201249161 六、發明說明: -【發明所屬之技術領域】 本發明係關於一種使用者認證系統及其使用者認證方法。更具 體而言,本發明之使用者認證系統及其使用者認證方法係可透過 前端之認證方式,判斷使用者之合法性,俾使用者進行後端之相 關操作。 【先前技術】 於習知技術中,臨時性業務處理之身分認證流程主要係採人工 判斷方式,於確認使用者身份之合法性後,同意使用者進行後續 之相關流程。舉例來說,一般企業公司判斷訪客之合法性皆利用 人工處理之方式,更具體而言,一般企業公司通常於門口設立數 名作業人員,當有訪客欲進入公司内部時,便透過作業人員以人 工之方式進行訪客身分之辨識,並於確認訪客之合法性後發給訪 客識別證,俾訪客獲得進入公司之權限。 又或者,當客戶欲進入銀行或公家機關等服務端點,進行臨時 性之業務處理時,通常須先行填寫業務相關表單,並接著排隊等 候處理。而當等候時間結束,客戶可至櫃檯處理相關業務時,業 務處理人員此時始得以人工之方式進行客戶之身分認證,並於確 認客戶身分之合法性後方進行後續業務處裡。 然而,於前述臨時性業務處理流程中,採人工判斷客戶身分之 方式,通常有額外配置特殊人力之要求,且人工判斷之不確定性 易造成業務處理整體流程之延遲,使得處理成本之增加及負擔。 因此,如何提供一種有效率、低成本之使用者認證系統及其使用 201249161 · 者認證方法,乃業界亟需努力之目標。 ' 【發明内容】 為解決前述臨時性業務處理流程中,採人工判斷客戶身分之方 式所產生之問題,本發明提供了一種使用者認證系統及其使用者 認證方法,其主要係透過預約、識別及認證等程序,自動完成使 用者認證流程。 為完成前述目的,本發明提供一種使用者認證系統,包含影像 擷取元件、處理元件以及識別碼提供元件,並與資料庫以及資料 存取控制元件連結。影像擷取元件用以擷取使用者之身分辨識資 訊。處理元件透過網路連接資料庫,用以判斷使用者之身分辨識 資訊符合資料庫所記錄之認證資訊。識別碼提供元件用以根據身 分辨識資訊與認證資訊相符的結果提供使用者身分識別資訊,並 將身分識別資訊註冊於資料存取控制元件,俾使用者利用身分識 別資訊進行資料存取控制元件之操作。 為完成前述目的,本發明另提供一種用於使用者認證系統之使 用者認證方法,使用者認證系統包括影像擷取元件、處理單元以 及識別碼提供元件,並與資料庫以及資料存取控制元件連結,使 用者認證方法包含下列步驟:(a)令影像擷取元件擷取使用者之 身分辨識資訊;(b)令處理單元判斷使用者之身分辨識資訊符合 資料庫所記錄之認證資訊;(c)令識別碼提供元件根據步驟(b) 之結果,提供使用者身分識別資訊;(d)令識別碼提供元件將身 分識別資訊註冊於資料存取控制元件,俾使用者利用身分識別資 訊進行資料存取控制元件之操作。 201249161 ' 【實施方式】 以下將透過實施例來解釋本發明内容。然而,本發明的實施例 並非用以限制本發明需在如實施例所述之任何環境、應用或方式 方能實施。因此,關於實施例之說明僅為闡釋本發明之目的,而 非用以直接限制本發明。需説明者,以下貫施例及圖示中,與本 發明非直接相關之元件已省略而未繪禾。 首先,請同時參考第1A圖、第1B圖以及第1C圖,其分別為 本發明第一實施例之一使用者認證系統1之正面圖、側面圖以及 元件連結關係示意圖。使用者認證系統1包含一影像擷取元件u、 一處理元件13以及一識別碼提供元件15,並透過一第一連線u 以及一第二連線L2,分別與一資料庫20以及一資料存取控制元 件30連結,其中,處理元件13分別與影像擷取元件u以及識別 碼提供元件15電性連結。而各元件之功能及互動,將於下述之内 容中詳細說明。 首先’當一使用者欲進行身分確認時,影像擷取元件U將操取 該使用者之一身分辨識資訊S1。具體來說,若該使用者之身分辨 識資訊S1係身分證明文件,例如身分證、護照、健保卡或駕照等 文件’則影像擷取元件11可為掃描器或攝影機,用以擁取該身分 證明文件影像,並進一步透過對身分證明文件上的資料進行光學 字元辨識(Optical Character Recognition, OCR)或是影像辨識等 處理’進而取得身分辨識資訊S1。 另一方面,若身分辨識資訊S1係生物特徵,例如指紋、眼睛虹 膜或臉型特徵等,則影像擷取元件11可為指紋辨識裝置、虹膜辨 201249161 ,識裝置或臉型特徵擷取設備,以生物特徵掃描之方式掃描身分辨 識資訊S1。接著,當影像擷取元件11擷取了身分辨識資訊S1後, 處理元件13便利用第一網路L1所連接之資料庫20所存之資料, 加以判斷該使用者之身分辨識資訊S1是否符合資料庫20所記錄 之一認證資訊D1。 須特別說明者,資料庫20中預先儲存認證資訊D1係該使用者 透過預先申請之方式,將其身分相關資料註冊於資料庫20中。例 如,使用者可先透過企業公司之網站,利用使用者相關身分認證 資料進行訪談時間之預約;或者,使用者可先於銀行或公家機關 等服務端點,先行申請個人帳號,並同時提交身分認證資料。如 此一來,使用者認證系統1將可根據資料庫20中已存之認證資料 D1進行該使用者之身分比對。 隨即,若處理元件13判斷該使用者之身分辨識資訊S1符合資 料庫20所記錄之認證資訊D1,則識別碼提供元件15便據以提供 該使用者一身分識別資訊N1,並同時將身分識別資訊N1透過第 二網路L2註冊於資料存取控制元件30,俾該使用者可利用身分 識別資訊N1進行資料存取控制元件30之操作。而身分識別資訊 N1可以下述至少兩種實施態樣完成。 具體而言,第一種身分識別資訊N1之實施態樣,主要係於處理 元件13判斷該使用者之身分辨識資訊S1符合資料庫20所記錄之 認證資訊D1後,由識別碼提供元件15產生一身分識別物件151, 並將身分識別資訊N1記錄於身分識別物件151中,則該使用者便 可利用具有身分識別資訊N1之身分識別物件151進行資料存取控 201249161 制元件30之操作。 、 另一方面,第二種身分識別資訊N2之實施態樣,主要係於處理 元件13判斷該使用者之身分辨識資訊S1符合資料庫20所記錄之 認證資訊D1後,由識別碼提供元件15擷取該使用者所提供之物 件(例如具無線射頻辨識(Radio Frequency IDentification,RFID) 之卡片)之一電子標籤,並根據該電子標籤產生身分識別資訊N卜 則同樣地,該使用者便可利用與身分識別資訊N1相關之該電子標 籤進行資料存取控制元件30之操作。 為便於理解,以下將以範例解釋前述使用者認證系統1之作業 流程。舉例來說,當訪客欲申請進入企業公司時,其可先透過企 業公司之網站、電話或其他途徑,直接進行登錄、註冊或預約之 動作’以預先將認證資訊D1建立於資料庫20中。如此一來,訪 客便可於預約時間,前往企業公司進行使用者認證系統丨之操作。 而當訪客依約到企業公司時,便可利用使用者認證系統1進行 身分認證。首先,訪客可先將本人之身分證件置於影像擷取元件 11處進行影像擷取’並且進一步透過光學字元辨識或影像辨識等 方式’獲取訪客之身分辨識資訊S1。接著,處理元件13便可判斷 訪客之身分辨識資訊S1與資料庫20中的認證資訊D1相符,以確 認訪客具有進入企業公司的權限。 心後’識別碼提供元件15便以至少以下二種方式提供訪客身分 辨識資訊N1 ’俾訪客操作後端之門禁系統(即資料存取控制元件 3〇)。第一種方式,具體而言,當處理元件13判斷訪客之身分辨 識資訊Sl與認證資訊D1相符後,識別碼提供元件15便提供訪客 8 201249161 記錄有合法之身分識別資訊N1之身分識別物件151,並同時將身 分識別資訊N1透過第二網路L2註冊於資料存取控制元件3〇,如 此一來,當訪客便利用身分識別物件151操作資料存取控制元件 30時,資料控制元件3〇便可根據以註冊之身分識別資訊N1,確 認訪客之合法性。 另一方面,第二種方式,S處理元件13判斷訪客之身分辨識資 訊S1與認證資訊D1相符後,識別碼提供元件15便要求訪客提供 具電子標籤之物件(例如悠遊卡),並根據電子標藏產生身分識別 資訊N1,且同時將身分識別資訊N1透過第二網路L2註冊於資料 存取控制元件30。如此一來,訪客便可利用具有與身分識別資訊 N1相關之電子標籤,合法地進行資料存取控制元件3〇之操作。 於另一範例中’當使用者欲至銀行進行業務處理前,必須先於 銀行進行開戶,而使用者於開戶的同時’銀行便可先行註冊使用 者之認證資訊D1 (例如使用者之指紋等生物特徵),並將其記錄 於資料庫20中,俾後續辨識使用者之用途。之後,當使用者至銀 行進行業務處理時,使用者可先填寫業務處理表格(例如請款 單),隨後使用者便可同時將手指指紋(身分辨識資訊S1)以及業 務處理表格置於影像擷取元件11上進行指紋影像掃描,如此一 來,處理元件13便可利用使用者之手指指紋判斷使用者之身分符 合資料庫20中之認證資料D1 ’進一步_認使用者確為銀行之客 戶,同時,處理單元13亦可利用業務處理表格之掃描結果判斷使 用者欲處理之業務。 而當處理元件13確認使用者身分之後,識別碼提供元件15就 201249161 會提供使用者具身分識別資訊Ni之號碼牌,並將身分識別資訊 N1註冊於資料存取控制元件(例如銀行後端作業之伺服器)。 待銀行系統呼叫具身分識別資訊N1之號碼牌時,使用者便可將具 身分識別資訊N1之號碼牌交給銀行作業人貞,俾銀行作業人員據 以利用後端作業之伺服^ ’迅速地賴❹者之身分 以及欲處理 之業務。 接下來,請參考第2A圖、第2B圖及第2C圖,其分別為本發 明第二實施例之一使用者認證系統1,之正面圖、側面圖以及元件 連結關係示意圖。