JP7310522B2 - Personal authentication system, authenticator, program and personal authentication method - Google Patents

Description

The present invention relates to a personal authentication system, an authenticator, a program, and a personal authentication method.

2. Description of the Related Art Conventionally, banks and the like provide so-called Internet banking services to customers via communication networks such as the Internet. In Internet banking services, for example, biometric information is used to confirm the identity of a customer using a terminal such as a mobile terminal owned by the customer. As an example, disclosed is a method of verifying a person's identity by face authentication using a face image stored in an IC card such as a driver's license and a face image of a customer who is the operator of a terminal (see, for example, Patent Document 1).

JP 2015-88080 A

Since the device described in Patent Document 1 uses face image data stored in a chip of an IC card, the information terminal must be equipped with a reader for reading the IC card.
Also, when using the service, it is necessary to authenticate the user each time in order to allow use only by users whose identity has been verified. In Patent Document 1, face authentication using face images is performed on the server side, but biometric information represented by face images is transmitted via a communication line each time the service is used. Therefore, there was a problem with data security.

SUMMARY OF THE INVENTION Accordingly, it is an object of the present invention to provide a personal authentication system, an authenticator, a program, and a personal authentication method with improved security.

The present invention solves the above problems by means of the following solutions. In order to facilitate understanding, reference numerals corresponding to the embodiments of the present invention will be used for explanation, but the present invention is not limited thereto. Also, the configurations described with reference numerals may be improved as appropriate, and at least a part of them may be replaced with other components.

A first aspect of the present invention is a personal authentication system comprising an authenticator (1) equipped with a photographing unit (34) owned by a user and a personal authentication server (4) communicably connected to the authenticator. A system (100), wherein the authenticator includes a face photograph image included in an identity verification image, which is an image of an identity verification document (3), acquired via the photographing unit at the time of identity verification of a user; image storage processing means (16a) for storing a matching image, which is at least one of a face image of a person possessing the identity verification document, in a matching image storage unit (32); a facial image collating means (18) for acquiring a facial image of the service user through the photographing unit and collating it with the collated image stored in the collated image storage unit; , verification result transmission means (19) for transmitting to said personal authentication server, and said personal authentication server comprises permission means (44) for permitting use of the service based on said verification result. It is a personal authentication system that
A second invention is the personal authentication system (100) of the first invention, comprising a personal identification server (4) communicably connected to the authenticator (1), wherein the authenticator Personal identification request means (14) for requesting personal identification to the personal identification server by transmitting confirmation documents (3) and the face image to the personal identification server, and the image storage processing unit. (16a) is the identity authentication system characterized by storing the collation image in the collation image storage unit (32) when receiving from the identity confirmation server that the identity has been verified.
In a third invention, in the personal authentication system (100) of the first invention or the second invention, the authenticator (1) includes key generation means (16b) for generating a key pair consisting of a private key and a public key. and key transmission means (16b) for transmitting the public key included in the key pair generated by the key generation means to the personal authentication server (4), wherein the verification result transmission means (19) and transmitting the verification result signed by the private key included in the key pair generated by the key generating means, and the authentication server receives the public key and stores it in a storage unit (53). means (42), wherein said permitting means (44) verifies the signature of said collation result received with said public key stored in said key storage means, and permits use of the service when the signature is verified. This personal identification system is characterized by:
In a fourth invention based on the personal authentication system (100) of the third invention, the authenticator (1) comprises a request transmission means (17) for transmitting a use start request to the personal authentication server (4). , the authentication server includes code transmission means (43) for transmitting a challenge code generated using a random number in response to receiving the use start request, and the verification result transmission means of the authenticator. (19) is a person authentication system characterized by transmitting the result of verification in which the challenge code is signed with the secret key when verification is successful by the face image verification means (18).
A fifth aspect of the invention is an authentication device (1) possessed by a user and equipped with a photographing unit (34), wherein an identity verification document (3) is obtained through the photographing unit when verifying the identity of the user. A matching image, which is at least one of a facial photograph image included in the identity verification image that is the image of the identity verification document and a face image that is the face image of the holder of the identity verification document, is stored in a verification image storage unit (32) and image storage processing means (16a) for acquiring a face image of the service user through the photographing unit when using the service and matching the face image with the matching image stored in the matching image storage unit. means (18); and matching result transmission means (19) for transmitting a result of matching by the face image matching means to a person authentication server (4) connected in a communicable manner and performing person authentication. It is an authenticator that
According to a sixth aspect of the present invention, a computer (1) possessed by a user and equipped with a photographing unit (34) is obtained through said photographing unit when verifying the identity of the user. Image storage processing for storing in a collation image storage unit (32) a collation image, which is at least one of a face photograph image included in the image and a face image that is the face image of the holder of the identification document. means, face image collation means for acquiring a face image of a service user through the imaging unit when using the service and collating it with the collation image stored in the collation image storage unit, and the face image collation means It is a program (31c) for functioning as a verification result transmitting means for transmitting a verification result to a personal authentication server (4) which is communicatively connected and performs personal verification.
In a seventh aspect of the invention, an authenticator (1) equipped with a photographing unit (34) owned by a user performs personal authentication using a personal authentication server (4) communicably connected to the authenticator. The face photograph image included in the identity verification image, which is the image of the identity verification document (3), acquired via the photographing unit when the identity verification of the user performed in the above, and the face of the owner who possesses the identity verification document an image storage step of storing a matching image, which is at least one of a face image that is an image of a face image, in a matching image storage unit (32); a face image matching step of obtaining a face image of the face image and matching it with the matching image stored in the matching image storage unit; and a matching result transmission step, and the authentication server includes a permitting step of permitting use of the service based on the matching result.

