JP6960362B2 - Authentication system and authentication method - Google Patents

Description

The present invention relates to an authentication system for authenticating an electronic ticket or the like using a mobile terminal and an authentication method thereof.

Electronic tickets are used for check-in at facilities where events and concerts are held. In authentication using an electronic ticket, authentication based on an image using a QR code (QR code is a registered trademark) or the like is generally used.

In a system that authenticates using images, it is necessary to prepare a large number of expensive and dedicated reading devices. Therefore, there is a problem that the cost for constructing and operating the system is high. Therefore, it is not realistic to apply the above system to outdoor events and events that temporarily use the facility.

The technique described in Patent Document 1 is known as an example of a means for providing a service to the purchaser himself / herself. Patent Document 1 states that "a user information management device includes an acquisition unit, a reception unit, and a transmission unit. The acquisition unit acquires authority information regarding a service to be provided by a user of the terminal device. The receiving unit receives the result of the authentication process for authenticating the identity of the user executed on the terminal device side when receiving the service. The transmitting unit receives the result of the authentication process received by the receiving unit. It is the information generated based on the above, and the identity verification information which is the information indicating that the user is the user who has the authority to receive the service is transmitted. "

When the technology described in Patent Document 1 is applied to a system introduced in a facility where an event is held, the cost for constructing and operating the system is high because a mobile device or the like held by the user is used instead of an expensive and dedicated reading device. Can be reduced.

JP-A-2017-97802 Japanese Unexamined Patent Publication No. 2005-332240

However, since a large number of users visit the facility where the event is held for a certain period of time, the authentication device that executes the authentication process needs to authenticate many users at once. Therefore, since the processing load (calculation amount) becomes very large, it is necessary to install an authentication device having high processing performance or a large number of authentication devices. Further, since communication is performed between the authentication device and a large number of user terminals in a narrow area, problems such as insufficient communication bandwidth and congestion of communication resources may occur.

The technique described in Patent Document 2 is known as a technique for reducing the load of the authentication process. Patent Document 2 states, "In an authentication method for authenticating a user who uses a service or a device possessed by the user, the user or a device possessed by the user represents a principal user who authenticates the person and a supervisor user. Is a group of a subordinate user who is permitted to use the service in the place where the service exists, the above-mentioned main user, and a device owned by the subordinate user, and each of a plurality of service areas is provided with an authentication control agent. When the main user is authenticated by a normal procedure and the main user exists in an area where the subordinate user or the device can be monitored, the existence or position can be confirmed by the token. The authentication method of "authorizing the use of the service for the subordinate user or device based on the authentication context of the own agent" is described.

However, Patent Document 2 does not consider the amount of communication in a facility where many terminals are concentrated.

The present invention has been made in consideration of the above points, and realizes an authentication system and an authentication method capable of reducing the processing load and the load of communication resources for the authentication process at low cost while considering the security. The purpose.

A typical example of the invention disclosed in the present application is as follows. That is, a user terminal operated by the user, an authentication server that executes an authentication process using an electronic ticket, a beacon that transmits a beacon signal, and an admission management terminal that manages the user's admission to the facility using the electronic ticket. In the authentication system provided, when the electronic ticket is purchased by the user, the authentication server generates authentication data, transmits the authentication data to the user terminal, and from the user terminal, the authentication data is described. If an execution request for an authentication process for determining whether or not the electronic ticket is legitimate is received, the authentication process is executed, and if the electronic ticket is determined to be legitimate, any The entrance data for generating the sound data of the sound having the characteristic is generated, the entrance data is transmitted to the user terminal, and the user terminal is used for the authentication before the user arrives at the facility. When the execution request of the authentication process including the information extracted from the data is transmitted to the authentication server, the distance between the user terminal and the facility is within the first range, and the first beacon signal is received from the beacon. The entrance sound data is generated based on the authentication data, the entrance data, and the beacon information included in the first beacon signal, and the sound is reproduced for the entrance management terminal based on the entrance sound data. Then, the admission management terminal analyzes the characteristics of the sound reproduced by the user terminal, and based on the result of the analysis, determines whether or not to allow the user associated with the electronic ticket to enter the facility. judge.

According to one aspect of the present invention, since the admission determination is performed using sound, an expensive and dedicated reading device is not required. Further, since the authentication process is executed with the authentication server at an arbitrary timing before the arrival of the facility, the execution timing and the communication timing of the authentication process can be distributed. Therefore, it is possible to realize an authentication system that can reduce the processing load and the load of communication resources for the authentication process at low cost while ensuring security.

It is a figure which shows an example of the configuration of the authentication system of Example 1. It is a figure which shows an example of the configuration of the authentication server of Example 1. FIG. It is a figure which shows an example of the structure of the mobile terminal of Example 1. It is a figure which shows an example of the data structure of the user authentication database of Example 1. FIG. It is a figure which shows an example of the data structure of the ticket information management database of Example 1. FIG. It is a figure which shows an example of the data structure of the sound characteristic management information included in the sound data generation information of Example 1. FIG. It is a figure which shows an example of the data structure of the judgment condition management information of Example 1. FIG. It is a figure which shows an example of the data structure of the judgment condition management information of Example 1. FIG. It is a sequence diagram explaining the process flow in the authentication system of Example 1. FIG. It is a flowchart explaining the process which the mobile terminal of Example 1 executes in the initial authentication process. It is a flowchart explaining the process which the authentication server of Example 1 executes in the initial authentication process. It is a figure which shows an example of the data structure of the tag generated by the authentication server of Example 1. FIG. It is a flowchart explaining the process which the mobile terminal of Example 1 executes by the pre-authentication process. It is a flowchart explaining the process which the authentication server of Example 1 executes in the pre-authentication process. It is a flowchart explaining the process which the mobile terminal of Example 1 executes in the admission admissibility determination process. It is a flowchart explaining the process which the entrance management terminal of Example 1 executes in the entrance admissibility determination process.

Hereinafter, embodiments of the present invention will be described with reference to the drawings. In the following description, various information may be described by expressions such as "management table", but various information may be expressed by a data structure other than the table (for example, list, repository, queue, etc.). good. Further, the "management table" can be referred to as "management information" to show that it does not depend on the data structure.

In addition, the process may be described with "program" as the subject. The program is executed by a processor, for example, an MPU (Micro Processor Unit) and a CPU (Central Processing Unit), and performs a predetermined process. Since the processing is performed while appropriately using a storage resource (for example, a memory) and a communication interface device (for example, a LAN port), the subject of the processing may be a processor. The processor may have dedicated hardware in addition to the CPU. The program may be installed on each computer from the program source. The program source may be provided by, for example, a program distribution server or a storage medium.

Further, each element, for example, a storage device can be identified by a number or the like, but other kinds of identification information such as a name may be used as long as it is identifiable information. Although the same parts are designated by the same reference numerals in the drawings and description of the present invention, the present invention is not limited to the present embodiment, and all application examples consistent with the idea of the present invention are included in the technical scope of the present invention. Is done. Further, unless otherwise specified, each component may be plural or singular.

FIG. 1 is a diagram showing an example of the configuration of the authentication system 10 of the first embodiment.

The authentication system 10 includes an authentication server 100, a plurality of mobile terminals 110, a facility 120, and a beacon signal transmitting device 130. The authentication server 100, the plurality of mobile terminals 110, the facility 120, and the beacon signal transmitting device 130 are connected to each other via the network 150.

The types of the network 150 are WAN (Wide Area Network), LAN (Local Area Network), and the like. Further, the connection form of the network 150 may be either wired or wireless.

The authentication system 10 is a system for executing an authentication process related to an electronic ticket purchased by the user and managing the admission of the user to the facility 120.

The authentication server 100 executes the authentication process in cooperation with the mobile terminal 110. The authentication server 100 has a program for realizing the beacon information update module 210, the sound data generation module 211, and the authentication module 212, and also holds the user authentication database 220, the ticket information management database 221 and the sound data generation information 222. do.

