KR102353310B1 - Apparatus, method, computer-readable storage medium and computer program for privacy and security enhancement - Google Patents

Abstract

According to various embodiments, there is provided a method for protecting personal information and enhancing security executed by a device, the method comprising: acquiring image data corresponding to an identification card; obtaining a quick response (QR) code; transmitting the obtained image data and the obtained QR code to a server; receiving an authentication result of a user corresponding to the identification card from the server in response to transmitting the acquired image data and the acquired QR code to the server; storing a visit record of the user in response to receiving the user's authentication result; extracting photo data from the image data when authentication success information is included in the user's authentication result; and outputting the extracted photo data.

Description

Apparatus, method, computer-readable recording medium and computer program for protecting personal information and enhancing security

The present invention relates to an apparatus, a method, a computer-readable recording medium, and a computer program for protecting personal information and enhancing security.

In modern society, it can be said that it is common for a specific person to verify or keep the identity (or ID) of the other person for the purpose of security and rental property management or protection. For example, there are cases in which a person in charge of a security team or a building management department asks a visitor visiting a public institution or a specific building to present an ID to verify the visitor's identity and keeps the ID. In addition, to an applicant who applies for rental of a specific item (bicycle, book, or other equipment, etc.) or a specific place in a public facility or amusement facility, the person in charge of the relevant department requests the applicant's identification card and waits until the rental ends You may be able to keep your ID.

As described above, in the process of confirming or storing a specific person's identity (or identification card), there is a possibility of misuse of personal information, which may lead to legal problems such as violation of the Personal Information Protection Act. The process for supplementing these personal information protection and security vulnerabilities and enhancing security is called personal information protection and security enhancement process.

An embodiment of the present invention may provide an apparatus, method, computer-readable recording medium, and computer program for new personal information protection and security enhancement.

For example, it is possible to provide a new personal information protection and security enhancement technology that can minimize the risk of personal information exposure in the conventional identification process (identity card) and can easily confirm the personal identity (identity card).

However, the problems to be solved by the present invention are not limited to those mentioned above, and other problems to be solved that are not mentioned can be clearly understood by those of ordinary skill in the art to which the present invention belongs from the following description. will be.

According to an embodiment of the present invention, there is provided a method for protecting personal information and enhancing security executed by a device, the method comprising: acquiring image data corresponding to an identification card; obtaining a quick response (QR) code; transmitting the obtained image data and the obtained QR code to a server; receiving an authentication result of a user corresponding to the identification card from the server in response to transmitting the acquired image data and the acquired QR code to the server; storing a visit record of the user in response to receiving the user's authentication result; extracting photo data from the image data when authentication success information is included in the user's authentication result; and outputting the extracted photo data.

According to an embodiment of the present invention, there is provided a computer-readable recording medium storing a computer program, wherein the computer program, when executed by a processor, includes: acquiring image data corresponding to an identification card; obtaining a quick response (QR) code; transmitting the obtained image data and the obtained QR code to a server; receiving an authentication result of a user corresponding to the identification card from the server in response to transmitting the acquired image data and the acquired QR code to the server; storing a visit record of the user in response to receiving the user's authentication result; extracting photo data from the image data when authentication success information is included in the user's authentication result; and instructions for causing the processor to perform a method including outputting the extracted photo data.

According to an embodiment of the present invention, there is provided a computer program stored in a computer-readable recording medium, wherein the computer program, when executed by a processor, includes: acquiring image data corresponding to an identification card; obtaining a quick response (QR) code; transmitting the obtained image data and the obtained QR code to a server; receiving an authentication result of a user corresponding to the identification card from the server in response to transmitting the acquired image data and the acquired QR code to the server; storing a visit record of the user in response to receiving the user's authentication result; extracting photo data from the image data when authentication success information is included in the user's authentication result; and instructions for causing the processor to perform a method including outputting the extracted photo data.

According to an embodiment of the present invention, there is provided an apparatus for protecting personal information and enhancing security, comprising: a communication interface; display device; Memory; and using a scanning device or a camera device to acquire image data corresponding to an identification card, and a quick response (QR) code using the scanning device or the camera device to obtain the acquired image data and Transmitting the obtained QR code to the server, in response to transmitting the obtained image data and the obtained QR code to the server, the authentication result of the user corresponding to the identification card from the server using the communication interface receiving, in response to receiving the user's authentication result, storing the visit record of the user in the memory, and when authentication success information is included in the user's authentication result, extracting photo data from the image data, and a controller controlling the display device to output the extracted photo data.

The apparatus, method, computer readable recording medium and computer program for personal information protection and security enhancement according to various embodiments of the present invention minimize the risk of personal information exposure in the conventional identification process (identification card), It is possible to provide a new personal information protection and security enhancement technology that can easily verify the personal identity (identification card).

1 is a block diagram of a system for protecting personal information and enhancing security according to an embodiment of the present invention.
2 is a flowchart of an operation for protecting personal information and enhancing security according to an embodiment of the present invention.
3 is a flowchart of an operation for protecting personal information and enhancing security according to an embodiment of the present invention.
4 is a flowchart of an operation for protecting personal information and enhancing security according to an embodiment of the present invention.

