JP6664753B1 - Forgery determination system, forgery determination method, and forgery determination program - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a forgery determination system, a forgery determination method, and a forgery determination program capable of accurately determining forgery of a personal identification document. According to one embodiment of the present invention, there is provided a forgery determination system for determining forgery of a personal identification document, including a data acquisition unit for acquiring imaging data of the personal identification document, and a regular form layout of the personal identification document. Corresponds to the judgment reference area based on the format layout information stored in the storage unit from the imaging data acquired by the data acquisition unit by referring to the storage unit that stores the information and the regular rule in the judgment reference area of the personal identification document An extraction unit that extracts the captured image data as determination target data, a recognition unit that recognizes a rule from the determination target data extracted by the extraction unit, a rule recognized by the recognition unit, and a determination reference area stored in the storage unit. And a determination unit for determining forgery of the identity verification document based on the result of the verification with the regular rule in (1). [Selection diagram] FIG.

Description

  The present invention relates to a forgery determination system, a forgery determination method, and a forgery determination program, and more particularly, to a forgery determination system, a forgery determination method, and a forgery determination program for determining whether an identity verification document is forgery.

  When making various applications and contracts, confirmations are made using personal identification documents such as driver's licenses, insurance cards, and passports. As a technique for determining the authenticity of the identity verification document, Patent Literature 1 discloses a system capable of performing authenticity determination at low cost and with high reliability. In this system, forgery determination of a certificate is performed based on a comparison between an enlarged image displayed on a display unit and a real certificate image corresponding to the enlarged image.

  Patent Literature 2 discloses a system for improving the determination accuracy of forged personal identification documents. This system stores a prediction model for calculating a forgery index indicating the degree to which the identity verification document displayed on the judgment target image can be forged, and inputs the judgment target image to the prediction model to make the judgment. The forgery index for the target image is calculated.

JP 2006-011866 A JP-A-2019-003421

  A system for determining the authenticity of an identity verification document tends to be large-scale, and it is difficult to introduce it easily in a small store or a counter. For this reason, it is expected that a system that can accurately determine the forgery of the identity verification document and that does not become large-scale will appear.

  The present invention has been made in view of the above problems, and has as its object to provide a forgery determination system, a forgery determination method, and a forgery determination program that can accurately determine forgery of an identity verification document.

  In order to solve the above problems, one embodiment of the present invention is a forgery determination system for determining forgery of an identity verification document, comprising: a data acquisition unit that acquires imaging data of the identity verification document; Reference is made to a storage unit for storing the format layout information and the regular rule in the determination reference area of the personal identification document, and based on the format layout information stored in the storage unit from the imaging data acquired by the data acquisition unit. An extraction unit that extracts imaging data corresponding to the region as determination target data, a recognition unit that recognizes a rule from the determination target data extracted by the extraction unit, a rule that is recognized by the recognition unit, and a rule that is stored in the storage unit. A determination unit that determines forgery of an identity verification document based on a result of comparison with a legitimate rule in a determination reference area.

  According to the present invention, it is possible to provide a forgery determination system, a forgery determination method, and a forgery determination program that can accurately determine forgery of an identity verification document.

FIG. 1 is a diagram illustrating a configuration of a forgery determination system according to a first embodiment. FIGS. 2A and 2B are diagrams illustrating a configuration of a user terminal according to the first embodiment. FIGS. 2A and 2B are diagrams illustrating a configuration of an authentication server according to the first embodiment. 4 is a flowchart illustrating a forgery determination method according to the first embodiment. 9 is a flowchart illustrating an example of forgery determination based on an array of names. (A)-(c) is a schematic diagram which shows the example of the forgery determination by the arrangement | sequence of a name. It is a flowchart which shows the example of forgery determination by an address posting rule. (A)-(c) is a schematic diagram which shows the example of the forgery determination by an address posting rule. 9 is a flowchart illustrating an example of forgery determination based on an expiration date font rule. 7A and 7B are schematic diagrams illustrating an example of forgery determination based on a font rule for an expiration date. (A) And (b) is a schematic diagram which shows the example of forgery determination by the font rule of the conditions of a license. It is a flowchart which shows the example of forgery determination by the type of license. (A) And (b) is a schematic diagram which shows the example of forgery determination by the type of license. It is a flowchart which shows the example of forgery determination by a seal. (A) And (b) is a schematic diagram which shows the example of the forgery determination by a seal. It is a flowchart which shows the example of forgery determination by a check digit. (A) And (b) is a schematic diagram which shows the example of forgery determination by a check digit. (A) And (b) is a figure which illustrates the structure of the user terminal which concerns on 2nd Embodiment. (A) and (b) are figures which illustrate the structure of the authentication server concerning 2nd Embodiment. FIG. 14 is a diagram illustrating an operation of first to fourth determination units of the authentication server according to the second embodiment. It is a flowchart figure which shows the process of the authentication system (user terminal side) which concerns on 2nd Embodiment (imaging process). It is a flowchart figure which shows the process of the authentication system (authentication server side) which concerns on 2nd Embodiment (authentication process). It is a functional block diagram of user terminal 2 and authentication server 3 concerning a 3rd embodiment. It is a flow chart figure showing processing of an attestation system concerning a 3rd embodiment (imaging processing). It is a flowchart figure which shows the process of the authentication system which concerns on 3rd Embodiment (authentication process).

  Hereinafter, embodiments of the present invention will be described with reference to the drawings. In the following description, the same components are denoted by the same reference numerals, and description of the components that have been described once will be omitted as appropriate. Various types of identification documents such as a passport (passport), a basic resident register card, and a residence card can be used as the identification documents used for the identification.

[First Embodiment]
FIG. 1 is a diagram illustrating a configuration of a forgery determination system according to the present embodiment. The forgery determination system 1 is a system for determining forgery of an identity verification document. The forgery determination system 1 includes a user terminal 2 and an authentication server 3. The user terminal 2 and the authentication server 3 have a configuration connected via a network 4. Note that the number of user terminals 2 and the number of authentication servers 3 included in the forgery determination system 1 are arbitrary. The network 4 may be any communication network as long as the user terminal 2 and the authentication server 3 can communicate with each other.

(User terminal 2)
The user terminal 2 is a terminal (for example, a smartphone, a tablet PC (Personal Computer), a desktop PC, a notebook PC, or the like) used by the user U (for example, a user who wants to authenticate himself or herself). The user U uses the user terminal 2 to determine forgery of the identity verification document.

  FIG. 2A is a hardware configuration diagram of the user terminal 2, and FIG. 2B is a functional block diagram of the user terminal 2. As shown in FIG. 2A, the user terminal 2 has a configuration in which a communication IF 200A, a storage device 200B, an input device 200C, a display device 200D, an imaging device 200E, and a CPU 200G are connected via a bus 200H.

  The communication IF 200A is an interface for communicating with external devices such as the authentication server 3 and other user terminals 2 via the network 4.

  The storage device 200B is, for example, an HDD or a semiconductor storage device. The storage device 200B may store a forgery determination program (application software).

  The input device 200C is, for example, a touch panel, a keyboard, a mouse, or the like, and the user U can operate the input device 200C to make a forgery determination of the personal identification document.

  The display device 200D is, for example, a liquid crystal monitor or an organic EL monitor. The display device 200D displays a screen necessary for using the forgery determination system 1.

  The imaging device 200E is, for example, a camera including a solid-state imaging device such as a CCD (charge coupled device) image sensor and a CMOS (complementary MOS) image sensor. The user U images the personal identification document using the imaging device 200E.

  The CPU 200G controls the user terminal 2 and includes a ROM (Read Only Memory) and a RAM (Random Access Memory) not shown.

  As shown in FIG. 2B, the user terminal 2 has functions such as an imaging device control unit 201, an input reception unit 202, a display device control unit 203, a transmission unit 204, a reception unit 205, and a storage device control unit 210. . The function shown in FIG. 2B is realized by the CPU 200G executing a forgery determination program stored in a ROM (not shown) of the user terminal 2.

  The imaging device control unit 201 controls imaging by the imaging device 200E. Specifically, the imaging device control unit 201 controls the imaging device 200E.

  The input receiving unit 202 receives an input operation on the input device 200C.

  The display device control unit 203 controls the display device 200D. Specifically, the display device control unit 203 causes a screen necessary for using the forgery determination system 1 to be displayed. For example, the display device control unit 203 displays, on the display device 200D, image data (hereinafter, also simply referred to as image data) of the personal identification document imaged by the imaging device 200E based on an instruction from the imaging device control unit 201. Further, the display device control unit 203 displays the result of the forgery determination of the personal identification document on the display device 200D.

The transmission unit 204 transmits, for example, information such as imaging data and a forgery determination instruction to the authentication server 3. The receiving unit 205 receives information transmitted from the authentication server 3. The storage device controller 210 controls the storage device 200B. Specifically, the storage device control unit 210 controls the storage device 200B to write and read information.
(Authentication server 3)
The authentication server 3 performs a forgery determination on the identity verification document based on information transmitted from the user terminal 2 (imaging data transmitted from the user terminal 2 and a forgery determination instruction).

  FIG. 3A is a hardware configuration diagram of the authentication server 3, and FIG. 3B is a functional block diagram of the authentication server 3. Hereinafter, the authentication server 3 will be described with reference to FIGS.

  As shown in FIG. 3A, the authentication server 3 has a configuration in which a communication IF 300A, a storage device 300B, and a CPU 300C are connected via a bus 300D.

  The communication IF 300A is an interface for communicating with the user terminal 2.

  The storage device 300B is, for example, an HDD or a semiconductor storage device. The storage device 300B stores a forgery determination program used in the forgery determination system 1, and the like. The storage device 300B stores a database of rules for forgery determination used in the determination unit 354 described below.

  The rule database stores regular format layout information of the personal identification document and regular rules in the determination reference area of the personal identification document. The identification document is prepared according to a predetermined format. Therefore, the format layout is determined according to the type of the identity verification document. The format layout information is information indicating which item is arranged in which position (area) for each type of the identity verification document. Further, the determination reference area of the personal identification document is an entire or a part of the area of the personal identification document used for determining the forgery of the personal identification document. Characteristic format data is determined for each of the determination reference areas. Such information is stored in the rule database. In the present embodiment, the rule database is stored in the storage device 300B of the authentication server 3, but may be downloaded or read via the network 4 as needed.

  The CPU 300C controls the authentication server 3 and includes a ROM (Read Only Memory) and a RAM (Random Access Memory) not shown.

  As shown in FIG. 3B, the authentication server 3 has functions such as a receiving unit 301, a storage device control unit 308, a transmitting unit 309, a data obtaining unit 351, an extracting unit 352, a recognizing unit 353, and a determining unit 354. . The function shown in FIG. 3B is realized by the CPU 300C executing a forgery determination program stored in a ROM (not shown) of the authentication server 3.

  The receiving unit 301 receives information transmitted from the user terminal 2, for example, imaging data and a forgery determination instruction.

  The storage device control unit 308 controls the storage device 300B. Specifically, the storage device control unit 308 controls the storage device 300B to write and read information.

  The transmitting unit 309 transmits the result of the determination made by the determining unit 354 (whether or not the identity verification document is forged) to the user terminal 2.

  The data acquisition unit 351 acquires the image data of the personal identification document transmitted from the user terminal 2. Specifically, the data acquisition unit 351 acquires image data of the personal identification document imaged by the imaging device 200E of the user terminal 2. Note that the data acquisition unit 351 may acquire the imaging data of the personal identification document once stored in the storage device 300B of the authentication server 3.

  The extraction unit 352 is based on the image layout data stored in the storage device 300B, the user terminal 2 via the network 4, or another server (not shown) based on the image data acquired by the data acquisition unit 351, and confirms the identity verification document. The imaging data corresponding to the determination reference area is extracted as determination target data. For example, when an area in which the “name” of the personal identification document is described as the determination reference area, the extraction unit 352 extracts an area in which the “name” is described from the imaging data of the personal identification document and determines this as a determination target. Data.

