TW202139036A - Authentication system, user terminal, authentication method, and program - Google Patents

Abstract

A first registration means (102) of an authentication system (S) registers a first portion of first information to a first device (20). A second registration means (104) associates a second portion of the first information with second information, and registers the result to a second device (10). An authentication means (105) performs authentication on the basis of the first portion, the second portion, and the second information. A restriction means (106) restricts the association of identical or similar second information with each of a plurality of identical or similar second portions.

Description

Authentication system, authentication method, and program product

This disclosure is about authentication systems, authentication methods, and program products.

Previously, the authentication technology required to improve security has been known. For example, Patent Document 1 describes that the first part of the user's fingerprint pattern is associated with the user ID and registered to the user terminal, and the second part of the fingerprint pattern is associated with the user ID and registered to the server system. Once the user puts his finger on the fingerprint sensor of the user terminal, the fingerprint pattern detected by the fingerprint sensor will be combined with the registered part 1 and user ID in the user terminal. Send to the server. The server combines the first part received with the second part registered in itself in connection with the received user ID. The server compares the combined fingerprint pattern with the received fingerprint pattern for authentication. [Prior Technical Literature] [Patent Literature]

[Patent Document 1] JP 2002-312317 A

[The problem to be solved by the invention]

In the technique of Patent Document 1, since the user ID is registered in the user terminal, there is a risk of leakage of the user ID. In order to avoid the risk of user ID leakage, for example, consider generating a random value and logging in to the user terminal instead of using the user ID. However, for a plurality of users who are similar to each other in the second part, if the same value is given, there is a possibility of impersonation, and the security is not sufficient.

The purpose of this disclosure is to improve security. [Means to solve the problem]

The authentication system described in one aspect of this disclosure includes: a first registration means, which is used to register the first part of the first information to the first device; and a second registration means, which is used to register the first part of the 1 The second part of the information is connected to the second information and registered to the second device; and the authentication means is used to authenticate based on the first part of the preceding note, the second part of the preceding note, and the second information of the preceding note; and restrictions The method is used to restrict each of the plurality of the second part of the preceding note that are the same or similar to each other, being connected with the second information of the preceding note that are the same or similar to each other.

The user terminal described in one aspect of this disclosure contains: the first obtaining means is used to obtain the first part of the first information; and the second obtaining means is used to obtain the second part of the first information from the previous section. Part of the registered server, and in order to restrict each of the same or similar plural of the second part of the preceding note, each of which is connected with the same or similar second information of each other, obtain the second information of the preceding note; and memory The means are used to memorize the first part of the preface and the second information of the preface; and the means of sending are used to send the first part of the preface and the second information of the preface to the external device when the authentication is performed.

The authentication method described in one aspect of this disclosure includes: the first registration step is used to register the first part of the first information to the first device; and the second registration step is used to register the first part of the previous record. 1 The second part of the information is connected to the second information and registered to the second device; and the authentication step is used to authenticate based on the first part of the previous note, the second part of the previous note, and the second information of the previous note; and restrictions The step is to restrict each of the plurality of the second part of the preceding note that are the same or similar to each other to be connected with the second part of the preceding note that are the same or similar to each other.

The program product described in one aspect of this disclosure enables the computer to function as: the first registration means is used to register the first part of the first information to the first device; the second registration means is used To establish a connection between the second part of the first information and the second information and log in to the second device; the authentication method is used to authenticate based on the first part, the second part, and the second information ; Restriction means are used to restrict each of the same or similar plural of the second part of the preceding note to be connected with the same or similar information of the second part of the preceding note.

According to one aspect of the present disclosure, the aforementioned restriction means allows each of the plurality of aforementioned Part 2 that are different or dissimilar to each other to be connected with the same or similar aforementioned Part 2 information.

According to one aspect of this disclosure, the pre-recorded authentication system also contains: acceptance means, which are used to accept the registration application; pre-restricted means, restrict users who have made the pre-recorded registration application. Establish a connection with the second information of the previous note that is the same or similar to other users who are the same or similar to the second part of the previous note.

According to one aspect of this disclosure, the prescriptive restriction method is to retrieve the second information that has not been linked to the previous section 2 of other users; the preamble second registration method is the use of the prescriptive registration application The second part of the previous record will be linked and registered with the previous second information that has been retrieved.

According to one aspect of this disclosure, the prescript authentication system also contains: generation means, which is used to generate candidates for the prescript second information of the user who has made the prescript registration application; the prescriptive restriction means are the prescript candidates, and If the previous second information of other users is the same or similar, the previous candidate will not be regarded as the previous second information of the user who made the previous registration application; the previous candidate and the previous second information of other users If the second information is different or dissimilar, the previous candidate will be regarded as the previous second information of the user who made the previous registration application.

According to one aspect of this disclosure, the first device mentioned above is the user terminal; the second device mentioned above is the server; the authentication method mentioned above is based on the inputted first information and second information, and The pre-recorded user terminal pre-recorded part 1, and the pre-recorded server pre-recorded the second part and the pre-recorded second information, and the pre-recorded authentication is performed.

According to one aspect of this disclosure, the first log-in means of the previous note is in the previous user terminal, and the first part of the previous log and the second information of the previous note are registered; the second information entered is the previous user terminal. Record the second information before being registered in the center.

According to one aspect of this disclosure, the aforementioned user terminal uses short-distance wireless communication to send the aforementioned part 1 to the authentication device required to obtain the inputted previous information; the aforementioned authentication device , Is to send the preface part 1 received by the preface user terminal to the preface authentication means.

According to one aspect of this disclosure, the prefaced short-range wireless communication is a communication specification that can use advertising packets; the prefaced user terminal uses the prefaced advertising packets to authenticate the device Note Part 1 before sending.

According to one aspect of this disclosure, the aforementioned authentication means is to combine the first part registered in the first device of the preceding note and the second part registered in the second device of the preceding note to obtain the first part of the preceding note. 1 Information; based on the similarity between the first information entered before the input and the first information before the combination, and the identity of the second information before the input and the second information before the second device. Foreword authentication; the foreword restriction means is to restrict each of the similar to each other in the second part of the foreword to be connected with each other's same foreword to the second information.

According to one aspect of this disclosure, each of the plurality of databases memorized in the second device in the preceding note is registered with a plurality of users before the second part; the second information in the preceding note It is the identification information of the pre-recorded database; the pre-recorded authentication method is based on the registered pre-recorded part 2 in the pre-recorded database that is recognized by the input of the pre-recorded second information, and obtains the combined previous record. 1 Information.

According to one aspect of this disclosure, the first information system of the preceding note is biological information; the second information system of the preceding note is used to retrieve the search information required for the second part of the previous note registered in the second device; the preceding note authentication It is biometric authentication based on the first part of the previous note and the second part of the previous note retrieved by the previous search information.

According to one aspect of this disclosure, the aforementioned authentication method is based on a predetermined determination algorithm, and the first information entered is determined by the combination of the first part of the previous entry and the second part of the previous entry. Whether the first information of the preceding note is the same or similar, the preceding information is verified; the restriction means of the preceding note is based on the same determination algorithm as the preceding note determination algorithm, and it is determined whether there are plural second parts of the preceding note that are identical or similar to each other. . [Effects of the invention]

According to this disclosure, safety can be improved.

[1. The overall structure of the authentication system]

The following describes an example of an implementation form of the authentication system. Figure 1 is a diagram of the overall structure of the authentication system. As shown in FIG. 1, the authentication system S includes a server 10, a user terminal 20, and an authentication device 30, which can be connected to a network N such as the Internet. In addition, in FIG. 1, although only one of the server 10, the user terminal 20, and the authentication device 30 is shown in the figure, these may be plural.

Server 10 is a server computer. The server 10 includes a control unit 11, a storage unit 12, and a communication unit 13. The control unit 11 includes at least one processor. The control unit 11 executes processing in accordance with the program or data stored in the memory unit 12. The memory unit 12 includes a main memory unit and an auxiliary memory unit. For example, the main memory is a volatile memory such as RAM, and the auxiliary memory is a non-volatile memory such as ROM, EEPROM, flash memory, or hard disk. The communication part 13 is a communication interface for wired communication or wireless communication, and performs data communication through the network N.

