JP7068710B2 - Information processing equipment, information processing method, information processing program - Google Patents

Description

The present invention relates to an information processing apparatus, an information processing method and an information processing program .

As an identity verification method, an authentication device using a face photograph has been conventionally known. In the conventional authentication device, in order to prevent "spoofing" by this facial photograph, one phrase is randomly selected from a plurality of phrases stored in the storage unit when performing personal authentication, and the selected phrase is selected. It is output to the display device and made to be pronounced by the user, and the movement of the user's mouth and the voice data of the voice uttered by the user are analyzed using the imaged data obtained by imaging the user to determine whether or not the user is uttering a phrase. It has been proposed to authenticate the person by doing so (see, for example, Patent Document 1).

Japanese Unexamined Patent Publication No. 2011-215942

In the authentication method disclosed in Patent Document 1, spoofing can be prevented because it is determined whether or not the user is uttering a phrase by analyzing the movement of the user's mouth and the voice data of the voice uttered by the user. There is. However, there is room for further improvement in the reliability of identity verification.

The present invention has been made in view of the above problems, and an object of the present invention is to provide an information processing device, an information processing method, and an information processing program capable of performing highly reliable identity verification.

In order to solve the above problems, the information processing device of the present invention is an information processing device that acquires image data of an identity verification document, and is a storage in which a plurality of screen data for imaging an identity verification document having different imaging positions are stored. The image pickup position lottery section for drawing the image of the identity verification document using the screen data for capturing the identity verification document having a different image pickup position, and the position drawn by the image pickup position lottery section. It is provided with an image pickup method instruction unit for instructing to image an identity verification document, and an image pickup data acquisition unit for acquiring image pickup data of the identity verification document imaged based on an instruction by the image pickup method instruction unit .

According to the present invention, it is possible to provide an information processing device, an information processing method, and an information processing program capable of performing highly reliable identity verification.

It is a schematic block diagram of the authentication system 1 which concerns on 1st Embodiment. It is a configuration and function block diagram of the user terminal 2 which concerns on 1st Embodiment. It is a configuration and function block diagram of the authentication server 3 which concerns on 1st Embodiment. It is a figure explaining the operation of the 1st to 4th determination part of the authentication server 3 which concerns on 1st Embodiment. It is a flowchart which shows the process of the authentication system which concerns on 1st Embodiment (imaging process). It is a flowchart which shows the process of the authentication system which concerns on 1st Embodiment (authentication process). It is a functional block diagram of the user terminal 2 and the authentication server 3 which concerns on 2nd Embodiment. It is a flowchart which shows the process of the authentication system which concerns on 2nd Embodiment (imaging process). It is a flowchart which shows the process of the authentication system which concerns on 2nd Embodiment (authentication process). It is a flowchart which shows the process of the authentication system which concerns on modification 2 of 2nd Embodiment (authentication process). It is a functional block diagram of the user terminal 2 and the authentication server 3 which concerns on 3rd Embodiment. It is a figure which shows an example of the screen displayed on the display device 200D of the user terminal 2 which concerns on 3rd Embodiment. It is a flowchart which shows the process of the authentication system which concerns on 3rd Embodiment (imaging process).

Hereinafter, embodiments of the present invention will be described with reference to the drawings. In addition to the driver's license, various identity verification documents such as a passport (passport), basic resident register card (with a photo), and residence card should be used as identity verification documents with a face photo to be used for identity verification. Can be done.

[First Embodiment]
First, the configuration of the authentication system 1 will be described with reference to FIG. The authentication system 1 includes a user terminal 2 and an authentication server 3. The user terminal 2 and the authentication server 3 have a configuration connected via the network 4. The number of the user terminal 2 and the authentication server 3 included in the authentication system 1 is arbitrary. Further, the network 4 may be configured by any communication network as long as the user terminal 2 and the authentication server 3 can communicate with each other.

(User terminal 2)
The user terminal 2 is a terminal (for example, a smartphone, a tablet PC (Personal Computer), a desktop PC, a notebook PC, etc.) used by the user U (for example, a user who wants to authenticate the identity). The user U uses the user terminal 2 to authenticate the identity verification.

FIG. 2A is a hardware configuration diagram of the user terminal 2, and FIG. 2B is a functional block diagram of the user terminal 2. As shown in FIG. 2A, the user terminal 2 has a configuration in which a communication IF 200A, a storage device 200B, an input device 200C, a display device 200D, an image pickup device 200E, a voice output device 200F, and a CPU 200G are connected via a bus 200H. To prepare for.

The communication IF 200A is an interface for communicating with the authentication server 3.

The storage device 200B is, for example, an HDD or a semiconductor storage device. An authentication program (application software) is stored in the storage device 200B. Further, the storage device 200B stores a database in which text data and voice data for instructing a plurality of operations used in the operation instruction unit 208, which will be described later, are stored in association with the operation ID.

Text data and voice data of various operations are stored in the database in association with the operation ID. For example, "Please close both eyelids for 3 seconds", "Please close the left eyelid for 3 seconds", "Please close the right eyelid for 3 seconds", "Open your mouth wide", "Face to fit the screen" Text data and voice data such as "Please move", "Please nod loudly", "Slowly pronounce" A, O, U, E, O "", "Please stick out your tongue" are working. It is stored in association with the ID.

Table 1 below shows an example of the above database. As shown in Table 1, text data and voice data of various operations are stored in association with the operation ID.

In the first embodiment, the operation is instructed to the user U by displaying the text data on the display device 200D and outputting the voice data from the voice output device 200F, but the text data on the display device 200D. The operation may be instructed to the user U by either the display of the above or the output of the above-mentioned voice data from the voice output device 200F.

The input device 200C is, for example, a touch panel, a keyboard, a mouse, or the like, and the user U can operate the input device 200C to authenticate the identity verification.

The display device 200D is, for example, a liquid crystal monitor, an organic EL monitor, or the like. The display device 200D displays a screen necessary for using the authentication system 1 according to the first embodiment.

The image pickup device 200E is a camera provided with an individual image pickup device such as a CCD (charge-coupled device) image sensor or a CMOS (complementary MOS) image sensor, for example. The user U uses the image pickup device 200E to capture a moving image of the identity verification document (hereinafter, also referred to as first imaging data) and a self-portrait moving image of the user U (hereinafter, also referred to as second imaging data). By capturing a moving image of the identity verification document, it is possible to confirm that the image is not an image of the identity verification document acquired from the Internet or the like, and the reliability of the identity verification can be improved.

The audio output device 200F is a speaker and outputs audio.

The CPU 200G controls the user terminal 2 and includes a ROM (Read Only Memory) and a RAM (Random Access Memory) (not shown).

As shown in FIG. 2B, the user terminal 2 includes an image pickup device control unit 201, an input reception unit 202, a display device control unit 203, a transmission unit 204, a reception unit 205, an operation extraction unit 206, and an instruction timing determination unit 207. , Operation instruction unit 208, voice output device control unit 209, storage device control unit 210, and the like. The function shown in FIG. 2B is realized by the CPU 200G executing a management program stored in a ROM (not shown) of the user terminal 2.

The image pickup device control unit 201 controls the image pickup by the image pickup device 200E. Specifically, the image pickup device control unit 201 controls the image pickup device 200E.

The input receiving unit 202 receives an input operation on the input device 200C.

The display device control unit 203 controls the display device 200D. Specifically, the display device control unit 203 displays a screen necessary for using the authentication system 1 according to the first embodiment. For example, the display device control unit 203 reads out the text data corresponding to the operation ID extracted by the operation extraction unit 206 based on the instruction by the operation instruction unit 208, and displays it on the display device 200D. The display device 200D displays the instruction in text (for example, "Please close your eyes for 3 seconds").

For example, the transmission unit 204 has the imaging data (first and second imaging data), the timing at which the operation is instructed (the timing of the operation instruction determined by the instruction timing determination unit 207 (how many seconds after the start of imaging of the self-portrait moving image). )), The information of the operation ID (operation ID extracted by the operation extraction unit 206) is transmitted to the authentication server 3.

The receiving unit 205 receives the information transmitted from the authentication server 3.

The motion extraction unit 206 randomly extracts one or more motion IDs from the motion IDs stored in the storage device 200B.

