JP6988194B2 - Business processing program, business processing method, and business processing equipment - Google Patents

Description

This case relates to a business processing program, a business processing method, and a business processing device.

Biometric authentication (1: N) is known in which a user can perform authentication simply by providing biometric information without specifying an ID (see, for example, Patent Document 1).

Japanese Unexamined Patent Publication No. 2010-191856

However, authentication information such as biometric information may be similar between users. Therefore, when biometric authentication is performed without specifying an ID, not only a user having the authentication information but also a user having an authentication information similar to the authentication information may be specified.

That is, in biometric authentication, when the authentication information possessed by one user is specified from the registered N authentication information and authenticated, there is a problem in the authentication accuracy. In particular, when realizing the settlement business of the product price using biometric authentication and the survival confirmation business of the pensioner, the account of the user identified by mistake may be used for payment or the pensioner may have died. Nevertheless, it is not desirable because the pension may be paid to the pensioner who is mistakenly identified.

Therefore, in one aspect, it is an object of the present invention to provide a business processing program, a business processing method, and a business processing apparatus capable of executing business processing with high authentication accuracy.

In one embodiment, the business processing program receives and receives the result of the first authentication processing using the first authentication information corresponding to the first user identification information in the first authentication terminal. When it is determined that the result of the authentication process is successful, the first user identification information and the first authentication terminal or the second authentication terminal corresponding to the first authentication terminal are used. With reference to the storage unit that stores the combination with the user identification information of 2 for each combination, the first user identification information received from the first authentication terminal as a result of the first authentication process is supported. acquiring the second user identification information, the acquired second user identification information, prior Symbol successful authentication and the determined in association with the date and time information stored in the storage unit, stored in the storage unit the When the date and time information is within a predetermined period and the result of successful authentication is received for the second authentication process using the second authentication information associated with the first user identification information, the first item is received. It is characterized by executing business processing in response to a business request from an authentication terminal, and causing a computer to execute the processing.

Business processing can be executed with high authentication accuracy.

FIG. 1 is a diagram for explaining an example of a business processing system according to the first embodiment. FIG. 2 is an example of the hardware configuration of the authentication terminal. FIG. 3 is an example of the hardware configuration of the business server. FIG. 4 is an example of a block diagram of an authentication terminal, an authentication server, and a business server. FIG. 5 is an example of a biological information storage unit. FIG. 6 is an example of the bond information storage unit. FIG. 7 is an example of the situation information storage unit. FIG. 8 is an example of a processing sequence diagram showing the operation of the business processing system according to the first embodiment. 9 (a) to 9 (g) are examples of screen transitions of the authentication terminal. 10 (a) to 10 (c) are examples of state transitions of the biological information table. 11 (a) and 11 (b) are examples of state transitions of the bond information table. FIG. 12 is a processing sequence diagram (No. 1) showing an example of the operation of the business processing system according to the first embodiment. FIG. 13 is a processing sequence diagram (No. 2) showing an example of the operation of the business processing system according to the first embodiment. 14 (a) to 14 (e) are other examples of screen transitions of the authentication terminal. 15 (a) and 15 (b) are examples of state transitions in the status information table. FIG. 16 is a diagram for explaining an example of a business processing system according to the second embodiment. FIG. 17 is an example of a processing sequence diagram showing the operation of the business processing system according to the second embodiment.

Hereinafter, a mode for carrying out this case will be described with reference to the drawings.

(First Embodiment)
FIG. 1 is a diagram for explaining an example of the business processing system S according to the first embodiment. The business processing system S includes an authentication terminal 100, an authentication server 200, and a business server 300 as a business processing device. Although a tablet terminal is shown as an example of the authentication terminal 100 in FIG. 1, it may be a dedicated terminal or a general-purpose terminal having an authentication request function and a payment request function. In the first embodiment, the processing related to the settlement business such as the product price and the service fee will be described as an example of the business processing.

The authentication terminal 100 is a terminal device managed by various stores, and is installed in, for example, a cash register counter in the store. The authentication terminal 100 may be installed at an accounting counter such as the front desk of an accommodation facility. A biosensor 110 is connected to the authentication terminal 100 as an accessory. The biosensor 110 may be built in the authentication terminal 100. When a person using the business processing system S holds his / her hand over the biosensor 110, the authentication terminal 100 can acquire the information of the person's vein as biometric information through the biosensor 110.

Those who use the business processing system S include those who have the authority to settle various prices such as product prices and service charges (hereinafter referred to as the subject), and those who do not have the authority to settle these various prices but the subject. There is a person who assists the payment (hereinafter referred to as a supporter). Combinations of subjects and supporters include, for example, parents and their children, couples and lovers, dementia patients and their guardians. As a result, the subject cannot make a payment independently, and the subject can make a payment only with the assistance of a supporter.

The authentication server 200 is installed, for example, in the management office of the store described above. That is, the authentication server 200 is a so-called on-premises server device. An access point AP is connected to the authentication server 200. The authentication server 200 can be connected to the authentication terminal 100 by using the communication network NW1. Therefore, the authentication server 200 can acquire the biometric information acquired by the authentication terminal 100 and various other information. For example, the authentication server 200 can execute the authentication process of the subject and the supporter by using the biometric information. The communication network NW1 includes a Local Area Network (LAN) and the like. The LAN may be wireless communication or wired communication.

The business server 300 is installed in, for example, a data center DC on a cloud CL. The business server 300 can be connected to the authentication terminal 100 by using the communication network NW2 and the mobile base station BS. For example, when the authentication terminal 100 requests the business server 300 to perform payment processing based on the notification of successful authentication by the authentication server 200, the business server 300 pays the product price in response to the payment request requested by the authentication terminal 100. Or settle the service fee.

The communication network NW2 described above includes, for example, the Internet and a mobile communication network. Further, the above-mentioned authentication server 200 may be installed in the data center DC together with the business server 300. Further, a core banking system in which the bank manages the payment processing executed by the business server 300 may be performed. In this case, the business server 300 may send information required for settlement to the accounting system.