  The recognition unit 353 recognizes a rule from the determination target data extracted by the extraction unit 352. The rules recognized here include format rules such as character arrangement rules, font rules, and address posting rules, and rules representing identity verification documents such as image rules and check digits. In the present embodiment, these are referred to as rules such as a format. As an example, when the extraction unit 352 extracts an area in which “name” is described as the determination target data, the recognition unit 353 recognizes the format rule of “name” from the determination target data. The recognizing unit 353 may perform character recognition by OCR (Optical Character Recognition) on the imaging data acquired by the data acquiring unit 351 and the determination target data extracted by the extracting unit 352. When character recognition is performed by the recognizing unit 353, the character layout (order of character information such as name, date of birth, real name, and address) of the personal identification document and the like are used as format layout information.

  The determination unit 354 determines the forgery of the identity verification document based on the result of the comparison between the rule such as the format recognized by the recognition unit 353 and the rule such as the regular format in the determination reference area stored in the storage device 300B or the like. I do. For example, when the area of “name” is set as the determination reference area, the determination unit 354 determines the rule of the format or the like recognized by the recognition unit 353 (the format or the like recognized from the imaging data of “name” that is the determination target data). Rule) and a rule such as a formal format of “name” stored in the storage device 300B or the like, and if they do not match, it is determined to be a forgery.

(Counterfeit judgment method)
FIG. 4 is a flowchart illustrating the forgery determination method according to the present embodiment.
The forgery determination method according to the present embodiment includes steps S101 to S105 illustrated in FIG. 4 and is performed by the forgery determination system 1 described above.

(Step S101)
First, as shown in step S101, rules such as a format are stored. That is, the storage device 300B stores the regular format layout information of the personal identification document and the rules such as the regular format in the determination reference area of the personal identification document. Note that the format layout information of the identity verification document and the rules such as the regular format in the determination reference area of the identity verification document may be stored in the storage device 300B or another server (not shown) in advance.

(Step S102)
Next, as shown in step S102, the data acquisition unit 351 acquires imaging data. Specifically, the user U operates the input device 200C of the user terminal 2 to perform an operation of imaging an identity verification document. The input receiving unit 202 receives an input operation on the input device 200C. The imaging device control unit 201 controls the imaging device 200 </ b> E to capture an image based on the input operation received by the input reception unit 202. The imaging data of the personal identification document imaged by the imaging device 200E is temporarily stored in the storage device 200B by the storage device control unit 210. The imaging data of the personal identification document stored in the storage device 200B is transmitted to the authentication server 3 by the transmission unit 204 of the user terminal 2. The imaging data is temporarily stored in the storage device 300B of the authentication server 3. The imaging data of the personal identification document stored in the storage device 300B is acquired by the data acquisition unit 351.

(Step S103)
Next, as shown in step S103, data to be determined is extracted. That is, the extraction unit 352 performs a process of extracting, from the imaging data acquired by the data acquisition unit 351, imaging data corresponding to the determination reference area as determination target data based on the format layout information stored in the storage device 300B or the like. Do.

(Step S104)
Next, as shown in step S104, recognition of rules such as a format is performed. That is, the recognition unit 353 performs a process of recognizing a rule such as a format from the determination target data extracted by the extraction unit 352.

(Step S105)
Next, forgery is determined as shown in step S105. That is, the determination unit 354 generates a forgery of the identity verification document based on the result of the comparison between the rule such as the format recognized by the recognition unit 353 and the rule such as the regular format in the determination reference area stored in the storage device 300B or the like. Is determined. That is, the determination unit 354 compares the rule such as the format recognized from the determination target data by the recognition unit 353 with the rule such as the regular format in the determination reference area stored in the storage device 300B or the like, and does not match. In such a case, a process for determining that it is a forgery is performed.

  The result of the forgery determination is transmitted to the user terminal 2 by the transmission unit 309, and displayed on the display device 200D of the user terminal 2.

(Specific example of forgery judgment)
Next, a specific example of the forgery determination of the identity verification document will be described. In this specific example, the forgery determination of a driver's license, which is an example of an identity verification document, will be described. In performing the forgery determination of the driver's license, at least one of the storage device 300B and another server (not shown) previously stores the format layout information of the driver's license and the regular format rules in the determination region of the driver's license. Are stored. The format layout information of the driver's license is area information corresponding to each item (name, permanent address, address, grant date, expiration date, etc.) of the driver's license (information of the area where the item is described with respect to a predetermined reference position of the driver's license) ). The regular format rule in the determination reference area is a format rule determined for each item of the driver's license.

(Name array)
FIG. 5 is a flowchart illustrating an example of forgery determination based on an array of names.
6A to 6C are schematic diagrams illustrating an example of forgery determination based on an array of names.

(Step S201)
First, as shown in step S201, the data acquisition unit 351 acquires imaging data of a driver's license. FIG. 6A exemplifies image data of a driver's license. The imaging data may be data captured by the imaging device 200E of the user terminal 2 or data captured by a camera or a scanner separately. Alternatively, image data stored in the storage device 200B or the storage device 300B of the authentication server 3 in advance may be read.

(Step S202)
Next, as shown in step S202, a name area is extracted by the extraction unit 352. The extracting unit 352 extracts the name region R1 from the image data of the driving license shown in FIG. 6A based on the format layout information of the driving license. That is, the format layout information of the driver's license includes coordinate information of an area in which the name of the driver's license is described. The extraction unit 352 extracts the imaging data of the name area R1 from the coordinate information of the area of the name included in the format layout information based on, for example, the coordinates of a feature point such as a corner of the imaging data of the driver's license. The imaging data of the name region R1 is the data to be determined. When character recognition is performed by the OCR in the recognition unit 353, the character of "name" is recognized, and the characters before the character representing the era (Showa, Heisei, etc.) are set as the name region R1. Is also good.

(Step S203)
Next, as shown in step S203, the recognition unit 353 recognizes an array of names. The recognizing unit 353 recognizes a character array from the image data of the name area R1 that is the determination target data. Specifically, the position and interval of each character of the name in the name region R1 are recognized. In the example shown in FIG. 6B, for the name “Hanako Nihon”, the name is two characters, the name is two characters, and there is a space (space) for one character before “day”, and “day” There is a space of two characters between "book" and "book", a space of three characters between "book" and "flower", and two spaces between "flower" and "child". There is a space, and there is a space for one character after “child”. The recognition unit 353 recognizes such a character arrangement pattern.

(Step S204)
Next, as shown in step S204, an array rule for names is read. The arrangement rule of names is stored in the storage device 300B or the like. FIG. 6C shows a list of name arrays. This list is an example of Tokyo, but a list of name arrays is prepared corresponding to each prefecture. The list of name arrays shows the name character array rules (character positions and number of blank spaces) corresponding to the number of characters of the name and the number of characters of the first name. For example, in Tokyo, in the case of 2 characters and 2 characters, "1 blank space + 1st character + 2 blank characters + 2nd blank character + 3 blank spaces + 1st blank character + 2 blank spaces It can be seen that the arrangement rule is “minute + name second character + blank one character”. In step S204, the name arrangement rule may be referred to instead of reading the name arrangement rule.

(Step S205)
Next, as shown in step S205, the determination unit 354 determines whether or not the name arrangement rule matches. That is, the determination unit 354 determines whether the array of names of the determination target data recognized by the recognition unit 353 matches the rule of the regular name array.

(Step S206)
Next, as shown in step S206, the determination unit 354 determines "not a forgery" when the rule of the regular name array is met (YES in S205).

(Step S207)
Next, as shown in step S207, when the rule does not match the rule of the formal name array (NO in S205), the determination unit 354 determines that "forgery".

  The result of the forgery determination is transmitted to the user terminal 2 by the transmission unit 309, and displayed on the display device 200D of the user terminal 2.

  The rules for the name array of the driver's license are determined in advance for the number of characters of the name and for each prefecture. Therefore, by recognizing the array of names from the image data of the driver's license and determining the consistency with the predetermined regular name arrangement rule, it is possible to determine whether or not the forgery is forged.

(Address posting rules)
FIG. 7 is a flowchart illustrating an example of forgery determination based on the address posting rule.
FIGS. 8A to 8C are schematic diagrams illustrating an example of forgery determination based on an address posting rule.

(Step S301)
First, as shown in step S301, the data acquisition unit 351 acquires imaging data of a driver's license. FIG. 8A exemplifies image data of a driver's license. The imaging data may be data captured by the imaging device 200E of the user terminal 2 or data captured by a camera or a scanner separately. Alternatively, image data stored in the storage device 200B or the storage device 300B of the authentication server 3 in advance may be read.

(Step S302)
Next, as shown in step S302, the extraction unit 352 extracts an address area. The extracting unit 352 extracts the address area R2 from the image data of the driving license shown in FIG. 8A based on the format layout information of the driving license. That is, the format layout information of the driver's license includes coordinate information of an area in which the address of the driver's license is described. The extracting unit 352 extracts the image data of the address area R2 from the coordinate information of the address area included in the format layout information, based on, for example, the coordinates of a feature point such as a corner of the image data of the driver's license. The imaging data of the address area R2 is the data to be determined. When character recognition is performed by the OCR in the recognition unit 353, the character of "address" may be recognized, and the subsequent character up to the character of "grant" may be set as the address region R2.

(Step S303)
Next, as shown in step S303, the recognition unit 353 recognizes the posting rule of the address. The recognizing unit 353 recognizes an address posting rule from the image data of the address area R2 that is the determination target data. Specifically, the characters in the address area R2 are recognized, and the names of prefectures, municipalities, and addresses are separated. In the example shown in FIG. 8B, for the address "Kawaguchi-shi, Saitama-ken", the prefecture name "Saitama-ken", the municipal name "Kawaguchi-shi", and the address "Ooo" are separated.

(Step S304)
Next, as shown in step S304, an address posting rule is read. The posting rule of the address is stored in the storage device 300B or the like. FIG. 8C shows an example of an address posting rule. For example, in the case of Saitama Prefecture, there is a rule that the prefecture name “Saitama Prefecture” is not described, but is listed from the municipal name. In addition, in the case of Tokyo, there is a rule published from the prefecture name "Tokyo". In step S304, an address posting rule may be referred to instead of reading the address posting rule.

(Step S305)
Next, as shown in step S305, the determination unit 354 determines whether the regular address posting rule matches. That is, the determination unit 354 determines whether or not the posting rule of the address of the determination target data recognized by the recognition unit 353 matches the regular address posting rule for each prefecture.

(Step S306)
Next, as shown in step S306, when the determination unit 354 matches the regular address posting rule (YES in step S305), the determination unit 354 determines that “it is not forgery”.

(Step S307)
Next, as shown in step S307, when the address does not conform to the regular address posting rule (NO in step S305), the determination unit 354 determines that "forgery".

  The result of the forgery determination is transmitted to the user terminal 2 by the transmission unit 309, and displayed on the display device 200D of the user terminal 2.

  The rules for listing the address of a driver's license are predetermined for each prefecture. Therefore, by recognizing the address posting rule from the image data of the driver's license and judging the consistency with the predetermined regular address posting rule, it is possible to determine whether or not it is forgery.

(Font rule: expiration date)
FIG. 9 is a flowchart illustrating an example of forgery determination based on the font rule for the expiration date.
FIGS. 10A and 10B are schematic diagrams illustrating an example of forgery determination based on a font rule for an expiration date.

(Step S401)
First, as shown in step S401, the data acquisition unit 351 acquires image data of a driver's license. FIG. 10A exemplifies image data of a driver's license. The imaging data may be data captured by the imaging device 200E of the user terminal 2 or data captured by a camera or a scanner separately. Alternatively, image data stored in the storage device 200B or the storage device 300B of the authentication server 3 in advance may be read.

(Step S402)
Next, as shown in step S401, the expiration date area is extracted by the extraction unit 352. The extraction unit 352 extracts the expiration date region R3 from the imaging data of the driving license shown in FIG. 10A based on the format layout information of the driving license. That is, the format layout information of the driver's license includes coordinate information of an area in which the expiration date of the driver's license is described. The extraction unit 352 extracts the image data of the expiration date region R3 from the coordinate information of the expiration date region included in the format layout information, based on the coordinates of the feature points such as the corners of the imaging data of the driver's license. The imaging data of the expiration date area R3 is the data to be determined. In the case where the recognition unit 353 performs character recognition by OCR, for example, a “valid” character may be recognized, and a predetermined number of characters before that may be set as the expiration date region R3.

