JP6996922B2 - Certification systems, goods and programs - Google Patents

Description

The present invention relates to authentication systems, articles and programs.

An authentication processing system that acquires a password for user authentication by detecting the position of a user's fingertip using gesture recognition technology is known.
[Patent Document]
[Patent Document 1] Japanese Unexamined Patent Publication No. 2016-115199

It is desired to improve user convenience while maintaining safety.

In the first aspect of the present invention, an authentication system is provided. The above authentication system utilizes, for example, at least a part of the user's body to authenticate the user. In the above authentication system, for example, when the target of the authentication process is unlikely to be a legitimate user, the authentication is stricter than when the target of the authentication process is likely to be a legitimate user. It is configured to be difficult.

The above-mentioned authentication system may include a determination target acquisition unit that acquires information on the three-dimensional shape of at least a part of the body of the subject to be the authentication process as the determination target of the authentication process. The above authentication system has (i) information on at least a part of the three-dimensional shape of the user's body registered in advance as a comparison target of the authentication process, and (ii) at least the body of the target person acquired by the determination target acquisition unit. An authentication unit that authenticates the user based on the information about a part of the three-dimensional shape may be provided. The above-mentioned authentication system may include a standard determination unit that determines a determination standard in the authentication process based on the information acquired by the determination target acquisition unit. In the above authentication system, the determination criteria in the authentication process are (i) whether or not the three-dimensional shape of at least a part of the user's body matches or is similar to the three-dimensional shape of at least a part of the subject's body. At least one of the criteria, (ii) the criteria for the permissible trial period, (iii) the criteria for the number of trials allowed, and (iv) the criteria for notifying a hint or guide regarding the authentication process. May include one.

The above authentication system may include a biometric information acquisition unit that acquires biometric information of the subject. In the above authentication system, (i) whether the biometric information of the user registered in advance as a comparison target of the authentication process and (ii) the biometric information of the target person acquired by the biometric information acquisition unit match or are similar. It may be provided with a biological information determination unit for determining whether or not. In the above authentication system, the criterion determination unit authenticates the authentication unit when (a) the biometric information determination unit determines that (i) the biometric information of the user and (ii) the biometric information of the target person match or are similar. The criteria may be adjusted to facilitate. In the above authentication system, the criterion determination unit determines that (b) the biometric information determination unit (i) the biometric information of the user and (ii) the biometric information of the target person do not match or are similar to each other. Criteria may be adjusted to make certification strict or difficult.

The above-mentioned authentication system is acquired by (i) a three-dimensional shape indicated by information regarding a three-dimensional shape of at least a part of the user's body, which is registered in advance as a comparison target of the authentication process, and (ii) a determination target acquisition unit. It may be provided with a matching degree determining unit that determines the degree to which the three-dimensional shapes indicated by the information on the three-dimensional shape of at least a part of the subject's body match or are similar. In the above authentication system, the criterion determination unit adjusts the determination criteria so that (a) the degree determined by the match degree determination unit satisfies the predetermined first condition, and the authentication by the authentication unit is facilitated. You can do it. In the above-mentioned authentication system, the standard determination unit (b) determines that the degree determined by the matching degree determination unit satisfies the predetermined second condition, and the authentication in the certification unit becomes strict or difficult. May be adjusted.

In the above authentication system, the standard determination unit may adjust the determination standard based on the instruction from the user authenticated by the authentication method different from the authentication method based on the three-dimensional shape. In the above authentication system, the determination target acquisition unit determines (i) information about at least a part of the three-dimensional shape of the target person's body and (ii) the target person's body in the input area of the determination target as the determination target of the authentication process. You may get information about at least a part of the position of. In the above authentication system, the authentication unit has (i) information on the three-dimensional shape of at least a part of the user's body registered in advance as a comparison target of the authentication process, and (ii) the target person acquired by the determination target acquisition unit. Information on the three-dimensional shape of at least a part of the body of the user, information on the position of at least a part of the user's body in the input area registered in advance as a comparison target of (iii) authentication processing, and (iv) a determination target acquisition unit. May authenticate the user based on the information obtained by the user regarding the position of at least a part of the subject's body in the input area.

The above authentication system uses a means that makes it difficult for a third party around the target person to perceive the content compared to the target person, and (i) the result of the authentication process and (ii) a hint regarding the authentication process. Alternatively, it may be provided with a notification unit that notifies the target person of at least one of the guide. The above-mentioned authentication system may include a shielding portion arranged at a position that is a line of sight of a third party existing around the target person and blocks the line of sight to the input area of the determination target.

In the second aspect of the invention, an authentication system is provided. The above authentication system utilizes, for example, at least a part of the user's body to authenticate the user. The above-mentioned authentication system includes, for example, a determination target acquisition unit that acquires information on the three-dimensional shape of at least a part of the body of the target person to be the authentication process as the determination target of the authentication process. The above-mentioned authentication system includes, for example, a shielding unit arranged at a position that blocks the line of sight of a third party existing around the target person and the input area of the determination target. The above-mentioned authentication system uses, for example, a means that makes it difficult for a third party to perceive the content as compared with the target person, and (i) the result of the authentication process and (ii) a hint or guide regarding the authentication process. It is equipped with a notification unit that notifies the target person of one of them.

In the third aspect of the invention, the article is provided. The article comprises, for example, the authentication system according to the first or second aspect of the above. The above-mentioned article includes, for example, an instruction receiving unit that receives an instruction for operating the article from a user. The above-mentioned article includes, for example, an instruction execution unit that executes an operation of the article based on an instruction received by the instruction reception unit. In the above-mentioned article, the instruction receiving unit may have a gesture input unit that detects the user's gesture and accepts the instruction.

In a fourth aspect of the invention, a program is provided. The above-mentioned program may be a program for making a computer function as an authentication system in the above-mentioned first aspect or the second aspect. A computer-readable medium for storing the above program may be provided. The computer-readable medium may be a non-temporary computer-readable recording medium.

The outline of the above invention does not list all the necessary features of the present invention. A subcombination of these feature groups can also be an invention.

An example of the system configuration of the ATM management system 100 is shown schematically. An example of the internal configuration of the control unit 140 is schematically shown. An example of the internal configuration of the authentication server 104 is shown schematically. An example of the change over time in the degree of shape matching is shown schematically. An example of the change over time in the degree of shape matching is shown schematically. An example of the data table 600 is shown schematically.

Hereinafter, the present invention will be described through embodiments of the invention, but the following embodiments do not limit the invention to which the claims are made. Also, not all combinations of features described in the embodiments are essential to the means of solving the invention. In the drawings, the same or similar parts may be given the same reference number to omit duplicate explanations.

[Overview of ATM management system 100]
FIG. 1 schematically shows an example of a system configuration of an ATM management system 100. In the present embodiment, the ATM management system 100 manages cash deposits and payments. According to the embodiment described in relation to FIG. 1, the ATM management system 100 takes as an example the identity verification process of an ATM user 12 in an automated teller machine (may be abbreviated as ATM). The outline of the user authentication process in the above is explained. In the present embodiment, the ATM management system 100 uses at least a part of the body of the ATM user 12 to authenticate the ATM user 12.

In the present embodiment, the ATM user 12 may be a regular user registered in the ATM management system 100, or may not be a regular user. The ATM user 12 may be an agent of a legitimate user.

In the present embodiment, the ATM management system 100 includes an ATM 102 and an authentication server 104. The ATM management system 100 may have a plurality of ATMs 102. In the present embodiment, the ATM 102 and the authentication server 104 send and receive information via the communication network 10. In the present embodiment, the ATM 102 includes a housing 120, a control unit 140, an input unit 142, an output unit 144, a card reader 146, and a deposit / withdrawal unit 148. In this embodiment, the ATM 102 may have a cover 160. In the present embodiment, the cover 160 is provided with an opening 162 for the ATM user 12 to insert his / her hand inside the cover 160.