其中,第二實施例中所使用之元件與第一實施 例相同者,其功能亦相同,於此將不再贅述。而須特別說明者, 第二實施例與第一實施例之差別在於使用者認證系統丨,更包含 一顯示元件17以及一註冊元件19。 詳言之,顯示元件Π係用以顯示處理元件13之一處理狀態資 訊170。具體來說,處理元件13於進行各項操作處理時,可將其 處理狀態資訊170 (例如使用者確認掃描的身分辨識資訊S1、顯 示判斷結果相符資訊等)以顯示於顯示元件17之方式回饋予該使 用者’俾使用者得知目前操作之流程以及進度。更者,該顯示元 件Π亦可為一互動式觸控螢幕,該使用者亦可透過此互動式觸控 螢幕進行簡易之資料確認輸入。 而註冊元件19與資料庫20連接,其主要係用於接受現場註冊。 詳細來說,註冊元件19係用以接受該使用者之一系統使用要求 REQ’而註冊元件19可根據系統使用要求REq,判斷該使用者之 合法性,並據以產生一認證資訊1^2,隨後,註冊元件19便將認 201249161 '證資訊D2傳送至資料庫20 ’俾該使用者再次透過前述之内容, 進行身分認證之流程。 更具體而言,當使用者於利用使用者認證系統1,前'或於處理 元件13判斷身分辨識資訊S1與認證資訊為不相符後,皆可透過 註冊元件19重新進行註冊,則該使用者便得以進行認證並取得身 分識別資訊。須特別說明者,使用者可透過註冊元件19所具之攝 影機、麥克風或鍵盤滑鼠組等任何形式之輸入裝置,讓後端操作 人員利用註冊元件19確認使用者之身分,而於確認使用者合法 後,操作人員便可再透過註冊元件19將認證資料D2輸入資料庫 20 〇 本發明之一第三實施例係為一使用者認證方法’其流程圖請參 考第3 A圖。第三實施例之方法係用於一使用者認證系統(如第一 實施例中所述之使用者認證系統1)。該使用者認證系統包括一影 像擷取元件、一處理元件以及一識別碼提供元件。使用者認證系 統與一資料庫及與一資料存取控制元件連結。該使用者認證方法 之詳細步驟如下所述。 首先,執行步驊3(H,令該影像擷取元件擷取一使用者之一身份 辨識資訊。接著,執行步驟302,令該處理元件判斷該使用者之該 身分辨識資訊符合資料庫所紀錄之該認證資訊。須特別說明者, 該資料庫中預先儲存該認證資訊係該使用者透過預先申請之方 式,將其身分相關資料註冊於該資料庫中,如此一來,該使用者 認證系統將可根據該資料庫中已存之該認證資料進行該使用者之 身分比對。 201249161 隨後,當該錢者衫之、合法性確認後 ,便可執行步驟303 ’令 該識引碼提供元件提供該使用者一身分辨識資訊。須特別說明 者’步驟303提供該身分識別資訊之方式可以至少下述二種方式 實施4同時參考第3B圖以及第%圖,其為提供身分識別資訊 之二實施態樣之流程圖。第—種方式,執行步驟娜,令該識別 碼提供:¾•件產生具有該身分識別資訊之—身分識別物件。接著執 仃步驟3〇32 ’ 7該識別竭提供元件提供該使用者具有該身分識別 資訊之該身分識職件,執行㈣娜,令該識別 碼提供^件棟取該使用者所具有之—電子標籤。接著,執行步驟 3034,令該識別碼提供元件根據該電子標籤產生該身分識別資訊。 最後,執行步冑3 04 ’令該識別碼提供元件將該身份識別資訊註 冊於該資料存取元件中,&此一來,無論是前述二種透過該識別 碼提供元件所產生之具有身分識別資訊之該身分識別物件,或透 過該使用者之該電子標籤產生之身分識別資訊,由於其已註冊於 該資料存取元件中,因此該使用者皆可據以進行該資料存取元件 之操作。 本發明之一第四實施例係為一使用者認證方法,其流程圖請參 考第4圖。第四實施例之方法係用於一使用者認證系統(類似第 二實施例中所述之使用者認證系統1,)。該使用者認證系統包括 一影像擷取元件、一處理元件、一註冊元件以及一識別碼提供元 件。使用者認證系統與一資料庫及與一資料存取控制元件連結。 該使用者認證方法之詳細步驟如下所述。 首先,第四實施例先執行步驟401,令該影像擷取元件擷取一使 12 201249161 用者之一身份辨識資訊。接著’執行步驟402 ’令該、處理元件判斷 該使用者之該身分辨識資訊是否符合資料庫所紀錄之該認證資 訊。類似第三實施例地,該資料庫中預先儲存該認證資訊係該使 用者透過預先申請之方式,將其身分相關資料註冊於該資料庫 中,如此一來,該使用者認證系統將可根據該資料庫中已存之該 認證資料進行該使用者之身分比對。 類似地,若該使用者之該身分辨識資訊符合資料庫所紀錄之該 認證資訊,則執行步驟403,令該識別碼提供元件提供該使用者一 身分辨識資訊。而後執行步驟404,令該識別碼提供元件將該身份 識別資訊註冊於該資料存取元件中’俾該使用者操作該資料存取 元件。 然而,若該認證資料過期,將可能導致該處理單元判斷該使用 者之該身分辨識資訊不符合資料庫所紀錄之該認證資訊。如此, 則可讓該使用者進行重新註冊之動作。執行步驟405 ’令該註冊元 件接收該使用者之一系統使用要求。執行步驟406,令該註冊元件 根據該系統使用要求產生新的認證資訊。隨後’便執行步驟407 ’ 令該註冊元件將新的認證資訊記錄於該資料庫中’俾該使用者回 到步驟401,重新進行身分之比對。 综上所述,本發明之使用者認證系統以及使用者認證方法主要 係透過預約、識別及認證等程序,使得使用者認證流程將得以更 有效率之方式完成,如此一來,以往以人工進行身分認證導致業 務處理整體流程之延遲之缺點將可輕易克服。 惟上述實施例僅為例示性說明本發明之實施態樣’以及闡釋本 13 201249161 發明之技術特徵,並非用來限制本發明之保護範疇。任何熟悉此 技藝之人士可輕易完成之改變或均等性之安排均屬於本發明所主 張之範圍,本發明之權利保護範圍應以申請專利範圍為準。 【圖式簡單說明】 第1A圖係本發明第一實施例之使用者認證系統之正面圖; 第1B圖係本發明第一實施例之使用者認證系統之側面圖; 第1C圖係本發明第一實施例之使用者認證系統之元件連結關 係不意圖, 第2A圖係本發明第二實施例之使用者認證系統之正面圖; 第2B圖係本發明第二實施例之使用者認證系統之側面圖; 第2C圖係本發明第二實施例之使用者認證系統之元件連結關 係不意圖, 第3A-3C圖係本發明第三實施例之使用者認證方法之流程圖; 以及 第4A-4B圖係本發明第四實施例之使用者認證方法之流程圖。 【主要元件符號說明】 1、1,:使用者認證系統 13 :處理元件 151 :身分辨識元件 170 :處理狀態資訊 20 :資料庫 L1 :第一連線 S1 :身分辨識資訊 N1 :身分識別資訊 11 :影像擷取元件 15 :辨識碼提供元件 17 :顯示元件 19 :註冊元件 30 :資料存取控制元件 L2 :第二連線 Dl、D2 :認證資訊 REQ :系統使用要求 14201249161 VI. Description of the invention: - [Technical field to which the invention pertains] The present invention relates to a user authentication system and a user authentication method thereof. More specifically, the user authentication system and the user authentication method of the present invention can determine the legitimacy of the user through the authentication method of the front end, and the user performs the related operations of the back end. [Prior Art] In the prior art, the identity authentication process of the temporary business process mainly adopts the manual judgment mode, and after confirming the legality of the user identity, the user is allowed to perform the subsequent related process. For example, a general corporate company judges the legality of visitors to use manual processing. More specifically, a general corporate company usually sets up several operators at the door. When a visitor wants to enter the company, he or she Manual identification of the identity of the visitor, and after confirming the legality of the visitor, the visitor identification certificate is issued, and the visitor gains access to the company. Or, when