WO2020129675A1 - Authentication device, authentication method, and program - Google Patents

Authentication device, authentication method, and program Download PDF

Info

Publication number
WO2020129675A1
WO2020129675A1 PCT/JP2019/047602 JP2019047602W WO2020129675A1 WO 2020129675 A1 WO2020129675 A1 WO 2020129675A1 JP 2019047602 W JP2019047602 W JP 2019047602W WO 2020129675 A1 WO2020129675 A1 WO 2020129675A1
Authority
WO
WIPO (PCT)
Prior art keywords
information
authentication
biometric authentication
biometric
authentication information
Prior art date
Application number
PCT/JP2019/047602
Other languages
French (fr)
Japanese (ja)
Inventor
岩崎 潤
映子 杉崎
拓司 石田
Original Assignee
ソニーセミコンダクタソリューションズ株式会社
東日本旅客鉄道株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by ソニーセミコンダクタソリューションズ株式会社, 東日本旅客鉄道株式会社 filed Critical ソニーセミコンダクタソリューションズ株式会社
Priority to JP2020561294A priority Critical patent/JP7458991B2/en
Publication of WO2020129675A1 publication Critical patent/WO2020129675A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit

Definitions

  • the present technology relates to an authentication device. More specifically, the present invention relates to an authentication device that performs authentication according to qualification information using biometric authentication information, a processing method thereof, and a program that causes a computer to execute the method.
  • biometric authentication such as face authentication has been used to authenticate the identity of the person when entering the facility.
  • an authentication system has been proposed in which personal information such as a face photograph is registered in advance in an authentication server, and a camera or a fingerprint collator is used for verification during a commercial transaction to verify the identity of the person (for example, Patent Document 1). reference.).
  • the biometric information registered in advance and the biometric information actually acquired are compared to authenticate the person.
  • a facial photograph or the like which is personal information
  • a third party which may cause a problem in handling personal information.
  • biometric information of all passers in a gate or a traffic ticket gate through which an unspecified number of people pass.
  • This technology was created in view of such a situation, and the purpose is to perform personal authentication without registering personal information with a third party.
  • the present technology has been made in order to solve the above-mentioned problems, and a first aspect thereof is a memory that stores first biometric authentication information that is biometric authentication information of a device owner and qualification information in association with each other. And a receiving unit that receives the second biometric authentication information, which is the biometric authentication information of the person to be authenticated acquired in another device, and the first biometric authentication information and the second biometric authentication information.
  • An authentication apparatus, an authentication method, and a program including a comparing section for generating an authentication result according to the above, and a transmitting section for transmitting the authentication result to the other apparatus when the qualification information satisfies a predetermined condition. ..
  • the first biometric authentication information stored in association with the qualification information is compared with the second biometric authentication information acquired by another device, and if the qualification information satisfies a predetermined condition, the authentication result is transmitted. Brings the effect of doing.
  • the transmission unit transmits the qualification information to the other device, and the reception unit determines that the qualification information satisfies the predetermined condition in the other device.
  • the second biometric authentication information may be received from the other device. This brings about the effect of causing another device to judge whether or not the qualification information satisfies a predetermined condition.
  • the reception unit further receives a permission condition in the other device from the other device, and the transmission unit determines the predetermined condition when the qualification information satisfies the permission condition.
  • the authentication result may be transmitted to the other device as satisfying the condition. This brings about an effect that the authentication result is transmitted to another device after determining whether the qualification information satisfies a predetermined condition.
  • the receiving unit and the transmitting unit may perform transmission and reception with the other device by predetermined one-to-one communication. This brings about the effect of shortening the time required for connection.
  • the first and second biometric authentication information is assumed to be, for example, a face image of a person, an iris image, or a fingerprint image.
  • the second biometric authentication information includes a plurality of face images
  • the comparing unit determines that the face image of any one of the second biometric authentication information is the first biometric authentication.
  • the authentication result indicating that the authentication is successful may be generated when the information matches the face image of the information.
  • the plurality of face images of the second biometric authentication information may be face images of different persons or face images of the same person at different angles.
  • the qualification information is information regarding entrance qualification to the facility