FIG. 2 is an example of the hardware configuration of the authentication terminal 100.

As shown in FIG. 2, the authentication terminal 100 includes a Central Processing Unit (CPU) 100A, a Random Access Memory (RAM) 100B, a Read Only Memory (ROM) 100C, a Non-Volatile Memory (NVM) 100D, and a Radio Frequency as processors. (RF) Includes circuit 100E. An antenna 100E'is connected to the RF circuit 100E. A CPU that realizes a communication function may be used instead of the RF circuit 100E.

Further, the authentication terminal 100 includes an input interface (denoted as I / F) 100F, a camera 100G, a touch panel 100H, a display 100I, and a microphone 100J. A biosensor 110 is connected to the input I / F 100F. The CPU 100A to the microphone 100J are connected to each other by the internal bus 100K. A computer is realized by at least the CPU 100A and the RAM 100B collaborating with each other. A Micro Processing Unit (MPU) may be used as a processor instead of the CPU 100A.

In the RAM 100B described above, the program stored in the ROM 100C or the NVM 100D is stored by the CPU 100A. When the CPU 100A executes the stored program, various functions described later are realized, and various processes described later are executed. The program may be adapted to the processing sequence diagram described later.

FIG. 3 is an example of the hardware configuration of the business server 300. Since the hardware configuration of the authentication server 200 is the same as the hardware configuration of the business server 300, the description thereof will be omitted.

As shown in FIG. 3, the business server 300 includes at least a CPU 300A, a RAM 300B, a ROM 300C, and a network I / F 300D as processors. The business server 300 may include at least one of a Hard Disk Drive (HDD) 300E, an input I / F300F, an output I / F300G, an input / output I / F300H, and a drive device 300I, if necessary. The CPU 300A and the drive device 300I are connected to each other by the internal bus 300J. A computer is realized by at least the CPU 300A and the RAM 300B collaborating with each other. The MPU may be used as a processor instead of the CPU 300A.

An input device 710 is connected to the input I / F 300F. The input device 710 includes, for example, a keyboard and a mouse. A display device 720 is connected to the output I / F 300G. The display device 720 includes, for example, a liquid crystal display. A semiconductor memory 730 is connected to the input / output I / F 300H. Examples of the semiconductor memory 730 include a Universal Serial Bus (USB) memory and a flash memory. The input / output I / F 300H reads programs and data stored in the semiconductor memory 730. The input I / F 300F and the input / output I / F 300H include, for example, a USB port. The output I / F 300G includes, for example, a display port.

A portable recording medium 740 is inserted into the drive device 300I. Examples of the portable recording medium 740 include removable discs such as Compact Disc (CD) -ROM and Digital Versatile Disc (DVD). The drive device 300I reads programs and data recorded on the portable recording medium 740. The network I / F 300D includes, for example, a LAN port. The network I / F300D is connected to the above-mentioned communication network NW.

In the RAM 300B described above, the program stored in the ROM 300C or the HDD 300E is stored by the CPU 300A. The program recorded on the portable recording medium 740 is stored in the RAM 300B by the CPU 300A. When the CPU 300A executes the stored program, various functions described later are realized, and various processes described later are executed. The program may be adapted to the processing sequence diagram described later.

Next, the functions of the authentication terminal 100, the authentication server 200, and the business server 300 will be described with reference to FIGS. 4 to 7.

FIG. 4 is an example of a block diagram of the authentication terminal 100, the authentication server 200, and the business server 300. FIG. 5 is an example of the biological information storage unit 201. FIG. 6 is an example of the bond information storage unit 301. FIG. 7 is an example of the situation information storage unit 302.

First, the authentication terminal 100 will be described. As shown in FIG. 4, the authentication terminal 100 includes an input unit 101, a display unit 102, a communication unit 103, and a control unit 104. The input unit 101, the display unit 102, and the communication unit 103 are each realized by, for example, the touch panel 100H, the display 100I, and the RF circuit 100E described above. The control unit 104 is realized by, for example, the CPU 100A and the RAM 100B described above.

The input unit 101 receives various types of information input based on the above-mentioned operations by the subject and the supporter. When the input unit 101 receives the information, it outputs the information to the control unit 104. The display unit 102 displays various screen guidance based on the control by the control unit 104. For example, the display unit 102 displays screen guidance for the subject or supporter who prompts the reading of biometric information, or displays screen guidance for requesting selection of a payment method.

The communication unit 103 transmits the information output from the control unit 104 to the authentication server 200. For example, the communication unit 103 transmits the biometric information output from the control unit 104 to the authentication server 200. Further, the communication unit 103 receives various information and notifications transmitted from the authentication server 200 or the business server 300 and outputs them to the control unit 104. For example, the communication unit 103 receives the screen guidance information transmitted from the authentication server 200 and outputs it to the control unit 104. The control unit 104 receives the biometric information output from the biosensor 110 and outputs it to the communication unit 103. Further, the control unit 104 controls the display unit 102 based on various information and notifications output from the input unit 101 and the communication unit 103. As a result, the display unit 102 displays various screen guidance.

Next, the authentication server 200 will be described. As shown in FIG. 4, the authentication server 200 includes a biometric information storage unit 201, a communication unit 202, and an authentication processing unit 203. The biometric information storage unit 201 is realized by, for example, the HDD 300E described above. The communication unit 202 is realized by, for example, the network I / F300D described above. The authentication processing unit 203 is realized by, for example, the CPU 300A and the RAM 300B described above.

The biometric information storage unit 201 stores the biometric information of the subject and the supporter. More specifically, as shown in FIG. 5, the biometric information storage unit 201 manages the biometric information by the biometric information table T1. The biometric information table T1 includes a user ID, biometric information, and a user type as components. The user ID is identification information that identifies the subject and the supporter, respectively. Biological information is information about the living body of the subject and the supporter. The user type represents the type of the subject and the supporter. For example, the user type "support" indicates that the person is a supporter, and the user type "main" indicates that the person is the subject.