The instruction timing determination unit 207 randomly determines the timing at which the operation instruction unit 208, which will be described later, instructs the user U to perform an operation (for example, 3 seconds or 5 seconds after the start of imaging of the self-portrait moving image).

The operation instruction unit 208 instructs the user U to perform one or more operations at the timing determined by the instruction timing determination unit 207. Specifically, the operation instruction unit 208 instructs the display device control unit 203 to display the text data corresponding to the operation ID extracted by the operation extraction unit 206 at the timing determined by the instruction timing determination unit 207. do. Further, the operation instruction unit 208 instructs the voice output device control unit 209 to output the voice data corresponding to the operation ID extracted by the operation extraction unit 206 at the timing determined by the instruction timing determination unit 207.

The voice output device control unit 209 reads out the voice data corresponding to the operation ID extracted by the operation extraction unit 206 based on the instruction by the operation instruction unit 208, and outputs the voice data from the voice output device 200F. The voice output device 200F outputs an operation instruction as a voice (for example, "Please close your eyes for 3 seconds").

The storage device control unit 210 controls the storage device 200B. Specifically, the storage device control unit 210 controls the storage device 200B to write and read information.

(Authentication server 3)
The authentication server 3 confirms the identity of the user U based on the information transmitted from the user terminal 2 (first and second imaging data transmitted from the user terminal 2, timing of operation instruction, operation ID).

3A (a) is a hardware configuration diagram of the authentication server 3, and FIG. 3A (b) is a functional block diagram of the authentication server 3. 3B (a) is a diagram illustrating the operation of the first determination unit 304 included in the authentication server 3, and FIG. 3B (b) is a diagram and view illustrating the determination content of the second determination unit 305 included in the authentication server 3. 3B (c) is a diagram for explaining the determination content of the third determination unit 306 of the authentication server 3, and FIG. 3B (d) is a diagram for explaining the determination content of the fourth determination unit 307 of the authentication server 3. .. Hereinafter, the authentication server 3 will be described with reference to FIGS. 3A and 3B.

As shown in FIG. 3A (a), the authentication server 3 includes a configuration in which a communication IF 300A, a storage device 300B, and a CPU 300C are connected via a bus 300D.

The communication IF 300A is an interface for communicating with the user terminal 2.

The storage device 300B is, for example, an HDD or a semiconductor storage device. The storage device 300B stores an authentication program or the like used in the authentication system 1. Further, the storage device 300B stores a database in which a plurality of operation contents are stored in association with an operation ID for each operation. This corresponds to the database stored in the storage device 200B of the user terminal 2, and the authentication server 3 is transmitted from the user terminal 2 by referring to the database stored in the storage device 300B. Based on the operation ID, it is possible to recognize what kind of operation is instructed to the user U by the user terminal 2.

The CPU 300C controls the authentication server 3 and includes a ROM (Read Only Memory) and a RAM (Random Access Memory) (not shown).

As shown in FIG. 3A (b), the authentication server 3 includes a receiving unit 301 (first and second acquisition units), an operation instruction timing recognition unit 302, a still image data extraction unit 303, a first determination unit 304, and a second. It has functions such as a determination unit 305, a third determination unit 306, a fourth determination unit 307, a storage device control unit 308, and a transmission unit 309. The function shown in FIG. 3A (b) is realized by the CPU 300C executing the management program stored in the ROM (not shown) of the authentication server 3.

The receiving unit 301 receives information transmitted from the user terminal 2, for example, image pickup data (first and second image pickup data), operation instruction timing, and operation ID information.

The operation instruction timing recognition unit 302 recognizes how many seconds after the start of imaging of the self-portrait moving image, the operation is instructed, based on the operation instruction timing information transmitted from the user terminal 2.

The still image data extraction unit 303 extracts (cuts out) still image data from the imaged data (first and second imaged data) received by the receiving unit 301. Specifically, the still image data extraction unit 303 extracts the still image data (hereinafter, also referred to as the first image data) of the identity verification document (the one in which the face photograph is shown) from the first captured data. Further, the still image data extraction unit 303 is based on the timing of the operation instruction recognized by the operation instruction timing recognition unit 302, from the second image pickup data received by the reception unit 301, the still image data before the operation instruction (the first). 2 Image data) and still image data after the operation instruction (hereinafter, also referred to as third image data) are extracted. For example, if the timing of the operation instruction recognized by the operation instruction timing recognition unit 302 is 3 seconds later, the still image data extraction unit 303 receives the operation instruction from the second image pickup data received by the reception unit 301 before the operation instruction (self). Still image data (second image data) after 3 seconds from the start of imaging of the captured video, and still image data (third image) after instructions for operation (after 3 seconds from the start of imaging of the self-portrait video). Data) and extract.

The first determination unit 304 is based on the first image data and the second image data (still image data of the face photograph of the identity verification document and still image data of the user U) extracted by the still image data extraction unit 303. It is determined whether or not the person in the face photograph of the identity verification document and the user U are the same person (see FIG. 3B (a)).

Specifically, the first determination unit 304 cuts out a region including a face (object) from the first and second image data. Next, the first determination unit 304 assigns an inclined point to a portion of a plurality of locations (a plurality of locations where features of the human face appear, such as the contour of the face, the contour of the eyes, the eyebrows, the nose, and the mouth), which are particularly important. (Weighting is performed), the degree of similarity of each point given by this graded score (score: the more similar the score is, the higher the score) is calculated, and the calculated scores are added to calculate the total score. Next, the first determination unit 304 calculates a value obtained by normalizing the total score on a scale of 100 points, and if the value is equal to or greater than a predetermined threshold value, it is determined that the person is the same person.

The degree of similarity (score) can be calculated based on, for example, the following viewpoints. The following viewpoints are merely examples, and the degree of similarity may be calculated from other viewpoints (methods).
(1) Distance relationship (eye-to-eye distance / close, etc.)
(2) Angle relationship (fishing eyes / sagging eyes, etc.)
(3) Positional relationship in contour (face with parts centered)

The second determination unit 305 is based on the first image data and the second image data (still image data of the face photograph of the identity verification document and still image data of the user U) extracted by the still image data extraction unit 303. It is determined whether or not the second image data is an image obtained by capturing the user U (whether or not the image of the face photograph such as the identity verification document is diverted) (see FIG. 3B (b)).

Specifically, the second determination unit 305 cuts out a region including a face (object) from the first and second image data. Next, the second determination unit 305 has a degree of similarity (score: the more similar it is) of a plurality of locations (multiple locations where features of the human face appear, such as the contour of the face, the contour of the eyes, the eyebrows, the nose, and the mouth). The score is high), and the calculated scores are added together to calculate the total score. Next, the second determination unit 305 calculates a value obtained by standardizing the total score on a scale of 100 points, and if the value exceeds a predetermined threshold (for example, 90 points), spoofing, in other words, the identity verification document is stolen. In such a case, it is determined that the face photo of the identity verification document is processed (for example, the face photo is cut out and used as the user's self-portrait image data) and used as the user's image data. In the first embodiment, the method of calculating the degree of similarity (score) in the second determination unit 305 is the same as that of the first determination unit 304, but the degree of similarity may be calculated by another method. good.

In the determination method of the first determination unit 304, for example, the point allocation ratio is increased (weighting is heavier) in the portion (eye, nose, mouth shape, etc.) where the difference (feature) of the face appears particularly often, and the other portion is determined. By lowering the point allocation ratio (lightening the weighting), the total score will be about 100 points for the same person, and if they are not the same person, the total score will be about 0 points, and whether or not they are the same person. Depending on the weight, there will be an extreme difference in the total score. Therefore, the characteristic (algorithm) is suitable for determining whether or not the person is the same person. On the other hand, there is an extreme difference in the total score depending on whether or not they are the same person, so if the identity verification document is stolen, the face photo of the identity verification document is processed (the face photo is cut out and the user takes a self-portrait). When it is used as the image data of the user (for example, as data), it is difficult to detect the spoofing because the image data of the identity verification document and the image data of the user U are the same person.

On the other hand, since the determination method of the second determination unit 305 does not perform tilting points (weighting), it is easily affected by the determination result (total points) due to small differences in angles such as the angle of the face. Therefore, it is considered that the total score after standardization does not necessarily exceed 90 points even for the same person. In other words, if the total score after standardization exceeds a predetermined threshold (for example, 90 points), or if the identity verification document is stolen, the face photo of the identity verification document is processed (the user cuts out the face photo). It is conceivable that it is used as the user's image data (for example, as the self-portrait image data) (if the face of the identity verification document and the face of the self-portrait are too similar, the identity verification document, etc. The diversion of the face photo is suspected).

