is valid (Yes in step S.62), the control processing unit 14 reads the deformation authentication image 8 printed on the credit card 4 with the image scanning unit 11 ( Step S.64). By reading the deformation authentication image 8 by the image scanning unit 11 in this way, it is possible to acquire the deformation authentication image 8 which is one of the image restoration key information.

  In the present embodiment, step S.A. 61, since not only the validity of the credit card 4 but also the validity of the terminal 3 is determined, if the terminal 3 is illegal, step S. The deformation authentication image 8 shown in 64 is not read.

  Next, the control processing unit 14 of the terminal 3 reads the card information recorded on the credit card 4 via the card reader unit 10 (step S.65), and reads the card information and information about the terminal 3 (terminal information). ) And a request for image restoration key information other than the modified authentication image 8 is transmitted to the server 2 (step S.66). The server 2 authenticates the validity of the terminal 3 and the credit card 4 based on the terminal information and card information acquired from the terminal 3. If it is determined that the terminal 3 and the credit card 4 are valid, the image restoration key information is transmitted to the terminal 3 in response to a request from the terminal 3. As for the transmission / reception processing between the server 2 and the terminal 3, the encryption processing using the public key cryptosystem is performed as described above.

  If the credit card 4 is a magnetic card, step S.E. In the authentication process of the credit card 4 shown in 61, it is possible to request image restoration key information at the same time. When a magnetic card is used, it is necessary to transmit the card information and the terminal information to the server 2, so This is because the same processing as that shown in FIG.

  Thereafter, the control processing unit 14 of the terminal 3 acquires the image restoration key information transmitted by the server 2 (step S.67). The control processing unit 14 then authenticates based on the deformed authentication image 8 (step S.64) read using the image scanning unit 11 and the image restoration key information (step S.67) acquired from the server 2. The image 6 is obtained (step S.68). The control processing unit 14 displays the obtained authentication image 6 on the image display unit 15 (step S.69), thereby providing the operator with a true face photograph of the holder.

  The operator visually confirms whether the user of the credit card 4 is the holder himself or herself by comparing the authentication image of the holder displayed on the image display unit 15 with the face of the user of the credit card 4. Therefore, the authentication accuracy of the holder can be improved, and the safety can be further increased.

  As described above, since the image restoration key information other than the modified authentication image 8 printed on the credit card 4 is recorded in the server 2, it is not necessary to record the image restoration key information in the credit card 4. Whether the IC card is used as the card 4 or a magnetic card is used, the card authentication system 1 according to the present embodiment can be used. In particular, since it is not necessary to record the image restoration key information on the credit card 4 itself, the face photograph printed on the credit card 4 is changed to the deformed authentication image 8 at the time of updating the credit card 4 already distributed. As a result, it is possible to shift to the card authentication system 1 shown in the present embodiment, so that the authentication accuracy of the holder can be improved smoothly without placing a burden on the introduction of this system on the user. .

[Card authentication method 4]
Next, only the target image 7 having a large data amount in the image restoration key information is recorded in the terminal 3 in advance, and the image restoration key information other than the modified authentication image 8 and the target image 7 is recorded in the server 2. A description will be given of a method in which the terminal 3 accesses the server 2 via the network 5 to acquire the remaining image restoration key information (information other than the target image 7 and the modified authentication image 8) when performing holder authentication.

  In the card authentication method 3 described above, the case where image restoration key information other than the modified authentication image 8 is recorded in the server 2 has been described. However, information related to images in the image restoration key information recorded in the server 2, more specifically, the target image 7 itself tends to have a larger data amount than information related to other feature vectors and deformation rates. Therefore, when the holder uses the credit card 4 in each terminal 3, if the target image data is received from the server 2 every time via the network 5, there is a risk that smooth data transmission / reception in the network 5 may be hindered. Further, the server 2 and the terminal 3 also have a problem that the processing burden associated with transmission / reception may increase.

  Therefore, in the card authentication system 1 according to the card authentication method 4, the target image collection including the target image 7 is recorded in the image recording unit 12 of the terminal 3 by distributing the target image collection having a large data amount to the terminal 3 in advance. In addition, a configuration is adopted in which only position information for specifying the target image 7 is acquired from the server 2.

