JP7090008B2 - Identity verification support device and identity verification support method - Google Patents

Description

The present invention relates to an identity verification support device and an identity verification support method.

In the so-called digital society, it is important to ensure that each individual is who they say they are and to be able to determine whether or not they can be used in various services. On the other hand, there is no end to acts such as spoofing the person or falsifying authentication data by a malicious third party.

Therefore, as a conventional technique related to identity verification, for example, a technique for completing online identity verification using personal identification matters, identity verification documents with a face photo, and face image data of the person (non-patent). Reference 1) and the like have been proposed.

In addition, there are a face image acquisition means for acquiring a user's face image, a face image database for storing a pre-registered registered user's face image, and the user's face image acquired by the face image acquisition means. When the face image determining means for determining whether or not the face image of the registered user is stored in the face image database and the face image determining means match the face image of the user with the face image of the registered user. When it is determined, the user's line of sight is based on the operation instruction means for instructing the user to move the line of sight in a predetermined motion pattern and the user's face image acquired by the face image acquisition means. The movement determination means for determining whether or not the image matches the operation pattern instructed by the operation instruction means, and the user's line of sight coincides with the operation pattern instructed by the operation instruction means by the operation determination means. A communication terminal (see Patent Document 1) provided with an authentication means for authenticating the user when it is determined to be present has also been proposed.

In addition, a storage unit that stores image data for registration in which the target person appears as a subject, personal information about the target person, and specific operation conditions defined by the target person as a condition of their own movement, and a storage unit for searching from an external device. A receiving unit that receives image data, a person determining unit that determines whether or not a person that appears as a subject in the search image data is the same person as the target person that appears as a subject in the registration image data, and the above. When the discrimination unit determines that they are the same person, the condition discrimination unit that determines whether or not the operation information included in the search image data satisfies the specific operation condition, and the condition determination unit are the specific operation condition. A server (see Patent Document 2) including a transmission unit that transmits the personal information to the external device when it is determined that the condition is satisfied has also been proposed.

Japanese Unexamined Patent Publication No. 2015-176555 Japanese Unexamined Patent Publication No. 2014-238794

https: // liquidinc. asia / 20180706-2 /

In the identity verification technique proposed in the prior art and the like, a predetermined determination or the like is performed for a plurality of elements such as a driver's license and other identity verification documents with a face photo, and face image data of the person. In addition, it is determined that the identity verification is successful based on the result of the determination regarding such a plurality of elements, and the registration of predetermined personal identification information such as the user ID of the individual is permitted. The personal identification information of each individual registered in this way is used, for example, in the personal authentication process associated with the determination of whether or not the service can be used.

Of the above, "identity verification" means "confirmation at the time of personal identification information registration" (eg, at the time of opening a bank account) based on personal identification documents with official backing such as a driver's license. .. On the other hand, "personal authentication" means "confirmation at the time of personal authentication" (example: at the time of login of Internet banking) based on the personal identification information registered through the above-mentioned "personal verification".

From another point of view, what has been said about the prior art means that the personal identification information is registered when there is no problem in the judgment result regarding the above-mentioned multiple elements, but the information provided by the individual (face). It is not shown that the above-mentioned personal identification information is associated with the personal identification document with a photograph, the data of the personal face image, etc.).

Therefore, even if personal authentication information such as personal identification information and password is leaked and misused, such misuse cannot be rejected as long as it is the registered correct personal authentication information. That is, the personal identification information cannot be appropriately secured.

Moreover, the plurality of elements themselves used for the above-mentioned determination of identity verification may be forged documents or data obtained by taking a photograph of another person's face, but there are cases where this cannot be effectively excluded. In other words, there is a possibility that strict identity verification will not be performed in the first place.

On the other hand, in order to fully implement such security measures related to identity verification and identity authentication, reasonable cost and labor are required, and it may be difficult for some service providers to take sufficient measures. ..
Therefore, an object of the present invention is to provide a technique that enables strict identity verification and secure identity verification based on the identity identification information registered after the identity verification.

The identity verification support device of the present invention, which solves the above-mentioned problems, is a subject of a communication unit that communicates with a predetermined device via a network and an individual who performs a plurality of predetermined operations with a predetermined medium for a predetermined terminal. A process of sending a notification requesting a plurality of video recordings and acquiring a plurality of video data corresponding to each of the plurality of predetermined operations from the terminal in response to the notification , the individual and the said from each of the plurality of video data. The process of extracting predetermined information about each of the media, the matching of at least one of the items described in the medium and the image of the medium among the information about the medium which is the subject common to each of the plurality of video data, the plurality of images. A process of determining whether or not a predetermined authenticity criterion is satisfied for each of the information of the individual and the medium extracted from each of the plurality of video data when the determination is made between the data and the determination of the match is successful. If the determination regarding the authenticity standard is successful, the items described in the medium among the information regarding the medium are collated with the personal identification items of the individual held in advance, and the biometric information among the information regarding the medium and the biometric information among the information regarding the individual. The process of collating with, the process of generating an ID for the individual if any of the collations are successful, and the personal identification information including at least one of the personal identification matter or the biometric information and the ID. It is characterized by including a calculation unit for executing a process of associating and storing the information in the storage unit.

Further, in the identity verification support method of the present invention, the information processing system sends a notification to a predetermined terminal requesting a plurality of times of moving image shooting with an individual performing a plurality of predetermined operations together with a predetermined medium as a subject. A process of acquiring a plurality of video data corresponding to each of the plurality of predetermined operations from the terminal in response to a notification, and a process of extracting predetermined information regarding each of the individual and the medium from the plurality of video data. Of the information about the medium, which is a subject common to each of the plurality of video data, a match is determined among the plurality of video data regarding at least one of the items described in the medium and the image of the medium, and the match is determined. If the determination is successful, the process of determining whether or not the predetermined authenticity criteria are satisfied for each of the information of the individual and the medium extracted from each of the plurality of video data, and if the determination regarding the authenticity criteria is successful, the above-mentioned The process of collating the information described in the medium with the personal identification items of the individual held in advance, the biometric information of the information about the medium, and the biometric information of the information about the individual, and the above. If any of the collations is successful, the process of generating an ID for the individual and the personal identification information including at least one of the personal identification item or the biometric information and the ID are stored in the storage unit in association with each other. It is characterized by processing and executing.

According to the present invention, strict identity verification and secure identity verification using the identity identification information registered after the identity verification are possible.

It is a network configuration diagram including the identity verification support device of this embodiment. It is a figure which shows the hardware configuration example of the identity verification support device in this embodiment. It is a figure which shows the hardware configuration example of the user terminal in this embodiment. It is a figure which shows the data structure example of the image management DB of this embodiment. It is a figure which shows the data structure example of the ID management DB of this embodiment. It is a figure which shows the structural example of the operation regulation information in this embodiment. It is a figure which shows the data structure example of the authenticity standard DB of this embodiment. It is a figure which shows the flow example 1 of the identity verification support method in this embodiment. It is a figure which shows the screen example 1 in this embodiment. It is a figure which shows the screen example 2 in this embodiment. It is a figure which shows the screen example 3 in this embodiment. It is a figure which shows the screen example 4 in this embodiment. It is a figure which shows the screen example 5 in this embodiment. It is a figure which shows the screen example 6 in this embodiment. It is a figure which shows the flow example 2 of the identity verification support method in this embodiment. It is a figure which shows the flow example 3 of the identity verification support method in this embodiment.