The communication unit 202 receives the screen guidance information output from the authentication processing unit 203 and transmits it to the authentication terminal 100. Further, the communication unit 202 receives the biometric information transmitted from the authentication terminal 100 and outputs it to the authentication processing unit 203. The authentication processing unit 203 outputs screen guidance information to the communication unit 202 based on the access from the authentication terminal 100. Further, when the authentication processing unit 203 receives the biometric information output from the communication unit 202, the user ID is generated, and the generated user ID is associated with the received biometric information and the user type specified by the screen guidance information. It is stored in the biometric information storage unit 201 for each user ID.

Next, the business server 300 will be described. As shown in FIG. 4, the business server 300 includes a bond information storage unit 301, a status information storage unit 302, a communication unit 303, and a business processing unit 304 as a processing unit. The bond information storage unit 301 and the situation information storage unit 302 are realized by, for example, the HDD 300E described above. The communication unit 303 is realized by, for example, the above-mentioned network I / F 300D. The business processing unit 304 is realized by, for example, the CPU 300A and the RAM 300B described above.

The bond information storage unit 301 stores bond information. More specifically, as shown in FIG. 6, the bond information storage unit 301 manages the bond information by the bond information table T2. The bond information table T2 includes a group ID and bond information as components. The group ID is identification information that identifies bond information. Kizuna information is information that combines the user ID of the subject and the user ID of the supporter. The user ID of the subject and the user ID of the supporter are associated with each other by the bond information.

The situation information storage unit 302 stores the situation information. The status information is information indicating the status of the supporter at the time of the authentication process of the supporter (specifically, the date and time of the authentication process and the installation location (or operation location) of the authentication terminal 100). More specifically, as shown in FIG. 7, the status information storage unit 302 manages the combination of the user ID, the authentication processing date and time, and the authentication terminal installation location as status information by the status information table T3. The status information table T3 identifies the authentication status (for example, the authentication date and time and the authentication location) at the time of the authentication process of the supporter and the subject assisted by the supporter. Although a specific example of the situation information is not shown in FIG. 7, a specific example of the situation information will be described later.

Returning to FIG. 4, the communication unit 303 receives the user ID of the subject or the supporter, the request for payment processing, and the information required for the payment of the product (for example, the price of the product) transmitted from the authentication terminal 100. The communication unit 303 outputs the received user ID, payment processing request, and information required for product payment to the business processing unit 304. Upon receiving, for example, the user ID of the subject, the business processing unit 304 determines whether or not the settlement conditions are satisfied. When the business processing unit 304 receives, for example, a request for payment processing and information required for payment, the business processing unit 304 executes the payment processing. For example, the business processing unit 304 withdraws the price of the product from the deposit account of the subject and settles the price of the product.

Subsequently, the operation of the business processing system S according to the first embodiment will be described.
First, the registration process of biometric information and bond information will be described with reference to FIGS. 8 to 11.

FIG. 8 is an example of a processing sequence diagram showing the operation of the business processing system S according to the first embodiment. 9 (a) to 9 (g) are examples of screen transitions of the authentication terminal 100. 10 (a) to 10 (c) are examples of state transitions of the biological information table T1. 11 (a) and 11 (b) are examples of state transitions of the bond information table T2.

First, as shown in FIG. 8, the control unit 104 of the authentication terminal 100 transmits the biometric information of the supporter to the authentication server 200 (step S101). For example, when the supporter or the main body operates the input unit 101 of the authentication terminal 100 to request screen guidance for registering biometric information from the authentication server 200, the control unit 104 receives the screen guidance from the authentication server 200 via the communication unit 103. Accept the screen guidance of. When the control unit 104 receives the screen guidance, the control unit 104 displays the first screen guidance on the display unit 102 as shown in FIG. 9A, and then displays the first screen guidance on the display unit 102 as shown in FIG. 9B. Display the second screen guidance. The supporter holds his / her hand over the biosensor 110 based on the first screen guidance and the second screen guidance. When the biosensor 110 finishes reading the biometric information of the supporter, the control unit 104 displays a third screen guide on the display unit 102 as shown in FIG. 9C. Then, the control unit 104 receives the biometric information of the supporter read by the biosensor 110, and transmits the received biometric information of the supporter to the authentication server 200 via the communication unit 103.

When the process of step S101 is completed, the authentication processing unit 203 of the authentication server 200 registers the biometric information of the supporter (step S201). More specifically, when the supporter's biometric information is transmitted from the authentication terminal 100, the communication unit 202 receives the biometric information, and the authentication processing unit 203 receives the biometric information received by the communication unit 202. When the authentication processing unit 203 receives the biometric information, it generates a user ID and determines the user type based on the screen guidance, and associates the generated user ID with the accepted biometric information and the determined user type to store the biometric information storage unit. Register with 201. For example, as shown in FIG. 10 (a), when a plurality of biometric information is already registered, the authentication processing unit 203 accepts the generated user ID “aaaaaa” as shown in FIG. 10 (b). The biometric information "########" and the determined user type "support" are associated and registered in the biometric information storage unit 201.

Depending on the registered biometric information, it may be similar to the already registered biometric information. For example, in the present embodiment, the biometric information of the user ID "aaaaaa", the user ID "bbbbbb", and the user ID "cccccc" are similar to each other. Details will be described later, but for example, when the authentication processing unit 203 receives the biometric information "########" transmitted from the authentication terminal 100, the user ID "aaaaaa" is uniquely specified only by the biometric information. The authentication processing unit 203 may extract the user ID "aaaaaa", the user ID "bbbbbb", and the user ID "cccccc".

