JP7426019B1 - Examination system, examination method, and program - Google Patents

Abstract

An object of the present invention is to provide a system that can accurately determine whether a user is an unauthorized person. [Solution] At least one of first terminal information, which is information regarding the user terminal, and first user attribute information, which is information regarding the attributes of the target user, is transmitted from a user terminal of a target user who is a user to be examined. a terminal information acquisition unit that acquires first biometric information, which is information regarding the target user's biological body, from the user terminal; A first determination result regarding a result of determining whether or not the second biometric information that is the same as or similar to the first biometric information is stored in the transaction database in which the second biometric information that is information about the first biometric information is stored. a determination result acquisition unit that acquires the determination result; and a determination unit that examines the target user based on at least one of the first terminal information and the first user attribute information and the first determination result. . [Selection diagram] Figure 2

Description

The present invention relates to an examination system, an examination method, and a program.

Conventionally, users access websites that provide various services on the Internet using IDs and passwords. However, a problem has arisen in which third parties use other users' IDs and passwords to gain unauthorized access to websites. Regarding this, Patent Document 1 describes a system that detects unauthorized access by a third party based on information on user operations.

JP2018-63728A

The system described in Patent Document 1 has a whitelist database that records information on the actions of users who accessed websites. The information on the user's actions includes, for example, information such as page transitions, the browser used by the user, the IP address, the type of terminal, and the OS. That is, the system creates a database of "user-likeness" by recording information on user actions. By referring to the whitelist database, the system denies access to the website if the system determines that the user accessing the website is not authorized to access the website.

In this way, the system described in Patent Document 1 uses information about the website based on specific parameters that can be obtained from any terminal device, such as information about the user's actions and information about the type of browser used by the user. Detect whether the user is authorized to access. Originally, the types of parameters that can be acquired differ depending on the terminal device and application software (hereinafter also referred to as "app"), and the accuracy of identifying the legitimacy of the user also differs for each parameter. Therefore, in the system described in Patent Document 1, unauthorized access is determined based on uniform parameters that can be obtained regardless of differences in terminal devices and applications used, so there is a risk that unauthorized access cannot be appropriately determined. There is a need for a system that can more appropriately determine fraudsters.

In view of the above problems, it is an object of the present invention to provide a system that can accurately determine whether a user is an unauthorized person.

The screening system according to one aspect of the present invention provides first terminal information, which is information related to the user terminal, and information related to attributes of the target user, from a user terminal of a target user, who is a user to be screened. a terminal information acquisition unit that acquires at least one of the attribute information; a biometric information acquisition unit that acquires first biometric information that is information regarding the biometric of the target user from the user terminal; It is determined whether or not the second biometric information that is the same as or similar to the first biometric information is stored in the transaction database that stores the second biometric information that is information regarding the biometrics of the user who performed each transaction. a determination result acquisition unit that acquires a first determination result regarding the result; and at least one of the first terminal information and the first user attribute information, and the first determination result to examine the target user. The examination department shall be equipped with an examination department.

In the screening method according to one aspect of the present invention, a computer obtains, from a user terminal of a target user who is a user to be screened, first terminal information that is information regarding the user terminal and information regarding attributes of the target user. acquiring at least one of first user attribute information; acquiring first biometric information that is information regarding the target user's biometrics from the user terminal; and performing each of a plurality of past transactions. A second biometric information related to a result of determining whether or not the second biometric information that is the same as or similar to the first biometric information is stored in the transaction database that stores the second biometric information that is information related to the biometric information of the user. obtaining a first determination result; and examining the target user based on at least one of the first terminal information and the first user attribute information, and the first determination result. do.

A program according to one aspect of the present invention is configured to transmit information to a computer from a user terminal of a target user who is a user to be examined, first terminal information that is information regarding the user terminal, and first terminal information that is information regarding attributes of the target user. acquiring at least one of the first user attribute information; acquiring first biometric information that is information regarding the biometric of the target user from the user terminal; and performing each of a plurality of past transactions. A first information regarding a result of determining whether or not second biometric information that is the same as or similar to the first biometric information is stored in a transaction database that stores second biometric information that is information related to the user's biometric information. acquiring a determination result; and examining the target user based on at least one of the first terminal information and the first user attribute information and the first determination result. .

According to the present invention, it is possible to provide a system that can accurately determine whether a user is an unauthorized person.

FIG. 1 is a diagram showing an example of the configuration of a screening system. FIG. 2 is a diagram illustrating an example of an overview of functional units and processing of the examination system. It is a diagram showing an example of the configuration of a transaction database D111. It is a diagram showing an example of the configuration of a terminal information database D112. It is a block diagram which shows the examination apparatus based on a modification. It is a diagram showing an example of an attribute database D113. It is a flowchart showing the processing procedure of the examination system. 1 is a diagram showing an example of a hardware configuration of a computer.

EMBODIMENT OF THE INVENTION Below, the examination system in one embodiment of this invention is demonstrated in detail with reference to drawings. However, the embodiments described below are merely examples, and there is no intention to exclude the application of various modifications and techniques not specified below. That is, the present invention can be implemented by various modifications or combinations of the embodiments without departing from the spirit thereof. In addition, in the description of the drawings below, the same or similar parts are denoted by the same or similar symbols.

===Outline of screening system 10===
＜＜Configuration＞＞
An overview of the configuration of the examination system 10 will be described with reference to FIG. 1. FIG. 1 is a diagram showing an example of the configuration of the examination system 10.

The screening system 10 is a system that can prevent businesses from providing services to fraudulent parties. The screening system 10, for example, identifies the user's user terminal 300 based on information that can identify the user's user terminal 300 (hereinafter referred to as "terminal information") and information regarding the user's biological body (hereinafter referred to as "biometric information"). By examining whether or not a person is a fraudster, a business operator is prevented from providing services to a fraudster.

As shown in FIG. 1, the screening system 10 may include, for example, a screening device 100, a business operator device 200, and a user terminal 300.