According to the present invention, it is possible to provide a personal authentication system, an authenticator, a program, and a personal authentication method with improved security.

1 is a diagram showing the overall configuration of a personal authentication system according to this embodiment; FIG. 3 is a functional block diagram of the mobile terminal according to the embodiment; FIG. 3 is a functional block diagram of the personal authentication server according to this embodiment; FIG. 6 is a flowchart showing service start processing in the mobile terminal according to the embodiment; 4 is a flowchart showing personal identification processing in the mobile terminal according to the embodiment; 4 is a flow chart showing identity verification image processing in the identity verification system according to the present embodiment. 5 is a flow chart showing matching image processing in the personal authentication system according to the present embodiment. 4 is a flow chart showing personal authentication processing in the personal authentication system according to the present embodiment. FIG. 8 is continued.

EMBODIMENT OF THE INVENTION Hereafter, the form for implementing this invention is demonstrated, referring a figure. This is just an example, and the technical scope of the present invention is not limited to this.

(embodiment)
FIG. 1 is a diagram showing the overall configuration of a personal authentication system 100 according to this embodiment.
FIG. 2 is a functional block diagram of the mobile terminal 1 according to this embodiment.
FIG. 3 is a functional block diagram of the personal authentication server 4 according to this embodiment.
The personal authentication system 100 shown in FIG. 1 performs personal identification necessary when starting various services for the first time using only the mobile terminal 1 (authentication device), and personal identification necessary when starting the second and subsequent services is performed using the mobile terminal 1 (authentication device). It is a system for doing safely by only 1.

Here, various services include, for example, services related to opening bank accounts and various banking operations, car sharing services, services related to real estate leasing, etc., and various services that require personal identification and personal authentication. Say. At present, as a means of personal identification when opening a bank account, etc., mail that does not require forwarding is sent to the home of the applicant who applied for the opening of the account. Recently, financial institutions are considering a method of completing identity verification online. Identity verification in the present invention refers to confirmation processing to enable online procedures using a mobile terminal or the like when starting transactions with a financial institution such as opening an account. It is something to do. In identity verification, for example, verification using a public certificate such as a driver's license is performed. On the other hand, identity authentication is a state in which identity verification has already been completed, and means confirmation to prevent spoofing and the like when the service is started for the second time and thereafter.
In the following, the personal authentication system 100 will be described using the mobile terminal 1 as an example to start a service that requires personal identification or personal authentication.

The personal authentication system 100 includes a portable terminal 1 and a personal authentication server 4 (personal identification server, personal authentication server). The mobile terminal 1 can be connected to a communication network N via a base station R for wireless communication, for example. Also, the personal authentication server 4 is connected via a communication network N so as to be able to communicate therewith.
The personal authentication system 100 is connected to the service providing server 7 via the communication network N. FIG. The service providing server 7 is a server for performing service processing with the mobile terminal 1 .

The mobile terminal 1 is, for example, a terminal owned by a person who wants to receive the service provided by the service providing server 7 . Hereinafter, a person who intends to receive the provision of services is referred to as a user. The mobile terminal 1 is, for example, a mobile device having the functions of a computer represented by a smart phone or a tablet.
As shown in FIG. 2 , the mobile terminal 1 includes a control section 10 , a storage section 30 , a camera 34 (capturing section), a touch panel display 35 and a communication interface section 39 .

The control unit 10 is a CPU (central processing unit) that controls the entire mobile terminal 1 . The control unit 10 reads and executes an operating system (OS) and various application programs stored in the storage unit 30 as appropriate, thereby cooperating with the above-described hardware and executing various functions.
The control unit 10 includes an application activation unit 11 , an identity confirmation unit 12 , an identity authentication unit 15 , and a service processing unit 20 .

When the transaction application 31a is executed, the application activation unit 11 determines whether the identity confirmation application 31b or the authentication application 31c (program) is started.
The personal identification unit 12 is a control unit that performs personal identification processing. The identity confirmation unit 12 includes an image acquisition unit 13 and an identity confirmation requesting unit 14 (personal identification requesting means).

