JP7040690B1 - Server equipment, system, control method of server equipment and computer program - Google Patents

Abstract

Provided is a server device that realizes highly accurate biometric authentication. The server device includes a receiving unit and a processing unit. The receiving unit receives an authentication request from at least one terminal. The processing unit refers to a database that stores biometric information of each of a plurality of users and processes an authentication request. When the terminal for transmitting the authentication request is a terminal of a predetermined type, the processing unit processes the authentication request by using a part of the biometric information among the plurality of biometric information.

Description

The present invention relates to a server device, a terminal, a system, a control method for the server device, and a storage medium.

Patent Document 1 describes ticketless boarding in which various procedures are performed by face recognition at multiple checkpoints (check-in lobby, security checkpoint, boarding gate, etc.) in the airport using passenger biometric information (face image). The system is disclosed.

Patent Document 2 describes that it provides a security inspection confirmation system capable of strengthening security inspections at airports. The system of Patent Document 2 includes a storage unit, a collation unit, and a notification unit. The storage unit stores the first face image data of the person included in the first captured image acquired by the first imaging unit. The collation unit collates the passenger's second face image data included in the second image captured by the second image pickup unit with the first face image data. The notification unit notifies the result of the collation in the collation unit.

JP-A-2007-079656 JP-A-2019-125237

In the system disclosed in Patent Document 1 and Patent Document 2, user authentication is realized by comparing the biometric information registered in the storage unit (database) with the biometric information acquired from the terminal. Here, if the number of users registered in the database increases, the number of users with similar faces will increase, and the authentication accuracy will deteriorate. In particular, since the gate device installed at an airport or the like when passengers board an aircraft is the final confirmation point in a series of boarding procedures, high accuracy is required for authentication in the gate device.

An object of the present invention is to provide a server device, a terminal, a system, a control method for the server device, and a storage medium, which contribute to realizing highly accurate biometric authentication.

According to the first aspect of the present invention, the authentication request is processed by referring to the receiving unit that receives the authentication request from at least one terminal and the database that stores the biometric information of each of the plurality of users. The processing unit includes a processing unit, and when the terminal for transmitting the authentication request is a terminal of a predetermined type, the processing unit uses a part of the biometric information among the plurality of biometric information to make the authentication request. A server device is provided to process.

According to the second aspect of the present invention, a terminal that transmits an authentication request including a terminal identifier indicating the type of the own device to the server device that determines a database to be referred to when performing biometric authentication. Is provided.

According to a third aspect of the present invention, the server device includes at least one terminal and a server device connected to the at least one or more terminals, and the server device requests authentication from the at least one or more terminals. A receiving unit for receiving, a processing unit for referring to a database for storing biometric information of each of a plurality of users, and a processing unit for processing the authentication request, the processing unit includes a terminal for transmitting the authentication request. In the case of a predetermined type of terminal, a system is provided that processes the authentication request by using a part of the biometric information among the plurality of biometric information.

According to the fourth aspect of the present invention, in the server device, when the terminal that receives the authentication request from at least one terminal and transmits the authentication request is a terminal of a predetermined type, it is stored in the database. Provided is a method for controlling a server device that processes the authentication request by using a part of the biometric information among the plurality of biometric information.

According to the fifth aspect of the present invention, the computer mounted on the server device receives an authentication request from at least one terminal, and the terminal for transmitting the authentication request is a predetermined type of terminal. In some cases, a computer-readable storage medium is provided that stores a process for executing an authentication process using a part of the biometric information stored in the database and a program for executing the authentication process. ..

According to each viewpoint of the present invention, a server device, a terminal, a system, a control method of the server device, and a storage medium that contribute to realizing highly accurate biometric authentication are provided. The effect of the present invention is not limited to the above. According to the present invention, other effects may be produced in place of or in combination with the effect.

It is a figure for demonstrating the outline of one Embodiment. It is a figure which shows an example of the schematic structure of the boarding procedure system which concerns on 1st Embodiment. It is a figure which shows an example of the table information which associates a terminal type and a terminal identifier which concerns on 1st Embodiment. It is a figure which shows an example of the processing configuration of the check-in terminal which concerns on 1st Embodiment. It is a figure for demonstrating the operation of the system registration part which concerns on 1st Embodiment. It is a figure which shows an example of the processing structure of the system registration part which concerns on 1st Embodiment. It is a figure which shows an example of the processing structure of the boarding gate apparatus which concerns on 1st Embodiment. It is a figure which shows an example of the authentication request which concerns on 1st Embodiment. It is a figure which shows an example of the processing configuration of the server apparatus which concerns on 1st Embodiment. It is a figure which shows an example of the 1st authentication information database which concerns on 1st Embodiment. It is a figure which shows an example of the 2nd authentication information database which concerns on 1st Embodiment. It is a figure which shows an example of the 3rd authentication information database which concerns on 1st Embodiment. It is a figure which shows an example of the business information database which concerns on 1st Embodiment. It is a sequence diagram which shows an example of the operation of the boarding procedure system which concerns on 1st Embodiment. It is a figure which shows an example of the hardware configuration of a server device.

First, an outline of one embodiment will be described. It should be noted that the drawing reference reference numerals added to this outline are added to each element for convenience as an example for assisting understanding, and the description of this outline is not intended to limit anything. Further, unless otherwise specified, the blocks described in each drawing represent not the configuration of hardware units but the configuration of functional units. Connection lines between blocks in each figure include both bidirectional and unidirectional. The one-way arrow schematically shows the flow of the main signal (data), and does not exclude bidirectionality. In the present specification and the drawings, the same reference numerals may be given to elements that can be similarly described, so that duplicate description may be omitted.

The server device 100 according to one embodiment includes a receiving unit 101 and a processing unit 102 (see FIG. 1). The receiving unit 101 receives an authentication request from at least one terminal. The processing unit 102 refers to a database that stores biometric information of each of the plurality of users, and processes the authentication request. When the terminal for transmitting the authentication request is a terminal of a predetermined type, the processing unit 102 processes the authentication request by using a part of the biometric information among the plurality of biometric information.

When the terminal that is the source of the authentication request is a terminal of a predetermined type, the server device 100 processes the authentication request by using a part of the plurality of biometric information stored in the database. For example, if the terminal is a boarding gate device installed at the boarding gate, the server device 100 sets the biometric information about the passengers of the flight for which the boarding gate device determines whether or not the user can pass, as the target of biometric authentication. do. As a result, the number of entries subject to collation processing is reduced, and the accuracy of biometric authentication is improved.

Specific embodiments will be described in more detail below with reference to the drawings.

[First Embodiment]
The first embodiment will be described in more detail with reference to the drawings.

[System configuration]
FIG. 2 is a diagram showing an example of a schematic configuration of the boarding procedure system according to the first embodiment. The boarding procedure system according to the first embodiment is a system that realizes a series of procedures (baggage deposit, security check, etc.) at the airport by biometric authentication. The boarding procedure system shown in FIG. 2 is operated by, for example, a public institution such as an immigration control bureau or a trustee who has been entrusted with business by the public institution.

In the disclosure of the present application, "boarding procedure" refers to a series of procedures performed from check-in to boarding an aircraft.