－－－ Network configuration －－－

Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings. FIG. 1 is a network configuration diagram including the identity verification support device 100 of the present embodiment. The identity verification support device 100 shown in FIG. 1 is a computer device that enables strict identity verification and secure identity verification using personal identification information registered after the identity verification.

Here, the definition of identity verification is shown. For example, assuming "identity verification" performed by a company on an individual service user, "confirmation processing at the time of personal identification information registration based on officially backed identity verification documents" (example: bank) There are two stages (two types) of processes: "Processing at the time of opening an account" and "Processing at the time of personal authentication based on registered personal identification information" (Example: Processing at the time of logging in to Internet banking). do.

Of these two-step processes, the identity verification support technology of this embodiment is mainly applied to "confirmation processing at the time of registration of identity verification information based on officially backed identity verification documents". be.

Further, here, each of the plurality of identity verification support devices 100 is connected so as to be able to communicate with each other via an appropriate network 1, and the identity verification support device 100 is further connected to the above-mentioned individual (identity verification) via a network 2 such as the Internet. It is assumed that the network configuration is connected to the user terminal 200 operated by the desired person) so as to be able to communicate with the user terminal 200.

In the network configuration, if the identity verification support devices 100 connected to each other in the network 1 are the distributed ledger node, and the device that accesses the distributed ledger node and exchanges necessary information is the client node 300, the distributed ledger is used. (Distributed Ledger) Corresponds to the system 10.

That is, among the nodes constituting the distributed ledger system 10, the so-called distributed ledger node is taken as an example of the identity verification support device 100. However, the adoption of this form is just an example.

The distributed ledger node is an information processing device that holds the distributed ledger in its storage unit. The distributed ledger is a distributed database characterized in that data exchanged between each node (not limited to the distributed ledger node) in the distributed ledger system 10 is securely shared.

The ledger data stored in such a distributed ledger is the same, that is, the set of distributed ledger nodes sharing the same ledger data set is the distributed ledger system 10, and the person is composed of a plurality of identity verification support devices 100. It can be said to be a confirmation support system.

The techniques related to the distributed ledger are classified into several types according to their configurations. For example, in addition to the public type in which a distributed ledger system is configured by a large number of unspecified calculation nodes, a consortium type in which a distributed ledger system is configured by a group of calculation nodes in a specific organization, and a distributed ledger system in a group of calculation nodes in a specific organization. There is a private type, etc. that is composed of.

In identity verification, the following explanation will be given using a consortium-type distributed ledger as an example. The consortium-type distributed ledger in the present embodiment shares, for example, information about users of services provided by each organization (eg, information for personal authentication and service usage history) between organizations constituting the consortium, that is, between distributed ledger nodes. However, it can be a platform for unifying KYC (Know Your Customer) operations, improving identity verification, and improving the accuracy of identity authentication.

However, there may naturally be situations in which it is not desirable to easily share information among such organizations due to the strength / superiority of business relationships and differences in information security policies. Therefore, it is assumed that all the organizations belonging to the consortium do not build a single distributed ledger system 10, but build a distributed ledger system 10 only among organizations having a predetermined business relationship or the like.

Therefore, in response to such a case, there is a concept called "Channel" that logically divides the distributed ledger. The distributed ledger logically divided by this channel is called a sub ledger (Sub-Ledger).

In this case, the distributed ledger system 10 is a distributed ledger system in which all organizations participate, but internally includes a plurality of distributed ledger subsystems that share a predetermined sub-ledger only between specific organizations. It has become.

Therefore, as shown in FIG. 2, the distributed ledger node in the present embodiment holds both the distributed ledger 150 shared among all organizations and the sub ledger 151 shared only among specific organizations. ..
Of these, the distributed ledger 150 is a distributed ledger that stores a set of personal identification information and ID of each individual, which will be described in detail later, and is shared between distributed ledger nodes.

On the other hand, the sub ledger 151 stores the usage history of each individual regarding the services provided by each organization within the specific organization group to which the distributed ledger node belongs, and the distributed ledger is shared only among the distributed ledger nodes in the group. Is.
In this embodiment, the network configuration as described above is premised, and the details of the identity verification assisting technique will be specifically described.
--- Hardware configuration ---

Further, the hardware configuration of the identity verification support device 100 is as shown in FIG. That is, the identity verification support device 100 includes a storage unit 101 composed of an appropriate non-volatile storage element such as an SSD (Solid State Drive) or a hard disk drive, a memory 103 composed of a volatile storage element such as a RAM, and a storage unit 101. Communication processing with other devices by connecting to the calculation unit 104 such as the CPU and network 1 that execute the retained program 102 by reading it into the memory 103 to perform overall control of the device itself and perform various determinations, calculations and control processes. The communication unit 105, which is responsible for the above, is provided.

The identity verification support device 100 may be provided with an input unit such as a keyboard that accepts key input and voice input from the user, and an output unit such as a display that displays processing data, as necessary.

Further, in the storage device 101, in addition to the program 102 for implementing the functions required as the identity verification support device and the distributed ledger node of the present embodiment, the image management DB 125, the ID management DB 126, the operation regulation information 127, and the authenticity At least the reference DB 128, the distributed ledger 150, and the sub ledger 151 are stored. However, these details will be described later.

On the other hand, the user terminal 200 operated by an individual who wishes to verify his / her identity includes the hardware configuration illustrated in FIG. Specifically, as the user terminal 200, a smartphone, a tablet terminal, or a PC can be assumed.

The user terminal 200 to be exemplified is held in a storage unit 201 composed of an appropriate non-volatile storage element such as an SSD (Solid State Drive) or a hard disk drive, a memory 203 composed of a volatile storage element such as a RAM, and a storage unit 201. The program 202 is executed by reading it into the memory 203 to perform overall control of the device itself, as well as a calculation unit 204 such as a CPU that performs various judgments, calculations and control processes, a keyboard that accepts key input and voice input from the user, and the like. It includes an input unit 205, an output unit 206 such as a display that displays processing data, a communication unit 207 that is connected to the network 2 and is responsible for communication processing with the identity verification support device 100, and a camera unit 208.

Of these, the camera unit 208 is a general digital camera unit capable of shooting still images and moving images. The camera unit 208 receives, for example, a notification from the identity verification support device 100 requesting "shooting a moving image of an individual performing a predetermined operation together with an identity verification document (medium) with a face photo such as a driver's license". It is preferable to automatically start by triggering the operation.

Further, in addition to the program 202 for implementing the functions required as the user terminal of the present embodiment, at least the key pair 210 and the digital certificate 211 are securely stored in the storage device 101.
Of these, the key pair 210 is a pair of a public key and a private key generated for the user terminal 200.