First, the advantages and features of the present invention, and a method for achieving them will become clear with reference to the embodiments described below in detail in conjunction with the accompanying drawings. Here, the present invention is not limited to the embodiments disclosed below, but may be implemented in a variety of different forms, and only these embodiments allow the disclosure of the present invention to be complete, and are common in the technical field to which the present invention pertains. The technical scope of the present invention should be defined by the claims since it is provided by way of example so that those with knowledge can clearly understand the scope of the invention.

In addition, in the following description of the present invention, if it is determined that a detailed description of a well-known function or configuration may unnecessarily obscure the gist of the present invention, the detailed description thereof will be omitted. And, the terms to be described later are terms defined in consideration of functions in the present invention, which may vary depending on the intentions or customs of users, operators, etc., of course. Therefore, the definition should be made based on the technical idea described throughout this specification.

Hereinafter, preferred embodiments of the present invention will be described in detail with reference to the accompanying drawings.

1 is a block diagram of a system for protecting personal information and enhancing security according to an embodiment of the present invention.

Referring to FIG. 1 , the system may include a server 10 , a device 100 , and/or a terminal 1000 .

The server 10 may include a control unit 11 , a communication interface 13 , and a memory 15 (also referred to as a database).

The control unit 11 (also referred to as a control unit or control circuit) is at least one other component (eg, a hardware component (eg, the communication interface 13 and/or the memory 15) of the connected server 10) or software component) and can perform various data processing and operations.

The communication interface 13 may establish communication between, for example, the server 10 and an external device, for example, the device 100 . For example, the communication interface 13 may be connected to a network through wireless communication or wired communication to communicate with an external device.

The memory 15 may store personal information of one or more users. For example, the personal information may include information corresponding to an identification card. For example, the information corresponding to the identification card may include information corresponding to a resident registration card, information corresponding to a driver's license and/or information corresponding to a passport, etc., information included in various identification documents that can prove the user's identity. have. For example, the information corresponding to the resident registration card may include a name, resident registration number, photo, address information (residence), resident registration issuance date, resident registration issuance place, and/or fingerprint. For example, the information corresponding to the driver's license may include a driver's license number, name, resident registration number, address information, aptitude test period, photo, issuance date and/or issuance place. For example, the information corresponding to the passport may include a passport number, name, photo, issuing country, date of birth, gender, issuance date, expiration date, a user's signature and/or resident registration number.

The memory 15 may store one or more designated QR codes, barcodes and/or passwords.

The memory 15 may store iris information, fingerprint information, and/or voice information of one or more users (persons).

According to an embodiment, the controller 11 compares the received image data corresponding to the identification card with the personal information of one or more users pre-stored in the memory 15, the identification of the identification card corresponding to the received image data. authenticity can be determined.

For example, the control unit 11 may control whether a picture extracted from the received image data matches a picture stored in the memory, text information extracted from the received image data and text information stored in the memory (eg, the image data is a resident registration card) and, based on whether the name, resident registration number, photo, address information (residence), resident registration issuance date, and/or resident registration issuance location) match, it is possible to determine the authenticity of the identification card corresponding to the received image data. have.

According to an embodiment, the server 10 may be a server of a data management center (a government, a public institution, or an authorized management company) that manages personal information.

The device 100 may include a controller 101 , an input/output interface 103 , a display device 109 , a memory 111 , and/or a communication interface 113 .

The control unit 101 (also referred to as a control device, control circuit or processor) is configured to control at least one other component (eg, a hardware component (eg, a scan device 103 , a camera device 105 , a display device) of the connected device 100 . device 107, memory 109 and/or communication interface 111) or software components), and may perform various data processing and operations.

The input/output interface 103 transmits, for example, data or commands input from a user or other external device to other component(s) of the device 100 , or other component(s) of the device 100 . It is possible to output commands or data received from the user or other external device.

According to an embodiment, the input/output interface 103 may include a scan device 105 and/or a camera device 107 . The scanning device 105 (also referred to as a scanner) may optically recognize the image information and transmit it to the control unit 101 . The camera device 107 may capture still images and moving images. For example, the camera device 107 may include one or more image sensors and one or more lenses.

The display device 109 is a device for visually providing information to a user of the device 100 and includes, for example, a display (or touch screen), a hologram device, or a projector and a control circuit for controlling the device. can do.

The memory 111 stores various data, for example, used by at least one component of the device 100 (control unit 101, input/output interface 103, display device 109, and/or communication interface 113). For example, it may store input data or output data for software (eg, a program) and instructions related thereto. The memory 111 may include a volatile memory or a non-volatile memory.