Referring to FIG. 2, the boarding procedure system includes a check-in terminal 10, a baggage deposit machine 11, a passenger transit system 12, a gate device 13, a lounge gate 14, a boarding gate device 15, and a server device 20.

The check-in terminal 10, the baggage deposit machine 11, the passenger passage system 12, the gate device 13, the lounge gate 14, and the boarding gate device 15 are terminals (touch points) installed at the airport. These terminals are connected to the server device 20 via a network. The network shown in FIG. 2 is composed of a LAN (Local Area Network) including an airport premises communication network, a WAN (Wide Area Network), a mobile communication network, and the like. The connection method is not limited to the wired method and may be a wireless method.

The server device 20 is installed in a facility such as an airport company. Alternatively, the server device 20 may be a server installed in the cloud on the network.

The configuration shown in FIG. 2 is an example, and does not mean to limit the configuration of the boarding procedure system. The boarding procedure system may include terminals and the like (not shown).

The user boarding procedure is performed by each terminal shown in FIG. Specifically, a series of procedures when a user leaves Japan is sequentially carried out at terminals installed at five locations except the lounge gate 14. In the boarding procedure system shown in FIG. 2, the boarding procedure of the user is realized by authentication using biometric information (biometric authentication).

The biological information disclosed in the present application is a face image, a fingerprint image, an iris image, a finger vein image, a palm print image, a palm vein image, and the like. The biometric information may be one or plural. The wording of "biological information" in the disclosure of the present application means an image including all or a part of the living body and a feature amount extracted from the image.

Upon arriving at the airport, a user (system user) who wishes to carry out boarding procedures by biometric authentication operates the check-in terminal 10 to perform "check-in procedures". The system user presents a paper ticket, a two-dimensional bar code on which boarding information is described, a mobile terminal displaying a copy of the e-ticket, and the like to the check-in terminal 10. The check-in terminal 10 outputs a boarding pass when the check-in procedure is completed. The boarding pass includes a paper boarding pass and an electronic boarding pass.

A system user who has completed the check-in procedure and wishes to carry out the boarding procedure by biometric authentication performs system registration using the check-in terminal 10. Specifically, the system user causes the check-in terminal 10 to read the acquired boarding pass and passport. In addition, the check-in terminal 10 acquires biometric information (for example, a face image) of the system user.

The check-in terminal 10 transmits information related to these (boarding pass, passport, biometric information) to the server device 20.

The server device 20 confirms the validity of the information acquired from the check-in terminal 10. Specifically, the server device 20 confirms the validity of the presented passport. When the confirmation is completed, the server device 20 registers the system user. Specifically, the server device 20 issues a token used for the boarding procedure of the user registered in the system.

The issued token is identified by a token ID (Identifier). Information required for boarding procedures (for example, biometric information, business information required for boarding procedures, etc.) is associated via a token ID. That is, the "token" is issued together with the registration of the system user, and is the identification information for the registered system user to undergo the boarding procedure using the biometric information. When the token (token ID) is issued, the system user can use the boarding procedure using biometric authentication.

The server device 20 adds an entry to various databases (DB; Data Base) according to the generation of the token. The server device 20 mainly includes two types of databases.

The first type of database is an authentication information database that stores authentication information (combination of token ID and biometric information). The database stores at least the token ID and biometric information (face image, feature amount) in association with each other. The server device 20 refers to the authentication information database and executes the authentication process.

The server device 20 includes first to third authentication information databases having different data storage structures. The server device 20 determines (selects) an authentication information database to be referred to according to the type of the terminal that is the source of the authentication request. Details regarding the determination of the authentication information database will be described later.

The second type of database is a database that stores business information (hereinafter referred to as a business information database). The business information database stores the token ID and the business information in association with each other.

When the system user to whom the token is issued arrives at a terminal (touch point; for example, a baggage deposit machine 11 or the like), biometric information (for example, a face image) is acquired at the terminal. The terminal transmits an authentication request including a terminal identifier indicating the type (category) of the own device and a face image to the server device 20.

The terminal identifier is identification information defined by a system administrator or the like. The server device 20 manages the terminal type corresponding to the terminal identifier by the table information as shown in FIG. The corresponding terminal identifier is registered (input) in each terminal. If multiple terminals of the same type are included in the system, they will be assigned the same terminal identifier. For example, when a plurality of check-in terminals 10 are included in the system, "T01" is registered in each check-in terminal 10.

The server device 20 refers to any one of the plurality of authentication information databases based on the terminal identifier extracted from the authentication request. The server device 20 executes a collation process (1 to N collation; N is a positive integer, the same applies hereinafter) using the biometric information acquired from the terminal and the biometric information stored in the authentication information database. The token ID is specified by the collation process.

The server device 20 transmits an authentication result including the token ID and business information specified by the authentication process (verification process) to the terminal. The user's boarding procedure is carried out based on the relevant business information.

The check-in terminal 10 is installed in the check-in lobby in the airport. As described above, the user performs system registration for realizing the boarding procedure using biometric authentication using the check-in terminal 10. In addition, the system user operates the check-in terminal 10 to perform the check-in procedure. That is, the check-in terminal 10 is also a self-terminal for performing a check-in procedure by being operated by the user. The check-in terminal 10 is also referred to as a CUSS (Common Use Self Service) terminal. After completing the check-in procedure, the user will be transferred to the baggage deposit area or security checkpoint.

The baggage deposit machine 11 is installed in an area adjacent to the baggage counter (manned counter) in the airport or in an area near the check-in terminal 10. The baggage depository machine 11 is a self-terminal for performing a procedure (baggage deposit procedure) for depositing baggage that is not brought into an aircraft by being operated by the user. The baggage deposit machine 11 is also referred to as a CUBD (Common Use Bag Drop) terminal. After completing the baggage check-in procedure, the user will move to the security checkpoint. If the user does not check the baggage, the baggage check-in procedure is omitted.

The passenger passage system 12 is a gate device installed at the entrance of a security checkpoint in an airport. The passenger passage system 12, also called a PRS (Passenger Reconciliation System), is a system for determining whether or not a user can pass through at the entrance of a security checkpoint. When the user completes the security inspection procedure after passing through the passenger passage system 12, the user moves to the immigration checkpoint.

The gate device 13 is installed at the immigration checkpoint in the airport. The gate device 13 is a device that automatically performs the departure examination procedure of the user. After completing the immigration procedure, the user will move to the departure area where the lounge, duty-free shop and boarding gate are located.

The lounge gate 14 is provided in the departure area and is installed at the entrance / exit of the lounge. Users spend time until the aircraft takes off in a lounge operated by an airline company or the like. Normally, the lounge can be used only by the users of the airline that operates the lounge. The lounge gate 14 is a gate device for verifying whether or not the user is qualified to use the lounge, and has nothing to do with the boarding procedure.

The boarding gate device 15 is a traffic control device installed for each boarding gate in the departure area. The boarding gate device 15 is the final stage gate device in a series of procedures for departure examination (examination using biometric information). The boarding gate device 15 is also referred to as an ABG (Automated Boarding Gates) terminal. The boarding gate device 15 confirms that the user is a passenger of an aircraft that can board from the boarding gate. After passing through the boarding gate device 15, the user boarded the aircraft and departed for a second country.