(Step S403)
Next, as shown in step S403, the recognition unit 353 performs font recognition. The recognizing unit 353 recognizes a font of a character indicating an expiration date from the imaging data of the expiration date area R3 that is the determination target data. Specifically, the font of the character “until” is recognized from the expiration date area R3.

(Step S404)
Next, as shown in step S404, font rules are read. The font rule of the character with the expiration date is stored in the storage device 300B or the like. FIG. 10B shows an example of a font rule for characters with an expiration date of “until”. The font rules for the characters up to the expiration date are determined for each prefecture. In step S404, the font rules may be referred to instead of reading the font rules.

(Step S405)
Next, as shown in step S405, the determination unit 354 determines whether or not the font rules match. That is, the determination unit 354 determines whether the font rule recognized by the recognition unit 353 matches the regular font rule for each prefecture.

(Step S406)
Next, as shown in step S406, when the determination unit 354 matches the regular font rule (YES in step S405), the determination unit 354 determines that “it is not forgery”.

(Step S407)
Next, as shown in step S407, when the determination unit 354 does not conform to the regular font rules (NO in step S405), the determination unit 354 determines that "forgery".

  The result of the forgery determination is transmitted to the user terminal 2 by the transmission unit 309, and displayed on the display device 200D of the user terminal 2.

  Font rules for characters that indicate the expiration date of the driver's license are predetermined for each prefecture. Therefore, by recognizing the font rule of the character of the expiration date from the image data of the driver's license and determining the conformity with the predetermined regular font rule, it is possible to determine whether or not the forgery is forgery. .

(Font rules: license conditions)
FIGS. 11A and 11B are schematic diagrams illustrating an example of forgery determination based on a font rule of a license condition.
The forgery determination process based on the font rule of the license condition is the same as the flowchart shown in FIG. 9, but the determination target data is the imaging data of the “license condition” portion. That is, the extraction unit 352 extracts a region (license condition region R4) in which the license conditions shown in FIG. 11A are described.

  Then, as shown in FIG. 11 (b), the font rules of the characters that carry the "license conditions" are read. This font rule is also determined for each prefecture. Then, the determination unit 354 determines whether or not the font rules of the characters carrying the “license conditions” recognized by the recognition unit 353 match the regular font rules for each prefecture. If it conforms to the regular font rule, it is determined to be "forgery", and if it does not conform to the regular font rule, it is determined to be "forgery".

  The result of the forgery determination is transmitted to the user terminal 2 by the transmission unit 309, and displayed on the display device 200D of the user terminal 2.

  The font rules for the characters on which the "license conditions" of the driver's license are posted are also predetermined for each prefecture. Therefore, by recognizing the font rules of the characters that carry the "license conditions" from the image data of the driver's license and judging the match with the predetermined regular font rules, it is determined whether or not the forgery is forged. Can be determined.

(Type of license)
FIG. 12 is a flowchart illustrating an example of forgery determination based on the type of license.
FIGS. 13A and 13B are schematic diagrams illustrating an example of forgery determination based on the type of license.

(Step S501)
First, as shown in step S501, the data acquisition unit 351 acquires imaging data of a driver's license. FIG. 13A exemplifies image data of a driver's license. The imaging data may be data captured by the imaging device 200E of the user terminal 2 or data captured by a camera or a scanner separately. Alternatively, image data stored in the storage device 200B or the storage device 300B of the authentication server 3 in advance may be read.

(Step S502)
Next, as shown in step S502, the extraction unit 352 extracts areas of the date of grant and the type of license. The extraction unit 352 extracts a grant date region R5 and a region (license type region R6) in which the type of license is posted from the imaging data of the driver license shown in FIG. 13A based on the format layout information of the driver's license. I do. That is, the format layout information of the driver's license includes the coordinate information of the area in which the date of issuance of the driver's license and the type of the license are described. The extraction unit 352 extracts the issuance date area R5 and the license type from the coordinate information of the area of the issuance date and the license type included in the format layout information with reference to the coordinates of the feature points such as the corners of the imaging data of the driver's license. The imaging data of the region R6 is extracted. The imaging data of the grant date area R5 and the license type area R6 is the determination target data.

(Step S503)
Next, as shown in step S503, the recognition unit 353 recognizes the date of grant and the type of license. The recognizing unit 353 recognizes the grant date from the imaging data of the grant date area R5, which is the determination target data. In addition, the recognition unit 353 recognizes the description pattern of the license type from the imaging data of the license type region R6 that is the determination target data. The description pattern of the type of license is, for example, an arrangement of characters indicating a operable type such as "large, medium, normal, large, ...".

(Step S504)
Next, as shown in step S504, an arrangement rule of the license type is read. The arrangement rule of the license type is stored in the storage device 300B or the like. FIG. 13B shows an example of a license type arrangement rule. A list of name arrays is shown. The arrangement rules (description patterns) of license types differ depending on the date of grant. For example, the driver's license issued on March 11, 2017 and the driver's license issued on or after March 12, 2017 have different patterns in the upper and lower parts of the license type. I have. In step S504, a license type arrangement rule may be referred to instead of reading the license type arrangement rule.

(Step S505)
Next, as shown in step S505, the determination unit 354 determines whether or not the license type arrangement rule matches. That is, the determination unit 354 determines whether or not the description pattern of the license type of the determination target data recognized by the recognition unit 353 matches the rule of the array corresponding to the date of grant.

(Step S506)
Next, as shown in step S506, when the determination unit 354 matches the rule of the arrangement of the license types corresponding to the grant date (YES in step S505), the determination unit 354 determines that "it is not forgery".

(Step S507)
Next, as shown in step S507, when the determination unit 354 does not match the rules of the array (NO in step S505), the determination unit 354 determines that the forgery is made.

  The result of the forgery determination is transmitted to the user terminal 2 by the transmission unit 309, and displayed on the display device 200D of the user terminal 2.

  The rules for the arrangement of driver license types are determined according to the date of license issuance. Therefore, by recognizing the arrangement pattern of the date of issue and the type of license from the imaging data of the driver's license, and determining the conformity with the predetermined arrangement rule, it is possible to determine whether or not the forgery is forged. . In the case where the character recognition is performed by the OCR in the recognition unit 353, the character described in the license type may be recognized, and the forgery determination may be performed by the determination unit 354 by comparing the text of the character of the license type with the text data. .

(stamp)
FIG. 14 is a flowchart illustrating an example of forgery determination using a seal.
FIGS. 15A and 15B are schematic diagrams illustrating an example of forgery determination using a seal.

(Step S601)
First, as shown in step S601, the data acquisition unit 351 acquires imaging data of a driver's license. FIG. 15A illustrates an example of image data of a driver's license. The imaging data may be data captured by the imaging device 200E of the user terminal 2 or data captured by a camera or a scanner separately. Alternatively, image data stored in the storage device 200B or the storage device 300B of the authentication server 3 in advance may be read.

(Step S602)
Next, as shown in step S602, the stamp area is extracted by the extraction unit 352. The extracting unit 352 extracts the seal area R7 and the public safety commission area R8 from the image data of the driving license shown in FIG. 15A based on the format layout information of the driving license. That is, the format layout information of the driver's license includes coordinate information of an area in which the seal of the driver's license and the name of the Public Safety Commission are described. The extraction unit 352 extracts the image data of the seal area R7 and the public safety committee area R8 from the coordinate information of the area of the seal included in the format layout information based on, for example, the coordinates of a feature point such as a corner of the image data of the driver's license. Is extracted. The imaging data of the seal area R7 and the Public Safety Commission area R8 is the data to be determined.

(Step S603)
Next, as shown in step S603, the image data of the seal is recognized by the recognition unit 353. The recognizing unit 353 recognizes the image data of the seal from the image data of the seal area R7, which is the determination target data, and recognizes the name of the Public Safety Commission from the image data of the Public Safety Commission area R8.

(Step S604)
Next, as shown in step S604, the image data of the seal is read. The image data of the seal is stored in the storage device 300B or the like. FIG. 15B shows an example of the image data of the seal. The image data of the seal is determined by the public safety committee of each prefecture. FIG. 15B shows an example of image data of a seal of the Tokyo Metropolitan Public Safety Commission and image data of a seal of the Kanagawa Prefectural Public Safety Commission. In step S604, instead of reading the image data of the seal, the image data of the seal may be referred to.

(Step S605)
Next, as shown in step S605, the determination unit 354 determines whether the image data of the seal matches. That is, the determination unit 354 determines whether the image data of the seal of the determination target data recognized by the recognition unit 353 matches the regular image data of the seal for each public safety committee of each prefecture.

(Step S606)
Next, as shown in step S606, when the regular image data of the seal matches (YES in step S605), the determination unit 354 determines that the image is not forgery.

(Step S607)
Next, as shown in step S607, when the regular image data of the seal does not match (NO in step S605), the determination unit 354 determines that the image is forged.

  The result of the forgery determination is transmitted to the user terminal 2 by the transmission unit 309, and displayed on the display device 200D of the user terminal 2.

  The image data of the seal of the driver's license is determined in advance by the public safety committees of each prefecture. Therefore, by recognizing the image data of the seal from the image data of the driver's license and judging the coincidence with the predetermined image data of the predetermined seal, it is possible to determine whether the image is forged. Note that the determination unit 354 may perform the forgery determination using the information on the feature points of the image data of the seal. For example, the forgery determination may be performed based on the feature of the pixel value change of a part of the seal frame or character, or the feature of the pixel value change on a predetermined scan line in the image data of the seal. In this case, the characteristic points of the legitimate seal are stored in the storage device 300B.

(Check digit)
FIG. 16 is a flowchart illustrating an example of forgery determination using a check digit.
FIGS. 17A and 17B are schematic diagrams illustrating an example of forgery determination using a check digit.

(Step S701)
First, as shown in step S701, the data acquisition unit 351 acquires image data of a driver's license. FIG. 17A exemplifies image data of a driver's license. The imaging data may be data captured by the imaging device 200E of the user terminal 2 or data captured by a camera or a scanner separately. Alternatively, image data stored in the storage device 200B or the storage device 300B of the authentication server 3 in advance may be read.

(Step S702)
Next, as shown in step S702, the extraction unit 352 extracts a number area. Based on the format layout information of the driver's license, the extracting unit 352 extracts the area (license number area R9) and the public safety committee area R8 in which the license number is described from the image data of the driver's license shown in FIG. Extract. That is, the format layout information of the driver's license includes the coordinate information of the area where the license number of the driver's license is described and the area where the name of the Public Safety Commission is described. The extraction unit 352 extracts the image data of the license number area R9 and the public safety committee from the coordinate information of the area of the license number included in the format layout information on the basis of the coordinates of a feature point such as a corner of the image data of the driver's license. The imaging data of the region R8 is extracted. The imaging data in the license number area R9 and the Public Safety Commission area R8 is the data to be determined.

(Step S703)
Next, as shown in step S703, the recognition unit 353 recognizes the text of the number. The recognizing unit 353 recognizes the text data of the license number from the image data in the license number area R9, which is the determination target data, and recognizes the name of the Public Safety Commission from the image data in the Public Safety Commission area R8. Specifically, it recognizes the text data of the 12-digit license number and the name of the Public Safety Commission.

(Step S704)
Next, as shown in step S704, a check digit is read. The check digit is stored in the storage device 300B or the like. FIG. 17B shows an example of a license digit check digit. The license number contains certain check digits. The check digit of the license number is determined by each prefecture's Public Safety Commission. For example, the first and second digits of the license number indicate the code of the Public Security Council that issued the driver's license. The eleventh digit of the license number indicates a check digit calculated by a predetermined formula based on the upper ten digits. In step S704, a check digit may be referred to instead of reading the check digit.

(Step S705)
Next, as shown in step S705, the determination unit 354 determines whether the check digits match. That is, the determination unit 354 determines whether the check digit based on the license number of the determination target data recognized by the recognition unit 353 matches the check digit defined for each prefecture's public safety committee.

(Step S706)
Next, as shown in step S606, when the check digits match (YES in step S705), the determination unit 354 determines that "it is not forgery".

(Step S706)
Next, as shown in step S606, when the check digits do not match (NO in step S705), the determination unit 354 determines that the forgery is “forgery”.

  The result of the forgery determination is transmitted to the user terminal 2 by the transmission unit 309, and displayed on the display device 200D of the user terminal 2.