The user terminal 20 is a computer operated by the user. For example, the user terminal 20 is a mobile phone (including a smart phone), a portable information terminal (including a tablet computer and a wearable terminal), or a personal computer. In this embodiment, the user terminal 20 includes a control unit 21, a storage unit 22, a communication unit 23, an operation unit 24, a display unit 25, and a photographing unit 26. The physical structure of the control unit 21, the storage unit 22, and the communication unit 23 may be the same as the control unit 11, the storage unit 12, and the communication unit 13, respectively.

The operation unit 24 is an input device, such as a pointing device such as a touch panel or a mouse, a keyboard, or a button. The operation unit 24 transmits the operation content to the control unit 21. The display unit 25 is, for example, a liquid crystal display unit, an organic EL display unit, or the like. The display unit 25 displays images in accordance with instructions from the control unit 21.

The photographing unit 26 includes at least one camera. For example, the imaging unit 26 includes an imaging element such as a CCD imaging sensor or a CMOS imaging sensor, and records the image captured by the imaging element as digital data. The image can be a still image or an animation that is continuously shot at a predetermined frame rate.

The authentication device 30 is a computer used for authentication. For example, the authentication device 30 is a mobile phone, a portable information terminal, or a personal computer. In this embodiment, the authentication device 30 includes a control unit 31, a storage unit 32, a communication unit 33, an operation unit 34, a display unit 35, and a photographing unit 36. The physical structure of the control unit 31, the storage unit 32, the communication unit 33, the operation unit 34, the display unit 35, and the photographing unit 36 can be combined with the control unit 11, the storage unit 12, the communication unit 13, the operation unit 24, and the display unit respectively. 25. Same as the photography department 26.

In addition, the programs and data described as being stored in the memory sections 12, 22, and 32 can also be supplied through the network N. In addition, the hardware configuration of each computer described above is not limited to the example described above, and various hardware can be applied. For example, it may also include: a reading unit (such as an optical disc drive or a memory card slot) for reading information storage media that can be read by a computer, or an input/output unit for data input/output with external machines (E.g. USB port). For example, the program or data stored in the information storage medium can also be supplied through the reading unit or the input/output unit.

[2. Overview of the authentication system] The authentication system S is to perform authentication in order to confirm the legitimacy of the user in any scene. Authentication is the act of confirming whether a user has the prescribed qualifications. Authentication is also called object authentication or personal authentication. The authentication system S can perform various types of authentication, such as two-dimensional code authentication, biometric authentication, pass code authentication, password authentication, electronic seal authentication, or passphrase authentication.

Biometric authentication is an authentication method that uses human physical characteristics or mobility characteristics. For example, biometric authentication using physical characteristics includes face authentication, fingerprint authentication, DNA authentication, palm authentication, omentum authentication, iris authentication, vein authentication, or voice authentication. For another example, biometric authentication using mobility characteristics includes handwriting authentication, keystroke authentication, lip movement authentication, eye-catching authentication, or walking authentication.

In this embodiment, a scene where a user passes through a security gateway is taken as an example to describe the processing of the authentication system S. In addition, the authentication system S is a modified example described later, and can be applied to various scenes. The scene to which the authentication system S is applied is not limited to the example of this embodiment.

FIG. 2 is a diagram showing an example of a scene where the authentication system S is used. As shown in Figure 2, the security gate SG contains a rotary door. The security gateway SG is connected to the authentication device 30. The door of the security gateway SG is locked by a locking mechanism. Once the user's authentication is successful, the lock is released. The security gateway SG is an arbitrary facility such as a company or public facility that is deployed at the workplace. Only those qualified for admission can pass through the security gateway SG.

In this embodiment, as an authentication method for authenticating a user, face authentication is taken as an example. When the user wants to use the authentication service provided by the authentication system S, a predetermined use registration is performed. Once the user has completed the usage registration, the user ID used to uniquely identify the user will be issued. Information such as the name entered by the user is registered to the server 10. The user applies for registration of facial photos at the time of registration or at any time sequence thereafter. For example, once the user operates the user terminal 20 to access the server 10, the login application screen required for the login application will be displayed on the user terminal 20.

Fig. 3 is a diagram showing an example of a login application screen. As shown in Figure 3, the login application screen G1 is displayed with: an input form F10 for inputting a user ID, an input form F11 for inputting a password, and an input form for uploading a face photo. Enter the form F12, and the button B13 required for the login application. In addition, the password is not used for passing through the security gateway SG, but for other purposes such as changing one's own login information.

For example, the memory unit 22 of the user terminal 20 stores a photo of the user's face. The user enters the file name in the input form F12, and specifies the face photo to be uploaded. That is, the user, in the input form F12, specifies the face photo to be used for facial authentication. In this embodiment, in order to simplify the description, a case where only one face photo is registered is described, but it is also possible to register a plurality of face photos. In addition, the user can also activate the photographing unit 26 to take facial photos on the spot.

Once the user enters information in each of the input forms F10 to F12 and selects the button B13, the face photo will be uploaded to the server 10. The server 10 calculates the feature amount of the user's face based on the face photo. The facial features are not centrally managed in the server 10, but are managed in a distributed manner between the server 10 and the user terminal 20.

In this embodiment, the first part of the feature amount of the face is registered in the user terminal 20. The second part of the facial features is registered in the server 10. In addition, the second part of the facial features can also be distributed and managed by multiple servers. The first part is part of the facial features. The second part is different from the first part. Part 1 and Part 2, part of it can be repeated. The feature value of the face may not only be the first part and the second part, but be divided into more than three parts. It is assumed that which part of the feature quantity of the face will become the first part and the second part is determined in advance. The first part and the second part can be arbitrary parts, and are not limited to the examples of this embodiment.

For example, the feature quantity of a face is expressed by a vector of n dimensions (n is a natural number). In this embodiment, the value of n is assumed to be 5. For example, in a five-dimensional vector, the first two elements are registered as the first part in the user terminal 20. Among the five-dimensional vector, the latter three elements are registered as the second part Server 10. If the feature amount of the face is assumed to be (2.4, 1.5, 3.6, 4.3, 8.9), the part (2.4, 1.5) is registered in the user terminal 20 as the first part. The part (3.6, 4.3, 8.9) is registered to server 10 as part 2.

The server 10 stores the second part of the database in which at least one user is registered. The server 10 stores multiple databases. In this embodiment, a DB number is assigned to each database. The DB number is used to uniquely identify the information of the database. The DB number can also be the name or ID of the database. In this embodiment, this database is referred to as the second partial database.

The second part of the user is registered in any part 2 database. In the user terminal 20, not only the first part of the user, but also the DB number of the second part database registered in the second part is registered together. Once the registration of each of the first part, the second part, and the DB number is completed, the registration completion screen is displayed on the display unit 25.

Fig. 4 is an illustration of an example of a login completion screen. As shown in Fig. 4, a message indicating that the registration has been completed is displayed on the G2 system of the registration completion screen. The first part and DB number registered in the user terminal 20 may also be displayed on the registration completion screen G2. Once the login is completed, the user can perform authentication and pass through the security gateway SG.

FIG. 5 is an illustration of the authentication process in the authentication system S. In the example of FIG. 5, the first part (2.4, 1.5) and the DB number "157813" are registered in the user terminal 20. The user terminal 20 uses short-range wireless communication such as Bluethooth (registered trademark) or Wi-Fi (registered trademark) to transmit the registered information in itself to the surroundings. For example, the user terminal 20 may also store the first part and the DB number in an advertising packet and send it to the surroundings.

Once the user approaches the authentication device 30, the authentication device 30 uses short-range wireless communication to receive the first part (2.4, 1.5) and the DB number "157813" from the user terminal 20. The user instructs the photographing section 36 to photograph his own face in accordance with the instructions displayed on the display section 35 of the authentication device 30. The authentication device 30 sends the first part (2.4, 1.5), the DB number "157813", and the image captured by the photographing unit 36 to the server 10.