The ATM user 12 may be an example of a user. The ATM user 12 may be an example of a target person who is the target of the authentication process. The ATM management system 100 may be an example of an authentication system and an article. The ATM 102 may be an example of an authentication system and an article. The authentication server 104 may be an example of an authentication system. The control unit 140 may be an example of an instruction receiving unit and an instruction executing unit. The input unit 142 may be an example of a determination target acquisition unit and a biological information acquisition unit. The output unit 144 may be an example of a notification unit. The cover 160 may be an example of a shielding portion.

In the present embodiment, the communication network 10 may be a transmission line for wired communication, a transmission line for wireless communication, or a combination of a transmission line for wireless communication and a transmission line for wired communication. .. The communication network 10 may include a wireless packet communication network, the Internet, a P2P network, a dedicated line, a VPN, and the like. The communication network 10 may include (i) a mobile communication network such as a mobile phone network, and (ii) a wireless MAN (eg, WiMAX®), a wireless LAN (eg, WiFi (registered trademark)). ), Bluetooth®, Zigbee®, NFC (Near Field Communication) and other wireless communication networks may be included.

[Overview of each part of ATM management system 100]
In the present embodiment, the ATM 102 uses at least a part of the body of the ATM user 12 to authenticate the ATM user 12. When the ATM user 12 is a legitimate user, the authentication is successful, and the ATM 102 receives an instruction for operating the ATM 102 from the ATM user 12. Further, the ATM 102 executes the operation of the ATM 102 based on the above instructions. Examples of the above operation include an operation for inquiring a balance, an operation for depositing cash, an operation for paying out cash, and the like. On the other hand, if the ATM user 12 is not a legitimate user, the authentication fails, and the ATM 102 notifies the ATM user 12 of a message indicating that the authentication has failed. The legitimate user may be a user registered in the ATM management system 100.

In the present embodiment, when the ATM user 12 is a third party different from the legitimate user, the ATM 102 is stricter or more difficult to authenticate than the case where the ATM user 12 is a legitimate user. It is configured to be. As a result, spoofing by a third party can be suppressed.

For example, the ATM 102 acquires information from the authentication server 104 regarding whether or not the ATM user 12 is likely to be a third party different from the legitimate user in the process of the authentication process of the ATM user 12. In one embodiment, when the ATM user 12 is likely to be a third party, the authentication process of the ATM user 12 is performed more strictly than when the ATM user 12 is a legitimate user. In another embodiment, when the ATM user 12 is likely to be a third party, the authentication process of the ATM user 12 becomes more difficult than when the ATM user 12 is a legitimate user. Processing is executed. The above processes include (i) a process for reducing the upper limit of the number of trials, (ii) a process for reducing the time allowed for each trial, and (iii) comparison with the determination target. At least one of the processes for increasing the threshold value regarding the degree of matching or similarity with the object (sometimes referred to as the degree of matching) can be exemplified.

In the ATM 102, when the ATM user 12 is likely to be a legitimate user, it is unknown whether the ATM user 12 is a legitimate user, or the ATM user 12 is a third party. It may be configured to facilitate authentication as compared to the case where it is likely to be. As a result, when the ATM user 12 is a third party, the authentication process of the ATM user 12 may be stricter or more difficult than when the ATM user 12 is a legitimate user.

For example, the ATM 102 acquires information from the authentication server 104 regarding whether or not the ATM user 12 is likely to be a legitimate user in the process of authenticating the ATM user 12. When there is a high possibility that the ATM user 12 is a legitimate user, a process that facilitates the authentication process of the ATM user 12 is executed. The above-mentioned processes include (i) a process for increasing the upper limit of the number of trials, (ii) a process for increasing the time allowed for each trial, and (iii) a threshold value for the degree of agreement. At least one of the treatments for reducing the amount can be exemplified.

In the present embodiment, the control unit 140 controls information processing in the ATM 102. The control unit 140 may control the operation of the ATM 102. The control unit 140 may execute a part or all steps of the authentication process of the ATM user 12. The control unit 140 may receive an instruction for operating the ATM 102 from the ATM user 12. For example, the control unit 140 receives an instruction for operating the ATM 102 when the authentication of the ATM user 12 is successful. The control unit 140 may execute the operation of the ATM 102 based on the above instruction.

The control unit 140 may send and receive information between the input unit 142, the output unit 144, the card reader 146, and the deposit / withdrawal unit 148. The control unit 140 may send and receive information to and from the authentication server 104 via the communication network 10. In one embodiment, the control unit 140 is arranged inside the housing 120. In another embodiment, at least a part of the control unit 140 is arranged outside the housing 120.

In the present embodiment, the input unit 142 acquires information on the three-dimensional shape of at least a part of the body of the ATM user 12 as a determination target of the authentication process. As a part of the body, at least one of a face, fingers, hands, arms, legs, and legs can be exemplified. Here, the hand indicates the part from the wrist to the fingertip. The arm indicates the part from the wrist to the shoulder. The foot indicates the part from the ankle to the toes. The leg indicates the part from the ankle to the pelvis.

Information about the three-dimensional shape of at least a part of the body of the ATM user 12 is (i) one or more two-dimensional images, (ii) three-dimensional images, disparity images and distances regarding at least a part of the body of the ATM user 12. At least one of the images, (iii) a radar image obtained using at least one of electromagnetic waves and sound waves, and (iv) at least the process for generating the above-mentioned images (i) to (iii). It may contain at least one of unprocessed raw data (sometimes referred to as RAW data). The above image may be a still image or a moving image.

The three-dimensional image, the parallax image, or the distance image may be generated based on the images captured by a plurality of image pickup devices, may be generated by the Light Coding method, or may be generated by the TOF (Time Of Flight) method. May be good. The input unit 142 may include at least one of a motion sensor device, a distance image sensor device, and a three-dimensional scanning device. The input unit 142 may include an electromagnetic wave irradiation device. The electromagnetic wave irradiation device may irradiate infrared rays.

The input unit 142 may acquire information regarding the position of at least a part of the body of the ATM user 12 in the input area 30 of the input unit 142 as a determination target of the authentication process. For example, the input unit 142 manages the input area 30 by distinguishing it into a plurality of sub-areas. Then, the input unit 142 acquires information indicating a sub-region in which a specific part of the body of the ATM user 12 exists as information regarding the above-mentioned position.

When the authentication process of the ATM user 12 is completed, the input unit 142 receives an instruction for operating the ATM 102 from the ATM user 12. The input unit 142 may receive an instruction from the ATM user 12 by any method. The input unit 142 has at least one device among a keyboard, a pointing device, a touch panel, a gesture input device, and a voice input device, and may accept input from the device.

When the input unit 142 detects the gesture of the authenticated ATM user 12 and receives an instruction for operating the ATM 102, for example, the input unit 142 detects the position pointed by the finger of the ATM user 12. , Accepts instructions to perform operations such as deposit, withdrawal, and transfer based on the detected finger position. Further, the input unit 142 detects the shape of the finger of the ATM user 12 or the locus of the finger, and receives an instruction regarding the amount of money to be processed in the above operation.

In one embodiment, the input unit 142 is arranged inside the housing 120. In another embodiment, at least a part of the input unit 142 is arranged outside the housing 120. The input unit 142 may be arranged inside the cover 160. The input unit 142 may be arranged so that at least a part thereof is covered with the cover 160.