As described above, in the first embodiment, the confirmation of whether or not the person is the person and the confirmation of whether or not the image of the person is diverted are determined by using two determination methods having different characteristics (algorithms). Therefore, spoofing can be prevented very effectively.

The determination method of the first determination unit 304 described above is an example, and if the determination method has the characteristics (algorithm) suitable for determining whether or not the person is the same person described above, another graded point allocation ratio may be adopted. It does not prevent the use of the judgment method. Further, the above-mentioned determination method of the second determination unit 305 is an example, and any other determination method has characteristics (algorithm) suitable for determining whether or not the face photograph of the above-mentioned identity verification document or the like is diverted. It does not prevent the adoption of the graded point allocation ratio and the use of the judgment method. For example, in the determination of the first determination unit 304 and the second determination unit 305, if the respective characteristics are maintained, the ratio of the inclined allocation points at specific points may be changed, and the determination is made by the load average. Various methods such as can be adopted. Further, a known face recognition method may be used, or the first determination unit 304 and the second determination unit 305 may make a determination by changing the ratio of the inclined points of a specific location in the known face authentication. You may do it. In addition, it is arbitrary as to which place is a plurality of places where the characteristics of the human face appear.

The third determination unit 306 is based on the still image data (second image data) before the operation instruction and the still image data (third image data) after the operation instruction extracted by the still image data extraction unit 303. , An operation corresponding to the operation ID received by the receiving unit 301, in other words, determining whether or not the user U has performed the instructed operation (see FIG. 3B (c)). A known method can be used for the determination by the third determination unit 306. For example, an image to be teacher data may be prepared for each operation ID, machine learning may be performed for each operation corresponding to each operation ID, and then the image may be used for determination by the third determination unit 306.

The fourth determination unit 307 is based on the still image data (second image data) before the operation instruction and the still image data (third image data) after the operation instruction, before the operation instruction and after the operation instruction. It is determined whether or not the user U reflected in the still image data of the above is the same person (see FIG. 3B (d)). Since the determination method by the fourth determination unit 307 is the same as that of the first determination unit 304, overlapping description will be omitted.

The determination method in the first determination unit 304 to the fourth determination unit 307 is not limited to the one described above, and various methods can be used.

The storage device control unit 308 controls the storage device 300B. Specifically, the storage device control unit 308 controls the storage device 300B to write and read information.

If the determination result of any of the first determination unit 304, the second determination unit 305, the third determination unit 306, or the fourth determination unit 307 is NO, the transmission unit 309 could not authenticate (authentication error). Is transmitted to the user terminal 2.

(Processing of authentication system 1)
Hereinafter, the processing of the authentication system 1 will be described with reference to FIGS. 4A and 4B.

(Imaging process)
First, the image pickup process in the user terminal 2 of the authentication system 1 will be described with reference to FIG. 4A. In FIG. 4A, a reference diagram or a sentence (character) showing the processing contents of steps S101 to S105 is shown on the left side of each step.

(Step S101)
The user U operates the input device 200C of the user terminal 2 to capture a moving image of the identity verification document (FIG. 4A illustrates an operation of capturing both sides of the driver's license). The input receiving unit 202 receives an input operation on the input device 200C. The image pickup device control unit 201 controls the image pickup device 200E to take an image based on the input operation received by the input reception unit 202. The image pickup data of the identity verification document captured by the image pickup device 200E is temporarily stored in the storage device 200B by the storage device control unit 210.

(Step S102)
Next, the user U operates the input device 200C of the user terminal 2 to start self-shooting and imaging of a moving image (the face of the user U is illustrated in FIG. 4A). The input receiving unit 202 receives an input operation on the input device 200C. The image pickup device control unit 201 controls the image pickup device 200E based on the input operation received by the input reception unit 202 to start image pickup of a moving image. The image pickup data (first image pickup data) of the moving image started by the image pickup device 200E is temporarily stored in the storage device 200B by the storage device control unit 210.

(Step S103)
The motion extraction unit 206 randomly extracts one or more motion IDs from the motions stored in the storage device 200B (in FIG. 4A, "Please close your eyes for 3 seconds" is exemplified).

(Step S104)
The instruction timing determination unit 207 randomly determines the timing at which the operation instruction unit 208, which will be described later, instructs the user U to perform an operation (in FIG. 4A, “after 3 seconds” is exemplified).

(Step S105)
The operation instruction unit 208 instructs the user U to perform one or more operations at the timing determined by the instruction timing determination unit 207 (in FIG. 4A, "Please close the eyes for 3 seconds" is exemplified). The display device control unit 203 reads out the text data corresponding to the operation ID extracted by the operation extraction unit 206 based on the instruction by the operation instruction unit 208, and displays it on the display device 200D. Further, the voice output device control unit 209 reads out the voice data corresponding to the operation ID extracted by the operation extraction unit 206 based on the instruction by the operation instruction unit 208, and outputs the voice data from the voice output device 200F. The user U operates according to the instruction (in FIG. 4A, the face of the user U with his eyes closed is illustrated).

(Step S106)
Next, the user U operates the input device 200C of the user terminal 2 to finish the imaging of the moving image. The input receiving unit 202 receives an input operation on the input device 200C. The image pickup device control unit 201 controls the image pickup device 200E based on the input operation received by the input reception unit 202 to end the imaging of the moving image. The storage device control unit 210 ends the storage of the image pickup data (second image pickup data) in the storage device 200B.

(Step S107)
The transmission unit 204 contains image pickup data (first and second image pickup data) stored in the storage device 200B, operation instruction timing determined by the instruction timing determination unit 207, and operation ID information extracted by the operation extraction unit 206. To the authentication server 3.

In the above description, the user U's self-portrait video is captured after the video of the identity verification document is captured, but the user U's self-portrait video is captured and then the video of the identity verification document is captured. You may do so. Further, although the first imaging data and the second imaging data are finally collectively transmitted to the authentication server 3, the first imaging data and the second imaging data are individually transmitted to the authentication server 3 each time the imaging is performed. You may. Further, in step S101, the identity verification document is captured by the moving image, but instead of the moving image, a still image including a face photograph of the identity verification document may be captured.

(Authentication processing)
Next, the authentication process in the authentication server 3 of the authentication system 1 will be described with reference to FIG. 4B.

(Step S201)
The receiving unit 301 receives information transmitted from the user terminal 2, for example, imaging data (first and second imaging data), operation instruction timing, and operation ID information.

(Step S202)
The operation instruction timing recognition unit 302 recognizes how many seconds after the start of imaging of the self-portrait moving image, the operation is instructed, based on the operation instruction timing information transmitted from the user terminal 2.

(Step S203)
The still image data extraction unit 303 extracts still image data from the image pickup data (first and second image pickup data) received by the reception unit 301. Specifically, the still image data extraction unit 303 extracts the still image data (first image data) of the identity verification document (the one in which the face photograph is shown) from the first captured data. Further, the still image data extraction unit 303 receives the still image data (second image data) before the operation instruction and the still image data (third image data) after the operation instruction from the second image pickup data received by the reception unit 301. ) Is extracted. Since the method of extracting the first to third image data from the first and second captured data by the still image data extraction unit 303 has already been described, duplicate description will be omitted.

(Step S204)
The first determination unit 304 is based on the first image data and the second image data (still image data of the face photograph of the identity verification document and still image data of the user U) extracted by the still image data extraction unit 303. It is determined whether or not the person in the face photograph of the identity verification document and the user U are the same person. Since the determination method by the first determination unit 304 has already been described, duplicate explanations will be omitted.

(Step S205)
When the first determination unit 304 determines that the person in the face photograph of the identity verification document and the user U are the same person (YES in S204), the second determination unit 305 and the second determination unit 305 are stationary. Based on the first image data and the second image data (still image data of the face photograph of the identity verification document and still image data of the user U) extracted by the image data extraction unit 303, the second image data sets the user U. It is determined whether or not the image is an captured image (whether or not the image of the face photograph is diverted). Since the determination method by the second determination unit 305 has already been described, a duplicate description will be omitted.