a customer wants to enter a service endpoint such as a bank or a public agency to conduct temporary business processing, it is usually necessary to fill in the business related form first, and then wait in line for processing. When the waiting time is over and the customer can go to the counter to handle the related business, the business processing personnel can manually authenticate the customer's identity at the time, and confirm the legality of the customer's identity before proceeding to the subsequent business office. However, in the foregoing temporary business process, the method of manually determining the customer's identity usually requires additional special manpower, and the uncertainty of the manual judgment is likely to cause delay in the overall process of the business process, resulting in an increase in the processing cost. burden. Therefore, how to provide an efficient and low-cost user authentication system and its use 201249161 · certification method is the industry's urgent need. [Invention] In order to solve the problem of manually determining the identity of the customer in the foregoing temporary business process, the present invention provides a user authentication system and a user authentication method thereof, which mainly through reservation and identification. And the certification and other procedures automatically complete the user authentication process. To accomplish the foregoing objects, the present invention provides a user authentication system including an image capturing component, a processing component, and an identification code providing component, and is coupled to a database and a data access control component. The image capture component is used to retrieve the user's identity identification information. The processing component is connected to the database through the network to determine that the user's identity identification information conforms to the authentication information recorded in the database. The identifier providing component is configured to provide the user identity identification information according to the result of the identity identification information and the authentication information, and register the identity identification information in the data access control component, and the user uses the identity identification information to perform the data access control component. operating. To achieve the foregoing objective, the present invention further provides a user authentication method for a user authentication system, the user authentication system including an image capturing component, a processing unit, and an identifier providing component, and a database and a data access control component. The user authentication method includes the following steps: (a) causing the image capture component to capture the identity identification information of the user; and (b) causing the processing unit to determine that the identity identification information of the user meets the authentication information recorded by the database; c) causing the identification code providing component to provide the user identity identification information according to the result of the step (b); (d) causing the identification code providing component to register the identity identification information with the data access control component, and the user uses the identity identification information to perform The operation of the data access control element. 