Details of the hardware configuration and software configuration of the authentication server 100 will be described with reference to FIG.

Facility 120 is a facility such as a stadium and a concert hall. Facility 120 has an entrance management terminal 121, a microphone 122, and an entrance management device 123.

The microphone 122 collects the sound reproduced by the mobile terminal 110. The collected sound is input to the admission management terminal 121 as electronic data.

The admission management terminal 121 executes the admission availability determination process in cooperation with the mobile terminal 110. The admission management terminal 121 holds the determination condition management information 125 used in the admission availability determination process. The details of the data structure of the determination condition management information 125 will be described with reference to FIGS. 7A and 7B. The admission management terminal 121 controls the admission management device 123 based on the result of the process. It is assumed that the hardware configuration of the entrance management terminal 121 is the same as that of the authentication server 100.

The admission management device 123 is a device that manages the user's admission to the facility 120, and for example, a display device, a gate mechanism, and the like can be considered.

The beacon signal transmitting device (beacon) 130 is a device that transmits a beacon signal. The beacon signal transmitting device 130 is set in buildings and roads. The beacon signal transmission method transmitted by the beacon signal transmission device 130 may be either a radio wave method such as BLE (Bluetooth Low Energy) (Bluetooth is a registered trademark) or an ultrasonic method.

In the first embodiment, the beacon information included in the beacon signal includes a value that changes at a constant cycle. For example, a part of the bit string corresponding to the UUID (Universal Unique Identifier) changes periodically.

The mobile terminal 110 is a terminal operated by the user. The mobile terminal 110 is, for example, a smartphone, a mobile phone, a tablet PC, a PDA (Personal Digital Assistant), or the like. The mobile terminal 110 of the first embodiment has a program for realizing the authentication application 311.

The authentication application 311 acquires information for generating sound data of the sound to be reproduced from the authentication server 100 in the authentication process, generates sound data in the admission determination process, and sounds corresponding to the generated sound data. To play.

It should be noted that the authentication process and the admission determination process of the first embodiment can be performed on a group basis. For example, when a plurality of users purchase valid electronic tickets (group electronic tickets) in groups having different attributes such as "family", "friends", and "special treatment", each user's mobile terminal 110 communicates with each other and is arbitrary. The authentication application 311 of the mobile terminal 110 of the mobile terminal 110 executes the process as the main terminal.

FIG. 2 is a diagram showing an example of the configuration of the authentication server 100 of the first embodiment.

The authentication server 100 has a CPU 200, a memory 201, a storage device 202, and a communication interface 203 as hardware configurations. Each device is connected to each other via an internal bus or the like.

The authentication server 100 may have an input device for the operator to input information and an output device for outputting information to the operator. The input device may be, for example, a keyboard, a mouse, or the like. Further, the output device may be a display device, a printer, or the like.

A terminal for the operator to operate the authentication server 100 may be connected to the authentication server 100. The terminal has an input device and an output device.

The CPU 200 executes the program stored in the memory 201. The CPU 200 executes processing as a beacon information update module 210, a sound data generation module 211, and an authentication module 212, which will be described later.

The memory 201 is a storage device that stores a program executed by the CPU 200 and data used by the program. The program stored in the memory 201 will be described later.

The memory 201 is composed of a volatile storage element such as a DRAM (Dynamic Random Access Memory). The memory 201 may be composed of a non-volatile storage element such as a ROM (Read Only Memory). In addition to the memory 201, the authentication server 100 may have a memory such as a ROM in which an immutable program such as a BIOS (Basic Input Output System) is stored.

The storage device 202 permanently stores the data. The data stored in the storage device 202 will be described later.

As the storage device 202, a large-capacity and non-volatile storage device such as an HDD (Hard Disk Drive) and an SSD (Solid State Drive) can be considered. The programs and data stored in the memory 201 may be stored in the storage device 202. In this case, the CPU 200 reads the program and data from the storage device 202, loads the read program and data into the memory 201, and executes the loaded program.

The communication interface 203 controls communication with other devices via the network according to a predetermined protocol.

Here, the program stored in the memory 201 and the data stored in the storage device 202 will be described.

The memory 201 of the first embodiment stores a program that realizes the beacon information update module 210, the sound data generation module 211, and the authentication module 212.

The beacon information update module 210 updates the pattern of the beacon information included in the beacon signal, the change schedule, and the like. The sound data generation module 211 generates authentication data used by the mobile terminal 110 to generate sound data. The authentication module 212 authenticates the user and the electronic ticket.

For each module of the authentication server 100, a plurality of modules may be combined into one module, or one module may be divided into a plurality of modules for each function.

The storage device 202 of the first embodiment stores the user authentication database 220, the ticket information management database 221 and the sound data generation information 222.

The user authentication database 220 is a database for managing data used for authentication of each user. The details of the data structure of the user authentication database 220 will be described with reference to FIG.

The ticket information management database 221 is a database for managing electronic tickets. The details of the data structure of the ticket information management database 221 will be described with reference to FIG.

The sound data generation information 222 is information for generating sound data. The sound data generation information 222 includes sound characteristic management information 600 (see FIG. 6), frequency sampling data, and the like, which will be described later.

The program and information included in the authentication server 100 may be stored in a storage device included in the external storage system. The programs and information contained in the authentication server 100 may be stored in a virtual storage device. Further, the programs and information possessed by the authentication server 100 may be stored in the authentication server 100 in advance, may be installed using removable media such as a CD-ROM and a flash memory, or may be installed via the network 150. It may be obtained from an external device connected to the device. Programs and information acquired via installation or network 150 are stored in storage device 202, which is a non-temporary storage medium.

The authentication server 100 does not have to directly manage the user authentication database 220 and the ticket information management database 221. In this case, the authentication server 100 is accessiblely connected to the user authentication database 220 and the ticket information management database 221 managed by a server (not shown).

The authentication system 10 may include a plurality of authentication servers 100. In this case, the program and information may be stored in a distributed manner. Further, the authentication server 100 may be realized by using a physical computer or a virtual computer.

FIG. 3 is a diagram showing an example of the configuration of the mobile terminal 110 of the first embodiment.

The mobile terminal 110 includes a CPU 300, a memory 301, a storage device 302, a communication interface 303, an input device 304, an output device 305, a GPS sensor 306, a short-range communication device 307, a beacon signal detection device 308, and a beacon signal analyzer 309. .. Each device is communicably connected via an internal bus or the like.

The CPU 300, the memory 301, the storage device 302, and the communication interface 303 are the same hardware as the CPU 200, the memory 201, the storage device 202, and the communication interface 203.

The input device 304 is a device for inputting data to the mobile terminal 110, such as an operation key and a touch panel. The input device 304 includes a camera and a microphone.

The output device 305 is a device for outputting data to a user who operates the mobile terminal 110, such as a display (touch panel). The output device 305 includes a speaker. On the display, for example, an image in which information such as a beacon signal is added to an image taken by a camera is displayed.

The GPS sensor 306 is a device for acquiring the position of the mobile terminal 110. In addition, the mobile terminal 110 may have a positioning sensor using a beacon signal or the like, and a device for measuring the position by communication with a base station, instead of the GPS sensor 306. In the first embodiment, the position information acquired by the GPS sensor 306 is used for estimating the movement route and the movement distance.

The short-range communication device 307 is a device that controls communication between short-range devices.

The beacon signal detection device 308 is a device that detects a beacon signal. When the beacon signal is transmitted by a radio wave method such as BLE, the beacon signal detection device 308 detects the beacon signal from the signal received via the short-range communication device 307. When the beacon signal is transmitted by the ultrasonic method, the beacon signal detection device 308 detects the beacon signal from the sound (signal) received through the microphone.