(Step S206)
When the second determination unit 305 determines that the image capture data is an image captured by the user U (YES in S205), the third determination unit 306 is before the operation instruction extracted by the still image data extraction unit 303. Based on the still image data (second image data) and the still image data (third image data) after the operation is instructed, the operation corresponding to the operation ID received by the receiving unit 301, in other words, the user U is instructed. It is determined whether or not the performed operation has been performed. Since the determination method by the third determination unit 306 has already been described, a duplicate description will be omitted.

(Step S207)
When the third determination unit 306 determines that the user U has performed the instructed operation (YES in step S205), the fourth determination unit 307 operates with the still image data (second image data) before the operation instruction. Based on the still image data (third image data) after the instruction, it is determined whether or not the user U reflected in the still image data before the operation instruction and after the operation instruction is the same person. Since the determination method by the fourth determination unit 307 has already been described, a duplicate description will be omitted.

(Step S208)
If the determination result in any of the first determination process (S204), the second determination process (S205), the third determination process (S206), or the fourth determination process (S207) is NO, the authentication server 3 authenticates. Perform error handling. Specifically, the authentication server 3 stops the authentication process, and the transmission unit 309 transmits to the user terminal 2 that the authentication could not be performed (authentication error). Further, when the fourth determination unit 307 determines that the user U has performed the instructed operation (YES in S207), the authentication server 3 ends the authentication process.

In the description of FIG. 4B, the determination by the first determination unit 304 to the fourth determination unit 307 is performed in order, but the determination order from the first determination unit 304 to the fourth determination unit 307 is in the order shown in FIG. 4B. It is not limited and in no particular order. In other words, the order of determination by the first determination unit 304 to the fourth determination unit 307 shown in FIG. 4B may be changed.

[Variation example of the first embodiment]
In the first embodiment, the authentication server 3 has the functions of the first determination unit 304, the second determination unit 305, the still image data extraction unit 303, the third determination unit 306, and the fourth determination unit 307. , The authentication server 3 is performing the authentication process, but the user terminal 2 is the first determination unit 304, the second determination unit 305, the still image data extraction unit 303, the third determination unit 306, and the fourth determination unit 307. It has a function, and the user terminal 2 may perform the authentication process. In the first embodiment, the user terminal 2 has the functions of the operation extraction unit 206, the instruction timing determination unit 207, and the operation instruction unit 208, but the authentication server 3 has the operation extraction unit 206 and the instruction timing determination. The operation instruction unit 208 has the functions of the operation instruction unit 207 and the operation instruction unit 208, and the operation instruction unit 208 performs the operation extracted by the operation extraction unit 206 at the timing determined by the instruction timing determination unit 207 from the transmission unit 309 of the authentication server 3 to the user terminal 2. You may send it to.

Further, the user terminal 2 has the function of the still image data extraction unit 303, and after extracting the first to third still image data from the first and second captured data, the first to third still image data is authenticated by the authentication server. 3 may be transmitted, and the authentication server 3 may perform identity verification authentication described with reference to FIG. 4B based on the first to third still image data transmitted from the user terminal 2. By doing so, the amount of data transmitted from the user terminal 2 can be significantly reduced.

(effect)
As described above, the authentication system 1 according to the first embodiment is an authentication system 1 for identity verification, and is a receiving unit 301 (No. 1) for acquiring image pickup data of a face photograph of an identity verification document and image pickup data of a user. 1, 2nd acquisition unit), based on the imaged data acquired by the 1st acquisition unit and the imaged data acquired by the 2nd acquisition unit, the person in the face photograph of the identity verification document and the user Acquired by the second acquisition unit based on the first determination unit 304 that determines whether or not the person is the same person, the image pickup data acquired by the first acquisition unit, and the image pickup data acquired by the second acquisition unit. It is provided with a second determination unit 305 for determining whether or not the captured image data is a diversion of another captured image captured by the user U.

That is, the authentication system 1 determines whether or not the person in the face photograph of the identity verification document and the user are the same person, and determines whether or not the image pickup data is an image captured by the user U. Because it is done, spoofing can be effectively prevented. In addition, since the video of the user U is used as the imaging data, there is no possibility that the face photo of the identity verification document will be processed and used as the user's imaging data when the identity verification document is stolen, and spoofing will occur. Can be effectively prevented. As a result, the reliability of identity verification is increased.

Further, the first determination unit 304 and the second determination unit 305 use different determination algorithms to determine whether or not the person in the face photograph of the identity verification document and the user are the same person, and the reception unit 301 (second acquisition unit). It is determined whether or not the image capture data acquired by the user U is an image captured by the user U. As described above, in the first embodiment, the first determination unit 304 and the second determination unit 305 have different characteristics (algorithms) for confirming whether or not the person is the person and whether or not the image of the person is diverted. Judgment is made using two judgment methods. Therefore, spoofing can be prevented very effectively. As a result, the reliability of identity verification is further enhanced.

Further, the authentication system 1 extracts the still image data before the instruction and the still image data after the instruction from the operation instruction unit 208 instructing the user U to perform one or more operations and the image data of the user U. The still image data extraction unit 303 is provided with a third determination unit 306 that determines whether or not the user U has performed the instructed operation based on the still image data before the instruction and the still image data after the instruction. There is. Further, the authentication system 1 determines whether or not the user U of the still image data before and after the instruction is the same person based on the still image data before the instruction and the still image data after the instruction. A determination unit 307 is provided. Therefore, spoofing can be prevented more effectively. For example, there is no possibility that the video of the user whose identity verification document has been stolen is used as the image data of the user, and spoofing can be effectively prevented.

Further, the authentication system 1 includes an operation extraction unit 206 that refers to a storage device 200B in which two or more different operations are stored and randomly extracts one or more operations from the storage device 200B, and the operation instruction unit 208 operates. The operation extracted by the extraction unit 206 is instructed to the user U. By instructing the randomly extracted actions, it becomes difficult for the spoofing criminal to prepare the imaging data corresponding to the instructions in advance, and the spoofing can be effectively prevented.

Further, the authentication system 1 includes an instruction timing determination unit 207 that randomly determines the timing for instructing the operation, and the operation instruction unit 208 instructs the user to operate at the timing determined by the instruction timing determination unit 207. .. By making the timing of instructing the operation random, it becomes difficult for the spoofing criminal to prepare the imaging data corresponding to the instruction in advance, and the spoofing can be effectively prevented.

Further, in the authentication system 1, the operation instruction unit 208 instructs the user U to perform two or more different operations. By instructing the user U to perform two or more different actions, it becomes difficult for the spoofing criminal to prepare the imaging data corresponding to the instruction in advance, and the spoofing can be effectively prevented.

[Second Embodiment]
In the second embodiment, an authentication system with further enhanced reliability of identity verification will be described. Hereinafter, the authentication system according to the second embodiment will be described with reference to the drawings, but a configuration different from the authentication system according to the first embodiment and modifications described with reference to FIGS. 1 to 4B will be described. Overlapping description will be omitted for the same configuration as the authentication system and the modified example according to the first embodiment.

FIG. 5 is a functional block diagram of the user terminal 2 and the authentication server 3 according to the second embodiment. FIG. 5A is a functional block diagram of the user terminal 2, and FIG. 5B is a functional block diagram of the authentication server 3.

(Functional configuration of user terminal 2)
As shown in FIG. 5A, the user terminal 2 according to the second embodiment has an image pickup device control unit 201, an input reception unit 202, a display device control unit 203, a transmission unit 204, a reception unit 205, and an operation extraction unit 206. It has functions such as an instruction timing determination unit 207, an operation instruction unit 208, a voice output device control unit 209, a storage device control unit 210, and an image pickup method instruction unit 211. The function shown in FIG. 5A is realized by the CPU 200G executing a management program stored in a ROM (not shown) of the user terminal 2. Hereinafter, the functions of the user terminal 2 according to the second embodiment will be described with reference to FIG. 5A, but the functions other than the image pickup method instruction unit 211 are the same as those of the user terminal 2 according to the first embodiment. Therefore, duplicate explanations will be omitted.

First, the data stored in the storage device 200B of the user terminal 2 according to the second embodiment will be described. In the storage device 200B of the user terminal 2 according to the second embodiment, in addition to the data stored in the storage device 200B of the user terminal 2 according to the first embodiment, the text data used by the image pickup method instruction unit 211. And voice data is stored in association with the instruction ID.