In the present embodiment, the output unit 144 outputs various information. As a result, the output unit 144 can notify the ATM user 12 of the information. For example, the output unit 144 provides at least one of (i) information indicating the result of the authentication process of the ATM user 12 and (ii) information indicating a hint or guide regarding the authentication process of the ATM user 12 to the ATM user. Notify 12.

For example, the output unit 144, as a hint or a guide, has a shape matching degree value, information indicating the shape matching degree (for example, a division according to the matching degree level), a position matching degree value, and a position. Information indicating the degree of matching (for example, classification according to the level of matching) and the like are notified. When a series of actions or a combination of multiple gestures is registered as a security key, the output unit 144 notifies a match or similar part, or a match or dissimilar part as a hint or a guide. May be.

The output unit 144 may notify, as a hint or a guide, information indicating a rough shape, information indicating a rough position, and the like. The information indicating the rough shape includes (i) information indicating a deformed shape of the shape registered as the security key, (ii) information indicating a shape similar to the shape registered as the security key, and (iii). Information that expresses the shape registered as a security key in a language can be exemplified. The shapes of (i) and (ii) may be adjusted so that their similarity is not certified by the current determination criteria. The information indicating the rough position includes (i) information indicating a plurality of subareas including a subarea registered as a security key, and (ii) a larger area including a subarea registered as a security key. The information to be shown can be exemplified.

The output unit 144 may output information in the form of an image, sound, vibration, Braille, short-range wireless communication, or the like. The image may be a still image or a moving image. The output unit 144 may output information to the mobile terminal of the ATM user 12 by using short-range wireless communication.

The output unit 144 notifies the ATM user 12 of the information by using a means that makes it difficult for a third party existing around the ATM user 12 to perceive the content of the output information as compared with the ATM user 12. You can do it. For example, the output unit 144 may include (i) a combination of a viewing angle control film (sometimes referred to as a peep prevention film) or a reflective plate having directivity, and an image display device or an image projection device, (ii). ) A directional acoustic system and (iii) at least one of the aerial ultrasonic tactile interfaces.

The aerial ultrasonic tactile interface uses, for example, an ultrasonic transducer array having a plurality of ultrasonic transducers arranged in a grid pattern to create an ultrasonic focus at an arbitrary position in the air. As a result, the vibration and tactile sensation can be presented to the ATM user 12.

In one embodiment, the output unit 144 is arranged inside the housing 120. In another embodiment, at least a part of the output unit 144 is arranged outside the housing 120. The output unit 144 may be arranged outside the cover 160.

In the present embodiment, the card reader 146 acquires account identification information (sometimes referred to as an account ID) recorded on a recording medium such as a magnetic card or an IC card. The account identification information may be an account number. The account identification information may be an example of user identification information for identifying a user.

In the present embodiment, the deposit / withdrawal unit 148 receives and stores the deposited cash. The deposit / withdrawal unit 148 pays out the specified amount of cash. The deposit / withdrawal unit 148 executes the deposit / withdrawal process based on the instruction from the ATM user 12 received by the input unit 142. The deposit / withdrawal process may be an example of the operation of the ATM 102.

In the present embodiment, the cover 160 is a line of sight of a third party existing around the ATM user 12, and is arranged at a position that blocks the line of sight of the input unit 142 with respect to the input area 30. As a result, it is possible to prevent a third party existing around the ATM user 12 from peeping into the input area 30 of the input unit 142. The input area 30 of the input unit 142 may be an example of an input area to be determined.

The cover 160 may be arranged so as to cover at least a part of the input area 30 of the input unit 142. The cover 160 may be arranged so as to cover the input area 30 of the input unit 142 as a whole except for the opening 162. The cover 160 may be used together with other members and may be arranged so as to cover the input region 30 of the input unit 142 as a whole except for the opening 162. The cover 160 may be arranged above the input unit 142 so as to cover the input unit 142. The cover 160 may be arranged so as to protrude from at least one side surface of the housing 120 of the ATM 102.

The shape of the cover 160 is not particularly limited, and examples thereof include a box shape, a bag shape, a plate shape, and a room shape. The material of the cover 160 is not particularly limited, but it is preferably a material having a relatively low light transmittance. The cover 160 is a material having a light transmittance of 60% or less, preferably 50% or less, more preferably 30% or less, still more preferably 25% or less, still more preferably 10% or less, which is used in the input unit 142. May include.

A restraint portion that restrains at least a part of the body of the ATM user 12 may be arranged in the vicinity of the opening 162 when the authentication fails. In the vicinity of the opening 162, an injection unit that injects a substance may be arranged on at least a part of the body of the ATM user 12 when the authentication fails. The above-mentioned substance may be a substance for facilitating tracking, investigation or search by an investigative agency, a security agency, or the like. The above-mentioned substances may contain at least one of fluorescent substances, paints, pigments, dyes and fragrances. Further, an imaging unit that captures the face of the ATM user 12 may be arranged outside the cover 160 when authentication fails. By providing the ATM 102 with at least one of these configurations, fraudulent activity is suppressed.

In the present embodiment, the authentication server 104 executes the authentication process of the ATM user 12. The authentication server 104 may authenticate the ATM user 12 by using an arbitrary authentication method. The authentication server 104 may authenticate the ATM user 12 by using a plurality of authentication methods. For example, (i) the combination of the account ID of the ATM user 12 and the information on the three-dimensional shape of at least a part of the body of the ATM user 12 is acquired, and the information on the above-mentioned three-dimensional shape is the security key of the account ID. A method of authenticating an ATM user 12 is used depending on whether or not it matches or substantially matches the information on the three-dimensional shape of at least a part of the body registered as.

As the account ID, an account number, a user ID, or the like can be exemplified. The account ID may be a unique ID associated with the account ID. As the unique ID associated with the account ID, an ID unique to the mobile terminal of the legitimate user of the account ID, biometric information of the legitimate user, and the like can be exemplified.

The authentication method is (ii) to acquire a combination of the account ID of the ATM user 12 and the password or password or passphrase, and the above password or password or passphrase is registered as the security key of the account ID. A method of authenticating the ATM user 12 may be used depending on whether or not the password matches the password or passphrase. The authentication method is (iii) the account ID of the ATM user 12 and the biometric information of the ATM user 12 (sometimes referred to as biometric information. For example, iris information, fingerprint information, palm print information, vein information, pulse). Information, face information, etc.) and whether or not the above biometric information matches or substantially matches the biometric information registered as the security key of the account ID, the ATM user 12 It may be a method of authenticating.

In one embodiment, the authentication server 104 acquires information necessary for the authentication process of the ATM user 12 (for example, a combination of the account ID of the ATM user 12 and the above-mentioned various information) from the ATM 102. do. In another embodiment, the authentication server 104 acquires information necessary for the authentication process of the ATM user 12 from the communication terminal 22 of the ATM user 12. In this case, the ATM user 12 accesses the authentication server 104 using, for example, the communication terminal 22, and inputs the account ID and the above-mentioned various information.

In the present embodiment, the communication terminal 22 may be any device that can send and receive information to and from the authentication server 104 via the communication network 10, and the details thereof are not particularly limited. Examples of the communication terminal 22 include a personal computer and a mobile terminal. Examples of the mobile terminal include a mobile phone, a smartphone, a PDA, a tablet, a notebook computer or a laptop computer, a wearable computer, and the like.