The beacon signal analyzer 309 extracts beacon information from the beacon signal detected by the beacon signal detection device 308. The extracted beacon information is used by the authentication application 311 or the like. When the beacon signal analyzer 309 outputs the beacon information, the extracted beacon information may be output as it is, or the data is shaped and converted, and the associated related information is added. , The processed beacon information may be output.

Here, the program and information stored in the memory 301 and the information stored in the storage device 302 will be described.

The memory 301 stores a program that realizes an OS (Operating System) 310 and an authentication application 311 and also stores admission data 321. The storage device 302 stores the authentication data 320.

The OS 310 controls the entire mobile terminal 110. The authentication application 311 executes necessary processes in the authentication process and the admission / admission determination process.

The authentication data 320 is information used in the pre-authentication process and the admission admission determination process, which will be described later. The admission data 321 is information used in the admission availability determination process described later.

FIG. 4 is a diagram showing an example of the data structure of the user authentication database 220 of the first embodiment.

The user authentication database 220 shown in FIG. 4 is a database that manages data in a table format, and one entry is composed of a user ID 401, a connection state 402, a connection protocol 403, an authentication key 404, a terminal ID 405, and session information 406. NS. One entry corresponds to one user.

Note that the entry does not have to include any of the fields described above. The entry may also include fields other than those described above.

The user ID 401 is a field for storing identification information for identifying the user. The user ID 401 stores, for example, a user name, an identification number, and the like. The user ID 401 may store a hash value calculated from the user's name or the like.

The connection state 402 is a field for storing information indicating the connection state between the mobile terminal 110 and the authentication server 100 operated by the user. In the connection state 402, either "Login" indicating that the mobile terminal 110 is connected to the authentication server 100 or "Logoff" indicating that the mobile terminal 110 is not connected to the authentication server 100 is stored. ..

The connection protocol 403 is a field for storing information indicating a communication protocol used in communication between the mobile terminal 110 operated by the user and the authentication server 100.

The authentication key 404 is a field that stores information used for user authentication. The hashed password and the like are stored in the authentication key 404.

The terminal ID 405 is a field for storing identification information for identifying the mobile terminal 110 operated by the user. The terminal ID 405 stores, for example, a hashed identification number.

The session information 406 is a field for storing the session information established between the mobile terminal 110 and the authentication server 100 operated by the user. The session information 406 stores the session number, the expiration date of the session, and the like. In the session information 406 of the first entry shown in FIG. 4, "11" is stored as the session number, and "20180115_10: 00: 00" is stored as the expiration date of the session.

FIG. 5 is a diagram showing an example of the data structure of the ticket information management database 221 of the first embodiment.

The ticket information management database 221 shown in FIG. 5 is a database that manages tabular data, and one entry includes ticket ID 501, user ID 502, status 503, access key 504, encryption key 505, sound ID 506, and expiration date 507. Consists of. User ID 502 is the same field as user ID 401. One entry corresponds to one electronic ticket.

Note that the entry does not have to include any of the fields described above. The entry may also include fields other than those described above.

The ticket ID 501 is a field for storing identification information for identifying an electronic ticket. The ticket ID 501 stores an identification number, an event name, a set of seat numbers, and the like. The ticket ID 501 may store a hash value calculated from a set of event name and seat number.

The status 503 is a field for storing information indicating the status of the electronic ticket. Information or the like indicating the execution status of the process is stored in the status 503. The status 503 may include a time stamp in which the status 503 is updated.

The access key 504 is a field for storing authentication information used when an entry is referenced and updated.

The encryption key 505 is a field for storing the encryption key (public key) generated by the mobile terminal 110.

The sound ID 506 is a field for storing identification information for identifying an entry of the sound characteristic management information 600, which will be described later. The sound ID 506 corresponds to the sound ID 601 described later.

The deadline 507 is a field for storing the deadline associated with the electronic ticket. The expiration date 507 of the first embodiment stores information indicating the expiration date of the electronic ticket and the execution period of the pre-authentication process. In the expiration date 507 of the first entry shown in FIG. 5, "20180301_20: 00: 00" is stored as the expiration date of the electronic ticket, and "-12hr" is stored as the information indicating the execution period of the pre-authentication process. NS. This indicates that the time 12 hours before the expiration date of the electronic ticket is the starting point of the period during which the pre-authentication process can be performed. In this case, the end point of the period during which the pre-authentication process can be performed is the expiration date.

FIG. 6 is a diagram showing an example of the data structure of the sound characteristic management information 600 included in the sound data generation information 222 of the first embodiment.

The sound characteristic management information 600 is information for managing sound characteristics. The sound characteristic management information 600 is information in a table format, and one entry is composed of a sound ID 601, a bit rate 602, a frequency control sequence 603, and an amplitude control sequence 604. One entry corresponds to data indicating the characteristics of one sound.

Note that the entry does not have to include any of the fields described above. The entry may also include fields other than those described above.

Sound characteristics are represented as a combination of variation patterns of elements that represent sound characteristics. The variation pattern of an element is represented by a combination of the variation rule of the element and the value of the element. The variation pattern of the elements can be set with a particle size corresponding to the resolution of the identification device that identifies the characteristics of the sound. The higher the resolution of the identification device, the larger the number of fluctuation patterns of the elements can be, so that the types of sounds to be reproduced also increase. Therefore, if the fluctuation rules are the same even if the elements are different, the discriminating device can discriminate as sounds having the same characteristics. In addition, when the relationship between the element and the fluctuation rule is opposite, it may be identified as a sound having the same characteristic. In Example 1, frequency and amplitude are used as elements representing the characteristics of sound.

When focusing on the frequency, it is conceivable that a sound having a frequency of 440 Hz is reproduced for 1 second, a sound having a frequency of 880 Hz is reproduced for 1 second, and a sound having a frequency of 220 Hz is reproduced for 1 second. In this case, the identification device determines the frequency fluctuation rule, the frequency fluctuation width, the frequency fluctuation ratio (ratio of the maximum value and the minimum value), the duration of the sound of an arbitrary frequency, the timing of changing the frequency, and the like. Can be obtained as.

When focusing on the amplitude, it is conceivable that a medium-volume sound is reproduced for 1.5 seconds, a high-volume sound is reproduced for 1 second, and a low-volume sound is reproduced for 0.5 seconds. In this case, the identification device can acquire the amplitude fluctuation rule, the amplitude fluctuation width, the amplitude fluctuation ratio, the duration of a sound of an arbitrary volume, the timing of changing the volume, and the like as sound characteristics.

The sound ID 601 is a field for storing identification information for identifying the characteristics of the sound. The sound ID 601 stores an identification number and the like.

The bit rate 602 is a field for storing the bit rate of the sound to be reproduced. The bit rate is expressed as the product of the sampling rate and the bit depth.

In the first embodiment, various bit rates can be set according to the characteristics of the sound. Generally, when reproducing a sound having a high frequency, it is desirable to set a high sampling rate, and when setting a wide dynamic range or a high resolution, it is desirable to increase the bit depth. For sounds with a small maximum frequency and a small amplitude fluctuation ratio, the size of the data can be reduced because the reproduced sound does not deteriorate much even if the bit rate is set low.

The frequency control sequence 603 is a field for storing information indicating a frequency fluctuation pattern. In the frequency control sequence 603 of the first embodiment, one or more sets of frequency and duration are stored. The above sets are set in the order of reproduction. The number of sets set in the frequency control sequence 603 can be arbitrarily changed.

The amplitude control sequence 604 is a field for storing information indicating an amplitude fluctuation pattern. In the amplitude control sequence 604 of the first embodiment, one or more sets of amplitude and duration are stored. The above sets are set in the order of reproduction. The number of sets set in the amplitude control sequence 604 can be arbitrarily changed.

Since the loudness of the volume differs depending on the playback device, in the first embodiment, the level is used as a value indicating the amplitude. Since the volume is susceptible to external influences (noise), it is desirable to set the level so that a loud sound is reproduced as a whole. When the volume is set to "0", the identification device needs to identify the characteristics of the sound in consideration of noise.