The image acquisition unit 13 acquires an identity verification image, which is an image of the identity verification document, when the user operates the camera 34 to photograph his/her identity verification document. Here, the personal identification document is an officially recognized identification card on which the user's facial photograph is printed. A driver's license 3 is shown in FIG. 1 as an example of an identification document. It should be noted that the personal identification document may also be a My Number card or the like on which the user's facial photograph is printed.
Then, the image acquisition unit 13 extracts a facial photograph image from the acquired personal identification image. Thereafter, the image acquisition unit 13 causes the storage unit 30 to store the extracted face photograph image.
In addition, the image acquisition unit 13 acquires a matching image, which is the face image of the user and used for matching, by the user operating the camera 34 to photograph his or her own face.
The personal identification requesting unit 14 transmits the face photograph image stored in the storage unit 30 and the acquired verification image to the personal identification server 4 to request personal identification.

The personal authentication unit 15 is a control unit related to personal authentication that is performed each time use of the service is started. The personal authentication unit 15 includes a preprocessing unit 16, a request transmission unit 17 (request transmission means), a face image acquisition/collation unit 18 (face image collation means), and a verification result transmission unit 19 (verification result transmission means). Prepare.
The pre-processing unit 16 is a process that is performed only once when the identity verification is completed. The preprocessing unit 16 includes an image storage processing unit 16a (image storage processing means) and a key processing unit 16b (key generation means, key transmission means).

The image storage processing unit 16a stores the face image acquired by the processing of the identity verification unit 12 as a verification image to be used for verification at the time of subsequent identity verification when the identity verification unit 12 successfully verifies the identity. 32.
The key processing unit 16b generates a key pair used for confirmation with the personal authentication server 4. FIG. A key pair consists of a private key and a public key. Then, the key processing unit 16b causes the key storage unit 33 to store the generated secret key. Further, the key processing unit 16b transmits the generated public key to the personal authentication server 4. FIG.

The request transmission unit 17 transmits a use start request to the personal authentication server 4, which is a process performed every time the use of the service is started. The usage start request may be, for example, a login request for logging into the service providing server 7 .
The face image acquisition/collation unit 18 acquires a face image of the user (service user) by operating the camera 34 and photographing the user's own face. Then, the facial image acquisition/collation unit 18 collates the acquired facial image with the collation image stored in the collation image storage unit 32 to confirm whether or not they are the same person.
The matching result transmitting unit 19 signs the challenge code received from the personal authentication server 4 by transmitting the usage start request as the matching result by the face image acquisition matching unit 18 with the private key stored in the key storage unit 33 . and transmits it to the personal authentication server 4.
The service processing unit 20 performs service processing with the service providing server 7 when the signature verification result received from the personal authentication server 4 permits the use of the service.

The storage unit 30 is a storage area such as a semiconductor memory device for storing programs, data, etc. necessary for the control unit 10 to execute various processes.
The storage unit 30 includes a program storage unit 31 , a matching image storage unit 32 and a key storage unit 33 .
The program storage unit 31 is a storage area that stores various application programs (hereinafter, application programs are referred to as applications, applications, programs, or the like). The program storage unit 31 stores a transaction application 31a, an identity confirmation application 31b, and an identity authentication application 31c. In the present embodiment, an application using the transaction application 31a, the personal identification application 31b, and the personal authentication application 31c will be described below, but an application that integrates the functions of a plurality of applications is used. may

The transaction application 31a, the identity verification application 31b, and the identity verification application 31c are pre-installed in the mobile terminal 1, or communicate with an application distribution server (not shown) via the communication network N so that the mobile terminal 1 is downloaded.
The transaction application 31 a is a program for performing service processing with the service providing server 7 .
The personal identification application 31b is a program for performing various functions of personal identification executed by the control unit 10 of the mobile terminal 1 .
The personal authentication application 31c is a program for performing various functions of personal authentication executed by the control unit 10 of the mobile terminal 1 .

The matching image storage unit 32 is a storage area that stores an image used for personal authentication as a matching image. The face image used for personal identification is stored in the matching image storage unit 32 when the personal identification is successful.
The key storage unit 33 is a storage area that stores a private key used for personal authentication. The key storage unit 33 stores the private key of the key pair generated by executing the personal authentication application 31c when the personal identification is successful.

Camera 34 is a photographing device. The camera 34 has an in-camera 34a and an out-camera 34b. The in-camera 34 a is a camera provided on the side of the touch panel display 35 of the mobile terminal 1 . The out-camera 34b is a camera provided on the back side of the mobile terminal 1 .
The touch panel display 35 has a function as a display section configured by a liquid crystal panel or the like, and a function as an input section for performing various operation inputs with a user's finger.
The communication interface unit 39 is an interface for communicating with various servers via the communication network N, and functions as a transmitting unit and a receiving unit.