[Specific configuration of each part of the ATM management system 100]
Each part of the ATM management system 100 may be realized by hardware, may be realized by software, or may be realized by hardware and software. At least a part of each part of the ATM management system 100 may be realized by a single server or may be realized by a plurality of servers. At least a part of each part of the ATM management system 100 may be realized on a virtual server or a cloud system. At least a part of each part of the ATM management system 100 may be realized by a personal computer or a mobile terminal. Examples of the mobile terminal include a mobile phone, a smartphone, a PDA, a tablet, a notebook computer or a laptop computer, a wearable computer, and the like. Each part of the ATM management system 100 may store information by using a distributed ledger technology such as a blockchain or a distributed network.

When at least a part of the components constituting the ATM management system 100 is realized by software, the components realized by the software define the operation related to the components in an information processing device having a general configuration. It may be realized by starting the software or program. The information processing device having the above general configuration includes (i) a data processing device having a processor such as a CPU and GPU, a ROM, a RAM, and a communication interface, and (ii) a keyboard, a pointing device, a touch panel, a camera, and voice input. Input devices such as devices, gesture input devices, various sensors, GPS receivers, output devices such as (iii) display devices, audio output devices, vibration devices, and storage devices such as (iv) memory, HDD, SSD (external). It may include a storage device).

In the information processing device having the above general configuration, the data processing device or the storage device may store the software or the program. The software or program described above causes the information processing apparatus described above to execute the operation specified by the software or program by being executed by the processor. The software or program described above may be stored on a non-temporary computer-readable recording medium. The above software or program may be a program for making a computer function as an ATM management system 100 or a part thereof. The above software or program may be a program for causing a computer to execute information processing in the ATM management system 100 or a part thereof.

[Overview of each part of control unit 140]
FIG. 2 schematically shows an example of the internal configuration of the control unit 140. In the present embodiment, the control unit 140 includes an input reception unit 210, an analysis unit 220, a communication unit 230, an output control unit 240, and a deposit / withdrawal control unit 250. In the present embodiment, the analysis unit 220 has a skeleton recognition unit 222 and a shape recognition unit 224. Each unit of the control unit 140 may send and receive information to and from each other. The input receiving unit 210 may be an example of a determination target acquisition unit. The output control unit 240 may be an example of a notification unit.

In the present embodiment, the input receiving unit 210 receives various information input to the ATM 102. For example, the input receiving unit 210 acquires various information from each unit of the ATM 102. In one embodiment, the input receiving unit 210 acquires information on the three-dimensional shape of at least a part of the body of the ATM user 12 from the input unit 142. The input receiving unit 210 may acquire information regarding the position of at least a part of the body of the ATM user 12 in the input area 30 from the input unit 142.

In the present embodiment, the analysis unit 220 analyzes various information acquired by the input reception unit 210. In the present embodiment, the skeleton recognition unit 222 recognizes the skeleton of at least a part of the body of the ATM user 12 based on the information about the three-dimensional shape of at least a part of the body of the ATM user 12. The skeleton recognition unit 222 may recognize the above skeleton using a rigid body link structure or a rigid body link model. The skeleton recognition unit 222 may recognize the above skeleton by determining the length of each bone contained in at least a part of the body of the ATM user 12 or the typical bone length. The information about the skeleton may be an example of biometric information.

In the present embodiment, the shape recognition unit 224 recognizes the three-dimensional shape of at least a part of the body of the ATM user 12 based on the information about the three-dimensional shape of at least a part of the body of the ATM user 12. The shape recognition unit 224 may recognize the above-mentioned three-dimensional structure by using a rigid body link structure or a rigid body link model. The shape recognition unit 224 may recognize the above-mentioned three-dimensional shape by determining the angle of each joint included in at least a part of the body of the ATM user 12 or the angle of a typical joint.

In the present embodiment, the case where the analysis unit 220 acquires information indicating the skeleton of at least a part of the body of the ATM user 12 as biological information has been described. However, the biological information acquired by the analysis unit 220 is not limited to this embodiment. In another embodiment, the analysis unit 220 may acquire biometric information other than the skeleton based on the information regarding the three-dimensional shape of at least a part of the body of the ATM user 12. As the above-mentioned biological information, a fingerprint pattern, a palm print pattern, a face pattern, a pulse pattern and the like can be exemplified. The above pattern may be information about feature points at each site. In still another embodiment, the analysis unit 220 may acquire various biometric information from a device (not shown) for acquiring biometric information arranged in the input unit 142.

In the present embodiment, the communication unit 230 transmits / receives information to / from the authentication server 104. The communication unit 230 may control communication with the authentication server 104. The communication unit 230 may include various communication interfaces.

In the present embodiment, the output control unit 240 controls the output unit 144. In one embodiment, the output control unit 240 determines the content of the information to be output. The output control unit 240 may determine the timing at which information is output. For example, the output control unit 240 responds to an instruction from the authentication server 104, (i) information indicating the result of the authentication process of the ATM user 12, and (ii) a hint or guide regarding the authentication process of the ATM user 12. It is decided to notify the ATM user 12 of at least one of the information indicating the above.

In another embodiment, the output control unit 240 determines the mode in which information is output. For example, as a form for outputting information, an image, sound, vibration, Braille, short-range wireless communication, and the like can be exemplified. The output control unit 240 outputs information to the ATM user 12 by using a means that makes it difficult for a third party existing around the ATM user 12 to perceive the content of the information output as compared with the ATM user 12. You may decide to notify.

In the present embodiment, the deposit / withdrawal control unit 250 controls the deposit process. The deposit / withdrawal control unit 250 may control the withdrawal process. The deposit / withdrawal control unit 250 may control the deposit / withdrawal unit 148.

[Overview of each part of the authentication server 104]
FIG. 3 schematically shows an example of the internal configuration of the authentication server 104. In the present embodiment, the authentication server 104 includes a communication unit 310, a reference adjustment unit 320, a storage unit 330, and a user authentication unit 340. In the present embodiment, the reference adjustment unit 320 has a biological information acquisition unit 321, a biological information determination unit 322, a determination target acquisition unit 323, a matching degree determination unit 324, and a reference determination unit 326. Each part of the authentication server 104 may send and receive information to and from each other without being limited by the arrows in the figure. The user authentication unit 340 may be an example of the authentication unit. In another embodiment, the communication unit 310 may function as a biometric information acquisition unit instead of the biometric information acquisition unit 321. Further, the communication unit 310 may function as a determination target acquisition unit instead of the determination target acquisition unit 323.

In the present embodiment, the communication unit 310 sends and receives information to and from the control unit 140. The communication unit 310 may control communication with the control unit 140. The communication unit 310 may send and receive information to and from the communication terminal 22. The communication unit 310 may control communication with the communication terminal 22. The communication unit 310 may include various communication interfaces.

In one embodiment, the communication unit 310 acquires information about the skeleton of at least a part of the body of the ATM user 12 from the communication unit 230 of the control unit 140. The communication unit 310 transmits the information regarding the skeleton to the biometric information determination unit 322. The communication unit 310 may acquire the account ID of the ATM user 12 from the communication unit 230 of the control unit 140 and transmit it to the biometric information determination unit 322.

In another embodiment, the communication unit 310 acquires information about the three-dimensional shape of at least a part of the body of the ATM user 12 from the communication unit 230 of the control unit 140. The communication unit 310 transmits the information regarding the three-dimensional shape to the matching degree determination unit 324. The communication unit 310 may acquire information regarding the position of at least a part of the body of the ATM user 12 in the input area 30 from the communication unit 230 of the control unit 140. The communication unit 310 transmits the information regarding the above position to, for example, the match degree determination unit 324. The communication unit 310 may acquire the account ID of the ATM user 12 from the communication unit 230 of the control unit 140 and transmit it to the matching degree determination unit 324.