The server 10 calculates the feature amount of the face captured in the image received from the authentication device 30. This feature quantity is expressed as a 5-dimensional vector. For example, the server 10 obtains (2.4, 1.5, 3.6, 4.3, 8.9) as the feature amount of the face captured in the image. This feature amount is equivalent to the query during authentication.

The server 10 refers to the second partial database DB1 of the DB number "157813" received from the authentication device 30. The server 10 combines the first part (2.4, 1.5) received from the authentication device 30 and the second part (3.6, 4.3, 8.9) stored in the second part database DB1 to obtain The feature quantity of a 5-dimensional vector (2.4, 1.5, 3.6, 4.3, 8.9). This feature amount is equivalent to the index at the time of authentication. In the case where the second part of the database DB1 is registered with a plurality of users, then the number of the users will be the number of index features.

The server 10 calculates the distance between the feature quantity of the query and the feature quantity of the index. In the case where a plurality of feature quantities of the index are obtained, how many distances are calculated based on the number of feature quantities of the index. The server 10 determines that the authentication is successful when there is a distance less than the threshold. In the example of FIG. 5, since the distance of 0 exists in the second partial database DB1, it is determined that the authentication is successful. Once the authentication is successful, the locking system of the security gateway SG is released, and the user can pass through the security gateway SG.

As described above, the authentication in the authentication system S is performed. The second part registered in the database DB1 of the second part will be combined with the first part registered in the user terminal 20. Therefore, in the same second part of the database DB1, if there are the same or If the similar plural part 2 is registered, impersonation may occur.

Figure 6 is a diagram showing an example of a situation where impersonation is possible. As shown in Figure 6, in the second part database DB1 of the DB number "157813", it is assumed that the same users A and B exist in the second part (3.6, 4.3, 8.9). When user A is authenticated, the first part (2.4, 1.5) registered in the user terminal 20 of user A and the second part (3.6, 4.3) registered in the second part database DB1 , 8.9), once the system is combined, it may be the same or similar to the feature amount of user A's face captured in the image.

In the case of FIG. 6, user A may be authenticated as user B, and impersonation may occur. Even if the first part of user A is different from the first part of user B, impersonation may still occur. Even if the second part is not exactly the same, as long as multiple similar second parts are registered in the same second part database DB1, the same impersonation may occur. Therefore, in this embodiment, in the second part database DB1 of the same DB number, plural second parts that are the same or similar to each other are not registered.

Fig. 7 is a diagram showing an example of processing at the time of registration application. As shown in Figure 7, suppose that when user A makes a registration application, user B, who is the same or similar to the second part of user A, has already used the DB number "157813". In this case, the server 10 is such that the same DB number "157813" as the user B will not be assigned to the user A, and the other DB number "438569" will be assigned to the user A.

For example, the server 10 determines whether there are other users that are the same as or similar to the second part of user A in the second part database DB1 of the DB number "438569". The server 10 first confirms that there is no other user that is the same or similar to the second part of user A in the database DB1 of the second part of the DB number "438569", and then assigns the DB number to User A.

In the second part database DB1 of the DB number "438569", if there are other users who are the same as or similar to the second part of user A, the server 10 executes the above-mentioned processing until it finds no The second part database DB1 where other users that are the same as or similar to the second part of user A exist. In the case where none of the existing partial second database DB1 is found, the server 10 may also issue a new DB number. In this case, the server 10 registers the second part of user A in the second part database DB1 corresponding to the new DB number.

As described above, the authentication system S is in the same second part database DB1 and does not register plural second parts that are the same or similar to each other, thereby preventing impersonation and sufficiently improving security. Hereinafter, the details of this technique will be explained.

[3. Functions implemented in the authentication system] FIG. 8 is a functional block diagram of an example of the functions implemented in the authentication system S of this embodiment. Here, the functions implemented in each of the server 10, the user terminal 20, and the authentication device 30 are explained.

[3-1. Functions implemented in the server] As shown in FIG. 8, the server 10 is implemented as a data storage unit 100, an acceptance unit 101, a first registration unit 102, a generation unit 103, a second registration unit 104, an authentication unit 105, a restriction unit 106, and The processing execution unit 107.

[Data Memory Department] The data storage unit 100 is realized based on the storage unit 12. The data storage unit 100 stores data necessary for authentication. Here, as an example of the data stored in the data storage unit 100, the second partial database DB1 and the user database DB2 will be described.

The second part database DB1 is the second part database where at least one user is registered. The data storage unit 100 stores a plurality of part 2 database DB1. The second part of the database DB1 is identified by the DB number. The DB number can be numbered with a continuous number, or it is not necessary to use a continuous number. The DB number is recorded in the data storage unit 100.

The DB number is an example of the second information. Therefore, the place described as the DB number in this embodiment can be replaced with the second information. The second information is the information that establishes a connection with the second part. The so-called connection establishment means that the second part and the second information are mutually searchable, or the second part and the second information are related to each other. Registering the second part in the second part database DB1 indicated by the DB number is equivalent to establishing a connection between the second part and the DB number. Others include, for example, registering the second part and the DB number for the same record in the user database DB2 described later, which is equivalent to establishing a connection between the second part and the DB number.

For example, the second information is the identification information of the database. The identification information is not limited to the DB number, it can also be a string, or a combination of text and numeric values. The second information system can also be referred to as the retrieval information used to retrieve the second part registered in the server 10. Retrieving information is information that can become a query or index during retrieval. In each of the plural second part database DB1 memorized in the server 10, the second part of each of plural users is registered.

Fig. 9 is a diagram showing an example of data storage in the user database DB2. As shown in Figure 9, the user database DB2 is a database where various information about the user is stored. The user database DB2 is stored with: user ID, user's name, password, uploaded facial photos, facial features calculated from facial photos, part 2 , And DB number. In addition, the information stored in the user database DB2 is not limited to these, and arbitrary information such as the user's contact point or address may also be stored.

The password, the second part, and the DB number are a type of authentication information. The so-called authentication information is the information that is referred to during authentication, and its name is different depending on the authentication method. For example, if it is an electronic seal authentication, the multi-touch type of the seal is the authentication information, and if it is a passphrase authentication, the passphrase is the authentication information.

The feature quantity of the face is information that digitizes the features of the face, and represents the features such as the relative position, size, or shape of the parts of the face. In this embodiment, although the feature amount of the face shown in the face photo is calculated in advance, the feature amount of the face may be calculated on the spot during authentication. In the case where there are a plurality of face photos registered, the feature amount of the face is calculated for each face photo. Facial authentication itself can be applied to various techniques. For example, principal component analysis, linear discriminant analysis, elastic matching, or hidden Markov model can be used. The feature quantity can be calculated by the calculation formula corresponding to these techniques. . For example, although the feature quantity of a face is represented by a multi-dimensional vector, it can also be represented in other forms such as a sequence of numbers or a single value.

[Reception Department] The receiving unit 101 is realized mainly by the control unit 11. The acceptance department 101 is for accepting predetermined registration applications. The registration application is the application required to register the information necessary for authentication, and here is the application required to register the facial features. The registration application is processed through the procedures established in advance. For example, once the user terminal 20 selects the button B13, a predetermined registration application is sent. The registration application contains the image data of the face photo specified by the user. The receiving unit 101 receives an application for registration of image data containing facial photos from the user terminal 20.

[First Registration Department] The first registration unit 102 is realized mainly by the control unit 11. The first registration unit 102 registers the first part of the feature amount of the face in the user terminal 20. In this embodiment, the first registration unit 102 registers the first part and the second information in the user terminal 20. In addition, the second information may be registered in a computer other than the user terminal 20. The so-called login is the same as recording, storing, or saving. The first registration unit 102 registers the first part of a certain user to the user terminal 20 of the user.

The feature amount of the face is an example of the first information. Therefore, what is described as the feature value of the face in this embodiment can be replaced with the first information. The first information is authentication information. In this embodiment, since biometric authentication is used, the first information system is biometric information. Biological information is authentication information used in biometric authentication. In addition to the feature amount of the face, the face photo itself can also be equivalent to biological information. In the case of using biometric authentication other than facial authentication, the biometric information system only needs to be authentication information corresponding to the biometric authentication.