The boarding procedure using biometric authentication by each device shown in FIG. 2 (check-in terminal 10, baggage deposit machine 11, passenger passage system 12, gate device 13, boarding gate device 15) is an example and is used for the procedure. It is not intended to limit the equipment to be used. For example, a device different from the above device may be used for the boarding procedure, or some of the above devices may not be used for the procedure. For example, the gate device 13 may not be included in the check-in system.

The server device 20 is a server device for supporting and managing the boarding procedure. The server device 20 manages the token ID. Specifically, the server device 20 issues or invalidates the token ID. In addition, the server device 20 processes authentication requests from various terminals in the airport.

Subsequently, the details of each device included in the boarding procedure system according to the first embodiment will be described. In the following description, the user's "face image" will be taken as an example of biometric information.

[Check-in terminal]
As described above, the check-in terminal 10 is a device that provides system users with operations related to check-in procedures and system registration.

FIG. 4 is a diagram showing an example of a processing configuration (processing module) of the check-in terminal 10 according to the first embodiment. Referring to FIG. 4, the check-in terminal 10 includes a communication control unit 201, a system registration unit 202, a token issuance request unit 203, a message output unit 204, a check-in execution unit 205, and a storage unit 206. include.

The communication control unit 201 is a means for controlling communication with other devices. For example, the communication control unit 201 receives data (packets) from the server device 20. Further, the communication control unit 201 transmits data to the server device 20. The communication control unit 201 passes the data received from the other device to the other processing module. The communication control unit 201 transmits the data acquired from the other processing module to the other device. In this way, the other processing module transmits / receives data to / from the other device via the communication control unit 201.

The system registration unit 202 is a means for registering the system of a user who wishes to carry out boarding procedures by biometric authentication. For example, the system registration unit 202 provides the user with a GUI (Graphical User Interface) for confirming whether or not the user desires "boarding procedure using a face image" after the check-in procedure is completed. (See Fig. 5).

When the user wishes to check in using a face image, the system registration unit 202 uses a GUI to acquire three pieces of information (information written on the boarding pass, information written on the passport, and biometric information). And acquire the three pieces of information.

The system registration unit 202 includes three submodules. FIG. 6 is a diagram showing an example of a processing configuration (processing module) of the system registration unit 202 according to the first embodiment. As shown in FIG. 6, the system registration unit 202 includes a boarding pass information acquisition unit 211, a passport information acquisition unit 212, and a biometric information acquisition unit 213.

The boarding pass information acquisition unit 211 is a means for acquiring the information described in the boarding pass possessed by the system user (hereinafter referred to as boarding pass information). The boarding pass information acquisition unit 211 controls a reader (not shown) such as a scanner to acquire boarding pass information.

Boarding pass information includes name (last name, first name), airline code, flight number, boarding date, departure place (boarding airport), destination (arrival airport), seat number, boarding time, arrival time and the like.

The passport information acquisition unit 212 is a means for acquiring the information described in the passport possessed by the system user (hereinafter referred to as passport information). The passport information acquisition unit 212 controls a reader such as a scanner to acquire passport information.

The passport information includes a face image (hereinafter referred to as a passport face image), name, gender, nationality, passport number, passport issuing country, and the like.

The biometric information acquisition unit 213 is a means for acquiring biometric information of a system user. The biological information acquisition unit 213 controls the camera and acquires a facial image of the system user. For example, when the biometric information acquisition unit 213 detects a face in an image to be constantly or periodically photographed, the biometric information acquisition unit 213 photographs the user's face and acquires the face image.

It is desirable that the biological information acquisition unit 213 displays a guidance message regarding the acquisition of the face image via the message output unit 204 before photographing the face image. For example, the biometric information acquisition unit 213 displays a message such as "The customer's face image is taken and registered in the system. The registered face image will be deleted from the system after boarding is completed."

The system registration unit 202 delivers the acquired three pieces of information (boarding pass information, passport information, and biometric information) to the token issuance request unit 203.

The token issuance request unit 203 shown in FIG. 4 is a means for requesting the server device 20 to issue a token. The token issuance request unit 203 generates a token issuance request including boarding pass information, passport information, and biometric information (face image). The token issuance request unit 203 transmits the generated token issuance request to the server device 20.

The token issuance request unit 203 delivers the response (response to the token issuance request) acquired from the server device 20 to the message output unit 204.

The message output unit 204 is a means for outputting various messages. For example, the message output unit 204 outputs a message according to the response acquired from the server device 20.

When a response (affirmative response) to the effect that the token has been successfully issued is received, the message output unit 204 outputs to that effect. For example, the message output unit 204 outputs a message such as "Future procedures can be performed by face recognition".

When a response (negative response) to the effect that the token issuance has failed is received, the message output unit 204 outputs to that effect. For example, the message output unit 204 outputs a message such as "Sorry. The procedure by face recognition cannot be performed. Please go to the manned booth."

The check-in execution unit 205 is a means for performing a user's check-in procedure. The check-in execution unit 205 executes a check-in procedure such as seat selection based on the ticket presented by the user. For example, the check-in execution unit 205 transmits the information described in the ticket to the DCS (Departure Control System), and acquires the information described in the boarding pass from the DCS. Since the operation of the check-in execution unit 205 can be the same as the operation of the existing check-in terminal, a more detailed description will be omitted.

The storage unit 206 is a means for storing information necessary for the operation of the check-in terminal 10.

[Boarding gate device]
FIG. 7 is a diagram showing an example of a processing configuration (processing module) of the boarding gate device 15 according to the first embodiment. Referring to FIG. 7, the boarding gate device 15 includes a communication control unit 301, a biometric information acquisition unit 302, an authentication request unit 303, a function realization unit 304, and a storage unit 305.

The communication control unit 301 is a means for controlling communication with other devices. For example, the communication control unit 301 receives data (packets) from the server device 20. Further, the communication control unit 301 transmits data to the server device 20. The communication control unit 301 passes the data received from the other device to the other processing module. The communication control unit 301 transmits the data acquired from the other processing module to the other device. In this way, the other processing module transmits / receives data to / from other devices via the communication control unit 301.

The biometric information acquisition unit 302 is a means for controlling a camera (not shown) to acquire biometric information of a user. The biological information acquisition unit 302 images the front of the own device at regular intervals or at predetermined timings. The biological information acquisition unit 302 determines whether or not the acquired image includes a human face image, and if the acquired image includes a face image, extracts the face image from the acquired image data.

Since existing techniques can be used for the face image detection process and the face image extraction process by the biological information acquisition unit 302, detailed description thereof will be omitted. For example, the biological information acquisition unit 302 may extract a face image (face region) from the image data by using a learning model learned by a CNN (Convolutional Neural Network). Alternatively, the biological information acquisition unit 302 may extract a face image by using a technique such as template matching.

The biological information acquisition unit 302 delivers the extracted face image to the authentication request unit 303.