  The license number of the driver's license contains a check digit predetermined by the public safety commission of each prefecture. Therefore, by recognizing the license number and the name of the Public Safety Commission from the image data of the driver's license, and determining the match with the predetermined check digit, it is possible to determine whether or not it is forgery.

  Although specific examples of forgery determination in the forgery determination system 1 according to the present embodiment have been described above, forgery determination may be performed by combining a plurality of these specific examples. The greater the number of combinations, the more accurate forgery determination can be performed. Further, even in a case other than the above specific example, forgery determination can be performed by collation with a rule such as a regular format.

(Counterfeit judgment program)
The forgery determination program according to the present embodiment includes a computer (for example, the user terminal 2 and the authentication server 3) configured to send a data acquisition unit 351 for acquiring image data of an identity verification document, a formal format layout information of the identity verification document, and an identity verification. Referring to a storage unit (for example, the storage device 300B) that stores regular format data in the determination reference area of the document, based on the format layout information stored in the storage device 300B from the imaging data acquired by the data acquisition unit 351. An extraction unit 352 for extracting imaging data corresponding to the determination reference area as determination target data, a recognition unit 353 for recognizing rules such as a format from the determination target data extracted by the extraction unit 352, and a format recognized by the recognition unit 353. And a rule such as a regular format in the determination reference area stored in the storage device 300B. Based on the comparison result, to function as the determination unit 354 determines counterfeiting of identification documents. The forgery determination program is realized by performing each step of the forgery determination method described above as a program process by the CPU 200G.

  The forgery determination program according to the present embodiment may be stored in a computer-readable storage medium (DVD-ROM or the like). Further, the forgery determination program according to the present embodiment may be configured to be able to be distributed via the network 4.

(effect)
As described above, the forgery determination system 1 according to the first embodiment is the forgery determination system 1 for determining forgery of an identity verification document, and includes a data acquisition unit 351 that acquires imaging data of an identity verification document, Referring to the storage device 300B that stores the rules such as the formal format layout information of the identity verification document and the formal format in the determination reference area of the identity verification document, the image data acquired by the data acquisition unit 351 is transferred to the storage device 300B. Based on the stored format layout information, an extraction unit 352 that extracts imaging data corresponding to a determination reference area as determination target data, and a recognition unit 353 that recognizes a rule such as a format from the determination target data extracted by the extraction unit 352. And the format data recognized by the recognition unit 353 and the regular format in the determination reference area stored in the storage device 300B. Based on the rules of the collation result, and a determination unit 354 determines forged identification documents, the.

  With such a configuration, forgery of the identity verification document is determined based on the result of matching the rules such as the format in the data to be determined in the imaging data of the identity verification document with the rules such as the regular format in the determination reference area. For this reason, forgery can be determined based on rules such as a format without using data of a legitimate identity verification document. This eliminates the need for a large-scale system configuration that uses enormous information such as image information (photos and the like) and text information (information on each item) of a legitimate personal identification document in advance, and can be easily used in a small store or window. It is possible to introduce. In addition, since it is determined whether or not forgery is based on rules such as a format, it is possible to accurately determine even a small amount of information.

  Further, the storage device 300B stores the character arrangement rule in the determination reference area, the recognition unit 353 recognizes the character arrangement from the determination target data, and the determination unit 354 determines the character arrangement recognized by the recognition unit 353. Then, forgery of the identity verification document is determined based on the result of the collation with the regular arrangement rule of the characters in the determination reference area stored in the storage device 300B. This makes it possible to accurately determine whether or not forgery is performed even with a small amount of information, based on the character arrangement rules.

  The storage device 300B stores the posting rule of the address in the determination reference area, the recognition unit 353 recognizes the posting rule of the address from the determination target data, and the determination unit 354 determines the address of the address recognized by the recognition unit 353. Forgery of the identity verification document is determined based on the result of matching the posting rule with the regular posting rule of the address in the determination reference area stored in the storage device 300B. As a result, it is possible to determine with high accuracy even if the amount of information is small, based on the posting rule of the address.

  Further, storage device 300B stores the font rules of the characters in the determination reference area, recognition section 353 recognizes the font of the character from the data to be determined, and determination section 354 displays the font of the character recognized by recognition section 353. Then, forgery of the identity verification document is determined based on the result of the comparison with the normal font rule of the character in the determination reference area stored in the storage device 300B. As a result, it is possible to determine with high accuracy even if the amount of information is small, based on the font rules of the characters.

  Further, storage device 300B stores regular image data of the seal in the determination reference area, recognition section 353 recognizes the image data of the seal from the data to be determined, and determination section 354 recognizes the image data of the seal. Forgery of the identity verification document is determined based on the result of the comparison between the image data of the seal and the regular image data of the seal in the determination reference area stored in the storage device 300B. As a result, it is possible to accurately determine whether or not forgery is performed even with a small amount of information, based on the image data of the seal.

  The storage device 300B stores a check rule based on the text information in the determination reference area, the recognition unit 353 recognizes the text information from the determination target data, and the determination unit 354 stores the text information recognized by the recognition unit 353. The forgery of the identity verification document is determined based on the check result based on the check digit based on the check digit and the check digit based on the text information in the determination reference area stored in the storage device 300B. This makes it possible to accurately determine whether or not forgery is performed even with a small amount of information based on the check digit.

[Modification of First Embodiment]
In the first embodiment, the following (1) to (7) are described as specific examples of the forgery determination method according to the first embodiment shown in FIG. Forgery determination may be performed by combining two or more. For example, when all of the forgery determinations (1) to (7) are generated, if the forgery determination in (1) is determined to be not forgery, the forgery determination in (2) is performed, and the forgery determination is made. Then, the forgery determinations of (1) to (7) are sequentially executed as in the case of performing the forgery determination of (3), and all the forgery determinations of (1) to (7) are cleared (determined as not forgery). ), The identity verification document may be finally determined not to be forgery. In this case, it does not matter in which order the forgery determinations (1) to (7) are performed. Further, when performing forgery determination by combining two or more of the following (1) to (7), it does not matter which of (1) to (7) is combined and the order in which the forgery determination is performed.

(1) Judgment of forgery by array of names (see FIGS. 5 and 6)
(2) Forgery judgment based on the address posting rule (see FIGS. 7 and 8)
(3) Forgery determination based on the font rule for the expiration date (see FIGS. 9 and 10)
(4) Forgery determination based on font rules for license conditions (see Fig. 11)
(5) Forgery determination based on license type (see FIGS. 12 and 13)
(6) Forgery judgment by seal (see FIGS. 14 and 15)
(7) Forgery judgment by check digit (see FIGS. 16 and 17)

  In the first embodiment, the authentication server 3 determines whether the identity verification document is forged. However, the user terminal 2 determines whether the identity verification document is forged. It may be. In this case, the user terminal 2 is configured to have the functions of the data acquisition unit 351, the extraction unit 352, the recognition unit 353, and the determination unit 354, and based on the image data of the personal identification document imaged by the user terminal 2, It is preferable to determine whether or not the identity verification document is counterfeit, and display the determination result on the user terminal 2. In this case, a database of rules such as a format for forgery determination may be stored in the storage device 200B, or a format for forgery determination stored in the storage device 300B of the authentication server 3 or another server. Or the like may be referred to.

  Further, the user terminal 2 may have the functions of the data acquisition unit 351 and the extraction unit 352, and the authentication server 3 may have the functions of the recognition unit 353 and the determination unit 354. In this case, the imaging data (judgment target data) corresponding to the judgment reference area extracted by the extraction unit 352 is transmitted from the user terminal 2 to the authentication server 3, and thus transmitted from the user terminal 2 to the authentication server 3. Data volume can be reduced.

[Second embodiment]
Next, an authentication system according to a second embodiment will be described. The authentication system can cooperate with the forgery determination system 1 described above. That is, when it is determined in the forgery determination system 1 that the identity verification document is not forgery, identity verification is performed in the authentication system described below, and impersonation can be effectively prevented.

  As shown in FIG. 1, the authentication system 10 includes a user terminal 2 and an authentication server 3. The user terminal 2 and the authentication server 3 have a configuration connected via a network 4. Here, the configurations of the user terminal 2 and the authentication server 3 of the authentication system 10 are partially the same as the configurations of the user terminal 2 and the authentication server 3 of the forgery determination system 1. The number of user terminals 2 and the number of authentication servers 3 included in the authentication system 10 are arbitrary. The network 4 may be any communication network as long as the user terminal 2 and the authentication server 3 can communicate with each other.

(User terminal 2)
The user terminal 2 is a terminal (for example, a smartphone, a tablet PC (Personal Computer), a desktop PC, a notebook PC, or the like) used by the user U (for example, a user who wants to authenticate himself or herself). The user U performs user authentication using the user terminal 2.

  FIG. 18A is a hardware configuration diagram of the user terminal 2 applied in the authentication system 10, and FIG. 18B is a functional block diagram of the user terminal 2. As shown in FIG. 18A, the user terminal 2 has a configuration in which a communication IF 200A, a storage device 200B, an input device 200C, a display device 200D, an imaging device 200E, an audio output device 200F, and a CPU 200G are connected via a bus 200H. Is provided.

  The communication IF 200A is an interface for communicating with the authentication server 3.

  The storage device 200B is, for example, an HDD or a semiconductor storage device. The storage device 200B stores a forgery determination program and an authentication program (application software). Further, the storage device 200B stores a database in which text data and voice data for instructing a plurality of operations used in an operation instruction unit 208 described later are stored in association with the operation ID.

  In the database, text data and audio data of various operations are stored in association with the operation ID. For example, "Close both eyelids for 3 seconds", "Close left eyelid for 3 seconds", "Close right eyelid for 3 seconds", "Open your mouth wide", "Face to face , "Please nod loudly," "Slowly pronounce" Oh, u, u, o, o, "and" Please put your tongue out. " It is stored in association with the ID.

Table 1 shows an example of the database. As shown in Table 1, text data and audio data of various operations are stored in association with the operation ID.

  In the second embodiment, the user U is instructed to perform an operation by displaying the text data on the display device 200D and outputting the voice data from the voice output device 200F. However, the text data is displayed on the display device 200D. May be instructed to the user U either by displaying the audio data or by outputting the audio data from the audio output device 200F.

  The input device 200C is, for example, a touch panel, a keyboard, a mouse, or the like, and the user U can operate the input device 200C to perform authentication of personal identification.

  The display device 200D is, for example, a liquid crystal monitor or an organic EL monitor. The display device 200D displays a screen necessary for using the authentication system 10 according to the second embodiment.

  The imaging device 200E is, for example, a camera including a solid-state imaging device such as a CCD (charge coupled device) image sensor and a CMOS (complementary MOS) image sensor. The user U uses the imaging device 200E to image a moving image of the personal identification document (hereinafter, also referred to as first imaging data) and a self-taking moving image of the user U (hereinafter, also referred to as second imaging data). It should be noted that by capturing a moving image of the identity verification document, it is possible to confirm that the image is not an image of the identity verification document acquired from the Internet or the like, and the reliability of the identity verification can be improved.

  The audio output device 200F is a speaker and outputs audio.

  The CPU 200G controls the user terminal 2 and includes a ROM (Read Only Memory) and a RAM (Random Access Memory) not shown.

  As shown in FIG. 18B, the user terminal 2 applied in the authentication system 10 includes an imaging device control unit 201, an input reception unit 202, a display device control unit 203, a transmission unit 204, a reception unit 205, and an operation extraction unit. 206, a function of an instruction timing determination unit 207, an operation instruction unit 208, an audio output device control unit 209, and a storage device control unit 210. The function shown in FIG. 18B is realized by the CPU 200G executing a forgery determination program and an authentication program stored in a ROM (not shown) of the user terminal 2.

  The imaging device control unit 201 controls imaging by the imaging device 200E. Specifically, the imaging device control unit 201 controls the imaging device 200E.

  The input receiving unit 202 receives an input operation on the input device 200C.

  The display device control unit 203 controls the display device 200D. Specifically, the display device control unit 203 displays a screen necessary for using the authentication system 10 according to the second embodiment. For example, based on an instruction from the operation instruction unit 208, the display device control unit 203 reads out text data corresponding to the operation ID extracted by the operation extraction unit 206 and displays the text data on the display device 200D. The instruction is displayed on the display device 200D as text (for example, "Please close your eyes for 3 seconds").