The duration of each of the frequency and the amplitude may be different. The frequency and amplitude may not be directly specified, but the frequency range and amplitude range divided by an arbitrary width may be specified. In this case, the playback device randomly selects a value from the specified range.

7A and 7B are diagrams showing an example of the data structure of the determination condition management information 125 of the first embodiment.

FIG. 7A shows determination condition management information 125 in which determination conditions are set for each identification frequency. The entry included in the determination condition management information 125 shown in FIG. 7A is composed of the reference value 701 and the determination condition 702. One entry corresponds to one judgment condition.

The reference value 701 is a field for storing the identification frequency for identifying the determination condition. The determination condition 702 is a field for storing a determination criterion for confirming the characteristics of the sound reproduced by the mobile terminal 110.

Relative changes in elements are used as the judgment criteria. This is because the distance between the mobile terminal 110 and the microphone 122 is not constant, and the microphone 122 may collect noise such as environmental sound when collecting the sound generated by the mobile terminal 110. This is also because it is necessary to consider the deviation of the detection timing and the deterioration of the accuracy.

For example, fluctuation patterns, durations, number of fluctuations, fluctuation widths, fluctuation ratios, and the like of elements such as frequency range and volume level can be used as determination criteria. At least one of the above-mentioned determination criteria is set in the determination condition 702.

FIG. 7B shows determination condition management information 125 in which determination conditions are set for each reference value. The entry included in the determination condition management information 125 shown in FIG. 7B is composed of the reference value 511 and the determination condition 512. One entry corresponds to the judgment condition group. One entry contains a plurality of judgment conditions.

The reference value 511 is a field for storing a part of the UUID included in the beacon signal for identifying the determination condition group. In the first embodiment, the bit string corresponding to the UUID of the beacon signal includes an invariant portion and a variable portion, and the value of the variable portion is set in the reference value 511. The determination condition 512 is the same field as the determination condition 702.

FIG. 8 is a sequence diagram illustrating a processing flow in the authentication system 10 of the first embodiment.

The processing performed by the authentication system 10 is an initial authentication process performed when the electronic ticket is purchased, a pre-authentication process executed when the route beacon signal is detected, and admission availability which is executed when the venue beacon signal is detected. It can be divided into three types of judgment processing.

The user operates the mobile terminal 110 to perform the electronic ticket purchase procedure (step S101). At this time, the mobile terminal 110 transmits the purchase information to the authentication server 100 (step S102). The purchase information includes at least the identification information of the electronic ticket, the identification information of the user, and the access information for transmitting the information to the mobile terminal 110. The access information is, for example, an e-mail address.

When the authentication server 100 receives the purchase information, the authentication server 100 updates the ticket information management database 221 (step S103).

For example, the authentication module 212 adds an entry to the ticket information management database 221 and sets the ticket ID 501 and the user ID 502 of the added entry to the electronic ticket identification information and the user identification information included in the purchase information. Further, the authentication module 212 sets the expiration date of the electronic ticket and the execution period of the pre-authentication process in the expiration date 507. The execution period shall be set according to an arbitrary standard.

In the case of a group electronic ticket, the authentication module 212 sets the identification information of each user included in the group in the user ID 502 of the added entry. As another registration method, the authentication module 212 adds as many entries as the number of users included in the group, and sets the identification information of each user in the user ID 502 of each added entry. In this case, the identification information of the same electronic ticket may be stored in the ticket ID 501, or the identification information of different electronic tickets may be stored. However, it shall be identification information that can be identified as a group electronic ticket.

It is not necessary to purchase the electronic ticket via the mobile terminal 110, the user directly purchases the electronic ticket at the sales office, and the user operates the terminal installed in the store to purchase the electronic ticket. You may purchase it. In this case, the server that manages the electronic ticket transmits the purchase information to the authentication server 100.

Next, the authentication server 100 transmits a URL for accessing the authentication server 100 to the mobile terminal 110 (step S104). As a method of transmitting the URL, a method of using e-mail or the like can be considered. When the purchased electronic ticket is a group electronic ticket, the URL is transmitted to the mobile terminal 110 operated by a plurality of users belonging to the group.

Next, the mobile terminal 110 accesses the URL notified from the authentication server 100 and executes the initial authentication process in cooperation with the authentication server 100 (step S105). Details of the processing executed by the authentication server 100 and the mobile terminal 110 in the initial authentication processing will be described with reference to FIGS. 9 and 10.

It is desirable that the initial authentication process is executed within a certain period from the notification of the URL. Therefore, it is assumed that the expiration date of the URL is set.

The user starts moving towards the facility 120 where the event takes place. At this time, when the mobile terminal 110 detects the beacon signal transmitted by the beacon signal transmitting device 130 installed in the moving path (step S111), the mobile terminal 110 executes the pre-authentication process in cooperation with the authentication server 100 (step S112). ). Details of the processing executed by the authentication server 100 and the mobile terminal 110 in the pre-authentication processing will be described with reference to FIGS. 12 and 13.

The beacon signal transmitting device 130 for transmitting a route beacon signal is installed on a moving body such as a train or a bus, a building, or a guide plate temporarily installed at the time of holding an event. When using the beacon signal transmitted by the beacon signal transmitting device 130 installed on the mobile body, the detection of the route beacon signal is that the user gets off at a disembarkation place near the facility 120 and the beacon signal cannot be received. You may handle it. The drop-off location can be specified by measuring the travel distance using the GPS sensor 306 and utilizing the map information.

Based on the result of the pre-authentication process, the authentication server 100 transmits the determination conditions used in the admission availability determination process to the admission management terminal 121 (step S113). The entrance management terminal 121 stores the received determination condition in the determination condition management information 125. At this time, the authentication server 100 may notify the beacon information pattern and change schedule of the venue beacon signal.

After the user arrives at the facility 120, when the mobile terminal 110 detects the venue beacon signal transmitted by the beacon signal transmitting device 130 installed in the facility 120 (step S121), admission is possible in cooperation with the admission management terminal 121. The determination process is executed (step S122). Details of the processing executed by the entrance management terminal 121 and the mobile terminal 110 in the admission determination process will be described with reference to FIGS. 14 and 15.

The route beacon signal is set so as to be transmitted from the beacon signal transmitting device 130 which is installed in the moving path and the distance from the facility 120 is within a certain range. The beacon signal transmitting device 130 installed in the moving path does not have to be fixedly installed, and may be installed in the moving body.

The venue beacon signal is set to be transmitted from the beacon signal transmitting device 130 whose distance from the facility 120 is within a certain range. The beacon signal transmitting device 130 also does not need to be fixedly installed. The beacon signal transmitting device 130 may be installed in the facility 120 or may be installed near the facility 120.

FIG. 9 is a flowchart illustrating a process executed by the mobile terminal 110 of the first embodiment in the initial authentication process.

When the user operates the URL notified by the authentication server 100 using the mobile terminal 110, the authentication application 311 is started and the process described below is started.

The authentication application 311 transmits a login request to the destination (authentication server 100) specified by the URL (step S201).

When the login process based on the login request is normally completed, the authentication application 311 generates an encryption key and transmits the generated encryption key to the authentication server 100 (step S202).

Specifically, the authentication application 311 generates a key pair of a public key and a private key, and transmits the public key to the authentication server 100.

Next, the authentication application 311 receives the authentication data 320 from the authentication server 100 (step S203). As will be described later, the authentication data 320 is attached with a tag including data encrypted by using the public key.

Next, the authentication application 311 verifies the authentication data 320 in order to determine whether or not the data is normal (step S204).

Specifically, the authentication application 311 verifies whether the authentication data 320 is damaged and whether or not a sound having identifiable characteristics can be reproduced. At this time, the authentication application 311 may decrypt the value set in the tag given to the authentication data 320 by using the private key, and execute the above-described determination by using the decrypted data.

When a plurality of authentication data 320s are received, the authentication application 311 verifies each authentication data 320.