The authentication request unit 303 is a means for requesting the server device 20 to authenticate the user in front of him. The authentication request unit 303 generates an authentication request including the terminal identifier assigned to the own device, the acquired face image, the operation information, and the like (see FIG. 8).

The terminal identifier is as described above. "T06" assigned to the boarding gate device 15 is set as a terminal identifier.

The operation information is information regarding the operation of the boarding gate device 15 at the time of transmitting the authentication request. Specifically, the flight number (flight number) assigned to the aircraft for which the boarding gate device 15 determines whether or not boarding is possible is set as the operation information.

The authentication request unit 303 receives a response from the server device 20 to the authentication request.

If the authentication result is "authentication failure", the authentication request unit 303 notifies the user to that effect.

If the authentication result is "authentication successful", the authentication request unit 303 notifies the function realization unit 304 to that effect. Further, the authentication request unit 303 delivers the token ID and business information acquired from the server device 20 to the function realization unit 304.

The function realization unit 304 is a means for realizing the function of the boarding gate device 15. The function realization unit 304 specifies the flight number of the aircraft on which the user (successful authentication person) can board from the acquired business information. The function realization unit 304 permits the successful person to pass through the gate when the specified flight number and the flight number assigned to the own device match. Since the operation of the function realization unit 304 can be the same as the operation of the existing boarding gate device, detailed description thereof will be omitted. In addition, a staff member working for the airline of the aircraft boarding from the boarding gate device 15 may assign (input) a flight number required for the boarding gate device 15.

The storage unit 305 is a means for storing information necessary for the operation of the boarding gate device 15.

[Other terminals]
The basic processing configuration of the other terminals (baggage deposit machine 11, passenger passage system 12, gate device 13, lounge gate 14) included in the boarding procedure system is the same as the processing configuration of the boarding gate device 15 shown in FIG. Since it can be done, a detailed explanation will be omitted. Each terminal acquires the biometric information (face image) of the system user, and requests the server device 20 to authenticate using the acquired biometric information. If the authentication is successful, the function assigned to each terminal is executed.

However, there is a difference in the authentication request generated by the authentication request unit 303 of each terminal. Specifically, since the operation of the authentication request unit 303 of the passenger passage system 12 and the gate device 13 does not change depending on the time zone, installation location, etc., it is not necessary to set a value in the "operation information" (the operation information is). Can be blank). Alternatively, the authentication request unit 303 of the passenger passage system 12 or the like may transmit an authentication request that does not include operation information to the server device 20.

The authentication requesting unit 303 of the baggage depository 11 sets the airline code of the airline that manages its own device as the operation information. Similarly, the authentication requesting unit 303 of the lounge gate 14 sets the airline code of the airline operating the lounge as the operation information.

[Server device]
FIG. 9 is a diagram showing an example of a processing configuration (processing module) of the server device 20 according to the first embodiment. Referring to FIG. 9, the server device 20 includes a communication control unit 401, a token generation unit 402, a database management unit 403, an authentication request processing unit 404, and a storage unit 405.

The communication control unit 401 is a means for controlling communication with other devices. For example, the communication control unit 401 receives data (packet) from the check-in terminal 10. Further, the communication control unit 401 transmits data to the check-in terminal 10. The communication control unit 401 passes the data received from the other device to the other processing module. The communication control unit 401 transmits the data acquired from the other processing module to the other device. In this way, the other processing module transmits / receives data to / from other devices via the communication control unit 401. The communication control unit 401 serves as a receiving unit for receiving an authentication request from the terminal.

The token generation unit 402 is a means for generating tokens in response to a token generation request from the check-in terminal 10. At that time, the token generation unit 402 determines the validity of the passport presented by the user.

Specifically, the token generation unit 402 determines whether or not the person who presented the passport to the check-in terminal 10 and the person who received the issuance of the passport are the same person. In order to execute the determination, the token generation unit 402 extracts the face image (system user's face image) included in the token generation request and the passport face image included in the passport information. The token generation unit 402 determines whether or not these two facial images substantially match.

The token generation unit 402 executes collation (one-to-one collation) of the two face images. The token generation unit 402 calculates a feature vector from each of the two images. The token generation unit 402 calculates the similarity (for example, Euclidean distance) between the two images, and determines whether the two images are facial images of the same person based on the result of the threshold processing for the calculated similarity. do. For example, if the similarity is greater than a predetermined value (if the distance is shorter than a predetermined value), the token generation unit 402 determines that the two facial images are from the same person.

When the token generation unit 402 succeeds in determining the validity of the passport using the biometric information, the token generation unit 402 issues a token. For example, the token generation unit 402 generates a unique value as the token ID based on the date and time at the time of processing, the sequence number, and the like.

When the token generation unit 402 generates a token (token ID), it sends an acknowledgment (token issuance) to the check-in terminal 10. When the token ID generation unit 402 fails to generate the token ID, the token generation unit 402 sends a negative response (not issued a token) to the check-in terminal 10.

When the token ID generation unit 402 succeeds in generating (issuing) the token ID, the token generation unit 402 hands over the generated token ID, boarding pass information, passport information, and face image (face image of the system user) to the database management unit 403.

The database management unit 403 is a means (management unit) for managing various databases built in the server device 20.

As described above, the server device 20 includes a plurality of authentication information databases and business information databases.

The first authentication information database stores biometric information of each of the plurality of users. The first authentication information database stores authentication information (token ID, biometric information) about the user without any particular classification (see FIG. 10). For example, the first authentication information database stores user authentication information in the order of system registration.

The second authentication information database stores biometric information of each of the plurality of users for each airline (airline code) (see FIG. 11).

The third authentication information database stores biometric information of each of the plurality of users for each flight number (flight number) (see FIG. 12).

Referring to FIGS. 10 to 12, each authentication information database has a field for storing a token ID, a feature amount, an invalidation flag, an invalidation time, and the like.

As mentioned above, the token ID is a temporarily issued identifier. When the user completes the procedure at the boarding gate device 15, the token ID is invalidated. That is, the token ID is not an identifier that is used permanently, but a one-time ID that has a valid period (life cycle).

The invalid flag is flag information indicating whether or not the token ID is currently valid. The invalid flag is cleared to "0" if the token ID is valid, and set to "1" if it is invalid. The invalidation time is a time stamp when the token ID is invalidated.

The authentication information database shown in FIGS. 10 to 12 is an example and does not mean to limit the items to be stored. For example, the face image of the system user, the token issuing time, the token issuing device, and the like may be stored in the authentication information database. Alternatively, the invalidation flag field and invalidation time field do not have to exist in the credential database.

The business information database is a database that manages information (business information) necessary for performing boarding procedures for users. FIG. 13 is a diagram showing an example of a business information database. Referring to FIG. 13, the business information database has fields for storing a token ID, a passenger name, a departure place, a destination, an airline code, a flight number, an operation date, and the like. In addition to the above fields, the business information database may have fields for storing sheet numbers, nationalities, passport numbers, surnames, first names, dates of birth, gender, and the like. The business information database stores business information related to a predetermined business (procedure business performed at each touch point) for each token ID.

The above information stored in the business information database is acquired from boarding pass information and passport information.