  The transmission unit 204 may, for example, capture the imaging data (first and second imaging data), the timing at which the operation was instructed (the timing of the operation instruction determined by the instruction timing determination unit 207 (how many seconds after the start of the imaging of the self-portrait moving image) )), And transmits information of the operation ID (the operation ID extracted by the operation extraction unit 206) to the authentication server 3.

  The receiving unit 205 receives information transmitted from the authentication server 3.

  The operation extraction unit 206 randomly extracts one or more operation IDs from the operation IDs stored in the storage device 200B.

  The instruction timing determination unit 207 randomly determines the timing at which the operation instruction unit 208 (described later) instructs the user U to perform an operation (for example, three seconds or five seconds after the start of capturing a self-portrait moving image).

  The operation instruction unit 208 instructs the user U to perform one or more operations at the timing determined by the instruction timing determination unit 207. Specifically, the operation instruction unit 208 instructs the display device control unit 203 to display the text data corresponding to the operation ID extracted by the operation extraction unit 206 at the timing determined by the instruction timing determination unit 207. I do. The operation instruction unit 208 instructs the audio output device control unit 209 to output audio data corresponding to the operation ID extracted by the operation extraction unit 206 at the timing determined by the instruction timing determination unit 207.

  The audio output device control unit 209 reads out audio data corresponding to the operation ID extracted by the operation extraction unit 206 based on an instruction from the operation instruction unit 208, and outputs the audio data from the audio output device 200F. From the audio output device 200F, an operation instruction is output as audio (for example, “Please close your eyes for 3 seconds”).

  The storage device controller 210 controls the storage device 200B. Specifically, the storage device control unit 210 controls the storage device 200B to write and read information.

(Authentication server 3)
The authentication server 3 applied in the authentication system 10 checks the identity based on information transmitted from the user terminal 2 (first and second imaging data transmitted from the user terminal 2, operation instruction timing, operation ID). The forgery determination of the document and the identification of the user U are performed. Specifically, the authentication server 3 performs a forgery determination of the personal identification document based on the still image data of the personal identification document extracted from the first image data, and determines that the personal identification document is not forged, The identification (authentication) of the user U is performed based on the second imaging data, the timing of the operation instruction, and the operation ID.

  FIG. 19A is a hardware configuration diagram of the authentication server 3, and FIG. 19B is a functional block diagram of the authentication server 3. FIG. 20A is a diagram illustrating the operation of the first determination unit 304 included in the authentication server 3, and FIG. 20B is a diagram illustrating the determination content of the second determination unit 305 included in the authentication server 3. 20 (c) is a diagram for explaining the judgment contents of the third judgment unit 306 of the authentication server 3, and FIG. 20 (d) is a diagram for explaining the judgment contents of the fourth judgment unit 307 of the authentication server 3. . Hereinafter, the authentication server 3 will be described with reference to FIGS.

  As shown in FIG. 19A, the authentication server 3 has a configuration in which a communication IF 300A, a storage device 300B, and a CPU 300C are connected via a bus 300D.

  The communication IF 300A is an interface for communicating with the user terminal 2.

  The storage device 300B is, for example, an HDD or a semiconductor storage device. The storage device 300B stores a forgery determination program, an authentication program, and the like used in the authentication system 10. Further, the storage device 300B stores a database of rules such as a format for forgery determination used in the determination unit 354 and a database in which a plurality of operation contents are stored in association with an operation ID for each operation. The database in which a plurality of operation contents are stored in association with the operation ID for each operation corresponds to the database stored in the storage device 200B of the user terminal 2, and the authentication server 3 is stored in the storage device 300B. By referring to the stored database, it is possible to recognize what operation has been instructed to the user U at the user terminal 2 based on the operation ID transmitted from the user terminal 2.

  The CPU 300C controls the authentication server 3 and includes a ROM (Read Only Memory) and a RAM (Random Access Memory) not shown.

  As shown in FIG. 19B, the authentication server 3 includes a receiving unit 301 (first and second obtaining units), an operation instruction timing recognizing unit 302, a still image data extracting unit 303, a first determining unit 304, and a second determining unit 304. It has functions such as a determination unit 305, a third determination unit 306, a fourth determination unit 307, a storage device control unit 308, a transmission unit 309, an extraction unit 352, a recognition unit 353, and a determination unit 354. The function shown in FIG. 19B is realized by the CPU 300C executing the forgery determination program and the authentication program stored in the ROM (not shown) of the authentication server 3. Note that the description of the extraction unit 352, the recognition unit 353, and the determination unit 354 is omitted below (since the functions are the same as those of the extraction unit 352, the recognition unit 353, and the determination unit 354 of the authentication server 3 according to the first embodiment). ).

  The receiving unit 301 receives information transmitted from the user terminal 2, for example, imaging data (first and second imaging data), operation instruction timing, and operation ID information.

  The operation instruction timing recognizing unit 302 recognizes how many seconds after the start of the imaging of the self-portrait moving image, the operation is instructed, based on the information on the operation instruction timing transmitted from the user terminal 2.

  The still image data extracting unit 303 extracts (cuts out) still image data from the image data (first and second image data) received by the receiving unit 301. Specifically, the still image data extracting unit 303 extracts still image data (hereinafter, also referred to as first image data) of a personal identification document (including a face photograph) from the first image data. Further, the still image data extraction unit 303 extracts, based on the operation instruction timing recognized by the operation instruction timing recognizing unit 302, the second image data received by the reception unit 301 from the still image data before the operation instruction (the second image data). 2 image data) and still image data after the operation instruction (hereinafter, also referred to as third image data). For example, if the timing of the operation instruction recognized by the operation instruction timing recognition unit 302 is three seconds later, the still image data extraction unit 303 uses the second imaging data received by the reception unit 301 before the operation instruction (self Still image data (second image data before 3 seconds after the start of shooting of the moving image) and still image data (third image after 3 seconds from the start of shooting of the self-moving image) after an operation instruction. Data) and extract.

  The first determination unit 304 is based on the first image data and the second image data (still image data including a face photograph of an identity verification document and still image data of the user U) extracted by the still image data extraction unit 303. Then, it is determined whether or not the person in the face photograph of the personal identification document and the user U are the same person (see FIG. 20A).

  Specifically, the first determination unit 304 cuts out an area including a face (object) from the first and second image data. Next, the first determination unit 304 assigns a point that is particularly important to a plurality of places (a plurality of places where the characteristics of a human face appears, such as the outline of the face, the outline of the eyes, the eyebrows, the nose, and the mouth) to the slanted distribution. (Weighting is performed), and the similarity (point: the more similar, the higher the score) of each point assigned by the inclined arrangement is calculated, and the calculated points are added to calculate the total point. Next, the first determination unit 304 calculates a value obtained by standardizing the total score on a scale of 100 points, and determines that the persons are the same person when the value is equal to or greater than a predetermined threshold.

The similarity (point) can be calculated based on, for example, the following viewpoints. The following viewpoint is merely an example, and the similarity may be calculated from another viewpoint (method).
(1) Distance relationship (distance / closeness between eyes)
(2) Angular relationship (fishing eye / spot eye etc.)
(3) Positional relationship in the contour (such as a face whose parts are centered)

  The second determination unit 305 is based on the first image data and the second image data (still image data including a face photograph of an identity verification document and still image data of the user U) extracted by the still image data extraction unit 303. It is determined whether or not the second image data is an image of the user U (whether or not an image of a face photograph such as a personal identification document is diverted) (see FIG. 20B).

  Specifically, the second determination unit 305 cuts out an area including a face (object) from the first and second image data. Next, the second determination unit 305 determines the degree of similarity (score: the more similar the points are, the plurality of points that show the characteristics of the human face, such as the outline of the face, the outline of the eyes, the eyebrows, the nose, and the mouth). (The score is high), and the calculated scores are added to calculate the total score. Next, the second determination unit 305 calculates a value obtained by standardizing the total score on a scale of 100 points, and if the value exceeds a predetermined threshold value (for example, 90 points), impersonation, in other words, the identity verification document is stolen. In such a case, it is determined that the face photograph of the personal identification document has been processed (such as by cutting out the face photograph and taking the user's self-portrait image data) and used as the user's image data. In the second embodiment, the method of calculating the similarity (point) in the second determination unit 305 is the same as that of the first determination unit 304, but the similarity may be calculated by another method. Good.

  The determination method of the first determination unit 304 includes, for example, increasing the weighting ratio (weighting) of a portion (eye, nose, mouth shape, etc.) in which differences (features) of the face appear particularly frequently, and increasing the weight of other portions. By performing a slanted score reduction with a lower score ratio (lightening the weight), if the same person, the total number of points becomes approximately 100 points, and if not the same person, the total number of points becomes approximately 0 points. There is an extreme difference in the total score depending on the situation. Therefore, the characteristics (algorithm) are suitable for determining whether or not they are the same person. On the other hand, since the total score is extremely different depending on whether or not the user is the same person, if the identity verification document is stolen, the face photo of the identity verification document is processed. When the data is used as the user's image data, the image data of the identity verification document and the image data of the user U are the same person, making it difficult to detect spoofing.

  On the other hand, since the determination method of the second determination unit 305 does not perform the slanted allocation (weighting), the determination result (the total number of points) is likely to be affected by a small angle difference such as a face angle. For this reason, even if the same person, it is considered that the total score after standardization will almost never exceed 90 points. That is, when the total score after the standardization exceeds a predetermined threshold value (for example, 90 points), when the identity verification document is stolen, the face photo of the identity verification document is processed (the face photo is cut out and the user is cut off). May be used as the user's image data (for example, if the face of the identity verification document is too similar to the face of the self-portrait, Suspected diversion of face photo).

  As described above, in the second embodiment, the determination as to whether the user is the principal and the determination as to whether the image of the principal is not diverted are determined using two determination methods having different characteristics (algorithms). For this reason, spoofing can be prevented very effectively.

  Note that the above-described determination method of the first determination unit 304 is merely an example, and any other determination method that has characteristics (algorithm) suitable for determining whether or not the same person is described above may employ another inclined distribution ratio. It does not prevent the use of the judgment method. Further, the above-described determination method of the second determination unit 305 is an example, and any other determination method that has characteristics (algorithm) suitable for determining whether to divert a face photograph such as a personal identification document described above may be used. It does not hinder the adoption of the inclination allocation ratio and the use of the determination method. For example, in the determinations by the first determination unit 304 and the second determination unit 305, if the respective characteristics are maintained, the ratio of the inclined arrangement points at the specific locations may be changed, or the determination is made by the load average. For example, various methods can be adopted. Further, a known face authentication method may be used, or the first determination unit 304 and the second determination unit 305 may perform the determination by changing the ratio of the inclined points of the specific location in the known face authentication. It may be. Further, it is optional to select a plurality of locations where the features of the human face appear.

  The third determination unit 306 is based on the still image data before the operation instruction (second image data) extracted by the still image data extraction unit 303 and the still image data after the operation instruction (third image data). It is determined whether the operation corresponding to the operation ID received by the receiving unit 301, that is, the user U has performed the specified operation (see FIG. 20C). Note that a known method can be used for the determination by the third determination unit 306. For example, an image serving as teacher data may be prepared for each operation ID, and the operation corresponding to each operation ID may be machine-learned, and then used for the determination by the third determination unit 306.

  The fourth determination unit 307 is configured to perform the operation before and after the operation instruction based on the still image data before the operation instruction (second image data) and the still image data after the operation instruction (third image data). It is determined whether or not the users U appearing in the still image data are the same person (see FIG. 20D). Note that the method of determination by the fourth determination unit 307 is the same as that of the first determination unit 304, and redundant description will be omitted.

  Note that the determination methods in the first determination unit 304 to the fourth determination unit 307 are not limited to those described above, and various methods can be used.

  The storage device control unit 308 controls the storage device 300B. Specifically, the storage device control unit 308 controls the storage device 300B to write and read information.

  If the determination result of any of the first determination unit 304, the second determination unit 305, the third determination unit 306, and the fourth determination unit 307 is NO, the transmission unit 309 indicates that authentication was not possible (authentication error). To the user terminal 2.

(Processing of the authentication system)
Hereinafter, the processing of the authentication system 10 will be described with reference to FIGS.

