JP7240360B2 - Information processing system, information processing method, and visitor management server - Google Patents

Description

The present invention relates to an information processing system, an information processing method, and a visitor management server.

Conventionally, various techniques related to personal authentication (personal identification) are known. For example, by photographing a face image of a user who has been authenticated by ID authentication using ID information entered by the user, and matching the photographed face image data with already recorded face image data, the user can be identified as the person himself/herself. A technique for checking whether or not is known (Patent Document 1).

JP-A-2004-265231

There is a demand for improvement in the accuracy of facial recognition.

An information processing system according to an embodiment may include a visitor management server that manages information about users, and a face authentication server that manages information used for user face authentication. A visitor management server includes a first determination unit that determines whether or not face image data used for face authentication of a user satisfies a first condition that should be satisfied as face image data used for face authentication; and a first storage unit that stores face image data. The face authentication server may have a second storage section that stores face image data that satisfies the first condition.

FIG. 1 is a diagram for explaining an overview of information processing according to one embodiment. FIG. 2 is a diagram illustrating a configuration example of an information processing system according to one embodiment. FIG. 3 is a diagram illustrating a configuration example of a visitor management server according to one embodiment. FIG. 4 is a diagram illustrating a configuration example of a face authentication server according to one embodiment. FIG. 5 is a diagram illustrating a configuration example of an entrance/exit management server according to one embodiment. FIG. 6 is a diagram illustrating an information processing procedure according to one embodiment. FIG. 7 is a diagram illustrating an information processing procedure according to a modification of one embodiment; FIG. 8 is a hardware configuration diagram showing an example of a computer that implements the functions of a visitor management server and a face authentication server.

Embodiments for implementing an information processing system, an information processing method, and a visitor management server according to the present application (hereinafter referred to as "embodiments") will be described in detail below with reference to the drawings. The information processing system, information processing method, and visitor management server according to the present application are not limited to this embodiment. In addition, in each of the following embodiments, the same reference numerals may be given to the same parts, and redundant explanations may be omitted.

(embodiment)
[1-1. Overview of information processing]
First, an overview of information processing according to an embodiment will be described with reference to FIG. FIG. 1 is a diagram for explaining an overview of information processing according to one embodiment. Information processing according to an embodiment may be implemented by an information processing system 1 (see FIG. 2). In the following, an example of entrance/exit management using face recognition in a certain facility will be described. Specifically, for example, a case will be described in which a visitor U1 registers face image data for face authentication and visitor information at the check-in terminal 10 installed at the entrance of the facility in managing entry and exit at a certain facility. . Note that, in the present disclosure, registration means storing data in various storage media, and may include storing data in a state that can be used in a post-process. Also, the visitor may be an example of a user of the information processing system 1 .

The check-in terminal 10 may accept input of information (visitor information) regarding the visitor U1 according to the operation of the visitor U1. The check-in terminal 10 may transmit the received visitor information to the visitor management server 100 . Also, the check-in terminal 10 may include an imaging unit. The imaging unit can capture an image including the face of the visitor U1. The imaging unit may transmit the captured image data to the visitor management server 100 . In the following description, image data including at least part of a face may be referred to as face image data.

The visitor management server 100 may register face image data acquired from the check-in terminal 10 . Also, the visitor management server 100 may transmit face image data to the face authentication server 200 . The face authentication server 200 may register face image data.

Also, the visitor management server 100 may register visitor information acquired from the check-in terminal 10 . Also, the visitor management server 100 may transmit visitor information to the entrance/exit management server 300 . The entrance/exit management server 300 may register visitor information.

The management terminal may acquire the visitor information and the face image data of the visitor U1 from the visitor management server 100 . The management terminal can display the acquired visitor information and the face image data of the visitor U1 on the screen. Here, the visitor U1 can, for example, borrow an IC card from a supervisor in the monitoring room, which is used to enter the facility or room. A supervisor in the monitoring room verifies the identity of the visitor U1 by, for example, collating the visitor information displayed on the screen of the management terminal and the face image data of the visitor U1 with the identification card of the visitor U1. It can be carried out. For example, the surveillance staff can lend an IC card for entering the building to the visitor U1 when the identity of the visitor is confirmed. The management client terminal may transmit information (IC card information) recorded in the IC card lent to the visitor U1 to the visitor management server 100 . The visitor management server 100 may transmit the IC card information to the entrance/exit management server 300 .

Here, the visitor U1 may enter or leave the facility through the entrance/exit gate. Entry/exit gates may have electronic locks. The electric lock, for example, is normally locked and may be controlled to unlock when a predetermined condition is met. That is, the visitor U1 can enter the facility through the entrance/exit gate whose electric lock is unlocked. The opening and closing of the entrance/exit gate may be controlled by the ID controller 31 . That is, the ID controller 31 may control unlocking and locking of an electric lock, for example.

A face authentication terminal 20-1 may be installed at the entrance gate. In the following description, when there is no need to distinguish between the face authentication terminals 20-1 and 20-2, they are collectively referred to as the face authentication terminal 20 by omitting the hyphen and the rest of the reference numerals.

The face authentication server 200 may transmit the face image data acquired from the visitor management server 100 to the face authentication terminal 20-1. The face authentication terminal 20-1 can photograph the face of the visitor U1 to obtain face image data. The face authentication terminal 20-1 may perform face authentication by comparing the photographed face image data of the visitor U1 with the face image data of the visitor U1 obtained from the face authentication server 200. FIG. The face authentication terminal 20-1 may transmit the face authentication result to the face authentication server 200. FIG. The face authentication server 200 may transmit the result of face authentication to the entrance/exit management server 300 . The entrance/exit management server 300 may transmit the authentication result of face authentication to the ID controller 31 .

Also, an ID controller 31-1 and a reader 32-1 may be installed at the entrance/exit gate. In the following description, when there is no need to distinguish the ID controllers 31-1 and 31-2 from each other, they are collectively referred to as the ID controller 31 by omitting the numbers after the hyphen. Further, in the following description, when there is no need to distinguish between the readers 32-1 and 32-2, they are generically referred to as the reader 32 by omitting the hyphen and the latter part of the reference numerals.

The entrance/exit management server 300 may transmit the IC card information acquired from the visitor management server 100 to the ID controller 31-1. The reader 32-1 may read IC card information from the IC card when the visitor U1 holds the IC card over the reader 32-1. The reader 32-1 may transmit the read IC card information to the ID controller 31-1. The ID controller 31-1 may compare the IC card information acquired from the reader 32-1 with the IC card information acquired from the entrance/exit management server 300 to perform card authentication. The ID controller 31 - 1 may transmit the authentication result of the card authentication to the entrance/exit management server 300 .

The ID controller 31-1 may control the opening and closing of the entrance/exit gate based on the authentication result of face authentication and the authentication result of card authentication. The ID controller 31-1 may, for example, open the entrance/exit gate when both face authentication and card authentication are successful. That is, in this case, the ID controller 31-1 may, for example, unlock the electric lock. For example, when at least one of face authentication and card authentication fails, the ID controller 31-1 may keep the entrance/exit gate closed. That is, in this case, the ID controller 31-1 may keep the electric lock locked, for example.

Even when the visitor U1 enters a predetermined room in the facility that is locked with an electric lock (for example, an equipment room that handles customer information, etc.), the visitor U1 must perform face authentication and card authentication in the same manner as at the entrance/exit gate. you can go That is, the ID controller 31-2 may control the opening and closing of the door of the room in the facility based on the authentication result of the face authentication and the authentication result of the card authentication. The ID controller 31-2 may, for example, unlock the electric lock of the room door in the facility when both the face authentication and the card authentication are successful. Also, if at least one of face authentication and card authentication fails, the electric lock may remain locked.

[1-2. Configuration example of information processing system]
Next, the configuration of the information processing system according to one embodiment will be described using FIG. FIG. 2 is a diagram illustrating a configuration example of an information processing system according to one embodiment.

Here, in a certain facility, for example, an area where free entry should be restricted from the viewpoint of security may be physically restricted by any method. For example, in a facility, visitor entry and exit may be restricted by an entry and exit gate. The entrance/exit gate may be locked by an electric lock, for example. Also, for example, in a certain facility, entry and exit of a visitor's room may be restricted by a locked door or the like. The door may be locked, for example, by an electric lock. A visitor can cancel entry/exit restrictions imposed by an entrance/exit gate, a room door, or the like by successfully performing predetermined authentication using the information processing system according to one embodiment. In other words, the information processing system according to one embodiment may be a system for releasing entry restrictions in an area where entry is restricted in a certain facility by predetermined authentication. Note that the entry/exit gate, the locked door, and the like may be an example of the restriction device.

An information processing system 1 according to one embodiment may include a visitor management system (CMS: Customer Management System) 1A, a face authentication system 1B, and an entrance/exit management system 1C. Note that each device constituting the information processing system 1 may be appropriately connected by wire or wirelessly so as to be able to execute information processing according to one embodiment.

(Visitor management system 1A)
The visitor management system 1A may manage information about visitors (visitor information). The visitor management system 1A may include a check-in terminal 10, a registration terminal, a visitor management server 100, a public server 100A, and a management terminal.

The check-in terminal 10 can acquire visitor information and face image data of the visitor. The check-in terminal 10 may include an input unit and an imaging unit. Note that the input unit and the imaging unit may be built in the check-in terminal. That is, the check-in terminal 10 may be realized by an integrated device having the functions of the input section and the imaging section. Also, the input unit and the imaging unit may be implemented by independent devices. That is, the check-in terminal 10 may be realized by combining a plurality of devices.

The input unit can receive input of visitor information in accordance with the input operation of the visitor. The input unit can transmit the entered visitor information to the visitor management server 100 . The input unit may be implemented by any input means such as a keyboard, mouse, touch panel, or the like. The visitor information may include, for example, information such as the visitor's name, affiliated company, visit purpose, length of stay, and visitor's mobile phone number. Note that the input unit is not particularly limited to the above example as long as it can receive input of visitor information. Also, the visitor information is not particularly limited to the above examples as long as it is information that identifies a visitor.

The image capturing unit can capture a face image of the visitor. When the imaging unit captures the face image of the visitor, the captured face image data can be output to the registration terminal. The input unit can transmit the acquired face image data of the visitor to the visitor management server 100 when the face image data of the visitor is acquired from the imaging unit. The imaging unit may be implemented by any means capable of acquiring an image, such as a camera.