When the database management unit 403 acquires the token ID from the token generation unit 402 (when the token ID is issued), the database management unit 403 adds a new entry to each database. When adding an entry to the second and third authentication information databases, the database management unit 403 acquires the airline code and flight number from the boarding pass information, and adds the entry to the corresponding area.

When a new entry is added, the database management unit 403 sets the setting value in the field of each database. For example, the database management unit 403 generates a feature amount from the registered face image and registers the generated feature amount in each authentication information database. For fields for which setting values cannot be set, the database management unit 403 may set initial values (default values).

The authentication request processing unit 404 is a means (processing unit) for processing an authentication request acquired from a terminal. The authentication request processing unit 404 refers to a database that stores biometric information of each of the plurality of users, and processes the authentication request acquired from the terminal. More specifically, the authentication request processing unit 404 processes an authentication request from at least one terminal with reference to any one of the first to third authentication information databases.

The authentication request processing unit 404 determines the authentication information database to be referred to based on the terminal identifier included in the authentication request. Specifically, when an authentication request is received from either the passenger passage system 12 or the gate device 13, the authentication request processing unit 404 refers to the first authentication information database. That is, when the terminal identifier is either "T03" or "T04", the first authentication information database is selected and the collation process is executed.

When the authentication request is received from the baggage deposit machine 11 or the lounge gate 14 (terminal identifier is T02 or T05), the authentication request processing unit 404 refers to the second authentication information database.

When the authentication request is received from the boarding gate device 15 (terminal identifier is T06), the authentication request processing unit 404 refers to the third authentication information database.

The authentication request processing unit 404 may determine the authentication information database to be referenced by using the table information that stores the relationship between the terminal identifier and the authentication information database to be referenced. The authentication request processing unit 404 narrows down the biometric information used when processing the authentication request according to the type of the terminal that has sent the authentication request.

The authentication request includes the biometric information of the person to be authenticated. The authentication request processing unit 404 executes a collation process (one-to-N collation) using the biometric information included in the authentication request and the biometric information contained in the authentication information database.

At that time, the authentication request processing unit 404 determines the search range of the authentication information database based on the operation information included in the authentication request.

Specifically, when referring to the first authentication information database, the authentication request processing unit 404 targets all areas (all entries) for collation processing. When referring to the second authentication information database, the authentication request processing unit 404 targets the entry of the area (range) corresponding to the airline code obtained as the operation information as the target of the collation process. When referring to the third authentication information database, the authentication request processing unit 404 targets the entry of the area (range) corresponding to the flight number obtained as the operation information as the target of the collation process.

When executing the collation process for the entries registered in the authentication information database, the authentication request processing unit 404 generates a feature amount from the face image acquired from the terminal. The authentication request processing unit 404 extracts feature points from the face image. Since existing techniques can be used for the feature point extraction process, detailed description thereof will be omitted. For example, the authentication request processing unit 404 extracts eyes, nose, mouth, and the like as feature points from the face image. After that, the authentication request processing unit 404 calculates the position of each feature point and the distance between each feature point as a feature quantity, and generates a feature vector composed of a plurality of feature quantities.

The authentication request processing unit 404 uses the generated feature amount (feature vector) as the feature amount on the collation side, the feature amount registered in the authentication information database, and is a valid feature amount (feature amount of an entry that has not been invalidated). Is set for each feature on the registration side.

The authentication request processing unit 404 calculates the degree of similarity between the feature amount on the collation side and the plurality of feature amounts on the registration side. For the similarity, a chi-square distance, an Euclidean distance, or the like can be used. The farther the distance is, the lower the similarity is, and the closer the distance is, the higher the similarity is.

If the authentication request processing unit 404 has a plurality of features (valid features) registered in the authentication information database and the similarity with the features to be collated is equal to or higher than a predetermined value, the feature quantity exists. Judge that the authentication was successful.

If the authentication is successful, the authentication request processing unit 404 identifies the token ID corresponding to the feature amount having the highest degree of similarity. The authentication request processing unit 404 searches the business information database using the specified token ID as a key, and identifies the corresponding entry.

The authentication request processing unit 404 transmits the authentication result to the terminal (responds to the authentication request). If the authentication is successful, the authentication request processing unit 404 transmits to that effect (authentication success) and a response including the business information and token ID specified from the business information database to the terminal. If the authentication fails, the authentication request processing unit 404 sends a response including that fact (authentication failure) to the terminal.

The storage unit 405 stores various information necessary for the operation of the server device 20. An authentication information database and a business information database are constructed in the storage unit 405.

[System operation]
Subsequently, the operation of the boarding procedure system according to the first embodiment will be described. FIG. 14 is a sequence diagram showing an example of the operation of the boarding procedure system according to the first embodiment. The operation when the authentication process from the boarding gate device 15 is executed will be described with reference to FIG. The description of the operation related to system registration is omitted.

The boarding gate device 15 acquires a face image of the user (certified person) and transmits an authentication request to the server device 20 (step S01).

The server device 20 extracts a terminal identifier from the authentication request, and determines a database to be used for the collation process from the plurality of authentication information databases based on the extracted terminal identifier (step S02). In this case, since the authentication request from the boarding gate device 15 has been received, the server device 20 selects the third authentication information database.

The server device 20 determines the search range in the selected authentication information database based on the operation information included in the authentication request (step S03). In this case, the server device 20 selects, among the entries stored in the third authentication information database, the entries classified and stored in the flight number (flight number) included in the authentication request as the search range. In the example of FIG. 12, if the flight number set in the operation information is "FL01", the entries in the first to third lines are selected as the entries in the search range.

The server device 20 generates a feature amount from the face image included in the authentication request (step S04).

The server device 20 executes an authentication process using biometric information (authentication information) included in the search range of the selected authentication information database (step S05).

If the authentication is successful (step S06, Yes branch), the server device 20 searches the business information database using the token ID obtained by the collation process as a key (step S07).

If the authentication fails (step S06, No branch), the server device 20 executes the process of step S08.

The server device 20 transmits the authentication result (authentication success, authentication failure) to the boarding gate device 15 (step S08). If the authentication is successful, the server device 20 transmits a response including the business information identified in the search in step S07 to the boarding gate device 15.

The boarding gate device 15 that has received the authentication result performs business processing according to the content (step S09). Upon receiving the successful authentication, the boarding gate device 15 determines whether or not the user (successful authentication person) is qualified to board the aircraft. Specifically, the boarding gate device 15 determines whether or not the flight number (flight number) assigned to the own device and the flight number included in the business information match.

When it is determined that the user can board the aircraft, the boarding gate device 15 permits the successful person to pass through the gate. If it is determined that the user cannot board the aircraft, the boarding gate device 15 does not allow the successfully authenticated person to pass through the gate.

The boarding gate device 15 notifies the server device 20 that the successful authentication person has passed the gate. Specifically, the boarding gate device 15 notifies the server device 20 of the token ID of the successful authentication person. The database management unit 403 of the server device 20 invalidates the entry corresponding to the successful authentication person who has passed through the gate. Specifically, the database management unit 403 sets "1" in the invalid flag field of the corresponding entry. At that time, the database management unit 403 invalidates the corresponding entries of the first to third authentication information databases. That is, when the successful authentication person passes through the boarding gate device 15, the database management unit 403 invalidates the entry of the user who has passed through the boarding gate device 15 among the entries stored in each of the first to third authentication information databases. To.