When the process of step S201 is completed, the authentication processing unit 203 transmits the user ID of the supporter to the authentication terminal 100 (step S202). More specifically, the authentication processing unit 203 transmits the user ID of the supporter to the authentication terminal 100 via the communication unit 202 together with the notification of the completion of registration of the biometric information. When the control unit 104 of the authentication terminal 100 receives the user ID of the supporter, the control unit 104 holds the user ID of the supporter. Then, the control unit 104 displays the fourth screen guide on the display unit 102 as shown in FIG. 9 (d), and then the fifth screen guide is displayed on the display unit 102 as shown in FIG. 9 (e). Display screen guidance.

When the process of step S202 is completed, the control unit 104 of the authentication terminal 100 then transmits the biometric information of the subject to the authentication server 200 (step S102). More specifically, when the control unit 104 displays the fifth screen guidance on the display unit 102, the subject holds his / her hand over the biosensor 110 based on the fifth screen guidance. As a result, the control unit 104 receives the biometric information of the subject output from the biosensor 110, and transmits the received biometric information of the subject to the authentication server 200 via the communication unit 103.

When the process of step S102 is completed, the authentication processing unit 203 of the authentication server 200 registers the biometric information of the subject (step S203). More specifically, when the biometric information of the subject is transmitted from the authentication terminal 100, the communication unit 202 receives the biometric information, and the authentication processing unit 203 receives the biometric information received by the communication unit 202. When the authentication processing unit 203 receives the biometric information, it generates a user ID and determines the user type based on the screen guidance, and associates the generated user ID with the accepted biometric information and the determined user type to store the biometric information storage unit. Register with 201. For example, as shown in FIG. 10 (b), when a plurality of biometric information is already registered, the authentication processing unit 203 accepts the generated user ID “AAAAAA” as shown in FIG. 10 (c). The biometric information "&&&&&&&&" and the determined user type "main" are associated and registered in the biometric information storage unit 201.

When the process of step S203 is completed, the authentication processing unit 203 transmits the user ID of the subject to the authentication terminal 100 (step S204). More specifically, the authentication processing unit 203 transmits the user ID of the subject to the authentication terminal 100 via the communication unit 202 together with the notification of the completion of registration of the biometric information. When the control unit 104 of the authentication terminal 100 receives the user ID of the subject, it holds the user ID of the subject. Then, as shown in FIG. 9 (f), the control unit 104 displays the sixth screen guidance on the display unit 102. The sixth screen guide is a screen asking whether or not the bond information needs to be registered.

When the control unit 104 detects that the button 11 for instructing the registration request for bond information is pressed from the input unit 101, the control unit 104 transmits the held user IDs of the supporter and the subject to the business server 300 (step S103). When the process of step S103 is completed, the business processing unit 304 of the business server 300 registers the bond information (step S301). More specifically, when the business processing unit 304 receives each user ID of the supporter and the subject through the communication unit 303, the group ID is generated, and the combination of the supporter's user ID and the subject's user ID is used as bond information. It is registered in the bond information storage unit 301 in association with the generated group ID. For example, as shown in FIG. 11 (a), when a plurality of bond information is already registered, the business processing unit 304 has the group ID “0003” and the bond information “AAAAAA” as shown in FIG. 11 (b). , Aaaaaa ”is associated and registered in the bond information storage unit 301.

When the processing of step S301 is completed, the business processing unit 304 transmits the registration completion notification of the bond information to the authentication terminal 100 via the communication unit 303. When the control unit 104 receives the registration completion notification of the bond information via the communication unit 103, the control unit 104 displays the seventh screen guidance on the display unit 102 as shown in FIG. 9 (g). As a result, the subject and the supporter can recognize the completion of registration of the bond information.

Next, the settlement process will be described with reference to FIGS. 12 to 15.

FIG. 12 is a processing sequence diagram (No. 1) showing an example of the operation of the business processing system S according to the first embodiment. FIG. 13 is a processing sequence diagram (No. 2) showing an example of the operation of the business processing system S according to the first embodiment. 14 (a) to 14 (e) are other examples of screen transitions of the authentication terminal 100. 15 (a) and 15 (b) are examples of state transitions of the status information table T3.

First, as shown in FIG. 12, the control unit 104 of the authentication terminal 100 transmits the biometric information of the supporter to the authentication server 200 (step S111). For example, when the supporter or the main body operates the input unit 101 of the authentication terminal 100 to input the product price and requests the screen guidance for authenticating the biometric information from the authentication server 200, the control unit 104 causes the communication unit 103. The screen guidance from the authentication server 200 is accepted via. When the control unit 104 receives the screen guidance, the control unit 104 displays the eighth screen guidance on the display unit 102 as shown in FIG. 14A, and then displays the eighth screen guidance on the display unit 102 as shown in FIG. 14B. Display the ninth screen guidance. The supporter holds his / her hand over the biosensor 110 based on the eighth screen guidance and the ninth screen guidance. When the biosensor 110 finishes reading the biometric information of the supporter, the tenth screen guide is displayed on the display unit 102 as shown in FIG. 14 (c). Then, the control unit 104 receives the biometric information of the supporter read by the biosensor 110, and transmits the received biometric information of the supporter to the authentication server 200 via the communication unit 103. In particular, the supporter may hold his / her hand over the biosensor 110 without inputting the user ID assigned to him / her, which saves the trouble of inputting.

When the process of step S111 is completed, the authentication processing unit 203 of the authentication server 200 executes the authentication process (step S211). More specifically, first, the authentication processing unit 203 receives the biometric information of the supporter transmitted from the authentication terminal 100 through the communication unit 202. Then, the authentication processing unit 203 executes an authentication process for extracting a user ID candidate of a supporter according to the biometric information based on the received biometric information. For example, when the authentication processing unit 203 accepts the biometric information "##########", not only the biometric information matching the biometric information but also the biometric information similar to the biometric information is stored in the biometric information storage unit 201. Since it is stored in (see FIG. 10C), the authentication processing unit 203 extracts not only the user ID “aaaaaa” but also the user IDs “bbbbbb” and “cccccc” as user ID candidates.