The screening device 100 is, for example, a device that screens whether or not a user is suspected of being a fraudster based on terminal information and biometric information. Note that hereinafter, for convenience, the target user who is examined as to whether or not he or she is an unauthorized person will be referred to as the "target user." The examination device 100 transmits and receives various information between the user terminal 300 and the operator device 200.

The terminal information includes, for example, an IP address, a MAC address, terminal identification information generated based on the OS (Operating System) of the terminal, and terminal identification information generated based on the history of the user's operation of the terminal.

The biometric information is, for example, information unique to living things such as a face image, information indicating a fingerprint, information indicating an iris, information indicating a voiceprint, information indicating a vein, and the like.

The operator device 200 is a terminal device of an operator that provides a predetermined service to a target user. The business operator device 200 obtains the examination result of whether or not the target user is suspected of being a fraudster using the examination device 100 . The business operator device 200 transmits and receives various information to and from the examination device 100, for example.

The user terminal 300 is a terminal device operated by a target user. For example, the user terminal 300 generates various information by receiving operation input from the target user. The user terminal 300 transmits, for example, the target user's biometric information. The user terminal 300 transmits and receives various information to and from the examination device 100 and the operator device 200.

Here, the screening device 100 and the operator device 200 may include, by way of example and not limitation, a cloud computer, a server computer, a personal computer (e.g., desktop, laptop, tablet, etc.), a media computer platform (e.g., cable, satellite set-top, etc.). It may be a handheld computer device (e.g., PDA, email client, etc.), or other type of computer or communication platform. Note that at least a part of the processing in the examination device 100 and the operator device 200 may be realized by one or more computers (as an example and not a limitation, cloud computing configured by one or more computers), It doesn't have to be that way.

The user terminal 300 may also include, for example, a smartphone, a mobile phone (feature phone), a personal computer (e.g., desktop, laptop, tablet, etc.), a media computer platform (e.g., cable, satellite set-top box, digital video recorder, etc.), It may be a handheld computing device (e.g., a personal digital assistant (PDA), an email client, etc.), a wearable terminal (e.g., a glasses-like device, a watch-like device, etc.), another type of computer, or a communication platform.
<<Processing>>

An overview of the processing of the examination system 10 will be explained with reference to FIG. 2. FIG. 2 is a diagram showing an example of an overview of the functional units and processing of the examination system 10.

In step S10, the user terminal 300 of the target user sends, for example, terminal information (hereinafter referred to as “target terminal information”) and biometric information of the target user (hereinafter referred to as “target biometric information”) to the operator device 200. Send.

In step S11, the business operator device 200 transmits a screening request to the screening device 100, with target terminal information and target biometric information attached thereto, for example. Note that the business operator device 200 may send the examination request with further information regarding the user's attributes (hereinafter referred to as "user attribute information").

In step S12, the examination device 100 may, for example, identify a biometric feature amount (hereinafter referred to as "biometric feature amount") from the acquired target biometric information. The examination device 100 refers to a transaction database D111 (described later) in which biometric features of users who have made transactions in the past are stored, and obtains the acquired biometric features of the target user (hereinafter referred to as "target biometric features"). ) is stored. Hereinafter, the result of determining whether there is a biometric feature similar to the target biometric feature will be referred to as a "first determination result."

In step S13, for example, if it is determined that similar biometric features are stored, the examination device 100 refers to the transaction database D111 and identifies past transactions associated with the similar biometric features. . Then, the examination device 100 identifies information that can identify the identified past transaction (hereinafter referred to as "transaction identification information").

Here, when at least one transaction identification information is specified, the examination device 100 refers to a terminal information database D112, which will be described later, in which transaction identification information and terminal information are stored in association with each other, and identifies the specified transaction identification information. Identify the terminal information associated with the information. Then, the examination device 100 determines whether the specified terminal information and the target terminal information match or are similar. Hereinafter, the result of determining whether the specified terminal information and the target terminal information match or are similar will be referred to as a "second determination result."

The specified terminal information and the target terminal information are the same, for example, it means that the terminal information such as the IP address and the MAC address that can uniquely identify the terminal device is the same.

The similarity between the identified terminal information and the target terminal information means, for example, that the identification code of the terminal information specified by the parameters related to the operation of the terminal device by the user, the parameters related to the browser, etc. and the identification code of the target terminal information are similar. This refers to a case where the difference is within a predetermined range.

In addition, when at least one transaction identification information is specified, the screening device 100 replaces the above terminal information with a user attribute whose user attribute information of the target user is stored in a predetermined database based on the user attribute information. It may be determined whether the information matches or is similar.

In step S14, the examination device 100 examines whether the target user is suspected of being a fraudster based on the first determination result and the second determination result.

That is, the screening device 100 identifies past transactions based on at least the target user's biometric information (user attribute information may also be used), and identifies the target user based on the terminal information related to the identified past transaction. Examine whether there is a suspicion that the person is a fraudster.

In step S15, the screening device 100 transmits the screening results (hereinafter referred to as “screening results”) to the business operator device 200.

For example, if the identified terminal information and the target terminal information acquired from the user terminal 300 are the same or similar, the screening device 100 transmits the screening result indicating that the target user is unlikely to be a fraudster to the operator device. Send to 200.

Thereby, the screening system 10 can provide a service that allows the business operator to appropriately determine whether or not to provide the service to the target user based on the screening result indicating whether the target user is likely to be a fraudster. .

Note that in step S13, the examination device 100 has been described as specifying the transaction identification information associated with the biometric feature when it is determined that a similar biometric feature is stored, but the present invention is not limited to this.

For example, when there is a similar biometric feature, the screening device 100 converts information associated with the biometric feature that can identify the biometric feature (hereinafter referred to as "user biometric identification information") into transaction identification information. It may be specified by changing. In this way, the screening system 10 can speed up processing by managing each similar biometric feature using the same identification information (at least one of transaction identification information and user biometric identification information). .

