JP5377427B2 - Automatic cash transaction apparatus, program, and transaction method - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To automatically detect a stealthy glance of a code number by a person other than a user to cancel the use by the person other than the user without loosing original operability. <P>SOLUTION: A cash automatic transaction device 1 includes: a stealthy glance determination part for determining whether a stealthy glance by a third person occurs, when a code number is input in a code number input part; a person face information acquisition part for acquiring face information 14 of a user using a transaction medium; a person determination part for determining whether face information of the current user acquired by the person face information acquisition part from the current user injecting the transaction medium shows the same person as the face information 14 of the user stored in the person face information storage part, when it is determined that a stealthy glance occurs; and a transaction cancellation part for cancelling a transaction, when the person determination part determines the person is not the user. <P>COPYRIGHT: (C)2012,JPO&amp;INPIT

Description

  The present invention relates to an automatic teller machine that stops use other than the user when the user himself / herself of the automatic teller machine is stolen.

  An automatic cash transaction apparatus installed in a financial institution accepts a medium such as a card or a passbook and executes withdrawal of a deposit and deposit of cash. Normally, in order to prevent a malicious third party from withdrawing deposits from the user's account, after a transaction medium such as a card or passbook is inserted into the device, the automatic teller machine will input a PIN. Confirm that you are the user.

  However, the code number is input by a method of visually recognizing buttons provided on the operation surface of the apparatus and a plurality of button displays arranged on the screen and pressing the buttons or button displays with a finger. Therefore, when the user himself / herself inputs the personal identification number into the apparatus, it is possible to know the personal identification number if the third party observes the hand near the user himself / herself.

  In the crime using a card, a malicious third party steals the user's personal identification number, obtains the user's own card or a copy of it in some form, and impersonates the user. This is done by using a method to withdraw deposits from an account. For this reason, various techniques for preventing the security code from being seen are proposed.

  For example, what makes the back monitoring suitable when the user of the automatic teller machine operates the apparatus has been proposed (see Patent Document 1). However, since the user himself / herself must monitor the snooping, there is a problem that the operability for the original purpose of use is impaired.

  In addition, if it is determined that there is a risk of snooping by processing the video taken around the user who enters the password, the password input process is interrupted to prevent leakage of the password (See Patent Document 2).

  However, if it is assumed that the back waiter was not malicious even if the back waiter was not malicious, not only the user's operation for the original purpose of use was impaired, but also the back waiter suffered mental pain. There was a problem of receiving.

JP 2005-327144 A JP 2006-39841 A

  Therefore, in order to solve such problems, the present invention automatically detects that a password other than the user has been stolen without losing the original operability, and can be used by a user other than the user. The purpose is to cancel.

The present invention relates to a transaction medium reception unit that accepts input of a transaction medium used for a transaction, a personal identification number input unit that accepts input of a personal identification number, and a snooping by another person when the personal identification number is input to the personal identification number input unit. If it is determined that there is a snooping in the snooping determination unit, a personal face information acquisition unit that acquires the face information of the user who uses the transaction medium, and the snooping determination unit A user's face information recording unit that records the user's own face information in a predetermined person's face information storage unit, and when the user's own person's face information is recorded, A person determination unit that determines whether or not the face information of the current user acquired by the person face information acquisition unit is the same person as the face information of the user himself / herself recorded in the person face information storage unit;
It is an automatic cash transaction apparatus provided with the transaction cancellation part which cancels a transaction, when it determines with the said person determination part not being the said user himself / herself.

  According to the present invention, the automatic teller machine can determine whether or not there has been a snooping by another person when inputting the personal identification number, and when it is determined that there has been a snooping, the transaction of the person who is not the user is canceled. I can do it.

The block diagram of a cash automatic transaction system. The perspective view of an automatic teller machine. Program and information structure diagram. 1 is a flowchart of the entire invention. The flowchart of the personal face authentication process of this invention. The flowchart of a suspicious person registration process of this invention.

  An embodiment of the present invention will be described below with reference to the drawings.

  An automatic cash transaction system 101 including an automatic cash transaction apparatus 1, a host computer 2, an ID card 20 such as a cash guard as a transaction medium, and a bankbook will be described in detail with reference to the drawings.