Returning to FIG. 1, the driver's license 3 is card-shaped and, as described above, is an official identification card. On the surface of the driver's license 3, user's personal information including the user's (holder's) address, name, date of birth, and user's facial photograph is written. The user of the mobile terminal 1 uses the mobile terminal 1 to take an image of the driver's license 3 or the like that the user owns in the personal identification system 100 .

The personal authentication server 4 is a server that performs personal identification and personal authentication at the start of service. The personal authentication server 4 is owned by a company different from the company that provides the service. Note that the personal authentication server 4 may be owned by a company that provides services.
As shown in FIG. 3 , the personal authentication server 4 includes a control section 40 , a storage section 50 and a communication interface section 59 .

The control unit 40 is a CPU that controls the entire personal authentication server 4 . The control unit 40 reads and executes the OS and application programs stored in the storage unit 50 to cooperate with the above-described hardware and execute various functions.
The control unit 40 includes an identity verification processing unit 41, a key reception processing unit 42 (key storage means), a code generation/transmission unit 43 (code transmission means), and a service usage permission unit 44 (permission means).

The personal identification processing unit 41 performs personal identification processing.
Specifically, the personal identification processing unit 41 receives the face image and the face photograph image from the mobile terminal 1 . Then, the personal identification processing unit 41 collates the received face image with the face photograph image. Here, the personal identification processing unit 41 may indicate the matching result between the facial image and the facial photograph image by a score. For example, the personal identification processing unit 41 performs image collation processing, and calculates the degree of matching between face photograph images as a score. Here, the score is represented by a numerical value from 0 to 100, for example, and the higher the degree of matching, the higher the numerical value.
After that, the personal identification processing unit 41 transmits the collation result to the mobile terminal 1 .

The key reception processing unit 42 receives a public key used for personal authentication from the mobile terminal 1 and stores the received public key in the key storage unit 53 .
The code generator/transmitter 43 uses random numbers to generate a challenge code in response to receiving the use start request. Also, the code generation/transmission unit 43 transmits the generated challenge code to the mobile terminal 1 .
The service use permitting unit 44 verifies the signature received from the mobile terminal 1 , and transmits to the mobile terminal 1 the result of signature verification that permits the use of the service when the verification is successful.

The storage unit 50 is a storage area such as a hard disk or a semiconductor memory device for storing programs, data, etc. necessary for the control unit 40 to execute various processes.
The storage unit 50 includes a program storage unit 51 and a key storage unit 53 .
The program storage unit 51 is a storage area that stores various programs. The program storage unit 51 stores an identity verification program 51a and an identity verification program 51b.
The personal identification program 51 a is a program for performing the function of the personal identification processing unit 41 executed by the control unit 40 of the personal identification server 4 .
The personal authentication program 51b is a program for performing the functions from the key reception processing unit 42 to the service usage permission unit 44 which are executed by the control unit 40 of the personal authentication server 4 .
In addition, in this embodiment, although the following describes the case of using the identity verification program 51a and the identity verification program 51b, it is also possible to use a program in which the functions of the two programs are integrated.
The communication interface unit 59 is an interface for performing communication between various servers such as the service providing server 7 and the mobile terminal 1 via the communication network N. FIG.

Here, the computer refers to an information processing device having a control unit, a storage device, etc., and the mobile terminal 1 and the personal authentication server 4 are information processing devices having a control unit, a storage unit, etc., respectively. included in the concept.

The service providing server 7 shown in FIG. 1 is a server for performing service processing. In FIG. 1, the personal authentication system 100 has only one service providing server 7, but may have a plurality of servers for each service.
Note that the service providing server 7 includes a control unit, a storage unit, a communication interface unit, etc., although not shown.

A base station R shown in FIG. 1 is a base station for wireless communication, and performs a relay for communication between the mobile terminal 1 and various servers. The base station R is, for example, a wireless LAN (Local Area Network) base station or a mobile terminal communication network base station of a carrier.
The communication network N is a network between various servers or between various servers and the base station R, such as an Internet line or a mobile terminal communication network.

Next, processing of the personal authentication system 100 will be described.
FIG. 4 is a flowchart showing service start processing in the mobile terminal 1 according to this embodiment.
First, a user who wants to start a service performs a touch operation such as tapping to select an icon (not shown) of the transaction application 31a displayed on the touch panel display 35 of his/her mobile terminal 1, for example. By doing so, the control unit 10 of the mobile terminal 1 executes the transaction application 31a.

When the transaction application 31a is executed, the touch panel display 35 of the mobile terminal 1 displays a main screen (not shown) of the transaction application 31a. Therefore, when the user performs an operation (for example, an operation to select a menu) for starting the service from the main screen, in step S10 (hereinafter simply referred to as "S") in FIG. accepts the service start operation.