201249161 'Embodiment>> Hereinafter, the present invention will be explained by way of embodiments. However, the embodiments of the present invention are not intended to limit the invention to any environment, application, or manner as described in the embodiments. Therefore, the description of the embodiments is merely illustrative of the invention and is not intended to limit the invention. It is to be noted that in the following examples and illustrations, elements that are not directly related to the present invention have been omitted and are not drawn. First, please refer to FIG. 1A, FIG. 1B, and FIG. 1C, which are respectively a front view, a side view, and a component connection relationship of the user authentication system 1 according to the first embodiment of the present invention. The user authentication system 1 includes an image capturing component u, a processing component 13 and an identification code providing component 15, and is connected to a database 20 and a data through a first connection line u and a second connection line L2. The access control elements 30 are connected, wherein the processing elements 13 are electrically connected to the image capturing element u and the identification code providing element 15, respectively. The functions and interactions of the various components are described in detail below. First, when a user wants to confirm the identity, the image capturing component U will take the identity identification information S1 of the user. Specifically, if the user's identity identification information S1 is an identity document, such as an identity card, a passport, a health insurance card, or a driver's license, the image capturing component 11 may be a scanner or a camera to capture the identity. The document image is obtained, and the identification information S1 is obtained by performing optical character recognition (OCR) or image recognition on the data on the identity document. On the other hand, if the identity identification information S1 is a biological feature, such as a fingerprint, an eye iris or a face feature, the image capturing component 11 can be a fingerprint identification device, an iris recognition 201249161, a recognition device or a face feature extraction device, and a biological The feature scanning method scans the identity identification information S1. Then, after the image capturing component 11 captures the identity identification information S1, the processing component 13 facilitates using the data stored in the database 20 connected to the first network L1 to determine whether the identity identification information S1 of the user conforms to the data. The library 20 records one of the authentication information D1. Specifically, the authentication information D1 is stored in the database 20 in advance, and the user registers the identity-related information in the database 20 by means of a pre-application. For example, the user can first use the user's relevant identity authentication data to make an appointment for the interview time through the website of the company company; or, the user can apply for a personal account first, and submit the identity at the same time before the service endpoint such as a bank or a public agency. Certification information. As a result, the user authentication system 1 will perform the identity comparison of the user based on the existing authentication data D1 in the database 20. Then, if the processing component 13 determines that the identity identification information S1 of the user meets the authentication information D1 recorded by the database 20, the identification code providing component 15 provides the identity identification information N1 of the user and simultaneously identifies the identity. The information N1 is registered in the data access control component 30 via the second network L2, and the user can perform the operation of the data access control component 30 using the identity identification information N1. The identity identification information N1 can be completed in at least two implementation manners described below. Specifically, the implementation of the first identity identification information N1 is mainly generated by the identification component providing component 15 after the processing component 13 determines that the identity identification information S1 of the user meets the authentication information D1 recorded by the database 20. When the identity identifying item 151 is recorded and the identity identification