Further, the digital certificate 211 is issued after the identity verification by the identity verification support device 100, and the public key of the above-mentioned key pair 210 and the identity verification support device 100 receive the above-mentioned identity verification support device 100 as described above. It is generated based on an ID issued for an individual (a service user ID described later). As the digital certificate generation method itself, the conventional method may be appropriately adopted.
--- Data structure example ---
Subsequently, the information used by the identity verification support device 100 of the present embodiment will be described. FIG. 4 shows an example of the image management DB 125 in this embodiment.

The image management DB 125 of the present embodiment responds to the "notification requesting video recording of an individual performing a predetermined operation together with the medium", the video data transmitted from the user terminal 200 described above, and the individual himself / herself. It is a database that stores specific items.

The data structure is, for example, the video data obtained from the user terminal 200, the video data of the video data, using the personal identification items such as the above-mentioned personal name, reading pseudonym of the name, gender, date of birth, telephone number, and e-mail address as keys. It is a collection of records consisting of data such as the date and time of reception.
Of these, the personal identification matter assumes information input by the individual via a predetermined screen distributed from the personal identification support device 100 to the user terminal 200.

Further, FIG. 5 shows an example of data configuration of the ID management DB 126 of the present embodiment. The ID management DB 126 of the present embodiment is a database accumulating IDs (service user IDs) issued for the above-mentioned individual after identity verification.
The data structure is a collection of records in which all or part of the personal identification matter of the individual is associated with the above-mentioned individual ID as a key.

Further, FIG. 6 shows a data configuration example of the operation regulation information 127 of the present embodiment. The operation regulation information 127 of the present embodiment is a database that stores information on each of the objects and elements of the operation that constitutes the operation content to be included in the notification of the shooting request.

The data structure includes an information type that distinguishes information between an operation target and an operation element using predetermined identification information as a key, and the content of the information (for example, if the information type is "operation target", "face". , "Left eye", "Right eye", and when the information type is "operation element", the value of "90 degrees", "180 degrees", "left rotation", etc.) It is an aggregate.

Further, FIG. 7 shows an example of the data structure of the authenticity reference DB 128 of the present embodiment. The authenticity standard DB 128 of the present embodiment is a database that stores the criteria used for authenticity determination, which will be described in detail later. The data structure is a collection of records in which the value of the authenticity standard and the identification information of the individual to be applied are associated with each other using the reference ID as a key.
As for the authenticity standard that does not limit the application target to a specific person, the value is not set as the above-mentioned individual identification information.
－－－ Flow example 1 －－－

Hereinafter, the actual procedure of the identity verification support method in the present embodiment will be described with reference to the figure. Various operations corresponding to the identity verification support method described below are realized by a program read by the identity verification support device 100 into a memory or the like and executed. The program is composed of codes for performing various operations described below.

FIG. 8 is a diagram showing a flow example 1 of the identity verification support method in the present embodiment. Here, first, it is assumed that an individual wants to register for the service provided by any of the organizations belonging to the consortium constituting the distributed ledger system 10 described above.

As a specific example of the organization, a financial institution that provides an Internet banking service is assumed. In that case, the individual who wants to register for use is an individual who intends to register for use of the Internet banking service.

In addition, for the above-mentioned usage registration, personal identification items such as the individual's name, furigana, address, gender, age, date of birth, and contact information, and identity verification documents with a face photo such as a driver's license are required. It has become.

In this case, the distributed ledger node operated by the financial institution, that is, the identity verification support device 100, distributes a predetermined WEB site to the user terminal 300 operated by the above-mentioned individual, and receives a usage registration request from this WEB site. The identity verification support device 100 returns an input screen (screen 700 in FIG. 9) in response to a usage registration request (s10). The input screen 700 is an input screen that accepts input of personal identification items.

The above-mentioned individual who browses the input screen 700 operates the input unit 205 of the user terminal 200 to input a value or select from a predetermined menu for each item of the personal identification item, and press the transmission icon 701. Etc. Send operation. In response to this transmission operation, the user terminal 200 returns each value of the personal identification item to the personal identification support device 100.
On the other hand, the identity verification support device 100 receives each value of the above-mentioned identity identification item from the user terminal 200 and holds it in the memory 103 (s11).

It should be noted that each of the above-mentioned processes of s10 and s11 may be performed after the moving image shooting after s13, which will be described later. However, in that case, the identity verification support device 100 is changed to s10 and s11, and for example, a predetermined input for requesting the user terminal 200 to input the mobile phone number with the intention of uniquely identifying the personal terminal. A step of distributing a screen (see screen 750 of FIG. 10A) to acquire the telephone number, and further, a step of sending a short message notifying a predetermined four-digit number to the telephone number, and the above-mentioned step. A predetermined input screen for inputting a 4-digit number (see screen 751 in FIG. 10B) may be delivered, and if the number matches the one at the time of transmission and is correct, the transition to the subsequent moving image shooting may be performed.

Continuing from s11, the identity verification support device 100 generates the content of a series of operations instructed by the notification in preparation for the notification of the shooting request (s13 described later) based on the operation regulation information 127 exemplified in FIG. In addition, the authenticity reference is generated and stored in the authenticity reference DB 128 according to the content of the operation (s12).
The content of the above-mentioned "series of operations" is randomly generated by the identity verification support device 100 for each notification opportunity of a shooting request.

As a specific example, for example, "turn the face 90 degrees to the left" → "stop temporarily" → "open and close the left eye once" → "turn the face to the right" → "frontward" → "driver's license" "Stop with the front side facing the camera"-> "Turn the driver's license to the back side"-> "Stop with the right side of the driver's license facing the camera"-> "Stop with the left side of the driver's license facing the camera"-> "Stop" You can imagine things like "stop with the top surface of the driver's license facing the camera" → "stop with the bottom surface of the driver's license facing the camera".

In order to determine the content of such a "series of operations", the identity verification support device 100 has "face", "left eye", "right eye", "both eyes", and "as shown with respect to the operation regulation information 127 of FIG. With operation targets such as "left hand", "right hand", "both hands", "driver's license", "my number card", "right side", "left side", "upper end", "lower end", "camera", etc. , "Slowly", "Fast", "90 degrees", "180 degrees", "Left rotation", "Right rotation", "Temporarily stop", "Stop", "Turn", etc. , It is held in the storage unit 101 in association with each identification information.

Therefore, the identity verification support device 100 generates a plurality of random number values a predetermined number of times by a random number generator generally provided in the information processing device, and the above-mentioned operation of the identification information corresponding to the value of each predetermined digit of the random number value. Select the target and the operating element respectively, and combine them in the order of selection, for example.

The set of operation target and operation element selected according to the first random value set is, for example, "face" and "90 degrees" and "left rotation", and the operation target and operation element selected according to the next random value. If the set of is, for example, "face", "180 degrees" and "rotate right", the content of the series of operations is "face 90 degrees, left rotation" → "face 180 degrees, right rotation". ", Becomes.
The content of the series of operations generated in this way is stored in the authenticity standard DB 128 in association with the identification information of the individual.