=== Examination device 100 ===
The functional configuration of the examination device 100 will be described with reference to FIG. 2. As shown in FIG. 2, the examination device 100 includes, for example, a storage section 110, an information acquisition section 120, a feature amount calculation section 130, a similarity calculation section 140, a biological information determination section 150, and a first determination result. The functional units may include an acquisition unit 151, a terminal information determination unit 160, a second determination result acquisition unit 161, and an examination unit 170. The functional unit is, for example, a function realized by the processor 1001 reading a program stored in the memory 1002.

The storage unit 110 stores, for example, a transaction database D111 and a terminal information database D112.

An example of the transaction database D111 will be described with reference to FIG. 3. FIG. 3 is a diagram showing an example of the configuration of the transaction database D111.

As shown in FIG. 3, the transaction database D111 may include, for example, items such as [transaction identification information], [user biometric feature amount], and [user biometric identification information]. [Transaction identification information] is an item in which an identification code that uniquely identifies a user's past transaction is stored. [User biometric feature amount] is an item in which the user biometric feature amount of the user is stored. [User biometric identification information] is an item in which an identification code that identifies each of the user's biometric features is stored. [User biometric identification information] is set with the same identification code when it is estimated that the user biometric features belong to the same user. That is, in the transaction database D111, the same identification code is set in the [user biometric identification information] item related to the [user biometric feature amount] item of each similar biometric feature amount.

An example of the terminal information database D112 will be described with reference to FIG. 4. FIG. 4 is a diagram showing an example of the configuration of the terminal information database D112.

As shown in FIG. 4, the terminal information database D112 may include, for example, items such as [terminal information], [transaction identification information], and [user biometric identification information]. [Terminal information] is an item in which terminal information that can identify a user terminal is stored. [Transaction identification information] is an item linked to [transaction identification information] of the transaction database D111, and is an item in which an identification code that uniquely identifies a user's past transaction is stored. [User biometric identification information] is an item linked to [User biometric identification information] of the transaction database D111, and is an item in which an identification code for identifying each of the user's biometric features is stored.

The examination device 100 can identify terminal information in the terminal database D112 that is related to transaction identification information and user biometric identification information in the transaction database D111.

The information acquisition unit 120 (terminal information acquisition unit, biological information acquisition unit) acquires terminal information from the user terminal 300 of the target user, for example. Further, the information acquisition unit 120 acquires target biometric information (first biometric information) of the target user from the user terminal 300 of the target user, for example.

The feature calculation unit 130 calculates the target biometric feature of the target user based on the target biometric information. Hereinafter, as an example, a method of calculating a biometric feature when the biometric information is a face image will be described. Note that the feature amount calculation unit 130 is also capable of calculating biometric feature amounts for fingerprints, voiceprints, etc. using existing methods.

Specifically, the feature value calculation unit 130 generates a reduced image by reducing the size of the face image by a certain ratio, for example. Next, the feature calculation unit 130 creates a plurality of reduced images in which face areas and non-face areas are distinguished. Then, the feature amount calculation unit 130 merges the plurality of face regions and the plurality of non-face regions to generate a processed image for calculating the feature amount.

Then, the feature amount calculation unit 130 identifies a plurality of candidates for facial feature points such as eyes and corners of the mouth in the processed image. The one most suitable as a feature point from among the identified plurality of feature point candidates is set as each feature point. The feature amount calculation unit 130 calculates the normalized position of the feature point in the face area and the size of the face area as the target biological feature amount based on the set feature point.

The similarity calculation unit 140 refers to the transaction database D111 and calculates the degree of similarity between the user biometric feature stored in the transaction database D111 and the target biometric feature calculated based on the target biometric information of the target user (hereinafter , "similarity"). For example, the similarity calculation unit 140 may calculate the reciprocal of the difference between the user biometric feature and the target biometric feature as the similarity. In this case, the greater the degree of similarity, the more similar the two pieces of biometric information are.

The biometric information determining unit 150 determines whether biometric information that is the same as or similar to the target biometric information is stored in the transaction database D111 based on the degree of similarity. Specifically, if there is biometric information whose similarity to the target biometric information is calculated to be equal to or greater than a predetermined threshold value among the biometric information stored in the transaction database D111, the biometric information determining unit 150 determines whether the biometric information is It is determined that the user is the same as the target user of the target biometric information. That is, the biometric information determining unit 150 determines that biometric information that is the same as or similar to the target biometric information exists in the transaction database D111. Hereinafter, for convenience, biometric information that is the same as or similar to the target biometric information in the biometric information determining unit 150 will be referred to as "same estimated biometric information."

Note that when determining that the same presumed biometric information exists in the transaction database D111, the biometric information determination unit 150 associates the transaction identification information and user biometric identification information related to the same presumed biometric information with the target biometric information, and performs the transaction. It may also be stored in the database D111. Thereby, the examination system 10 can enrich the database that can be used for subsequent processing, thereby increasing the accuracy of examination.

The first determination result acquisition unit 151 acquires the first determination result determined by the biological information determination unit 150. Specifically, when the biometric information determining unit 150 determines that the same presumed biometric information is stored in the transaction database D111, the first determination result acquisition unit 151 acquires transaction identification information related to the same presumed biometric information. (hereinafter referred to as "same transaction identification information") is obtained as the first determination result. That is, when the examination device 100 acquires transaction identification information from the biometric information determination unit 150, it determines that the same estimated biometric information exists in the transaction database D111. Thereby, the examination system 10 can suppress the amount of processing by acquiring the same transaction identification information as the first determination result, instead of transmitting and receiving the content determined by the biometric information determination unit 150.

In addition, when the biometric information determining unit 150 determines that the same estimated biometric information is stored in the transaction database D111, the first determination result acquisition unit 151 provides user biometric identification information (hereinafter referred to as user biometric identification information) related to the same estimated biometric information. , "same user biometric identification information") may be obtained as the first determination result. As a result, the screening system 10 can perform screening using user biometric identification information that can uniquely identify biometric information as a key, and thus can accurately and quickly identify users.