information N1 is recorded in the identity identifying object 151, the user can perform the operation of the data access control element 201249 by using the identity identifying object 151 having the identity identifying information N1. On the other hand, the implementation of the second identity identification information N2 is mainly provided by the processing component 13 determining that the identity identification information S1 of the user meets the authentication information D1 recorded by the database 20, and the component 15 is provided by the identification code. Taking an electronic tag of an object provided by the user (for example, a card with a radio frequency identification (RFID)), and generating an identity identification information based on the electronic tag, the user can The operation of the data access control element 30 is performed using the electronic tag associated with the identity identification information N1. For ease of understanding, the operation flow of the aforementioned user authentication system 1 will be explained by way of example below. For example, when a visitor wants to apply to enter a corporate company, he or she can directly log in, register, or make an appointment through the website, telephone, or other means of the enterprise company to establish the authentication information D1 in the database 20 in advance. In this way, the visitor can go to the corporate company to perform the user authentication system at the time of the appointment. When the visitor arrives at the company, the user authentication system 1 can be used for identity authentication. First, the visitor may first place his or her identity document on the image capturing component 11 for image capture and further obtain the identity identification information S1 of the visitor by means of optical character recognition or image recognition. Next, the processing component 13 can determine that the identity identification information S1 of the visitor matches the authentication information D1 in the database 20 to confirm that the visitor has the right to enter the company. The post-cardior identification code providing component 15 provides the visitor identification information N1' to the access control system (i.e., the data access control component 3) of the guest operation backend in at least the following two ways. In the first manner, specifically, when the processing component 13 determines that the identity identification information S1 of the visitor matches the authentication information D1, the identification code providing component 15 provides the visitor 8 201249161 The identity identifying object 151 recording the legal identity identification information N1 And at the same time, the identity identification information N1 is registered in the data access control element 3 through the second network L2, so that when the visitor conveniently operates the data access control element 30 with the identity identifying object 151, the data control element 3〇 The legality of the visitor can be confirmed based on the identification information N1 registered. On the other hand, in the second mode, after the S processing component 13 determines that the identity identification information S1 of the visitor matches the authentication information D1, the identification code providing component 15 requests the visitor to provide an electronic tagged object (for example, a leisure card), and according to the electronic The identification information N1 is generated and the identity identification information N1 is registered in the data access control element 30 through the second network L2. In this way, the visitor can legally perform the operation of the data access control element 3 by using the electronic tag associated with the identity identification information N1. In another example, 'when the user wants to go to the bank for business processing, the user must first open an account with the bank, and the user can register the