(Imaging process)
First, an imaging process in the user terminal 2 of the authentication system 10 will be described with reference to FIG. In FIG. 21, a reference diagram or a sentence (character) indicating the processing content of steps S1101 to S1105 is described on the left of each step.

(Step S1101)
The user U operates the input device 200C of the user terminal 2 to image a moving image of the personal identification document (in FIG. 21, an operation of imaging both sides of the license is illustrated). The input receiving unit 202 receives an input operation on the input device 200C. The imaging device control unit 201 controls the imaging device 200 </ b> E to capture an image based on the input operation received by the input reception unit 202. The imaging data of the personal identification document imaged by the imaging device 200E is temporarily stored in the storage device 200B by the storage device control unit 210.

(Step S1102)
Next, the user U operates the input device 200C of the user terminal 2 to start self-portrait imaging of a moving image (in FIG. 21, the user U's face is illustrated). The input receiving unit 202 receives an input operation on the input device 200C. The imaging device control unit 201 controls the imaging device 200E based on the input operation received by the input reception unit 202, and starts capturing a moving image. The imaging data (first imaging data) of the moving image started by the imaging device 200E is temporarily stored in the storage device 200B by the storage device control unit 210.

(Step S1103)
The action extraction unit 206 randomly extracts one or more action IDs from the actions stored in the storage device 200B (in FIG. 21, “Close your eyes for 3 seconds” is illustrated).

(Step S1104)
The instruction timing determination unit 207 randomly determines a timing at which an operation instruction unit 208 described later instructs the user U to perform an operation ("3 seconds later" is illustrated in FIG. 21).

(Step S1105)
The operation instructing unit 208 instructs the user U to perform one or more operations at the timing determined by the instruction timing determining unit 207 (in FIG. 21, “close eyes for 3 seconds” is illustrated). The display device control unit 203 reads out text data corresponding to the operation ID extracted by the operation extraction unit 206 based on an instruction from the operation instruction unit 208, and displays the text data on the display device 200D. The audio output device control unit 209 reads out audio data corresponding to the operation ID extracted by the operation extraction unit 206 based on an instruction from the operation instruction unit 208, and outputs the audio data from the audio output device 200F. The user U performs an operation according to the instruction (in FIG. 21, the face of the user U whose eyes are closed is illustrated).

(Step S1106)
Next, the user U operates the input device 200C of the user terminal 2 to end the moving image capturing. The input receiving unit 202 receives an input operation on the input device 200C. The imaging device control unit 201 controls the imaging device 200E based on the input operation received by the input reception unit 202, and ends the capturing of the moving image. The storage device control unit 210 ends the storage of the imaging data (second imaging data) in the storage device 200B.

(Step S1107)
The transmission unit 204 includes information on the imaging data (first and second imaging data) stored in the storage device 200B, the timing of the operation instruction determined by the instruction timing determination unit 207, and the operation ID extracted by the operation extraction unit 206. Is transmitted to the authentication server 3.

  Note that, in the above description, the self-shooting video of the user U is imaged after the moving image of the personal identification document is captured. However, after the self-shooting video of the user U is captured, the moving image of the personal verification document is imaged. You may do so. In addition, the first imaging data and the second imaging data are finally transmitted to the authentication server 3 collectively, but the first imaging data and the second imaging data are individually transmitted to the authentication server 3 each time imaging is performed. You may. Further, in step S1101, the personal identification document is imaged using a moving image, but a still image including a face photograph of the personal identification document may be imaged instead of the moving image.

(Authentication process)
Next, an authentication process in the authentication server 3 of the authentication system 10 will be described with reference to FIG.

(Step S1201)
The receiving unit 301 receives information transmitted from the user terminal 2, for example, image data (first and second image data), operation instruction timing, and operation ID information.

(Step S1202)
The operation instruction timing recognizing unit 302 recognizes how many seconds after the start of the imaging of the self-portrait moving image, the operation is instructed, based on the information on the operation instruction timing transmitted from the user terminal 2.

(Step S1203)
The still image data extracting unit 303 extracts still image data from the image data (first and second image data) received by the receiving unit 301. More specifically, the still image data extracting unit 303 extracts still image data (first image data) of a personal identification document (including a face photograph) from the first image data. Further, the still image data extraction unit 303 extracts the still image data before the operation instruction (second image data) and the still image data after the operation instruction (third image data) from the second imaging data received by the reception unit 301. ) To extract. Note that the method of extracting the first to third image data from the first and second image data by the still image data extraction unit 303 has already been described, and thus redundant description will be omitted.

(Step S1204)
The authentication server 3 determines whether the identity verification document is forged. Specifically, the extraction unit 352 extracts the still image data (first image data) of the personal identification document extracted by the still image data extraction unit 303 from the user terminal 2 via the storage device 300B or the network 4, Based on the format layout information stored in the server (not shown), the imaging data corresponding to the determination reference area of the personal identification document is extracted as determination target data. For example, when an area in which the “name” of the personal identification document is described as the determination reference area, the extraction unit 352 extracts an area in which the “name” is described from the imaging data of the personal identification document and determines this as a determination target. Data.

  Next, the recognition unit 353 recognizes rules such as a format from the determination target data extracted by the extraction unit 352. For example, when the extraction unit 352 extracts an area in which “name” is described as the determination target data, the recognition unit 353 recognizes the format rule of “name” from the determination target data.

  Next, the determination unit 354 forges the identity verification document based on the result of the comparison between the rule such as the format recognized by the recognition unit 353 and the rule such as the regular format in the determination reference area stored in the storage device 300B or the like. Is determined. For example, when the area of “name” is set as the determination reference area, the determination unit 354 determines the rule of the format or the like recognized by the recognition unit 353 (the format or the like recognized from the imaging data of “name” that is the determination target data). Rule) and a rule such as a formal format of “name” stored in the storage device 300B or the like, and if they do not match, it is determined to be a forgery.

  In the forgery determination of the personal identification document in step S1204, as in the first embodiment, forgery determination may be performed by combining two or more of the following (1) to (7). To (7) and the order in which forgery determination is performed is not limited.

(1) Judgment of forgery by array of names (see FIGS. 5 and 6)
(2) Forgery judgment based on the address posting rule (see FIGS. 7 and 8)
(3) Forgery determination based on the font rule for the expiration date (see FIGS. 9 and 10)
(4) Forgery determination based on font rules for license conditions (see Fig. 11)
(5) Forgery determination based on license type (see FIGS. 12 and 13)
(6) Forgery judgment by seal (see FIGS. 14 and 15)
(7) Forgery judgment by check digit (see FIGS. 16 and 17)

(Step S1205)
When the determination unit 354 determines that the identity verification document is not forgery (NO in S1204), the first determination unit 304 determines whether the first image data and the second image data extracted by the still image data Based on the still image data including the face photograph of the document and the still image data of the user U), it is determined whether the person in the face photograph of the personal identification document and the user U are the same person. Note that the determination method by the first determination unit 304 has already been described, and thus redundant description will be omitted.

(Step S1206)
When the first determination unit 304 determines that the person in the face photograph of the identity verification document and the user U are the same person (YES in S1205), the second determination unit 305 determines that the second determination unit 305 is stationary. Based on the first image data and the second image data extracted by the image data extraction unit 303 (still image data including a face photograph of an identity verification document and still image data of the user U), the second image data is Is determined (whether or not an image of the face photograph is not diverted). Note that the determination method by the second determination unit 305 has already been described, and thus redundant description will be omitted.

(Step S1207)
When the second determination unit 305 determines that the captured data is a captured image of the user U (YES in S1206), the third determination unit 306 determines whether or not the operation extracted by the still image data extraction unit 303 is to be performed. Based on the still image data (second image data) and the still image data (third image data) after the instruction of the operation, the operation corresponding to the operation ID received by the receiving unit 301, in other words, the user U issues the instruction It is determined whether the performed operation has been performed. Note that the determination method by the third determination unit 306 has already been described, and thus redundant description will be omitted.

(Step S1208)
When the third determination unit 306 determines that the user U has performed the instructed operation (YES in step S1207), the fourth determination unit 307 determines whether the still image data (second image data) before the operation is instructed and the operation It is determined whether or not the user U shown in the still image data before the operation instruction and after the operation instruction is the same person, based on the still image data (third image data) after the instruction. Note that the determination method by the fourth determination unit 307 has already been described, and redundant description will be omitted.

(Step S1209)
If the determination result in the forgery determination process (S1204) is YES, or any of the first determination process (S1205), the second determination process (S1206), the third determination process (S1207), and the fourth determination process (S1208) If the determination result is NO, the authentication server 3 performs an authentication error process. Specifically, the authentication server 3 stops the authentication process, and the transmitting unit 309 transmits to the user terminal 2 a message that the authentication could not be performed (authentication error). When the fourth determination unit 307 determines that the user U has performed the specified operation (YES in S1208), the authentication server 3 ends the authentication processing.

  In the description of FIG. 22, the determination by the first determination unit 304 to the fourth determination unit 307 is performed in order, but the determination order by the first determination unit 304 to the fourth determination unit 307 is the order shown in FIG. The order is not limited. In other words, the order of determination by the first determination unit 304 to the fourth determination unit 307 illustrated in FIG. 22 may be changed.

[Modification of Second Embodiment]
Note that, in the second embodiment, the authentication server 3 has the functions of the first determination unit 304, the second determination unit 305, the still image data extraction unit 303, the third determination unit 306, and the fourth determination unit 307. In the authentication server 3, the authentication process is performed, but the user terminal 2 is configured to execute the first determination unit 304, the second determination unit 305, the still image data extraction unit 303, the third determination unit 306, and the fourth determination unit 307. It may have a function and perform authentication processing in the user terminal 2. In the second embodiment, the user terminal 2 has the functions of the operation extraction unit 206, the instruction timing determination unit 207, and the operation instruction unit 208. Unit 207 has an operation instructing unit 208, and the operation instructing unit 208 transmits the operation extracted by the operation extracting unit 206 at the timing determined by the instruction timing determining unit 207 from the transmitting unit 309 of the authentication server 3 to the user terminal 2. It may be transmitted to.

  Further, the user terminal 2 has the function of the still image data extracting unit 303, and after extracting the first to third still image data from the first and second imaging data, the first to third still image data is transmitted to the authentication server. 3 and the authentication server 3 may perform the authentication of the identity verification described with reference to FIG. 22 based on the first to third still image data transmitted from the user terminal 2. By doing so, the amount of data transmitted from the user terminal 2 can be significantly reduced.

  Further, similarly to the first embodiment, the user terminal 2 may determine whether the personal identification document is forged. In this case, the user terminal 2 is configured to have the functions of the data acquisition unit 351, the extraction unit 352, the recognition unit 353, and the determination unit 354, and based on the image data of the personal identification document imaged by the user terminal 2, It is preferable to determine whether or not the identity verification document is counterfeit, and display the determination result on the user terminal 2. In this case, a database of rules such as a format for forgery determination may be stored in the storage device 200B, or a format for forgery determination stored in the storage device 300B of the authentication server 3 or another server. Or the like may be referred to.

  Further, the user terminal 2 may have the functions of the data acquisition unit 351 and the extraction unit 352, and the authentication server 3 may have the functions of the recognition unit 353 and the determination unit 354. In this case, the imaging data (judgment target data) corresponding to the judgment reference area extracted by the extraction unit 352 is transmitted from the user terminal 2 to the authentication server 3, and thus transmitted from the user terminal 2 to the authentication server 3. Data volume can be reduced.

(effect)
As described above, the authentication system 10 according to the second embodiment is the authentication system 10 for personal identification, and the receiving unit 301 (which acquires the imaging data including the face photograph of the personal identification document and the imaging data of the user). First and second obtaining units), the image data obtained by the first obtaining unit, and the image data obtained by the second obtaining unit, based on the face photograph of the personal identification document, Are determined by the second acquisition unit based on the first determination unit 304 that determines whether or not are the same person, the imaging data acquired by the first acquisition unit, and the imaging data acquired by the second acquisition unit. A second determination unit 305 that determines whether the acquired imaging data is not diverted from another captured image of the user U.

  That is, the authentication system 10 determines whether or not the person in the face photograph of the personal identification document and the user are the same person, and whether or not the image data is a captured image of the user U. As a result, spoofing can be effectively prevented. In addition, since the moving image of the user U is used as the imaging data, there is no possibility that the face photograph of the identification document is processed and used as the imaging data of the user when the identity verification document is stolen. Can be effectively prevented. As a result, the reliability of identity verification is improved.