Table 2 below shows an example of text data and voice data used by the image pickup method instruction unit 211. In addition, "Please turn over the identity verification document when the surface photography is finished." Associated with the instruction ID "B003" can be changed to "Turn over the identity verification document when the surface photography is finished." good.

When the image pickup process (see FIG. 4A) of the authentication system 1 according to the second embodiment is started, the image pickup method instruction unit 211 describes the user U in Table 2 at predetermined intervals (for example, at intervals of several seconds). The instructions associated with the instruction ID of are presented in ascending order. Specifically, when the image pickup process is started, the image pickup method instruction unit 211 instructs the display device control unit 203 to display the text data corresponding to the instruction IDs in ascending order of the instruction IDs at predetermined intervals. Further, when the imaging process is started, the imaging method instruction unit 211 instructs the audio output device control unit 209 to output audio data corresponding to the instruction IDs in ascending order of the instruction IDs at predetermined intervals.

The display device control unit 203 reads out the text data corresponding to the instruction ID in ascending order at predetermined intervals based on the instruction by the image pickup method instruction unit 211, and displays the text data on the display device 200D.
Further, the audio output device control unit 209 reads out the audio data corresponding to the instruction ID in ascending order at predetermined intervals based on the instruction by the image pickup method instruction unit 211, and outputs the audio data from the audio output device 200F. Audio data is output as audio from the audio output device 200F.

In the second embodiment, the user U is instructed to capture the identity verification document by displaying the text data on the display device 200D and outputting the voice data from the voice output device 200F, but the display device 200D is instructed. The user U may be instructed to take an image of the identity verification document by either displaying the text data or outputting the voice data from the voice output device 200F.

(Functional configuration of authentication server 3)
As shown in FIG. 5B, the authentication server 3 according to the second embodiment includes a receiving unit 301 (first and second acquisition units), an operation instruction timing recognition unit 302, a still image data extraction unit 303, and a first unit. It has functions such as a determination unit 304, a second determination unit 305, a third determination unit 306, a fourth determination unit 307, a storage device control unit 308, a transmission unit 309, and a fifth determination unit 310. The function shown in FIG. 5B is realized by the CPU 300C executing the management program stored in the ROM (not shown) of the authentication server 3. Hereinafter, the functions of the authentication server 3 according to the second embodiment will be described with reference to FIG. 5B, but the functions other than the still image data extraction unit 303 and the fifth determination unit 310 will be described in the first embodiment. Since it is the same as the authentication server 3, the duplicate description will be omitted.

The still image data extraction unit 303 extracts (cuts out) still image data from the imaged data (first and second imaged data) received by the receiving unit 301. Specifically, the still image data extraction unit 303 includes the still image data (hereinafter, also referred to as the first image data) of the identity verification document (the one in which the face photograph is shown) from the first image capture data, and one or more persons. The still image data (hereinafter, also referred to as the fourth image data) when turning over the confirmation document is extracted.

Further, the still image data extraction unit 303 is based on the timing of the operation instruction recognized by the operation instruction timing recognition unit 302, from the second image pickup data received by the reception unit 301, the still image data before the operation instruction (the first). 2 Image data) and still image data after the operation instruction (hereinafter, also referred to as third image data) are extracted. For example, if the timing of the operation instruction recognized by the operation instruction timing recognition unit 302 is 3 seconds later, the still image data extraction unit 303 receives the operation instruction from the second image pickup data received by the reception unit 301 before the operation instruction (self). Still image data (second image data) after 3 seconds from the start of imaging of the captured video, and still image data (third image) after instructions for operation (after 3 seconds from the start of imaging of the self-portrait video). Data) and extract.

The fifth determination unit 310 determines whether or not the identity verification document is thick from one or more fourth image data extracted by the still image data extraction unit 303. For the determination by the fifth determination unit 310, it may be determined whether or not the identity verification document is thick by using a known image recognition technique. For example, a known image recognition technique may be used to recognize the identity verification document, and it may be determined from the movement of the recognized identity verification document whether or not it has thickness. Normally, identity verification documents with a face photo used for identity verification (for example, various identity verification documents such as driver's license, passport (passport), basic resident register card (with photo), residence card, etc.) are 0. Since it has a thickness of about 1 to several mm, it can be determined that the image pickup data has the thickness of the identity verification document by turning over the identity verification document. On the other hand, when the image data of the front surface and the back surface of the identity verification document are diverted, the thickness does not appear when the identity verification document is turned over from the front surface to the back surface (or from the back surface to the front surface). Conversely, if the thickness does not appear when turning over the identity verification document from the front side to the back side (or from the back side to the front side), it is possible that the image data on the front and back sides of the identity verification document has been diverted.

In the second embodiment, the fifth determination unit 310 determines whether or not the identity verification document is thick from one or more fourth image data extracted by the still image data extraction unit 303, so that the identity verification document is obtained. It is in the hands of the user U himself / herself, and it is possible to confirm whether or not the user U himself / herself is performing the operation of turning over the identity verification document as instructed. Therefore, it is possible to prevent the diversion of the image data on the front surface and the back surface of the identity verification document.

(Imaging process)
FIG. 6A is a flowchart showing the process of the authentication system 1 according to the second embodiment (imaging process). Hereinafter, the image pickup process of the authentication system 1 according to the second embodiment will be described with reference to FIG. 6A. The processing after S101E of the image pickup process of the authentication system 1 according to the second embodiment is the same as the process after step S102 of the image pickup process of the authentication system 1 according to the first embodiment described with reference to FIG. 4A. Therefore, duplicate description will be omitted for the processes after step S102. Note that FIG. 6A shows a reference diagram or a sentence (character) showing the processing contents of steps S101A to S101E on the left side of each step.

(Step S101A)
The user U operates the input device 200C of the user terminal 2 to start capturing a moving image of the identity verification document. The input receiving unit 202 receives an input operation on the input device 200C. The image pickup device control unit 201 controls the image pickup device 200E and starts the image pickup process based on the input operation received by the input reception unit 202. Specifically, when the image pickup process is started, the image pickup method instruction unit 211 instructs the display device control unit 203 to display the text data corresponding to the instruction ID “B001”. Further, when the imaging process is started, the imaging method instruction unit 211 instructs the audio output device control unit 209 to output the audio data corresponding to the instruction ID “B001”.

Based on the instruction from the image pickup method instruction unit 211, the display device control unit 203 reads out the text data corresponding to the instruction ID "B001" (for example, "Start shooting the identity verification document") and displays the display device. Display on 200D. Further, based on the instruction by the image pickup method instruction unit 211, the voice output device control unit 209 reads out the voice data corresponding to the instruction ID "B001" (for example, "Start shooting the identity verification document"). , Output from the audio output device 200F. Audio data is output as audio from the audio output device 200F.

(Step S101B)
After a lapse of a predetermined time (for example, several seconds), the image pickup method instruction unit 211 instructs the display device control unit 203 to display the text data corresponding to the instruction ID “B002”. Similarly, the image pickup method instruction unit 211 instructs the audio output device control unit 209 to output the audio data corresponding to the instruction ID “B002”. Based on the instruction from the image pickup method instruction unit 211, the display device control unit 203 reads out the text data corresponding to the instruction ID "B002" (for example, "Please take a picture of the surface of the identity verification document") and displays it. Displayed on the device 200D. Further, based on the instruction by the image pickup method instruction unit 211, the voice output device control unit 209 reads out the voice data corresponding to the instruction ID "B002" (for example, "Please take a picture of the surface of the identity verification document"). Then, it is output from the audio output device 200F. Audio data is output as audio from the audio output device 200F. The user U images the surface of the identity verification document based on the instruction.

(Step S101C)
After a lapse of a predetermined time (for example, several seconds), the image pickup method instruction unit 211 instructs the display device control unit 203 to display the text data corresponding to the instruction ID “B003”. Similarly, the image pickup method instruction unit 211 instructs the audio output device control unit 209 to output the audio data corresponding to the instruction ID “B003”. Based on the instruction from the image pickup method instruction unit 211, the display device control unit 203 has text data corresponding to the instruction ID "B003" (for example, "Please turn over the identity verification document when the surface photography is completed."). Is read out and displayed on the display device 200D. Further, based on the instruction by the image pickup method instruction unit 211, the voice output device control unit 209 should turn over the voice data corresponding to the instruction ID "B003" (for example, "when the surface shooting is finished, turn over the identity verification document". ") Is read and output from the audio output device 200F. Audio data is output as audio from the audio output device 200F. Based on the instruction, the user U flips the identity verification document from the front side to the back side while continuing the imaging.