The communication interface 113 may support establishment of a wired or wireless communication channel between the device 100 and an external device, for example, the server 10 and/or the terminal 1000, and performing communication through the established communication channel. have. For example, the communication interface 113 may include a wireless communication module (eg, a cellular communication module, a Wi-Fi communication module, a short-range wireless communication module, or a global navigation satellite system (GNSS) communication module) and/or a wired communication module (eg, LAN (local area network) including a communication module, or a power line communication module), and using a corresponding communication module among them, a first network (not shown) (eg, Bluetooth, WiFi direct, or short-range communication such as IrDA (infrared data association)) network) or a second network (not shown) (eg, a cellular network, the Internet, or a telecommunication network such as a computer network (eg, LAN or WAN)) via an external device, eg, the server 10 and/or It can communicate with the terminal 1000 .

According to an embodiment, although not shown, the device 100 may further include a fingerprint recognition sensor, an iris recognition sensor, and/or a microphone.

According to an embodiment, the controller 101 obtains image data corresponding to an identification card using the scanning device 105 or the camera device 107 and uses the scanning device 105 or the camera device 107 . to obtain a quick response (QR) code, and transmit the obtained image data and the obtained QR code to a server using the communication interface 113, and the obtained image data and the obtained QR code In response to the transmission to the server, a user's authentication result corresponding to the identification card is received from the server using the communication interface 113, and in response to receiving the user's authentication result, the user's visit record is stored. It is stored in the memory 111, and when authentication success information is included in the authentication result of the user, photo data is extracted from the image data, and the display device 109 is controlled to output the extracted photo data. can do.

For example, when authentication failure information is included in the user's authentication result, the control unit 101 controls to output information indicating that authentication of the user has failed through the display device 109 or a speaker (not shown). can

For example, when the user's authentication result includes information that the ID is genuine (information that the ID is normal) and authentication failure information for the QR code, the control unit 101 provides information to execute a predetermined additional authentication. It can be controlled to be output through the display device 109 or a speaker (not shown).

For example, when the user's authentication result includes information that the identification is fake (information that is abnormal) and authentication success information for the QR code, the control unit 101 provides information to execute a predetermined additional authentication. It can be controlled to be output through the display device 109 or a speaker (not shown).

For example, the predetermined additional authentication includes at least one of authentication through input of a predetermined password, authentication through the user's voice input, authentication through the user's fingerprint recognition, and authentication through the user's iris recognition may include

For example, in response to the output of the information to execute the predetermined additional authentication, authentication through input of the specified password, authentication through the user's voice input, authentication through the user's fingerprint recognition, and the user It is possible to sequentially perform authentication through iris recognition.

For example, the authentication result of the user may be determined by the obtained image data and the obtained QR code.

The terminal 1000 may be various electronic devices such as a smart phone, a smart watch, or a laptop computer.

2 is a flowchart of an operation for protecting personal information and enhancing security according to an embodiment of the present invention.

Referring to FIG. 2 , when identification of a specific person (hereinafter referred to as a user) is required, the device 100 that can scan the identification card does not need to present identification to the employee for identification (security). By placing it, the device 100 may automatically verify the identity of the user. For example, the device 100 scans the identification card and responds to the image data through communication with the server 10 of the data center that performs user authentication based on image data obtained according to the scan. You can check the authenticity of your ID. For example, when the device 100 confirms that the ID corresponding to the image data is genuine (normal), only the user's photo from the ID may be displayed on the display device of the device 100, Accordingly, the corresponding employee may check only the photo of the identification card, not all information on the identification card, to perform face comparison with the user.

In operation 201 , the device 100 (eg, the controller 101 of the device 100 ) may scan the user's ID.

According to an embodiment, the device 100 may scan the user's ID using a scanning device (eg, the scanning device 105 ).

In operation 203 , the device 100 may transmit image data obtained according to the scan to the server 10 .

According to an embodiment, the device 100 may transmit image data obtained according to the scan to the server 10 using a communication interface (eg, the communication interface 113 ).

In operation 205, the server 10 (eg, the controller 11 of the server 10) may store the image data.

According to an embodiment, the server 10 may receive the image data through a communication interface (eg, the communication interface 13), and store the received image data in a memory (eg, the memory 15). can

In operation 207 , the server 10 may perform user authentication based on the image data.

According to an embodiment, the server 10 may perform user authentication using the received image data based on personal information of one or more users stored in a memory (eg, the memory 15 ).

For example, the server 10 may check whether the user's personal information corresponding to the received image data and the corresponding user's personal information (the matching user's personal information) are included in the memory.

For example, the server 10 may determine (determine) the authenticity of the user's ID corresponding to the received image data based on the personal information of one or more users stored in the memory. The server 10 checks the information corresponding to the user's ID in the received image data, and compares the verified information with the user's personal information stored in the memory, whether the ID of the user is authentic can be decided For example, the server 10 compares and verifies the photo data pre-stored in the memory recorded when the user's ID card is issued and the photo data of the ID card included in the image data, to determine whether the ID card is authentic, that is, counterfeit. can decide

According to an embodiment, when it is determined that the user's ID corresponding to the received image data is genuine (normal), the server 10 may determine that the user authentication is successful.