user's authentication information D1 (such as the user's fingerprint, etc.) at the same time as the user opens the account. The biometrics are recorded in the database 20 for subsequent identification by the user. After that, when the user goes to the bank for business processing, the user can fill in the business processing form (for example, a payment slip), and then the user can simultaneously put the finger fingerprint (identity identification information S1) and the business processing form into the image. The fingerprint image is scanned on the component 11, so that the processing component 13 can use the fingerprint of the user's finger to determine that the identity of the user meets the authentication data D1 in the database 20. Further, the user is deemed to be the customer of the bank. At the same time, the processing unit 13 can also use the scan result of the service processing table to determine the service that the user wants to process. When the processing component 13 confirms the identity of the user, the identification code providing component 15 provides the number card of the user identification information Ni for 201249161, and registers the identity identification information N1 with the data access control component (for example, the bank backend operation). Server). When the banking system calls the number card with the identity identification information N1, the user can hand the number card with the identity identification information N1 to the bank operator, and the bank operator can use the servo of the back-end job to quickly The identity of the Lai and the business to be handled. Next, please refer to FIG. 2A, FIG. 2B and FIG. 2C, which are respectively a front view, a side view and a component connection relationship of the user authentication system 1 according to the second embodiment of the present invention. The components used in the second embodiment are the same as those of the first embodiment, and their functions are also the same, and will not be described again. Specifically, the second embodiment differs from the first embodiment in the user authentication system, and further includes a display element 17 and a registration element 19. In particular, the display component is used to display one of the processing elements 13 processing status information 170. Specifically, when the processing component 13 performs various operations, the processing status information 170 (for example, the user confirms the scanned identity identification information S1, the display judgment result matching information, etc.) can be fed back in the manner of being displayed on the display component 17. The user is asked to let the user know the current process and progress. In addition, the display element can also be an interactive touch screen, and the user can also perform simple data confirmation input through the interactive touch screen. The registration component 19 is connected to the repository 20, which is primarily used for on-site registration. In detail, the registration component 19 is configured to accept one of the user system usage requirements REQ' and the registration component 19 can determine the legality of the user according to the system usage requirement REq, and generate an authentication information 1^2 Then, the registration component 19 will recognize the 201249161 'certification information D2 to the database 20', and the user again passes the foregoing content to perform the identity authentication process. More specifically, when the user uses the user authentication system 1, the user or the processing component 13 determines that the identity identification information S1 does not match the authentication information, and can re-register through the registration component 19, then the user It is possible to authenticate and obtain identity identification information. It should be specially stated that the user can use the registration device 19 to confirm the user's identity by using any