In addition, when the biometric information determining unit 150 determines that the same estimated biometric information is not stored in the transaction database D111, the first determination result acquisition unit 151 determines that biometric information similar to the target biometric information is stored in the transaction database D111. A first determination result indicating that the information is not stored may be obtained. This makes it possible for the screening system 10 to terminate the screening process when the same presumed biometric information is not stored (for example, when the target user has never made a transaction in the past), making the process more efficient. It is possible to aim for In this case, the screening device 100 transmits a screening result indicating that the same presumed biometric information could not be identified to the business entity device 200.

The terminal information determining unit 160 determines whether the target terminal information and the terminal information stored in the terminal information database D112 match or are similar. Specifically, when the biometric information determining unit 150 determines that the same estimated biometric information is stored in the transaction database D111, the terminal information determining unit 160 refers to the terminal information database D112 to determine whether the same transaction identification information is stored in the transaction database D111. Identify transaction identifiers that match. Then, the terminal information determination unit 160 identifies terminal information related to the identified transaction identification information. The terminal information determining unit 160 determines whether the specified terminal information (hereinafter referred to as "specific terminal information") and the target terminal information match or are similar. This allows the screening system 10 to perform screening based on terminal information in addition to biometric information, thereby making it possible to more accurately determine fraudsters.

Note that the terminal information determination unit 160 uses the same user biometric identification information instead of the same transaction identification information, refers to the terminal information database D112, and determines whether the specific terminal information and the target terminal information match or are similar. It may be determined whether

The second determination result acquisition unit 161 acquires the second determination result determined by the terminal information determination unit 160. Specifically, when the terminal information determining unit 160 determines that the specific terminal information and the target terminal information match or are similar, the second determination result acquisition unit 161 obtains a second determination result indicating that the specific terminal information and the target terminal information match or are similar. get. Further, when the terminal information determining unit 160 determines that the specific terminal information and the target terminal information match or are not similar, the second determination result acquisition unit 161 acquires a second determination result indicating that they do not match or are similar. do.

The examination unit 170 examines the target user based on the first determination result and the second determination result. The screening unit 170 transmits the screening results, which are the screening results, to the operator device 200.

The examination result may be, for example, information indicating the contents of each of the first determination result and the second determination result. Specifically, the examination results indicate that the same estimated biometric information is stored in the transaction database D111 in the first determination result, and that the specific terminal information and target terminal information match or are similar in the second determination result. It may also be information indicating that there is no match or similarity. Thereby, the screening system 10 allows the business operator to freely determine whether or not the person is a fraudster.

Further, the examination result may be information indicating the degree of possibility that the target user is an unauthorized person. Thereby, the screening system 10 can provide easier-to-understand information to the business operator who is determining whether or not the person is a fraudster, thereby improving convenience for the business operator.

Note that the functional units of the feature amount calculation unit 130, similarity calculation unit 140, and biological information determination unit 150 described above may be provided in a device (not shown) different from the examination device 100. In this case, for example, the screening system 10 transmits the biometric information to the different device so that the screening device 100 can access the transaction database D111 (stored in the different device in this case) from the different device. The transaction identification information is configured to obtain identical transaction identification information identified based on the transaction identification information.

==Modified example of examination device 100==
Referring to FIG. 5, an examination device 100a according to a modification will be described. FIG. 5 is a configuration diagram showing an examination device 100a according to a modification. Hereinafter, only the configurations that are different from the examination apparatus 100 shown in FIG. 1 will be described, and unless otherwise mentioned, the examination apparatus 100a is assumed to be the same as the examination apparatus 100 shown in FIG. 1.

<<First modification example>>
As shown in FIG. 5, the examination device 100a may further include functional units such as a storage unit 110 that further includes an attribute database D113, and an attribute information determination unit 180.

In comparison with the screening device 100, the screening device 100a further uses attribute information of the object user to determine whether or not the object user is an unauthorized person.

The attribute database D113 will be explained with reference to FIG. FIG. 6 is a diagram showing an example of the attribute database D113. As shown in FIG. 6, the attribute database D113 may include, for example, items such as [transaction identification information], [user biometric identification information], and [user attribute information]. [Transaction identification information] is an item linked to [transaction identification information] of the transaction database D111, and is an item in which an identification code that uniquely identifies a user's past transaction is stored. [User biometric identification information] is an item linked to [User biometric identification information] of the transaction database D111, and is an item in which an identification code for identifying each of the user's biometric features is stored. [User attribute information] is an item in which information regarding user attributes (hereinafter referred to as "user attribute information") is stored.

The user attribute information is information including, for example, the user's name, address, telephone number, family structure, age, occupation, and the like.

The information acquisition unit 120 acquires user attribute information regarding attributes of the target user (hereinafter referred to as “target user attribute information”) from the user terminal 300. Here, when the user terminal 300 receives the target user's operation input and acquires the target user attribute information, the user terminal 300 transmits the target user attribute information to the screening device 100.

The attribute information determining unit 180 determines whether or not the target user attribute information matches the user attribute information stored in the attribute database D113. The attribute information determining section 180 provides the determined result (hereinafter referred to as "third determination result") to the examining section 170a.

Specifically, when the biometric information determining unit 150 determines that the same estimated biometric information is stored in the transaction database D111, the attribute information determining unit 180 refers to the attribute information database D113 to determine whether the same transaction identification information is stored in the transaction database D111. Identify transaction identification information that matches (or user biometric identification information that matches the same user biometric identification information). Then, the attribute information determination unit 180 identifies user attribute information (hereinafter referred to as "specific user attribute information") associated with the identified transaction identification information (or the identified user biometric identification information). The attribute information determining unit 180 determines whether specific user attribute information (second user attribute information) and target user attribute information (first user attribute information) match.