Next, the authentication application 311 determines whether or not the verification is successful (step S205).

If the verification fails, the authentication application 311 returns to step S202 and executes the same process.

If the verification is successful, the authentication application 311 saves the authentication data 320 and the private key (step S206).

Specifically, the authentication application 311 stores the authentication data 320 in the storage device 302 and stores the private key in the memory 301. The authentication data 320 and the private key are deleted when the entrance to the facility 120 is normally performed or when the expiration date of the electronic ticket has passed.

Next, the authentication application 311 transmits a normal receipt notification to the authentication server 100 to notify that the authentication data 320 has been normally received (step S207).

Next, the authentication application 311 sends a logout request to the authentication server 100 (step S208), and ends the process.

FIG. 10 is a flowchart illustrating a process executed by the authentication server 100 of the first embodiment in the initial authentication process. FIG. 11 is a diagram showing an example of a tag data structure generated by the authentication server 100 of the first embodiment.

When the sound data generation module 211 of the authentication server 100 receives a login request from the mobile terminal 110, the sound data generation module 211 executes a login process (step S301). The login process may be executed by a module other than the sound data generation module 211.

Since the login process may use a known technique, detailed description thereof will be omitted. When the login process is completed normally, the sound data generation module 211 establishes a session with the mobile terminal 110. At this time, the sound data generation module 211 refers to the user authentication database 220 and searches for an entry corresponding to the user who operates the mobile terminal 110. The sound data generation module 211 sets “Login” in the connection state 402 of the searched entry, and sets the protocol information in the connection protocol 403. Further, the sound data generation module 211 sets the session information established in the session information 406 of the searched entry.

When the login process is normally completed and the public key is received from the mobile terminal 110, the sound data generation module 211 of the authentication server 100 identifies the electronic ticket of the user who operates the mobile terminal 110 (step S302).

Specifically, the sound data generation module 211 refers to the ticket information management database 221 and searches for an entry in which the user ID 502 is set with the user's identification information. When a plurality of group electronic ticket entries exist in the ticket information management database 221, the sound data generation module 211 searches all the entries related to the group electronic ticket of the group to which the user belongs.

At this time, the sound data generation module 211 sets the received public key in the encryption key 505 of the searched entry.

Next, the sound data generation module 211 of the authentication server 100 generates sound data based on the sound data generation information 222 (step S303). For example, sound data is generated by the following processing.

The sound data generation module 211 refers to the sound characteristic management information 600 included in the sound data generation information 222, and selects one entry. For example, the sound data generation module 211 confirms the characteristics of the sound that can be reproduced by the mobile terminal 110, and searches for an entry that matches the characteristics of the sound.

The sound data generation module 211 generates data composed of values stored in the bit rate 602, the frequency control sequence 603, and the amplitude control sequence 604 of the entry as sound data.

The sound data generation module 211 sets the value of the sound ID 601 of the selected entry in the sound ID 506 of the entry searched in step S302. The above is an example of the process of step S303.

Next, the sound data generation module 211 of the authentication server 100 generates a tag to be added to the sound data (step S304). Here, the data structure of the tag will be described with reference to FIG.

In the first embodiment, sound data conforming to the MP3 format is generated. In this case, an MP3 format ID3v1 tag can be used as a tag to be added to the sound data. An ID3v2 tag, which is an extension of the ID3v1 tag, may be used as a tag to be added to the sound data. Although only about 30 bytes of data can be stored in each area of the ID3v1 tag, the size of the data that can be stored in each area of the ID3v2 tag is expanded to about 16 MB.

The ID3v1 tag 1100 shown in FIG. 11 is composed of a tag identifier 1101, title information 1102, artist information 1103, album information 1104, date information 1105, comment information 1106, and genre identifier 1107. The numerical value of each area indicates the size of data that can be stored in the area.

The tag identifier 1101 stores the character string "TAG". The title information 1102 is an area for storing a music title (title). The artist information 1103 is an area for storing the name of the artist. The album information 1104 is an area for storing the name of the album. The date information 1105 is an area for storing the date. The comment information 1106 is an area for storing a comment. The Null character and track number may be stored in the last 2 bytes. The genre identifier 1107 stores a predefined genre identification number.

In the first embodiment, information related to the electronic ticket is stored in the title information 1102 and the artist information 1103. As the information related to the electronic ticket, the key set in the access key 504 of the ticket information management database 221, the identification information of the electronic ticket, and the seat number can be considered. Different information may be stored in each of the title information 1102 and the artist information 1103, or one piece of information may be divided and stored in each of the title information 1102 and the artist information 1103.

Information encrypted by using the public key is stored in the title information 1102 and the artist information 1103.

The Null character may be stored at the beginning of the information set in the area so that the playback software or the like does not recognize it as an abnormal character string.

In the first embodiment, the album information 1104 stores information regarding the expiration date of the electronic ticket. The date and time when the pre-authentication process can be executed may be stored in the album information 1104. Since the event may be presumed for the expiration date and date, it is desirable to encrypt the information using a public key.

In the first embodiment, data protection information such as a data guarantee code and a correction code is stored in the comment information 1106. The data protection information is information for recovering data when data loss or the like occurs. Note that the comment information 1106 may store information for requesting the authentication server 100 to repair data and acquire new data instead of the data protection information. In this case, it is desirable to encrypt the information using a public key.

Note that the comment information 1106 may store information for verifying the characteristics of the sound. The information may be information that allows simple determination of the authentication data 320. For example, the number of frequency fluctuations, the number of amplitude fluctuations, and the like are stored in the comment information 1106. When verifying the authentication data 320, the mobile terminal 110 can verify whether or not the sound having identifiable characteristics can be reproduced by using the information.

In the first embodiment, a fixed dummy value and a random value are stored in the genre identifier 1107. In addition, information for selecting the optimum equalizer setting or the like when the playback device reproduces sound may be stored.

The above is the explanation of the tags attached to the sound data. Returning to the description of FIG.

Next, the sound data generation module 211 of the authentication server 100 transmits the tagged sound data as the authentication data 320 to the mobile terminal 110 (step S305). After that, the authentication server 100 shifts to the waiting state until the response from the mobile terminal 110 is received.

The sound data generation module 211 of the authentication server 100 determines whether or not the response received from the mobile terminal 110 is a normal receipt notification (step S306).

If it is determined that the received response is not a normal receipt notification, the sound data generation module 211 of the authentication server 100 returns to step S303 and executes the same process.

When it is determined that the received response is a normal receipt notification, the sound data generation module 211 of the authentication server 100 updates the ticket information management database 221 (step S307).

Specifically, the sound data generation module 211 sets the status 503 of the entry searched in step S302 with information indicating that the initial authentication process is completed. For example, "initial authentication completed", "authentication data sent", and the like are set to the status 503. It should be noted that the time stamp whose status 503 has been updated may be included.

Next, when the sound data generation module 211 of the authentication server 100 receives the logout request from the mobile terminal 110, the sound data generation module 211 executes the logout process (step S308).

Since the logout process may use a known technique, detailed description thereof will be omitted. When the logout process is completed normally, the sound data generation module 211 refers to the user authentication database 220 and searches for an entry corresponding to the user who operates the mobile terminal 110. The sound data generation module 211 sets “Logout” in the connection state 402 of the searched entry, and initializes the connection protocol 403 and the session information 406.

FIG. 12 is a flowchart illustrating a process executed by the mobile terminal 110 of the first embodiment in the pre-authentication process.

When the authentication application 311 detects the route beacon signal, the authentication application 311 starts the process described below. The timing at which the mobile terminal 110 starts processing may be other than the detection of the route beacon signal. For example, the following timing can be considered.

(Execution Timing 1) The authentication server 100 generates an execution schedule for processing of the mobile terminal 110 in advance, and transmits an execution instruction to the mobile terminal 110 according to the schedule. The timing of transmitting the execution instruction is determined based on, for example, the expiration date of the electronic ticket. However, the schedule needs to be such that it is performed before the user arrives at the facility 120. In addition, the schedule needs to be such that a large number of mobile terminals 110 do not execute the process at one time.