Next, in S11, the control unit 10 determines whether or not personal identification processing has been performed. As an example, the control unit 10 refers to the collation image storage unit 32 and determines that the identity confirmation process has been performed if the collation image is stored. If the personal identification process has been performed (S11: YES), the control unit 10 shifts the process to S12. On the other hand, if the person has not been verified (S11: NO), the control unit 10 shifts the process to S13.
In S12, the control unit 10 performs personal authentication processing (see FIG. 8, which will be described later). After that, the control unit 10 terminates this process.
On the other hand, in S13, the control unit 10 performs an identity verification process (see FIG. 5, which will be described later). After that, the control unit 10 terminates this process.

Next, the personal identification process will be described.
FIG. 5 is a flowchart showing personal identification processing in the mobile terminal 1 according to this embodiment.
FIG. 6 is a flowchart showing identity verification image processing in the identity verification system 100 according to this embodiment.
FIG. 7 is a flow chart showing verification image processing in the personal authentication system 100 according to this embodiment.

In S20 of FIG. 5, the control unit 10 (application activation unit 11) activates the identity verification application 31b.
In S21, the control unit 10 (identity verification unit 12) of the mobile terminal 1 performs identity verification image processing.
Here, the personal identification image processing will be described with reference to FIG.
In S50 of FIG. 6, the control unit 10 (image acquisition unit 13) of the mobile terminal 1 activates the out-camera 34b, displays the through image (image of the shooting range) of the out-camera 34b on the touch panel display 35, and Allows photographing of confirmation documents. Then, the user captures the identity verification document in the through image and taps a shooting button (not shown), whereby the control unit 10 acquires the identity verification image.

At that time, the control unit 10 first displays an identification card selection screen (not shown) for selecting what to photograph as an identification document (driver's license or My Number card), and prompts the user to confirm his/her identity. The type of document may be selected. Then, the control unit 10 may change guidance for photographing according to the type of identity verification document. For example, in the case of the driver's license 3, it is necessary to photograph both the front side and the back side. On the other hand, if it is a My Number card, it is sufficient to photograph only the front side.

In S51, the control unit 10 (image acquisition unit 13) extracts a facial photograph image from the personal identification image. The control unit 10, for example, analyzes the identity verification image and identifies the identity verification document. Then, the control unit 10 specifies the image position of the facial photograph from the personal identification document, and extracts the image at the specified image position.
In S<b>52 , the control unit 10 (image acquiring unit 13 ) causes the storage unit 30 to temporarily store the extracted face photograph image. After that, the control unit 10 shifts the processing to S22 in FIG.

In S22 of FIG. 5, the control unit 10 (identity verification unit 12) performs verification image processing.
Here, the matching image processing will be described with reference to FIG.
In S60 of FIG. 7, the control unit 10 (image acquisition unit 13) of the mobile terminal 1 activates the in-camera 34a and causes the touch panel display 35 to display the through image of the in-camera 34a. Then, the user taps a shooting button (not shown) with his/her own face reflected in the through image, and the control unit 10 acquires a collation image (face image).

In S<b>61 , the control unit 10 (identity verification requesting unit 14 ) transmits the acquired verification image together with the face photograph image temporarily stored in the storage unit 30 to the identity authentication server 4 . Here, the facial photograph image stored in the storage unit 30 is obtained and stored by the mobile terminal 1 in the personal identification image processing.
In S<b>62 , the control unit 40 (personal identification processing unit 41 ) of the personal identification server 4 receives the verification image and the face photograph image from the mobile terminal 1 .

In S63, the control unit 40 (identity verification processing unit 41) performs face verification processing for verifying the verification image and the facial photograph image. The control unit 40 performs image collation processing and, for example, calculates the degree of matching between the collation image and the facial photograph image as a score.
In S<b>64 , the control unit 40 (personal identification processing unit 41 ) transmits the collation result to the mobile terminal 1 . After that, the control unit 40 terminates this process.
In S65, the control unit 10 (identity verification unit 12) of the mobile terminal 1 receives the verification result. After that, the control unit 10 shifts the processing to S23 in FIG.

In S23 of FIG. 5, the control unit 10 (personal identification unit 12) determines whether or not the authentication is successful based on the collation result. For example, when the score obtained as a collation result is equal to or greater than a threshold value, the control unit 10 determines that the authentication is successful. If it is determined that the authentication was successful (S23: YES), the control unit 10 shifts the process to S24. On the other hand, if it is determined that the authentication was not successful (S23: NO), the control unit 10 shifts the process to S29.