In addition, the attribute information determination unit 180 determines that the same estimated biometric information is stored in the transaction database D111 in the biometric information determination unit 150, and that the specific terminal information and the target terminal information match in the terminal information determination unit 160. Alternatively, if it is determined that they are not similar, it may be determined whether the target user attribute information and the specific user attribute information in the attribute database D113 match. That is, the attribute information determination unit 180 determines that although the same or similar biometric information of the target user in a past transaction is stored in the transaction database D111, the terminal information in the past transaction and the target terminal information are different. If there is no match or similarity, further determination is made using attribute information. This allows the screening system 10 to perform screening based on attribute information in addition to biometric information and terminal information, thereby making it possible to more accurately determine fraudsters.

The examination unit 170a examines the target user based on the first determination result, and at least one of the second determination result and the third determination result. The screening unit 170a transmits the screening results to the operator's device 200. Specifically, the examination unit 170a may transmit information including contents indicated by each of the first determination result, the second determination result, and the third determination result to the operator device 200. Thereby, the screening system 10 allows the business operator to freely determine whether or not the person is a fraudster.

For example, the screening unit 170a determines that the first determination result indicates that the same estimated biometric information is stored in the transaction database D111, and the second determination result indicates that the specific terminal information and the target terminal information match or are similar. The screening result (hereinafter referred to as the “first screening result”) including the content shown and the third judgment result shows that the specific user attribute information and the target user attribute information match is sent to the operator device 200. You can also send it.

For example, the screening unit 170a determines that the first determination result indicates that the same estimated biometric information is stored in the transaction database D111, and the second determination result indicates that the specific terminal information and the target terminal information match or are similar. and the screening result (hereinafter referred to as “second screening result”) including the content in which the specific user attribute information and the target user attribute information were shown not to match in the third judgment result is sent to the operator device 200. You can also send it.

For example, the screening unit 170a may determine that the first determination result indicates that the same estimated biometric information is stored in the transaction database D111, and the second determination result indicates that the specific terminal information and the target terminal information do not match or are similar. The screening result (hereinafter referred to as the “third screening result”) including the content shown in the third judgment result that the specific user attribute information and the target user attribute information match is sent to the operator device 200. You can also send it.

For example, the screening unit 170a may determine that the first determination result indicates that the same estimated biometric information is stored in the transaction database D111, and the second determination result indicates that the specific terminal information and the target terminal information do not match or are similar. and the screening result (hereinafter referred to as the “fourth screening result”) including the content in which the specific user attribute information and the target user attribute information were shown not to match in the third judgment result is sent to the operator device 200. You can also send it.

<<Second modification example>>
As shown in FIG. 5, the examination device 100a may further include a functional section of a score specifying section 190.

The screening device 100a determines that the target user is a fraudster when information corresponding to the second screening result, third screening result, or fourth screening result is obtained compared to the screening device 100 or the first modification. Target users are screened by specifying a score that indicates their potential.

Note that if the screening device 100a receives an additional check request from the business device 200 by transmitting the second screening result, third screening result, or fourth screening result to the business device 200, the screening device 100a detects that the target user is fraudulent. A score indicating the possibility that the person is a person may be specified.

For example, when the second examination result, third examination result, or fourth examination result is obtained in the examination unit 170a, the score identification unit 190 determines the target user's information based on the current predetermined information regarding the user terminal 300 of the target user. Identify your score. That is, if the terminal information determining unit 160 determines that the target terminal information and the specific terminal information are not similar or similar, or if the attribute information determining unit 180 determines that the target user attribute information and the specific user attribute information If it is determined that they do not match, identify the target user's score.

For example, the score specifying unit 190 may specify the score based on location information indicating the location of the target user's user terminal 300 (for example, information indicating latitude and longitude). Specifically, the score identifying unit 190 refers to the attribute database D113 to identify the target user's address (which may be a point preset by the target user), and identifies the target user's address (or the target user's latest The score may be specified according to the difference between the position indicated by the position information of the user terminal 300 and the position indicated by the position information of the user terminal 300. As a result, the screening system 10 can identify a score that indicates that there is a high possibility that the target user is not the target user when the location where the target user is estimated to be normally located is far from the address of the user included in the attribute information. judge more accurately.

The examination unit 170a examines the target user based on the score specified by the score identification unit 190. The screening unit 170a transmits the screening results to the operator's device 200. Specifically, the screening unit 170a may transmit information including the score to the operator device 200. Thereby, the screening system 10 allows the business operator to freely determine whether or not the person is a fraudster.

For example, the screening unit 170a may transmit screening results indicating the screening content according to the score to the operator device 200. Specifically, the screening unit 170a transmits a screening result indicating "low" when the score is within the threshold range of 0 to 10 to the operator device 200, and when the score is within the threshold range of 11 to 20, for example. If the score is within the threshold range, an examination result indicating "pending" may be transmitted, and when the score is within the threshold range of 21 to 30, an examination result indicating "high" may be transmitted.

Furthermore, when the score specifying unit 190 specifies a score indicating, for example, "pending", the screening unit 170a transmits information that allows the target user to be authenticated by operation input by the target user to the user terminal 300 of the target user. Good too.

Specifically, the screening unit 170a transmits, for example, a URL (Uniform Resource Locator) by SMS (Short Message Service) as information that can authenticate the target user (hereinafter referred to as "authentication information"). The screening unit 170a acquires authentication information through the user terminal 300 when the target user performs a click operation on the URL. As a result, in the screening system 10, if an unauthorized person is operating the user terminal 300 using another person's account, it is possible to notify the true user of the account, and the true user can also operate the user terminal 300. When operating, it is possible to reliably confirm the authenticity of the user.

===Business equipment 200===
Next, the functional configuration of the operator's device 200 will be explained. As shown in FIG. 2, the business operator device 200 may include functional units such as a storage unit 210 and an information transmitting/receiving unit 220, for example. The functional unit is, for example, a function realized by the processor 1001 reading a program stored in the memory 1002. The storage unit 210 stores various information. The information transmitting/receiving unit 220 transmits and receives various information between the examination device 100 and the user terminal 300.
<<Modified example>>

The business operator device 200 may include the functions of the screening section 170 in the screening device 100 and the functional sections of the screening section 170a in the screening device 100a. That is, in the screening system 10, the business operator device 200 may obtain the first determination result, the second determination result, and the third determination result from the screening device 100, and screen the target user. In this case, the examination device 100 may transmit information indicating the first determination result, the second determination result, and the third determination result to the operator device 200. Thereby, the examination system 10 can suppress the processing load on the examination apparatus 100, thereby improving the efficiency of the processing.