The user terminal 20 is an example of the first device. Therefore, what is described as the user terminal 20 in this embodiment can be replaced with the first device. The first device may be a device different from the second device. For example, the first device may be a server computer different from the server 10 in addition to the user terminal 20. In this case, Part 1 and Part 2 are managed separately in individual server computers.

The feature quantity of the face photo designated by the user can also be calculated by the server 10 or by the user terminal 20. The feature quantity only needs to be calculated based on a predetermined algorithm. For example, CNN can also be used. The first registration unit 102 acquires the part of the predetermined position (the first two elements in this embodiment) among the feature quantities of the face as the first part. In other terms, the feature value of the face is divided into the first part and the second part. The first registration unit 102 transmits and registers the first part to the user terminal 20.

[Generation Department] The generating unit 103 is realized mainly by the control unit 11. The generating unit 103 generates candidates for the DB number of the user who has applied for registration. The so-called candidate is the DB number of the second part database DB2 that may be the second part of the registered user. The generating unit 103 selects candidates from the existing DB numbers. The so-called existing DB number is the DB number of the second part database DB2 that has been created. The generating unit 103 may also randomly select candidates from the existing DB numbers, or select candidates in the order of the existing DB numbers from newer to older. The generating unit 103 may not be an existing DB number, but may generate a new DB number. In this case, the generating unit 103 may use random numerical values generated based on random numbers as candidates.

[Second Registration Department] The second registration unit 104 is realized mainly by the control unit 11. The second registration unit 104 associates the second part of the feature amount of the face with the DB number and registers it in the server 10. In this embodiment, once the user makes a registration application, the second part will be registered. Therefore, the second registration unit 104 is for the second part of the user who made the registration application, and the DB number that has been retrieved Establish a connection and log in.

The second registration unit 104 acquires the predetermined position of the feature amount of the face (in this embodiment, the latter three elements) as the second part. For example, the second registration unit 104 registers the second part of the user in the second part database DB1 of the DB number of the user who made the registration application. For another example, the second registration unit 104 is in the user database DB2. In the record of the user who made the registration application, the second part and the DB number of the user are registered.

[Authentication Department] The authentication unit 105 is realized mainly by the control unit 11. The authentication unit 105 is based on the first part, the second part, and the DB number, and the authentication unit 105 is based on the input facial feature amount and DB number, and the first part of the user terminal 20, and the server Part 2 of 10 and the DB number for authentication. In this embodiment, the second part used for authentication is retrieved by the DB number. Therefore, the authentication is based on the first part and the second part retrieved by the DB number. Certification.

The so-called input feature value of the face is the feature value input to the computer during authentication. For example, it may also be the feature value input by the detection result of the sensor of the photographing unit 36 or the like. It can also be a feature quantity that is input by the user's operation. In this embodiment, the feature amount of the face represented by the image captured by the imaging unit 36 is an example of the input feature amount. The same applies to the entered DB number, which is the DB number entered to the computer during authentication. In the present embodiment, the DB number received by the authentication device 30 from the user terminal 20 is an example of the inputted DB number. The inputted DB number is the registered DB number in the user terminal 20.

The input feature amount and DB number of the face are information equivalent to the query at the time of authentication. The first part of the user terminal 20, the second part of the server 10 and the DB number are information equivalent to the index at the time of authentication. In this embodiment, biometric authentication is taken as an example. Therefore, it is explained that the success or failure of authentication is determined by the information equivalent to the query and the similarity of the information equivalent to the index. In the case of using other authentication methods Next, you can also determine whether the authentication is successful or not based on their identity.

For example, the authentication unit 105 combines the first part registered in the user terminal 20 and the second part registered in the server 10 to obtain the feature value of the face. The authentication unit 105 performs authentication based on the similarity between the inputted face feature quantity and the combined face feature quantity, and the identity of the inputted DB number with the DB number of the server 10 .

The authentication unit 105 determines that the authentication is successful when the feature amount of the input face is similar to the feature amount of the combined face. The authentication unit 105 determines that the authentication has failed when the feature amount of the input face is not similar to the feature amount of the combined face. For example, the authentication unit 105 calculates the similarity based on the feature amount of the input face and the feature amount of the registered face.

The authentication unit 105 can also directly use the difference between these feature quantities (for example, the distance between the vectors represented by the feature quantities) as the degree of similarity, or substitute these feature quantities into a predetermined calculation formula (for example, for the feature quantity represented Each element of the vector is weighted to calculate the similarity. The authentication unit 105 determines that the authentication is successful when the degree of similarity is equal to or greater than the threshold value, and determines that the authentication has failed when the degree of similarity is less than the threshold value.

In addition, when it is not the feature amount of the face, but the face photo itself is used for face authentication, the authentication unit 105 can also calculate the input face photo and the combined face photo The similarity. The calculation method of the similarity between the images can be applied to various methods. For example, the method of calculating the difference between the pixel values of the pixels in the image can also be used, and the similarity calculation in machine learning can also be used.

In this embodiment, the fact that the entered DB number is the same as the DB number of the server 10 is also a condition for successful authentication. The authentication unit 105 obtains the feature amount of the combined face based on the second part registered in the second part database DB1 recognized by the inputted DB number. The authentication unit 105 combines the first part of the user with the current second part according to each second part registered in the second part database DB1 to obtain the characteristic value. That is, the authentication unit 105 obtains the feature amount by combining the first part of the user with all the second parts registered in the second part database DB1. The authentication unit 105 determines that the authentication is successful if there is a combined feature quantity similar to the input feature quantity.

The authentication unit 105 determines whether the feature amount of the input face and the feature amount of the face combined with the registered first part and second part are the same or similar based on a predetermined judgment algorithm , For authentication. The decision algorithm is the algorithm used to determine whether the feature quantities are similar to each other. For example, the decision algorithm is to calculate the distance of the feature quantity. The judgment algorithm is to reduce the distance between the feature quantities of the n-dimensional vector to the coordinates of a predetermined dimension (for example, 2 dimensions), and to calculate the distance of the 2-dimensional coordinate information. The authentication unit 105 determines whether the feature quantities are similar or not based on the distance on the coordinates of the predetermined dimension. Therefore, no matter what dimension the information of the comparison object is, it will be reduced to the distance of the predetermined dimension.

[Restricted Department] The restriction unit 106 is realized mainly by the control unit 11. The restricting part 106 restricts each of the plurality of second parts that are the same or similar to each other, and is associated with the same or similar DB numbers. The restricting part 106 is for a plurality of users who are the same or similar to each other in the second part, and restricts the DB numbers that are the same or similar to each other to be connected. In this embodiment, because the restriction is performed at the time of registration application, the restriction unit 106 restricts the second part of the user who made the registration application, and is the same or similar to other users who are the same or similar to the second part. Similar DB numbers are connected. Other users are those who have registered Part 1, Part 2, and DB number.

The so-called restriction is to prevent or prohibit the establishment of the above-mentioned relationship from being carried out. In this embodiment, the restricting part 106 is to prevent each of the second parts that are the same or similar to each other from being associated with the same or similar DB numbers, and to determine the user's DB Number to restrict.

The restriction unit 106 allows each of the plurality of second parts that are different or not similar to each other to be associated with the same or similar DB numbers. The restriction unit 106 is for a plurality of users who are different or dissimilar to each other in the second part, and allows the same or similar DB numbers to be associated with each other. Therefore, in one part 2 database DB1, part 2 of a plurality of users will be registered.

The restriction unit 106 searches for DB numbers that are not connected with the second part of the other users mentioned above. The restriction unit 106 searches for a DB number that is the same or similar to the user who made the registration application, and determines the DB number of the user who made the registration application.

For example, in the case where the restriction unit 106 is the candidate and the DB number of the other user mentioned above is the same or similar, the candidate will not be set as the DB number of the user who made the registration application. For example, the restriction unit 106 sets the candidate as the DB number of the user who made the registration application when the candidate is different or not similar to the DB number of the other user mentioned above. The restriction unit 106 searches for candidates for the DB number of other users who are the same or similar to the user who made the registration application. If such a candidate is found, it decides whether to do it. The DB number of the user who registered the application.