The registration terminal may be an information processing device used by the person in charge of receiving the visitor. The registration terminal can accept input of visitor information according to the operation of the person in charge. The registration terminal can transmit the received visitor information to the visitor management server 100 . The registration terminal may be implemented by, for example, a personal computer, tablet, smartphone, or the like. The visitor information input to the registration terminal may be the same information as the visitor information that can be input to the check-in terminal 10 . The visitor information input to the registration terminal may further include, for example, information such as the date and time of the visitor's visit, the room in which the meeting is to be held with the visitor, and the details of the schedule with the visitor. Note that the person in charge may be an example of a user of the information processing system 1 .

The visitor management server 100 may be an information processing device that manages information about visitors. The visitor management server 100 can acquire visitor information and face image data of the visitor from the check-in terminal 10 . Here, the visitor management server 100 may configure a database in which various information is registered as a main DB. The main DB may include visitor's face image data. That is, the visitor management server 100 may register, for example, face image data of the visitor in the main DB. The visitor management server 100 may transmit face image data of the visitor to the face authentication server 200 . Note that the main DB may be implemented by the storage unit 120, which will be described later.

Also, the visitor management server 100 can acquire visitor information from the registration terminal. The visitor management server 100 may register visitor information acquired from the check-in terminal 10 or the registration terminal in the main DB. The visitor management server 100 can transmit the acquired visitor information (for example, a visit schedule of the visitor) to the entrance/exit management server 300 .

The visitor management server 100 determines whether or not the image data acquired from the check-in terminal 10 can be used as image data (image data for face authentication) for use in face authentication processing by a face authentication system. good. The visitor management server 100 may, for example, determine whether or not a predetermined condition to be satisfied as image data for face authentication is satisfied. The visitor management server 100 may transmit the face image data to the face authentication server 200 when the face image data satisfies a predetermined condition. Also, the visitor management server 100 may transmit visitor information to the face authentication server 200 and the entrance/exit management server 300 . The visitor management server 100 may register face image data that satisfies a predetermined condition in the main DB. For example, the visitor management server 100 may hold face image data that satisfies a predetermined condition among the face image data acquired from the check-in terminal 10 . Further, the visitor management server 100 may delete, from the memory or the like, face image data that does not satisfy a predetermined condition among the face image data acquired from the check-in terminal 10, for example.

The visitor management server 100 may issue information for identifying a visitor as a visitor ID. The visitor ID may be composed of, for example, numbers, letters, or a combination thereof. The visitor management server 100 may associate visitor information with visitor IDs and register them in the main DB. Specifically, the visitor management server 100 may associate the visitor's mobile phone number with the visitor ID and register them in the main DB, for example. Also, the visitor management server 100 may transmit the visitor ID to the face authentication server 200 and the entrance/exit management server 300 . That is, the visitor ID may be used in the face authentication server 200 and entrance/exit management server 300 . That is, the visitor ID may be information shared by the three servers.

The public server 100A may be an information processing device that publishes information held by the visitor management server 100 on the Web. That is, the user of the information processing system 1 can grasp the information about the visitor from the published information. The public server 100A may publish information on, for example, a dedicated site. Note that the public server 100A may be configured so that only a person with predetermined authority can view information. That is, information about visitors may be viewable only by those with predetermined authority.

The management terminal may be a device for verifying the identity of the visitor. The management terminal may have a screen on which information can be displayed. The management terminal may be implemented by, for example, a personal computer, tablet, smartphone, or the like. The management terminal may, for example, display the visitor information and the visitor's face image data acquired from the visitor management server 100 on the screen.

Here, the management terminal may be, for example, an information processing device used by a supervisor in the monitoring room. The monitor can verify the identity of the visitor by, for example, collating the visitor information and face image data of the visitor displayed on the screen of the management terminal with the visitor's identification card or the like. The warden may, for example, provide entry/exit items to the visitor upon successful identification. The entry/exit item may be, for example, any medium on which information (item authentication information) for canceling entry/exit restrictions imposed by an entry/exit gate or the like is recorded. The entry/exit item may be, for example, an IC card, an RFID tag, a piece of paper with a QR code (registered trademark), or the like.

Also, the management terminal may be, for example, an information processing device capable of unattended identity verification. Although not shown, the management terminal may have an imaging unit capable of capturing, for example, an identification card with a face photo of the visitor. The management terminal may verify the identity of the visitor by collating the visitor information and face image data of the visitor with the visitor's identification card or the like. The management terminal may provide the visitor with entry/exit items, for example, when the identity can be verified. The management terminal may, for example, send a QR code or the like as an entry/exit item to the user's terminal device by e-mail.

(Face authentication system 1B)
The face authentication system 1B may perform face authentication of visitors. The face authentication system 1B may include a face authentication terminal 20, a face authentication server 200, and a management terminal.

The face authentication terminal 20 may perform face authentication based on face image data. The face authentication terminal 20 may be installed at any place where face authentication is required. The face authentication terminal 20 may be installed, for example, at an entrance/exit gate, a door of a locked room, or the like. The face authentication terminal 20 may be realized by an imaging unit capable of imaging a visitor's face and a display unit capable of displaying information. The imaging unit may be realized by a camera or the like. The display may be realized by any device having a screen. The imaging unit and display unit may be built in the face authentication terminal 20 . The face authentication terminal 20 may be realized by, for example, an integrated device having an input unit and a display unit, such as a smartphone or tablet. Also, the imaging unit and the display unit may be implemented by separate devices. That is, the face authentication terminal 20 may be implemented by a combination of multiple devices.

The face authentication server 200 may be an information processing device that manages information used for visitor face authentication. The face authentication server 200 may acquire the visitor's face image data from the visitor management server 100 . Also, the face authentication server 200 may acquire a visitor ID from the visitor management server 100 . The face authentication server 200 may acquire visitor information from the visitor management server 100 .

The face authentication server 200 may configure a database in which various information is registered as a face authentication DB. The face authentication server 200 may register the face image data acquired from the visitor management server 100 in the face authentication DB. Also, the face authentication server 200 may register the visitor ID acquired from the visitor management server 100 in the face authentication DB. Also, the face authentication server 200 may register the visitor information acquired from the visitor management server 100 in the face authentication DB. The face authentication server 200 may associate visitor IDs, face image data, and visitor information and register them in the face authentication DB. Note that the face authentication DB may be implemented by the storage unit 220, which will be described later.

The face authentication server 200 may transmit face image data to the face authentication terminal 20 . The face authentication server 200 may refer to the visitor information to determine the face authentication terminal 20 to which the face image data is to be transmitted. For example, when there are a plurality of entrance/exit gates, the face authentication server 200 refers to the visitor information and transmits face image data only to the face authentication terminals 20 installed at the entrance/exit gates through which the visitor may pass. may be sent. Further, for example, when there are multiple rooms that are locked with electric locks in the facility, the face authentication server 200 refers to the visitor information and connects the face authentication terminal 20 installed at the door of the room used by the visitor. Only face image data may be transmitted. In other words, the visitor may obtain the success determination of face authentication at the face authentication terminal 20 to which the face image data was transmitted. Also, the visitor may obtain a face authentication failure determination at the face authentication terminal 20 to which face image data has not been transmitted.

The face authentication server 200 may issue information for identifying the visitor in the face authentication system 1B as a face authentication ID. The face authentication ID may be composed of, for example, numbers, letters, or a combination thereof. The face authentication server 200 may associate face authentication image data, visitor ID, visitor information and face authentication ID and register them in the face authentication DB. That is, the face authentication DB may be, for example, a database in which face image data, visitor IDs, visitor information, and face authentication IDs are linked. Note that the face authentication server 200 may transmit the ID for face authentication to the visitor management server 100 . In this case, the visitor management server 100 may register visitor IDs associated with face authentication IDs in the main DB.

Here, face authentication processing in the face authentication system 1B will be described. Specifically, the face authentication terminal 20 can perform face authentication of the visitor based on the face image data. For example, the face authentication terminal 20 may perform face authentication by comparing the face image data of the visitor acquired by the imaging unit with the face image data acquired from the face authentication server 200 . The face authentication terminal 20 may perform face authentication when the face authentication terminal 20 acquires the visitor's face image data. Specifically, the face authentication terminal 20 may perform face authentication of the visitor when the visitor stands in front of the face authentication terminal 20, for example.

The face authentication terminal 20 may perform face authentication of the visitor, for example, based on image data that satisfies a predetermined condition to be used for face authentication (hereinafter also referred to as image data for face authentication). The face authentication terminal 20 may acquire image data for face authentication from the face authentication server 200, for example. Although not shown, the face authentication terminal 20 may store the acquired image data for face authentication in various storage devices such as a volatile memory or a non-volatile memory of the face authentication terminal 20, for example. The face authentication terminal 20 may perform face authentication by, for example, comparing the face image data of the visitor captured by the imaging unit of the face authentication terminal 20 with the image data for face authentication. For example, the face authentication terminal 20 may calculate a score (hereinafter also referred to as an authentication score) that indicates the matching degree of facial feature points included in both image data based on both image data.

For example, when the authentication score exceeds a predetermined threshold, the face authentication terminal 20 determines whether the face included in the face image data captured by the face authentication terminal 20 and the face included in the face authentication image data are of the same person. It can be determined that there is That is, in this case, the face authentication terminal 20 may determine that the face authentication is successful. On the other hand, when the authentication score is equal to or less than a predetermined threshold, the face authentication terminal 20 detects that the face included in the face image data captured by the face authentication terminal 20 and the face included in the face authentication image data are of the same person. It can be determined that it is not That is, in this case, the face authentication terminal 20 may determine that face authentication has failed. The face authentication terminal 20 may transmit the face authentication result to the face authentication server 200 . The face authentication server 200 may transmit the result of face authentication to the entrance/exit management server 300 . The face authentication server 200 may transmit the face authentication result to a terminal device such as a smartphone used by the visitor. The face authentication terminal 20 may display the success or failure of face authentication on the display unit.

The management terminal may be a device for verifying the identity of the visitor. The management terminal may have a screen on which information can be displayed. The management terminal may be implemented by, for example, a personal computer, tablet, smartphone, or the like. The management terminal can acquire the authentication result of face authentication from the face authentication server 200 . The management terminal can display the authentication result of face authentication on the screen. For example, the observer can confirm the authentication result of face authentication displayed on the management terminal. The management terminal of the face authentication system 1B may be the same device as the management terminal of the visitor management system 1A. Also, the management terminal of the face authentication system 1B may be a device different from the management terminal of the visitor management system 1A.