Since the server device 20 sets the biometric information stored in the valid entry of the first to third authentication information databases as the biometric information on the registration side, the amount of data in each database increases as the user boarded the aircraft. to shrink. Therefore, in the authentication process using the second and third authentication information databases, the amount of data is reduced by completing the boarding procedure by the user, and the amount of data is narrowed down by airline code or flight number. You can benefit from the reduction of.

As described above, in the first embodiment, the authentication information database to be referred to is determined according to the type of the source of the authentication request, and the search range of each database is determined according to the operating status of the sender. As a result, when the search range of entries can be narrowed down as in the lounge gate 14 and the boarding gate device 15, the amount of data stored in the database is substantially reduced and the authentication accuracy is improved. That is, when the terminal that is the source of the authentication request is a terminal of a predetermined type, the authentication request processing unit 404 of the server device 20 makes an authentication request using some of the biometric information among the plurality of biometric information. To process. For example, if the source of the authentication request is the boarding gate device 15, the server device 20 determines whether or not the user can pass through the flight (the boarding gate device 15 determines whether or not the user can pass through). Process the authentication request using the biometric information of the determined flight). In the third authentication information database that separately stores the biometric information of the user for each flight, the number of users of each flight (aircraft, flight number) is small in view of the total number of system users. Therefore, the number of entries to be collated is reduced, and the accuracy of biometric authentication is improved.

Next, the hardware of each device constituting the boarding procedure system will be described. FIG. 15 is a diagram showing an example of the hardware configuration of the server device 20.

The server device 20 can be configured by an information processing device (so-called computer), and includes the configuration illustrated in FIG. For example, the server device 20 includes a processor 311, a memory 312, an input / output interface 313, a communication interface 314, and the like. The components such as the processor 311 are connected by an internal bus or the like and are configured to be able to communicate with each other.

However, the configuration shown in FIG. 15 is not intended to limit the hardware configuration of the server device 20. The server device 20 may include hardware (not shown) or may not include an input / output interface 313 if necessary. Further, the number of processors 311 and the like included in the server device 20 is not limited to the example of FIG. 15, and for example, a plurality of processors 311 may be included in the server device 20.

The processor 311 is a programmable device such as a CPU (Central Processing Unit), an MPU (Micro Processing Unit), and a DSP (Digital Signal Processor). Alternatively, the processor 311 may be a device such as an FPGA (Field Programmable Gate Array) or an ASIC (Application Specific Integrated Circuit). Processor 311 executes various programs including an operating system (OS).

The memory 312 is a RAM (Random Access Memory), a ROM (Read Only Memory), an HDD (Hard Disk Drive), an SSD (Solid State Drive), or the like. The memory 312 stores an OS program, an application program, and various data.

The input / output interface 313 is an interface of a display device or an input device (not shown). The display device is, for example, a liquid crystal display or the like. The input device is, for example, a device that accepts user operations such as a keyboard and a mouse.

The communication interface 314 is a circuit, a module, or the like that communicates with another device. For example, the communication interface 314 includes a NIC (Network Interface Card) and the like.

The function of the server device 20 is realized by various processing modules. The processing module is realized, for example, by the processor 311 executing a program stored in the memory 312. The program can also be recorded on a computer-readable storage medium. The storage medium may be a non-transient such as a semiconductor memory, a hard disk, a magnetic recording medium, or an optical recording medium. That is, the present invention can also be embodied as a computer program product. Further, the above program can be downloaded via a network or updated by using a storage medium in which the program is stored. Further, the processing module may be realized by a semiconductor chip.

The check-in terminal 10, the boarding gate device 15, and the like can also be configured by an information processing device like the server device 20, and the basic hardware configuration thereof is not different from that of the server device 20, so the description thereof will be omitted. .. The check-in terminal 10 or the like may be provided with a camera or the like.

The server device 20 is equipped with a computer, and the function of the server device 20 can be realized by causing the computer to execute a program. Further, the server device 20 executes the control method of the server device by the program.

[Modification example]
The configuration, operation, and the like of the boarding procedure system described in the above embodiment are examples, and are not intended to limit the system configuration and the like.

In the above embodiment, it has been described that the system registration is performed after the user's check-in procedure, but the system registration may be performed before the check-in procedure. In this case, since the boarding pass has not been issued before the check-in procedure, the server device 20 may register the system using the ticket information instead of the boarding pass.

In the above embodiment, a case where system registration (registration for realizing boarding procedure using biometric authentication) is performed by the check-in terminal 10 has been described. However, the system registration may be performed by a device or terminal other than the check-in terminal 10. For example, a device dedicated to system registration may be installed at the airport, or system registration may be performed at a terminal (touch point) such as a baggage deposit machine 11 or a passenger passage system 12.

In the above embodiment, the case where a series of boarding procedures are performed by biometric authentication has been described, but some procedures may be performed by biometric authentication. For example, in FIG. 2, the system may be registered in the baggage deposit machine 11 and the procedures (security inspection, etc.) after the baggage deposit may be performed by biometric authentication. In other words, some of the boarding procedures may be carried out at a manned booth or the like.

In the above embodiment, the case where the server device 20 includes a plurality of databases has been described. However, the authentication information database and the business information database built in the server device 20 may be built in a database server different from that of the server device 20. That is, the boarding procedure system may include various means (for example, token generation means) described in the above embodiment.

In the above embodiment, the case where the face image is included in the authentication request has been described, but the feature amount generated from the face image may be included in the authentication request. In this case, the server device 20 may process the authentication request using the feature amount extracted from the authentication request and the feature amount registered in the authentication information database.

The server device 20 may delete the invalidated entry after a predetermined period of time has elapsed since the entry was invalidated. More specifically, the database management unit 403 may periodically refer to the invalidation time field of the authentication information database and delete the entry after a predetermined period (for example, 24 hours) has passed since the entry was invalidated.

In the above embodiment, the case where three authentication information databases are prepared has been described, but substantially the same as the contents described above may be realized by preparing one authentication information database. Specifically, the airline code field and the flight number field may be provided in the first authentication information database, and the server device 20 may process the authentication request with reference to these fields. For example, when an authentication request is obtained from the lounge gate 14, the server device 20 may target an entry in which the same value as the airline code included in the authentication request is set in the airline code field as the target of the collation process. good. That is, the server device 10 includes a database including an airline code field for storing an airline code and a flight number field for storing a flight number for each of the plurality of users. The authentication request processing unit 404 determines whether to refer to the value of the airline code field or the flight number field when processing the authentication request, based on the type of the terminal that is the source of the authentication request. For example, if the terminal is the boarding gate device 15, the authentication request processing unit 404 refers to the value in the flight number field of the database and collates the passengers of the flight for which the boarding gate device 15 determines whether or not the user can pass. Set as the processing target. In this way, the authentication request processing unit 404 narrows down the biometric information used when processing the authentication request according to the type of at least one or more terminals.