Subsequently, the identity verification support device 100 transmits a shooting request notification (notification screen 800 in FIG. 10) to the above-mentioned user terminal 200 via the network 2 (s13).

This notification is generated in s12 as described above, for example, "After starting video recording with yourself as the subject on your terminal, a series of actions to be requested sequentially from now on, such as a driver's license, etc. It contains a message that specifies the flow of a series of operations, such as "Please go while holding the identity verification document with a face photo in your hand." That is, it is a notification requesting "shooting a moving image of an individual performing a predetermined operation together with an identity verification document with a face photograph". Here, the "identification document with a face photo" will be referred to as a driver's license hereafter.

An individual who operates the above-mentioned user terminal 200, after viewing the above-mentioned notification on the output unit 206 and understanding the flow, clicks the shooting start button 801 on the screen 800 when the camera unit 208 is activated. The identity verification support device 100 corresponding to this indicates the operation content to the user terminal 200 along with the progress of the series of operations generated in s12 (for example, FIG. 1).
The message 905) on the screen 900 of FIG. 2 is output each time (see the screen 900 of FIG. 12 and the screen 950 of FIG. 13). On the other hand, the individual moves a predetermined part such as a face, a hand, or an eye while holding a driver's license according to the operation content indicated by the instruction of the operation content.

At that time, the user terminal 200 will shoot a moving image of the operation of the user terminal 200 with the camera unit 208 as instructed by the notification. At the time of this moving image shooting, the user terminal 200 uses a shooting frame on the screen (shooting frame 910 in the case of FIG. 12) to indicate a shooting guide (in FIG. 12) in which a subject such as a face or a driver's license should be placed. If there is, it is preferable to display the shooting guide 920, 921) to assist the operation of the individual.
Further, the user terminal 200 returns the video data taken by the camera unit 208 to the above-mentioned identity verification support device 100.

Subsequently, the identity verification support device 100 acquires the video data returned from the above-mentioned user terminal 200, and extracts predetermined information regarding each of the individual and the driver's license from the video data (s14).

At the time of extracting the information in s14, the identity verification support device 100 performs (performs) image information with the face and finger of the individual as the subject and the above-mentioned operation as each information of the predetermined part and the operation in the individual. Image information, which is the subject of the individual), is extracted from the video data.

Of such image information, for example, in extracting image information related to each of a face and a finger, an existing shape recognition algorithm is applied to identify a corresponding area from a predetermined frame in the video data, that is, a still image, and the image data itself in the area is specified. , Or its feature quantities (eg, contour features such as color, luminance, eigenvalues, eigenvectors, corners, etc.) will be extracted. As for the concept of feature quantity and its extraction method itself, existing techniques may be appropriately adopted.

Further, in the extraction of image information related to motion among image information, a predetermined part such as a face, a hand, a finger, an arm, a pupil, etc. in the above-mentioned individual is recognized as a pattern from a predetermined frame in the video data, that is, a still image, and the portion is concerned. The direction and range of rotation, moving distance, etc. between frames of the pixel group corresponding to the above are calculated as the "movement" of the corresponding part.

Further, the identity verification support device 100 in s14 extracts the face image information of the individual corresponding to the face photograph affixed and displayed on the face of the driver's license as predetermined information regarding the driver's license from the video data. .. In this extraction, an existing recognition algorithm is applied to identify a facial photograph area in the driver's license from a predetermined frame in the video data, that is, a still image, and the image data itself in the area or its feature amount (eg). : Outline features such as color, luminance, eigenvalue, eigenvector, corner, etc.) will be extracted. As for the concept of feature quantity and its extraction method itself, existing techniques may be appropriately adopted.
Further, the identity verification support device 100 in s14 extracts from the video data the description items such as the name, address, and date of birth printed on the face of the driver's license.

In this extraction, an existing character recognition algorithm is applied to identify the text printed on the face of the driver's license from a predetermined frame, that is, a still image in the video data. As the character recognition algorithm, the existing technique may be appropriately adopted.
Further, the identity verification support device 100 in s14 extracts the feature amount of a predetermined event such as the dimensional ratio between the vertical, horizontal, and thickness in the driver's license from the video data.

In this extraction, an existing shape recognition algorithm is applied to recognize each vertex in the above-mentioned driver's license from a predetermined frame in the video data, that is, a still image, and the distance between each pixel corresponding to each vertex is vertically calculated. , Calculated as the horizontal length. In addition, the shortest distance between the line segments formed by connecting the above-mentioned vertices and extending in parallel with each other is calculated as the thickness.

Following the above-mentioned s14, the identity verification support device 100 determines whether or not the predetermined authenticity criteria are satisfied for each of the personal and driver's license information obtained in s14 (s15).

At the time of the determination in the above-mentioned s15, the identity verification support device 100 includes, for example, face and finger image information (specifically, feature amount information) obtained in the above-mentioned s14 and the movement of the individual among the information about the individual. (Specifically, the direction and range of rotation of the face, hands, arms, etc., movement distance, etc.) will be determined whether at least one of them meets the authenticity criteria for the individual.

Of the authenticity criteria, the "image information" of the face and finger is provided, for example, not as an image of the face or finger printed on paper or displayed on a display, but as an image of each of the face and finger existing as an entity. It defines the amount of features to be used. As the feature amount as the authenticity standard, a representative value (mean value or median value) of the feature amount actually calculated for each image of the face and finger of various persons can be assumed.

In addition, among the authenticity criteria, the one related to "movement" is the "series of movements" requested by the identity verification support device 100 informing the user terminal 200 of the individual in s13 (eg, turning the face 90 degrees to the left, etc.). ), And with s12, it is stored in the authenticity standard DB 128 for the individual.
Further, in the determination in s15, the identity verification support device 100 determines whether the feature amount information among the information related to the driver's license satisfies the authenticity standard for the driver's license.

Of the authenticity standards, the driver's license feature amount information is, for example, the feature amount that should be provided as an image of the driver's license that exists as an entity, not as an image of the driver's license printed on paper or displayed on a display. Is specified. As the feature amount as the authenticity standard, the representative value (mean value or median value) of the feature amount actually calculated for the image of the actual driver's license can be assumed under various conditions.

As a result of the above determination, when the authenticity determination fails, that is, when the authenticity of the existence of the individual or the driver's license cannot be identified (s16: n), the identity verification support device 100 ends the process.

On the other hand, when the authenticity determination is successful as a result of the above-mentioned determination, that is, when the above-mentioned authenticity can be specified (s16: y), the identity verification support device 100 is obtained by extracting s14 in the above-mentioned individual. Of the image information with each of the face and the finger as the subject, a biometric authentication template for the individual is generated based on the image information with the finger as the subject, and is temporarily stored in the memory 103 (s17). For this template generation for biometric authentication, an existing template generation method may be appropriately adopted.

In the present embodiment, the face and fingers are mentioned as examples of biometric authentication, but the present invention is not limited to this, and various objects such as finger veins, palm prints, palm veins, irises, and voice prints may be appropriately adopted.

In addition, the generated biometric authentication template can be used to uniquely identify the person. For example, a biometric authentication template can be used for personal authentication when using the provided service.