(Entrance control system 1C)
The entrance/exit management system 1C may control access restrictions in areas where access is restricted in a certain facility. The entry/exit management system 1C may manage entry/exit of visitors in a certain facility, for example. In addition, the entry/exit management system 1C may manage entry/exit of a visitor in a room in a certain facility, for example. The entrance/exit management system 1</b>C may include an entrance/exit management server 300 , a reader 32 , and an ID controller 31 .

The entrance/exit management server 300 may be an information processing device that manages information used for entrance/exit of visitors. The entrance/exit management server 300 may acquire visitor information from the visitor management server 100 . Also, the entrance/exit management server 300 may acquire a visitor ID from the visitor management server 100 . Further, the entrance/exit management server 300 may acquire item authentication information recorded in the entrance/exit item provided to the visitor from the visitor management server 100 .

The entrance/exit management server 300 may configure a database in which various information is registered as an entrance/exit management DB. The entrance/exit management server 300 may register, for example, a visitor ID, visitor information, and item authentication information in the entrance/exit management DB. For example, the entrance/exit management server 300 may associate the visitor ID, the visitor information, and the item authentication information with each other and register them in the entrance/exit management DB. The entrance/exit management DB may be implemented by the storage unit 320, which will be described later.

When registering the visitor ID, the entrance/exit management server 300 may issue information for identifying the visitor in the entrance/exit management system 1C as the entrance/exit ID. The entrance/exit ID may be composed of, for example, numbers, letters, or a combination thereof. For example, the entrance/exit management server 300 may associate visitor information, a visitor ID, and an entrance/exit ID and register them in the entrance/exit management DB. That is, the entrance/exit management DB may be a database in which visitor information, visitor IDs, and entrance/exit IDs are associated with each other, for example. Further, the entrance/exit management server 300 may further associate item authentication information with these items and register them in the entrance/exit management DB, for example. That is, the entrance/exit management DB may be a database in which, for example, visitor information, visitor IDs, entrance/exit IDs, and item authentication information are linked. The entrance/exit management server 300 may transmit the entrance/exit ID to the visitor management server 100 . In this case, the visitor management server 100 may associate the visitor ID and the entrance/exit ID with each other and register them in the main DB. Also, the visitor management server 100 may associate face image data, visitor ID, face authentication ID, entrance/exit ID, and item authentication information in arbitrary combinations and register them in the main DB.

The entrance/exit management server 300 may transmit item authentication information to the ID controller 31, for example. In addition, the entrance/exit management server 300 may transmit, for example, the item authentication information and the visitor ID linked to the item authentication information to the ID controller 31 . Also, the entrance/exit management server 300 may transmit, for example, the authentication result of face authentication by a face authentication system to the ID controller 31 . For example, the entrance/exit management server 300 may transmit to the ID controller 31 a visitor ID associated with a visitor who has undergone face authentication together with the result of the face authentication. The entrance/exit management server 300 may refer to the visitor information to determine the ID controller 31 that transmits the item authentication information, the result of face authentication, and the visitor ID. For example, when there are a plurality of entrance/exit gates, the entrance/exit management server 300 refers to the visitor information and stores item authentication information only in the ID controllers 31 installed at the entrance/exit gates through which visitors may pass. can be sent. In addition, for example, when there are multiple rooms that are locked with electric locks in the facility, the entry/exit management server 300 refers to the visitor information and connects the ID controller 31 installed at the door of the room used by the visitor. You may only send item authentication information, etc. In other words, the visitor may obtain the success determination of the item authentication in the ID controller 31 to which the item authentication information and the like are transmitted. Also, the visitor may obtain a face authentication failure determination in the ID controller 31 to which the item authentication information and the like have not been transmitted.

The reader 32 may be an information processing device that reads information recorded in the entry/exit item provided to the visitor. A case where an IC card is used as an entry/exit item will be described below as an example. It should be noted that the same processing as in the case of using the IC card may be executed for other entry/exit items.

The reader 32 may read the item authentication information from the entrance/exit item. The reader 32 may read, for example, item authentication information (IC card information) recorded on an IC card provided to the visitor. The reader 32 may transmit the read IC card information to the ID controller 31 . Reader 32 may be implemented by conventionally known technology.

The ID controller 31 may be a device that controls entrance/exit restrictions at an entrance/exit gate, a door of a room in a facility, or the like. The ID controller 31 may be, for example, a control device that controls the opening and closing of electric locks installed at entrance/exit gates and room doors. The ID controller 31 may be an example of a controller.

The ID controller 31 may acquire, for example, the item authentication information and the visitor ID linked to the item authentication information from the entrance/exit management server 300 . Also, the ID controller 31 may acquire the authentication result of the visitor's face authentication by the face authentication system 1B from the entrance/exit management server 300, for example. The ID controller 31 may acquire, for example, from the entry/exit management server 300 the authentication result of the visitor's face authentication and the visitor ID associated with the visitor whose face has been authenticated. Note that the ID controller 31 may directly access the face authentication system 1B to obtain the result of face authentication and the visitor ID. For example, the ID controller 31 may acquire the authentication result of face authentication and the visitor ID linked to the authentication result of face authentication from the face authentication server 200 .

Based on the item authentication information acquired from the reader 32, the ID controller 31 may perform visitor authentication (item authentication) using entry/exit items. For example, the ID controller 31 may perform item authentication by comparing the item authentication information acquired from the reader 32 and the item authentication information acquired from the entrance/exit management server 300 . The ID controller 31 may identify the visitor ID of the visitor who performed the item authentication based on the item authentication. For example, the ID controller 31 may specify a visitor ID linked to the item authentication information.

The ID controller 31 may control visitor entry/exit restrictions based on the authentication result of face authentication (first authentication result) and the authentication result of item authentication (second authentication result). The ID controller 31 may control visitor entry/exit restrictions based on, for example, a first authentication result and a second authentication result having a common visitor ID. That is, the ID controller 31 may control visitor entry/exit restrictions based on the first and second authentication results of the visitor identified by the same visitor ID. For example, when the first authentication result is successful and the second authentication result is successful, the ID controller 31 may cancel the visitor's entrance/exit restriction. The ID controller 31 may unlock the electric lock, for example, when the first authentication result is successful and the second authentication result is successful. Further, the ID controller 31 does not need to release the visitor entry/exit restriction when at least one of the first authentication result and the second authentication result is unsuccessful. For example, when at least one of the first authentication result and the second authentication result is a failure, the ID controller 31 may keep the electric lock locked.

In the above example, an electric lock is used to restrict entry and exit of visitors, but the means for restricting entry and exit is not limited to this. That is, the ID controller 31 may control any means for restricting entry and exit of visitors. For example, when the entrance/exit gate is a so-called flapper gate, the ID controller 31 may control the opening and closing of the flapper of the flapper gate. That is, the ID controller 31 may control the flapper to be opened, for example, when both the authentication result of the item authentication and the authentication result of the face authentication are successful. In addition, the ID controller 31 may control the flapper to remain closed, for example, when both the authentication result of the item authentication and the authentication result of the face authentication are unsuccessful. Further, for example, when the entrance/exit gate is a so-called automatic door, the ID controller 31 may control opening and closing of the door. That is, the ID controller 31 may control the door to be opened, for example, when both the authentication result of the item authentication and the authentication result of the face authentication are successful. Further, the ID controller 31 may control the door to remain closed when, for example, either the authentication result of the item authentication or the authentication result of the face authentication is unsuccessful. Further, for example, when the entrance/exit gate is a so-called turnstile gate, the ID controller 31 may control the rotation of the bar. That is, the ID controller 31 may control the bar to rotate when, for example, both the authentication result of the item authentication and the authentication result of the face authentication are successful. Further, the ID controller 31 may control the bar not to rotate when, for example, either the authentication result of the item authentication or the authentication result of the face authentication is unsuccessful.

In the above description, the entrance/exit management system 1C manages entrance/exit of visitors by face authentication and item authentication, but the method of entrance/exit management by the entrance/exit management system 1C is not limited to this. For example, the entrance/exit management system 1C may manage entrance/exit of visitors only by face recognition. That is, the ID controller 31 may manage the entry and exit of visitors to the entrance/exit gate and predetermined rooms in the facility based only on the first authentication result. Specifically, for example, when the first authentication result is successful, the ID controller 31 controls the entrance/exit gate and the door of the room so that the visitor can enter and leave the facility or a predetermined room. you can In addition to facial recognition, the entrance/exit management system 1C may manage visitor entrance/exit at an entrance/exit gate or a predetermined room in the facility by a method other than the IC card, for example.

As described above, the information processing system 1 according to one embodiment may include the visitor management server 100 , the face authentication server 200 and the entry/exit management server 300 . The visitor management server 100, the face authentication server 200, and the entrance/exit management server 300 may be communicatively connected by wire or wirelessly via a predetermined network. The information processing system 1 shown in FIG. 2 may include an arbitrary number of visitor management servers 100, an arbitrary number of face authentication servers 200, and an arbitrary number of entrance/exit management servers 300. FIG.

[1-3. Configuration example of visitor management server]
Next, the configuration of the visitor management server according to one embodiment will be described with reference to FIG. FIG. 3 is a diagram illustrating a configuration example of a visitor management server according to one embodiment. The visitor management server 100 according to one embodiment may have a communication unit 110 , a storage unit 120 and a control unit 130 . The visitor management server 100 may have an input unit for receiving various operations from the administrator of the visitor management server 100 or the like. The input unit may be implemented by, for example, a keyboard, mouse, touch panel, or the like.

(Communication unit 110)
Communication unit 110 can transmit and receive various information to and from other devices. The communication unit 110 may transmit and receive information with, for example, the check-in terminal 10, a visitor's terminal device, the face authentication server 200, and the entrance/exit management server 300. FIG. The communication unit 110 may be connected to another device by wire or wirelessly. The communication unit 110 may be realized by, for example, a NIC (Network Interface Card) or the like. That is, the communication unit 110 may transmit/receive information to/from another device via the network.

(storage unit 120)
The storage unit 120 can store various information. The storage unit 120 may be realized by, for example, a semiconductor memory device such as a RAM (Random Access Memory) or a flash memory, or a storage device such as a hard disk or an optical disc. The storage unit 120 may store various programs. Various programs stored in the storage unit 120 may be examples of information processing programs.