In S24, the control unit 10 activates the personal authentication application 31c.
In S25, the control unit 10 (image storage processing unit 16a) causes the matching image storage unit 32 to store the face image acquired in the personal identification process as a matching image.
In S<b>26 , the control unit 10 (key processing unit 16 b ) generates a key pair and transmits the public key of the generated key pair to the personal authentication server 4 . By doing so, the control unit 40 (key reception processing unit 42) of the personal authentication server 4 receives the public key and causes the key storage unit 53 to store the received public key.
In S27, the control unit 10 (service processing unit 20) performs service processing with the service providing server 7 corresponding to the transaction application 31a. After that, the control unit 10 shifts the process to FIG. 4 and ends this process.

On the other hand, in S<b>29 , the control unit 10 outputs to the touch panel display 35 that there is an authentication error. After that, the control unit 10 shifts the process to FIG. 4 and ends this process.

Next, the personal authentication process will be described.
8 and 9 are flowcharts showing the personal authentication process in the personal authentication system 100 according to this embodiment.
In S30 of FIG. 8, the control unit 10 (application activation unit 11) of the mobile terminal 1 activates the personal authentication application 31c.
In S<b>31 , the control unit 10 (request transmission unit 17 ) transmits a usage start request to the personal authentication server 4 .

At S32, the control unit 40 of the personal authentication server 4 receives the usage start request.
In S<b>33 , the control unit 40 (code generation/transmission unit 43 ) generates a random number to generate a challenge code, and transmits the generated challenge code to the mobile terminal 1 . After that, the control unit 40 terminates this process.
At S34, the control unit 10 of the mobile terminal 1 receives the challenge code.
In S35, the control unit 10 (face image acquisition/collation unit 18) acquires a face image. The control unit 10 acquires the face image of the user by activating the in-camera 34a and allowing the user to photograph his/her own face.

In S<b>36 , the control unit 10 (face image acquisition/collation unit 18 ) collates the acquired face image of the user with the collation image stored in the collation image storage unit 32 . The image collation processing for collating the images may be of the same logic as that performed by the personal authentication server 4 in personal identification. The control unit 10 calculates, for example, the degree of matching between the face image and the matching image as a score in the image matching process.
In S37, the control unit 10 (face image acquisition/collation unit 18) determines whether or not the collation was successful. For example, when the score is equal to or greater than the threshold, the control unit 10 determines that matching has been completed. If it is determined that the collation was successful (S37: YES), the control unit 10 shifts the process to S38. On the other hand, if it is determined that the collation was not successful (S37: NO), the control unit 10 shifts the process to S39.

In S<b>38 , the control unit 10 (verification result transmission unit 19 ) signs the challenge code received in S<b>34 with the secret key stored in the key storage unit 33 . After that, the control unit 10 shifts the process to S40 in FIG.
On the other hand, in S<b>39 , the control unit 10 outputs an authentication error message to the touch panel display 35 . After that, the control unit 10 shifts the process to FIG. 4 and ends this process.

In S<b>40 of FIG. 9 , the control unit 10 (verification result transmission unit 19 ) transmits the signed data to the personal authentication server 4 .
At S41, the control unit 40 of the personal authentication server 4 receives the signed data.
At S<b>42 , the control unit 40 performs signature verification processing using the public key stored in the key storage unit 53 . If the signature verification is successful using the public key, the control unit 40 determines that the person has been authenticated.

In S43, the control unit 40 determines whether or not signature verification has been completed. If the signature verification is successful (S43: YES), the control unit 40 shifts the process to S44. On the other hand, if the signature could not be verified (S43: NO), the control unit 40 terminates this process.
In S<b>44 , the control unit 40 (service use permission unit 44 ) transmits the signature verification result to the mobile terminal 1 . After that, the control unit 40 terminates this process.

In S45, the control unit 10 of the mobile terminal 1 determines whether or not the signature verification result has been received. If the signature verification result has been received (S45: YES), the control unit 10 shifts the process to S46. On the other hand, if the signature verification result has not been received (S45: NO), the control unit 10 shifts the process to S49. Note that the control unit 10 may determine that the signature verification result has not been received if the signature verification result is not received within a predetermined time after the signed data is transmitted (S40).
In S46, the control unit 10 (service processing unit 20) performs service processing with the service providing server 7 corresponding to the transaction application 31a. After that, the control unit 10 shifts the process to FIG. 4 and ends this process.

On the other hand, in S<b>49 , the control unit 10 outputs to the touch panel display 35 that there is an authentication error. After that, the control unit 10 shifts the process to FIG. 4 and ends this process.

Thus, according to this embodiment, the personal authentication system 100 has the following effects.
(1) Store a face image acquired in identity verification in the mobile terminal 1, and use the stored face image for verification in identity verification performed each time the service is used. Therefore, biometric information, which is a face image used for personal authentication, is not transmitted to the communication network N, and security can be improved. In other words, the security can be enhanced by performing the identity verification process and the identity authentication process as a series of processes or as continuous processes. In addition, for personal authentication, the facial image that is used as the reference for verification is not acquired again, but the facial image acquired for personal identification is diverted. It can be made convenient.