===Configuration of user terminal 300===
Next, the functional configuration of the user terminal 300 will be explained. As shown in FIG. 2, the user terminal 300 may include functional units such as a storage unit 310, an information transmitting/receiving unit 320, and a display processing unit 330, for example. The functional unit is, for example, a function realized by the processor 1001 reading a program stored in the memory 1002. The storage unit 310 stores various information. The information transmitting and receiving unit 320 transmits and receives various information between the examination device 100 and the operator's device 200. The display processing unit 330 causes the display device 1007 to display various information acquired from the examination device 100, for example.

===Processing procedure of examination system 10===
Next, the processing procedure of the examination system 10 will be explained with reference to FIG. FIG. 7 is a flowchart showing the processing procedure of the examination system 10. FIG. 7 describes, as an example, a processing procedure in which a target user is examined based on biometric information, terminal information, and attribute information of the target user.

In step S<b>101 , the user terminal 300 of the target user transmits target terminal information, target biometric information, and target user attribute information to the operator device 200 .

In step S102, the business operator device 200 transmits target terminal information, target biometric information, and target user attribute information to the screening device 100. That is, the business operator device 200 requests the screening device 100 to screen the target user.

In step S103, the examination device 100 acquires target terminal information, target biometric information, and target user attribute information. The examination device 100 calculates target biometric features based on target biometric information. Note that the examination device 100 may acquire the target biometric feature amount from the business operator's device 200 instead of acquiring the target biometric information from the business operator's device 200. That is, the user terminal 300 of the target user may transmit the target biometric feature amount to the provider device 200.

In step S104, the examination device 100 calculates the degree of similarity between the target biometric feature and the biometric feature stored in the transaction database D111. The examination device 100 identifies the same estimated biometric information related to the biometric feature values that exhibit a degree of similarity that is greater than or equal to a predetermined threshold (first determination result).

In step S105, the examination device 100 refers to the transaction database D111 and identifies the same transaction identification information related to the same estimated biometric information.

In step S106, the examination device 100 refers to the terminal information database D112 and identifies specific terminal information related to the same transaction identification information.

In step S107, the examination device 100 determines whether the specific terminal information and the target terminal information match or are similar (second determination result).

In step S108, the examination device 100 refers to the attribute database D113 and determines whether the target user attribute information and the specific user attribute information related to the specific terminal information match (third determination result).

In step S109, the examination device 100 examines the target user based on the first determination result, the second determination result, and the third determination result.

In step S110, the screening device 100 transmits the screening results to the business operator device 200.

In step S111, the business operator device 200 transmits an additional check request to the screening device 100 based on the screening result. That is, if the business operator cannot determine whether or not the target user is a fraudster, the business operator can further request the screening device 100 to perform a screening.

In step S112, the screening device 100 specifies the target user's score based on various information (eg, location information, etc.) obtained from the target user's user terminal 300, for example, in response to the check request.

In step S113, the screening device 100 transmits the authentication information to the user terminal 300 of the target user if the identified score is within a predetermined threshold.

In step S114, the user terminal 300 accepts the target user's authentication operation and transmits the authentication result to the screening device 100.

In step S115, if the examination device 100 is able to confirm that the authentication result belongs to the target user, it transmits the examination result indicating that the target user is a valid user to the business operator device 200.

Thereby, the screening system 10 can provide the business operator with a mechanism that can confirm with high accuracy that the target user is not an unauthorized person.

===Hardware configuration===
With reference to FIG. 8, the hardware configurations of the examination device 100, the operator device 200, and the user terminal 300 will be described. FIG. 8 is a diagram showing an example of the hardware configuration.

As shown in FIG. 8, the computer 1000 includes a processor 1001, a memory 1002, a storage device 1003, an input I/F section 1004, a data I/F section 1005, a communication I/F section 1006, and a display device. Contains 1007.

Processor 1001 is a control unit that controls various processes in computer 1000 by executing programs stored in memory 1002.

The memory 1002 is, for example, a storage medium such as a RAM (Random Access Memory). The memory 1002 temporarily stores program codes of programs executed by the processor 1001 and data required when executing the programs.

The storage device 1003 is a nonvolatile storage medium such as a hard disk drive (HDD) or flash memory. The storage device 1003 stores an operating system and various programs for realizing each of the above configurations.

Input I/F unit 1004 is a device for receiving input from a user. Specific examples of the input I/F unit 1004 include a keyboard, mouse, touch panel, various sensors, wearable devices, and the like. Input I/F unit 1004 may be connected to computer 1000 via an interface such as a USB (Universal Serial Bus).

Data I/F unit 1005 is a device for inputting data from outside of computer 1000. A specific example of the data I/F unit 1005 is a drive device for reading data stored in various storage media. It is also conceivable that the data I/F unit 1005 is provided outside the computer 1000. In that case, data I/F unit 1005 is connected to computer 1000 via an interface such as USB.

The communication I/F unit 1006 is a device for performing wired or wireless data communication with a device external to the computer 1000 via the Internet N. It is also conceivable that the communication I/F unit 1006 is provided outside the computer 1000. In that case, the communication I/F unit 1006 is connected to the computer 1000 via an interface such as a USB.

The display device 1007 is a device for displaying various information. Specific examples of the display device 1007 include, for example, a liquid crystal display, an organic EL (Electro-Luminescence) display, a wearable device display, and the like. Display device 1007 may be provided outside computer 1000. In that case, display device 1007 is connected to computer 1000 via, for example, a display cable. Furthermore, when a touch panel is employed as the input I/F section 1004, the display device 1007 can be configured to be integrated with the input I/F section 1004.