(control unit 130)
The control unit 130 can control various processes executed in the visitor management server 100 . That is, the control unit 130 may be a controller of the visitor management server 100 . The control unit 130 may be configured by, for example, a CPU (Central Processing Unit), an MPU (Micro Processing Unit), or the like. For example, the control unit 130 may execute various programs stored in the visitor management server 100 using the RAM as a work area. Control unit 130 may execute, for example, an information processing program. Also, the control unit 130 may be realized by an integrated circuit such as an ASIC (Application Specific Integrated Circuit) or an FPGA (Field Programmable Gate Array).

Control unit 130 may include acquisition unit 131 , determination unit 132 , determination request unit 133 , reception unit 134 , reacquisition request unit 135 , and registration processing unit 136 . The control unit 130 can, for example, implement or execute the information processing operation described below. Note that the internal configuration of the control unit 130 is not limited to the configuration shown in FIG. 3, and may be another configuration as long as it performs information processing described later.

(Acquisition unit 131)
The acquisition unit 131 can acquire face image data used for face authentication of a visitor. Specifically, the acquiring unit 131 can acquire, from the check-in terminal 10, face image data of the visitor captured by the imaging unit of the check-in terminal 10, for example.

The acquisition unit 131 can also acquire visitor information. Specifically, the acquiring unit 131 can acquire, from the check-in terminal 10, visitor information input to the check-in terminal 10 by the visitor, for example. For example, the acquisition unit 131 can acquire personal information of a visitor as an example of visitor information. For example, the acquisition unit 131 can acquire the visitor's name and information about the place of work (information about the affiliation if the visitor is an employee) as an example of the visitor's personal information. Further, the acquisition unit 131 can acquire visitor information input to the registration terminal by the person in charge of accepting the visitor from the registration terminal. For example, as an example of visitor information, the acquisition unit 131 can acquire admission information such as the date and time of visit and purpose of visit by the visitor.

(Determination unit 132)
The determination unit 132 can determine whether or not the face image data is image data that can be used for face authentication. The determination unit 132 can determine, for example, whether the face image data acquired by the acquisition unit 131 satisfies a predetermined condition to be satisfied as face image data used for face authentication by a face authentication system. In the following description, a predetermined condition that the face image data acquired by the visitor management server 100 should satisfy as image data for face authentication may be referred to as a first condition.

The determination unit 132 may determine, for example, whether or not the shooting date of the face image data was taken within a predetermined period. The determination unit 132 can determine that the face image data satisfies the first condition when determining that the shooting date of the face image data is within the predetermined period. On the other hand, when determining that the shooting date of the face image data is not within the predetermined period, the determination unit 132 can determine that the face image data does not satisfy the first condition. The predetermined period may be any period during which the visitor's face can be authenticated using the face image data. Any period may be set as the predetermined period, for example, the past three months, six months, one year, or two years.

Also, the determination unit 132 may determine, for example, whether or not the file format of the face image data is a specific file format compatible with face authentication by a face authentication system. When determining that the file format of the face image data is the specific file format, the determination unit 132 can determine that the face image data satisfies the first condition. On the other hand, when determining that the file format of the face image data is not the specific file format, the determination unit 132 can determine that the face image data does not satisfy the first condition. It should be noted that the determination unit 132 may convert the file format of the face image data into the specific file format when determining that the file format of the face image data is not the specific file format. A specific file format is not particularly limited as long as it is a format that can be used for face authentication. The file format may be, for example, JPEG format, PNG format, TIFF format, or the like.

(Determination request unit 133)
The determination requesting unit 133 may request the face authentication server 200 to determine whether or not the first registered image data further satisfies a predetermined condition. For example, the determination requesting unit 133 may request the face authentication server 200 to determine whether or not the first registered image data further satisfies a predetermined condition to be satisfied as image data for face authentication. Specifically, for example, the determination requesting unit 133 sends a determination request to the face authentication server 200 to request the face authentication server 200 to determine whether the first registered image data further satisfies a predetermined condition. can be sent. The determination requesting unit 133 may transmit a determination request to the face authentication server 200 together with the first registered image data. In the following description, a predetermined condition that the first registered image data should further satisfy as face authentication image data may be referred to as a second condition.

(Receiver 134)
The receiving unit 134 can receive from the face authentication server 200 the determination result regarding whether or not the first registered image data satisfies the second condition. Specifically, for example, when the face authentication server 200 determines that the first registered image data does not satisfy the second condition, the receiving unit 134 notifies that the first registered image data does not satisfy the second condition. The information shown may be received from the face authentication server 200 . Alternatively, when the face authentication server 200 determines that the first registered image data satisfies the second condition, the reception unit 134 transmits information indicating that the first registered image data satisfies the second condition to the face authentication server 200 . can be received from

(Reacquisition request unit 135)
The reacquisition request unit 135 can request the visitor to reacquire the face image data used for face authentication of the visitor. Specifically, when the determination unit 132 determines that the face image data does not satisfy the first condition, the reacquisition request unit 135 requests the visitor to reacquire the face image data used for face authentication of the visitor. can be requested against. For example, the reacquisition request unit 135 can transmit to the check-in terminal 10 information prompting the visitor to reacquire the face image data. Note that reacquisition may include the visitor acquiring face image data and uploading it to the visitor management server 100 again.

Further, when the face authentication server 200 determines that the first registered image data does not satisfy the second condition, the reacquisition request unit 135 requests reacquisition of the face image data used for face authentication of the visitor. can be requested from the person. Specifically, when the receiving unit 134 receives the determination result that the first registered image data does not satisfy the second condition, the re-acquisition request unit 135 re-acquisition request unit 135 re-acquisition of the face image data used for face authentication of the visitor. Acquisition can be requested from the visitor. For example, when the reacquisition request unit 135 receives from the face authentication server 200 a determination result indicating that the first registered image data does not satisfy the second condition, the reacquisition request unit 135 may recognize the registration of the face image data as an error. Subsequently, the reacquisition request unit 135 may transmit to the check-in terminal 10 information prompting the visitor to reacquire the face image data used for face authentication of the visitor.

(Registration processing unit 136)
The registration processing unit 136 can execute registration processing of face image data. For example, the registration processing unit 136 may perform registration processing of face image data determined by the determination unit 132 to satisfy the first condition. Specifically, the registration processing unit 136 may cause the storage unit 120 to store face image data determined by the determination unit 132 to satisfy the first condition, for example. That is, the registration processing unit 136 may register, for example, face image data that satisfies the first condition among the face image data acquired from the check-in terminal 10 in the main DB. Also, for example, the registration processing unit 136 may not register face image data that does not satisfy the first condition in the main DB. For example, the registration processing unit 136 may delete face image data acquired from the check-in terminal 10 that does not satisfy the first condition from the memory of the visitor management server 100 or the like.

The face image data registered in the main DB by the registration processing unit 136 may be transmitted to the face authentication server 200 . Specifically, for example, the communication unit 110 may transmit face image data registered in the main DB to the face authentication server 200 . Note that, in the following description, face image data registered in the main DB may be referred to as first registered image data.

Also, the registration processing unit 136 may issue a visitor ID. The registration processing unit 136 may issue a visitor ID, for example, when information indicating that the first registered image data satisfies the second condition is received from the face authentication server 200 . Further, the registration processing unit 136 may register the visitor information and the visitor ID in the storage unit 120 in association with each other. The registration processing unit 136 may further register in the storage unit 120 the item authentication information of the entered/exited items provided to the visitor in association with them.

Further, the registration processing unit 136 may delete the first registered image data from the main DB when receiving information that the first registered image data satisfies the second condition from the face authentication server 200 . Specifically, the registration processing unit 136 may delete the first registered image data from the storage unit 120 when the first registered image data satisfies the second condition. That is, for example, when the face image data acquired by the check-in terminal 10 satisfies the first condition and the second condition and can be used as face authentication image data, the registration processing unit 136 registers the face image data as the visitor's face image data. It may be deleted from the memory of the management server 100 or the like.

[1-4. Configuration example of face authentication server]
Next, the configuration of the face authentication server according to one embodiment will be described using FIG. FIG. 4 is a diagram illustrating a configuration example of a face authentication server according to one embodiment. The face authentication server 200 according to one embodiment may have a communication unit 210 , a storage unit 220 and a control unit 230 . Note that the face authentication server 200 may have an input unit (for example, a keyboard, a mouse, etc.) that receives various operations from an administrator of the face authentication server 200 or the like.

(Communication unit 210)
Communication unit 210 can transmit and receive various information to and from other devices. The communication unit 210 can transmit and receive information to and from the visitor management server 100 and the entrance/exit management server 300, for example. The communication unit 210 may be connected to another device by wire or wirelessly. The communication unit 210 may be implemented by, for example, a NIC. That is, the communication unit 210 may transmit and receive information to and from other devices via the Internet.

(storage unit 220)
The storage unit 220 can store various information. The storage unit 220 may be realized by, for example, a semiconductor memory device such as a RAM or flash memory, or a storage device such as a hard disk or an optical disk. The storage unit 220 may store, for example, various programs executed in the face authentication server. Various programs may be an example of an information processing program.

(control unit 230)
The control unit 230 can control various processes performed by the face authentication server 200 . That is, the controller 230 may be the controller of the face authentication server 200 . The control unit 230 may be configured by, for example, a CPU, an MPU, or the like. For example, the control unit 230 may execute various programs (corresponding to an example of an information processing program) stored in a storage device inside the face authentication server 200 using the RAM as a work area. Also, the control unit 230 may be implemented by an integrated circuit such as an ASIC or FPGA, for example.

The control unit 230 may have an acquisition unit 231 , a determination unit 232 , a transmission unit 233 , a registration processing unit 234 and a face authentication unit 235 . The control unit 230 can, for example, implement or execute the information processing operation described below. Note that the internal configuration of the control unit 230 is not limited to the configuration shown in FIG. 4, and may be another configuration as long as it performs information processing to be described later.

(Acquisition unit 231)
The acquisition unit 231 can acquire the first registered image data from the visitor management server 100 . Subsequently, the acquisition unit 231 can register the acquired first registered image data in the storage unit 220 .