When using the provided service, the user first acquires new biometric information from the user terminal and sends it to the identity verification support device. When transmitting newly acquired biometric information, it is possible to securely manage personal confidential information by performing encryption processing and encrypting it.

On the other hand, the identity verification support device collates the biometric information received from the user terminal with the template for biometric authentication, and if the degree of matching is equal to or higher than a certain level, determines that they belong to the same user. Authenticate the person by. In addition, by managing biometric authentication templates in a distributed ledger shared between companies, unified authentication integration for services provided by each company becomes possible.

Subsequently, the identity verification support device 100 collates the items described on the face of the driver's license information obtained in the extraction of s14 with the personal identification items obtained in advance in s11, and one item corresponds to each other. It is determined whether or not it is done (s18).
As a result of this determination, if some of the corresponding items do not match (s19: n), the identity verification support device 100 ends the process.

Further, the identity verification support device 100 includes face image information among the information obtained regarding the driver's license by extracting s14, and image information obtained about the individual by extracting s14 with the face of the individual as the subject. Is collated, and it is determined whether or not each image information is related to the face image of the same person (s20).
As a result of this determination, if each image information relates to a face image of a different person (s21: n), the identity verification support device 100 ends the process.

On the other hand, when any of the above-mentioned collations in s18 and s20 is successful (s19: y, s21: y), the identity verification support device 100 generates a service user ID for the above-mentioned individual (s22). As the ID generation method, a general method may be appropriately adopted, for example, the value of a predetermined digit of the existing ID in the ID management DB 126 is incremented for each generation opportunity.

Subsequently, the identity verification support device 100 includes the identity identification information including at least the identity identification items among the identity identification items obtained in s11, various information obtained in s14, and the biometric authentication template generated in s17. , The service user ID generated in the above-mentioned s22 is associated with the service user ID and stored in the distributed ledger 150 of the storage unit 101 (s23).

In the process of storing in the distributed ledger 150 described in s23, the transaction including the above-mentioned set of the personal identification information and the service user ID is another distributed ledger constituting the distributed ledger system 10 on the network 1. It means that it is issued to a node (that is, another identity verification support device) and is stored in each distributed ledger 150 after a predetermined consensus building.

Subsequently, the identity verification support device 100 adopts the service user ID as the owner information of the private key of the above-mentioned user terminal 200 as the service user ID is generated in s22, and the user terminal 200 also adopts the service user ID. The public key is obtained from, a digital certificate is issued based on the service user ID and the public key (s24), and the process is terminated. The digital certificate will be stored in the user terminal 200.

In this flow example 1, the flow of storing the set of the personal identification information and the service user ID generated for the relevant individual through the personal verification in the distributed ledger 150 is shown. The information stored in the distributed ledger 150 in this way can be referred to by each of the identity verification support devices 100 in the organization to which the consortium belongs. Therefore, regarding an individual who has completed the service use registration of a certain organization, the identity verification support device 100 of another organization belonging to the consortium can also refer to the above-mentioned set of information in its own distributed ledger 150. Therefore, when the above-mentioned individual makes a usage registration request for the service provided by the other organization, the identity verification support device 100 of the other organization refers to the information of the individual in the distributed ledger 150 and performs the necessary usage registration procedure. It can also be used for judgment.
－－－ Flow example 2 －－－

Subsequently, the situation where the usage registration is completed after the identity verification in the above-mentioned flow example 1 and the individual who has stored the digital certificate in the user terminal 200 uses the service provided by each organization of the above-mentioned consortium. Suppose.

In this case, the identity verification support device 100 accumulates and manages the history of such service use for each individual, and can utilize this as the authenticity standard in the above-mentioned flow example 1. This is because the service usage history is easily linked to the behavioral habits and tendencies of the individual, that is, the information can be considered as the biometric information of the individual.

Therefore, a method of collecting and accumulating the history of service use by individuals will be described below. FIG. 14 is a diagram showing a flow example 2 of the identity verification support method in the present embodiment.

In this case, the identity verification support device 100 operated by a certain organization is used by the user terminal 200 operated by a predetermined individual with respect to the service provided by the organization on the network 1, that is, the distributed ledger network. , The history information is stored in the sub ledger 151 (s30).
This history information shall be stored in association with at least the service user ID of the individual.

Further, the identity verification support device 100 extracts the history information stored in the sub-ledger 151 for each service user ID, performs statistical processing on trends related to predetermined attributes such as the date and time of use and the type of service used, and performs this processing. The result is stored in the authenticity criterion DB 128 as the authenticity criterion regarding the behavioral tendency of the individual (s31), and the process is terminated.

The statistical processing here specifies, for example, the date and time when the individual is most likely to use the service, etc. (that is, the median) and the type of the service that is used most frequently (that is, the median). Will be.

The above-mentioned authenticity standard stored in this way determines whether or not the date and time of the request and the type of service targeted when the individual makes a usage registration request are different from the normal behavior tendency of the individual. It becomes a criterion for judgment.
－－－ Other forms －－－

In addition, unlike the form shown in the flow example 1, as a notification of the shooting request of s13, a notification requesting a plurality of video shootings for an individual who is performing a plurality of predetermined actions together with a driver's license is given. It may be transmitted to the user terminal 200.

Specifically, it is assumed that one of the multiple times is a notification that only the face is moved while holding the driver's license, and the other one is a notification that only the hand with the driver's license is moved. You can. FIG. 15 is a diagram showing a flow example 3 of the identity verification support method in the present embodiment.

The identity verification support device 100 notifies the user terminal 200 of a notification requesting a plurality of video recordings as described above (s40), and acquires a plurality of video data corresponding to each of the plurality of predetermined operations corresponding to the notification (s40). (S41).

Further, the identity verification support device 100 extracts predetermined information regarding each of the individual and the driver's license from each of the plurality of video data obtained in s41, as in s14 (s42).

In addition, the identity verification support device 100 describes above-mentioned agreement on at least one of the items described and the image of the driver's license among the information on the driver's license that is the subject common to each of the plurality of video data obtained in s42. Judgment is made among a plurality of video data of (s43). That is, it is determined whether the driver's licenses included in each video data are the same as each other.

If it can be determined that the driver's license is the same as a result of the above determination (s44: y), the identity verification support device 100 extracts each information of the individual and the driver's license from each of the above-mentioned plurality of video data in s42. For each of the above, the same authenticity determination as in s15 and the like of Flow Example 1 is performed (s45), and the process is terminated. The processing after this authenticity determination is the same as in Flow Example 1.

If such a form is adopted, the necessary movements can be divided and performed as compared with the situation where the above-mentioned individual performs a predetermined operation while holding a driver's license and needs to take a picture of himself / herself in this state with SELPHY. Is also likely to be possible. Therefore, the usability is good with respect to the process. Moreover, although a plurality of video data are required, since the driver's license exists as a common subject among them, there is no possibility that the accuracy of authenticity determination and collation will be deteriorated. As a result, stricter identity verification and more secure identity verification based on the identity identification information registered after the identity verification become possible.