According to an embodiment, when the user's personal information corresponding to the received image data and the corresponding user's personal information are not included in the memory, the server 10 may determine that the user authentication has failed.

According to an embodiment, when it is determined that the user ID corresponding to the received image data is fake (abnormal), the server 10 may determine that the user authentication has failed.

In operation 209 , the server 10 may transmit an authentication result according to the user authentication to the device 100 .

According to an embodiment, the server 10 may transmit the authentication result to the device 100 using a communication module.

For example, the authentication result may include information indicating that user authentication has succeeded or information indicating that user authentication has failed.

In operation 211 , when authentication success information is included in the authentication result, the device 100 may output photo data included in the image data.

According to an embodiment, when it is confirmed that authentication success information is included in the received authentication result, the device 100 extracts photo data from the image data using techniques such as image recognition and cropping. can do. The device 100 may output the extracted photo data. For example, the device 100 may display the extracted photo data on a display device (eg, the display device 109 ).

In operation 213 , the device 100 may store a user visit record.

According to an embodiment, the device 100 may store the user visit record in a memory (eg, the memory 111 ) based on the authentication result including the authentication success information. For example, the user visit record may include one or more pieces of information corresponding to the user's identification card (eg, resident registration card, driver's license and/or passport), and a visit date and/or visit time.

In operation 215 , when authentication failure information is included in the authentication result, the device 100 may output information corresponding to authentication failure.

According to an embodiment, when the device 100 determines that authentication failure information is included in the received authentication result, a message indicating the authentication failure is displayed on the display device and/or indicating that authentication has failed through a speaker It can output voice and alarm sound.

Meanwhile, in addition to the above-described embodiment of FIG. 2 , the device 100 outputs information corresponding to the authentication failure, and then outputs information asking the user whether he/she wants to proceed with re-authentication through a display and/or a speaker can do. When receiving information that re-authentication is desired from the user through the input/output interface (eg, the input/output interface 103), the device 100 may output a request for information necessary for re-authentication through a display and/or a speaker have.

For example, the re-authentication may be performed to re-execute the above-described authentication through the user's identification card scan, or through authentication through input of a predetermined password, authentication through the user's voice input, and fingerprint recognition of the user. It may include at least one of authentication and authentication through iris recognition of the user.

For example, in response to the request for information required for re-authentication, the device 100 acquires image data according to ID scan, receives a preset password through an input/output interface, acquires user's voice data, and obtain fingerprint data, and/or obtain iris data of the user. Then, the device 100 transmits the obtained data to the server 10 , the server 10 executes user authentication based on the received data, and transmits the authentication result to the device 10 . can do. For example, the server 10 may store the preset password, voice data of one or more users, fingerprint data of one or more users, and/or iris data of one or more users in a memory, and the stored data Based on the user authentication, the authentication result may be transmitted to the device 10 .

In the above-described embodiment of FIG. 2 , it has been described that the server 10 executes user authentication using the received image data, but according to another embodiment, the server 10 transmits information necessary for user authentication to the device ( 100), the device 100 may execute the user authentication in the same manner as (or similar to) the server 10 using the information required for the user authentication. For example, the information required for user authentication may include personal information of one or more users stored in the memory of the server 10 or personal information of a user corresponding to the image data stored in the memory.

In addition to the above-described embodiment of FIG. 2 , a security function may be added to the device 100 to enhance security of a specific company, institution, or building. For example, the device 100 may further include (equip) devices such as a hidden camera detector and a wiretapping detector, and accordingly, when a specific person (user) passes through the gate of a specific company, institution, or building, It is possible to detect whether the specific person possesses a hidden camera or has wiretapping. According to this function, the device 100 may have the effect of protecting a main facility or preventing leakage of confidentiality to the outside.

In addition to the above-described embodiment of FIG. 2 , the server 10 may store a visit record (history) of the user. For example, the server 10 receives information (building information, place information, or address information) corresponding to the device 100 as well as image data from the device 100 , so that the user A visit record of a place (or building) where 100 is installed (located) may be stored. In addition, the server 10 may store and manage not only the authenticity of the identification card as described above, but also information on whether the identification card is lost, damaged, stolen, or subject to reissuance. In addition, the server 10 may separately manage and store a list of user's personal information corresponding to an identification card corresponding to frequent loss report, reissuance, identity theft, or information leakage.

In addition, in the embodiment of FIG. 2 described above, the personal information of one or more users stored in the memory (eg, memory 15) of the server 10 is the user's terminal (eg, terminal 1000). Through the mobile phone authentication procedure used (eg, authentication using a specific authentication application, authentication using a public certificate, mobile authentication, SNS authentication, etc.), the server 10 is used when executing the user authentication described above, or the user The server 10 may transmit the personal information of the one or more users, which is information required for authentication, to the device 100 .