  • the transmission unit is configured such that the first biometric authentication information and the second biometric authentication information match, and Alternatively, when the qualification information satisfies a predetermined condition, a notification to the effect that admission to the facility is permitted may be transmitted to the other device. This brings about the effect of controlling entrance to the facility according to the authentication result of the biometric authentication information.
  • a second aspect of the present technology is a receiving unit that receives the qualification information from the other device that stores the first biometric authentication information and the qualification information of the owner of the other device in association with each other, and the qualification information.
  • an acquisition unit that acquires second biometric authentication information that is biometric authentication information of an approaching individual
  • a transmission unit that transmits the second biometric authentication information to the other device
  • An authentication device comprising an authentication result based on a comparison between the first biometric authentication information and the second biometric authentication information from the other device and performs control according to the authentication result, and an authentication method thereof.
  • a program is a program.
  • the second biometric authentication information is transmitted to another device to perform authentication, and control is performed according to the authentication result.
  • a gate unit for performing an opening/closing operation may be further provided, and the control unit may control the gate unit according to the authentication result. Further, the control unit may delete the second biometric authentication information after the second biometric authentication information acquired by the acquisition unit is transmitted by the transmission unit.
  • a third aspect of the present technology is biometric authentication information of an approaching individual when the other device, which stores the first biometric authentication information and the qualification information of the owner of the other device in association with each other, approaches.
  • An authentication device including an authentication result based on a comparison between the authentication information and the second biometric authentication information from the other device and performing control according to the authentication result, an authentication method thereof, and a program Is.
  • the second biometric authentication information of the approaching individual and the permission condition are transmitted to another device, authentication is performed when the qualification information satisfies the permission condition, and control is performed according to the authentication result.
  • a gate unit for performing an opening/closing operation may be further provided, and the control unit may control the gate unit according to the authentication result. Further, the control unit may delete the second biometric authentication information after the second biometric authentication information acquired by the acquisition unit is transmitted by the transmission unit.
  • First embodiment example of presenting a ticket ID from a terminal
  • Second embodiment example in which a gate device transmits permission conditions together with biometric authentication information
  • FIG. 1 is a diagram showing an example of the overall configuration of a gate system according to an embodiment of the present technology.
  • This gate system is a system that manages entrance to the facility.
  • This gate system includes a terminal 100, a gate device 200, a selling device 300, and a management server 400.
  • the terminal 100 is a terminal owned by the user.
  • the user uses the terminal 100 to purchase a ticket and carries the terminal 100 to enter the facility.
  • the ticket means all things that prove the right of a specific person to enter the facility, such as an admission ticket to a concert venue or a movie theater, a transportation passport or a commuter pass, and a day at a ski resort. It is a concept that widely includes electronic tickets such as lift tickets.
  • the gate device 200 is an entrance gate installed at the entrance of the facility.
  • the gate device 200 acquires biometric authentication information such as image data of a face photograph (face image) from a user who carries the terminal 100, and transmits the acquired biometric authentication information to the terminal 100. After that, when a notification of successful authentication is received from the terminal 100, a pass permission operation such as opening a gate is performed.
  • the selling device 300 sells tickets for entering the facility.
  • the selling device 300 sells tickets and the like in response to a purchase request from the terminal 100.
  • This vending device 300 issues qualification information such as a ticket ID when the ticket is sold, and sends it to the terminal 100.
  • the management server 400 is a server that manages information about sold tickets.
  • the management server 400 stores qualification information such as a ticket ID of a ticket sold by the sales device 300, and supplies the qualification information to the gate device 200 as necessary.
  • the management server 400 can store the minimum necessary information about the user, but does not store biometric authentication information such as image data of a facial photograph of the user.
  • FIG. 2 is a diagram showing an example of the configuration of the terminal 100 in the embodiment of the present technology.
  • This terminal 100 includes an antenna 110, an antenna switch 115, a receiver 120, a transmitter 130, a reception memory 140, a personal information memory 150, a comparator 160, a camera 180, and a controller 190. ..