Although the best mode for carrying out the present invention has been specifically described above, the present invention is not limited to this, and various modifications can be made without departing from the gist thereof.
According to such an embodiment, strict identity verification and secure identity verification using the identity identification information registered after the identity verification become possible.

The description herein reveals at least the following: That is, in the identity verification support device of the present embodiment, at the time of the extraction, the calculation unit extracts each information of the predetermined part and the operation of the individual as the predetermined information regarding the individual from the video data, and determines the predetermined information regarding the medium. As information, the items described in the medium, the feature amount of the predetermined event, and the information of the predetermined part of the individual displayed by the medium are extracted from the video data, and in the determination, among the information about the individual, It is determined whether at least one of the predetermined portion and the information of the operation satisfies the authenticity criterion for the individual, and it is determined whether the feature amount of the information about the medium satisfies the authenticity criterion for the medium. At the time of the collation, the collation of the information described in the medium among the information related to the medium and the personal identification item of the individual held in advance, and the information of the predetermined part which is the biological information of the information related to the medium and the information related to the individual. Of these, it may be collated with the information of the predetermined portion, which is the biological information.

According to this, information on a predetermined part such as a face or a finger (including the concept of an image or a feature amount) of the individual, which is information about an individual who wants to confirm the identity, and the operation instructed by the individual in the above notification. Information on doing things (eg, including concepts such as dimensional ratios, movable ranges, and bending ranges of various parts of the body), and information on media that assume personal identification documents (eg, driver's license, my number card, etc.) The items to be described on the medium, the feature amount of the predetermined event (eg, the concept of dimensional ratio such as thickness and length, surface smoothness, light reflectance, presence / absence of hologram, etc.), and the medium By using the displayed information on a predetermined part of the individual (eg, including the concept of an image and a feature amount), it is possible to perform authenticity determination and the above-mentioned collation with high accuracy. As a result, stricter identity verification and more secure identity verification based on the identity identification information registered after the identity verification become possible.

Further, in the identity verification support device of the present embodiment, the calculation unit obtains image information of the predetermined portion and the motion as a subject from the video data as information of the predetermined portion and the motion in the individual at the time of the extraction. As predetermined information regarding the medium, the items described in the medium, the feature amount of the predetermined event, and the image information of the predetermined part of the individual displayed by the medium are extracted from the video data, and the determination is made. In the determination of the information about the individual, it is determined whether at least one of the predetermined part and the image information of the operation in the individual satisfies the authenticity criterion for the individual, and in the collation, the biometric information Even if the collation is performed by collating the image information of the predetermined portion, which is the biological information of the information regarding the medium, with the image information of the predetermined portion, which is the biological information of the information regarding the individual. good.

According to this, the image information of a predetermined part such as the face and fingers of the individual, which is the information about the individual who wants to confirm the identity, the image information when the individual is performing the operation instructed by the notification, and the image information. Using the information on the medium that assumes the personal identification document, the items described on the medium, the feature amount of the predetermined event, and the image information of the predetermined part of the individual displayed by the medium, the authenticity can be determined. The above-mentioned collation can be performed accurately and efficiently. As a result, stricter identity verification and more secure identity verification based on the identity identification information registered after the identity verification become possible.

Further, in the identity verification support device of the present embodiment, at the time of the extraction, the calculation unit uses the image information of each of a plurality of parts including at least the face of the individual as the subject as the image information of the predetermined part of the individual. As the image information of the predetermined part of the individual displayed by the medium, the face image information with the individual's face as the subject is extracted from the video data, and the information about the individual is used in the determination. In the determination, it is determined whether at least one of the image information of each of the plurality of parts including the face of the individual and the image information of the operation satisfy the authenticity criteria for the individual, and in the collation, the living body. In the collation of information, the face image information which is biological information among the information about the medium is collated with the image information of the face as a subject which is the biological information among the information about the individual. If the determination is successful, the biometric authentication for the individual is based on the image information obtained by the extraction with each of the plurality of parts of the individual as the subject, and the image information with the part other than the face as the subject. The process of generating the template may be further executed, the template may be further included in the personal identification information, and the ID may be associated with the ID and stored in the storage unit.

According to this, it is possible to perform an authenticity determination on each image information such as a face and a finger of an individual who wants to confirm the identity, and to generate a template for biometric authentication based on the image information of the finger, for example. In addition, the template can be included as personal identification information, and the ID can be appropriately secured. As a result, stricter identity verification and more secure identity verification based on the identity identification information registered after the identity verification become possible.

Further, in the identity verification support device of the present embodiment, the calculation unit receives, as the notification, a notification requesting a plurality of times of moving image shooting with the individual performing a plurality of predetermined operations together with the medium as a subject. It is sent to the terminal, a plurality of video data corresponding to each of the plurality of predetermined operations are acquired from the terminal in response to the notification, and predetermined information regarding each of the individual and the medium is extracted from each of the plurality of video data. Then, among the information about the medium, which is a subject common to each of the plurality of video data, a match between the items described in the medium and at least one of the images of the medium is determined among the plurality of video data, and the determination is made. If it succeeds, it may be determined whether or not the predetermined authenticity criteria are satisfied for each of the information of the individual and the medium extracted from each of the plurality of video data.

According to this, compared to the above-mentioned situation in which an individual performs a predetermined operation while holding a medium and needs to take a picture of himself / herself in this state with SELPHY, it is easy to be able to perform the necessary operation separately. , Usability is good for the process. Moreover, although a plurality of video data are required, since the medium exists as a common subject among them, there is no possibility that the accuracy of authenticity determination and collation will be deteriorated. As a result, stricter identity verification and more secure identity verification based on the identity identification information registered after the identity verification become possible.

Further, in the identity verification support device of the present embodiment, the calculation unit uses a digital certificate based on the ID which is the owner information of the private key of the terminal and the public key of the terminal obtained from the terminal. Is issued, and the process of transmitting the digital certificate to the terminal may be further executed.

According to this, it is possible to surely guarantee the fact that the above-mentioned terminal belongs to an individual whose identity has been confirmed, and to appropriately guarantee the authenticity of the subsequent processing results such as identity verification. .. As a result, stricter identity verification and more secure identity verification based on the identity identification information registered after the identity verification become possible.

Further, in the identity verification support device of the present embodiment, the calculation unit is used as the storage unit for storing the identity identification information and the ID in association with each other in the distributed ledger at a predetermined node constituting the distributed ledger network. The personal identification information and the ID may be stored in association with each other.

According to this, the information of each individual who has undergone the above-mentioned identity verification will be managed securely and at low cost on the distributed ledger network, and each individual who can be a user of the service among the participants of the distributed ledger network. Information (including user registration history and policies) can be shared as appropriate. As a result, stricter identity verification and more secure identity verification based on the identity identification information registered after the identity verification become possible.

Further, in the identity verification support device of the present embodiment, the calculation unit transfers the information of the usage history of the predetermined service by the terminal on the distributed ledger network to the sub-ledger of the node belonging to the predetermined consortium. At least, it may be stored in association with the ID, and a process of determining whether or not the authenticity criteria extracted by statistically processing the usage history information may be executed.