(Determination unit 232)
The determination unit 232 can determine whether or not the first registered image data is image data that can be used for face authentication of the visitor. The determination unit 232 can determine, for example, whether or not the first registered image data further satisfies a predetermined condition to be satisfied as image data for face authentication. The determination unit 232 may execute the determination process, for example, when the first registered image data is acquired from the visitor management server 100 . Specifically, for example, the determination unit 232 may execute determination processing when a determination request is acquired together with the first registered image data from the visitor management server 100 . In the following description, a predetermined condition that the first registered image data should satisfy as face authentication image data may be referred to as a second condition.

For example, the determination unit 232 may determine whether or not the number of faces included in the first registered image data is one. When determining that the number of faces included in the first registered image data is one, the determination unit 232 may determine that the first registered image data satisfies the second condition. On the other hand, when determining that the number of faces included in the first registered image data is not one, the determination unit 232 may determine that the first registered image data does not satisfy the second condition. That is, for example, when the first registered image data is image data including a plurality of human faces, such as a group photo or a photo in which other people are reflected, the determination unit 232 determines that the image data cannot be used as image data for face authentication. You can judge.

Also, the determination unit 232 may determine, for example, whether or not the size of the first registered image data exceeds a predetermined threshold. When determining that the size of the first registered image data exceeds the predetermined threshold, the determination unit 232 may determine that the first registered image data satisfies the second condition. On the other hand, when determining that the size of the first registered image data is equal to or smaller than the predetermined threshold, the determination unit 232 may determine that the first registered image data does not satisfy the second condition.

Further, the determination unit 232 may determine, for example, whether or not the number of facial feature points included in the first registered image data exceeds a predetermined threshold. When determining that the number of facial feature points included in the first registered image data exceeds a predetermined threshold value, the determination unit 232 may determine that the first registered image data satisfies the second condition. On the other hand, if the determination unit 232 determines that the number of facial feature points included in the first registered image data is equal to or less than the predetermined threshold, it may determine that the first registered image data does not satisfy the second condition. . Facial feature points may include, for example, the distance between the eyes, the swelling of the cheeks, the shape of the nose, the height of the nose, and the like. Note that the feature points of the face are not limited to these examples as long as they are features that can be recognized by the determination unit 232 .

Also, the determination unit 232 may determine, for example, whether or not the resolution of the face included in the first registered image data exceeds a predetermined threshold. The determination unit 232 may determine that the first registered image data satisfies the second condition when determining that the resolution of the face included in the first registered image data exceeds a predetermined threshold. On the other hand, when determining that the resolution of the face included in the first registered image data is equal to or less than the predetermined threshold value, the determination unit 232 may determine that the first registered image data does not satisfy the second condition. Note that the predetermined threshold value is not particularly limited as long as it is a minimum numerical value required for determination of the second condition by the determination unit 232 . For example, the determination unit 232 may determine that the second condition is satisfied when the face resolution is 100 pixels or more.

Also, the determination unit 232 may determine, for example, whether or not the orientation of the face included in the first registered image data is appropriate. The face orientation pitch angle may be, for example, the angle of the face facing up and down with respect to the front. That is, the determination unit 232 may determine, for example, how far the face is oriented in the vertical direction. Specifically, the determination unit 232 may determine, for example, whether or not the pitch angle of the face orientation included in the first registered image data is equal to or less than the first threshold. The determining unit 232 may determine that the first registered image data satisfies the second condition when determining that the pitch angle of the face orientation included in the first registered image data is equal to or less than the first threshold. When determining that the pitch angle of the face orientation included in the first registered image data exceeds the first threshold, the determination unit 232 may determine that the first registered image data does not satisfy the second condition.

Also, the determination unit 232 may determine, for example, whether or not the yaw angle of the face orientation included in the first registered image data is equal to or less than the second threshold. The yaw angle of the orientation of the face may be, for example, the angle of the face facing in the horizontal direction with respect to the front. That is, the determination unit 232 may determine, for example, how far the face is facing in the horizontal direction. Specifically, for example, if the determining unit 232 determines that the yaw angle of the face orientation included in the first registered image data is equal to or less than the second threshold, the first registered image data satisfies the second condition. You can judge. When determining that the yaw angle of the face orientation included in the first registered image data exceeds the second threshold, the determination unit 232 may determine that the first registered image data does not satisfy the second condition.

Further, the determination unit 232 may determine, for example, whether or not the roll angle of the face orientation included in the first registered image data is equal to or less than the third threshold. The face roll angle may be, for example, the angle of the face obliquely tilted with respect to the front. That is, the determination unit 232 may determine, for example, how much the face is tilted in an oblique direction. The determining unit 232 may determine that the first registered image data satisfies the second condition when determining that the roll angle of the face orientation included in the first registered image data is equal to or less than the third threshold. The determination unit 232 may determine that the first registered image data does not satisfy the second condition when determining that the roll angle of the face orientation included in the first registered image data exceeds the third threshold.

Also, the determination unit 232 may determine, for example, whether or not the position of the face included in the first registered image data is located within a predetermined range from the central position of the image data. The determination unit 232 may determine that the first registered image data satisfies the second condition when determining that the position of the face included in the first registered image data is within a predetermined range from the center position of the image data. . On the other hand, if the determining unit 232 determines that the position of the face included in the first registered image data is not within the predetermined range from the center position of the image data, the first registered image data must satisfy the second condition. You can judge.

Further, the determination unit 232 may determine, for example, whether or not the ratio of the size of the face included in the first registered image data to the size of the first registered image data is within a predetermined range. Specifically, the determination unit 232 may determine, for example, whether the ratio of the number of face pixels included in the first registered image data to the number of pixels of the first registered image data is within a predetermined range. . If the determining unit 232 determines that the ratio of the size of the face included in the first registered image data to the size of the first registered image data is within a predetermined range, the first registered image data satisfies the second condition. It can be determined that it satisfies On the other hand, if the determining unit 232 determines that the ratio of the size of the face included in the first registered image data to the size of the first registered image data is not within the predetermined range, the first registered image data meets the second condition. may be determined not to be satisfied.

Also, the determination unit 232 may determine, for example, whether or not the aspect ratio of the first registered image data is appropriate. When determining that the aspect ratio of the first registered image data is appropriate, the determination unit 232 may determine that the first registered image data satisfies the second condition. On the other hand, when determining that the aspect ratio of the first registered image data is not appropriate, the determination unit 232 may determine that the first registered image data does not satisfy the second condition.

Also, the determination unit 232 may determine, for example, whether or not a part of the face included in the first registered image data is hidden. Specifically, the determination unit 232 determines whether, for example, hair is not covering a part of the face required for face authentication, the mouth and nose are not covered by a mask, the eyes are not covered by an eyepatch, sunglasses, or the like. It may be determined whether When determining that the part of the face included in the first registered image data is not hidden, the determination unit 232 may determine that the first registered image data satisfies the second condition. On the other hand, when determining that part of the face included in the first registered image data is hidden, the determination unit 232 may determine that the first registered image data does not satisfy the second condition. Note that the determination unit 232 may determine that the first registered image data satisfies the second condition if the part of the face necessary for face authentication is not hidden.

Also, the determination unit 232 may determine, for example, whether or not the brightness of the face included in the first registered image data exceeds a predetermined threshold. The determination unit 232 may determine that the first registered image data satisfies the second condition when determining that the brightness of the face included in the first registered image data exceeds a predetermined threshold. On the other hand, when determining that the brightness of the face included in the first registered image data is equal to or less than the predetermined threshold, the determination unit 232 may determine that the first registered image data does not satisfy the second condition.

Also, the determination unit 232 may determine, for example, whether or not the first registered image data is clear. Specifically, for example, the determination unit 232 determines whether the first registered image data is out of focus, or whether a part of the face necessary for face authentication is shiny (which may include blown-out highlights) and cannot be determined. whether the boundary between the background and the person can be distinguished, whether it is a black-and-white photograph, whether a shadow is reflected on the face, and the like. When determining that the first registered image data is clear, the determination unit 232 may determine that the first registered image data satisfies the second condition. On the other hand, when determining that the first registered image data is unclear (blurred), the determination unit 232 may determine that the first registered image data does not satisfy the second condition.

Further, the determination unit 232 can determine, for example, whether or not the degree of opening of the mouth of the face included in the first registered image data is equal to or less than a predetermined threshold. The determining unit 232 may determine that the first registered image data satisfies the second condition when determining that the openness of the mouth of the face included in the first registered image data is equal to or less than a predetermined threshold. On the other hand, the determination unit 232 may determine that the first registered image data does not satisfy the second condition when determining that the opening degree of the mouth of the face included in the first registered image data exceeds the predetermined threshold.

Also, the determination unit 232 may determine, for example, whether or not the entire face is included in the first registered image data. Specifically, the determination unit 232 may determine, for example, whether or not the first registered image data includes all facial feature points used for face authentication. When determining that the entire face fits in the first registered image data, the determination unit 232 may determine that the first registered image data satisfies the second condition. On the other hand, when determining that the entire face does not fit in the first registered image data, the determination unit 232 may determine that the first registered image data does not satisfy the second condition. Note that the first registered image data need not necessarily include the entire face as long as all feature points of the face used for face authentication are included.

Also, the determining unit 232 can determine, for example, whether or not the face included in the first registered image data can be recognized as a face. Specifically, the determination unit 232 may determine, for example, whether or not information on facial feature points used for face authentication can be acquired from the first registered image data. When determining that the face included in the first registered image data can be recognized as a face, the determination unit 232 may determine that the first registered image data satisfies the second condition. On the other hand, when determining that the face included in the first registered image data cannot be recognized as a face, the determination unit 232 may determine that the first registered image data does not satisfy the second condition.

(Sending unit 233)
The transmission unit 233 can transmit the determination result by the determination unit 232 to the visitor management server 100 . Specifically, when the determining unit 232 determines that the first registered image data does not satisfy the second condition, the transmitting unit 233 transmits information indicating that the first registered image data does not satisfy the second condition. It can be transmitted to the visitor management server 100 . On the other hand, when the determination unit 232 determines that the first registered image data satisfies the second condition, the transmission unit 233 transmits information to the visitor management server 100 to the effect that the first registered image data satisfies the second condition. can be sent.