  FIG. 1 is a configuration diagram of an automatic cash transaction system 101. An automatic cash transaction system 101 includes an automatic cash transaction apparatus 1, a host computer 2, a communication network 100, a card 20 and a passbook (both not shown in FIG. 1) according to the present invention.

  One host computer 2 is normally connected to a plurality of automatic teller machines 1 through a communication network 100, and transmits / receives information to / from the automatic teller machine 1 to process and store information. The host computer 2 is connected to an automatic cash transaction apparatus 1 as well as a terminal device of a financial institution (not shown in FIG. 1), and the host computer 2 performs processing of the entire financial system.

  FIG. 2 is a perspective view of the automatic teller machine 1. The automatic teller machine 1 displays various transaction screens, a display / input unit 3 as a password input unit for the user himself / herself to input transaction information (password, transaction amount, etc.), and the user himself / herself is cash As a transaction medium reception unit that takes in the card 20 to be inserted into the automatic transaction apparatus 1, reads / writes data to / from a magnetic stripe (also referred to as MS: magnetic stripe) on the surface of the card 20, and discharges the card 20 after the transaction ends. Card operation unit 5 takes in the passbook inserted by the user into the automated teller machine 1, reads and writes data to the magnetic stripe on the passbook surface, prints transaction information on the required pages, and discharges the passbook after the transaction is completed Banknote operation unit 6 as a transaction medium reception unit to perform, banknote operation unit for taking in and out banknotes in cash transactions (deposit, withdrawal, transfer, etc.) 7. Coin operation unit 8 for taking in and out coins in cash transactions (deposits, withdrawals, transfers, etc.), camera unit 9 for photographing the user of the automatic teller machine 1 and its surroundings, and a statement for printing and discharging the transaction history The operation unit 10 is configured. The automatic cash transaction apparatus 1 is provided with a control device and a storage device (not shown).

  The main components of the automatic teller machine 1 (also referred to as ATM: automatic teller machine) are stored in a central processing unit (CPU: also called central processing unit), a storage device (hard disk, memory, etc.), and a storage device. The transaction processing program 21 of the automatic teller machine 1, the above-mentioned various devices of 5, 5 to 10, and the I / O control device for inputting / outputting information to / from the various devices.

  The transaction processing program 21 is executed by the central processing unit, and various transactions of the automated teller machine 1 are performed by the user himself / herself by the functions of the above-described devices. In addition, in the host computer personal database (DB1) 13 of the host computer 2 to which the automatic teller machine 1 is connected to the network, information of the user (name, account number, personal identification number, deposit information, etc.), etc. Is stored, and the host computer 2 performs various processes such as collation of the password transmitted from the automatic teller machine 1. In each process, information is normally encrypted using an encryption technique, but description of the contents is omitted in the present invention.

  FIG. 3 shows programs and information structures in the automatic teller machine 1 and the host computer 2. On the automatic cash transaction apparatus 1 side, a transaction processing program 21, a person face authentication program 22, and a suspicious person registration program 23 are stored in the storage device of the automatic cash transaction apparatus 1, and each program 21, 22, 23 is automatic cash. It is executed by the central processing unit in the transaction apparatus 1.

  Also on the host computer 2 side, a host-side transaction processing program 24, a host-side person face authentication program 25, and a host-side suspicious person registration program 26 are stored in the storage device of the host computer 2.

  Each program 24, 25, 26 stored on the host side is executed by a central processing unit in the host computer 2. In addition, a personal computer database (DB1) 13 and a host computer suspicious person database (DB2) 17 are stored in the storage device of the host computer.

  In the personal computer database (DB1) 13 in the host computer, in addition to the personal information (that is, account number, personal identification number, etc.), personal face information 14 (video etc.), warning flag 15 as warning information, and passbook usage flag as passbook usage information There are 16 etc.

The host computer suspicious person database (DB2) 17 has a suspicious person face information 18 (video etc.) as a suspicious person / account number, an account number 19 of the user himself / herself, and a description area such as recording date and time.
The card 20 has a suspicious person flag 12 or the like as suspicious person information in addition to the user's own information (that is, an account number or the like).