When the process of step S211 is completed, the authentication processing unit 203 then transmits the user ID candidate of the supporter to the authentication terminal 100 (step S212). When the control unit 104 of the authentication terminal 100 receives the user ID candidate of the supporter via the communication unit 103, the control unit 104 of the authentication terminal 100 transmits the received user ID candidate of the supporter to the business server 300 (step S112). The control unit 104 may or may not retain the user ID candidate of the received supporter.

The business processing unit 304 of the business server 300 receives the user ID candidate of the supporter transmitted from the authentication terminal 100 (step S311). More specifically, the business processing unit 304 receives the user ID candidate of the supporter via the communication unit 303. When the processing of step S311 is completed, the business processing unit 304 then extracts the user ID candidate of the main body (step S312). More specifically, first, when the business processing unit 304 receives the user ID candidate of the supporter, the business processing unit 304 refers to the bond information storage unit 301. Next, the business processing unit 304 extracts the user ID candidate of the subject associated with the received user ID candidate of the supporter from the bond information storage unit 301. In the present embodiment, since the supporter user ID candidates "aaaaaa", "bbbbbb" and "cccccc" are received, the business processing unit 304 receives the user IDs "AAAAAA" and "AAAAAA" of the subject based on these user ID candidates. "BBBBBB" and "CCCCC" are extracted as user ID candidates of the subject (see FIG. 11B).

When the processing in step S312 is completed, the business processing unit 304 then stores the status information (step S313). More specifically, the business processing unit 304 stores the status information as status information by associating the user ID candidate of the subject extracted in the process of step S312, the storage date and time of the status information, and the sender of the received user ID candidate of the supporter. Store in unit 302. In particular, the business processing unit 304 stores the storage date and time of the status information as the authentication processing date and time in step S211 and stores the transmission source of the user ID candidate of the supporter as the installation location of the authentication terminal 100. As a result, for example, as shown in FIG. 15 (a), when the status information is not yet registered, the business processing unit 304 performs the user ID candidate and the authentication process of the subject as shown in FIG. 15 (b). The date and time and the installation location of the authentication terminal 100 are associated and stored in the status information storage unit 302. Although the details will be described later, the business processing unit 304 determines whether or not the settlement by the subject may be executed based on the situation information.

When the process of step S313 is completed, the business processing unit 304 then transmits the user ID candidate of the subject extracted in the process of step S312 to the authentication terminal 100 (step S314). When the process of step S314 is completed, as shown in FIG. 13, the control unit 104 of the authentication terminal 100 transmits the user ID candidate of the subject and the biometric information to the authentication server 200 (step S113). For example, when the control unit 104 of the authentication terminal 100 accepts the user ID candidate of the subject via the communication unit 103, the display unit 102 first displays the eleventh screen guidance as shown in FIG. 14 (d). The eleventh screen guidance includes the entered product price. When the subject pays for the product by biometric authentication, he / she holds his / her hand over the biometric sensor 110. When the subject does not settle the product price by biometric authentication, the subject presses the button 13 included in the eleventh screen guidance. The button 13 is an image instructing the selection of payment that does not use biometric authentication. When the subject holds his / her hand over the biosensor 110 based on the eleventh screen guidance and the biosensor 110 finishes reading the subject's biometric information, the control unit 104 selects the subject's user ID candidate and the biometric information. Send to the authentication server 200. In particular, the subject may also hold his / her hand over the biosensor 110 without inputting the user ID assigned to himself / herself, which saves the trouble of inputting.

When the process of step S113 is completed, the authentication processing unit 203 of the authentication server 200 executes the authentication process (step S213). More specifically, first, the authentication processing unit 203 receives the user ID candidate and biometric information of the subject transmitted from the authentication terminal 100 through the communication unit 202. Then, the authentication processing unit 203 executes an authentication process for specifying the user ID of the subject corresponding to the user ID candidate and the biometric information based on the received user ID candidate and the biometric information. For example, when the authentication processing unit 203 accepts the user ID candidates "AAAAAA", "BBBBBB" and "CCCCC" and the biometric information "&&&&&&&&", each combination of the user ID candidate and the biometric information is associated with the user type "main". Matching with the combination of the user ID and the biometric information, the user ID of the subject in the combination matching or similar to the combination is specified. In this embodiment, the combination of the accepted user ID candidate "AAAAAA" and the biometric information "&&&&&&&&" matches the combination of the user ID and the biometric information associated with the user type "main" (see FIG. 10 (c)). , The user ID candidate "AAAAAA" is specified as the user ID of the subject.

When the process of step S213 is completed, the authentication processing unit 203 transmits the user ID of the specified subject to the authentication terminal 100 (step S214). When the control unit 104 of the authentication terminal 100 receives the user ID of the subject via the communication unit 103, the control unit 104 of the authentication terminal 100 transmits the received user ID of the subject to the business server 300 (step S114). The control unit 104 may or may not hold the user ID of the received subject.

The business processing unit 304 of the business server 300 receives the user ID of the subject transmitted from the authentication terminal 100 (step S315). More specifically, the business processing unit 304 receives the user ID of the subject via the communication unit 303. When the processing in step S315 is completed, the business processing unit 304 then determines whether or not the settlement conditions are satisfied (step S316).

The settlement condition is a condition for determining whether or not to execute the settlement of the product price or the service charge. The settlement condition includes, for example, whether or not the authentication processing date and time stored in the status information storage unit 302 is within a predetermined period from the reception date and time of the user ID of the subject. The predetermined period includes several minutes, several tens of minutes, several hours, and the like. The reception date and time of the user ID of the subject may represent, for example, the authentication processing date and time in step S213. Further, as a payment condition, the location of the source of the user ID of the subject may be the same as the installation location of the authentication terminal 100 stored in the status information storage unit 302. Of these two payment conditions, the payment conditions for a predetermined period may be used independently, or both the payment conditions for a predetermined period and the payment conditions for the installation location may be used. Although the details will be described later, when the settlement conditions for a predetermined period are used independently, whether or not the installation location is the same is not limited, and the business processing unit 304 determines whether or not the settlement conditions for the predetermined period are satisfied. judge.