  Further, the first determination unit 304 and the second determination unit 305 determine whether or not the person of the face photograph of the personal identification document and the user are the same person by different determination algorithms, and determine whether the user is the same person (second acquisition unit). It is determined whether or not the imaging data acquired by (1) is a captured image of the user U. As described above, in the second embodiment, the first determination unit 304 and the second determination unit 305 use different characteristics (algorithms) to confirm whether or not the user is the person and whether to use the image of the person. The determination is made using two determination methods. For this reason, spoofing can be prevented very effectively. As a result, the reliability of identity verification is further improved.

  The authentication system 10 also extracts, from the image data of the user U, still image data before the instruction and still image data after the instruction from the operation instruction unit 208 that instructs the user U to perform one or more operations. A still image data extracting unit 303 and a third determining unit 306 that determines whether the user U has performed the specified operation based on the still image data before the instruction and the still image data after the instruction. I have. Further, the authentication system 10 determines whether or not the user U of the still image data before and after the instruction is the same person based on the still image data before the instruction and the still image data after the instruction. A determination unit 307 is provided. For this reason, spoofing can be more effectively prevented. For example, there is no possibility that a moving image of a user whose identity verification document has been stolen is used as imaging data of the user, and spoofing can be effectively prevented.

  Further, the authentication system 10 includes an operation extracting unit 206 that refers to the storage device 200B in which two or more different operations are stored, and randomly extracts one or more operations from the storage device 200B. The operation extracted by the extraction unit 206 is instructed to the user U. By instructing the randomly extracted operation, it becomes difficult for the spoofer to prepare imaging data corresponding to the instruction in advance, and spoofing can be effectively prevented.

  Further, the authentication system 10 includes an instruction timing determination unit 207 that randomly determines the timing of instructing the operation, and the operation instruction unit 208 instructs the user to perform the operation at the timing determined by the instruction timing determination unit 207. . By setting the timing of instructing the operation to be random, it becomes difficult for the spoofer to prepare imaging data corresponding to the instruction in advance, and spoofing can be effectively prevented.

  In the authentication system 10, the operation instruction unit 208 instructs the user U to perform two or more different operations. By instructing the user U to perform two or more different operations, it becomes difficult for the spoofer to prepare imaging data corresponding to the instruction in advance, and spoofing can be effectively prevented.

  As described above, according to the present embodiment, it is possible to provide a forgery determination system 1, a forgery determination method, and a forgery determination program that can accurately determine forgery of an identity verification document and can reduce the size of the system configuration. Becomes possible.

[Third embodiment]
In the third embodiment, a description will be given of an authentication system that further increases the reliability of personal identification. Specifically, in the third embodiment, the user is allowed to take an image of the front and back surfaces of the identity verification document as a moving image, and the identity verification document is diverted depending on whether the captured identity verification document is thick or not. And that it is in the hands of the user himself. Hereinafter, the authentication system according to the third embodiment will be described with reference to the drawings. However, a configuration different from the authentication system according to the first and second embodiments and its modifications will be described, and the first and second embodiments will be described. The same configuration as the authentication system according to the modification and the modification thereof will not be described again.

  FIG. 23 is a functional block diagram of the user terminal 2 and the authentication server 3 according to the third embodiment. FIG. 23A is a functional block diagram of the user terminal 2, and FIG. 23B is a functional block diagram of the authentication server 3.

(Functional configuration of user terminal 2)
As shown in FIG. 23A, the user terminal 2 according to the third embodiment includes an imaging device control unit 201, an input reception unit 202, a display device control unit 203, a transmission unit 204, a reception unit 205, and an operation extraction unit 206. , An instruction timing determination unit 207, an operation instruction unit 208, an audio output device control unit 209, a storage device control unit 210, and an imaging method instruction unit 211. The function illustrated in FIG. 23A is realized by the CPU 200G executing a management program stored in a ROM (not illustrated) of the user terminal 2. Hereinafter, the functions of the user terminal 2 according to the third embodiment will be described with reference to FIG. 23A, but the functions other than the imaging method instruction unit 211 are the same as those of the user terminal 2 according to the second embodiment. Therefore, duplicate description will be omitted.

  First, data stored in the storage device 200B of the user terminal 2 according to the third embodiment will be described. The storage device 200B of the user terminal 2 according to the third embodiment includes, in addition to the data stored in the storage device 200B of the user terminal 2 according to the second embodiment, text data used by the imaging method instruction unit 211. And audio data are stored in association with the instruction ID.

Table 2 below shows an example of text data and audio data used by the imaging method instruction unit 211. In addition, "Please turn over the identity verification document after the front side imaging is completed." Associated with the instruction ID "B003" may also be referred to as "After the front side imaging is completed, turn the identity verification document over and return it." Good.

  When the imaging process (see FIG. 21) of the authentication system 10 according to the third embodiment is started, the imaging method instruction unit 211 writes the user U at a predetermined interval (for example, several seconds) in Table 2 above. Are presented in ascending order. Specifically, when the imaging process is started, the imaging method instruction unit 211 instructs the display device control unit 203 to display text data corresponding to the instruction ID at predetermined intervals in ascending order of the instruction ID. Further, when the imaging process is started, the imaging method instruction unit 211 instructs the audio output device control unit 209 to output audio data corresponding to the instruction ID at predetermined intervals in the ascending order of the instruction ID.

The display device control unit 203 reads out text data corresponding to the instruction ID at predetermined intervals in ascending order based on the instruction from the imaging method instruction unit 211, and displays the text data on the display device 200D.
Further, based on the instruction from the imaging method instruction unit 211, the audio output device control unit 209 reads audio data corresponding to the instruction ID in ascending order at predetermined intervals and outputs the audio data from the audio output device 200F. Audio data is output from the audio output device 200F as audio.

  In the third embodiment, the display of the text data on the display device 200D and the output of the audio data from the audio output device 200F instruct the user U on the method of imaging the identity verification document. The user U may be instructed on the method of imaging the identity verification document by either displaying the text data or outputting the audio data from the audio output device 200F.

(Functional Configuration of Authentication Server 3)
As shown in FIG. 23B, the authentication server 3 according to the third embodiment includes a receiving unit 301 (first and second acquisition units), an operation instruction timing recognition unit 302, a still image data extraction unit 303, and a first The determination unit 304, the second determination unit 305, the third determination unit 306, the fourth determination unit 307, the storage device control unit 308, the transmission unit 309, the fifth determination unit 310, the extraction unit 352, the recognition unit 353, the determination unit 354, and the like. It has the function of The function shown in FIG. 23B is realized by the CPU 300C executing a management program stored in a ROM (not shown) of the authentication server 3. Hereinafter, the function of the authentication server 3 according to the third embodiment will be described with reference to FIG. 23B, but the functions other than the still image data extraction unit 303 and the fifth determination unit 310 will be described in the second embodiment. Since the authentication server 3 is the same as the authentication server 3, a duplicate description will be omitted.

  The still image data extracting unit 303 extracts (cuts out) still image data from the image data (first and second image data) received by the receiving unit 301. Specifically, the still image data extracting unit 303 extracts still image data (hereinafter, also referred to as first image data) of an identity verification document (a face photograph is included) from the first image data and one or more Still image data (hereinafter, also referred to as fourth image data) when the confirmation document is turned over is extracted.

  Further, the still image data extraction unit 303 extracts, based on the operation instruction timing recognized by the operation instruction timing recognizing unit 302, the second image data received by the reception unit 301 from the still image data before the operation instruction (the second image data). 2 image data) and still image data after the operation instruction (hereinafter, also referred to as third image data). For example, if the timing of the operation instruction recognized by the operation instruction timing recognition unit 302 is three seconds later, the still image data extraction unit 303 uses the second imaging data received by the reception unit 301 before the operation instruction (self Still image data (second image data before 3 seconds after the start of shooting of the moving image) and still image data (third image after 3 seconds from the start of shooting of the self-moving image) after an operation instruction. Data) and extract.

  The fifth determination unit 310 determines whether or not the personal identification document has a thickness from the one or more fourth image data extracted by the still image data extraction unit 303. The determination by the fifth determination unit 310 may be performed by using a known image recognition technology to determine whether the personal identification document is thick or not. For example, the identification document may be recognized using a known image recognition technology, and it may be determined whether or not the identification document has a thickness based on the movement of the identified identification document. Usually, identification documents with a face photograph used for identification (for example, in addition to a driver's license, various identification documents such as a passport (passport), a basic resident register card (with a photo), and a residence card) are 0. Since it has a thickness of about 1 to several mm, when the identity verification document is turned over, it can be determined that the image data has the thickness of the identity verification document. On the other hand, when the image data of the front and back surfaces of the personal identification document are diverted, no thickness appears when the personal identification document is turned over from the front surface to the back surface (or from the back surface to the front surface). Conversely, if the thickness does not appear when flipping from the front side to the back side (or from the back side to the front side) of the personal identification document, the image data of the front and back surfaces of the personal identification document may have been diverted.

  In the third embodiment, the fifth determination unit 310 determines whether or not the personal identification document has a thickness from the one or more fourth image data extracted by the still image data extraction unit 303, so that the personal identification document can be determined. It is possible to confirm whether or not the user U is in the hands of the user U and performs an operation of turning over the identity verification document as instructed. For this reason, the diversion of the image data on the front and back surfaces of the personal identification document can be prevented.

(Imaging process)
FIG. 24 is a flowchart illustrating the processing of the authentication system 10 according to the third embodiment (imaging processing). Hereinafter, the imaging process of the authentication system 10 according to the third embodiment will be described with reference to FIG. Note that the processing after S1101E of the imaging processing of the authentication system 10 according to the third embodiment is the same as the processing after step S1102 of the imaging processing of the authentication system 10 according to the second embodiment described with reference to FIG. Therefore, a duplicate description of the processing after step S1102 will be omitted. In FIG. 24, reference diagrams or sentences (characters) indicating the processing contents of steps S1101A to S1101E are described on the left of each step.

(Step S1101A)
The user U operates the input device 200C of the user terminal 2 to start capturing a moving image of the personal identification document. The input receiving unit 202 receives an input operation on the input device 200C. The imaging device control unit 201 controls the imaging device 200E based on the input operation received by the input reception unit 202, and starts an imaging process. Specifically, when the imaging process is started, the imaging method instruction unit 211 instructs the display device control unit 203 to display the text data corresponding to the instruction ID “B001”. When the imaging process is started, the imaging method instruction unit 211 instructs the audio output device control unit 209 to output audio data corresponding to the instruction ID “B001”.

  Based on the instruction from the imaging method instructing unit 211, the display device control unit 203 reads out text data (for example, “Start photographing a personal identification document”) corresponding to the instruction ID “B001”, and displays it. Display at 200D. In addition, based on the instruction from the imaging method instruction unit 211, the audio output device control unit 209 reads out audio data (for example, “starts capturing an identity verification document”) corresponding to the instruction ID “B001” and reads out the audio data. Output from the audio output device 200F. Audio data is output from the audio output device 200F as audio.

(Step S1101B)
After a lapse of a predetermined time (for example, several seconds), the imaging method instruction unit 211 instructs the display device control unit 203 to display the text data corresponding to the instruction ID “B002”. Similarly, the imaging method instruction unit 211 instructs the audio output device control unit 209 to output audio data corresponding to the instruction ID “B002”. Based on the instruction from the imaging method instruction unit 211, the display device control unit 203 reads out text data (for example, “Please photograph the surface of the personal identification document”) corresponding to the instruction ID “B002” and displays it. It is displayed on the device 200D. In addition, based on the instruction from the imaging method instruction unit 211, the audio output device control unit 209 reads audio data corresponding to the instruction ID “B002” (for example, “Please photograph the surface of the identity verification document.”). Output from the audio output device 200F. Audio data is output from the audio output device 200F as audio. The user U images the surface of the personal identification document based on the instruction.