  Next, the personal face authentication programs 22 and 25 will be described. The user himself / herself inserts the card 20 into the card operation unit 5 to start the transaction of the automatic teller machine 1, and the card operation unit 5 reads the magnetic stripe data on the surface of the card 20.

  When the suspicious person flag 12 of the in-card data 11 of the card 20 is ON, the person's face authentication program 22 recognizes the face of the user of the automatic teller machine 1 from the video taken by the camera unit 9, and the person in the host computer Compared with the user's own person's face information 14 (that is, video etc.) stored in the database (DB 1) 13, the person's identity is confirmed as the person determining means.

  Various methods for performing face recognition from video captured by the camera unit 9 are already widely known, and the present invention is not particularly limited as any of these various methods for performing face recognition may be used. In addition, when the person and the peeper are reflected in the photographed video, the user who has a shorter distance or a larger person may be used as the user.

  Next, the suspicious person registration programs 23 and 26 according to the present invention will be described. When the user of the automatic teller machine 1 inputs a personal identification number for a transaction such as deposit withdrawal, the suspicious person registration program 23 detects that the personal identification number has been detected by the snooping detector as a snooping determination unit. The suspicious person flag 12 in the data 11 is turned ON.

  Furthermore, the face information 14 (video etc.) of the user himself / herself is stored in the identity database (DB1) 13 in the host computer, and the suspicious person face information 18 (ie video etc.) is associated with the user himself / herself such as account number 19 and date / time. The information to be stored is stored in the suspicious person database (DB2) 17 in the host computer.

  In addition, about the detection method of a snooping, based on the image | video image | photographed with the camera part 9, the user of the automatic teller machine 1 and the person of the circumference | surroundings are recognized, and the user of the automatic teller machine 1 is identified. For other people, the peek at the display / input unit 3 is specified by the distance, face direction, and line of sight, and when the user himself / herself is peeking for the password, It is determined that a snooping was done. As for the detection method of snooping, it may be determined that there is a risk of snooping when a part of the human body other than the user is detected in proximity to the user other than the face.

  FIG. 4 is a flowchart of the entire invention, FIG. 5 is a flowchart of the personal face authentication programs 22 and 25, and FIG. 6 is a flowchart of the suspicious person registration programs 23 and 26.

  A flow from the start to the end of the transaction will be described with reference to FIG. First, the control device of the automatic teller machine 1 executes a passbook insertion process for accepting that the user himself / herself inserts the card 20 into the card operation unit 5 or inserts the passbook into the passbook operation unit 6 (step S1). ).

  Next, the control device displays various transaction information (withdrawal, deposit, transfer, etc.) on the input / display unit 3 and selects a target transaction from among them, and executes a transaction selection process for acquiring selection information ( Step S2). Note that the order of the transaction selection process (step S2) and the card 20 or passbook insertion process (step S1) may be interchanged.

  Next, the personal face authentication process (step S3 in FIG. 4) will be described with reference to FIG. First, the control device determines whether a card is inserted or a passbook is inserted (step S11 in FIG. 5). When the passbook is inserted (step S11: NO), the control device checks with the host computer 2 whether the personal face information 14 is stored in the personal database (DB1) 13 in the host computer (step S17) and stores it. If not (NO in step S17), the process proceeds to a password input process (step S4 in FIG. 4).

  The personal face information 14 is stored when a peep is detected by a suspicious person registration process (step S5 in FIG. 4) described later. Accordingly, it can be determined that the person's face information 14 has been peeped in the past, and the person's face information 14 has not been peeped.

  When the personal face information 14 has been stored (step S17: YES), since the user has been peeped in the past, the control device can identify the face information of the user photographed by the camera unit 9 and the person in the personal database 13 in the host computer. The face information 14 is compared to perform face authentication (step S13).

  If it is confirmed that the person has been authenticated by the person's face authentication (step S14: YES), the control device moves to a password input process (step S4 in FIG. 4) after steps S15 and S16. Steps S15 and S16 will be described later. If the user cannot be confirmed (step S14: NO), the user is regarded as a suspicious person, and the warning flag 15 of the above-mentioned personal database (DB1) 13 in the host computer is turned ON (step S20).