For example, the server 10 may perform a mobile phone authentication procedure with the user's terminal before executing the user authentication in operation 207 . Upon successful authentication of the user according to the mobile phone authentication procedure with the user's terminal, the server 10 may execute operation 207 . The mobile phone authentication procedure is a conventional technique and detailed description thereof will be omitted. When the user's authentication fails according to the mobile phone authentication procedure with the user's terminal, operation 207 may not be executed, and information corresponding to the authentication failure may be output by the terminal or device 100 .

As another example, after executing the user authentication in operation 207 , the server 10 may execute a mobile phone authentication procedure with the user's terminal. Upon successful authentication of the user according to the mobile phone authentication procedure with the user's terminal, the server 10 may execute operation 209 . The mobile phone authentication procedure is a conventional technique and detailed description thereof will be omitted. When the user's authentication fails according to the mobile phone authentication procedure with the user's terminal, the server 10 does not execute operation 209 and causes the terminal or device 100 to output information corresponding to the authentication failure. can

In the embodiment of FIG. 2 described above, the device 100 transmits the image data obtained according to the scan of the user's ID in operation 201 and the scan in operation 203, so that the server 10 transmits the image data in operation 205 The storage and 207 of operation have been described as executing the user authentication. However, according to another embodiment, the server 10 is a mobile phone authentication procedure (eg, authentication using a specific authentication application, authentication using a public certificate, mobile authentication, SNS using the user's terminal (eg, terminal 1000)) authentication, etc.), by executing user authentication, and transmitting an authentication result according to the user authentication to the device 100 , the device 100 may execute operations 211 , 213 , and 215 . According to this embodiment, user authentication is performed even for a user who does not have an ID, so that when the user visits an accessible place when user identification is successful, the inconvenience of having to always carry an ID can be eliminated.

In the embodiment of FIG. 2 described above, the device 100 transmits the image data obtained according to the scan of the user's ID in operation 201 and the scan in operation 203, so that the server 10 transmits the image data in operation 205 The storage and 207 of operation have been described as executing the user authentication. However, according to another embodiment, the device 100 receives a password through an input/output interface, receives a user's voice through a microphone, receives user's fingerprint information through a fingerprint recognition sensor, and/or through an iris recognition sensor The user's iris information may be received and transmitted to a server through a communication interface, wherein the server executes user authentication based on the received information (data), and transmits an authentication result according to the user authentication to the device 100 Accordingly, the device 100 may perform operations 211 , 213 , and 215 .

The above-described embodiment may be used for identification and record keeping when entering and exiting a public institution. In addition, the above-described embodiment may be used for identification and record keeping for rental of facilities or articles in public facilities or amusement facilities. In addition, the above-described embodiment may be used for identification and record keeping in a financial institution's product subscription, report, and/or inquiry for consultation.

3 is a flowchart of an operation for protecting personal information and enhancing security according to an embodiment of the present invention.

In operation 301 , the device 100 (eg, the controller 101 of the device 100 ) may acquire image data corresponding to an identification card.

According to an embodiment, the device 100 uses an input/output interface (eg, the input/output interface 103, for example, the scan device 105 or the camera device 107) to receive image data corresponding to the user's identification card. can be obtained

In operation 303 , the device 100 may obtain a quick response (QR) code.

According to an embodiment, the device 100 is provided by the user's terminal 1000 using an input/output interface (eg, the input/output interface 103 , for example, the scan device 105 or the camera device 107 ). It is possible to obtain a QR code or a QR code contained in a card (eg, a pass card and/or an identification card).

In operation 305 , the device 100 may transmit the obtained image data and the obtained QR code.

According to an embodiment, the device 100 may transmit the obtained image data and the obtained QR code to a server (eg, the server 10) using a communication interface (eg, the communication interface 113). .

In operation 307, the server 10 (eg, the controller 11 of the server 10) may perform user authentication using the image data and the QR code.

According to an embodiment, the server 10 may receive the image data and the QR code using a communication interface (eg, the communication interface 13).

According to an embodiment, the server 10 may perform user authentication using the received image data based on personal information of one or more users stored in a memory (eg, the memory 15 ).

For example, the server 10 may check whether the user's personal information corresponding to the received image data and the corresponding user's personal information (the matching user's personal information) are included in the memory.

For example, the server 10 may determine (determine) the authenticity of the user's ID corresponding to the received image data based on the personal information of one or more users stored in the memory. The server 10 checks the information corresponding to the user's ID in the received image data, and compares the verified information with the user's personal information stored in the memory, whether the ID of the user is authentic can be decided

According to an embodiment, the server 10 may execute user authentication using the received QR code based on the QR code stored in the memory.

For example, the server 10 may check whether the received QR code corresponds to (matches) the QR code stored in the memory. When the received QR code corresponds to the QR code stored in the memory, the server 10 may determine (determine) that authentication for the received QR code is successful. If the received QR code does not correspond to the QR code stored in the memory, the server 10 may determine that authentication for the received QR code has failed.

According to an embodiment, when the user's personal information corresponding to the received image data and the corresponding user's personal information are included in the memory, the server 10 may determine that the user authentication is successful.

According to an embodiment, when it is determined that the user's ID corresponding to the received image data is genuine (normal), the server 10 may determine that the user authentication is successful.