(Execution timing 2) The authentication application 311 starts processing when it detects that it has arrived at an arbitrary coordinate by using the GPS sensor 306. The coordinates are determined by the authentication server 100 and notified to the mobile terminal 110. The coordinates need to be arbitrary positions on the movement route that are separated from the facility 120 by a certain distance.

(Execution timing 3) The authentication application 311 starts processing when a specific image such as a road sign is detected by using the camera. The image to be detected is determined by the authentication server 100 and notified to the mobile terminal 110. The image needs to be an image of an object existing on a movement path separated from the facility 120 by a certain distance.

In the first embodiment, the reason why the detection of the route beacon signal is adopted as the start timing of the process is that the user moves to the facility 120 at an arbitrary time by various means of transportation, so that the transmission timing of the request to the authentication server 100 is set. This is to disperse. Further, when the detection of the route beacon signal is set as the start timing, it is not necessary to set information such as (execution timing 1), (execution timing 2), and (execution timing 3).

First, the authentication application 311 analyzes the tag attached to the authentication data (step S401).

Specifically, the authentication application 311 decrypts the encrypted data of the tag using the private key.

Next, the authentication application 311 determines whether or not the user owns the electronic ticket within the expiration date based on the analysis result of the tag (step S402).

Specifically, the authentication application 311 compares the expiration date information of the electronic ticket set in the album information 1104 with the current time, and determines whether or not the user owns a valid electronic ticket. If a valid electronic ticket is possessed, the authentication application 311 further determines whether the current time is within the execution period of the pre-authentication process. When the album information 1104 directly includes the execution period of the pre-authentication process, the authentication application 311 compares the period with the current time to make a determination.

If the user does not have a valid electronic ticket, or if he / she has a valid electronic ticket but is out of the execution period of the pre-authentication process, the authentication application 311 ends the process. At this time, the authentication application 311 deletes unnecessary authentication data 320.

If the user has a valid electronic ticket and is within the execution period of the pre-authentication process, the authentication application 311 transmits the information acquired from the tag to the authentication server 100 (step S403). At this time, the authentication application 311 transmits the decrypted tag information by encrypted communication. The authentication application 311 shifts to the waiting state until the authentication result is received from the authentication server 100. The mobile terminal 110 and the authentication server 100 hold each other an encryption key used in encrypted communication.

At this time, the authentication application 311 may delete the encrypted data from the authentication data 320. Further, the authentication application 311 may transmit the position information or the beacon information included in the route beacon signal together with the information acquired from the tag.

In consideration of security, it may be controlled so that the login process is executed before the information is transmitted to the authentication server 100.

If the user and another person own the group electronic ticket, the authentication application 311 transmits the information acquired from the tag of the authentication data 320 of each group electronic ticket.

When the authentication application 311 receives the authentication result from the authentication server 100, the authentication application 311 determines whether or not the authentication is successful (step S404).

If the authentication is successful, the authentication application 311 saves the admission data 321 transmitted together with the authentication result in the memory 301 (step S405). After that, the authentication application 311 ends the process. If the login process is being executed, the logout process is controlled to be executed.

Here, the reason for storing the entrance data 321 in the memory 301 is to prevent the entrance data 321 from being easily taken out.

If the authentication fails, the authentication application 311 notifies the user of an error (step S406), and then ends the process. If the login process is being executed, the logout process is controlled to be executed.

As described with reference to FIG. 12, the pre-authentication process does not require any user operation, and the mobile terminal 110 automatically executes the process. Therefore, the user only needs to move to the facility 120.

If there is an electronic ticket whose expiration date has passed, the authentication application 311 deletes the authentication data 320 and the admission data 321 related to the electronic ticket.

FIG. 13 is a flowchart illustrating a process executed by the authentication server 100 of the first embodiment in the pre-authentication process.

When the authentication module 212 of the authentication server 100 receives the tag information from the mobile terminal 110 (step S501), the authentication module 212 decrypts the encrypted communication (step S502).

Specifically, the authentication module 212 decrypts the communication content by using the encryption key of the encrypted communication.

When the authentication module 212 receives the position information or the beacon information included in the route beacon signal from the mobile terminal 110, the authentication module 212 may determine whether or not to start the authentication process based on the information.

Next, the authentication module 212 of the authentication server 100 executes the authentication process based on the decrypted tag information and the ticket information management database 221 (step S503). Since the authentication process may use a known technique, detailed description thereof will be omitted.

Next, the authentication module 212 of the authentication server 100 determines whether or not the authentication is successful (step S504).

If the authentication is successful, the authentication module 212 of the authentication server 100 generates admission data 321 based on the pattern and sound characteristics of the beacon information included in the venue beacon signal (step S505). Further, the authentication module 212 of the authentication server 100 transmits an authentication success notification together with the admission data 321 to the mobile terminal 110 (step S506). After that, the authentication module 212 of the authentication server 100 ends the process.

For example, admission data 321 composed of an invariant portion of the UUID of the beacon signal and a combination of patterns and sound characteristics of the variable portion of the UUID of the beacon signal is generated. At this time, the authentication module 212 may transmit a change schedule of the pattern of the beacon information included in the beacon signal to the beacon signal transmitting device 130 that transmits the venue beacon signal via the beacon information updating module 210.

The admission data 321 may include information about a beacon signal used for a specific purpose, such as an emergency beacon signal. In addition, sampling data may be included.

The emergency beacon signal can include different beacon information for each mobile terminal 110. As a result, the mobile terminal 110 can be controlled so as not to process the emergency beacon signal other than the emergency beacon signal related to itself. The emergency beacon signal is used as an opportunity to start the update process of the authentication data 320 when the same authentication data 320 is detected by evacuation guidance when a serious incident occurs, spoofing, or the like.

When the authentication fails, the authentication module 212 of the authentication server 100 transmits an authentication failure notification to the mobile terminal 110 (step S507). After that, the authentication module 212 of the authentication server 100 ends the process.

If there is an electronic ticket whose expiration date has passed, the authentication server 100 deletes the entry related to the electronic ticket from the ticket information management database 221. Further, the authentication server 100 deletes an entry from the user authentication database 220 as needed.

FIG. 14 is a flowchart illustrating a process executed by the mobile terminal 110 of the first embodiment in the admission determination process.

When the authentication application 311 receives the venue beacon signal, the authentication application 311 starts the process described below.

The authentication application 311 determines whether or not it owns the group electronic ticket (step S601).

For example, whether or not the authentication application 311 owns the group electronic ticket based on the identification information of the electronic ticket stored in at least one of the title information 1102 and the artist information 1103 of the tag given to the authentication data 320. Is determined. Further, the authentication application 311 may determine whether or not to retain a plurality of authentication data 320 having the same expiration date and different identification information of the electronic ticket.

If it is determined that the group electronic ticket is not owned, the authentication application 311 proceeds to step S604.

When it is determined that the user has the group electronic ticket, the authentication application 311 communicates with the mobile terminal 110 of the user who belongs to the group of the group electronic ticket to identify the mobile terminal 110 in charge.

The authentication application 311 of the main mobile terminal 110 acquires the public key from the subordinate mobile terminal 110 (step S602). Further, the authentication application 311 of the main mobile terminal 110 acquires the authentication data 320 and the entrance data 321 from the subordinate mobile terminal 110 (step S603). After that, the main mobile terminal 110 proceeds to step S604.

In step S604, the authentication application 311 generates admission sound data based on the beacon information included in the venue beacon signal, the authentication data 320, and the admission data 321 (step S604), and is based on the admission sound data. To reproduce the sound (step S605). After that, the authentication application 311 ends the process. Here, an example of a method of generating admission sound data will be described.