(Registration processing unit 234)
The registration processing unit 234 can execute registration processing of face image data. For example, the registration processing unit 234 may perform registration processing of face image data determined by the determination unit 232 to satisfy the second condition. Specifically, the registration processing unit 234 may cause the storage unit 220 to store face image data determined by the determination unit 232 to satisfy the second condition, for example. That is, the registration processing unit 234 may register, in the face authentication DB, face image data that satisfies the second condition among the first registered image data acquired from the visitor management server 100, for example. Also, for example, the registration processing unit 234 may not register the first registered image data that does not satisfy the second condition in the face authentication DB. That is, the registration processing unit 234 may delete the first registered image data from the memory or the like when the first registered image data does not satisfy the second condition. In the following description, the first registered image data registered in the face authentication DB may be referred to as second registered image data. The second registered image data may be used as image data for face authentication of the visitor in the face authentication system 1B.

Also, the registration processing unit 234 may register the visitor ID acquired from the visitor management server 100 in the storage unit 220 . The registration processing unit 234 may associate the visitor ID and the second registered image data and register them in the storage unit 220, for example.

When the registration processing of the second registration image data is completed, the registration processing unit 234 may transmit information (registration completion information) indicating that the registration processing of the image data for face authentication has been completed to the visitor management server 100 . Also, the visitor management server 100 may transmit registration completion information to the check-in terminal 10 . The check-in terminal 10 may notify the visitor that the registration of the face authentication image data has been completed based on the registration completion information. For example, the check-in terminal 10 may display on the screen that the registration of the image data for face authentication has been completed.

In addition, in the above, the example which performs a face authentication process with the face authentication terminal 20 in the face authentication system 1B was demonstrated. However, face authentication processing may be performed in the face authentication server 200 . In this case, the face authentication server 200 may further include a face authentication unit (not shown) that performs face authentication processing. The face authentication unit may perform face authentication of the visitor, for example, based on face authentication image data. First, the face authentication unit may acquire from the face authentication terminal 20 the visitor's face image data acquired by the imaging unit of the face authentication terminal 20 . Subsequently, the face authentication unit may perform face authentication by comparing the face image data acquired from the face authentication terminal 20 and the image data for face authentication. The face authentication unit may calculate an authentication score, for example, based on both image data.

For example, when the authentication score exceeds a predetermined threshold, the face authentication unit confirms that the face included in the face image data captured by the face authentication terminal 20 and the face included in the face authentication image data are of the same person. can be determined. That is, in this case, the face authentication unit may determine that the face authentication is successful. On the other hand, when the authentication score is equal to or less than a predetermined threshold, the face authentication unit determines that the face included in the face image data captured by the face authentication terminal 20 and the face included in the face authentication image data are not of the same person. It can be determined that no That is, in this case, the face authentication unit may determine that face authentication has failed. The face authentication unit may transmit the result of face authentication to the entrance/exit management server 300 . The face authentication unit may transmit the authentication result of face authentication to the face authentication terminal 20 .

[1-5. Configuration example of entrance/exit management server]
Next, the configuration of the entrance/exit management server 300 according to one embodiment will be described with reference to FIG. FIG. 3 is a diagram showing a configuration example of the entrance/exit management server 300 according to one embodiment. The entrance/exit management server 300 according to one embodiment may have a communication unit 310 , a storage unit 320 , and a control unit 330 . The entrance/exit management server 300 may have an input unit that receives various operations from the administrator of the entrance/exit management server 300 or the like. The input unit may be implemented by, for example, a keyboard, mouse, touch panel, or the like.

(Communication unit 310)
Communication unit 310 can transmit and receive various information to and from other devices. The communication unit 310 may transmit and receive information to and from the visitor management server 100 and the face authentication server 200, for example. The communication unit 310 may be wired or wirelessly connected to another device. The communication unit 310 may be realized by, for example, a NIC (Network Interface Card) or the like. That is, the communication unit 310 may transmit and receive information to and from other devices via the Internet.

(storage unit 320)
The storage unit 320 can store various information. The storage unit 320 may be realized by, for example, a semiconductor memory device such as a RAM (Random Access Memory) or flash memory, or a storage device such as a hard disk or an optical disk. The storage unit 320 may store various programs. Various programs stored in the storage unit 320 may be examples of information processing programs. The storage unit 320 may store information recorded in the entry/exit items provided to the visitor.

(control unit 330)
The control unit 330 can control various processes executed in the entrance/exit management server 300 . That is, the control unit 330 may be a controller of the entrance/exit management server 300 . The control unit 330 may be configured by, for example, a CPU (Central Processing Unit), an MPU (Micro Processing Unit), or the like. For example, the control unit 330 may execute various programs stored in the entry/exit management server 300 using the RAM as a work area. The control unit 330 may execute an information processing program, for example. Also, the control unit 330 may be realized by an integrated circuit such as an ASIC (Application Specific Integrated Circuit) or an FPGA (Field Programmable Gate Array).

The control unit 330 may have an acquisition unit 331 and a reception unit 332 . The control unit 330 can, for example, realize or execute the information processing operation described below. Note that the internal configuration of the control unit 330 is not limited to the configuration shown in FIG. 5, and may be another configuration as long as it performs information processing to be described later.

(Acquisition unit 331)
The acquisition unit 331 can acquire visitor information and a visitor ID from the visitor management server 100 . The acquisition unit 331 can register visitor information and visitor IDs in the storage unit 320 . The acquisition unit 331 may register the visitor information in the storage unit 320 in association with the visitor ID.

Further, the acquisition unit 331 can acquire an authentication result of face authentication from the face authentication server 200 . The acquisition unit 331 may register the authentication result of face authentication in the storage unit 320 . Also, the acquisition unit 331 may transmit the authentication result of face authentication to the ID controller 31 .

(Receiver 332)
The receiving section 332 may receive various information from the ID controller 31 . The receiving unit 332 may receive a passage record from the ID controller 31, for example. The passage record may include, for example, the visitor ID of the visitor who authenticated the item, the time when the visitor authenticated the item, and other information. That is, the receiving unit 332 may receive, from the ID controller 31, information about a visitor who has passed through an entrance/exit gate and entered the facility, or a visitor who has entered a room. The receiving section 332 may register the passage record in the storage section 320 . The receiving unit 332 may associate the passage record and the visitor information and register them in the storage unit 320, for example. For example, the entrance/exit management server 300 notifies an alert to the management terminal via the visitor management server 100 when the stay time of the visitor specified by the visitor information exceeds the passage record. may In addition, for example, when the entrance/exit management server 300 performs item authentication in a room in which a visitor is not permitted to enter in light of the visitor information and the passage record, the management terminal may be notified of the alert.

[1-6. Information processing procedure]
Next, an outline of an information processing procedure according to one embodiment will be described with reference to FIG. FIG. 6 is a diagram illustrating an outline of an information processing procedure according to one embodiment.

The check-in terminal 10 may acquire visitor information and face image data of the visitor (step S101). The check-in terminal 10 may accept input of visitor information, for example, according to the visitor's operation. In addition, the check-in terminal 10 may acquire face image data by capturing a face image of the visitor by, for example, an imaging unit. The check-in terminal 10 may upload the acquired visitor information and the visitor's face image data to the visitor management server 100 (step S102).

The visitor management server 100 may acquire the visitor's face image data and visitor information from the check-in terminal 10 . The visitor management server 100 may determine whether the face image data acquired from the check-in terminal 10 satisfies the first condition (step S103).

When the visitor management server 100 determines that the face image data does not satisfy the first condition (step S103; No), the visitor management server 100 sends information to the check-in terminal 10 prompting the visitor to re-upload the face image data. may be sent. The check-in terminal 10 may display information on the screen prompting the visitor to re-upload the face image (step S104). The check-in terminal 10 may re-capture the face image of the visitor by the imaging unit. The check-in terminal 10 may acquire the face image data of the visitor re-photographed by the imaging unit. The check-in terminal 10 may upload the reacquired face image data of the visitor and the visitor information to the visitor management server 100 (step S102). Note that the visitor management server 100 may delete the already acquired face image data from the memory or the like when requesting the visitor to upload the face image data again.

When the visitor management server 100 determines that the face image data satisfies the first condition (step S103; Yes), the visitor management server 100 may perform face image data registration processing (step S105). If the visitor management server 100 determines that the facial image data satisfies the first condition (step S103; Yes), the visitor management server 100 sends the visitor information of the visitor who uploaded the facial image data to the entrance/exit management server 300. can be sent to That is, the entrance/exit management server 300 may acquire visitor information from the visitor management server 100 . The entrance/exit management server 300 may register visitor information acquired from the visitor management server 100 in the storage unit 320 . Although not shown, the visitor management server 100 may transmit to the entrance/exit management server 300 the item authentication information of the entrance/exit item provided to the visitor who uploaded the face image data. The entrance/exit management server 300 may acquire visitor information and item authentication information from the visitor management server 100 (step S106). The entrance/exit management server 300 may associate visitor information and item authentication information and register them in the storage unit 320 .

Also, the visitor management server 100 may transmit face image data (an example of first registered image data) that satisfies the first condition to the face authentication server 200 . That is, the face authentication server 200 may acquire the first registered image data from the visitor management server 100 (step S107). The visitor management server 100 may transmit the first registered image data to the face authentication server 200 together with the second condition determination request.

The face authentication server 200 may determine whether or not the first registered image data satisfies the second condition (step S108). Note that the face authentication server 200 may execute the determination of the second condition in response to a determination request from the visitor management server 100 .

When the face authentication server 200 determines that the first registered image data does not satisfy the second condition (step S108; No), information indicating that the first registered image data does not satisfy the second condition (hereinafter referred to as NG answer) may be sent to the visitor management server 100 (step S109). When the visitor management server 100 receives an NG response from the face authentication server 200, the visitor management server 100 may recognize the registration of the first registered image data as an error (step S110). Further, when the visitor management server 100 receives an NG response from the face authentication server 200, the visitor management server 100 may transmit to the check-in terminal 10 information prompting the visitor to re-upload the visitor's face image data. The check-in terminal 10 may display on the screen information prompting the visitor to re-upload the face image (step S111). Note that the face authentication server 200 may delete the first registered image data from the memory or the like when the first registered image data does not satisfy the second condition (step S108; No).

When the face authentication server 200 determines that the first registered image data satisfies the second condition (step S108; Yes), the face authentication server 200 may execute registration processing of the first registered image data (step S112). When the face authentication server 200 determines that the first registered image data satisfies the second condition (step S108; Yes), information indicating that the first registered image data satisfies the second condition (hereinafter referred to as information indicating that the first registered image data satisfies the second condition). (also called an OK reply) may be sent to the visitor management server 100 (step S113). When the visitor management server 100 receives an OK response from the face authentication server 200, the visitor management server 100 may execute deletion processing of the first registered image data (step S114). That is, the visitor management server 100 may delete the first registered image data from the main DB when receiving an OK response from the face authentication server 200 .