Alternatively, the second and third authentication information databases may be further subdivided. Specifically, one authentication information database may store an entry corresponding to one airline code or flight number. That is, the server device 20 may include a second authentication information database group and a third authentication information database group.

When users of a plurality of airlines can use the same lounge, the lounge gate 14 may set an airline code corresponding to each airline in the operation information. For example, when the users (passengers) of airline A and airline B can use the same lounge, the airline codes of airline A and airline B may be set as operation information. In this case, the authentication request processing unit 404 may target the entry corresponding to each of the plurality of airline codes set in the operation information among the entries of the second authentication information database.

The form of data transmission / reception between the check-in terminal 10 and the like and the server device 20 is not particularly limited, but the data transmitted / received between these devices may be encrypted. Boarding pass information and passport information include personal information, and it is desirable that encrypted data be sent and received in order to properly protect the personal information.

In the flow chart (flow chart, sequence diagram) used in the above description, a plurality of steps (processes) are described in order, but the execution order of the steps executed in the embodiment is not limited to the order of description. In the embodiment, the order of the illustrated processes can be changed within a range that does not hinder the contents, for example, each process is executed in parallel.

The above embodiments have been described in detail to facilitate understanding of the present disclosure and are not intended to require all of the configurations described above. Moreover, when a plurality of embodiments are described, each embodiment may be used alone or in combination. For example, it is possible to replace a part of the configuration of the embodiment with the configuration of another embodiment, or to add the configuration of another embodiment to the configuration of the embodiment. Further, it is possible to add, delete, or replace a part of the configuration of the embodiment with another configuration.

Although the industrial applicability of the present invention is clear from the above description, the present invention is suitably applicable to a boarding procedure system at an airport or the like. However, the application of the disclosure of the present application is not limited to the procedures at the airport, and the disclosure of the present application can be applied to a system requiring a plurality of procedures.

Some or all of the above embodiments may also be described, but not limited to:
[Appendix 1]
A receiver that receives authentication requests from at least one terminal,
A processing unit that processes the authentication request by referring to a database that stores biometric information of each of a plurality of users.
Equipped with
The processing unit is a server device that processes the authentication request by using a part of the biometric information among the plurality of biometric information when the terminal for transmitting the authentication request is a terminal of a predetermined type.
[Appendix 2]
A first authentication information database that stores biometric information of each of the plurality of users,
A second authentication information database that stores the biometric information of each of the plurality of users for each airline, and
A third authentication information database that stores the biometric information of each of the plurality of users for each flight number, and
Further prepare
The processing unit determines a database to be referred to from the first to third databases according to the type of at least one or more terminals, and processes the authentication request with reference to the determined database. The server device according to Appendix 1.
[Appendix 3]
The at least one terminal transmits the authentication request including the terminal identifier indicating the type of the own device.
The server device according to Appendix 2, wherein the processing unit determines the authentication information database to be referred to based on the terminal identifier.
[Appendix 4]
The at least one or more terminals transmit the authentication request including operation information regarding the operation of the own device at the time of transmitting the authentication request.
The server device according to Appendix 3, wherein the processing unit determines a search range of the determined authentication information database based on the operation information.
[Appendix 5]
When the at least one terminal is a passenger passage system or a gate device for performing immigration procedures installed at an airport, the processing unit executes a collation process with reference to the first authentication information database. The server device according to Appendix 4.
[Appendix 6]
When the at least one terminal is a baggage deposit machine installed at an airport, the baggage deposit machine sets the airline code of the airline that manages its own device in the operation information.
The server device according to Appendix 4 or 5, wherein the processing unit targets an entry in an area corresponding to an airline code set as operation information among the entries of the second authentication information database for collation processing. ..
[Appendix 7]
When the at least one or more terminals are lounge gates installed in the lounge, the lounge gate sets the airline code of the airline operating the lounge in the operation information.
The processing unit sets the entry in the area corresponding to the airline code set as the operation information among the entries in the second authentication information database to any one of the appendices 4 to 6 to be subject to the collation process. The server device described.
[Appendix 8]
When the at least one or more terminals are boarding gate devices for determining whether or not boarding is possible, the boarding gate device sets the flight number for determining whether or not boarding is possible in the operation information.
Described in any one of Supplementary note 4 to 7, wherein the processing unit targets the entry of the area corresponding to the flight number set as the operation information among the entries of the third authentication information database for the collation processing. Server device.
[Appendix 9]
The lounge gate sets the airline codes of a plurality of airlines as the operation information, and sets the airline codes as the operation information.
The server device according to Supplementary Note 7, wherein the processing unit targets entries corresponding to each of a plurality of airline codes set in the operation information among the entries of the second authentication information database for collation processing.
[Appendix 10]
Further equipped with a management unit for managing the first to third authentication information databases,
When the successful authentication person passes through the boarding gate device, the management unit invalidates the entry of the user who has passed through the boarding gate device among the entries stored in each of the first to third authentication information databases. , The server device according to Appendix 8.
[Appendix 11]
The server device according to any one of Supplementary note 1 to 10, wherein the biometric information is a face image or a feature amount generated from the face image.
[Appendix 12]
The database includes an airline code field for storing an airline code and a flight number field for storing a flight number for each of the plurality of users.
In Appendix 1, the processing unit determines whether or not to refer to the value of the airline code field or the flight number field when processing the authentication request based on the type of at least one terminal. The server device described.
[Appendix 13]
A terminal that sends an authentication request including a terminal identifier indicating the type of its own device to the server device that determines a database to be referred to when performing biometric authentication.
[Appendix 14]
The terminal according to Appendix 13, which transmits the authentication request including the operation information regarding the operation of the own device at the time of transmitting the authentication request to the server device.
[Appendix 15]
With at least one device
A server device connected to at least one terminal and
Including
The server device is
A receiving unit that receives an authentication request from at least one of the terminals.
A processing unit that processes the authentication request by referring to a database that stores biometric information of each of a plurality of users.
Equipped with
The processing unit is a system that processes the authentication request by using a part of the biometric information among the plurality of biometric information when the terminal for transmitting the authentication request is a terminal of a predetermined type.
[Appendix 16]
In the server device
Receive authentication requests from at least one device and
When the terminal that sends the authentication request is a terminal of a predetermined type, a control method of a server device that processes the authentication request using a part of the biometric information among a plurality of biometric information stored in the database. ..
[Appendix 17]
For the computer installed in the server device,
The process of receiving authentication requests from at least one terminal,
When the terminal that sends the authentication request is a terminal of a predetermined type, a process of executing the authentication process using a part of the biometric information among a plurality of biometric information stored in the database, and a process of executing the authentication process.
A computer-readable storage medium that stores programs for executing.

The disclosures of the above-mentioned prior art documents cited shall be incorporated into this document by citation. Although the embodiments of the present invention have been described above, the present invention is not limited to these embodiments. It will be appreciated by those skilled in the art that these embodiments are merely exemplary and that various modifications are possible without departing from the scope and spirit of the invention. That is, it goes without saying that the present invention includes all disclosure including claims, various modifications and modifications that can be made by those skilled in the art in accordance with the technical idea.