  Further, the control device stores the suspicious person face information 18, the principal account number 19, the date and time in the suspicious person database (DB2) 17 in the host computer (step S21), and retracts the card 20 into the automatic teller machine 1. (Step S22), a notification is also made to the window, the police, etc. (Step S23), and the transaction is terminated (Step S24).

  On the other hand, if it is determined in the determination of whether the card is inserted or the bankbook is inserted that the card 20 is inserted (step S11: YES), the control device determines whether the suspicious person flag 12 in the card is ON. Is determined (step S12).

  The suspicious person flag 12 is stored when a peep is detected by a suspicious person registration process described later. Therefore, if the suspicious person flag 12 is ON, it can be determined that the person has been peeped in the past, and if the suspicious person flag 12 is OFF, it can be determined that the person has not been peeped.

  Moreover, if the ON / OFF state of the suspicious person flag 12 is different from the original state, it can be determined that the card is a forged card. When the suspicious person flag 12 of the in-card data 11 is ON (step S12: YES), since it has been peeped in the past, the control device sequentially performs the processing after the above-described personal face authentication (steps S13, S14). .

  When the suspicious person flag 12 is OFF (step S12: NO), the control device confirms whether the personal face information 14 is stored in the personal computer database (DB1) 13 in the host computer (step S18). If not stored (step S18: NO), since there is no particular problem, the control device moves to a password input process (step S4 in FIG. 4).

  When the personal face information 14 is stored (step S18: YES), and when the passbook use flag 16 of the above-mentioned personal database (DB1) 13 in the host computer is OFF (step S19: YES), in a normal state Therefore, the control device assumes that the card has been forged, and turns on the warning flag 15 in the personal computer database (DB1) 13 as described above (step S20).

  Further, the control device stores the suspicious person face information 18, the person's account number 19, the date and time in the suspicious person database (DB2) 17 in the host computer (step S21), and notifies the window, police, etc. (step S23). ). If the passbook use flag 16 is ON (step S19: NO), since the controller has been peeked when the passbook has been used in the past, the control device sequentially performs the processes after the personal face authentication process (steps S13 and S14). Do.

  When it is possible to confirm the identity in the face authentication process (step S14: YES), and when the warning flag 15 of the above-mentioned identity database (DB1) 13 in the host computer is ON (step S15: YES), theft card or forgery Since it can be determined that the card has been used, the control device outputs an alarm such as a password change guide to the display / input unit 3 (step S16).

  If there is a change in the security code, the security code is different from the one that has been peeked. Therefore, the control device uses the personal information in the personal computer database (DB1) 13 in the host computer 14, the warning flag 15, and the passbook. The flag 16 and the suspicious person flag 12 of the card are cleared, and the personal identification number of the personal database (DB1) 13 in the host computer is changed.

  When changing, if the same password is input, an error is displayed and a different password may be input without fail. In addition, when the person's face authentication (step S13) is regarded as a suspicious person (step S14: NO), or when it is regarded as the use of a counterfeit card (step S19: YES), it is not a normal state. The control device can also evacuate the card 20 and the passbook inserted in step S22 into the automatic teller machine 1 as they are.

When the warning flag 15 is OFF (step S15: NO), since it is not particularly abused, the process proceeds to a password input process (step S4 in FIG. 4).
In the personal face authentication process (step S3 in FIG. 4), when the personal face authentication is not necessary and when the personal authentication is possible by the personal face authentication, the control device moves to a password input process (step S4 in FIG. 4). .

  In the password input process (step S4), the user himself / herself inputs the password from the display / input unit 3. At this time, the snooping detection unit monitors whether there is a suspicious person who tries to sneak out the security code by looking at the display / input unit 3 while entering the security code.

  Note that if the identity can be confirmed by the face authentication, the control device can omit the password input process (step S4). Further, depending on the transaction (for example, deposit) selected by the transaction process described above, a flow that does not proceed to the personal face authentication process (step S3) or the password input process (step S4) is also possible.

  However, when the warning flag 15 of the above-mentioned personal database (DB1) 13 in the host computer is ON, the control device outputs an alarm such as a password change guide to the display / input unit 3.

  Next, the suspicious person registration process (step S5 in FIG. 4) will be described with reference to FIG. If there is a suspicious person in the password input process (step S4 in FIG. 4) (step S31: YES), the control device uses the face information of the user himself / herself in the aforementioned personal computer database (DB1) 13 in the host computer. In the information description area, the face information 14 is described (step S32).