According to an embodiment, when it is determined that the received QR code corresponds to the QR code stored in the memory, the server 10 may determine that the user authentication is successful. For example, if it is determined that the authentication for the received QR code is successful, the server 10 may determine that the user authentication is successful.

According to an embodiment, the server 10 includes, in the memory, the user's personal information corresponding to the received image data and the corresponding user's personal information, and the received QR code is stored in the memory. If the code is matched, the server 10 may determine that the user authentication is successful.

According to an embodiment, the server 10 determines that the ID of the user corresponding to the received image data is genuine (normal), and when it is determined that the authentication for the received QR code is successful, the server 10 ) can determine that user authentication is successful.

According to an embodiment, when the user's personal information corresponding to the received image data and the corresponding user's personal information are not included in the memory, the server 10 may determine that the user authentication has failed.

According to an embodiment, when it is determined that the user ID corresponding to the received image data is fake (abnormal), the server 10 may determine that the user authentication has failed.

According to an embodiment, if it is determined that the received QR code does not correspond to the QR code stored in the memory, the server 10 may determine that the user authentication has failed. For example, if it is determined that the authentication for the received QR code has failed, the server 10 may determine that the user authentication has failed.

According to an embodiment, if the user's personal information corresponding to the received image data and the corresponding user's personal information are not included in the memory, and the received QR code does not correspond to the QR code stored in the memory, , the server 10 may determine that the user authentication has failed.

According to an embodiment, the server 10 determines that the user's ID corresponding to the received image data is fake (abnormal), and determines that authentication for the received QR code has failed, the server ( 10) may determine that user authentication has failed.

According to an embodiment, if the memory contains the user's personal information corresponding to the received image data and the corresponding user's personal information, and the received QR code does not correspond to the QR code stored in the memory, , the server 10 may determine that a predetermined additional authentication for the user is required.

According to an embodiment, if it is determined that the user's ID corresponding to the received image data is genuine (normal), and it is determined that authentication for the received QR code has failed, the server 10 provides information about the user. It may decide that additional specified certifications are required.

According to an embodiment, when the user's personal information corresponding to the received image data and the corresponding user's personal information are not included in the memory, and the received QR code corresponds to the QR code stored in the memory, , the server 10 may determine that a predetermined additional authentication for the user is required.

According to an embodiment, when it is determined that the user's ID corresponding to the received image data is fake (abnormal), and it is determined that the authentication for the received QR code is successful, the server 10 provides information about the user. It may decide that additional specified certifications are required.

For example, the additional authentication includes at least one of authentication through input of a predetermined password, authentication through the user's voice input, authentication through the user's fingerprint recognition, and authentication through the user's iris recognition can do.

In operation 309, the server 10 may transmit an authentication result according to the user authentication.

According to an embodiment, the server 10 may transmit the authentication result to the device 100 using the communication interface.

For example, the authentication result may include information indicating that user authentication has succeeded, information indicating that user authentication has failed, or information that additional authentication (pre-specified additional authentication) for the user is required.

For example, the authentication result includes that the user's personal information corresponding to the received image data and the corresponding user's personal information are included in the memory, and that the received QR code corresponds to the QR code stored in the memory. may contain information. The authentication result is that, in the memory, the user's personal information corresponding to the received image data and the corresponding user's personal information are not included, and the received QR code does not correspond to the QR code stored in the memory. may contain information. The authentication result includes, in the memory, the user's personal information corresponding to the received image data and the corresponding user's personal information, and information that the received QR code does not correspond to the QR code stored in the memory may include The authentication result is information that the user's personal information corresponding to the received image data and the corresponding user's personal information are not included in the memory, and that the received QR code corresponds to the QR code stored in the memory may include

For example, the authentication result may include information that the user's ID corresponding to the received image data is genuine (normal) and information that authentication with respect to the received QR code has been successful. The authentication result may include information that the user's ID corresponding to the received image data is fake (information that it is abnormal) and information that authentication for the received QR code has failed. The authentication result may include information that the user's ID corresponding to the received image data is genuine (information that it is normal) and information that authentication for the received QR code has failed. The authentication result may include information that the ID of the user corresponding to the received image data is fake (information that it is abnormal) and information that authentication of the received QR code has been successful.

In operation 311 , the device 100 may store a user visit record.

According to an embodiment, the device 100 may receive the authentication result using the communication interface. In response to receiving the authentication result, the device 100 may store a user visit record in a memory (eg, the memory 111 ). For example, the user visit record may include one or more pieces of information corresponding to the user's identification card (eg, resident registration card, driver's license and/or passport), and a visit date and/or visit time.

In operation 313 , when authentication success information is included in the authentication result, the device 100 may output photo data included in the image data.

According to an embodiment, when it is confirmed that authentication success information is included in the received authentication result, the device 100 extracts photo data from the image data using techniques such as image recognition and cropping. can do. The device 100 may output the extracted photo data. For example, the device 100 may display the extracted photo data on a display device (eg, the display device 109 ).