  FIG. 10 is a flowchart showing the processing contents in the control processing unit 14 of the terminal 3. The control processing unit 14 executes the process shown in FIG. 10 according to the program recorded in the ROM. As described above, the target image collection composed of a plurality of images including the target image 7 is distributed from the server 2 in advance to the image recording unit 12 of the control processing unit 14 and recorded in the image recording unit 12. It shall be.

  The control processing unit 14 first performs authentication processing with the credit card 4 (step S.71). When the credit card 4 is an IC card, the control processing unit 14 outputs information necessary for authentication to the credit card 4, and uses the arithmetic processing function of the IC card to make the credit card 4 side. The mutual authentication between the terminal 3 and the credit card 4 is determined, and the authentication result is determined by the terminal 3 based on the authentication result information returned from the credit card 4.

  On the other hand, when the credit card 4 is a magnetic card, the terminal 3 reads the card information of the credit card 4 via the card reader unit 10, and sends information related to the terminal (terminal information) and the card information to the server 2 together. Send. The server 2 authenticates the validity of the terminal 3 and the credit card 4 based on the terminal information and card information acquired from the terminal 3. When the authentication is successful, the server 2 transmits an authentication result indicating that the terminal 3 and the credit card 4 are valid to the terminal 3.

  By the method described above, the authentication result of the credit card 4 is acquired at the terminal 3, and the control processing unit 14 of the terminal 3 determines whether the card is valid based on the acquired authentication result (step S.72). . If it is determined that the authentication result is not valid (No in step S.72), the control processing unit 14 determines that the credit card 4 is illegal and notifies the credit card 4 that it is illegal use. Is displayed on the image display unit 15 or the like to warn the operator (step S.73), and the card authentication process is terminated. In this way, by determining the validity of the credit card 4, unauthorized use of the card can be prevented.

  On the other hand, if it is determined that the authentication result is valid (Yes in step S.72), the control processing unit 14 reads the deformation authentication image 8 printed on the credit card 4 with the image scanning unit 11 ( Step S.74). By reading the deformation authentication image 8 by the image scanning unit 11 in this way, it is possible to acquire the deformation authentication image 8 which is one of the image restoration key information.

  In the present embodiment, step S.A. 71, since not only the validity of the credit card 4 but also the validity of the terminal 3 is determined, if the terminal 3 is illegal, step S. The process of reading the deformation authentication image 8 shown in 74 is not performed.

  Next, the control processing unit 14 of the terminal 3 reads the card information recorded on the credit card 4 via the card reader unit 10 (step S.75), and the read card information and information about the terminal 3 (terminal information) ) And a request for image restoration key information and position information are transmitted to the server 2 (step S.76). The server 2 authenticates the validity of the terminal 3 and the credit card 4 based on the terminal information and card information acquired from the terminal 3. When it is determined that the terminal 3 and the credit card 4 are valid, the position information and the image restoration key information are transmitted to the terminal 3 in response to a request from the terminal 3. For data transmission / reception performed between the server 2 and the terminal 3, an encryption process using the public key cryptosystem described above is performed.

  If the credit card 4 is a magnetic card, step S.E. In the authentication process of the credit card 4 shown in FIG. In the case of using a magnetic card, it is necessary to transmit the card information and the terminal information to the server 2. This is because the same processing as that shown in 76 is performed.

  Thereafter, the control processing unit 14 of the terminal 3 acquires the position information and the image restoration key information transmitted by the server 2 (step S.77), and is recorded in the image recording unit 12 based on the acquired position information. The target image 7 used for obtaining the authentication image 6 from the target image collection is specified (step S.78). In this way, the configuration is such that the target image 7 is not directly transmitted from the server 2 but the transmission information is stolen by a third party in the data transmission / reception by only transmitting the position information. In addition, it is possible to prevent the target image 7 itself from being known. Furthermore, since the target image 7 recorded in the image recording unit 12 of the terminal 3 is a target image collection including not only one target image 7 but also a plurality of images including the target image 7, the image recording unit Even if the target image collection recorded in 12 is stolen, it becomes difficult to specify the target image 7 used for the card authentication process, and the safety in the card authentication process can be improved. .

  Then, the control processing unit 14 reads the deformation authentication image 8 (step S.74) read using the image scanning unit 11, the target image 7 specified based on the position information, and the image restoration key information (from the server 2). Based on step S.77), an authentication image 6 is obtained (step S.79). The control processing unit 14 displays the obtained authentication image 6 on the image display unit 15 (step S.80), thereby providing the operator with a true face photograph of the holder.