  Next, when the card 20 or the passbook insertion process (step S1 in FIG. 4) inserts the card 20 (step S33 in FIG. 6: YES), the control device turns on the suspicious person flag 12 of the in-card data 11 (Step S34).

  On the other hand, when the passbook is inserted (step S33: NO), the control device turns on the passbook use flag of DB1 in the host computer (step S35). Thereafter, the control device stores the suspicious person face information 18, the principal account number 19, the date and time, etc. in the suspicious person database (DB2) 17 in the host computer (step S36).

  Next, the control device determines whether or not there is the same account number in the suspicious person database (DB2) 17 in the host computer (step S37). If there is the same account number (step S37: YES), since the same user has been peeped multiple times, the control device reports to a staff member or police (step S38) and ends the suspicious person registration process. . Conversely, if there is no identical account number (step S37: NO), the suspicious person registration process is terminated without making a report.

  Finally, after performing the transaction process (step S6 in FIG. 4) intended by the user himself / herself, the card 20 or the passbook is returned to the user himself / herself, a statement is issued and the transaction is completed.

  With the above configuration and operation, the automatic teller machine 1 can determine whether or not there has been a snooping by another person at the snooping detector when inputting a personal identification number. It is possible to cancel the transaction of a person who is not.

  Further, the automatic teller machine 1 can record that the card 20 or the passbook has been used by a person who is not the user himself / herself, and further changes the personal identification number for the safety of the transaction to the user himself / herself. Can be encouraged.

  Moreover, when it returns to the state which can be traded safely by changing a PIN, the automatic teller machine 1 can delete the personal face information 14, and can return to the record of the original normal state.

  Further, when the automatic teller machine 1 determines that the snooping is detected by the snooping detection unit, the face information 18 of the suspicious person determined to be sneaking and the personal account number 19 from which the personal identification number is snooping is recorded in association with each other. Can do. As a result, it is possible to detect that the same principal account number 19 has been peeped multiple times.

Further, referring to the suspicious person flag 12 in the card 20, the personal face information 14 in the host computer personal database (DB 1) 13, and the passbook use flag 16, the automatic teller machine 1 prevents transactions using counterfeit transaction media. Can do. That is,
If the person's face information 14 is present, the suspicious person flag 12 or the passbook use flag 16 should be in effect, but the fact that it is not registered can be determined to be counterfeit.

  Further, by referring to the suspicious person face information 18 in the host computer suspicious person database (DB2) 17 and the principal account number 19 by the determination by the snooping detector, the automatic teller machine 1 has been peeped twice or more. Report to staff and police, etc. and / or notify the user.

  Moreover, the automatic teller machine 1 can determine the presence or absence of a snooping by registering the passbook use flag 16 even when the security code is sneaked during a transaction in the bankbook.

  Further, when the identity can be confirmed by the face authentication as described above, the control device can omit the password input process (step S4). In this case, since the face authentication is generally more secure than the input of the personal identification number, the user himself / herself can perform the automatic cash transaction safely and more simply.

  In addition, the personal face authentication programs 22 and 25 and the suspicious person registration programs 23 and 26 described above can be installed and used in the appropriate automatic teller machine 1 and the host computer 2.

In addition, since identity verification (step S14) is performed only when peeped in the past, normal processing can be executed unless peeped.
Further, since the person is automatically registered when peeped in the past, the person can be confirmed without requiring any special registration work.
The present invention is not limited to the configuration of the above-described embodiment, and many embodiments can be obtained.

  The present invention can be used for an automatic cash transaction apparatus.