In still another embodiment, the communication unit 310 receives an authentication request for a specific user from the communication terminal 22. The communication unit 310 may acquire information indicating an account ID and information indicating a password or password or passphrase from the communication terminal 22. The communication unit 310 transmits the above authentication request, information indicating an account ID, and information indicating a password or password or passphrase to the user authentication unit 340. The communication unit 310 may receive an instruction from the above-mentioned specific user from the communication terminal 22. When the specific user is already authenticated by the user authentication unit 340, the communication unit 310 transmits the above instruction to, for example, the reference determination unit 326.

In the present embodiment, the standard adjustment unit 320 changes the determination standard in the authentication process of the user authentication unit 340. The reference adjusting unit 320 may change the above-mentioned determination criteria based on the information acquired by the communication unit 310. The above criteria are as follows: (i) Judgment criteria regarding whether or not at least a part of the three-dimensional shape of the body of a regular user and the three-dimensional shape of at least a part of the body of the ATM user 12 match or are similar. (Ii) Includes at least one of the criteria for the permissible trial period, (iii) the permissible number of trials, and (iv) whether to notify a hint or guide regarding the authentication process. It's fine.

In the present embodiment, the biometric information acquisition unit 321 acquires the biometric information of the ATM user 12. In one embodiment, the biometric information acquisition unit 321 acquires the biometric information of the ATM user 12 from the control unit 140 of the ATM 102 via the communication unit 310. For example, the biological information acquisition unit 321 acquires information on the skeleton of at least a part of the body of the ATM user 12 from the control unit 140 of the ATM 102.

In another embodiment, the biological information acquisition unit 321 acquires information indicating the three-dimensional shape of at least a part of the body of the ATM user 12 from the determination target acquisition unit 323. The biometric information acquisition unit 321 analyzes the information indicating the three-dimensional shape of at least a part of the body of the ATM user 12, and acquires the biometric information of the ATM user 12. For example, the biological information acquisition unit 321 analyzes information indicating the three-dimensional shape of at least a part of the body of the ATM user 12, and acquires information about the skeleton of at least a part of the body of the ATM user 12.

In the present embodiment, the biometric information determination unit 322 determines whether or not the biometric information of the ATM user 12 matches or is similar to the biometric information of a legitimate user registered in advance as a comparison target of the authentication process. For example, the biometric information determination unit 322 determines whether or not the skeleton of at least a part of the body of the ATM user 12 matches or resembles the skeleton of a pre-registered regular user.

More specifically, for example, the biometric information determination unit 322 acquires the account ID of the ATM user 12 from the control unit 140 of the ATM 102 via the communication unit 310. The biometric information determination unit 322 refers to the storage unit 330 and extracts information regarding the skeleton of at least a part of the body of a legitimate user, which is stored in association with the above account ID. The biological information determination unit 322 determines whether or not the skeleton indicated by the information extracted from the storage unit 330 matches or is similar to the skeleton of the ATM user 12. In the present embodiment, the biological information determination unit 322 transmits the determination result to the reference determination unit 326. For example, the biological information determination unit 322 calculates the degree of matching or similarity between the two (sometimes referred to as the degree of matching of the skeletons), and transmits information indicating the degree of matching of the skeletons to the reference determination unit 326.

In the present embodiment, the determination target acquisition unit 323 acquires information regarding the three-dimensional shape of at least a part of the body of the ATM user 12. For example, the determination target acquisition unit 323 acquires information regarding the three-dimensional shape of at least a part of the body of the ATM user 12 from the control unit 140 of the ATM 102 via the communication unit 310. The determination target acquisition unit 323 may acquire information regarding the position of at least a part of the body of the ATM user 12 in the input area 30.

In the present embodiment, the matching degree determination unit 324 has a three-dimensional shape of at least a part of the body of the ATM user 12 and a three-dimensional shape of at least a part of the body of a legitimate user registered in advance as a comparison target of the authentication process. Determine if they match or are similar. For example, the matching degree determination unit 324 determines whether or not the three-dimensional shape of at least a part of the body of the ATM user 12 matches or resembles the three-dimensional shape of a legitimate user registered in advance as a security key.

More specifically, for example, the match degree determination unit 324 acquires the account ID of the ATM user 12 from the communication unit 310. The matching degree determination unit 324 refers to the storage unit 330 and extracts information regarding the three-dimensional shape of at least a part of the body of a legitimate user, which is stored in association with the above account ID. Even if the matching degree determination unit 324 refers to the storage unit 330 and extracts information regarding the position of at least a part of the body of a legitimate user in the input area 30 stored in association with the above account ID. good.

The matching degree determining unit 324 determines whether or not the three-dimensional shape indicated by the information extracted from the storage unit 330 matches or is similar to the three-dimensional shape of the ATM user 12. In the matching degree determination unit 324, (i) the three-dimensional shape indicated by the information extracted from the storage unit 330 and the three-dimensional shape of at least a part of the body of the ATM user 12 match or resemble, and (ii). It may be determined whether or not the position indicated by the information extracted from the storage unit 330 matches or is similar to the position of at least a part of the body of the ATM user 12.

In the present embodiment, the matching degree determination unit 324 transmits the determination result to the reference determination unit 326. For example, the matching degree determining unit 324 has a degree of matching or similarity between the three-dimensional shape indicated by the information extracted from the storage unit 330 and the three-dimensional shape of at least a part of the body of the ATM user 12 (the degree of matching of the shapes). It may be referred to as), and information indicating the degree of matching of the shapes is transmitted to the reference determination unit 326. The matching degree determining unit 324 may refer to the degree of matching or similarity between the position indicated by the information extracted from the storage unit 330 and the position of at least a part of the body of the ATM user 12 (may be referred to as a matching degree). ) May be calculated and information indicating the degree of coincidence of positions may be transmitted to the reference determination unit 326.

The matching degree determination unit 324 may determine the degree to which (i) the current two-dimensional shape or three-dimensional shape and (ii) the pre-registered two-dimensional shape or three-dimensional shape match or are similar to any object. .. Thereby, for example, the matching degree determination unit 324 can detect the foreign matter arranged inside the cover 160 of the ATM 102. In the temporary poetry form, the matching degree determining unit 324 analyzes the image acquired by the image pickup device arranged inside the input unit 142 or the cover 160, and calculates the matching degree between the current state and the normal state. .. When the calculated degree of matching satisfies the predetermined condition, the matching degree determining unit 324 determines that the foreign matter is arranged inside the cover 160. The predetermined condition may be a condition that the degree of agreement is smaller than the predetermined threshold value.

In another embodiment, the matching degree determination unit 324 may detect that a foreign substance has been brought into the cover 160. For example, the matching degree determination unit 324 analyzes the image acquired by the image pickup apparatus arranged inside the input unit 142 or the cover 160, and detects that a foreign substance is brought into the cover 160. More specifically, the match degree determination unit 324 analyzes the stereoscopic image of the hand acquired by the input unit 142 to determine whether or not the hand is holding a foreign object. As a result, it is possible to prevent a malicious third party from taking a voyeur of the inside of the cover 160 or installing a device or an instrument inside the cover 160.

In the present embodiment, the standard determination unit 326 determines whether or not to change the determination standard in the authentication process of the user authentication unit 340. The criterion determination unit 326 may determine the determination criterion after the change. As a result, the ATM management system 100 according to the present embodiment has excellent features not found in the conventional user authentication system and the conventional biometric authentication technology. In the conventional user authentication system, a password, a passphrase, or the like is used for user authentication. Therefore, for example, by repeatedly inputting a password, a passphrase, etc., there is a possibility that a person who is not a legitimate user is authenticated. On the other hand, according to the present embodiment, the determination criteria in the authentication process are adjusted according to the degree of possibility of being a legitimate user. This improves security.