  The operator visually checks whether the user of the credit card 4 is the holder himself / herself by comparing the authentication image 6 of the holder displayed on the image display unit 15 with the face of the user of the credit card 4. Therefore, the authentication accuracy of the holder can be improved, and the safety can be further increased.

  In this way, the target image 7 is distributed in advance as a target image collection to the terminal 3 and recorded in the image recording unit 12, and is necessary when the server 2 obtains the authentication image 6 of the holder based on the terminal information and the card information. By transmitting the position information of the target image 7 to be transmitted to the terminal 3, frequent transmission / reception of the target image having a large amount of data can be suppressed, and transmission / reception burden and transmission / reception cost can be reduced. It becomes.

  In addition, the target image collection is recorded in the image recording unit 12 of the terminal 3, and the image restoration key information and the position information are recorded in the server 2 so that the image restoration key information is recorded in the credit card 4. Therefore, as with the card authentication method 3, the card authentication system 1 according to the present embodiment can be easily used regardless of whether an IC card is used as the credit card 4 or a magnetic card. can do. In particular, since it is not necessary to record the image restoration key information on the credit card 4 itself, it is only necessary to change the facial photograph printed on the credit card to the deformed authentication image 8 at the time of updating the credit card already distributed. Since the transition to the card authentication system 1 shown in the present embodiment can be performed, the authentication accuracy of the holder can be improved smoothly without burdening the user with the burden related to the introduction of the system.

[Card authentication method 5]
Finally, the target image 7 (target image collection) having a large amount of data in the image restoration key information is recorded in the terminal 3 in advance, and part of the image restoration key information other than the modified authentication image 8 and the target image 7 is credited. In the case where the server 2 records a part of the image restoration key information other than the modified authentication image 8 and the target image 7 in the same manner as in the recording unit 9 of the card 4. 3 obtains a part of the image restoration key information recorded on the credit card 4 from the card reader unit 10 and also accesses the server 2 via the network 5 to obtain a part of the image restoration key information (the remaining unobtained Will be described.

  In the card authentication method 4 described above, the case where the target image 7 is recorded on the terminal 3 and the image restoration key information other than the modified authentication image 8 and other than the target image 7 is recorded on the server 2 has been described. It is not always necessary to record all the image restoration key information other than the modified authentication image 8 and the target image 7 in the server 2, and a configuration in which the information is recorded in a place other than the server 2, specifically, in the recording unit 9 of the credit card 4. It may be a thing.

  In this way, the modified authentication image 8 constituting the image restoration key information is printed on the surface of the credit card 4, the target image 7 is recorded on the image recording unit 12 of the terminal 3, and a part of the remaining image restoration key information is recorded. By recording in the server 2 and further recording all the remaining image restoration key information in the recording unit 9 of the credit card 4, the recording medium of the image restoration key information necessary for restoring the authentication image 6 is distributed ( Therefore, even if a third party tries to collect image restoration key information illegally, it cannot be easily performed, and as a result, safety can be improved.

  In the case of a general magnetic card, the amount of information that can be recorded is extremely small (for example, the amount of information for 72 characters). Therefore, in the card authentication method 5, as described in the card authentication method 2, the image It may be difficult to record a part of the restoration key information in the card. Therefore, in the card authentication method 5, like the card authentication method 2, the card authentication method 5 is not a card having a very small recording capacity like a general magnetic card, and does not have an arithmetic processing function like an IC card. For convenience, a card having a recording capacity for recording a part of the image restoration key information in the card will be referred to as a magnetic card.

  FIG. 11 is a flowchart showing the processing contents in the control processing unit 14 of the terminal 3. The control processing unit 14 executes the process shown in FIG. 11 according to the program recorded in the ROM. As described above, the target image collection composed of a plurality of images is distributed in advance from the server 2 and recorded in the image recording unit 12 in the image recording unit 12 of the control processing unit 14. .

  The control processing unit 14 first performs an authentication process with the credit card 4 (step S.81). When the credit card 4 is an IC card, the control processing unit 14 outputs information necessary for authentication to the credit card 4, and uses the arithmetic processing function of the IC card to make the credit card 4 side. The mutual authentication between the terminal 3 and the credit card 4 is determined, and the authentication result is determined by the terminal 3 based on the authentication result information returned from the credit card 4.