(Step S1101C)
After a lapse of a predetermined time (for example, several seconds), the imaging method instruction unit 211 instructs the display device control unit 203 to display the text data corresponding to the instruction ID “B003”. Similarly, the imaging method instruction unit 211 instructs the audio output device control unit 209 to output audio data corresponding to the instruction ID “B003”. Based on the instruction from the imaging method instruction unit 211, the display device control unit 203 causes the text data corresponding to the instruction ID “B003” (for example, “Please turn over the identity verification document after the front surface is shot.”). Is read and displayed on the display device 200D. In addition, based on the instruction from the imaging method instruction unit 211, the audio output device control unit 209 outputs the audio data corresponding to the instruction ID “B003” (for example, “Please turn over the identity verification document after the front surface is shot. .)) And output from the audio output device 200F. Audio data is output from the audio output device 200F as audio. The user U turns over the identity verification document from the front side to the back side while continuing imaging based on the instruction.

(Step S1101D)
After a lapse of a predetermined time (for example, several seconds), the imaging method instruction unit 211 instructs the display device control unit 203 to display the text data corresponding to the instruction ID “B004”. Similarly, the imaging method instruction unit 211 instructs the audio output device control unit 209 to output audio data corresponding to the instruction ID “B004”. Based on the instruction from the imaging method instruction unit 211, the display device control unit 203 captures the text data corresponding to the instruction ID “B004” (for example, “Please photograph the back of the identity verification document (Uramen).”). The data is read out and displayed on the display device 200D. In addition, based on the instruction from the imaging method instruction unit 211, the audio output device control unit 209 captures audio data corresponding to the instruction ID “B004” (for example, “photograph the back side (uramen) of the identity verification document. )) And output it from the audio output device 200F. Audio data is output from the audio output device 200F as audio. The user U takes an image of the back of the personal identification document based on the instruction while continuing to take the image.

(Step S1101E)
After a lapse of a predetermined time (for example, several seconds), the imaging method instruction unit 211 instructs the display device control unit 203 to display the text data corresponding to the instruction ID “B005”. Similarly, the imaging method instruction unit 211 instructs the audio output device control unit 209 to output audio data corresponding to the instruction ID “B005”. Based on the instruction from the imaging method instruction unit 211, the display device control unit 203 reads out text data corresponding to the instruction ID “B005” (for example, “Subsequently shoot a personal moving image”), and displays the display device. Display at 200D. In addition, based on the instruction from the imaging method instruction unit 211, the audio output device control unit 209 reads out audio data corresponding to the instruction ID “B005” (for example, “Then, a personal moving image is shot.”). Output from the audio output device 200F. Audio data is output from the audio output device 200F as audio.

  Thereafter, the process shifts to the process of step S1102 in FIG. 21, and the user U starts capturing a personal moving image (self-portrait moving image) based on the instruction.

(Authentication process)
FIG. 25 is a flowchart illustrating the processing of the authentication system 10 according to the third embodiment (imaging processing). Hereinafter, the authentication processing of the authentication system 10 according to the third embodiment will be described with reference to FIG. 25, but the same processing as the authentication processing of the authentication system 10 according to the second embodiment will be assigned the same step numbers. A duplicate description is omitted (step S1203 in FIG. 25 is “first extraction processing”, but the processing content is the same as step S1203 “extraction processing” in FIG. 22).

(Step S1301)
The still image data extracting unit 303 extracts still image data (hereinafter, also referred to as fourth image data) when one or more identity verification documents are turned over.

(Step S1302)
The fifth determination unit 310 determines whether or not the personal identification document has a thickness from the one or more fourth image data extracted by the still image data extraction unit 303. Note that the determination method by the fifth determination unit 310 has already been described, and redundant description will be omitted.

  In the description of FIG. 25, after the determination by the fifth determination unit 310, the determinations by the first determination unit 304 to the fourth determination unit 307 are performed in order, but the first determination unit 304 to the fourth determination unit 307 The determination order by the fifth determination unit 310 is not limited to the order shown in FIG. In other words, the order of determination by the first determination unit 304 to the fourth determination unit 307 and the fifth determination unit 310 illustrated in FIG. 25 may be changed.

(effect)
As described above, in the third embodiment, the imaging method instruction unit 211 that instructs the user terminal 2 to photograph both sides of the personal identification document is provided, and the authentication server 3 is turned over from the first imaging data by the one or more personal identification documents. A still image data extraction unit 303 for extracting still image data (hereinafter, also referred to as fourth image data) at the time, and a thickness of a personal identification document from one or more fourth image data extracted by the still image data extraction unit 303 are determined. A fifth determining unit 310 that determines whether or not there is a data item.

  For this reason, it is possible to confirm whether the identity verification document is at hand of the user U and whether the user U is performing the operation of turning the identity verification document over as instructed, and the image data of the front and back surfaces of the identity verification document. Can be prevented from being diverted. As a result, spoofing can be effectively prevented.

  Although the present embodiment and its application examples have been described above, the present invention is not limited to these examples. For example, a rule other than the format rule may be applied as a rule for forgery determination. In addition, those skilled in the art may appropriately add, delete, or change the design of the above-described embodiments or their application examples, or may appropriately combine the features of the embodiments. As long as it has the gist, it is included in the scope of the present invention.

  For example, the layout / physical positional relationship (for example, the position of the “excellent mark” is shifted from the regular one, the position of the “glasses etc.” is shifted from the regular one, each fixed character or mark May be determined to determine the forgery of the identity verification document. In addition, the color of the text and the color of the marker may be different from the official data (for example, the color marked with gold indicating a gold license is different from the official gold color, and the "driver's license" is written in blue. However, the color is different from the official one, and the "Public Safety Commission" is written in orange, but the color is different from the official one.) You may. In addition, the forgery determination of the identity verification document based on the layout and physical positional relationship, the forgery determination of the identity verification document based on the color of the characters and the color of the marker, and the forgery determination of the following (1) to (7). You may make it combine with any one or more.

(1) Judgment of forgery by array of names (see FIGS. 5 and 6)
(2) Forgery judgment based on the address posting rule (see FIGS. 7 and 8)
(3) Forgery determination based on the font rule for the expiration date (see FIGS. 9 and 10)
(4) Forgery determination based on font rules for license conditions (see Fig. 11)
(5) Forgery determination based on license type (see FIGS. 12 and 13)
(6) Forgery judgment by seal (see FIGS. 14 and 15)
(7) Forgery judgment by check digit (see FIGS. 16 and 17)

  As described above, the present invention can be used for forgery determination of various personal identification documents such as a passport (passport), a basic resident register card, and a residence card, in addition to a driver's license.

1 forgery determination system 2 user terminal 200A communication IF
200B Storage device 200C Input device 200D Display device 200E Imaging device (camera)
200F audio output device (speaker)
200G CPU
200H bus (BUS)
201 imaging device control unit 202 input reception unit 203 display device control unit 204 transmission unit 205 reception unit 206 operation extraction unit 207 instruction timing determination unit 208 operation instruction unit 209 audio output device control unit 210 storage device control unit 211 imaging method instruction unit 212 Imaging position lottery unit 3 Authentication server 300A Communication IF
300B storage device 300C CPU
300D bus (BUS)
301 receiving unit (first and second acquisition units)
302 operation instruction timing recognition unit 303 still image data extraction unit 304 first determination unit 305 second determination unit 306 third determination unit 307 fourth determination unit 308 storage device control unit 309 transmission unit 310 fifth determination unit 351 data acquisition unit 352 Extraction unit 353 recognition unit 354 determination unit 4 network 10 authentication system

Claims (8)

A forgery determination system for determining forgery of an identity verification document,
A data acquisition unit for acquiring image data of the personal identification document,
Refer to a storage unit that stores the formal format layout information of the identity verification document and the formal rules in the determination reference area of the identity verification document, and store in the storage unit the imaging data acquired by the data acquisition unit. An extraction unit that extracts imaging data corresponding to the determination reference area as determination target data, based on the format layout information that has been obtained,
A recognition unit that recognizes a rule from the determination target data extracted by the extraction unit,
The rule recognized by the recognition unit, and a determination unit that determines forgery of the personal identification document, based on a result of matching a regular rule in the determination reference area stored in the storage unit,
The storage unit stores a regular arrangement rule of characters determined according to a date of issuance of the personal identification document in the determination reference area,
The recognition unit recognizes an array of characters from the determination target data,
The determination unit may include a rule for arranging the characters recognized by the recognition unit and a regular rule for arranging characters in accordance with a date of issuance of the personal identification document in the determination reference area stored in the storage unit. And falsifying the identity verification document based on the result of the verification. The identity verification document is a license,
The storage unit stores a regular array rule of the type of the license determined according to the date of grant of the license in the determination reference area,
The recognition unit recognizes the pattern of the date of issuance of the license and the type of license from the determination target data,
The determination unit is determined according to the issuance date of the license recognized by the recognition unit and the written pattern of the type of license and the date of issuance of the license in the determination reference area stored in the storage unit. The forgery determination system according to claim 1, wherein the forgery of the license is determined based on a result of matching the license type with a regular array rule. The storage unit stores a regular posting rule of an address determined according to a prefecture in the determination reference area,
The recognition unit recognizes an address posting rule from the determination target data,
The judging unit compares a posting rule of the address recognized by the recognizing unit with a regular posting rule of an address determined according to a prefecture in the judgment reference area stored in the storage unit. The forgery determination system according to claim 1, wherein the forgery of the identification document is determined based on the identification. The storage unit stores a regular font rule of a character in the determination reference area,
The recognition unit recognizes a font rule of a character from the determination target data,
The determination unit is based on a result of matching the font rule of the character recognized by the recognition unit with a regular font rule of the character in the determination criterion area stored in the storage unit. The forgery determination system according to any one of claims 1 to 3, wherein the forgery determination system is determined. The storage unit stores regular image data of the seal in the determination reference area,
The recognition unit recognizes image data of a seal from the determination target data,
The determination unit is configured to forge the identity verification document based on a comparison result between the image data of the seal recognized by the recognition unit and regular image data of the seal in the determination reference area stored in the storage unit. 5. The forgery determination system according to claim 1, wherein the forgery determination is performed. The storage unit stores a check digit based on text information in the determination reference area,
The recognition unit recognizes text information from the determination target data,
The identification unit is based on a check result of the check digit based on the text information recognized by the recognition unit and a check digit based on the text information in the determination criterion area stored in the storage unit. The forgery determination system according to any one of claims 1 to 5, wherein the forgery is determined. A forgery determination method for determining forgery of an identity verification document,
A step of acquiring image data of the personal identification document by a data acquisition unit,
The extraction unit refers to a storage unit that stores regular format layout information of the personal identification document and a regular rule in a determination reference area of the personal identification document, and from the imaging data acquired by the data acquisition unit, Based on the format layout information stored in the storage unit, a step of extracting imaging data corresponding to the determination reference area as determination target data,
A step of recognizing a rule from the determination target data extracted by the extraction unit by a recognition unit;
Determining a forgery of the identity verification document based on a result of matching between the rule recognized by the recognition unit and a regular rule in the determination reference area stored in the storage unit; Have
The storage unit stores a regular arrangement rule of characters determined according to a date of issuance of the personal identification document in the determination reference area,
The recognition unit recognizes an array of characters from the determination target data,
The determination unit may include a rule for arranging the characters recognized by the recognition unit and a regular rule for arranging characters in accordance with a date of issuance of the personal identification document in the determination reference area stored in the storage unit. And falsifying the identity verification document based on the result of the verification. A forgery determination program for determining forgery of an identity verification document,
Computer
A data acquisition unit for acquiring imaging data of the personal identification document,
Refer to a storage unit that stores the formal format layout information of the identity verification document and the formal rules in the determination reference area of the identity verification document, and store in the storage unit the imaging data acquired by the data acquisition unit. Based on the format layout information that has been extracted, the extraction unit that extracts the imaging data corresponding to the determination reference area as data to be determined,
A recognition unit that recognizes a rule from the determination target data extracted by the extraction unit,
A determination unit that determines forgery of the identity verification document based on a result of matching the rule recognized by the recognition unit with a regular rule in the determination criterion area stored in the storage unit;
Function as
The storage unit stores a regular arrangement rule of characters determined according to a date of issuance of the personal identification document in the determination reference area,
The recognition unit recognizes an array of characters from the determination target data,
The determination unit may include a rule for arranging the characters recognized by the recognition unit and a regular rule for arranging characters in accordance with a date of issuance of the personal identification document in the determination reference area stored in the storage unit. A forgery determination program for determining the forgery of the personal identification document based on the result of the verification.