In this embodiment, since the biometric authentication is determined by the similarity, the restriction unit 106 restricts that each of the second parts that are similar to each other is associated with the same DB number.

The restriction unit 106 determines whether there are a plurality of second parts that are the same or similar to each other based on the same determination algorithm as the determination algorithm used by the authentication unit 105. The restriction unit 106 uses the judgment algorithm to reduce the dimension of the second part to the distance on the coordinate of the predetermined dimension, and judge whether there are a plurality of second parts that are the same or similar to each other. In this embodiment, the distance between the second parts is used in this determination. If the distance is less than the threshold, the judgment is affirmative. If the distance is greater than the threshold, the judgment is negative.

[Processing Execution Department] The processing execution unit 107 is realized mainly by the control unit 11. The processing execution unit 107 executes predetermined processing based on the authentication result. For example, the processing execution unit 107 does not execute the predetermined processing when the authentication fails, and executes the predetermined processing only when the authentication succeeds. The prescribed processing is the processing that is permitted to be executed only when the authentication is successful. In this embodiment, it is explained that the processing required to unlock the security gateway SG is equivalent to the predetermined processing, but the predetermined processing can be applied to any processing. For example, the prescribed processing can be: login processing of the server or terminal, processing of unlocking the computer, processing of browsing permission data, processing of writing permission data, processing of opening and closing automatic doors, and permission of electronic voting Processing, or the processing of obtaining permission for official documents.

[3-2. Functions implemented in the user terminal] As shown in FIG. 8, in the user terminal 20, a data storage unit 200, a first acquisition unit 201, a second acquisition unit 202, an acceptance unit 203, and a transmission unit 204 are realized.

[Data Memory Department] The data storage unit 200 is realized based on the storage unit 22. The data storage unit 200 stores data necessary for registration application and authentication. For example, the data storage unit 200 stores the data of the user's face photo. For another example, the data storage unit 200 stores the first part and the DB number.

[First Acquisition Part] The first acquisition unit 201 is realized mainly by the control unit 21. The first acquisition unit 201 acquires the first part of the feature amount of the face. In this embodiment, the first registration unit 102 of the server 10 generates the first part and sends it to the user terminal 20. Therefore, the first acquisition unit 201 receives the first part from the server 10 and records it to Data storage unit 200.

[Second Acquisition Part] The second acquisition unit 202 is realized mainly by the control unit 21. The second acquisition unit 202 is the server 10 to which the second part of the feature amount of the face is registered, and in order to restrict each of a plurality of second parts that are the same or similar to each other, each of the second parts is the same or similar to each other. The server 10 to which the number establishes a connection obtains the DB number. In the present embodiment, since the DB number is determined by the restriction unit 106 of the server 10, the second acquisition unit 202 receives the DB number from the server 10 and records it in the data storage unit 200.

[Reception Department] The receiving unit 203 is realized mainly by the control unit 21. The accepting unit 203 accepts various input operations. For example, the accepting unit 203 accepts the input operation of the user ID of the input form F10. For another example, the accepting unit 203 accepts the input operation of the password of the input form F11. For another example, the accepting unit 203 accepts an input operation of the file name of the face photo in the input form F12. In addition, the input operation system accepted by the accepting unit 203 is not limited to these, and other various input operations can be accepted.

[Communication Department] The transmission unit 204 is realized mainly by the control unit 21. The sending unit 204 sends the data required for the registration application based on the input operation that has been accepted by the accepting unit 203. For example, the transmitting unit 204 transmits the data of the user ID, password, and face photo based on the input operation of each of the input forms F10 to F12. In addition, the data sent by the sending unit 204 is not limited to these, and various other data may be sent.

For example, the transmitting unit 204 transmits the first part and the DB number to the authentication device 30 when authentication is performed. The authentication device 30 is an example of an external device. Therefore, what is described as the authentication device 30 in this embodiment can be replaced with an external device. The external device may be a device other than the user terminal 20, and may be a computer other than the authentication device 30.

The transmitting unit 204 uses short-range wireless communication to transmit the first part to the authentication device 30 required to obtain the inputted facial features. In this embodiment, the short-range wireless communication is a communication standard that can use advertising packets. The transmitting part uses a broadcast packet (Advertising Packet) to transmit the first part to the authentication device 30. In this embodiment, the DB number is also transmitted using advertising packets.

[3-3. Functions implemented in the authentication device] As shown in FIG. 8, the authentication device 30 is realized by a data storage unit 300, an acceptance unit 301, a transmission unit 302, and a processing execution unit 303. In addition, in the present embodiment, although it is described that the authentication device 30 is included in the authentication system S, the authentication device 30 may be an external device that can communicate with the authentication system S.

[Data Memory Department] The data storage unit 300 is realized based on the storage unit 32. The data storage unit 300 stores data necessary for authentication. For example, the data storage unit 300 stores information such as the IP address of the server 10. For another example, the data storage unit 300 stores data (such as HTML data or image data) required for the display unit 35 to display various screens.

[Reception Department] The receiving unit 301 is realized mainly by the control unit 31. The accepting unit 301 accepts input operations. The input operation only needs to be an input operation necessary for authentication. In the present embodiment, the face authentication system does not require the user's input operation, so the accepting unit 301 accepts authentication start operations and the like.

In addition, the accepting unit 301 only needs to accept an input operation according to the type of authentication used in the authentication system S. For example, in the case of fingerprint authentication, it accepts the user putting his finger on the camera or the like. Input operation. For another example, in the case of using handwriting authentication, an input operation of the user writing characters on a touch panel or the like is accepted. For another example, in the case of using password authentication or passphrase authentication, the accepting unit 301 accepts the input operation of the password or passphrase.

[Communication Department] The transmission unit 302 is realized mainly by the control unit 31. The sending unit 302 sends the first part received from the user terminal 20 to the authentication unit 105 of the server 10. In this embodiment, the user terminal 20 transmits not only the first part but also the DB number. Therefore, the transmitting unit 302 transmits the first part and the DB number. The sending unit 302 only needs to send the information necessary for authentication, for example, it also sends the image taken by the photographing unit 36. The sending unit 302 can also send the authentication information itself, or send the information needed to specify the authentication information.

In this embodiment, it is explained that the authentication unit 105 is realized by the server 10. Therefore, it is explained that the sending unit 204 sends data to the server 10. However, if the authentication unit 105 is realized by another computer In the case of, you can also send data to other computers. In addition, the facial feature value may be calculated on the side of the authentication device 30. In this case, the transmitting unit 302 transmits the calculated facial feature value instead of the image.

In addition, the sending unit 302 only needs to send information corresponding to the type of authentication used in the authentication system S. For example, when fingerprint authentication is used, the sending unit 302 can also send the user The image of the finger will be sent based on the feature quantity of the finger calculated from the image. For another example, in the case of handwriting authentication, the sending unit 302 can also send the image of the text written by the user on the touch panel, etc., and can also send the coordinate information indicating the change of the touch position Send it. For another example, in the case of using password authentication or passphrase authentication, the sending unit 302 may also send the password or passphrase input by the user.

[Processing Execution Department] The processing execution unit 303 is realized mainly by the control unit 31. The processing execution unit 303 executes the predetermined processing when the authentication is successful. The meaning of the prescribed processing is the processing that is permitted to be executed only when the authentication is successful, as mentioned above. In this embodiment, if the authentication is successful, the lock on the security gate SG is released. Therefore, the processing execution unit 303 uses the motor of the locking mechanism when receiving a notification indicating that the authentication is successful. The lock is unlocked by turning, etc., and the lock is not unlocked if the notification indicating that the authentication is successful is not received.

[4. Processing executed in this embodiment] Next, the processing executed in the authentication system S will be explained. Here, the registration process required to allow the user to register the face photo and the authentication process required to allow the user to pass through the security gateway SG will be described. The processing described in the following is an example of the processing executed by the function block shown in FIG. 8.