===Summary===
<1> The screening system 10 according to the present embodiment collects, from the user terminal 300 of the target user who is the user to be screened, target terminal information (first terminal information) that is information regarding the user terminal 300 and attributes of the target user. An information acquisition unit 120 (user information acquisition unit) that acquires at least one of target user attribute information (first user attribute information) that is information about An information acquisition unit 120 (biometric information acquisition unit) that acquires biometric information (first biometric information) and biometric information (second biometric information) that is information regarding the biometrics of users who have conducted each of a plurality of past transactions are stored. Obtain a first determination result regarding the result of determining whether or not biometric information (second biometric information) that is the same as or similar to the target biometric information (first biometric information) is stored in the transaction database D111 that is being processed. The first determination result acquisition unit 151 (determination result acquisition unit), at least one of target terminal information (first terminal information) and target user attribute information (first user attribute information), and the first determination result. and a screening unit 170 that screens the target user based on the information. Thereby, the screening system 10 can provide a service that allows the business operator to appropriately determine whether or not to provide the service to the target user based on the screening result indicating whether the target user is likely to be a fraudster. .

<2> In the screening system 10 according to the present embodiment, the transaction database D111 stores biometric information (second biometric information), user biometric identification information that can identify information related to the user's biometrics, and a plurality of past transactions. The first judgment result acquisition unit 151 (judgment result acquisition unit) stores biometric information that is the same as or similar to the target biometric information (first biometric information) and at least one of the identifiable transaction identification information. (second biometric information) is stored in the transaction database D111, the same user biometric identification information (user biometric identification information) and the same transaction identification information ( A first determination result including at least one of the transaction identification information) is obtained. Thereby, the screening system 10 can speed up processing by managing each piece of similar biometric information using the same identification information (at least one of transaction identification information and user biometric identification information).

<3> In the examination system 10 according to the present embodiment, the information acquisition unit 120 (user information acquisition unit) acquires target terminal information (first terminal information), and the examination system 10 acquires target terminal information (first terminal information). A terminal information database that stores at least one of biometric identification information and transaction identification information in association with terminal information (second terminal information) that is information that can identify each user terminal 300 of the plurality of users. Based on D112, user biometric identification information and transaction identification information that match at least one of the same user biometric identification information (user biometric identification information) and the same transaction identification information (transaction identification information) included in the first determination result. Terminal information (second terminal information) related to at least one of the above, and whether the terminal information (second terminal information) and the target terminal information (first terminal information) match or are similar. The examination unit 170 examines the target user based on the first determination result and the second determination result regarding the result determined by the terminal information determination unit 160. This allows the screening system 10 to perform screening based on terminal information in addition to biometric information, thereby making it possible to more accurately determine fraudsters.

<4> In the examination system 10 according to the present embodiment, when the terminal information determination unit 160 determines that the target terminal information (first terminal information) and the terminal information (second terminal information) match or are not similar, The apparatus further includes a score specifying section 190 that specifies a score for the target user based on location information indicating the position of the user terminal 300 of the user, and the examining section 170 examines the target user based on the score. As a result, the screening system 10 can identify a score that indicates that there is a high possibility that the target user is not the target user when the location where the target user is estimated to be normally located is far from the address of the user included in the attribute information. judge more accurately. In addition, the screening system 10 can identify a score that is likely not to be the target user if the distance to the display unit in the method that the target user usually uses has a large discrepancy from the pre-registered distance. to judge more accurately.

<5> In the screening system 10 according to the present embodiment, the screening unit 170 determines the target user by accepting an operation input from the target user when the score specified by the score specifying unit 190 is within a predetermined threshold. Authenticable information is transmitted to the user terminal 300. As a result, in the screening system 10, if an unauthorized person is operating the user terminal 300 using another person's account, it is possible to notify the true user of the account, and the true user can also operate the user terminal 300. When operating, it is possible to reliably confirm the authenticity of the user.

<6> In the screening system 10 according to the present embodiment, the information acquisition unit 120 (user information acquisition unit) acquires target user attribute information (first user attribute information), and the screening system 10 In the attribute database D113, in which at least one of user biometric identification information and transaction identification information is stored in association with attribute information indicating the attributes of each of the plurality of users, the same user included in the first determination result is stored. Identify user attribute information (second user attribute information) related to at least one of biometric identification information (user biometric identification information) and same transaction identification information (transaction identification information), and target user attribute information (first user attribute information). and user attribute information (second user attribute information). The target user is examined based on the third determination result regarding the determined result. This allows the screening system 10 to perform screening based on attribute information in addition to biometric information, thereby making it possible to more accurately determine fraudsters.

<7> The examination system 10 according to the present embodiment includes a similarity calculation unit that calculates the degree of similarity between target biometric information (first biometric information) and biometric information (second biometric information) based on the transaction database D111. 140, and when the degree of similarity is equal to or greater than a predetermined threshold, it is determined that biometric information (second biometric information) that is the same as or similar to the target biometric information (first biometric information) is stored in the transaction database D111. The information determination unit 150 is further included. This allows the examination system 10 to efficiently execute the determination process.

<8> The examination system 10 according to the present embodiment further includes a feature calculation unit 130 that calculates a target biometric feature (first biometric feature) that is a feature of the target biometric information (first biometric information), The transaction database D111 stores biometric information (second biometric information) and biometric feature amount (second biometric feature amount) that is a feature amount of the biometric information (second biometric information) in association with each other, and stores the biometric information (second biometric information) in association with the biometric feature amount (second biometric feature amount). 140 calculates the degree of similarity between the target biometric feature (first biometric feature) and the biometric feature (second biometric feature). This allows the examination system 10 to efficiently execute the determination process.

DESCRIPTION OF SYMBOLS 10... Screening system, 100... Screening device, 110... Storage section, 120... Information acquisition section, 130... Feature amount calculation section, 140... Similarity calculation section, 150... Biological information judgment section, 151... First judgment result acquisition section , 160...Terminal information determination unit, 161...Second determination result acquisition unit, 170, 170a...Screening unit, 180...Attribute information determination unit, 190...Score identification unit, 200...Business operator device, 300...User terminal.