When the visitor management server 100 receives an OK response from the face authentication server 200, the visitor management server 100 may transmit information (registration completion information) for notifying the visitor that the registration process has been completed to the check-in terminal 10. . The check-in terminal 10 may display the registration completion information on the screen (step S115).

Here, although not shown, the visitor management server 100 may issue a visitor ID when receiving an OK response from the face authentication server 200 . The visitor management server 100 may transmit the visitor ID to the face authentication server 200 and the entrance/exit management server 300 . The visitor management server 100 may register the visitor information and the visitor ID in the storage unit 120 in association with each other. Further, the face authentication server 200 may associate the visitor ID received from the visitor management server 100 with the second registered image data and register them in the storage unit 220 . Also, the entrance/exit management server 300 may associate the visitor ID, the visitor information, and the item authentication information received from the visitor management server 100 and register them in the storage unit 320 .

[1-7. Modification]
Next, an information processing procedure according to a modification of one embodiment will be described with reference to FIG. FIG. 7 is a diagram illustrating an information processing procedure according to a modification of the embodiment; In the information processing procedure according to the modified example of FIG. 7, the visitor management server 100 can perform registration processing of face image data and visitor information before the visitor visits. Specifically, the visitor management server 100 obtains the face image data and the visitor information from the visitor, for example, by e-mail or the like from the visitor before the visitor visits. can be registered. That is, the information processing procedure according to the modified example may not use the check-in terminal 10 . That is, the information processing system according to the modified example does not need to include the check-in terminal 10 . In addition, in the following description, the content that overlaps with the content described above may be omitted as appropriate.

A visitor may transmit visitor information and face image data to the public server 100A using, for example, a terminal device such as a smartphone or a personal computer. For example, the visitor may send visitor information and face image data to the public server 100A by email (step S201). The public server 100A may acquire the visitor information and the visitor's face image data from the visitor's terminal device (step S202). The public server 100A may upload the acquired visitor information and the visitor's face image data to the visitor management server 100 (step S203).

The visitor management server 100 may acquire visitor information and face image data of the visitor from the public server 100A. The visitor management server 100 may determine whether or not the facial image data satisfies the first condition (step S204).

If the face image data does not satisfy the first condition (step S204; No), the visitor management server 100 may transmit information to the public server 100A indicating that the face image data needs to be re-uploaded. The public server 100A may publish information indicating that the face image needs to be re-uploaded on the web (step S205). If the face image data does not satisfy the first condition (step S204; No), the public server 100A may send a request to resend new face image data to the visitor's terminal device (step S206). The terminal device of the visitor may resend the face image data to the public server 100A when receiving a request to resend the image data from the public server 100A (step S201).

If the face image data satisfies the first condition (step S204; Yes), the visitor management server 100 may perform face image data registration processing (step S207). If the face image data satisfies the first condition (step S204; Yes), the visitor management server 100 transmits the visitor information of the visitor whose face image data has been uploaded to the entrance/exit management server 300. good. In addition, although not shown, the visitor management server 100 may transmit to the entrance/exit management server 300 the item authentication information of the entrance/exit item provided to the visitor who uploaded the face image data. The entrance/exit management server 300 may acquire visitor information and item authentication information from the visitor management server 100 (step S208).

Also, the visitor management server 100 may transmit face image data (an example of first registered image data) that satisfies the first condition to the face authentication server 200 . That is, the face authentication server 200 may acquire the first registered image data from the visitor management server 100 (step S209). The visitor management server 100 may also transmit a determination request requesting the face authentication server 200 to determine whether or not the first registered image data satisfies the second condition. The visitor management server 100 may transmit the first registered image data to the face authentication server 200 together with the second condition determination request.

The face authentication server 200 may determine whether or not the first registered image data acquired from the visitor management server 100 satisfies the second condition (step S210).

When the face authentication server 200 determines that the first registered image data does not satisfy the second condition (step S210; No), it may transmit an NG answer to the visitor management server 100 (step S211). When the visitor management server 100 receives an NG response from the face authentication server 200, the visitor management server 100 may recognize that the registration of the first registered image data is an error (step S212). In this case, the visitor management server 100 may transmit information to the public server 100A indicating that the face image data needs to be re-uploaded. The public server 100A may publish information indicating that the face image needs to be re-uploaded on the web (step S205).

When determining that the first registered image data satisfies the second condition (step S210; Yes), the face authentication server 200 may perform registration processing of the first registered image data (step S213). When the face authentication server 200 determines that the first registered image data satisfies the second condition (step S210; Yes), the face authentication server 200 may transmit an OK reply to the visitor management server 100 (step S214). When the visitor management server 100 receives an OK response from the face authentication server 200, the visitor management server 100 may execute deletion processing of the first registered image data (step S215).

When the visitor management server 100 receives an OK response from the face authentication server 200, the visitor management server 100 may transmit registration completion information to the terminal device of the visitor. Based on the registration completion information, the terminal device of the visitor may display on the screen that the processing for registering the image for face authentication has been completed (step S216).

[2. effect〕
As described above, the information processing system 1 according to one embodiment includes the visitor management server 100 that manages information about users, and the face authentication server 200 that manages information used for user face authentication. The visitor management server 100 according to one embodiment includes a determination unit 132 that determines whether face image data used for face authentication of a user satisfies a first condition to be satisfied as face image data used for face authentication; and a storage unit 120 that stores face image data that satisfies the first condition. The face authentication server 200 according to one embodiment has a storage unit 220 that stores face image data that satisfies the first condition.

Thereby, the information processing system 1 according to one embodiment can perform face authentication using face image data that satisfies a predetermined condition that should be satisfied as face image data used for face authentication. Therefore, the information processing system 1 according to one embodiment can improve the authentication accuracy of face authentication.

The visitor management server 100 according to one embodiment further includes a reacquisition request unit 135 that requests the user to reacquire the face image data used for user face authentication. The reacquisition request unit 135 according to one embodiment instructs the user to reacquire the image data used for user face authentication when the determination unit 132 determines that the face image data does not satisfy the first condition. demand.

As a result, the information processing system 1 according to one embodiment can prevent face authentication from being performed using inappropriate face image data that does not satisfy the first condition that should be met as face image data used for face authentication. can. Therefore, the information processing system 1 according to one embodiment can improve the authentication accuracy of face authentication.

Further, when the face authentication server 200 determines that the face image data does not satisfy the second condition to be satisfied as face image data used for face authentication, the re-acquisition request unit 135 according to one embodiment The user is requested to reacquire the face image data used for face authentication.

As a result, the information processing system 1 according to one embodiment can prevent face authentication from being performed using inappropriate face image data that does not satisfy the second condition that should be met as face image data used for face authentication. can. Therefore, the information processing system 1 according to one embodiment can improve the authentication accuracy of face authentication.

In addition, the visitor management server 100 according to one embodiment, when the determining unit 132 determines that the facial image data satisfies the first condition, the facial image data satisfies the first condition to be used for facial authentication. It further has a determination requesting unit 133 that requests the face authentication server 200 to determine whether or not two conditions are satisfied. The face authentication server 200 according to one embodiment also determines whether face image data determined to satisfy the first condition satisfies a second condition to be satisfied as face image data used for face authentication. 232 further. The storage unit 220 according to one embodiment stores face image data that satisfies the first condition and the second condition. Moreover, the face authentication server 200 according to one embodiment further includes a transmission unit 233 that transmits the determination result of the determination unit 232 to the visitor management server 100 . The visitor management server 100 according to one embodiment also includes a receiving unit 134 that receives the determination result of the determination unit 232, and a registration system that processes face image data according to the determination results of the determination unit 132 and the determination unit 232, respectively. and a processing unit 136 . The registration processing unit 136 according to one embodiment registers the face image data in the storage unit 120 when the face image data satisfies the first condition, and registers the face image data in the storage unit 120 when the face image data satisfies the second condition. The registered face image data is deleted from the storage unit 120. - 特許庁

As a result, the information processing system 1 according to one embodiment, in addition to the first condition to be satisfied as the face image data used for face authentication by the face authentication server 200, the face image data used for face authentication by the face authentication server 200 It is possible to enable the face authentication server 200 to perform face authentication using more appropriate face image data that satisfies the second condition to be satisfied as . Therefore, the information processing system 1 according to one embodiment can improve the authentication accuracy of face authentication.

The information processing system 1 according to one embodiment further includes a face authentication terminal 20 that performs face authentication of the user based on face image data that satisfies the first condition and the second condition.

Thereby, the information processing system 1 according to one embodiment can improve the authentication accuracy of face authentication.

In addition, the information processing system 1 according to one embodiment further includes a restriction device that restricts a user from entering or exiting an area where entry of a user is restricted, and a controller 31 that controls the restriction device. The controller 31 according to one embodiment controls to release the restriction of the restriction device when the face authentication of the user by the face authentication terminal 20 is successful.

As a result, the information processing system 1 according to one embodiment can restrict entry and exit of the user by face authentication with higher accuracy, and thus can improve security for the area where entry of the user is restricted. .

The information processing system 1 according to one embodiment further includes a reader 32 that reads item authentication information recorded in the item provided to the user. The controller 31 according to one embodiment performs item authentication of the user based on the item authentication information, and when the face authentication of the user by the face authentication terminal 20 and the item authentication of the user are successful, the restriction of the restriction device is performed. Control to release.

As a result, the information processing system 1 according to one embodiment can restrict entry and exit of users by double authentication combining high-precision face authentication and item authentication. security can be further improved.

The information processing system 1 according to one embodiment further includes an entrance/exit management server 300 that manages entrance/exit of users. The visitor management server 100 has a registration processing unit 136 that issues user identification information that can identify a user and that is shared by the visitor management server 100, the face authentication server 200, and the entrance/exit management server 300. further has

As a result, the information processing system 1 according to one embodiment can promote cooperation among the visitor management server 100, the face authentication server 200, and the entrance/exit management server 300, so that the entrance/exit management system using face authentication can improve usability in

The storage unit 120 according to one embodiment stores information that associates user-related information with user identification information. The controller 31 controls the restriction device based on the results of face authentication and item authentication of users identified by the same user identification information.