[4-1. Registration process] Fig. 10 is a flowchart showing an example of the login process. The registration process shown in FIG. 10 is executed by the control units 11 and 21 operating in accordance with the programs stored in the storage units 12 and 22, respectively. In addition, when the login process is executed, it is assumed that the user has already completed the use registration, and his user ID and password have been issued.

As shown in FIG. 10, the user terminal 20 accesses the server 10 and causes the registration application screen G1 to be displayed on the display unit 25 (S1). When the button B13 has been selected, the user terminal 20 sends the information input into each of the input forms F10 to F12 to the server 10 (S2). In S2, the user terminal 20 sends the image data of the user ID, password, and facial photo that have been input by the user.

Once the server 10 receives the user ID and the like from the user terminal 20, it performs password authentication based on the user database DB2 and the received user ID and password (S3). In the case that the password authentication fails (S3; failure), the server 10 sends a predetermined error message to the user terminal 20 (S4), and this process ends. In this case, the user's registration application will not be accepted.

On the other hand, when the password authentication is successful (S3; successful), the server 10 calculates the facial features of the user who made the registration application based on the face photo received in S3 (S5) . In S5, the server 10 detects the relative position of the parts of the face, etc., and calculates the feature quantity of the face. The server 10 divides the calculated feature amount into a first part and a second part.

The server 10 generates DB number candidates based on a predetermined algorithm (S6). In S6, the server 10 selects any one of the existing DB numbers as candidates. At the time of S6, a new DB number can also be generated as a candidate, but since the second part of the database DB1 may become a large number, it is explained in this embodiment. At the time of S6, it is from the existing DB number The situation of choosing among them.

The server 10 refers to the second part database DB1 shown in the candidate generated in S6, and determines whether there is a second part that is the same as or similar to the second part of the feature amount calculated in S5 (S7). In S7, the server 10 calculates the distance between the second part stored in each record of the referenced second part database DB1 and the second part of the feature quantity calculated in S5. For example, the distance is based on the aforementioned decision algorithm, and is reduced to a distance of a predetermined dimension. If there is a record where the distance is less than the threshold, the determination of S7 is affirmative. If there is no record where the distance is less than the threshold, the determination of S7 is negative.

When it is determined that there is a second part that is the same as or similar to the second part of the feature amount calculated in S5 (S7; Y), the process returns to S6 to generate another candidate. If all the existing DB numbers have been created as candidates, the server 10 creates a new DB number as candidates. In this case, a new part 2 database DB1 will be generated.

If it is not determined that there is a second part that is the same as or similar to the second part of the feature amount calculated in S5 (S7; N), the server 10 determines the current candidate and decides to be the same as the second part of the feature value calculated in S5. The second part of the calculated feature quantity establishes a related DB number (S8), and the second part of the feature quantity calculated in S5 is stored in the second part database DB1 of the DB number (S9).

The server 10 sends to the user terminal 20 a notification of completion including the first part of the feature amount calculated in S5 and the DB number determined in S8 (S10). The notification of completion is made by sending information in a predetermined format, for example, assuming that a registered face photo is also included.

The server 10 registers the user's face photo, facial features, and the DB number determined in S8 in the user database DB2 (S11). In S11, the server 10 is in the user database DB2. In the record of the user ID of the user who made the registration application, the face photos received in S3 and the photos in S5 are stored. The second part of the calculated feature quantity and the DB number determined in S8.

Once the user terminal 20 receives the completion notification, it records the first part and the DB number contained in the completion notification to the storage unit 22 record (S12), and causes the registration completion screen G2 to be displayed on the display unit 25 (S13) , This processing system ends. In S13, the user terminal 20 orders the face photo included in the completion notification to be displayed on the registration completion screen G2. The first part of the feature quantity and the DB number are not displayed on the registration completion screen G2. In the future, the user can pass through the security gateway SG.

[4-2. Authentication processing] Fig. 11 is a flowchart showing an example of authentication processing. The authentication process shown in FIG. 11 is executed by the control units 11, 21, and 31 operating in accordance with the programs stored in the storage units 12, 22, and 32, respectively. In addition, it is assumed that the login process has been completed when the authentication process is executed.

As shown in FIG. 11, the user terminal 20 uses short-range wireless communication to transmit the first part memorized in the memory unit 22 and the DB number (S20). In S20, the user terminal 20 stores the first part and the DB number in an advertising packet and sends it to the surroundings. It is assumed that the power supply of the communication unit 23 has been turned on beforehand. When the power of the communication unit 23 is turned off, the power can also be turned on in response to a user's operation, or the power can be turned on automatically by using GPS location information, etc.

The authentication device 30 uses short-range wireless communication to receive the first part and the DB number sent from the user terminal 20 (S21). In S21, the authentication device 30 records the received first part and the DB number in the storage unit 32. The first part and the DB number are erased from the memory unit 32 at an arbitrary timing. The sequence is: the case where the authentication has been successful, the case where a certain period of time has passed, or the case where the first part of the characteristic quantity and the DB number have not been received by the short-range wireless communication, etc.

The authentication device 30 obtains an image based on the detection signal of the photographing unit 36 (S22). The authentication device 30 sends an authentication request including the first part, the DB number, and the image to the server 10 (S23). The authentication request is performed by sending data in a predetermined format, for example, it is assumed that the identification information of the authentication device 30 is also included.

Once the server 10 receives the authentication request, it obtains the second part registered in the second part database DB1 of the DB number contained in the authentication request (S24). In the second part database DB1, if a plurality of second parts are already registered, the server 10 obtains all these plural second parts.

The server 10 generates a feature quantity obtained by combining the first part contained in the authentication request and the second part obtained in S24 (S25). In S25, the server 10 respectively combines the first part contained in the authentication request with the corresponding second part for each second part obtained in S24 to obtain the feature value. In the case that there are multiple second parts obtained, the combined feature quantity is, as many as the number of second parts obtained, how many will be generated.

The server 10 calculates the feature amount of the face based on the image contained in the authentication request (S26). In S26, the server 10 calculates the feature amount of the face in the same way as the processing of S5.

The server 10 performs authentication based on the feature amount generated in S25 and the feature amount calculated in S26 (S27). In S27, the server 10 calculates the distance between the feature value generated in S25 and the feature value calculated in S26. Among the feature quantities generated in S25, if there is a person whose distance is less than the threshold value, the authentication system is successful. If there are no persons whose distance is less than the threshold, the authentication system is a failure. The decision algorithm of S27 is the same as that of S7.

In the case of authentication failure (S27; failure), the server 10 sends an error message to the authentication device 30 (S28), and this process ends. In this case, the display unit 35 of the authentication device 30 will display an error message to notify the user that the authentication is unsuccessful.

On the other hand, when the authentication is successful (S27; success), the server 10 sends a success notification indicating that the authentication has succeeded to the authentication device 30 (S29). Success notification is carried out by sending information in a predetermined form, containing the name of the user who has successfully authenticated.

In the authentication device 30, upon receiving the success notification, the control unit 31 unlocks the security gate SG (S30), and this process ends. The user confirms that his name is displayed on the display part 35, pushes the door of the security gate and passes. In addition, in this case, information such as the user's name or current date and time may also be retained in the server 10 as a pass record.

According to the authentication system S of this embodiment, each of a plurality of second parts that are the same or similar to each other is restricted to be associated with the same or similar DB number, thereby preventing impersonation and improving security. In addition, since there is no need to register important information such as the user ID in the user terminal 20, the risk of leakage of the information can be avoided, and the security can also be improved in this regard. Even if the DB number of the user terminal 20 is leaked, it can be solved as long as it is numbered to another DB number, and there is no need to change the user ID, which can improve the convenience of the user. In addition, by distributing the management of the feature values of the face, it is possible to prevent the safety reduction caused by the leakage of the feature values of the face.

In addition, the authentication system S permits each of the plural second parts that are different or dissimilar to each other to be associated with the same or similar DB numbers, thereby preventing the DB numbers from becoming too many (Part 2 data The database DB1 becomes too much), the memory consumption of the server 10 can be reduced. In addition, by suppressing the increase of the second part database DB1, the management of the database can be simplified. In addition, it is possible to prevent the exhaustion of the DB number.