In the conventional biometric authentication technique, a legitimate user is authenticated by matching / mismatching biometric information. In this case, for example, if biometric information is leaked, security cannot be guaranteed. Moreover, even if the biometric information is leaked, the legitimate user cannot change his / her own biometric information. On the other hand, according to the present embodiment, the biometric information is only used for adjusting the determination criteria in the authentication process, and the legitimate user is not authenticated by the match / mismatch of the biometric information. Therefore, even if biometric information is leaked, security can be ensured. Further, the legitimate user compares the authentication information (for example, the three-dimensional shape of at least a part of the body of the ATM user 12, but may be a password, a passphrase, etc.) with the biometric information. It can be changed much more easily.

[First Embodiment]
In the present embodiment, the reference determination unit 326 adjusts the determination criteria based on the determination result of the biological information determination unit 322. The criterion determination unit 326 may adjust the determination criterion based on the degree of coincidence of the skeleton.

In one embodiment, the criterion determination unit 326 may have (a) a biometric information determination unit 322 (i) a pre-registered legitimate user skeleton (which may be at least a portion of the user's body skeleton). And (ii) when it is determined that at least a part of the skeleton of the body of the ATM user 12 matches or is similar, the determination criteria are adjusted so that the authentication by the user authentication unit 340 is facilitated. In another embodiment, the criterion determination unit 326 may be (b) the biometric information determination unit 322, (i) the skeleton of a pre-registered legitimate user (the skeleton of at least a part of the user's body). ) And (ii), when it is determined that at least a part of the skeleton of the body of the ATM user 12 does not match or is similar, the determination criteria are adjusted so that the authentication by the user authentication unit 340 becomes strict or difficult. ..

[Second Embodiment]
In the present embodiment, the reference determination unit 326 adjusts the determination criteria based on the determination result of the agreement degree determination unit 324. For example, the reference determination unit 326 adjusts the determination criteria based on the degree of matching of the shapes. The reference determination unit 326 may adjust the determination criteria based on the degree of matching of the shape and the degree of matching of the position.

In one embodiment, the reference determination unit 326 adjusts the determination criteria so that the user authentication unit 340 facilitates authentication when (a) the degree of conformity of the shapes satisfies the predetermined first condition. The reference determination unit 326 facilitates authentication by the user authentication unit 340 when the shape matching degree satisfies the predetermined first condition and the position matching degree satisfies the predetermined third condition. The criterion may be adjusted so as to be.

The first condition is that the degree of shape matching is equal to or larger than the first threshold value over a predetermined period or a period calculated by a predetermined algorithm. The condition can be exemplified. In this case, the value of the degree of matching of the shapes or the period during which the shapes are matched or maintained in a similar state (may be referred to as the duration of the degree of matching of the shapes) is the current period in the user authentication unit 340. It does not have to meet the judgment criteria.

The method for adjusting the determination criteria is not particularly limited as long as the authentication in the user authentication unit 340 is easy. The criteria for adjusting the criteria include (i) lowering the threshold for shape matching, (ii) increasing the number of trials allowed, (iii) increasing the period allowed for each trial, and , (Iv) notify ATM user 12 of authentication hints or guides, and (v) combine these adjustment methods, (vi) change the type of adjustment method to be combined, and (vii) combine adjustment methods. Examples include increasing the number of methods. As the threshold value regarding the degree of matching of the shapes, a threshold value regarding the value of the degree of matching of the shapes, a threshold value regarding the duration of the degree of matching of the shapes, and the like can be exemplified.

For example, if the three-dimensional shape of a part of the body of the ATM user 12 continues to be similar to the three-dimensional shape registered as a security key for a relatively long time, the ATM user 12 may be a legitimate user. high. According to the present embodiment, in such a case, for example, the threshold value regarding the degree of shape matching may be lowered, the number of trials allowed may be increased, or the period allowed for each trial may be increased. ATM users 12 are notified of authentication hints or guides. As a result, the authentication of the ATM user 12 becomes easy.

As another example of the first condition, (i) the condition that the number of times the shapes match or are similar in one trial is equal to or larger than the predetermined first threshold value. , (Ii) Over a predetermined number of trials, the condition that the number of times the shapes match or are similar is equal to or larger than the predetermined first threshold value can be exemplified. .. The first thresholds in the various examples of the first condition described above may be the same or different. In the cases of (i) and (ii) above, the value of the degree of matching of the shapes or the period during which the shapes match or are maintained in a similar state (may be referred to as the duration of the degree of matching of the shapes). Does not have to meet the current determination criteria in the user authentication unit 340.

The user authentication unit 340 authenticates the ATM user 12 when the shapes match or are maintained in a similar state for a predetermined period. However, even if the period is shorter than the above period, if the number of times the shapes match or are similar is relatively large, it is highly possible that the ATM user 12 is a legitimate user. Therefore, according to the present embodiment, in such a case, the determination standard is adjusted so that the authentication in the user authentication unit 340 is facilitated.

The third condition is that (i) the degree of coincidence of positions is equal to or larger than a predetermined third threshold value, and (ii) a predetermined period or a predetermined value is determined. (Iii) The number of times the positions match or are similar in one trial, provided that the degree of position coincidence is equal to or greater than the third threshold value over the period calculated by the algorithm. Is equal to or greater than the third threshold, (iv) the number of times the positions match or are similar over a predetermined number of trials is the predetermined third threshold. The condition that they are equal to each other or larger than the third threshold value can be exemplified. The values of the third threshold values in the various examples of the third condition described above may be the same or different. In the above cases (i) to (iv), the value of the degree of coincidence of the positions or the period during which the positions match or are maintained in a similar state (may be referred to as the duration of the degree of coincidence of the positions). Does not have to meet the current determination criteria in the user authentication unit 340.

In another embodiment, the criterion determination unit 326 determines the criterion so that the authentication by the user authentication unit 340 becomes strict or difficult when (b) the degree of conformity of the shapes satisfies the predetermined second condition. adjust. The second condition may be a condition that the first condition is not satisfied.

The method for adjusting the determination criteria is not particularly limited as long as the authentication by the user authentication unit 340 becomes strict or difficult. The criteria for adjusting the criteria include (i) raising the threshold for shape matching, (ii) reducing the number of trials allowed, (iii) reducing the period allowed for each trial, and , (Iv) do not notify the ATM user 12 of authentication hints or guides, and (v) combine these adjustment methods, (vi) change the type of adjustment method to be combined, and (vii) combine adjustments. Examples include increasing the number of methods. As the threshold value regarding the degree of matching of the shapes, a threshold value regarding the value of the degree of matching of the shapes, a threshold value regarding the duration of the degree of matching of the shapes, and the like can be exemplified.

For example, if the three-dimensional shape of a part of the body of the ATM user 12 does not resemble the three-dimensional shape registered as the security key for a relatively long time, the ATM user 12 may be a legitimate user. The sex is low. According to the present embodiment, in such a case, for example, the threshold value regarding the degree of shape matching is raised, the number of trials allowed is reduced, or the period allowed for each trial is reduced. .. As a result, the authentication of the ATM user 12 becomes strict or difficult.

As another example of the second condition, the condition that the degree of conformity of the shapes is equal to or smaller than the predetermined second threshold value can be exemplified. The second threshold may be smaller than the first threshold.

[Third Embodiment]
In the present embodiment, the standard determination unit 326 adjusts the determination standard based on an instruction from a legitimate user authenticated by an authentication method different from the authentication method based on the three-dimensional shape. As the above instruction, an instruction to lower the threshold value for at least one of the skeleton matching degree, the shape matching degree, and the position matching degree can be exemplified only for a period specified by a legitimate user. Thereby, for example, when an agent of a legitimate user uses the ATM 102, the success rate of authentication can be improved. Further, for example, by lowering only the threshold value regarding the degree of matching of the skeleton, it is possible to improve the convenience while maintaining the security.