(2) In particular, in the processing of identity authentication for online transactions at financial institutions, the conventional password authentication is being replaced by biometric authentication in order to further improve convenience and security. In biometric authentication, for example, when matching is performed using a face image, the face image used as the matching source is an image held only inside the mobile terminal 1 rather than being output (or transmitted) to the outside as much as possible. is preferred. In biometric authentication, when registering the biometric information of the person, the person's data such as a face image is not used, and security can be maintained in a stronger environment.
(3) The face image obtained in identity verification is stored in the portable terminal 1 as an image for verification at the time of identity verification when the identity verification is successful. Therefore, the act of storing the face image can be performed only at the beginning of personal authentication.

(4) Since the mobile terminal 1 transmits to the personal authentication server 4 the verification result of the personal authentication signed with the private key, the security can be further improved.
(5) The personal authentication server 4 sends the challenge code to the mobile terminal 1, and the mobile terminal 1 sends the verification result of the challenge code signed with the private key to the personal authentication server 4. Therefore, the personal authentication server 4 , the identity of the mobile terminal 1 that performs personal authentication can be ensured, and security is improved.

Although the embodiments of the present invention have been described above, the present invention is not limited to the above-described embodiments. Moreover, the effects described in the embodiments are merely enumerations of the most suitable effects produced by the present invention, and the effects of the present invention are not limited to those described in the embodiments. The above-described embodiments and modifications described later can be used in combination as appropriate, but detailed description thereof will be omitted.

(deformed form)
(1) In the present embodiment, an example has been described in which a face image acquired by a mobile terminal during identity verification is used as an image for verification during identity verification, but the present invention is not limited to this. A facial photograph image obtained from an identity verification image acquired by the portable terminal when identity verification is performed may be used as an image used for verification during identity verification. However, the face image acquired by the mobile terminal during identity verification is an image taken using the same in-camera as the face image acquired during identity verification, and both are acquired under similar shooting conditions. image. Therefore, there is a possibility that the face image acquired by the mobile terminal when verifying the person's identity will have better accuracy during matching.
(2) In the present embodiment, as the process of identity verification, the identity verification server compares the face photograph image obtained from the identity verification document with the face image. Illustrated but not limited to. Other confirmation processes may be included as the personal identification process.

(3) In the present embodiment, an example has been described in which the personal identification image processing performed in the personal identification processing is performed only by the portable terminal 1, but the present invention is not limited to this. As the identity verification image processing, part of the processing using the identity verification documents may be performed by the identity verification server.
Specifically, the identity verification processing unit of the identity verification server receives the identity verification image obtained by photographing the driver's license from the portable terminal. Then, the identity verification processing unit of the identity verification server converts the characters included in the identity verification document into text by OCR (optical character recognition). After that, the personal identification processing unit transmits the text string to the mobile terminal. The personal identification unit of the mobile terminal receives the character string converted into text and causes the touch panel display to display the character information. Note that the mobile terminal may have a function of correcting the displayed character information. The character information acquired from the personal authentication server can be transmitted to the service providing server, for example, when the personal identification is completed.
By performing such processing, it is possible to save the trouble of the user inputting the name and the like required when the user uses the service, by using textual character information. In addition, by making it possible to correct the received text information on a mobile terminal, even if there is a conversion error or the name or address listed on the identity verification document is changed, only the changed part can be changed. It can be made easy and convenient.

(4) Various services are applicable to personal identification and personal authentication services in this embodiment. For example, in the case of banking business, it can be used for account opening and account linking processing, cash withdrawal processing using an ATM, and the like. As for those using ATMs, personal authentication is performed on a mobile terminal, and when the authentication is completed, a QR code (registered trademark) is displayed and read by the ATM, so that the mobile terminal can be used as a cash card. can be done. In addition, when an agent performs work on behalf of the person at the counter, the agent can receive information that proves that the person has authenticated the person, without preparing a power of attorney in advance. done.

1 portable terminal 3 driver's license 4 personal authentication server 7 service providing server 10, 40 control unit 12 personal identification unit 13 image acquisition unit 14 personal identification request unit 15 personal identification unit 16a image storage processing unit 16b key processing unit 17 request transmission unit 18 face image acquisition/collation unit 19 verification result transmission unit 20 service processing unit 30, 50 storage unit 31a transaction application 31b identity verification application 31c identity verification application 32 verification image storage unit 33, 53 key storage unit 34 camera 35 touch panel display 41 identity verification Processing unit 42 Key reception processing unit 43 Code generation transmission unit 44 Service use permission unit 100 Personal authentication system