In addition, the authentication system S restricts the second part of the user who made the registration application, and is connected with the same or similar DB number of other users who are the same or similar to the second part, thereby preventing the registration The applied user pretends to be other registered users, and prevents other registered users from pretending to be the user who made the registration application, which can improve the security.

In addition, the authentication system S searches for DB numbers that have not yet been linked to the second part of other users, and for the second part of the user who has made a registration application, it links and registers the DB numbers that have been searched. This can prevent impersonation and improve security. For example, if the DB number is not newly issued, the existing DB number can be effectively used, and the memory consumption of the server 10 can be reduced.

In addition, in the authentication system S, if the DB number candidate is the same or similar to the DB number of other users, the candidate system will not be set as the DB number of the user who made the registration application. In the authentication system S, when the candidate for the DB number is different or not similar to the DB number of other users, the candidate is set as the DB number of the user who made the registration application. In this way, a DB number that can reliably prevent impersonation can be assigned, and security can be improved.

In addition, the authentication system S performs authentication based on the inputted facial feature quantity and DB number, the first part of the user terminal 20, and the second part of the server 10 and the DB number, thereby enabling Prevent impersonation and improve security. In addition, by distributing the management of the facial features between the server 10 and the user terminal 20, it is possible to prevent the security from being reduced due to the leakage of the facial features.

In addition, the authentication system S registers the first part and the DB number in the user terminal 20, and inputs the DB number registered in the user terminal 20 to the server 10, thereby eliminating the need for the user to input the DB number The trouble with the number can improve the convenience of the user during authentication. In addition, the second part database DB1 in which the second part of the user is stored can be accurately identified, and the accuracy of authentication can also be improved.

Furthermore, the authentication system S uses short-range wireless communication to send the first part to the authentication device 30 required to obtain the input facial features, and to the server 10 from the user terminal 20 With the received first part, the trouble of sending the first part to the authentication device 30 can be saved, and the convenience of the user during authentication can be improved.

In addition, the authentication system S uses a broadcast packet (Advertising Packet) to transmit the first part to the authentication device 30, so that the first part can be transmitted without pairing, which can improve user convenience. For example, even if the user puts the user terminal 20 in a pocket or purse and does not take it out, the first part can still be sent to the authentication device 30. Therefore, even if the user puts the user terminal 20 in a pocket or purse without taking it out, the authentication can still be successful. In addition, by using advertising packets, the power consumption of the user terminal 20 can also be suppressed.

In addition, the authentication system S can be improved based on the similarity between the inputted face feature quantity and the combined face feature quantity, and the identity of the inputted DB number with the DB number of the server 10 And the security of the authentication being carried out.

In addition, the authentication system S obtains the feature quantity of the combined face based on the second part registered in the second part database DB1 recognized by the input DB number, thereby Improve safety.

In addition, the authentication system S is based on the biometric authentication of the first part and the second part retrieved by retrieving information, so the security of the biometric authentication can be improved.

In addition, since the authentication system S sets the judgment algorithms of S7 and S27 to be the same, there is no need to record multiple judgment algorithms in the server 10, and the processing can be performed efficiently.

[5. Modifications] In addition, this disclosure is not limited to the embodiment described above. Appropriate changes can be made without departing from the scope of the purpose of this disclosure.

For example, in the embodiment, although the scene where the user passes through the security gateway SG is taken as an example, the authentication system S can also be applied to the scene where the user purchases goods or uses services. In this case, for example, the authentication device 30 is an automatic vending machine, a ticket vending machine, a POS terminal, or a payment terminal in a store. Once the user is authenticated successfully, the checkout process will be executed, and the user can purchase goods, use services, and so on.

In this modification, it is also possible to first register the checkout information in the user database DB2, and the processing execution unit will base on the user's checkout information when the authentication of a certain user is successful. Perform checkout processing. The checkout information referred to during the checkout process is the checkout information corresponding to the established connection of the authenticated user.

Checkout information is the information necessary for checkout, such as credit card information, electronic value (such as electronic money or points) account information, virtual currency account information, bank account information, or charge card information Wait. The checkout information is registered when the user logs in, for example, in the user database DB2, the checkout information is stored in association with the user ID. In addition, the checkout information can also be stored in a database different from the user database DB2.

The server 10 only needs to perform the checkout processing corresponding to the checkout information, such as: credit processing based on credit card information, processing to reduce the balance of the electronic value, processing to reduce the balance of virtual currency, and from the bank The processing of account deduction or remittance, or the processing of reducing the balance of the account shown in the charge card information, etc. The processing execution unit does not execute the checkout process when either the face authentication or the passcode authentication fails, and executes the checkout process only when the face authentication and the passcode authentication succeed.

When the checkout process has been executed, the display unit 35 of the authentication device 30 or the terminal of the store will display this meaning, and the user can receive goods, use services, and so on. For example, if the authentication device 30 is an electronic signage device installed in a shop or the like, upon receiving an authentication success notification from the server 10, a message indicating that the authentication has been successful is displayed on the display unit 35. Once the store staff confirms the appropriate information, they deliver goods or provide services to users. In addition, the message may not be displayed on the authentication device 30, but may be transferred to another computer such as a terminal operated by the staff of the store and displayed. For another example, if the authentication device 30 is an automatic vending machine, once the authentication success notification is received from the server 10, the authentication device 30 will discharge the product designated by the user, or prepare products such as coffee or instant food and many more.

According to the modified example described above, it can prevent pretending to be another user to check out, illegally purchase products or use services, etc., and can fully improve the security when purchasing products or using services.

For another example, although the scene where the user makes a registration application is taken as an example, the same process can be performed in the scene where the DB number is reissued. In this case, the DB number registered in the user terminal 20 is rewritten to the reissued DB number. The second part of the user is registered in the second part database DB1 of the DB number that has been reissued. In the second part database DB1 of the old DB number, the second part of the user is registered Erase. For another example, the server 10 can also refer to the user database DB2 to obtain the second part related to the DB number contained in the authentication request. In this case, the processing flow after the second part is acquired is the same as described in the embodiment.

For another example, although the case where the first information system is the feature amount of the face and the second information system is the DB number is explained, the first information and the second information may also be other information. For example, the first information may be the feature amount of the face, and the second information may be the passcode. In this case, it becomes a two-stage authentication of face authentication and passcode authentication. The user inputs the pass code to the user terminal 20 or the authentication device 30 to perform pass code authentication. The server 10 is restricted to a plurality of users who are the same or similar to each other in the second part, so that the same passcode is not given.

For another example, it is also possible that the first information is a password, and the second information is a passphrase. In this case, it will be a two-stage authentication of password authentication and passphrase authentication. The password is managed in a distributed manner between the server 10 and the user terminal 20. The user inputs a password and passphrase to the user terminal 20 or the authentication device 30 to perform password authentication and passphrase authentication. The server 10 sets the second part of the password to a plurality of users who are the same or similar to each other, and is restricted to not assign the same password.

For another example, it is also possible that the authentication device 30 does not exist, but the first part and the DB number are directly sent from the user terminal 20 to the server 10. In this case, the user terminal 20 uses the photographing unit 26 to photograph the face of the user when the authentication is performed. The user terminal 20 transmits to the server 10 the first part and the DB number registered in itself and the image captured by the photographing unit 26. The processing flow after the server 10 receives these is the same as described in the embodiment. Once the authentication is successful, the server 10 sends a success notification to the user terminal 20. Once the user terminal 20 receives the success notification, it executes a predetermined process. The processing system may be arbitrary processing, such as log-in processing or check-out processing for the user terminal 20.

For another example, although it is described that the main function is implemented by the server 10, each function can also be shared by multiple computers. For example, each of the server 10, the user terminal 20, and the authentication device 30 may share the functions. For example, the authentication process may not be executed in the server 10, but may be executed in the user terminal 20 or the authentication device 30. For another example, if the authentication system S includes a plurality of server computers, the functions can also be shared by the plurality of server computers. For another example, the data described as being memorized by the data storage unit 100 may also be memorized by a computer other than the server 10.