In operation 315 , when authentication failure information is included in the authentication result, the device 100 may output information corresponding to authentication failure.

According to an embodiment, when the device 100 determines that authentication failure information is included in the received authentication result, a message indicating the authentication failure is displayed on the display device and/or indicating that authentication has failed through a speaker It can output voice and alarm sound.

Meanwhile, although not shown, when information indicating that additional authentication is required for the user is included in the authentication result, the device 100 may display visual information and/or through a display device and/or speaker to prompt the user to perform additional authentication. Voice information can be provided.

For example, the user's personal information corresponding to the received image data and the corresponding user's personal information are included in the authentication result in the memory, and the received QR code corresponds to the QR code stored in the memory When the information indicating that it is not possible is included, visual information and/or voice information for instructing the additional authentication to be performed may be provided.

For example, in the authentication result, the user's personal information corresponding to the received image data and the corresponding user's personal information are not included in the memory, and the received QR code is stored in the memory. When the information corresponding to ' and ' is included, visual information and/or voice information for instructing to proceed with the additional authentication may be provided.

For example, when the authentication result includes information that the user's ID corresponding to the received image data is genuine (information that it is normal) and information that authentication for the received QR code has failed, the additional authentication is performed Visual information and/or audio information to proceed may be provided.

For example, when the authentication result includes information that the user's ID corresponding to the received image data is fake (information that is abnormal) and information that the authentication of the received QR code has been successful, the additional authentication is performed Visual information and/or audio information to proceed may be provided.

3, the server 10 has been described as executing user authentication using the received image data and the received QR code, but according to another embodiment, in the server 10, the user authentication The user authentication may be performed in the same manner (or similar manner) as that of the server 10 by transmitting the information required for the user authentication to the device 100 , and the device 100 using the information necessary for the user authentication. For example, the information required for user authentication may include personal information of one or more users stored in the memory of the server 10 or personal information of a user corresponding to the image data stored in the memory. For example, the information required for user authentication may be a QR code stored in the memory.

4 is a flowchart of an operation for protecting personal information and enhancing security according to an embodiment of the present invention.

In operation 410 , the device (eg, the device 100 or the controller 101 of the device 100 ) may acquire image data corresponding to an identification card.

In operation 420, the device may acquire a quick response (QR) code.

In operation 430, the device may transmit the obtained image data and the obtained QR code to a server (eg, the server 10).

In operation 440, in response to transmitting the obtained image data and the obtained QR code to the server, the device may receive an authentication result of the user corresponding to the identification card from the server.

In operation 450 , the device may store the visit record of the user in response to receiving the authentication result of the user.

In operation 460, when authentication success information is included in the authentication result of the user, the device may extract photo data from the image data.

In operation 470, the device may output the extracted photo data.

According to an embodiment, the operation for protecting personal information and enhancing security may further include outputting information indicating that authentication of the user has failed when authentication failure information is included in the authentication result of the user.

According to an embodiment, in the operation for protecting personal information and enhancing security, when the authentication result of the user includes information that the identification is genuine (information that the identification is normal) and authentication failure information for the QR code, a predetermined addition The method may further include outputting information to execute authentication.

According to an embodiment, when the authentication result of the user includes information that the ID is fake (information that the ID is abnormal) and authentication success information for the QR code, the operation of outputting information to execute a predetermined additional authentication is further performed. may include

According to an embodiment, the predetermined additional authentication includes authentication through input of a predetermined password, authentication through the user's voice input, authentication through the user's fingerprint recognition, and authentication through the user's iris recognition. It may include at least one.

According to an embodiment, in response to an operation of outputting information to execute the predetermined additional authentication, authentication through input of the predetermined password, authentication through the user's voice input, and fingerprint recognition of the user Authentication and authentication through iris recognition of the user may be sequentially performed.

According to an embodiment, the authentication result of the user may be determined by the acquired image data and the acquired QR code.

Various embodiments of the present document include instructions stored in a machine-readable storage media (eg, memory 215 (internal memory or external memory)) readable by a machine (eg, a computer). It may be implemented in software (eg, a program). The device is a device capable of calling a stored command from a storage medium and operating according to the called command, and may include an electronic device (eg, the electronic device 200 ) according to the disclosed embodiments. When the instruction is executed by a processor (eg, the processor 201 ), the processor may perform a function corresponding to the instruction by using other components directly or under the control of the processor. Instructions may include code generated or executed by a compiler or interpreter. The device-readable storage medium may be provided in the form of a non-transitory storage medium. Here, 'non-transitory' means that the storage medium does not include a signal and is tangible, and does not distinguish that data is semi-permanently or temporarily stored in the storage medium.

According to an example, the method according to various embodiments disclosed in this document may be included and provided in a computer program product.

The above description is merely illustrative of the technical idea of the present invention, and those of ordinary skill in the art to which the present invention pertains may make various substitutions, modifications, and changes within the scope not departing from the essential characteristics of the present invention. It will be easy to see that this is possible. That is, the embodiments disclosed in the present invention are not intended to limit the technical spirit of the present invention but to explain, and the scope of the technical spirit of the present invention is not limited by these embodiments.