The authentication application 311 newly receives the venue beacon signal and acquires the beacon information from the venue beacon signal. The authentication application 311 refers to the admission data 321 based on the pattern of the beacon information and identifies the characteristics of the sound.

The authentication application 311 generates admission sound data based on the authentication data 320 and the identified sound characteristics. For example, the following generation method can be considered.

(Generation method 1) The authentication application 311 generates the entrance sound data by concatenating the authentication data 320 and the sound data having the specified characteristics. In the case of the entrance sound data generated by the method, the sound having the specified characteristic is reproduced after the sound corresponding to the authentication data 320.

(Generation method 2) The authentication application 311 generates the entrance sound data by synthesizing the authentication data 320 and the sound data having the specified characteristics. In the case of the entrance sound data generated by the method, a sound obtained by superimposing the authentication data 320 and the data sound of the sound having the specified characteristic is reproduced.

(Generation method 3) The authentication application 311 verifies the admission data 321 using the tag attached to the authentication data 320, and when the verification is successful, the sound data of the specified characteristics is used as the admission sound data. Output as.

The generation timing of the entrance sound data and the sound reproduction timing can be arbitrarily set in consideration of the convenience of the user.

For example, when the physical operation button of the mobile terminal 110 or the operation button displayed on the GUI is pressed, the authentication application 311 generates admission sound data and reproduces the sound. However, it is also possible that the speaker included in the output device 305 is not in a state where the microphone 122 can collect sound. Therefore, when the user keeps pressing the operation button, changes the state of the speaker to a position where the microphone 122 can collect sound, and then releases the operation button, the generation of the entrance sound data may be started.

Further, when the brightness changes due to the camera included in the input device 304 being covered by the user's hand or the like, the generation of the entrance sound data may be started.

Further, when the entrance management device 123 is transmitting the beacon signal, the authentication application 311 may reproduce the sound when the beacon signal is detected. It is desirable that the beacon signal is transmitted when the speaker of the mobile terminal 110 approaches the microphone 122.

Further, when the camera of the mobile terminal 110 detects the microphone 122, the authentication application 311 may generate a sound.

In the case of processing related to the group electronic ticket, the authentication application 311 generates admission sound data using the information received from the subordinate mobile terminal 110.

When only the main mobile terminal 110 reproduces the sound, the sounds based on the entrance sound data are reproduced in a predetermined order. In this case, the main mobile terminal 110 notifies the mobile terminal 110 of the number indicating the reproduction order.

When each mobile terminal 110 that owns the group electronic ticket reproduces the sound, the main mobile terminal 110 transmits the admission sound data to the subordinate mobile terminal 110. The user plays the sound at an arbitrary timing. At this time, each mobile terminal 110 performs proximity communication, specifies the reproduction order, and notifies the mobile terminal 110 of the number indicating the reproduction order. The group identification information may also be notified.

FIG. 15 is a flowchart illustrating a process executed by the admission management terminal 121 of the first embodiment in the admission determination process.

The entrance management terminal 121 acquires sound data collected by the microphone 122 (step S701).

The entrance management terminal 121 analyzes the characteristics of the reproduced sound based on the acquired sound data (step S702). Specifically, the following processing is executed.

(Process 1) The entrance management terminal 121 calculates sound characteristic information that can be compared with the judgment conditions set in the judgment condition management information 125. For example, in the case of the determination condition management information 125 shown in FIG. 7A, the admission management terminal 121 calculates the initial frequency, the number of frequency fluctuations, the number of amplitude fluctuations, and the like. In the case of the determination condition management information 125 shown in FIG. 7B, the entrance management terminal 121 calculates the number of frequency fluctuations, the number of amplitude fluctuations, and the like. The specific frequency and amplitude may be calculated.

(Process 2) The entrance management terminal 121 selects an entry from the judgment condition management information 125. For example, when the admission management terminal 121 holds the determination condition management information 125 shown in FIG. 7A and the admission sound data is generated by (generation method 1), the admission management terminal 121 reproduces the reference value 701. Select the entry that matches the first frequency of the note. When the entrance management terminal 121 holds the determination condition management information 125 shown in FIG. 7B, the entrance management terminal 121 acquires the beacon information from the venue beacon signal, and the reference value 511 coincides with the variable portion of the UUID included in the beacon information. Select the entry you want.

(Process 3) The admission management terminal 121 compares the calculated sound characteristic information and the determination conditions set in the entry selected from the determination condition management information 125, and determines whether or not the determination condition is satisfied.

In the case of a judgment condition including a condition relating to a plurality of elements, the following judgment is performed. The admission management terminal 121 determines that the determination condition is satisfied when the condition for at least one element is satisfied or the condition for all the elements is satisfied.

(Process 4) The admission management terminal 121 outputs the determination result to an output device such as a display included in the admission management device 123. As a display method, a display method in which the background color is changed is conceivable so that admission permission and admission refusal can be visually confirmed. In the case of such a display method, the camera of the mobile terminal 110 may be able to detect the background color by using a mirror, an LED, or the like.

The entrance management terminal 121 may transmit the determination result to the mobile terminal 110 by using proximity communication, an emergency beacon signal, or the like. For example, the admission management terminal 121 transmits the determination result to the mobile terminal 110 only when the determination condition is not satisfied.

When the mobile terminal 110 detects a determination result indicating admission refusal by the display of the output device or the notification from the admission management terminal 121, the process shown in FIG. 14 may be executed again.

When the microphone 122 collects sounds related to the group electronic ticket at once, the admission management terminal 121 executes the processes (process 1) to (process 3) for the sounds corresponding to each user. In (Process 4), the result is displayed in group units. As a display method, a method of presenting a list in which the reproduction order and the determination result are associated with each other can be considered.

The above is the description of the process of step S702.

Next, the admission management terminal 121 determines whether or not to allow admission (step S703).

When admitting admission, the admission management terminal 121 controls the admission management device 123 in order to allow the user to enter the facility 120 (step S704). After that, the admission management terminal 121 ends the process. For example, the entrance management terminal 121 opens a gate for entering the facility 120.

When denying admission, the admission management terminal 121 notifies the user that admission is denied (step S705). After that, the admission management terminal 121 ends the process.

When the admission is completed normally, the admission management terminal 121 may transmit the electronic ticket information to the authentication server 100. In this case, the authentication server 100 deletes the entry corresponding to the electronic ticket from the ticket information management database 221 and also deletes the entry corresponding to the user who used the electronic ticket from the user authentication database 220.

The authentication system 10 described above can be constructed at low cost and can provide a highly convenient and secure service. More specifically, it has the following effects.

It can be realized by using the hardware resources and software resources of existing mobile terminals. Further, in the admission determination process, a dedicated device for recognizing an image or the like is not required, and a microphone 122 that converts sound into a digital signal may be installed. Therefore, the authentication system can be constructed at low cost.

The pre-authentication process is performed at any place on the movement route while the user is moving to the facility 120. Therefore, the place where the communication resource is used and the execution trigger of the process can be distributed. As a result, it is possible to avoid a shortage of communication resources and an increase in the processing load of the authentication process. Further, since the pre-authentication process is automatically performed, the convenience of the user can be improved.

Since the sound data has a smaller data size than the image, the load of communication resources between the authentication server 100 and the mobile terminal 110 can be reduced. Further, since sounds having various characteristics can be generated by combining the elements, the difficulty of counterfeiting can be improved.

Since the entrance sound is generated using not only the authentication data 320 and the entrance data 321 received in advance but also the venue beacon signal, it is possible to prevent forgery of the sound data of the entrance sound in advance. ..

The determination condition can be concealed by setting the determination condition management information 125 as a condition relating to an arbitrary characteristic of the sound to be reproduced. This makes it difficult to generate an entrance sound.

This authentication system can also be applied to group-based authentication. As a result, the processing load can be reduced and the convenience of the user can be improved.