As another example of the above instruction, an instruction to raise a threshold value for at least one of skeleton matching degree, shape matching degree, and position matching degree can be exemplified only for a period specified by a legitimate user. .. This can improve security, for example, when a legitimate user plans to execute a high-value transaction in a high-risk area or time zone.

In the present embodiment, the storage unit 330 stores various types of information. For example, the storage unit 330 stores the account ID and the security key to be compared in the authentication process in association with each other. The storage unit 330 may store a plurality of pieces of information that are consecutive in time as a single security key.

The storage unit 330 may store a single account ID in association with a plurality of types of security keys. The storage unit 330 may store a plurality of security keys for a single type of security key. For example, when the three-dimensional shape of a part of the body of a legitimate user is registered as a security key, the storage unit 330 captures information obtained by capturing a part of the body of the legitimate user from various angles as a group of security keys. Store as. The storage unit 330 may execute the security key registration work a plurality of times and store a part or all of the acquired information on the three-dimensional shape as a group of security keys.

In the present embodiment, the user authentication unit 340 executes the authentication process of the ATM user 12. For example, the user authentication unit 340 may include (i) information regarding the three-dimensional shape of at least a part of the body of a legitimate user registered in advance for comparison in the authentication process, and (ii) at least one of the bodies of the ATM user 12. Authenticate the user based on the information about the three-dimensional shape of the part.

The user authentication unit 340 (i) information regarding the three-dimensional shape of at least a part of the body of a legitimate user registered in advance as a comparison target of the authentication process, and (ii) at least a part of the body of the ATM user 12. Information about the three-dimensional shape, information about at least a part of the body of a legitimate user in the input area 30, which is registered in advance for comparison with (iii) authentication processing, and (iv) the ATM user 12 in the input area 30. Users may be authenticated based on information about the location of at least a portion of their body.

In the present embodiment, the case where the authentication server 104 executes the authentication process has been described. However, the ATM management system 100 is not limited to this embodiment. In another embodiment, at least a part of the authentication process executed in the authentication server 104 in the above embodiment may be executed in the control unit 140. For example, at least one of the reference adjustment unit 320 and the user authentication unit 340 may be arranged in the control unit 140.

In the present embodiment, the article provided with the authentication system has been described by taking ATM 102 as an example. However, the article provided with the authentication system is not limited to the ATM 102. Other examples of the article may be a cash dispenser, a safe, an automatic door, a locking device, an information terminal, and the like. Examples of the information terminal include a supercomputer, a workstation, a personal computer, a mobile terminal, and the like. Examples of the mobile terminal include a mobile phone, a smartphone, a PDA, a tablet, a notebook computer or a laptop computer, a wearable computer, and the like.

FIG. 4 schematically shows an example of a change over time in the degree of coincidence of three-dimensional shapes. FIG. 4 shows an example of a change over time in the shape matching degree 400 when the ATM user 12 is a regular user. In the example shown in FIG. 4, the shape match degree 400 reaches the threshold value L2 before the permissible trial period (indicated by _Ttry in the figure) is reached in _one trial. Therefore, in this example, the user authentication unit 340 authenticates the ATM user 12 as a legitimate user. _In the user authentication unit 340, the period in which the shape matching degree 400 exceeds the threshold value _L2 or the period in which the shape matching degree 400 exceeds the threshold value L2 is equal to or predetermined as a predetermined period. If the period is longer than the period, the ATM user 12 may be authenticated as a legitimate user.

Further, for a period in which the shape matching degree 400 is larger _than the threshold value L1 and smaller _than the threshold value L2 (indicated by T _good in the figure) after the period T _hint elapses from the start of the authentication process. When the length becomes larger than a predetermined value, the criterion determination unit 326 may decide to adjust the determination criterion so that the user authentication unit 340 can easily authenticate. For example, the criteria determination unit 326 decides to notify the ATM user 12 of a hint or guide regarding authentication.

FIG. 5 schematically shows an example of a change over time in the degree of coincidence of three-dimensional shapes. FIG. 5 shows an example of a change over time in the shape matching degree 500 when the ATM user 12 is a third party. In the example shown in FIG. 5, even if the period _Tint elapses from the start of the authentication process, the shape matching degree 500 is larger _than the threshold value L1 and smaller _than the threshold value L2 (in the figure, in the figure). The length (indicated by T _good ) is smaller than the predetermined value. Therefore, the standard determination unit 326 decides not to notify the ATM user 12 of the hint or guide regarding authentication.

Further, in the example shown in _FIG . 5, the shape matching degree 500 does not reach the threshold value L2 during the trial period _Ttry allowed in one trial. Therefore, in this example, the user authentication unit 340 does not authenticate the ATM user 12 as a legitimate user in the trial. Therefore, the user authentication unit 340 notifies the ATM user 12 that the ATM user 12 should try again within the allowable number of trials, for example.

FIG. 6 schematically shows an example of the data table 600. The data table 600 is stored in, for example, the storage unit 330. In the present embodiment, the data table 600 stores the account ID 610, the personal identification number 620, the password 630, and the gesture authentication information 640 in association with each other. In the present embodiment, the gesture authentication information 640 includes position data 642, shape data 644, skeleton data 646, and the like. The personal identification number 620 is, for example, a combination of an arbitrary number of numbers, letters, symbols, and the like. The password 630 is, for example, a password required when logging in to a website. In another embodiment, the account ID 610 may be associated with at least one of the password 620, the password 630, and the gesture authentication information 640. For example, the account ID 610 is stored in the storage unit 330 in association with the gesture authentication information 640.

Although the present invention has been described above using the embodiments, the technical scope of the present invention is not limited to the scope described in the above embodiments. It will be apparent to those skilled in the art that various changes or improvements can be made to the above embodiments. Further, to the extent that there is no technical contradiction, the matters described for the specific embodiment can be applied to other embodiments. Further, each component may have the same characteristics as other components having the same name but different reference numerals. It is clear from the description of the claims that the form with such changes or improvements may be included in the technical scope of the present invention.
For example, the following items are also described in the specification of the present application.
[Item 1]
An authentication system that authenticates users
When the target of the authentication process is unlikely to be a legitimate user, the authentication process is configured to be stricter or more difficult than when the target of the authentication process is likely to be a legitimate user. Yes,
Authentication system.
[Item 2]
The biometric information acquisition unit that acquires the biometric information of the subject,
A criterion determination unit that determines a determination criterion in the authentication process based on the information acquired by the biometric information acquisition unit.
To prepare
The authentication system according to item 1.
[Item 3]
As the determination target of the authentication process, the determination target acquisition unit that acquires information on the three-dimensional shape of at least a part of the body of the target person to be the target of the authentication process.
(I) Information on the three-dimensional shape of at least a part of the user's body registered in advance as a comparison target of the authentication process, and (ii) at least a part of the target person's body acquired by the determination target acquisition unit. An authentication unit that authenticates the user based on the information about the three-dimensional shape of
To prepare
The authentication system described in item 2.
[Item 4]
The biometric information acquisition unit acquires the biometric information of the subject based on the information acquired by the determination target acquisition unit.
The authentication system described in item 3.
[Item 5]
The determination criteria in the authentication process are as follows: (i) Whether or not the information registered as the security key matches or is similar to the information input by the target person or the information acquired from the target person in the authentication process. At least the criteria, (ii) the criteria for the permissible trial period, (iii) the criteria for the number of trials allowed, and (iv) the criteria for notifying the hint or guide regarding the authentication process. Including one,
The authentication system according to any one of claims 2 to 4.