  On the other hand, when the credit card 4 is a magnetic card, the terminal 3 reads the card information of the credit card 4 via the card reader unit 10, and the server 2 combines information (terminal information) about the terminal 3 and the card information together. Send to. The server 2 authenticates the validity of the terminal 3 and the credit card 4 based on the terminal information and card information acquired from the terminal 3. When the authentication is successful, the server 2 transmits an authentication result indicating that the terminal 3 and the credit card 4 are valid to the terminal 3.

  By the method described above, the authentication result of the credit card 4 is acquired in the terminal 3, and the control processing unit 14 of the terminal 3 determines whether the card is valid based on the acquired authentication result (step S.82). . When it is determined that the authentication result is not valid (No in step S.82), the control processing unit 14 determines that the credit card 4 is illegal and notifies the credit card 4 that it is illegal use. Is displayed on the image display unit 15 or the like to warn the operator (step S.83), and the card authentication process is terminated. In this way, by determining the validity of the credit card 4, unauthorized use of the card can be prevented.

  On the other hand, when it is determined that the authentication result is valid (Yes in step S.82), the control processing unit 14 reads the deformation authentication image 8 printed on the credit card 4 with the image scanning unit 11 ( Step S.84). By reading the deformation authentication image 8 by the image scanning unit 11 in this way, it is possible to acquire the deformation authentication image 8 which is one of the image restoration key information.

  In the present embodiment, step S.A. 81, since not only the validity of the credit card 4 but also the validity of the terminal 3 is determined, if the terminal 3 is illegal, step S. The reading process of the deformation authentication image 8 shown in 84 is not performed.

  Next, the control processing unit 14 of the terminal 3 reads the card information and the image restoration key information recorded on the recording unit 9 of the credit card 4 by the terminal 3 via the card reader unit 10 (Step S.85). Card information, information about the terminal 3 (terminal information), and a request for image restoration key information and position information are transmitted to the server 2 (step S.86). Note that the image restoration key information read from the credit card 4 via the card reader unit 10 is temporarily recorded in the image recording unit 12 of the terminal 3.

  The server 2 authenticates the validity of the terminal 3 and the credit card 4 based on the terminal information and card information acquired from the terminal 3. When it is determined that the terminal 3 and the credit card 4 are valid, the position information and the image restoration key information are transmitted to the terminal 3 in response to a request from the terminal 3. For the data transmission / reception performed between the server 2 and the terminal 3, the encryption process using the public key cryptosystem described above is applied.

  If the credit card 4 is a magnetic card, step S.E. In the authentication process for the credit card 4 shown in 81, it is also possible to request image restoration key information at the same time. In the case of using a magnetic card, it is necessary to transmit the card information and the terminal information to the server 2. This is because the same processing as that shown in FIG.

  Thereafter, the control processing unit 14 of the terminal 3 acquires the position information and the image restoration key information transmitted by the server 2 (step S.87), and is recorded in the image recording unit 12 based on the acquired position information. The target image 7 used for obtaining the authentication image 6 from the target image collection is specified (step S.88). In this way, the configuration is such that the target image 7 is not directly transmitted from the server 2 but the transmission information is stolen by a third party in the data transmission / reception by only transmitting the position information. In addition, it is possible to prevent the target image 7 itself from being known. Furthermore, since the target image 7 recorded in the image recording unit 12 of the terminal 3 is a target image collection including not only one target image but also a plurality of images, the target recorded in the image recording unit 12 Even if the image collection is stolen, it is difficult to specify the target image 7 used for the card authentication process, and the safety in the card authentication process can be improved.

  The control processing unit 14 acquires from the server 2 the deformation authentication image 8 (step S.84) read using the image scanning unit 11, the target image (step S.88) specified based on the position information, and the server 2. Based on the image restoration key information (step S.87) and the image restoration key information (step S.85) acquired from the credit card 4 via the card reader unit 10, the authentication image 6 is obtained (step S.89). ). The control processing unit 14 displays the obtained authentication image 6 on the image display unit 15 (step S.90), thereby providing the operator with a true face photograph of the holder.

  The operator visually checks whether the user of the credit card 4 is the holder himself / herself by comparing the authentication image 6 of the holder displayed on the image display unit 15 with the face of the user of the credit card 4. Therefore, the authentication accuracy of the holder can be improved, and the safety can be further increased.