A dummy frequency may be superimposed on the entrance sound data. This makes it difficult to analyze the entrance sound data. In this case, the admission management terminal 121 analyzes the sound characteristics after removing the dummy frequency component from the admission sound data using filters such as LPF, HPF, and BPF. The microphone 122 may have the same function as the above-mentioned filter. The frequency of the superposed dummy may fluctuate periodically. Moreover, the frequency of the dummy to be superimposed may be different for each event.

The present invention is not limited to the above-described examples, and includes various modifications. Further, the above-described embodiment has been described in detail in order to explain the present invention in an easy-to-understand manner, and is not necessarily limited to the one including all the described configurations. Further, it is possible to replace a part of the configuration of one embodiment with the configuration of another embodiment, and it is also possible to add the configuration of another embodiment to the configuration of one embodiment. Further, it is possible to add, delete, or replace a part of the configuration of each embodiment with another configuration.

Further, each of the above configurations, functions, processing units, processing means and the like may be realized by hardware by designing a part or all of them by, for example, an integrated circuit. Further, each of the above configurations, functions, and the like may be realized by software by the processor interpreting and executing a program that realizes each function. Information such as programs, tables, and files that realize each function may be stored in a storage device such as a memory, an HDD and an SSD, or a recording medium such as an IC card, an SD card, and an optical disk. In addition, the control lines and information lines indicate those that are considered necessary for explanation, and do not necessarily indicate all the control lines and information lines in the product. For example, in reality, almost all configurations may be considered to be interconnected.

10 Authentication system 100 Authentication server 110 Mobile terminal 120 Facility 121 Admission management terminal 122 Microphone 123 Admission management device 125 Judgment condition management information 130 Beacon signal transmitter 150 Network 200, 300 CPU
201, 301 Memory 202, 302 Storage device 203, 303 Communication interface 210 Beacon information update module 211 Sound data generation module 212 Authentication module 220 User authentication database 221 Ticket information management database 222 Sound data generation information 304 Input device 305 Output device 306 GPS sensor 307 Short-range communication device 308 Beacon signal detection device 309 Beacon signal analyzer 310 OS
311 Authentication application 320 Authentication data 321 Entrance data 600 Sound characteristic management information

Claims (12)

An authentication system equipped with an authentication server, a beacon that transmits a beacon signal, and an admission management terminal that manages the user's admission to the facility.
The authentication system accepts access from a user terminal operated by the user and receives access.
The authentication server is
When the electronic ticket is purchased by the user, the authentication data is generated, the authentication data is transmitted to the user terminal, and the authentication data is transmitted.
When a request for executing an authentication process for determining whether or not the electronic ticket is valid is received from the user terminal, the authentication process is executed.
When it is determined that the electronic ticket is valid, the admission data for generating the sound data of the sound having an arbitrary characteristic is generated, and the admission data is transmitted to the user terminal.
The user terminal is
Before the user arrives at the facility, an execution request for the authentication process including information extracted from the authentication data is transmitted to the authentication server.
When the distance between the user terminal and the facility is within the first range and the first beacon signal is received from the beacon, the authentication data, the entrance data, and the beacon information included in the first beacon signal Generate admission sound data based on
Based on the entrance sound data, the sound is reproduced for the entrance management terminal, and the sound is reproduced.
The admission management terminal is
The characteristics of the sound reproduced by the user terminal are analyzed.
An authentication system comprising determining whether or not to allow a user associated with the electronic ticket to enter the facility based on the result of the analysis. The authentication system according to claim 1.
The beacon information included in the first beacon signal is changed according to an arbitrary pattern.
The admission data is information in which the pattern of the beacon information included in the first beacon signal and the characteristics of the sound are associated with each other.
The user terminal is
Based on the pattern of the beacon information included in the first beacon signal, the characteristics of the sound are determined.
Based on the determined sound characteristics, sound data for synthesis is generated.
An authentication system characterized in that the entrance sound data is generated based on the authentication data and the synthetic sound data. The authentication system according to claim 2.
When the distance between the user terminal and the facility is within the second range larger than the first range and the second beacon signal is received from the beacon, the user terminal sends an execution request for the authentication process to the authentication server. An authentication system characterized by sending. The authentication system according to claim 3.
The admission management terminal is
Holds the judgment condition management information that associates the pattern of the beacon information included in the first beacon signal with the matching pattern of the characteristics of the sound.
An authentication system comprising determining whether or not to allow a user associated with the electronic ticket to enter the facility based on the result of the analysis and the determination condition management information. The authentication system according to claim 4.
An authentication system characterized in that a microphone for collecting sound reproduced by the user terminal is connected to the entrance management terminal. The authentication system according to claim 3.
The authentication server is
A tag including sound data having arbitrary characteristics and information about the electronic ticket encrypted based on the encryption key generated by the user terminal is generated as the authentication data.
When an execution request for the authentication process including the tag extracted from the authentication data is received from the user terminal, the authentication process is executed based on the tag decrypted based on the encryption key. A featured authentication system. An authentication method in an authentication system including an authentication server, a beacon that transmits a beacon signal, and an admission management terminal that manages the user's admission to a facility.
The authentication system accepts access from a user terminal operated by the user and receives access.
The authentication method is
When the authentication server purchases an electronic ticket by the user, the first step of generating authentication data and transmitting the authentication data to the user terminal, and
A request for the user terminal to execute an authentication process for determining whether or not the electronic ticket is valid, including information extracted from the authentication data, before the user arrives at the facility. In the second step of transmitting to the authentication server,
When the authentication server receives the execution request of the authentication process, the third step of executing the authentication process and
When the authentication server determines that the electronic ticket is valid, it generates admission data for generating sound data of sounds having arbitrary characteristics, and causes the user terminal to generate the admission data. 4th step to send
When the user terminal receives the first beacon signal from the beacon when the distance between the user terminal and the facility is within the first range, the authentication data, the entrance data, and the first beacon signal are displayed. The fifth step of generating admission sound data based on the contained beacon information,
A sixth step in which the user terminal reproduces a sound to the entrance management terminal based on the entrance sound data.
A seventh step in which the admission management terminal analyzes the characteristics of the sound reproduced by the user terminal.
The authentication comprising the eighth step of determining whether or not the admission management terminal permits the user associated with the electronic ticket to enter the facility based on the result of the analysis. Method. The authentication method according to claim 7.
The beacon information included in the first beacon signal is changed according to an arbitrary pattern.
The admission data is information in which the pattern of the beacon information included in the first beacon signal and the characteristics of the sound are associated with each other.
The fifth step is
A step in which the user terminal determines sound characteristics based on a pattern of beacon information included in the first beacon signal.
A step in which the user terminal generates sound data for synthesis based on the determined sound characteristics.
An authentication method, wherein the user terminal includes a step of generating the entrance sound data based on the authentication data and the synthetic sound data. The authentication method according to claim 8.
In the second step, when the distance between the user terminal and the facility is within the second range larger than the first range and the second beacon signal is received from the beacon, the authentication process is performed. An authentication method comprising sending an execution request to the authentication server. The authentication method according to claim 9.
The admission management terminal holds determination condition management information in which the pattern of the beacon information included in the first beacon signal and the matching pattern of the sound characteristics are associated with each other.
The eighth step is a step of determining whether or not the admission management terminal permits the user associated with the electronic ticket to enter the facility based on the result of the analysis and the determination condition management information. An authentication method characterized by including. The authentication method according to claim 10.
An authentication method characterized in that a microphone for collecting sound reproduced by the user terminal is connected to the entrance management terminal. The authentication method according to claim 9.
In the first step, the authentication server uses a tag containing sound data having arbitrary characteristics and information about the electronic ticket encrypted based on an encryption key generated by the user terminal for authentication data. Including the steps to generate as
In the third step, when the authentication server receives an execution request for the authentication process including the tag extracted from the authentication data from the user terminal, the authentication server is decrypted based on the encryption key. An authentication method comprising a step of executing the authentication process based on a tag.

Images