type of input device such as a camera, a microphone or a keyboard mouse group of the registration component 19, and confirm the user. After being legal, the operator can then input the authentication data D2 into the database 20 through the registration component 19. A third embodiment of the present invention is a user authentication method. For the flowchart, please refer to FIG. 3A. The method of the third embodiment is for a user authentication system (such as the user authentication system 1 described in the first embodiment). The user authentication system includes an image capture component, a processing component, and an identification code providing component. The user authentication system is coupled to a database and to a data access control component. The detailed steps of the user authentication method are as follows. First, step 3 (H) is executed to enable the image capturing component to capture identification information of one of the users. Then, step 302 is executed to enable the processing component to determine that the identity identification information of the user meets the record of the database. The certification information must be specially stated. The pre-stored authentication information in the database is that the user registers the identity-related information in the database by means of a pre-application, so that the user authentication system The identity of the user may be compared according to the authentication data already stored in the database. 201249161 Subsequently, after the legality of the money is confirmed, step 303 'can be used to provide the identification code providing component. The user identification information is provided. The method for providing the identity identification information in step 303 can be implemented in at least the following two ways. 4 Referring to FIG. 3B and FIG. The flow chart of the implementation aspect. The first method, the step step is performed, and the identification code is provided: the 3⁄4• piece generates the identification information with the identity identification information The object is then executed. Step 3〇32'7 The identification providing component provides the identity identification component of the user with the identity identification information, and executes (4) Na, so that the identification code provides the component to the user. Then, the electronic tag is executed. Then, step 3034 is executed to enable the identification code providing component to generate the identity identification information according to the electronic tag. Finally, step 307 is executed to enable the identification code providing component to register the identification information on the data. In the access component, the identification identifier of the identity identification object generated by the identification code providing component or the identity identification information generated by the electronic tag of the user, Since the user has been registered in the data access component, the user can perform the operation of the data access component. A fourth embodiment of the present invention is a user authentication method, and the flowchart thereof is referred to Figure 4. The method of the fourth embodiment is for a user authentication system (similar to the user authentication system 1 described in the second embodiment). The authentication system includes an image capture component, a processing component, a registration component, and an identification code providing component. The user authentication system is coupled to a database and to a data access control component. The detailed steps of the user authentication method are as follows: First, the fourth embodiment first performs step 401, so that the image capturing component captures one of the identification information of one of the users of 201224161. Then, 'execution step 402' causes the processing component to determine the user's Whether the identity identification information meets the