  As described above, when the image restoration key information used for restoring the authentication image is recorded in the credit card 4 and the server 2 respectively, and the terminal 3 performs the restoration processing of the authentication image, the credit card 4, the terminal 3 and the server 2 are subjected to strict authentication processing, and the terminal 3 obtains necessary data to prevent the image restoration key information from being stolen all at once by a third party. It is possible to improve the security in the authentication process of the authentication image 6.

  Further, the data amount of the image restoration key information excluding the target image 7 and the modified authentication image 8 is a relatively small amount of data. Furthermore, by using the card authentication method 5 shown in the present embodiment, a credit card can be obtained. Since a part of the image restoration key information collection to be recorded in 4 is recorded in the server 2, the amount of data to be recorded in the credit card 4 can be reduced.

  Therefore, even if an IC card is used as the credit card 4, a magnetic card (a magnetic card capable of recording a part of image restoration key information in the card) is used for recording. Since the amount of data to be reduced is small, it is possible to record image restoration key information while ensuring high versatility in a general credit card 4 having a certain amount of data recording capacity. Therefore, at the time of updating a credit card already in circulation, the face photo printed on the credit card is changed to the deformed authentication image 8 and only a part of the image restoration key information is recorded. Therefore, it is possible to smoothly improve the authentication accuracy of the holder without burdening the user with the burden related to the introduction of the present system.

  Finally, the credit card 4 and the terminal 3 used in the card authentication system 1 according to the present embodiment and the characteristics of the credit card and the terminal in the card authentication system conventionally used are studied and used conventionally. In the card authentication system and the card authentication system 1 according to the present invention, the case where each credit card is used for each terminal is examined.

  A terminal that is conventionally used is a first type terminal. The first type terminal performs authentication of the holder based on the signature of the holder or the password of the credit card. On the other hand, one terminal shown in the present embodiment is a second type terminal. The second type terminal obtains the authentication image 6 by reading the modified authentication image 8 printed on the credit card by the terminal and obtaining the image restoration key information other than the modified authentication image 8 from the credit card or the server. The authentication is performed. Furthermore, the other terminal shown in the present embodiment is a third type terminal. The third type terminal acquires a target image 7 to be used when obtaining the authentication image 6 in advance, reads the modified authentication image 8 printed on the credit card, and reads from the credit card or server (or the credit card and The authentication image 6 is obtained by acquiring image restoration key information other than the modified authentication image 8 and other than the target image 7 (from the server), and the holder is authenticated.

  Also, the types of credit cards can be classified into three types so as to correspond to the three types of terminals. First, a conventionally used credit card is a first type card. The first type card refers to a card that obtains a holder's signature or a password for the card and authenticates the holder based on the signature or the password. On the other hand, the one credit card shown in the present embodiment is a second type card. The second type card is a card on which the deformation authentication image 8 is printed on the card surface, but no image restoration key information is recorded on the card itself. Furthermore, the other credit card shown in the present embodiment is a third type card. The third type card is a card on which the deformation authentication image 8 is printed on the card surface and the image restoration key information is recorded on the card itself.

  The table shown in FIG. 12 summarizes the holder authentication method when the above-described three types of cards are used in the above-described three types of terminals.

  First, the first type terminal authenticates the holder based on the signature of the holder or the password of the credit card, and does not have a function for generating the authentication image 6 based on the image restoration key information. For this reason, when using the first type card to the third type card for the first type terminal, the holder is authenticated based on the signature of the holder or the PIN number of the credit card as in the conventional case. Become. That is, the credit card (second type card and third type card) according to the present embodiment is a conventional credit card even if the terminal to be used is a conventional terminal that does not have a function for restoring the authentication image 6. It can be used by using the holder authentication processing method in the card.

  Next, a case where the first type card to the third type card are used for the second type terminal will be considered. First, the second type terminal reads the modified authentication image 8 printed on the credit card, acquires image restoration key information other than the modified authentication image 8 from the credit card or the server, obtains the authentication image, and authenticates the holder. It is a terminal that performs. For this reason, when the first type card on which the deformation authentication image 8 is not printed is used for the second type terminal, the deformation authentication image 8 cannot be obtained, and the authentication image 6 is restored on the terminal. I can't. For this reason, when using a 1st type card in a 2nd type terminal, a holder is authenticated by using the signature or the personal identification number of a credit card conventionally used.