Here, when the business processing unit 304 determines, for example, that the above-mentioned two payment conditions are satisfied (step S316: YES), the business processing unit 304 notifies the authentication terminal 100 of the authentication success (step S317). When the control unit 104 of the authentication terminal 100 is notified that the authentication is successful, the control unit 104 requests the business server 300 to perform the payment process (step S115). When the payment processing is requested from the authentication terminal 100, the business processing unit 304 of the business server 300 executes the payment processing in response to the payment processing request (step S318).

When the processing of step S318 is completed, the business processing unit 304 sends a payment completion notification to the authentication terminal 100 via the communication unit 303. When the control unit 104 receives the payment completion notification via the communication unit 103, the control unit 104 displays the twelfth screen guidance on the display unit 102 as shown in FIG. 14 (e). As a result, the subject can recognize the completion of the payment process. If, for example, the business processing unit 304 determines that one or both of the above-mentioned two settlement conditions are not satisfied (step S316: NO), the subsequent processing is skipped.

As described above, according to the first embodiment, the business server 300 includes a business processing unit 304. The business processing unit 304 receives the user ID candidate of the supporter based on the authentication process using the biometric information of the supporter acquired by the authentication terminal 100. Further, the business processing unit 304 is a user of the subject based on the authentication process using the user ID candidate of the subject associated with the received user ID candidate of the supporter and the biometric information of the subject acquired by the authentication terminal 100. Receive the ID. When the business processing unit 304 determines that the authentication processing date and time of the supporter associated with the received user ID of the subject is within a predetermined period from the authentication processing date and time of the subject, the business processing unit 304 makes a payment request from the authentication terminal 100. Execute the corresponding payment process. As a result, in biometric authentication in which information other than biometric information (for example, user ID, date of birth, etc.) is not input or specified, payment can be made with high authentication accuracy. Since the biometric information of the subject assisted by the supporter is narrowed down by using the biometric information of the supporter, the subject can be identified with high authentication accuracy, and various charges can be settled at the request of the identified subject. can.

(Second Embodiment)
Subsequently, the second embodiment of the present case will be described with reference to FIGS. 16 and 17. In the second embodiment, a confirmation process for confirming the survival of pensioners and children will be described as an example of the business process.

FIG. 16 is a diagram for explaining an example of the business processing system S ′ according to the second embodiment. The business processing system S'is used by the subject such as the pensioner and the target child of the child allowance, and the supporter such as the family who cares for the pensioner and the guardian of the target child. The same components as those of the devices of the business processing system S shown in FIG. 1 are designated by the same reference numerals, and the description thereof will be omitted.

As shown in FIG. 16, the authentication terminal 100 is a terminal device managed by a long-term care facility or the like, and is installed in, for example, a lounge in the long-term care facility. On the other hand, the authentication server 200 is installed, for example, in the management office of the nursing care facility described above. The authentication terminal 100 may be installed in a living room in the home, for example, and the authentication server 200 may be installed in a room different from the living room such as a study in the home. When the authentication terminal 100 requests the business server 300 to perform the above-mentioned confirmation process based on the notification of the authentication success by the authentication server 200, the business server 300 executes the confirmation process in response to the confirmation request requested by the authentication terminal 100. That is, if both the subject and the supporter can operate the authentication terminal 100, the subject does not have to visit the local government to perform the pension payment application procedure and the child allowance application procedure, and the local government using the business server 300. It is also possible to confirm the survival and safety of the subject (for example, whether the subject is missing or not).

Subsequently, with reference to FIG. 17, the operation of the business processing system S'according to the second embodiment will be described. Since the registration process of biometric information and bond information is basically the same as that of the first embodiment, the description thereof will be omitted.

FIG. 17 is an example of a processing sequence diagram showing the operation of the business processing system S ′ according to the second embodiment. The same processing as in the processing sequence diagram shown in FIG. 13 is designated by the same reference numeral, and the description thereof will be omitted. Further, since the processing sequence diagram up to FIG. 17 is the same as the processing sequence diagram shown in FIG. 12, the description thereof will be omitted.

As shown in FIG. 17, when the processing of step S315 is completed, the business processing unit 304 then determines whether or not the confirmation condition is satisfied (step S321). The confirmation condition is a condition for determining whether or not to confirm the existence or safety of the subject. As a confirmation condition, for example, whether or not the authentication processing date and time stored in the status information storage unit 302 is within a predetermined period from the reception date and time of the user ID of the subject. Further, as a confirmation condition, it may be whether or not the location of the source of the user ID of the subject is the same as the installation location of the authentication terminal 100 stored in the status information storage unit 302. Of these two confirmation conditions, the confirmation condition regarding the predetermined period may be used independently, or both the confirmation condition regarding the predetermined period and the confirmation condition regarding the installation location may be used. When the confirmation condition for a predetermined period is used independently, whether or not the installation location is the same is not limited, and the business processing unit 304 determines whether or not the confirmation condition for the predetermined period is satisfied.

Here, when the business processing unit 304 determines, for example, that the above-mentioned two confirmation conditions are satisfied (step S321: YES), the business processing unit 304 notifies the authentication terminal 100 of the authentication success (step S322). When the control unit 104 of the authentication terminal 100 is notified that the authentication is successful, the control unit 104 requests the business server 300 for the confirmation process (step S121). When the confirmation process is requested from the authentication terminal 100, the business processing unit 304 of the business server 300 executes the confirmation process in response to the request for the confirmation process (step S323).