(Step S101D)
After a lapse of a predetermined time (for example, several seconds), the image pickup method instruction unit 211 instructs the display device control unit 203 to display the text data corresponding to the instruction ID “B004”. Similarly, the image pickup method instruction unit 211 instructs the audio output device control unit 209 to output the audio data corresponding to the instruction ID “B004”. Based on the instruction from the image pickup method instruction unit 211, the display device control unit 203 captures the text data corresponding to the instruction ID "B004" (for example, "Please take a picture of the back side (uramen) of the identity verification document"). It is read out and displayed on the display device 200D. Further, based on the instruction by the image pickup method instruction unit 211, the voice output device control unit 209 should take a picture of the voice data corresponding to the instruction ID "B004" (for example, "the back side (uramen) of the identity verification document". ") Is read and output from the audio output device 200F. Audio data is output as audio from the audio output device 200F. Based on the instruction, the user U takes an image of the back side of the identity verification document while continuing the image taking.

(Step S101E)
After a lapse of a predetermined time (for example, several seconds), the imaging method instruction unit 211 instructs the display device control unit 203 to display the text data corresponding to the instruction ID “B005”. Similarly, the image pickup method instruction unit 211 instructs the audio output device control unit 209 to output the audio data corresponding to the instruction ID “B005”. Based on the instruction from the image pickup method instruction unit 211, the display device control unit 203 reads out the text data corresponding to the instruction ID "B005" (for example, "followingly, the person's video is taken") and displays the display device. Display on 200D. Further, based on the instruction by the image pickup method instruction unit 211, the voice output device control unit 209 reads out the voice data corresponding to the instruction ID "B005" (for example, "followingly, the person's moving image is shot"). , Output from the audio output device 200F. Audio data is output as audio from the audio output device 200F.

After that, the process proceeds to the process of step S102 in FIG. 4A, and the user U starts imaging the personal moving image (self-portrait moving image) based on the instruction.

(Authentication processing)
FIG. 6B is a flowchart showing the process of the authentication system 1 according to the second embodiment (imaging process). Hereinafter, the authentication process of the authentication system 1 according to the second embodiment will be described with reference to FIG. 6B, but the same process as the authentication process of the authentication system 1 according to the first embodiment is assigned the same step number. Duplicate explanations will be omitted (step S203 in FIG. 6B is the "first extraction process", but the processing content is the same as step S203 "extraction process" in FIG. 4B).

(Step S301)
The still image data extraction unit 303 extracts still image data (hereinafter, also referred to as a fourth image data) when turning over one or more identity verification documents.

(Step S302)
The fifth determination unit 310 determines whether or not the identity verification document is thick from one or more fourth image data extracted by the still image data extraction unit 303. Since the determination method by the fifth determination unit 310 has already been described, duplicate explanations will be omitted.

In the description of FIG. 6B, after the determination by the fifth determination unit 310, the determination by the first determination unit 304 to the fourth determination unit 307 is performed in order, but the first determination unit 304 to the fourth determination unit 307 are performed in order. The determination order by the fifth determination unit 310 is not limited to the order shown in FIG. 6B, and is in no particular order. In other words, the order of determination by the first determination unit 304, the fourth determination unit 307, and the fifth determination unit 310 shown in FIG. 6B may be changed.

(effect)
As described above, in the second embodiment, the user terminal 2 is provided with an image pickup method instruction unit 211 that instructs the user terminal 2 to shoot both sides of the identity verification document, and the authentication server 3 is turned over one or more identity verification documents from the first image capture data. The thickness of the identity verification document is thickened from the still image data extraction unit 303 that extracts the still image data (hereinafter, also referred to as the fourth image data) and one or more fourth image data extracted by the still image data extraction unit 303. It is provided with a fifth determination unit 310 for determining whether or not there is.

Therefore, it is possible to confirm whether or not the identity verification document is in the hands of the user U and the user U is performing the operation of turning over the identity verification document as instructed, and the image data on the front and back surfaces of the identity verification document can be confirmed. Can be prevented from being diverted. As a result, spoofing can be effectively prevented.

[Modification 1 of the second embodiment]
In the second embodiment, the still image data extraction unit 303 has one or more fourth image data, in other words, one or more fourth image data from the moving image of the first imaged data, in other words, the place where the identity verification document is turned over from the front side to the back side. Still image data when turning over the identity verification document (for example, image data obtained by tilting the identity verification document that can confirm that the identity verification document is thick) is extracted. However, when it is difficult for the still image data extraction unit 303 to extract the image data obtained by tilting the identity verification document diagonally in the thickness direction, the still image data extraction unit 303 may deal with it as follows.

The storage device 200B of the user terminal 2 stores the text data and voice data of "Please take a picture with the identity verification document tilted so that the thickness of the identity verification document can be understood." In step S101C of FIG. 6A, the imaging method instruction unit 211 displays the text data corresponding to "Please take a picture with the identity verification document tilted so that the thickness of the identity verification document can be seen." Instruct the display device control unit 203 to output the audio data corresponding to "Please take a picture with the identity verification document tilted so that you can see the thickness of the identity verification document." Instruct the control unit 209.

Based on the instruction from the image pickup method instruction unit 211, the display device control unit 203 displays the text "Please take a picture with the identification document tilted diagonally so that the thickness of the identification document can be understood." Display on 200D. In addition, the voice output device control unit 209 should take a picture based on the instruction from the image pickup method instruction unit 211, "Please take a picture with the identity verification document tilted diagonally so that the thickness of the identity verification document can be understood." The data is read out and output from the audio output device 200F. Audio data is output as audio from the audio output device 200F. The user U takes a picture in a state where the identity verification document is tilted at an angle according to the instruction.

From the first image capture data transmitted from the user terminal 2, the still image data extraction unit 303 of the authentication server 3 "take a picture with the identity verification document tilted diagonally so that the thickness of the identity verification document can be known. The number of seconds after the text data of "." Is displayed or after the voice of "Please take a picture with the identity verification document tilted diagonally so that you can see the thickness of the identity verification document." By extracting one or more fourth image data from the moving image per second, the still image data extraction unit 303 can effectively extract the image data in which the identity verification document is tilted diagonally in the thickness direction.

Further, in the second embodiment, the user U is instructed to shoot both sides of the identity verification document, in other words, to shoot the action of turning over the identity verification document, and it is determined whether or not the identity verification document is thick. Although it is determined whether the image data on the front and back surfaces of the verification document is diverted, it is determined whether the image data on the front and back surfaces of the identity verification document is diverted by another method. You may. For example, the image data on the front and back sides of the identity verification document is not diverted by shining light on the identity verification document to determine the glossiness, in other words, the identity verification document is in the hands of the user U himself / herself. May be asked to confirm whether or not the person is performing the operation of turning over the identity verification document as instructed. In addition, when special printing for anti-counterfeiting is applied, special printing emerges when exposed to special light (for example, ultraviolet rays). In such a case, an instruction to irradiate the identity verification document with an ultraviolet LED light is given. It may be performed for the user U, and it may be determined whether or not the identity verification document is a diversion of image data or is not forged depending on whether or not the special printing appears.

Further, in the second embodiment, the authentication server 3 is the first determination unit 304, the second determination unit 305, the still image data extraction unit 303, the third determination unit 306, the fourth determination unit 307, and the fifth determination unit. Although the authentication server 3 has a function of 310 and performs authentication processing, the user terminal 2 has a first determination unit 304, a second determination unit 305, a still image data extraction unit 303, and a third determination unit 306. It has the functions of the fourth determination unit 307 and the fifth determination unit 310, and the user terminal 2 may perform the authentication process. In the second embodiment, the user terminal 2 has the functions of the operation extraction unit 206, the instruction timing determination unit 207, the operation instruction unit 208, and the image pickup method instruction unit 211, but the authentication server 3 has the operation extraction unit. It has the functions of unit 206, instruction timing determination unit 207, operation instruction unit 208, and image pickup method instruction unit 211, and is extracted by the operation extraction unit 206 at the timing determined by the instruction and instruction timing determination unit 207 by the image pickup method instruction unit 211. The operation instruction unit 208 may transmit the performed operation from the transmission unit 309 of the authentication server 3 to the user terminal 2.