  Further, when the second type card is used for the second type terminal, since the image restoration key information is not recorded at all on the second type card, the deformation authentication image 8 is acquired from the surface of the credit card, and from the server. By acquiring image restoration key information other than the deformed authentication image 8, the authentication image 6 can be obtained, and the holder can be authenticated.

  Further, when using a third type card for the second type terminal, since a part of the image restoration key information is recorded on the third type card, the deformation authentication image 8 is obtained from the surface of the credit card. The image restoration key information recorded on the card is acquired from the third type card. Furthermore, the type 2 terminal can obtain the authentication image 6 by acquiring image restoration key information (such as a target image) that is not included in the image restoration key information obtained from the type 3 card from the server, The holder can be authenticated. Thus, even when the first type card to the third type card are respectively used for the second type terminal, it is possible to authenticate the holder by using the respective methods.

  Finally, the case where the first type card to the third type card are used for the third type terminal will be considered. First, the third-type terminal acquires the target image 7 in advance, reads the modified authentication image 8 printed on the credit card, and reads an image restoration key other than the modified authentication image 8 and the target image 7 from the credit card or the server. It is a terminal that obtains information and obtains an authentication image 6 to authenticate the holder. For this reason, when the first type card on which the deformation authentication image 8 is not printed is used for the third type terminal, the deformation authentication image 8 cannot be obtained, and the authentication image 6 is restored on the terminal. I can't. For this reason, when using a 1st type card in a 3rd type terminal, authentication of a holder is performed by using the code number of the signature or credit card conventionally used.

  Further, when the second type card is used for the third type terminal, since the image restoration key information is not recorded at all on the second type card, the deformation authentication image 8 is acquired from the surface of the credit card, and the server By acquiring image restoration key information other than the modified authentication image 8 and other than the target image 7, and specifying the target image 7 on the basis of the position information, the terminal obtains the authentication image 6 to obtain a holder. Authentication can be performed.

  Furthermore, when using a third type card for the third type terminal, since a part of the image restoration key information is recorded on the third type card, the deformation authentication image 8 is acquired from the surface of the credit card. The image restoration key information recorded on the card is acquired from the third type card. Furthermore, the type 3 terminal acquires all the image restoration key information and position information that have not been recorded on the credit card from the server, and identifies the target image 7 based on the acquired position information, thereby authenticating the authentication image 6. To authenticate the holder. As described above, even when the first type card to the third type card are respectively used for the third type terminal, it is possible to authenticate the holder by using the respective methods.

  Therefore, when the card authentication system according to the present invention is introduced into the market, it is not necessary to replace the terminals and credit cards that have been used conventionally, and the card authentication according to the present invention can be smoothly performed by sequentially replacing them. It becomes possible to spread the system.

  The card authentication system according to the present invention has been described in detail with reference to the drawings. However, the card authentication system according to the present invention is not limited to the one shown in the embodiment. It will be apparent to those skilled in the art that various changes and modifications can be made within the scope of the claims, and these are naturally within the technical scope of the present invention. Understood.

  For example, in the card authentication system 1 according to the present embodiment, the card authentication system using the credit card 4 has been described, but the card used is not limited to the credit card. A credit card is used as an example of a card that requires holder authentication. If the system requires holder authentication, the card uses a card other than a credit card, such as a company employee ID card or security card. It may be a management card or the like, and the card authentication system according to the present invention can be used in a holder authentication system in various fields.

  In the card authentication system 1 according to the present embodiment, the case where the deformation authentication image 8 is printed on the surface of the credit card 4 has been described. However, the deformation authentication image 8 is not necessarily printed on the credit card 4. It is not limited to. For example, the deformation authentication image 8 may be recorded as image data on the recording unit 9 of the credit card 4. When the deformation authentication image 8 is recorded in the recording unit 9 of the credit card 4, the deformation authentication image 8 can be acquired from the credit card 4 by using the card reader unit 10 of the terminal 3. Furthermore, when the deformation authentication image 8 is recorded in the recording unit 9 of the credit card 4, the deformation authentication image 8 cannot be confirmed with the naked eye from the outside of the credit card 4. Since the authentication image 6 can be obtained by the image morphing technique by acquiring 8, the operator confirms whether or not the credit card user is the holder based on the authentication image 6 displayed on the image display unit 15. Can be performed with the naked eye. In this way, since the operator can determine whether or not the user is a holder based on the authentication image 6, it is possible to ensure high safety in the card authentication process. In the card authentication system 1, the deformation authentication image 8 may be printed on the surface of the credit card 4 and the deformation authentication image 8 may be recorded on the recording unit 9 of the credit card 4.