When the process of step S323 is completed, the business processing unit 304 sends a confirmation completion notification to the authentication terminal 100 via the communication unit 303. When the control unit 104 receives the confirmation completion notification via the communication unit 103, the control unit 104 displays a screen guide notifying the confirmation completion to the display unit 102. As a result, the subject can recognize the completion of the confirmation process. If, for example, the business processing unit 304 determines that one or both of the above two confirmation conditions are not satisfied (step S321: NO), the subsequent processing is skipped.

As described above, according to the second embodiment, when the business processing unit 304 determines that the authentication processing date and time of the supporter associated with the received user ID of the subject is within a predetermined period from the authentication processing date and time of the subject. In addition, the confirmation process corresponding to the confirmation request from the authentication terminal 100 is executed. This makes it possible to confirm the survival and safety of the subject with high authentication accuracy in biometric authentication in which information other than biometric information (for example, user ID and date of birth) is not input or specified. Since the biometric information of the subject assisted by the supporter is narrowed down by using the biometric information of the supporter, the subject can be identified with high authentication accuracy, and the survival and safety of the subject can be determined at the request of the identified subject. You can check.

Although the preferred embodiments of the present invention have been described in detail above, the present invention is not limited to the specific embodiments of the present invention, and various modifications are made within the scope of the gist of the present invention described in the claims.・ Can be changed. For example, the similarity determination in the above-described embodiment may be performed using a threshold value. The input of the product price may be performed based on the image pickup of the product by the authentication terminal 100.

For example, in the above-described embodiment, vein information is used as an example of biological information, but fingerprint or iris information may be used as biological information. Further, in the above-described embodiment, the biometric information is represented by a symbol, but the biometric information may be a character, a number, a combination thereof, an image, or the like.

For example, in the first embodiment and the second embodiment described above, one authentication terminal 100 is used for the authentication process by the authentication server 200 and the payment process and confirmation process by the business server 300. For example, the authentication terminal 100 and the authentication terminal 100 are used. Prepare another authentication terminal (not shown) corresponding to the above, install the authentication terminal 100 in the cash register counter in the store, the discourse room in the nursing facility, etc., and install another authentication terminal in the store where the authentication terminal 100 is installed. Or it may be installed in another place in the care facility, or it may be installed in a predetermined place outside the store or the care facility. In this case, for example, the authentication terminal 100 is operated by the subject, and another authentication terminal is operated by the supporter. As a result, even if the subject and the supporter are in different places, each authentication can be performed within a predetermined period.

The following additional notes will be further disclosed with respect to the above explanation.
(Appendix 1) The result of the first authentication process using the first authentication information corresponding to the first user identification information in the first authentication terminal is received, and the received result of the first authentication process is authentication. When it is determined that the authentication is successful, the first authentication terminal or the second authentication terminal corresponding to the first authentication terminal has the first authentication within a predetermined period after the determination is successful. When the result of successful authentication is received for the second authentication process using the second authentication information associated with the user identification information of, the business process according to the business request from the first authentication terminal is executed. A business processing program characterized by having a computer execute processing.
(Appendix 2) The first user identification information and the combination of the second user identification information in the first authentication terminal or the second authentication terminal are stored in each combination with reference to the first user identification information. The business processing program according to Appendix 1, which comprises a process of acquiring the second user identification information according to the first user identification information received from the authentication terminal of 1.
(Appendix 3) The process of executing the business process includes the process of associating the acquired second user identification information with the information of the date and time when the authentication is determined to be successful and storing the information in the storage unit. The business processing program according to Appendix 2, wherein the business processing is executed when the date and time information stored in the above-mentioned date and time is within the predetermined period.
(Appendix 4) A process of associating the acquired second user identification information, the information of the date and time when the authentication is determined to be successful, and the information of the place where the first authentication terminal is installed and storing it in the storage unit. In the process of executing the business process, the date and time information stored in the storage unit is within the predetermined period, and the information of the location stored in the storage unit is the first authentication terminal. Alternatively, the business processing program according to Appendix 2, wherein the business processing is executed when the information of the place where the second authentication terminal is installed corresponds to the information.
(Appendix 5) Receives a candidate for the first user identification information based on the first authentication process using the first authentication information acquired by the authentication terminal, and associates the received candidate with the first user identification information. The second user who received and received the second user identification information based on the second authentication process using the candidate of the second user identification information obtained and the second authentication information acquired by the authentication terminal. When it is determined that the processing date and time of the first authentication process associated with the identification information is within a predetermined period from the processing date and time of the second authentication process, the business process corresponding to the business request from the authentication terminal is performed. A business processing program characterized by having a computer execute the processing to be executed.
(Appendix 6) The combination of the first user identification information and the second user identification information is used as a candidate for the received first user identification information by referring to the first storage unit that stores each combination. The business processing program according to Appendix 5, wherein the processing is included in extracting the candidate of the second user identification information according to the above.
(Appendix 7) The business process is executed, including a process of associating the extracted candidate for the second user identification information with the information of the processing date and time of the first authentication process and storing the information in the second storage unit. The processing is described in Appendix 6 characterized in that the business processing is executed when the information on the processing date and time of the first authentication processing stored in the second storage unit is within the predetermined period. Business processing program.
(Appendix 8) The extracted second user identification information candidate, the processing date and time information of the first authentication process, and the information of the place where the authentication terminal is installed are associated with each other in the second storage unit. In the process of executing the business process including the process of storing, the information of the processing date and time of the first authentication process stored in the second storage unit is within the predetermined period, and the second storage unit The business processing program according to Appendix 6, wherein the business processing is executed when the information of the location stored in the above corresponds to the information of the location where the authentication terminal is installed.
(Supplementary Note 9) The business processing program according to any one of Supplementary note 1 to 8, wherein the first authentication information and the second authentication information are both biometric information.
(Appendix 10) The result of the first authentication process using the first authentication information corresponding to the first user identification information in the first authentication terminal is received, and the received result of the first authentication process is authentication. When it is determined that the authentication is successful, the first authentication terminal or the second authentication terminal corresponding to the first authentication terminal has the first authentication within a predetermined period after the determination is successful. When the result of successful authentication is received for the second authentication process using the second authentication information associated with the user identification information of, the business process according to the business request from the first authentication terminal is executed. A business processing method characterized in that processing is executed by a computer.
(Appendix 11) The result of the first authentication process using the first authentication information corresponding to the first user identification information in the first authentication terminal is received, and the received result of the first authentication process is authentication. When it is determined that the authentication is successful, the first authentication terminal or the second authentication terminal corresponding to the first authentication terminal has the first authentication within a predetermined period after the determination is successful. When the result of successful authentication is received for the second authentication process using the second authentication information associated with the user identification information of, the business process according to the business request from the first authentication terminal is executed. A business processing device characterized by comprising a processing unit that performs processing.
(Appendix 12) The processing unit refers to a storage unit that stores a combination of the first user identification information and the second user identification information in the first authentication terminal or the second authentication terminal for each combination. The business processing apparatus according to Appendix 11, wherein the second user identification information corresponding to the first user identification information received from the first authentication terminal is acquired.
(Appendix 13) The processing unit associates the acquired second user identification information with the information on the date and time when the authentication is determined to be successful, and stores the information in the storage unit, and the information on the date and time stored in the storage unit. The business processing apparatus according to Appendix 12, wherein the business processing is executed when is within the predetermined period.
(Appendix 14) The processing unit stores the acquired second user identification information, the information on the date and time when the authentication is determined to be successful, and the information on the place where the first authentication terminal is installed in association with each other. The information on the date and time stored in the storage unit is within the predetermined period, and the information on the location stored in the storage unit is installed by the first authentication terminal or the second authentication terminal. The business processing apparatus according to Appendix 12, wherein the business processing is executed when the information of the location is supported.
(Supplementary Note 15) The business processing apparatus according to any one of Supplementary note 11 to 14, wherein the first authentication information and the second authentication information are both biometric information.