According to this, the usage history of the above-mentioned service by each individual who has undergone the above-mentioned identity verification can be managed securely and at low cost within the range of the predetermined participants (consortium, etc.) of the distributed ledger network. .. As a result, stricter identity verification and more secure identity verification based on the identity identification information registered after the identity verification become possible.

Further, in the identity verification support method of the present embodiment, the information processing system extracts information on a predetermined part and operation of the individual as predetermined information regarding the individual from the video data at the time of the extraction, and relates to the medium. As predetermined information, the items described in the medium, the feature amount of the predetermined event, and the information of the predetermined part of the individual displayed by the medium are extracted from the video data, and among the information about the individual in the determination. , It is determined whether at least one of the information of the predetermined part and the operation satisfies the authenticity criterion for the individual, and it is determined whether the feature amount of the information about the medium satisfies the authenticity criterion for the medium. However, at the time of the collation, the collation of the information described in the medium among the information related to the medium and the personal identification item of the individual held in advance, the information of the predetermined part which is the biological information of the information related to the medium, and the information about the individual. Of these, the collation with the information of the predetermined portion, which is the biological information, may be performed.

Further, in the identity verification support method of the present embodiment, when the information processing system performs the extraction, the video data includes image information with the predetermined part and the movement as a subject as each information of the predetermined part and the movement in the individual. As predetermined information regarding the medium, the items described in the medium, the feature amount of the predetermined event, and the image information of the predetermined part of the individual displayed by the medium are extracted from the video data, and the determination is made. At the time, in the determination of the information about the individual, it is determined whether at least one of the predetermined part and the image information of the operation in the individual satisfies the authenticity criterion for the individual, and in the collation, the biometric information. In the collation of the above-mentioned medium, the image information of the predetermined portion, which is biological information, may be collated with the image information of the predetermined portion, which is biological information of the personal information.

Further, in the identity verification support method of the present embodiment, when the information processing system performs the extraction, the image information of a plurality of parts including at least the face of the individual is used as the image information of the predetermined part of the individual. Information about the individual is extracted from the video data as image information of a predetermined part of the individual displayed by the medium, and face image information with the individual's face as a subject is extracted from the video data. In the determination of, it is determined whether at least one of the image information of each of the plurality of parts including the face of the individual and the image information of the operation satisfies the authenticity criterion for the individual, and in the collation, the said In the collation of the biological information, the face image information which is the biological information in the information about the medium is collated with the image information of the face as the subject which is the biological information among the information about the individual, and the determination is made. If the result is successful, a template for biometric authentication regarding the individual is obtained based on the image information obtained by the extraction with each of the plurality of parts of the individual as the subject, and the image information with the part other than the face as the subject. The generated process may be further executed, the template may be further included in the personal identification information, and the ID may be associated with the ID and stored in the storage unit.

Further, in the identity verification support method of the present embodiment, the information processing system notifies as the notification requesting a plurality of times of moving image shooting with the individual performing a plurality of predetermined operations together with the medium as a subject. , A plurality of video data corresponding to each of the plurality of predetermined operations are acquired from the terminal in response to the notification, and predetermined information regarding each of the individual and the medium is obtained from each of the plurality of video data. Among the information about the medium that is the subject common to each of the plurality of video data, the match between the items described in the medium and at least one of the images of the medium is determined among the plurality of video data, and the data is determined. If the determination is successful, it may be determined whether or not the predetermined authenticity criteria are satisfied for each of the information of the individual and the medium extracted from each of the plurality of video data.

Further, in the identity verification support method of the present embodiment, the information processing system digitally certifies based on the ID which is the owner information of the private key of the terminal and the public key of the terminal obtained from the terminal. The process of issuing a document and transmitting the digital certificate to the terminal may be further executed.

Further, in the identity verification support method of the present embodiment, the information processing system uses the distributed ledger in a predetermined node constituting the distributed ledger network as the storage unit for storing the personal identification information and the ID in association with each other. The personal identification information and the ID may be stored in association with each other.

Further, in the identity verification support method of the present embodiment, the information processing system transfers the information of the usage history of the predetermined service by the terminal on the distributed ledger network to the sub-ledger of the node belonging to the predetermined consortium. , At least it may be stored in association with the ID, and a process of determining whether or not the authenticity criteria extracted by statistically processing the usage history information may be executed.

1, 2 Network 10 Distributed Ledger System 100 Identity Verification Support Device (Distributed Ledger Node)
101 Storage unit 102 Program 103 Memory 104 Calculation unit 105 Communication unit 125 Image management DB
126 ID management DB
127 Operation regulation information 128 Authenticity standard DB
150 Distributed Ledger (for personal identification information)
151 Sub-ledger (for usage history)
200 User terminal 201 Storage unit 202 Program 203 Memory 204 Calculation unit 205 Input unit 206 Output unit 207 Communication unit 208 Camera unit 210 Key pair 211 Digital certificate 300 Client node

Claims (14)