The order of execution of each process such as operation, procedure, step, and step in the apparatus, system, program, and method shown in the claims, specification, and drawings is particularly "before" and "prior to". It should be noted that it can be realized in any order unless the output of the previous process is used in the subsequent process. Even if the scope of claims, the specification, and the operation flow in the drawings are explained using "first", "next", etc. for convenience, it means that it is essential to carry out in this order. It's not a thing.

10 communication network, 12 ATM user, 22 communication terminal, 30 input area, 100 ATM management system, 102 ATM, 104 authentication server, 120 housing, 140 control unit, 142 input unit, 144 output unit, 146 card reader, 148 input / output unit. Gold part, 160 cover, 162 openings, 210 input reception part, 220 analysis part, 222 skeleton recognition part, 224 shape recognition part, 230 communication part, 240 output control part, 250 deposit / withdrawal control part, 310 communication part, 320 reference adjustment Unit, 321 Biometric information acquisition unit, 322 Biometric information determination unit, 323 Judgment target acquisition unit, 324 Matching degree determination unit, 326 Standard determination unit, 330 Storage unit, 340 User authentication unit, 400 Matching degree, 500 Matching degree, 600 data Table, 610 account ID, 620 password, 630 password, 640 gesture authentication information, 642 location data, 644 shape data, 646 skeleton data

Claims (11)

An authentication system that authenticates the user by using at least a part of the user's body.
In the authentication system, when the target of the authentication process is unlikely to be a legitimate user, the authentication becomes stricter or more difficult than when the target of the authentication process is likely to be a legitimate user. Is configured to
The authentication system is
As the determination target of the authentication process, the determination target acquisition unit that acquires information on the three-dimensional shape of at least a part of the body of the target person to be the target of the authentication process.
(I) Information on the three-dimensional shape of at least a part of the user's body registered in advance as a comparison target of the authentication process, and (ii) at least a part of the target person's body acquired by the determination target acquisition unit. An authentication unit that authenticates the user based on the information about the three-dimensional shape of
A criterion determination unit that determines a determination criterion in the authentication process based on the information regarding the three-dimensional shape of at least a part of the body of the subject acquired by the determination target acquisition unit.
(I) The three-dimensional shape indicated by the information regarding the three-dimensional shape of at least a part of the user's body registered in advance as the comparison target of the authentication process, and (ii) the target person acquired by the determination target acquisition unit. A matching degree determining unit that determines the degree to which the three-dimensional shapes indicated by the information on the three-dimensional shape of at least a part of the body match or are similar to each other.
Equipped with
Information about the three-dimensional shape of at least a part of the body includes information about the angle of the skeleton or joint of at least a part of the body.
The degree of agreement determination unit is (i) an angle of a skeleton or a joint indicated by information regarding a three-dimensional shape of at least a part of the user's body, which is registered in advance for comparison in the authentication process, and (ii) said. The degree to which the angles of the skeletons or joints indicated by the information regarding the three-dimensional shape of at least a part of the subject's body acquired by the determination target acquisition unit match or are similar is determined.
The reference determination unit
(A) When the degree determined by the match degree determination unit satisfies the predetermined first condition, the determination criteria are adjusted or adjusted so that the authentication in the authentication unit is facilitated.
(B) When the degree determined by the match degree determination unit satisfies a predetermined second condition, the determination criteria are adjusted so that the authentication in the authentication unit becomes strict or difficult.
Authentication system. An authentication system that authenticates the user by using at least a part of the user's body.
In the authentication system, when the target of the authentication process is unlikely to be a legitimate user, the authentication becomes stricter or more difficult than when the target of the authentication process is likely to be a legitimate user. Is configured to
The authentication system is
As the determination target of the authentication process, the determination target acquisition unit that acquires information on the three-dimensional shape of at least a part of the body of the target person to be the target of the authentication process.
(I) Information on the three-dimensional shape of at least a part of the user's body registered in advance as a comparison target of the authentication process, and (ii) at least a part of the target person's body acquired by the determination target acquisition unit. An authentication unit that authenticates the user based on the information about the three-dimensional shape of
A criterion determination unit that determines a determination criterion in the authentication process based on the information regarding the three-dimensional shape of at least a part of the body of the subject acquired by the determination target acquisition unit.
Equipped with
Information about the three-dimensional shape of at least a part of the body includes information about the angle of the skeleton or joint of at least a part of the body.
The determination target acquisition unit determines, as the determination target of the authentication process, (i) information regarding the three-dimensional shape of at least a part of the target person's body, and (ii) the target person's body in the input area of the determination target. Get information about at least some locations and
The authentication unit (i) has information regarding the angle of at least a part of the skeleton or joint of the user's body registered in advance as a comparison target of the authentication process, and (ii) the determination target acquisition unit has acquired the information. Information about the angle of at least a part of the body of the subject and the angle of the skeleton or joint, and (iii) information about the position of at least a part of the user's body in the input area registered in advance for comparison of the authentication process. , (Iv) authenticate the user based on the information about the position of at least a part of the body of the subject in the input area acquired by the determination target acquisition unit.
Authentication system. The determination criteria in the authentication process are as follows: (i) Judgment criteria regarding whether or not the three-dimensional shape of at least a part of the user's body matches or is similar to the three-dimensional shape of at least a part of the subject's body. (Ii) Criteria for permissible trial period, (iii) Criteria for permissible number of trials, and (iv) Criteria for notifying hints or guides regarding the authentication process. include,
The authentication system according to claim 1 or 2. The biometric information acquisition unit that acquires the biometric information of the subject,
Whether or not (i) the biometric information of the user registered in advance as a comparison target of the authentication process and (ii) the biometric information of the subject acquired by the biometric information acquisition unit match or are similar. Biological information judgment unit for judgment and
Further prepare
The reference determination unit
(A) When the biometric information determination unit determines that (i) the biometric information of the user and (ii) the biometric information of the target person match or are similar, the authentication unit facilitates authentication. Adjust the criteria or
(B) When the biometric information determination unit determines that (i) the biometric information of the user and (ii) the biometric information of the target person do not match or are similar, the authentication in the authentication unit becomes strict or difficult. To adjust the criteria,
The authentication system according to any one of claims 1 to 3. Using means that are less likely to be perceived by a third party around the subject as compared to the subject, (i) the result of the authentication process and (ii) a hint or guide regarding the authentication process. Further provided with a notification unit for notifying the target person of at least one of the above.
The authentication system according to any one of claims 1 to 4. Further provided with a shielding portion arranged at a position that is a line of sight of a third party existing around the subject and blocks the line of sight with respect to the input area of the determination target.
The authentication system according to any one of claims 1 to 5. A shielding portion that is a line of sight of a third party existing around the target person and is arranged at a position that blocks the line of sight with respect to the input area of the determination target.
Using a means that makes it difficult for the third party to perceive the content as compared to the subject, the subject is (i) at least one of the result of the authentication process and (ii) a hint or guide regarding the authentication process. Notification unit to notify the person and
Further prepare,
The authentication system according to any one of claims 1 to 6. The three-dimensional shape of at least a part of the user's body can be changed by the user.
The authentication system according to any one of claims 1 to 7. An article provided with the authentication system according to any one of claims 1 to 8 .
An instruction receiving unit that receives instructions for operating the article from the user,
An instruction execution unit that executes an operation of the article based on the instruction received by the instruction reception unit.
Goods. The instruction receiving unit has a gesture input unit that detects the gesture of the user and accepts the instruction.
The article according to claim 9 . A program for operating a computer as the authentication system according to any one of claims 1 to 8 .

Images