S Business processing system 100 Authentication terminal 110 Biosensor 200 Authentication server 300 Business server 301 Bond information storage unit 302 Status information storage unit 303 Communication department 304 Business processing department

Claims (5)

Upon receiving the result of the first authentication process using the first authentication information corresponding to the first user identification information in the first authentication terminal,
When it is determined that the result of the first authentication process received is the authentication success, the first user identification information and the second authentication terminal corresponding to the first authentication terminal or the first authentication terminal are supported. The first user received from the first authentication terminal as a result of the first authentication process with reference to a storage unit that stores a combination with the second user identification information in the authentication terminal for each combination. The second user identification information corresponding to the identification information is acquired, and the second user identification information is acquired.
The acquired second user identification information, prior Symbol successful authentication and the determined in association with the date and time information stored in the storage unit,
The result of successful authentication for the second authentication process using the second authentication information associated with the first user identification information when the date and time information stored in the storage unit is within a predetermined period. Is received, the business process according to the business request from the first authentication terminal is executed.
A business processing program characterized by having a computer execute processing. Upon receiving the result of the first authentication process using the first authentication information corresponding to the first user identification information in the first authentication terminal,
When it is determined that the result of the first authentication process received is the authentication success, the first user identification information and the second authentication terminal corresponding to the first authentication terminal or the first authentication terminal are supported. The first user received from the first authentication terminal as a result of the first authentication process with reference to a storage unit that stores a combination with the second user identification information in the authentication terminal for each combination. The second user identification information corresponding to the identification information is acquired, and the second user identification information is acquired.
And the acquired second user identification information, prior Symbol authentication and date information determined to be successful, the first authentication terminal in association with information of the installation location is stored in the storage unit,
The date and time information stored in the storage unit is within a predetermined period, and the information of the location stored in the storage unit is the location where the first authentication terminal or the second authentication terminal is installed. When the information is dealt with, when the result of the successful authentication is received for the second authentication process using the second authentication information associated with the first user identification information, the business from the first authentication terminal is received. Execute business processing according to the request,
A business processing program characterized by having a computer execute processing. The first authentication information and the second authentication information are both biometric information.
The business processing program according to claim 1 or 2, wherein the program is characterized by the above. Upon receiving the result of the first authentication process using the first authentication information corresponding to the first user identification information in the first authentication terminal,
When it is determined that the result of the first authentication process received is the authentication success, the first user identification information and the second authentication terminal corresponding to the first authentication terminal or the first authentication terminal are supported. The first user received from the first authentication terminal as a result of the first authentication process with reference to a storage unit that stores a combination with the second user identification information in the authentication terminal for each combination. The second user identification information corresponding to the identification information is acquired, and the second user identification information is acquired.
The acquired second user identification information, prior Symbol successful authentication and the determined in association with the date and time information stored in the storage unit,
The result of successful authentication for the second authentication process using the second authentication information associated with the first user identification information when the date and time information stored in the storage unit is within a predetermined period. Is received, the business process according to the business request from the first authentication terminal is executed.
A business processing method characterized in that a computer executes processing. Upon receiving the result of the first authentication process using the first authentication information corresponding to the first user identification information in the first authentication terminal,
When it is determined that the result of the first authentication process received is the authentication success, the first user identification information and the second authentication terminal corresponding to the first authentication terminal or the first authentication terminal are supported. The first user received from the first authentication terminal as a result of the first authentication process with reference to a storage unit that stores a combination with the second user identification information in the authentication terminal for each combination. The second user identification information corresponding to the identification information is acquired, and the second user identification information is acquired.
The acquired second user identification information, prior Symbol successful authentication and the determined in association with the date and time information stored in the storage unit,
The result of successful authentication for the second authentication process using the second authentication information associated with the first user identification information when the date and time information stored in the storage unit is within a predetermined period. Is received, the business process according to the business request from the first authentication terminal is executed.
A business processing apparatus characterized by comprising a processing unit that performs processing.

Images