Further, the user terminal 2 has the function of the still image data extraction unit 303, and after extracting the first to third still image data from the first and second captured data, the first to fourth still image data is authenticated by the authentication server. 3 may be transmitted, and the authentication server 3 may perform identity verification authentication described with reference to FIGS. 6B and 4B based on the first to fourth still image data transmitted from the user terminal 2. .. By doing so, the amount of data transmitted from the user terminal 2 can be significantly reduced.

[Modification 2 of the second embodiment]
Further, in the second embodiment and the first modification thereof, a still image for extracting a still image data (hereinafter, also referred to as a fourth image data) when turning over one or more identity verification documents from the first imaged data to the authentication server 3 is extracted. By providing the functions of the data extraction unit 303 and the fifth determination unit 310 that determines whether or not the identity verification document is thick from one or more fourth image data extracted by the still image data extraction unit 303, the person himself / herself. It is determined whether or not the confirmation document is in the possession of the user U himself / herself and the user U himself / herself is performing the operation of turning over the identity verification document as instructed.

However, the authentication server 3 is not provided with the function of the fifth determination unit 510, and for example, the system administrator of the authentication system 1 turns over the identity verification document among the first imaging data transmitted from the user terminal 2. It may be configured to watch the part of and confirm that the identity verification document is thick. In this case, the system administrator of the authentication system 1 can confirm that the identity verification document is thick by confirming the part of the operation of turning over the identity verification document in the first imaging data transmitted from the user terminal 2. And, a signal to that effect (hereinafter, also referred to as a confirmation OK signal) may be input or transmitted to the authentication server 3.

FIG. 6C is a flowchart showing the processing of the authentication system according to the second modification of the second embodiment (authentication processing). Hereinafter, the image pickup process of the authentication system 1 according to the modified example 2 of the second embodiment will be described with reference to FIG. 6C, but the steps other than step S303 are the image pickup process of the authentication system 1 according to the first embodiment. Since they are the same, they are given the same step number and duplicate explanations are omitted.

(Step S303)
Whether or not the receiving unit 301 of the authentication server 3 has received a signal (confirmation OK signal) indicating that the identity verification document from the system administrator of the authentication system 1 has been confirmed to be thick in step S303. Is determined. When the receiving unit 301 receives the confirmation OK signal (YES), the first determination unit 304 performs the first determination process in step S204. If the receiving unit 301 has not received the confirmation OK signal (NO), the authentication server 3 performs the authentication error processing in step S208.

In addition, the authentication server 3 is provided with a display device and an input device, and among the first imaging data transmitted from the user terminal 2 using the display device, the part of the operation of turning over the identity verification document is viewed to confirm the identity. After confirming that the document is thick, an input device may be used to input a confirmation OK signal. Also, using another computer that is communicably connected to the authentication server 3, the part of the first imaging data transmitted from the user terminal 2 that flips the identity verification document is viewed and used as the identity verification document. It may be confirmed that there is a thickness, and a confirmation OK signal may be transmitted to the authentication server 3.

Further, in the first modification of the second embodiment, the identity verification document is exposed to light or special light (for example, ultraviolet rays), and the glossiness and the presence / absence of special printing are determined to determine the image data of the front surface and the back surface of the identity verification document. Is not diverted, in other words, it is determined whether or not the identity verification document is in the hands of the user U and the user U is performing the operation of turning over the identity verification document as instructed. This determination is determined by the authentication system 1. The system administrator, etc. of the system observes the part of the first imaging data transmitted from the user terminal 2 that is exposed to light or special light (for example, ultraviolet rays) to check the glossiness and the presence or absence of special printing. , A signal to that effect (a signal of confirmation OK) may be input or transmitted to the authentication server 3.

[Third Embodiment]
In the third embodiment, an authentication system with further enhanced reliability of identity verification will be described. Hereinafter, the authentication system according to the third embodiment will be described with reference to the drawings, but the configuration different from the authentication system according to the second embodiment and the modified examples 1 and 2 thereof will be described, and the second embodiment and its modifications thereof will be described. Overlapping description will be omitted for the same configuration as in Examples 1 and 2.

(Functional configuration of user terminal 2)
FIG. 7 is a functional block diagram of the user terminal 2 according to the third embodiment. The user terminal 2 according to the third embodiment includes an image pickup device control unit 201, an input reception unit 202, a display device control unit 203, a transmission unit 204, a reception unit 205, an operation extraction unit 206, an instruction timing determination unit 207, and an operation instruction unit. It has functions such as 208, an audio output device control unit 209, a storage device control unit 210, an image pickup method instruction unit 211, and an image pickup position lottery unit 212.

The function shown in FIG. 7 is realized by the CPU 200G executing a management program stored in a ROM (not shown) of the user terminal 2. Hereinafter, the functions of the user terminal 2 according to the third embodiment will be described with reference to FIG. 7, but the functions other than the display device control unit 203, the transmission unit 204, and the image pickup position lottery unit 212 will be described in the second embodiment. Since it is the same as the user terminal 2 according to the modified examples 1 and 2, the duplicate description will be omitted.

First, the data stored in the storage device 200B of the user terminal 2 according to the third embodiment will be described. In the storage device 200B of the user terminal 2 according to the third embodiment, in addition to the data stored in the storage device 200B of the user terminal 2 according to the second embodiment and the modified examples 1 and 2, the image pickup position lottery unit. The image data used in 212 is stored in association with the position ID.

FIG. 8 is a diagram showing an example of a screen 100 displayed on the display device 200D of the user terminal 2 according to the third embodiment. As shown in FIG. 8, data (hereinafter, also referred to as screen data) of four screens 100 for capturing identity verification documents having different imaging positions are stored in association with the position ID. FIG. 8A is a screen 100 associated with the position ID “C001”, and the position of the image pickup frame F1 for imaging the identity verification document is located at the lower right side with respect to the paper surface. FIG. 8B is a screen 100 associated with the position ID “C002”, and the position of the image pickup frame F1 for imaging the identity verification document is located at the lower left side with respect to the paper surface. FIG. 8C is a screen 100 associated with the position ID “C003”, and the position of the image pickup frame F1 for imaging the identity verification document is located on the upper right side of the paper. FIG. 8D is a screen 100 associated with the position ID “C004”, and the position of the image pickup frame F1 for imaging the identity verification document is located on the upper left side of the paper. Further, the area other than the image pickup frame F1 of the screen 100 is masked (filled).

As shown in FIG. 8, on the screen 100 for capturing the identity verification document, text data corresponding to the instruction ID is displayed based on the instruction from the imaging method instruction unit 211. Further, the position of the image pickup frame F1 for capturing the identity verification document on the screen 100 shown in FIG. 8 is merely an example, and is not limited to the position shown in FIG. It suffices if it is possible to prepare a plurality of screens in which the positions of the image pickup frames F1 for photographing the identity verification documents are different from each other.

The imaging position lottery unit 212 randomly selects which of the screens shown in FIG. 8 the user U should capture the identity verification document. In other words, the imaging position lottery unit 212 randomly draws the position ID.

The display device control unit 203 causes the display device 200D to display the screen 100 corresponding to the position ID randomly selected by the image pickup position lottery unit 212 in the imaging of the identity verification document. The user U captures the identity verification document while adjusting the position of the image pickup device 200E of the user terminal 2 so that the identity verification document is captured in the image pickup frame F1. The other functions of the display device control unit 203 are the same as those of the display device control unit 203 according to the second embodiment and the modified examples 1 and 2.

In addition, in the imaging of the identity verification document, the transmission unit 204 transmits only the imaging data in the region of the imaging frame F1 among the images captured by the imaging device 200E to the authentication server 3 as the first imaging data. Alternatively, the image pickup data in which the area other than the image pickup frame F1 is masked may be transmitted to the authentication server 3 as the first image pickup data.