N: Network S: authentication system 10: Server 11: Control Department 12: Memory Department 13: Ministry of Communications 20: User terminal 21: Control Department 22: Memory Department 23: Ministry of Communications 24: Operation Department 25: Display 26: Photography Department 30: authentication device 31: Control Department 32: Memory Department 33: Ministry of Communications 34: Operation Department 35: Display 36: Photography Department G1: Login application screen G2: Login complete screen SG: Security Gateway 100: Data Memory Department 101: Acceptance Department 102: First registration department 103: Generation Department 104: The second registration department 105: Certification Department 106: Restricted Department 107: Processing Execution Department 200: Data Memory Department 201: The first acquisition part 202: The second acquisition part 203: Acceptance Department 204: Communication Department 300: Data Memory Department 301: Acceptance Department 302: Communication Department 303: Processing Execution Department DB1: Part 2 database DB2: user database

[Figure 1] An illustration of the overall structure of the authentication system. [Figure 2] An illustration of an example of a scene where the authentication system is used. [Figure 3] An illustration of an example of a login application screen. [Fig. 4] An illustration of an example of the login completion screen. [Figure 5] An illustration of the flow of authentication in the authentication system. [Figure 6] An illustration of an example of a situation where impersonation is possible. [FIG. 7] An illustration of an example of processing at the time of registration application. [Fig. 8] A functional block diagram of an example of the functions implemented in the authentication system of this embodiment. [Figure 9] An illustration of an example of data storage in a user database. [Fig. 10] A flowchart of an example of login processing. [Fig. 11] A flowchart of an example of authentication processing.

10: Server

20: User terminal

30: authentication device

100: Data Memory Department

101: Acceptance Department

102: First registration department

103: Generation Department

104: The second registration department

105: Certification Department

106: Restricted Department

107: Processing Execution Department

200: Data Memory Department

201: The first acquisition part

202: The second acquisition part

203: Acceptance Department

204: Communication Department

300: Data Memory Department

301: Acceptance Department

302: Communication Department

303: Processing Execution Department

DB1: Part 2 database

DB2: user database

Claims (17)

An authentication system containing: The first registration means is used to register the first part of the first information to the first device; and The second registration means is used to establish a connection between the second part of the first information and the second information and register it to the second device; and The authentication method is used to perform authentication based on the information in the first part of the preceding note, the second part of the preceding note, and the second part of the preceding note; and The restriction means is used to restrict each of the same or similar plural of the second part of the preceding paragraph to be connected with the same or similar information of the preceding second part. Such as the authentication system described in claim 1, in which: The aforesaid restriction means is to determine whether there are plural second parts that are the same or similar to each other, and to limit each of the second parts that are determined to be the same or similar to each other. 2 Information is connected. Such as the authentication system described in claim 1 or 2, where: The aforementioned restriction means allow each of the plurality of aforementioned Part 2 that are different or dissimilar to each other to be connected with the same or similar aforementioned Part 2 information. Such as the authentication system described in claim 1 or 2, where: The pre-recorded authentication system also contains: acceptance means, which is used to accept the specified registration application; The aforementioned restriction method is to restrict users who have made a registration application for the aforementioned Part 2 from being linked with other users who are the same or similar to the aforementioned Part 2 with the same or similar aforementioned Part 2 information. Such as the authentication system described in claim 4, in which: The pre-restricted method is to retrieve the second information that has not been linked to the second part of the previous remarks by other users; The second registration method of the previous note is to register the second part of the previous note for the user who has made the application for the previous note registration, and to establish the connection and registration of the second information that has been retrieved. Such as the authentication system described in claim 4 or 5, where: The pre-record authentication system also contains: generation means, which is used to generate candidates for pre-record second information of the user who has made the pre-record registration application; Preface restriction means, the department In the case where the previous entry candidate and the previous entry second information of other users of the previous entry are the same or similar, the previous entry candidate system will not be regarded as the previous entry second information of the user who made the previous entry registration application; In the case where the pre-post candidate and the pre-post second information of other users are different or dissimilar, the pre-post candidate is regarded as the pre-post second information of the user who made the pre-post registration application. Such as the authentication system described in claim 1 or 2, where: The first device mentioned above is a user terminal; The second device mentioned above is a server; The preface authentication method is based on the input preface first information and preface second information, and preface user terminal preface first part, and preface server preface second part and preface second information, and perform preface authentication . Such as the authentication system described in claim 7, in which: The first log-in method of the previous note is to log in the first part of the previous note and the second information of the previous note in the user terminal of the previous note; The second information previously entered is the second information previously registered in the user terminal. Such as the authentication system described in claim 7, in which: The user terminal of the previous note uses short-range wireless communication to send the first part of the previous note to the authentication device used to obtain the first information entered; The prescript authentication device sends the prescript first part received from the prescript user terminal to the prescript authentication means. Such as the authentication system described in claim 9, in which: The aforementioned short-range wireless communication is a communication specification that can use advertising packets; The prescriptive user terminal uses the prescriptive broadcast packet (Advertising Packet) to send the prescriptive part 1 to the prescriptive authentication device. Such as the authentication system described in claim 1 or 2, where: Pre-recorded authentication means, department Combine the first part of the previous note registered in the first device and the second part of the previous note registered in the second device to obtain the first information of the previous note; Based on the similarity between the first information entered before the input and the first information before the combination, and the identity of the second information before the input and the second information before the second device before the input, the pre-authentication is performed; The prescriptive restriction means restricts each of the similar preamble part 2 to be linked to the same preamble second information. Such as the authentication system recorded in claim 11, in which: For each of the plurality of databases memorized in the second device in the previous note, each of the plurality of users is registered before the second part; The second information of the preface is the identification information of the preface database; The pre-record authentication method is based on the registered pre-record second part in the pre-record database recognized by the input previous record second information, and obtains the combined pre-record first information. Such as the authentication system described in claim 1 or 2, where: The first information department of the preamble is biological information; The second information of the previous note is used to retrieve the search information required for the second part of the previous note registered in the second device of the previous note; Preface authentication is biometric authentication based on the preface Part 1 and the preface Part 2 is retrieved by the preface retrieval information. Such as the authentication system described in claim 1 or 2, where: The preface authentication method is based on a predetermined judgment algorithm to determine whether the first information entered is the same or similar to the first part of the previous entry and the first part of the previous entry and the second part of the previous entry. , To carry out pre-certification through this; The aforementioned restriction means is based on the same judgment algorithm as the aforementioned judgment algorithm to determine whether there are plural second parts of the same or similar to each other. Such as the authentication system recorded in claim 14, in which: The first information system in the preceding note is a vector of the first dimension; The second part of the previous note is the vector of the second dimension that is lower than the first dimension of the previous note; The previous authentication method is to reduce the vector of the first dimension of the previous note, that is, the distance between the first information of the previous note, to the coordinates of the third dimension which is lower than the first dimension and the second dimension of the previous note, by calculating the corresponding The distance on the coordinates of 3 dimensions, and the pre-mark authentication is carried out; The aforementioned restriction method is to reduce the dimensionality of the vector of the second dimension of the previous note, that is, the distance between the second part of the previous note, to the coordinates of the third dimension of the previous note, and calculate the distance on the coordinates of the third dimension to determine that they are the same. Or whether the second part of the preceding plural number exists. An authentication method, which contains: The first registration step is used to register the first part of the first information to the first device; and The second registration step is used to establish a connection between the second part of the first information and the second information and register it to the second device; and The authentication step is used to perform authentication based on the preface Part 1, Preface Part 2, and Preface Part 2 information; and The restriction step is used to restrict each of the plurality of the second part of the preceding note that are the same or similar to each other to be connected with the second information of the preceding note that are the same or similar to each other. A program product used to make a computer perform its functions and become: The first registration means is used to register the first part of the first information to the first device; The second registration means is used to establish a connection between the second part of the first information and the second information and register it to the second device; The authentication method is used to authenticate based on the information in the first part of the preceding note, the second part of the preceding note, and the second part of the preceding note; The restriction means is used to restrict each of the same or similar plural of the second part of the preceding paragraph to be connected with the same or similar information of the preceding second part.

Images