  Furthermore, in the card authentication system 1 according to the present embodiment, an image similar to the authentication image 6 is used as the image of the target image 7 so that the deformed authentication image 8 is an image resembling the face photograph of the holder. As described above, by using an image that does not resemble the authentication image 6 as the target image 7, the deformation authentication image 8 is determined to be not similar to the face photograph of the holder. Also good. For example, by using an image of a movie star, singer, hero or the like that the holder likes as the target image 7, the deformation authentication image 8 can be made an image similar to a movie star or the like. In this way, the credit card 4 on which the deformation authentication image 8 resembling a movie star or the like is printed on the surface is obtained by making the deformation authentication image 8 resemble a movie star or the like that the holder prefers rather than resembling the holder. It becomes possible to increase the satisfaction of the holders that you own.

  Furthermore, even if the deformation authentication image 8 is not an image similar to the holder, the operator can obtain the authentication image 6 by the image morphing technique on the terminal 3 based on the deformation authentication image 8 and the target image 7. Since it is possible to confirm whether or not the user of the credit card 4 is a holder based on the authentication image 6 obtained while ensuring high judgment accuracy, high security in the card authentication process is maintained. It becomes possible.

  Further, as described above, when the deformation authentication image 8 is not printed on the surface of the credit card 4 but is recorded on the recording unit 9 of the credit card 4, the deformation authentication image 8 is visually recognized from the outside of the card. Since it cannot be confirmed, even if the deformation authentication image 8 is an image that does not resemble a holder, there will be no inconvenience.

1 ... Card authentication system 2 ... Server (card authentication server)
3 ... Terminal (card authentication terminal)
4 ... Credit card (authentication card)
5 ... Network 6 ... Authentication image 7 ... Target image 8 ... Deformation authentication image 9 ... (Credit card) recording unit (recording means)
10: Card reader unit (of the terminal) (card reader means)
11 ... Image scanning unit (terminal) (image reading means)
12 ... Image recording section (terminal) (image recording means)
13 ... (terminal) communication unit (terminal communication means)
14 ... (terminal) control processing unit (image processing means)
15 ... (terminal) image display unit 20 ... (server) communication unit (server communication means)
21 (control unit) (server) (target image collection generation means, replacement conversion means, classification means)
22 ... (server) terminal information recording unit (decryption key recording means, specific information recording means)
23... (Target server) target image recording unit 24... (Server) holder information recording unit (key information recording means)

Claims (6)