Accordingly, the protection scope of the present invention should be interpreted by the claims described below, and all technical ideas within the scope equivalent thereto should be interpreted as being included in the scope of the present invention.

Claims (10)

A method for enhancing privacy and security implemented by a device, the method comprising:
acquiring image data corresponding to the identification card;
obtaining a quick response (QR) code;
transmitting the obtained image data and the obtained QR code to a server;
receiving an authentication result of a user corresponding to the identification card from the server in response to transmitting the acquired image data and the acquired QR code to the server;
in response to receiving the authentication result of the user, storing the visit record of the user in the device;
extracting photo data from the image data when authentication success information is included in the user's authentication result; and
Including the operation of outputting the extracted photo data,
The authentication result of the user includes authenticity information of the ID, and when the authentication result of the user determines that the ID of the user is genuine, it is determined that the user authentication is successful,
When the failure information is included in at least one of the identification information and the authentication information for the QR code in the authentication result of the user, information to execute a predetermined additional authentication is output, and the predetermined additional authentication is performed through a password input A method for protecting personal information and enhancing security, comprising at least one of authentication, authentication through the user's voice input, and authentication through the user's fingerprint recognition. The method of claim 1, further comprising outputting information indicating that authentication of the user has failed when authentication failure information is included in the authentication result of the user. delete delete delete The method of claim 1,
In response to the operation of outputting information to execute the predetermined additional authentication, authentication through input of the predetermined password, authentication through the user's voice input, authentication through the user's fingerprint recognition, and the user's iris A method for enhancing privacy and security in which authentication through recognition is sequentially performed. The method of claim 1, wherein the user's authentication result is determined by the acquired image data and the acquired QR code. As a computer-readable recording medium storing a computer program,
When the computer program is executed by a processor,
acquiring image data corresponding to the identification card;
obtaining a quick response (QR) code;
transmitting the obtained image data and the obtained QR code to a server;
receiving an authentication result of a user corresponding to the identification card from the server in response to transmitting the acquired image data and the acquired QR code to the server;
storing a visit record of the user in response to receiving the user's authentication result;
extracting photo data from the image data when authentication success information is included in the user's authentication result; and
Including the operation of outputting the extracted photo data,
The authentication result of the user includes authenticity information of the ID, and when the authentication result of the user determines that the ID of the user is genuine, it is determined that the user authentication is successful,
When the failure information is included in at least one of the identification information and the authentication information for the QR code in the authentication result of the user, information to execute a predetermined additional authentication is output, and the predetermined additional authentication is performed through a password input A computer-readable recording medium comprising instructions for causing the processor to perform a method including at least one of authentication, authentication through the user's voice input, and authentication through the user's fingerprint recognition. As a computer program stored in a computer-readable recording medium,
When the computer program is executed by a processor,
acquiring image data corresponding to the identification card;
obtaining a quick response (QR) code;
transmitting the obtained image data and the obtained QR code to a server;
receiving an authentication result of a user corresponding to the identification card from the server in response to transmitting the acquired image data and the acquired QR code to the server;
storing a visit record of the user in response to receiving the user's authentication result;
extracting photo data from the image data when authentication success information is included in the user's authentication result; and
and outputting the extracted photo data;
The authentication result of the user includes authenticity information of the ID, and when the authentication result of the user determines that the ID of the user is genuine, it is determined that the user authentication is successful,
When the failure information is included in at least one of the identification information and the authentication information for the QR code in the authentication result of the user, information to execute a predetermined additional authentication is output, and the predetermined additional authentication is performed through a password input A computer program comprising instructions for causing the processor to perform a method including at least one of authentication, authentication through the user's voice input, and authentication through the user's fingerprint recognition. In the device for protecting personal information and enhancing security,
communication interface;
display device;
Memory; and
Obtaining image data corresponding to an identification card by using a scanning device or a camera device, acquiring a quick response (QR) code using the scanning device or the camera device, using the communication interface to obtain the acquired image data and the Transmitting the obtained QR code to the server, in response to transmitting the obtained image data and the obtained QR code to the server, the authentication result of the user corresponding to the identification card from the server using the communication interface receiving, in response to receiving the user's authentication result, storing the visit record of the user in the memory of the device, and when authentication success information is included in the user's authentication result, extracting photo data from the image data, , a control unit for controlling the display device to output the extracted photo data,
The authentication result of the user includes authenticity information of the ID, and when the authentication result of the user determines that the ID of the user is genuine, it is determined that the user authentication is successful, and the identification information and the QR are included in the authentication result of the user When failure information is included in at least one of the authentication information for the code, information to execute a predetermined additional authentication is output, and the predetermined additional authentication is authentication through password input, authentication through the user's voice input, the A device for protecting personal information and enhancing security, comprising at least one of authentication through a user's fingerprint recognition.

Images