Claims (7)

a user information acquisition unit that acquires first terminal information that is information regarding the user terminal from a user terminal of a target user who is a user to be examined;
a biometric information acquisition unit that acquires first biometric information that is information related to the target user's biometric from the user terminal;
Whether the second biometric information that is the same as or similar to the first biometric information is stored in the transaction database that stores the second biometric information that is information about the biometrics of users who have conducted each of a plurality of past transactions. If it is determined that the second biometric information that is the same as or similar to the first biometric information is stored in the transaction database, the second biometric information is a determination result acquisition unit that acquires the first determination result including information regarding the information ;
In the terminal information database in which information regarding the second biometric information of each of a plurality of users and terminal information that is information that can identify each user terminal of the plurality of users are stored in association with each other, the first determination is performed. identifying second terminal information related to information regarding the second biometric information included in the results;
a terminal information determination unit that determines whether the first terminal information and the second terminal information match or are similar;
a score identifying unit that identifies a score for the target user based on location information indicating the location of the user terminal of the target user;
If the terminal information determining unit determines that the first terminal information and the second terminal information match or are similar, a second determination result regarding the first determination result and the result determined by the terminal information determining unit; Screening the target user based on,
If the terminal information determining unit determines that the first terminal information and the second terminal information do not match or resemble each other, a examining unit that examines the target user based on the score ;
A screening system equipped with If the score specified by the score specifying unit is within a predetermined threshold, the screening unit transmits information that can authenticate the target user to the user terminal by accepting an operation input by the target user. Send,
The examination system according to claim 1 . a similarity calculation unit that calculates a degree of similarity between the first biometric information and the second biometric information based on the transaction database;
a biometric information determination unit that determines that the second biometric information that is the same as or similar to the first biometric information is stored in the transaction database when the degree of similarity is greater than or equal to a predetermined threshold;
The examination system according to claim 1 or claim 2, further comprising:. further comprising a feature calculation unit that calculates a first biometric feature that is a feature of the first biometric information,
The transaction database stores the second biometric information and a second biometric feature that is a feature of the second biometric information in association with each other,
The similarity calculation unit calculates the degree of similarity between the first biometric feature and the second biometric feature.
The examination system according to claim 3 . a user information acquisition unit that acquires first user attribute information that is information regarding attributes of a target user who is a user to be examined;
a biometric information acquisition unit that acquires first biometric information that is information related to the target user's biological body from the target user's user terminal;
Whether the second biometric information that is the same as or similar to the first biometric information is stored in the transaction database that stores the second biometric information that is information about the biometrics of users who have conducted each of a plurality of past transactions. a determination result acquisition unit that acquires a first determination result regarding the result of determining whether the
The first determination result indicates that the second biometric information that is the same as or similar to the first biometric information is stored in the transaction database, and the first determination result that includes the second biometric information is When acquired by the judgment result acquisition unit,
In an attribute database in which user biometric information, which is information regarding the biometrics of each of a plurality of users, and attribute information indicating the attributes of each of the plurality of users are stored in association with each other, the first determination result included in the first determination result is 2. Identifying second user attribute information related to the biometric information,
an attribute information determination unit that determines whether the first user attribute information and the second user attribute information match;
a screening unit that screens the target user based on the first judgment result and a third judgment result regarding the result judged by the attribute information judgment unit;
A screening system equipped with The computer is
Obtaining first terminal information that is information regarding the user terminal from a user terminal of a target user who is a user to be examined;
acquiring first biometric information that is information regarding the target user's biometric from the user terminal;
Whether the second biometric information that is the same as or similar to the first biometric information is stored in the transaction database that stores the second biometric information that is information about the biometrics of users who have conducted each of a plurality of past transactions. If it is determined that the second biometric information that is the same as or similar to the first biometric information is stored in the transaction database, the second biometric information is Obtaining the first determination result including information regarding the information ;
In the terminal information database in which information regarding the second biometric information of each of a plurality of users and terminal information that is information that can identify each user terminal of the plurality of users are stored in association with each other, the first determination is performed. identifying second terminal information related to information regarding the second biometric information included in the results;
determining whether the first terminal information and the second terminal information match or are similar;
Identifying a score for the target user based on location information indicating the location of the user terminal of the target user;
When it is determined that the first terminal information and the second terminal information match or are similar, the first determination result and the result that the first terminal information and the second terminal information are determined to match or are similar; Examining the target user based on a second determination result regarding,
If it is determined that the first terminal information and the second terminal information do not match or resemble each other, examining the target user based on the score ;
Examination method to carry out. to the computer,
Obtaining first terminal information that is information regarding the user terminal from a user terminal of a target user who is a user to be examined;
acquiring first biometric information that is information regarding the target user's biometric from the user terminal;
Whether the second biometric information that is the same as or similar to the first biometric information is stored in the transaction database that stores the second biometric information that is information about the biometrics of users who have conducted each of a plurality of past transactions. If it is determined that the second biometric information that is the same as or similar to the first biometric information is stored in the transaction database, the second biometric information is Obtaining the first determination result including information regarding the information ;
In the terminal information database in which information regarding the second biometric information of each of a plurality of users and terminal information that is information that can identify each user terminal of the plurality of users are stored in association with each other, the first determination is performed. identifying second terminal information related to information regarding the second biometric information included in the results;
determining whether the first terminal information and the second terminal information match or are similar;
Identifying a score for the target user based on location information indicating the location of the user terminal of the target user;
When it is determined that the first terminal information and the second terminal information match or are similar, the first determination result and the result that the first terminal information and the second terminal information are determined to match or are similar; Examining the target user based on a second determination result regarding,
If it is determined that the first terminal information and the second terminal information do not match or resemble each other, examining the target user based on the score ;
A program to run.

Images