A card authentication server that holds information used to authenticate the authentic owner of an authentication card at a card authentication terminal,
The authentication card has a deformation authentication image printed on the card surface or recorded on a recording means,
The modified authentication image is based on feature information partially defining a characteristic configuration of the authentication image and target feature information partially defining a characteristic configuration of a target image different from the authentication image. An image transformed by subjecting a portion corresponding to the characteristic configuration of the image to a corresponding portion in the characteristic configuration of the target image according to a predetermined deformation rate,
The information used to authenticate the authentic owner of the authentication card at the card authentication terminal is modified feature information partially defining a characteristic configuration of the modified authentication image, the target image, the target feature information, and the At least one piece of information of the deformation rate,
The card authentication server is
Key information recording means for recording the information used for authenticating the authentic owner of the authentication card at the card authentication terminal as image restoration key information;
Server communication means capable of transmitting the image restoration key information recorded in the key information recording means to the card authentication terminal via a network;
Target image collection generating means for generating a target image collection including a plurality of images including the target image, and replacement conversion means for replacing and converting the order of images included in the target image collection in association with the card authentication terminal; ,
Specific information recording means for recording specific information capable of specifying the target image from a plurality of replacement-converted images included in the target image collection in association with the card authentication terminal. ,
The server communication means periodically transmits the target image collection generated by the target image collection generation means to the card authentication terminal, and receives the specific information in response to a request from the card authentication terminal. To the card authentication terminal,
In the card authentication terminal, the characteristic configuration of the modified authentication image is obtained based on the target feature information and the modified feature information by using the image restoration key information acquired through the server communication unit. The authentication image of the authentic owner of the authentication card is restored by performing reverse image morphing processing on the portion corresponding to the target image in accordance with the corresponding portion in the characteristic configuration of the target image and the deformation rate.
A card authentication server. A card authentication terminal for authenticating the authentic owner of the authentication card according to claim 1 ,
Image reading means for reading the deformation authentication image from the authentication card;
Based on the target feature information and deformation feature information partially defining the characteristic configuration of the deformation authentication image, a portion corresponding to the characteristic structure of the deformation authentication image read by the image reading unit A card authentication terminal comprising: an image processing unit that restores the authentication image by performing a reverse image morphing process in accordance with a corresponding portion of the target image in the characteristic configuration and the deformation rate. Via a network has a terminal communication unit capable of transmitting and receiving the card authentication server information,
In the card authentication server, at least one or more of the deformation authentication image, the deformation feature information, the target image, the target feature information, and the deformation rate is recorded as image restoration key information,
The terminal communication means obtains the image restoration key information recorded in the card authentication server;
The card authentication terminal according to claim 2, wherein the image processing unit restores the authentication image using the image restoration key information acquired by the terminal communication unit. A terminal communication unit capable of transmitting and receiving the card authentication server information via the network,
An image recording unit in which a target image collection including a plurality of images including the target image is recorded;
The card authentication server records at least one of the deformation authentication image, the deformation feature information, the target feature information, and the deformation rate as image restoration key information and also records it in the image recording means. Specific information required for specifying the target image from the target image collection is recorded,
The terminal communication means acquires the image restoration key information and the specific information from the card authentication server,
The image processing means specifies the target image from the target image collection based on the specifying information acquired by the terminal communication means, and specifies the specified target image and the image restoration acquired from the card authentication server. The card authentication terminal according to claim 2, wherein the authentication image is restored using key information. An authentication card for authenticating the authentic owner of the card,
A card surface on which a deformation authentication image is printed, or a recording means on which the deformation authentication image is recorded,
The authentication image is restored from the modified authentication image by the card authentication terminal according to claim 1.
An authentication card characterized by that. A modified authentication image printed on the surface of a card or recorded on a recording means, characterized by partial definition of the characteristic configuration of the authentication image and a characteristic configuration of a target image different from the authentication image Based on the partially defined target feature information, a portion corresponding to the characteristic configuration of the authentication image is subjected to image morphing processing according to a predetermined deformation rate to a corresponding portion in the characteristic configuration of the target image. An authentication card that holds images transformed by
Image reading means for reading the deformation authentication image from the authentication card;
Based on the target feature information and deformation feature information partially defining the characteristic configuration of the deformation authentication image, a portion corresponding to the characteristic structure of the deformation authentication image read by the image reading unit A genuine owner of the authentication card, having a corresponding portion of the target image in the characteristic configuration and an image processing means for restoring the authentication image by performing an inverse image morphing process according to the deformation rate A card authentication terminal that authenticates
Key information recording means for recording at least one of the deformation feature information, the target image, the target feature information, and the deformation ratio as image restoration key information, and the key information recording means recorded on the key information recording means Server communication means capable of transmitting image restoration key information to the card authentication terminal via a network, and target image collection generation means for generating a target image collection composed of a plurality of images including the target image Replacement conversion means for replacing and converting the order of images included in the target image collection in association with the card authentication terminal, and the target image from among the plurality of replacement-converted images included in the target image collection. A card authentication server having specific information recording means for recording specific information that can be specified in association with the card authentication terminal;
With
The server communication means of the card authentication server periodically transmits the target image collection generated by the target image collection generation means to the card authentication terminal, and in response to a request from the card authentication terminal, Send specific information to the card authentication terminal,
The card authentication terminal further includes terminal communication means capable of transmitting / receiving information to / from the card authentication server, and image recording means for recording the target image, wherein the terminal communication means is the server communication means. Periodically acquiring and recording the target image collection transmitted by the image recording unit, and acquiring the specific information transmitted from the server communication unit upon request,
The image processing means of the card authentication terminal specifies the target image from the target image collection based on the acquired specifying information, and is acquired from the card authentication server by the specified target image and the terminal communication means. A card authentication system that restores the authentication image by using the image restoration key information .

Images