Claims (7)

an authenticator equipped with an imaging unit owned by a user;
a personal authentication server communicably connected to the authenticator;
A personal identification system comprising
The authenticator is
A face photograph image included in an identity verification image, which is an image of an identity verification document, acquired via the photographing unit, in identity verification of a user performed when no image is stored in the collation image storage unit; At least one of the face photograph image and the face image acquired at the time of the identity verification when the identity verification using the face image, which is the image of the face of the possessor of the identity verification document, is successful. an image storage processing means for storing the matching image in the matching image storage unit;
At the time of using the service when the image is stored in the collation image storage unit , the face image of the service user is obtained through the photographing unit and collated with the collation image stored in the collation image storage unit. face image matching means;
a matching result transmitting means for transmitting a matching result obtained by the face image matching means to the personal authentication server;
with
The personal authentication server comprises permission means for permitting use of the service based on the verification result;
A personal identification system characterized by In the personal authentication system according to claim 1,
The authenticator is
a key generation means for generating a key pair consisting of a private key and a public key;
a key transmission means for transmitting the public key included in the key pair generated by the key generation means to the personal authentication server;
with
The verification result transmission means transmits the verification result signed with the private key included in the key pair generated by the key generation means,
The personal authentication server is
comprising key storage means for receiving the public key and storing it in a storage unit;
The permitting means verifies the signature of the received collation result with the public key stored in the key storage means, and permits the use of the service if the signature can be verified.
A personal identification system characterized by In the personal authentication system according to claim 2,
The authenticator comprises request transmission means for transmitting a usage start request to the personal authentication server,
The personal authentication server comprises code transmission means for transmitting a challenge code generated using a random number in response to receiving the usage start request,
the verification result transmission means of the authenticator transmits the verification result in which the challenge code is signed with the private key when the face image verification means succeeds in verification;
A personal identification system characterized by An authenticator possessed by a user and equipped with a photographing unit,
A face photograph image included in an identity verification image, which is an image of an identity verification document, acquired via the photographing unit, in identity verification of a user performed when no image is stored in the collation image storage unit; At least one of the face photograph image and the face image acquired at the time of the identity verification when the identity verification using the face image, which is the image of the face of the possessor of the identity verification document, is successful. an image storage processing means for storing the matching image in the matching image storage unit;
At the time of using the service when the image is stored in the collation image storage unit , the face image of the service user is obtained through the photographing unit and collated with the collation image stored in the collation image storage unit. face image matching means;
a matching result transmitting means for transmitting a matching result to a personal authentication server connected in a communicable manner and performing personal authentication when the face image matching means is successful in matching;
to provide
An authenticator characterized by An authenticator possessed by a user and equipped with a photographing unit,
A face photograph image included in an identity verification image, which is an image of an identity verification document, acquired via the photographing unit, in identity verification of a user performed when no image is stored in the collation image storage unit; At least one of the face photograph image and the face image acquired at the time of the identity verification when the identity verification using the face image, which is the image of the face of the possessor of the identity verification document, is successful. an image storage processing means for storing the matching image in the matching image storage unit;
At the time of using the service when the image is stored in the collation image storage unit , the face image of the service user is obtained through the photographing unit and collated with the collation image stored in the collation image storage unit. face image matching means;
means for generating a two-dimensional code to be read by an ATM instead of the user's cash card and outputting it to a display unit when the matching by the face image matching means is successful;
to provide
An authenticator characterized by A computer possessed by a user and equipped with a photographing unit,
A face photograph image included in an identity verification image, which is an image of an identity verification document, acquired via the photographing unit, in identity verification of a user performed when no image is stored in the collation image storage unit; At least one of the face photograph image and the face image acquired at the time of the identity verification when the identity verification using the face image, which is the image of the face of the possessor of the identity verification document, is successful. an image storage processing means for storing the matching image in the matching image storage unit;
At the time of using the service when the image is stored in the collation image storage unit , the face image of the service user is obtained through the photographing unit and collated with the collation image stored in the collation image storage unit. face image matching means;
a matching result transmitting means for transmitting a matching result to a personal authentication server connected in a communicable manner and performing personal authentication when the face image matching means is successful in matching;
program to function as An authentication device equipped with a photographing unit possessed by a user performs identity verification of a user when no image is stored in the collation image storage unit, and is an image of an identity verification document acquired through the photographing unit. Acquired at the time of the identity verification when the identity verification using the face photo image included in the identity verification image and the face image that is the face image of the person who possesses the identity verification document an image storage step of storing a collation image, which is at least one of the face photograph image and the face image, in the collation image storage unit;
The authenticator acquires the face image of the service user via the photographing unit when using the service when the image is stored in the collation image storage unit, and the face image stored in the collation image storage unit is obtained. a face image matching step of matching with a matching image;
a matching result transmission step in which the authentication device transmits the matching result obtained by the face image matching step to a personal authentication server that is communicatively connected to the authentication device and performs personal authentication;
including
including a permitting step in which the personal authentication server permits use of the service based on the verification result;
A personal authentication method characterized by:

Images