certification information recorded in the database. Similar to the third embodiment, the pre-stored authentication information in the database is that the user registers the identity related information in the data by means of a pre-application. In the library, the user authentication system will perform the identity comparison of the user based on the authentication data already stored in the database. Similarly, if the identity identification information of the user meets the authentication information recorded by the database, step 403 is executed to enable the identifier providing component to provide the user identity identification information. Then, step 404 is executed to enable the identification code providing component to register the identification information in the data access component, and the user operates the data access component. However, if the authentication data expires, the processing unit may cause the processing unit to determine that the identity identification information of the user does not meet the authentication information recorded by the database. In this way, the user can perform the action of re-registering. Step 405' is executed to cause the registration element to receive a system usage request of the user. Step 406 is executed to enable the registration component to generate new authentication information according to the system usage requirements. Then, step 407 is executed to cause the registration component to record the new authentication information in the database. The user returns to step 401 to re-establish the identity comparison. In summary, the user authentication system and the user authentication method of the present invention mainly enable the user authentication process to be completed in a more efficient manner through procedures such as reservation, identification, and authentication, and thus, manually performed in the past. The shortcomings of identity authentication leading to delays in the overall process of business processing can be easily overcome. However, the above-described embodiments are merely illustrative of the embodiments of the present invention and the technical features of the present invention are not limited to the scope of protection of the present invention. It is intended that any change or singularity that can be easily accomplished by those skilled in the art is intended to be within the scope of the invention. The scope of the invention should be determined by the scope of the application. BRIEF DESCRIPTION OF THE DRAWINGS FIG. 1A is a front view of a user authentication system according to a first embodiment of the present invention; FIG. 1B is a side view of a user authentication system according to a first embodiment of the present invention; The component connection relationship of the user authentication system of the first embodiment is not intended, FIG. 2A is a front view of the user authentication system of the second embodiment of the present invention; and FIG. 2B is a user authentication system of the second embodiment of the present invention. 2C is a flowchart of a component connection relationship of a user authentication system according to a second embodiment of the present invention, and FIG. 3A-3C is a flowchart of a user authentication method according to a third embodiment of the present invention; and 4A The -4B diagram is a flowchart of the user authentication method of the fourth embodiment of the present invention. [Description of main component symbols] 1, 1, User authentication system 13: Processing component 151: Identity identification component 170: Processing status information 20: Database L1: First connection S1: Identity identification information N1: Identity identification information 11 : image capturing component 15 : identification code providing component 17 : display component 19 : registration component 30 : data access control component L2 : second connection D1, D2 : authentication information REQ : system use requirement 14