10 Check-in terminal 11 Baggage deposit machine 12 Passenger passage system 13 Gate device 14 Lounge gate 15 Boarding gate device 20, 100 Server device 101 Receiver 102 Processing section 201, 301, 401 Communication control section 202 System registration section 203 Token issuance request section 204 Message output unit 205 Check-in execution unit 206, 305, 405 Storage unit 211 Boarding pass information acquisition unit 212 Passport information acquisition unit 213, 302 Biometric information acquisition unit 303 Authentication request unit 304 Function realization unit 311 Processor 312 Memory 313 Input / output interface 314 Communication interface 402 Token generation unit 403 Database management unit 404 Authentication request processing unit

Claims (14)

A receiver that receives authentication requests from at least one terminal,
A first authentication information database that stores biometric information for each of multiple users,
A second authentication information database that stores the biometric information of each of the plurality of users for each airline, and
A third authentication information database that stores the biometric information of each of the plurality of users for each flight number, and
A processing unit that refers to the first to third authentication information databases and processes the authentication request.
Equipped with
When the terminal for transmitting the authentication request is a terminal of a predetermined type, the processing unit may refer to an authentication information database from the first to third authentication information databases according to the type of the terminal. A server device that determines and processes the authentication request using some of the biometric information among the plurality of biometric information stored in the determined authentication information database . At least one of the terminals transmits the authentication request including the terminal identifier indicating the type of the own device.
The server device according to claim 1 , wherein the processing unit determines the authentication information database to be referred to based on the terminal identifier. At least one of the terminals transmits the authentication request including operation information regarding the operation of the own device at the time of transmitting the authentication request.
The server device according to claim 2 , wherein the processing unit determines a search range of the determined authentication information database based on the operation information. If the terminal that sends the authentication request is a passenger passage system or a gate device that performs immigration procedures installed at the airport, the processing unit refers to the first authentication information database and performs collation processing. The server device according to claim 3 to be executed. When the terminal that sends the authentication request is a baggage deposit machine installed at the airport, the baggage deposit machine sets the airline code of the airline that manages its own device as the operation information.
The third or fourth aspect in which the processing unit targets the entry corresponding to the airline code set as the operation information among the entries of the second authentication information database for the matching process. Server device. When the terminal for transmitting the authentication request is a lounge gate installed in the lounge, the lounge gate sets the airline code of the airline operating the lounge as the operation information.
Any of claims 3 to 5 , wherein the processing unit targets the entry corresponding to the airline code set as the operation information among the entries of the second authentication information database for the collation process. The server device according to one item. When the terminal that transmits the authentication request is a boarding gate device that determines whether or not boarding is possible, the boarding gate device sets the flight number that determines whether or not boarding is possible as the operation information.
Any one of claims 3 to 6 , wherein the processing unit targets the entry corresponding to the flight number set as the operation information among the entries of the third authentication information database for the collation process. The server device according to one item. The lounge gate , which is the terminal, sets airline codes of a plurality of airlines as the operation information, and sets the operation information.
The server device according to claim 6 , wherein the processing unit targets entries corresponding to each of a plurality of airline codes set in the operation information among the entries of the second authentication information database. .. Further equipped with a management unit for managing the first to third authentication information databases,
When a user who has succeeded in authentication by the processing of the processing unit passes through the boarding gate device, the management unit uses the boarding gate device among the entries stored in each of the first to third authentication information databases. The server device according to claim 7 , which invalidates the user's entry that has passed. The server device according to any one of claims 1 to 9 , wherein the biometric information is a face image or a feature amount generated from the face image. A receiver that receives authentication requests from at least one terminal,
A processing unit that processes the authentication request by referring to a database that stores biometric information of each of a plurality of users.
Equipped with
The database includes an airline code field for storing an airline code and a flight number field for storing a flight number for each of the plurality of users.
When the processing unit processes the authentication request using some of the biometric information stored in the database, the terminal for transmitting the authentication request is a predetermined type of terminal. If, the server device determines whether or not to refer to the value of the airline code field or the flight number field based on the type of the terminal. With at least one device
A server device connected to at least one of the terminals, and
Including
The server device is
A receiver that receives an authentication request from the terminal,
A first authentication information database that stores biometric information for each of multiple users,
A second authentication information database that stores the biometric information of each of the plurality of users for each airline, and
A third authentication information database that stores the biometric information of each of the plurality of users for each flight number, and
A processing unit that refers to the first to third authentication information databases and processes the authentication request.
Equipped with
When the terminal for transmitting the authentication request is a terminal of a predetermined type, the processing unit may refer to an authentication information database from the first to third authentication information databases according to the type of the terminal. The authentication request is processed by using a part of the biometric information among the plurality of biometric information stored in the determined authentication information database .
or,
The server device is
A receiver that receives authentication requests from at least one terminal,
A processing unit that processes the authentication request by referring to a database that stores biometric information of each of a plurality of users.
Equipped with
The database includes an airline code field for storing an airline code and a flight number field for storing a flight number for each of the plurality of users.
When the processing unit processes the authentication request using some of the biometric information stored in the database, the terminal for transmitting the authentication request is a predetermined type of terminal. If, it is determined whether or not to refer to the value of the airline code field or the flight number field based on the type of the terminal.
system. The server device
Receive authentication requests from at least one device and
When the terminal that sends the authentication request is a terminal of a predetermined type, the first authentication information database that stores the biometric information of each of the plurality of users and the biometric information of each of the plurality of users are stored by the airline company. The authentication request is transmitted to the authentication information database that refers to the second authentication information database that is stored for each and the third authentication information database that stores the biometric information of each of the plurality of users for each flight number. It is determined according to the type of the terminal to be used, and the authentication request is processed by using a part of the biometric information among the plurality of biometric information stored in the determined authentication information database .
Refer to a database including an airline code field that stores biometric information of each of a plurality of users and stores an airline code related to the user, and a flight number field that stores a flight number related to the user. When the authentication request is processed by using a part of the biometric information among the plurality of biometric information, and the terminal for transmitting the authentication request is a predetermined type of terminal, the terminal is used. Determine whether to refer to the value of the airline code field or flight number field based on the type.
How to control the server device. For the computer installed in the server device,
The process of receiving authentication requests from at least one terminal,
When the terminal that sends the authentication request is a terminal of a predetermined type, the first authentication information database that stores the biometric information of each of the plurality of users and the biometric information of each of the plurality of users are stored by the airline company. The authentication request is transmitted to the authentication information database that refers to the second authentication information database that is stored for each and the third authentication information database that stores the biometric information of each of the plurality of users for each flight number. A process that determines according to the type of terminal to be used and executes an authentication process using some of the biometric information stored in the determined authentication information database , or a process for each of a plurality of users. A plurality of the biometric information with reference to a database including an airline code field for storing biometric information and storing an airline code for the user and a flight number field for storing the flight number for the user. When the authentication request is processed using a part of the biometric information and the terminal for transmitting the authentication request is a predetermined type of terminal, the terminal is based on the type of the terminal. The process of deciding whether to refer to the value of the airline code field or flight number field ,
A computer program to run.

Images