As a result, the information processing system 1 according to one embodiment can restrict entry and exit of the user by double authentication combining face authentication and item authentication of the user identified as the same person. Security can be further improved for areas where intrusion is restricted.

[3. Hardware configuration]
The visitor management server 100 and face authentication server 200 according to one embodiment may be implemented by a computer 1000 configured as shown in FIG. 8, for example. FIG. 8 is a hardware configuration diagram showing an example of a computer that implements the functions of the visitor management server 100 or the face authentication server 200. As shown in FIG. Computer 1000 may comprise CPU 1100 , RAM 1200 , ROM 1300 , HDD 1400 , communication interface (I/F) 1500 , input/output interface (I/F) 1600 and media interface (I/F) 1700 .

CPU 1100 may operate based on programs stored in ROM 1300 or HDD 1400 and may control each unit. The ROM 1300 may store a boot program executed by the CPU 1100 when the computer 1000 is started, a program depending on the hardware of the computer 1000, and the like.

The HDD 1400 may store programs executed by the CPU 1100, data used by such programs, and the like. Communication interface 1500 may receive data from another device via a predetermined communication network, send the data to CPU 1100, and transmit data generated by CPU 1100 to another device via a predetermined communication network.

The CPU 1100 may control output devices such as displays and printers and input devices such as keyboards and mice through the input/output interface 1600 . CPU 1100 may acquire data from an input device via input/output interface 1600 . Further, CPU 1100 may output the generated data to an output device via input/output interface 1600 .

Media interface 1700 may read programs or data stored in recording medium 1800 and provide them to CPU 1100 via RAM 1200 . CPU 1100 may load such a program from recording medium 1800 onto RAM 1200 via media interface 1700 and execute the loaded program. The recording medium 1800 is, for example, an optical recording medium such as a DVD (Digital Versatile Disc) or a PD (Phase change rewritable disc), a magneto-optical recording medium such as an MO (Magneto-Optical disk), a tape medium, a magnetic recording medium, or a semiconductor memory. etc.

For example, when the computer 1000 functions as the visitor management server 100 or the face authentication server 200 according to the embodiment, the CPU 1100 of the computer 1000 executes the program loaded on the RAM 1200 to control the control unit 130 or the control unit 230. function may be realized. CPU 1100 of computer 1000 may read these programs from recording medium 1800 and execute them. As another example, CPU 1100 may acquire these programs from another device via a predetermined communication network.

As described above, some of the embodiments of the present application have been described in detail based on the drawings. It is possible to carry out the invention in other forms with modifications.

[4. others〕
Further, among the processes described in the above embodiments and modifications, all or part of the processes described as being automatically performed may be performed manually. Alternatively, all or part of the processes described as being performed manually may be performed automatically by known methods. In addition, information including processing procedures, specific names, various data and parameters shown in the above documents and drawings may be arbitrarily changed unless otherwise specified. For example, the various information shown in each drawing is not limited to the illustrated information.

Also, each component of each device illustrated is functionally conceptual, and does not necessarily need to be physically configured as illustrated. In other words, the specific form of distribution/integration of each device is not limited to the illustrated one, and all or part of them can be functionally or physically distributed/integrated in arbitrary units according to various loads and usage conditions. may be integrated.

Also, the above-described embodiments and modifications can be appropriately combined within a range that does not contradict the processing content.

Also, the above-mentioned "section, module, unit" can be read as "means" or "circuit". For example, the determination unit can be read as determination means or a determination circuit.

1 information processing system 100 visitor management server 110 communication unit 120 storage unit 130 control unit 131 acquisition unit 132 determination unit 133 determination request unit 134 reception unit 135 reacquisition request unit 136 registration processing unit 200 face authentication server 210 communication unit 220 storage unit 230 control unit 231 acquisition unit 232 determination unit 233 transmission unit 234 registration processing unit 300 entrance/exit management server 310 communication unit 320 storage unit 330 control unit 331 acquisition unit 332 reception unit

Claims (16)

Visitor information that is information about a user who is a visitor and that identifies the user, and a face image of the user that is photographed by a face authentication terminal that performs face authentication of the user A visitor management server that manages a candidate for matching face image data that is a candidate for matching face image data used for matching with the face image of the visitor management server, and information that the face authentication terminal uses for face authentication of the user , an information processing system including a face authentication server that manages the matching face image data used for matching the user's face image captured by the face authentication terminal when the user's face is authenticated; There is
The visitor management server
A condition to be met by the matching face image data candidate registered in advance before face authentication of the user as face image data used in face authentication processing , wherein the shooting date of the matching face image data candidate Alternatively, a first determination unit that determines whether or not a first condition, which is a condition related to a file format , is satisfied;
a first storage unit that stores the matching face image data candidate that satisfies the first condition;
The face authentication server is
The matching face image data candidates satisfying the first condition are acquired from the visitor management server , and among the matching face image data candidates satisfying the first condition, the matching face image data candidates undergo face authentication processing. The face image data candidate for verification satisfies a second condition, which is a condition to be further satisfied by the face image data used in the above, and is a condition relating to a face included in the face image corresponding to the face image data candidate for verification. a second storage unit that stores matching face image data ;
Information processing system. The visitor management server
further comprising a reacquisition request unit for requesting the user to reacquire the matching face image data candidate ;
The reacquisition request unit
requesting the user to reacquire the candidate face image data for verification when the first determination unit determines that the candidate face image data for verification does not satisfy the first condition;
The information processing system according to claim 1. The reacquisition request unit
A condition to be satisfied by the face authentication server as face image data for which the matching face image data candidate is used for face authentication processing , the condition relating to a face included in a face image corresponding to the matching face image data candidate. requesting the user to reacquire the face image data candidate for verification when it is determined that the second condition is not satisfied;
The information processing system according to claim 2. The visitor management server
When the first determination unit determines that the matching face image data candidate satisfies the first condition, the matching face image data candidate satisfying the first condition is used for face authentication processing. The face authentication server is requested to determine whether or not a second condition, which is a condition to be further satisfied as a condition relating to the face included in the face image corresponding to the face image data candidate for verification, is satisfied. further comprising a judgment requesting unit;
The information processing system according to any one of claims 1 to 3. The face authentication server is
A condition that the matching face image data candidate determined to satisfy the first condition should further satisfy as face image data used for face authentication processing , and is included in the face image corresponding to the matching face image data candidate. further comprising a second determination unit that determines whether or not a second condition is satisfied, which is a condition regarding the face to be displayed ;
The second storage unit stores the matching face image data that is the matching face image data candidate that satisfies the first condition and the second condition.
The information processing system according to any one of claims 1 to 4. The face authentication server is
further comprising a transmission unit that transmits the result of determination by the second determination unit to the visitor management server;
The information processing system according to claim 5. The visitor management server
a receiving unit that receives the determination result of the second determining unit;
a first registration processing unit that processes the matching face image data candidate according to the determination result of each of the first determination unit and the second determination unit;
The first registration processing unit
registering the matching face image data candidate satisfying the first condition in the first storage unit when the matching face image data candidate satisfies the first condition ;
If the matching face image data candidate satisfying the first condition is the matching face image data candidate registered in the first storage unit, the matching face image data candidate satisfying the first condition is stored in the first storage. remove from the department,
The information processing system according to claim 5 or 6. A face authentication terminal that performs face authentication of the user based on the matching face image data that is the matching face image data candidate that satisfies the first condition and the second condition,
The information processing system according to claim 5. The face authentication server is
A face authentication unit that performs face authentication of the user based on the matching face image data that is the matching face image data candidate that satisfies the first condition and the second condition,
The information processing system according to claim 5. The information processing system further includes a restriction device that restricts entry and exit of the user to an area where entry of the user is restricted, and a controller that controls the restriction device,
The controller controls to release the restriction of the restriction device when the authentication result of the face authentication of the user is successful.
The information processing system according to claim 8 or 9. The information processing system further includes a reader that reads item authentication information recorded in the item provided to the user,
The controller performs item authentication of the user based on the item authentication information, and if the authentication result of the user's face authentication and the authentication result of the user's item authentication are successful, the restriction device control to remove restrictions,
The information processing system according to claim 10. The information processing system further includes an entrance/exit management server that manages entrance/exit of the user,
The visitor management server
User identification information that can identify the user, and a registration processing unit that issues the user identification information that is shared by the visitor management server, the face authentication server, and the entrance/exit management server.
The information processing system according to any one of claims 1 to 11. The first storage unit stores information that associates information about the user with the user identification information.
The information processing system according to claim 12. The controller controls the restriction device based on the result of the face authentication and the result of the item authentication of the user identified by the same user identification information.
The information processing system according to claim 11. Visitor information that is information about a user who is a visitor and that identifies the user, and a face image of the user that is photographed by a face authentication terminal that performs face authentication of the user A visitor management server that manages a candidate for matching face image data that is a candidate for matching face image data used for matching with the face image of the visitor management server, and information that the face authentication terminal uses for face authentication of the user , an information processing system including a face authentication server that manages the matching face image data used for matching with the user's face image captured by the face authentication terminal when the user's face is authenticated; An information processing method realized by a program to be executed,
The visitor management server
A condition to be met by the matching face image data candidate registered in advance before face authentication of the user as face image data used in face authentication processing , wherein the shooting date of the matching face image data candidate Alternatively, a first determination step of determining whether or not a first condition , which is a condition related to a file format, is satisfied ;
a first storage step of storing the face image data candidate for matching that satisfies the first condition in a first storage unit ;
the face authentication server
The matching face image data candidates satisfying the first condition are acquired from the visitor management server , and among the matching face image data candidates satisfying the first condition, the matching face image data candidates undergo face authentication processing. The face image data candidate for verification satisfies a second condition, which is a condition to be further satisfied by the face image data used in the above, and is a condition relating to a face included in the face image corresponding to the face image data candidate for verification. a second storage step of storing the matching face image data in a second storage ;
Information processing method including. A matching face that is a candidate for matching face image data that is a face image of a user who is a visitor and that is used for matching with a face image of the user photographed by a face authentication terminal that performs face authentication of the user. an image data candidate that is registered in advance before the user's face authentication is performed, and that the matching face image data candidate satisfies a condition to be used for face authentication processing; a first determination unit that determines whether or not a first condition , which is a condition related to the shooting date or file format of the image data candidate, is satisfied ;
a first storage unit that stores the matching face image data candidate that satisfies the first condition;
A visitor management server.

Images