DESCRIPTION OF SYMBOLS 1 ... Automatic cash transaction apparatus 3 ... Display and input part 5 ... Card operation part 6 ... Passbook operation part 12 ... Suspicious person flag 14 ... Personal face information 15 ... Warning flag 16 ... Passbook use flag 18 ... Suspicious person face information 19 ... Account Number 20 ... Card 21 ... Transaction processing program 22 ... Personal face authentication program 23 ... Suspicious person registration program 24 ... Host side transaction processing program 25 ... Host side personal face authentication program 26 ... Host side suspicious person registration program

Claims (10)

A transaction medium reception unit for receiving input of a transaction medium used for the transaction;
A password input section for receiving a password,
A snooping determination unit that determines whether or not there was a snooping by another person at the time of inputting the PIN number to the PIN number input unit,
A face information acquisition unit for acquiring face information of the user who uses the transaction medium;
When it is determined that there is a snooping in the snooping determination unit, a personal face information recording unit that records the acquired facial information of the user in a predetermined personal face information storage unit;
When the face information of the user is recorded, the face information of the current user acquired by the face information acquisition unit from the current user who inserted the transaction medium is stored in the face information storage unit. A person determination unit for determining whether or not the recorded face information of the user is the same person;
The automatic cash transaction apparatus provided with the transaction cancellation part which cancels a transaction, when it determines with the said person determination part not being the said user himself / herself. A warning information registration unit that registers warning information in a predetermined warning information storage unit when the person determination unit determines that the user is not the user,
The automatic teller machine according to claim 1, further comprising: a password change alarm unit that issues an alarm for changing the password if the warning information is registered. When a change in the personal identification number of the user is detected by the alarm,
The automatic cash transaction apparatus according to claim 1, further comprising a face information deleting unit that deletes the personal face information. If it is determined by the snooping determination unit that there is a sneaking
The suspicious person information recording part which correlates the face information of the suspicious person determined to have seen it and the account number where the personal identification number has been stolen and records it in a predetermined suspicious person / account number storage part. 3. Automatic cash transaction apparatus according to 3. When the warning information is not registered in the predetermined warning information part, and the face information of the user himself / herself is recorded in the face information storage part of the user himself / herself,
The automatic teller machine according to any one of claims 1 to 4, further comprising a transaction cancellation unit that determines that the transaction medium has been counterfeited and cancels the transaction. When it is determined by the snooping determination unit that the personal identification number has been sneaked and when the account number has already been recorded in the suspicious person / account number storage unit, that is, when the peeping has been peeped twice or more ,
The automatic teller machine according to any one of claims 1 to 5, further comprising a notification / notification unit for reporting to a staff member or the police and / or notifying the user himself / herself. If there is a sneak peek of the PIN during a transaction in the passbook
In the snooping determination unit,
The automatic cash transaction apparatus according to any one of claims 1 to 6, further comprising a passbook use information recording unit that records passbook use information in a predetermined principal information area. When it is determined that the user is the user himself / herself,
The automatic cash transaction apparatus according to any one of claims 1 to 7, further comprising an input omission unit that omits input of the personal identification number. Transaction medium accepting means for accepting input of a transaction medium used for transaction in the automatic teller machine;
A password input means for receiving input of a password;
Snooping determination means for determining whether or not there has been a snooping by another person at the time of inputting the personal identification number to the personal identification number input means;
Face information acquisition means for acquiring face information of the user who uses the transaction medium;
If it is determined by the snooping determination means that there is a snooping, the personal face information recording means for recording the acquired facial information of the user himself / herself in a predetermined personal face information storage unit;
When face information of the user is recorded, the face information of the current user acquired by the face information acquisition unit from the current user who has inserted the transaction medium is stored in the face information storage unit. Identity determination means for determining whether or not the recorded person's face information is the same person;
A program for functioning as transaction cancellation means for canceling a transaction when it is determined by the principal determination means that the user is not the user. Accepting the input of the transaction medium used for the transaction by the transaction medium reception unit,
Accepting the input of the personal identification number by the personal identification number input unit,
In the input of the PIN number to the PIN number input unit, it is determined by the snooping determination unit whether or not there was a snooping by another person,
The face information of the user himself / herself who uses the transaction medium is acquired by the person face information acquisition unit,
When it is determined that there is a snooping in the snooping determination unit, the acquired face information of the user himself / herself is recorded in the predetermined person's face information storage unit by the person's face information recording unit,
When the face information of the user is recorded, the face information of the current user acquired by the face information acquisition unit from the current user who inserted the transaction medium is stored in the face information storage unit. Whether the same person as the recorded face information of the user is determined by the person determination unit,
An automatic cash transaction method in which a transaction is canceled by the transaction cancellation unit when it is determined that the user determination unit is not the user.

Images