The still image data extraction unit 303 of the authentication server 3 extracts the still image data of the identity verification document (hereinafter, also referred to as the first image data) from the first imaged data transmitted from the user terminal 2, but the user U captures the image. If the identity verification document is not imaged while adjusting the position of the image pickup device 200E of the user terminal 2 so that the identity verification document is captured in the frame F1, the identity verification unit 304 and the second determination unit 305 confirm the identity. The face image of the document cannot be recognized and an authentication error occurs.

(Imaging process)
FIG. 9 is a flowchart showing the processing of the authentication system according to the third embodiment (imaging processing). Hereinafter, the image pickup process of the authentication system 1 according to the third embodiment will be described with reference to FIG. The processing after S100B of the image pickup process of the authentication system 1 according to the third embodiment is the same as the process after step S101A of the image pickup process of the authentication system 1 according to the second embodiment described with reference to FIG. 6A. Therefore, duplicate description will be omitted for the processes after step S101A.

(Step S100A)
The imaging position lottery unit 212 randomly selects which of the screens shown in FIG. 8 the user U should capture the identity verification document. In other words, the imaging position lottery unit 212 randomly draws the position ID.

(Step S100B)
The display device control unit 203 causes the display device 200D to display the screen 100 corresponding to the position ID randomly selected by the image pickup position lottery unit 212 in the imaging of the identity verification document.

After that, the process proceeds to the process of step S101A of FIG. 6A, and the user U starts capturing the moving image of the identity verification document based on the instruction.

(effect)
As described above, the authentication system 1 according to the third embodiment includes an imaging position lottery unit 212 that randomly draws which screen of the screens shown in FIG. 8 causes the user U to image the identity verification document. In the imaging of the identity verification document, the display device 200D displays the screen 100 corresponding to the position ID randomly selected by the imaging position lottery unit 212. Then, in the imaging of the identity verification document, the transmission unit 204 captures only the imaging data in the region of the imaging frame F1 or the imaging data in which the region other than the imaging frame F1 is masked among the images captured by the imaging device 200E. It is transmitted to the authentication server 3 as the first image pickup data.

Then, when the user U does not capture the identity verification document while adjusting the position of the image pickup device 200E of the user terminal 2 so that the identity verification document is captured in the image pickup frame F1, the first determination unit 304 and the second determination Part 305 cannot recognize the face image of the identity verification document, resulting in an authentication error. Therefore, it is possible to confirm whether or not the identity verification document is in the hands of the user U and the user U is performing the operation of capturing the identity verification document as instructed, and the images of the front and back surfaces of the identity verification document can be confirmed. It is possible to prevent the diversion of data. As a result, spoofing can be prevented more effectively.

[Modified example of the third embodiment]
In the third embodiment, the transmission unit 204 of the user terminal 2 uses only the imaging data in the region of the imaging frame F1 or the imaging frame F1 among the images captured by the imaging device 200E in the imaging of the identity verification document. The image pickup data in which areas other than the masked areas are masked is transmitted to the authentication server 3 as the first image pickup data, but in the image pickup of the identity verification document, the image captured by the image pickup device 200E is drawn by the image pickup position lottery unit 212. It may be transmitted together with the position ID. Then, the still image data extraction unit 303 of the authentication server 3 may change the position for extracting (cutting out) the still image data from the first captured data according to the position ID transmitted from the user terminal 2. ..

Specifically, when the still image data extraction unit 303 receives the position ID "C001", the still image data is taken from the lower right region of the first imaging data (for example, an region of about half to one quarter of the whole). When the position ID "C002" is received, the still image data is extracted (cut out) from the lower left area (for example, about half to 1/4 of the whole area) of the first imaging data. When the position ID "C003" is received, the still image data is extracted (cut out) from the upper right area of the first imaging data (for example, an area of about half to 1/4 of the whole), and the position IDC "004" is received. If so, the still image data may be extracted (cut out) from the upper left region of the first imaging data (for example, a region of about half to 1/4 of the whole).

Even in this way, if the user U does not image the identity verification document while adjusting the position of the image pickup device 200E of the user terminal 2 so that the identity verification document is captured in the image pickup frame F1, the first determination unit 304 In addition, the second determination unit 305 cannot recognize the face image of the identity verification document, resulting in an authentication error. Therefore, it is possible to confirm whether or not the identity verification document is in the hands of the user U and the user U is performing the operation of capturing the identity verification document as instructed, and the images of the front and back surfaces of the identity verification document can be confirmed. It is possible to prevent the diversion of data. As a result, spoofing can be prevented more effectively.

Further, in the third embodiment, the user terminal 2 has the function of the image pickup position lottery unit 212, but the authentication server 3 has the function of the image pickup position lottery unit 212, and the image pickup position lottery unit 212 randomly draws. The generated position ID may be transmitted to the user terminal 2, and the display device control unit 203 of the user terminal 2 may display the screen 100 corresponding to the position ID received by the reception unit 205 on the display device 200D.

As described above, according to the present invention, it is possible to provide an authentication system, an authentication method, and an authentication program capable of performing highly reliable identity verification.

1 Authentication system 2 User terminal 200A Communication IF
200B Storage device 200C Input device 200D Display device 200E Image pickup device (camera)
200F audio output device (speaker)
200G CPU
200H bus (BUS)
201 Imaging device control unit 202 Input reception unit 203 Display device control unit 204 Transmission unit 205 Reception unit 206 Operation extraction unit 207 Instruction timing determination unit 208 Operation instruction unit 209 Audio output device control unit 210 Storage device control unit 211 Imaging method instruction unit 212 Imaging position lottery unit 3 Authentication server 300A Communication IF
300B storage device 300C CPU
300D bus (BUS)
301 Receiver (1st and 2nd acquisition)
302 Operation instruction timing recognition unit 303 Still image data extraction unit 304 1st judgment unit 305 2nd judgment unit 306 3rd judgment unit 307 4th judgment unit 308 Storage device control unit 309 Transmission unit 310 5th judgment unit 4 Network

Claims (7)

An information processing device that acquires image data of identity verification documents.
With reference to a storage unit in which a plurality of screen data for capturing identity verification documents having different imaging positions are stored, a lottery is drawn as to which of the screen data for capturing identity verification documents having different imaging positions is used to capture the identity verification documents. Imaging position lottery section and
An imaging method instruction unit that instructs the identification document to be imaged at a position drawn by the imaging position lottery unit, and an imaging method instruction unit.
An imaging data acquisition unit that acquires imaging data of the identity verification document imaged based on instructions from the imaging method instruction unit, and an imaging data acquisition unit.
An information processing device characterized by being equipped with. The image pickup method instruction unit is
The information processing apparatus according to claim 1, wherein the information processing apparatus is instructed to image the front surface and the back surface of the identity verification document. The image pickup method instruction unit is
The information processing apparatus according to claim 2, wherein when the front surface and the back surface of the identity verification document are imaged, an instruction is given to turn over the identity verification document. The image pickup method instruction unit is
The information processing apparatus according to claim 2 or 3, wherein the information processing apparatus is instructed to take an image of the identity verification document in an obliquely tilted state so that the thickness of the identity verification document can be known. The image pickup method instruction unit is
The information processing apparatus according to any one of claims 2 to 4, wherein the information processing apparatus is instructed to capture an image of the identity verification document by a moving image. It is an information processing method to acquire image data of identity verification documents.
The imaging position lottery unit refers to a storage unit in which a plurality of screen data for imaging identity verification documents having different imaging positions are stored, and the identity verification document is displayed on any of the screen data for imaging identity verification documents having different imaging positions. The process of drawing a lottery to make an image and
A step of instructing the image pickup method instruction unit to image the identity verification document at the position drawn by the image pickup position lottery unit, and
A step of acquiring the image pickup data of the identity verification document imaged by the image pickup data acquisition unit based on the instruction by the image pickup method instruction unit , and
An information processing method characterized by having. An information processing program that acquires image data of identity verification documents.
Computer,
With reference to a storage unit in which a plurality of screen data for capturing identity verification documents having different imaging positions are stored, a lottery is drawn as to which of the screen data for capturing identity verification documents having different imaging positions is used to capture the identity verification documents. Imaging position lottery section,
An imaging method instruction unit that instructs the identification document to be imaged at a position drawn by the imaging position lottery unit.
An imaging data acquisition unit that acquires imaging data of the identity verification document imaged based on instructions from the imaging method instruction unit,
An information processing program characterized by functioning as.

Images