A communication unit that communicates with a predetermined device via a network,
A notification is sent to a predetermined terminal requesting multiple times of moving image shooting for an individual performing a plurality of predetermined actions together with a predetermined medium, and the terminal responds to each of the plurality of predetermined actions in response to the notification. Among the processes of acquiring a plurality of video data, the process of extracting predetermined information about each of the individual and the medium from each of the plurality of video data, and the information about the medium which is a subject common to each of the plurality of video data. A match between the plurality of video data for at least one of the items described on the medium and the image of the medium is determined, and if the determination for the match is successful, the individual extracted from each of the plurality of video data. And the process of determining whether or not each piece of information on the medium meets a predetermined authenticity standard, and if the determination on the authenticity standard is successful, the information on the medium described in the medium and the personal identification item held in advance. And the process of collating the biometric information of the information about the medium with the biometric information of the information about the individual, the process of generating an ID for the individual if any of the collations are successful, and An arithmetic unit that executes a process of associating the personal identification information including at least one of the personal identification matter or the biometric information with the ID and storing the ID in the storage unit.
An identity verification support device characterized by including. The arithmetic unit
At the time of the extraction, as predetermined information about the individual, each information of a predetermined part and operation in the individual is extracted from the video data, and as predetermined information regarding the medium, the items described in the medium, the feature amount of the predetermined event, and the said. Information on the predetermined part of the individual displayed on the medium is extracted from the video data, and the information is extracted from the video data.
In the determination regarding the authenticity standard, it is determined whether at least one of the predetermined parts and the information of the operation among the information about the individual satisfies the authenticity standard for the individual, and the information regarding the medium is described. Judging whether the feature quantity meets the authenticity criteria for the medium,
At the time of the collation, among the information about the medium, the items described in the medium and the personal identification items of the individual held in advance are collated, and among the information about the medium, the information of the predetermined part which is the biological information and the information about the individual. It collates with the information of the predetermined part, which is the biological information.
The identity verification support device according to claim 1. The arithmetic unit
At the time of the extraction, as the information of the predetermined part and the operation in the individual, the image information with the predetermined part and the operation as the subject is extracted from the video data, and the items to be described in the medium and the predetermined information as the predetermined information regarding the medium. The feature amount of the event and the image information of the predetermined part of the individual displayed by the medium are extracted from the video data.
In the determination regarding the authenticity standard , in the determination regarding the information regarding the individual, it is determined whether at least one of the predetermined part and the image information of the operation in the individual satisfies the authenticity criterion for the individual.
At the time of the collation, in the collation of the biological information, the image information of the predetermined part which is the biological information in the information about the medium and the image information of the predetermined part which is the biological information among the information about the individual are collated. Is to do,
The identity verification support device according to claim 2, characterized in that. The arithmetic unit
At the time of the extraction, as the image information of the predetermined part of the individual, the image information of each of a plurality of parts including at least the face of the individual as a subject is extracted from the video data, and the predetermined part of the individual displayed by the medium is displayed. As the image information of, the face image information with the individual's face as the subject is extracted from the video data.
In the determination regarding the authenticity standard , at least one of the image information of each of the plurality of parts including the face of the individual and the image information of the operation in the determination of the information about the individual is the authenticity standard for the individual. Determine if it meets
In the collation of the biological information, the face image information which is the biological information in the information about the medium and the image information of the face which is the biological information in the personal information are collated in the collation. Is to do
When the determination regarding the authenticity criterion is successful, the living body related to the individual is based on the image information obtained by the extraction with each of the plurality of parts of the individual as the subject and the part other than the face as the subject. Further execute the process to generate the template for authentication,
The template is further included in the personal identification information, and is stored in the storage unit in association with the ID.
The identity verification support device according to claim 3, characterized in that. The arithmetic unit
Further, a process of issuing a digital certificate and transmitting the digital certificate to the terminal based on the ID which is the owner information of the private key of the terminal and the public key of the terminal obtained from the terminal is further performed. What to do,
The identity verification support device according to claim 1. The arithmetic unit
As the storage unit for storing the personal identification information and the ID in association with each other, the personal identification information and the ID are stored in association with each other in the distributed ledger at a predetermined node constituting the distributed ledger network.
The identity verification support device according to claim 1. The arithmetic unit
Information on the usage history of the predetermined service by the terminal on the distributed ledger network is stored in the sub-ledger of the node belonging to the predetermined consortium in association with at least the ID.
A process of determining whether or not the authenticity criteria extracted by statistically processing the usage history information is executed.
The identity verification support device according to claim 6, characterized in that. Information processing system
A notification is sent to a predetermined terminal requesting multiple times of moving image shooting with an individual performing a plurality of predetermined actions as a subject together with a predetermined medium, and the terminal responds to each of the plurality of predetermined actions in response to the notification. The process of acquiring multiple video data and
A process of extracting predetermined information about each of the individual and the medium from each of the plurality of video data, and
Of the information about the medium, which is a subject common to each of the plurality of video data, a match is determined among the plurality of video data regarding at least one of the items described in the medium and the image of the medium, and the match is determined. If the determination is successful, a process of determining whether or not the predetermined authenticity criteria are satisfied for each of the information of the individual and the medium extracted from each of the plurality of video data .
When the determination regarding the authenticity standard is successful, the items described in the medium among the information regarding the medium are collated with the personal identification items of the individual held in advance, and the biological information among the information regarding the medium and the biological information among the information regarding the individual are living organisms. The process of collating with information and
When any of the above collations is successful, the process of generating an ID for the individual and the personal identification information including at least one of the personal identification item or the biological information and the ID are stored in the storage unit in association with each other. And the processing to do
Identity verification support method characterized by executing. The information processing system
At the time of the extraction, as predetermined information about the individual, each information of a predetermined part and operation in the individual is extracted from the video data, and as predetermined information regarding the medium, the items described in the medium, the feature amount of the predetermined event, and the said. Information on the predetermined part of the individual displayed on the medium is extracted from the video data, and the information is extracted from the video data.
In the determination regarding the authenticity standard, it is determined whether at least one of the predetermined parts and the information of the operation among the information about the individual satisfies the authenticity standard for the individual, and the information regarding the medium is described. Judging whether the feature quantity meets the authenticity criteria for the medium,
At the time of the collation, among the information about the medium, the items described in the medium and the personal identification items of the individual held in advance are collated, and among the information about the medium, the information of the predetermined part which is the biological information and the information about the individual. Collation with the information of the predetermined part, which is the biological information,
The identity verification support method according to claim 8, wherein the method is characterized by the above. The information processing system
At the time of the extraction, as the information of the predetermined part and the operation in the individual, the image information with the predetermined part and the operation as the subject is extracted from the video data, and the items to be described in the medium and the predetermined information as the predetermined information regarding the medium. The feature amount of the event and the image information of the predetermined part of the individual displayed by the medium are extracted from the video data.
In the determination regarding the authenticity standard , in the determination regarding the information regarding the individual, it is determined whether at least one of the predetermined part and the image information of the operation in the individual satisfies the authenticity criterion for the individual.
At the time of the collation, in the collation of the biometric information, the image information of the predetermined part which is the biological information in the information about the medium and the image information of the predetermined part which is the biometric information among the information about the individual are collated. I do,
The identity verification support method according to claim 9, wherein the method is characterized by the above. The information processing system
At the time of the extraction, as the image information of the predetermined part of the individual, the image information of each of a plurality of parts including at least the face of the individual as a subject is extracted from the video data, and the predetermined part of the individual displayed by the medium is displayed. As the image information of, the face image information with the individual's face as the subject is extracted from the video data.
In the determination regarding the authenticity standard , at least one of the image information of each of the plurality of parts including the face of the individual and the image information of the operation in the determination of the information about the individual is the authenticity standard for the individual. Determine if it meets
In the collation of the biometric information, the face image information which is the biometric information among the information about the medium and the image information about the face which is the biometric information among the personal information are collated with each other. And
When the determination regarding the authenticity criterion is successful, the living body related to the individual is based on the image information obtained by the extraction with each of the plurality of parts of the individual as the subject and the part other than the face as the subject. Further execute the process to generate the template for authentication,
The template is further included in the personal identification information, and is stored in the storage unit in association with the ID.
The identity verification support method according to claim 10, wherein the method is characterized by the above. The information processing system
Further, a process of issuing a digital certificate and transmitting the digital certificate to the terminal based on the ID which is the owner information of the private key of the terminal and the public key of the terminal obtained from the terminal is further performed. Run,
The identity verification support method according to claim 8, wherein the method is characterized by the above. The information processing system
As the storage unit for storing the personal identification information and the ID in association with each other, the personal identification information and the ID are stored in association with each other in the distributed ledger at a predetermined node constituting the distributed ledger network.
The identity verification support method according to claim 8, wherein the method is characterized by the above. The information processing system
Information on the usage history of the predetermined service by the terminal on the distributed ledger network is stored in the sub-ledger of the node belonging to the predetermined consortium in association with at least the ID.
A process of determining whether or not the authenticity criteria extracted by statistically processing the usage history information is executed.
The identity verification support method according to claim 13, wherein the method is characterized by the above.

Images