  • the antenna 110 is an antenna for communicating with other devices.
  • the receiver 120 receives a signal from another device and demodulates it.
  • the transmitter 130 modulates a signal and transmits it to another device.
  • the antenna switch 115 is a switch that switches a path between the antenna 110 and the receiver 120 or the transmitter 130.
  • the receiver 120 is an example of the receiving unit described in the claims. Further, the transmitter 130 is an example of the transmission unit described in the claims.
  • the reception memory 140 is a memory that stores data received from another device. Specifically, the reception memory 140 stores the image data of the face photograph received from the gate device 200 as biometric authentication information.
  • the camera 180 is a camera for photographing a subject.
  • the camera 180 is used, for example, to take a facial photograph of the owner of the terminal 100.
  • the personal information memory 150 is a memory that stores personal information necessary for authenticating the owner of the terminal 100. Specifically, the personal information memory 150 stores a face photograph of the owner of the terminal 100 as biometric authentication information. This facial photograph may be a facial photograph taken by the camera 180 or may be prepared separately. The personal information memory 150 also stores qualification information such as a ticket ID issued from the selling device 300 when the ticket is purchased. In the personal information memory 150, the qualification information and the biometric authentication information are stored in association with each other. That is, when the qualification information satisfies a predetermined condition, the biometric authentication information stored in association with the qualification information becomes an authentication target.
  • the personal information memory 150 is a secure memory that is hard to be tampered with.
  • the image data of the face photograph is required to be registered in the personal information memory 150 in association with the qualification information when the ticket is purchased or within a certain period after the ticket is purchased, and the rewriting after that is prohibited.
  • the personal information memory 150 is an example of the memory described in the claims.
  • the comparator 160 compares the biometric authentication information stored in the reception memory 140 with the biometric authentication information stored in the personal information memory 150 to generate an authentication result. That is, if the image data of the face photograph received from the gate device 200 matches the image data of the face photograph stored in the personal information memory 150, an authentication result indicating that the authentication is successful is generated. On the other hand, if the image data of the face photograph received from the gate device 200 does not match the image data of the face photograph stored in the personal information memory 150, an authentication result indicating that the authentication has failed is generated. The authentication result by the comparator 160 is transmitted to the gate device 200 by the transmitter 130.
  • the comparator 160 is an example of a comparison unit described in the claims.
  • the control unit 190 controls the operation of each unit of the terminal 100.
  • the qualification information (ticket ID) is transmitted from the terminal 100 to the gate device 200 when entering the facility.
  • the validity of the qualification information is determined in the gate device 200, and when the qualification information satisfies a predetermined condition, the biometric authentication information (image data of a face photograph) is transmitted from the gate device 200 to the terminal 100. Therefore, at the stage when the authentication is being performed by the comparator 160, the qualification information already satisfies the predetermined condition.
  • the image data of the face photograph stored in the personal information memory 150 is an example of the first biometric authentication information described in the claims.
  • the image data of the face photograph stored in the reception memory 150 is an example of the second biometric authentication information described in the claims.
  • the ticket ID is an example of the qualification information described in the claims.
  • FIG. 3 is a diagram illustrating an example of a configuration of the gate device 200 according to the embodiment of the present technology.
  • the gate device 200 includes an antenna 210, an antenna switch 215, a receiver 220, a transmitter 230, a temporary memory 240, a camera 250, a sensor 260, a flapper gate 270, a display unit 280, and a control unit. And 290.
  • the antenna 210 is an antenna for communicating with another device.
  • the receiver 220 receives a signal from another device and demodulates it.
  • the transmitter 230 modulates a signal and transmits it to another device.
  • the antenna switch 215 is a switch that switches a path between the antenna 210 and the receiver 220 or the transmitter 230.
  • the receiver 220 is an example of the receiving unit described in the claims.
  • the transmitter 230 is an example of the transmission unit described in the claims.
  • the sensor 260 is a sensor that detects a person approaching the gate device 200.
  • the sensor 260 can be realized by, for example, a human sensor that uses infrared rays, ultrasonic waves, visible light, or the like.
  • the camera 250 is a camera for photographing the face of a person who approaches the gate device 200 when the sensor 260 detects the person. It should be noted that the camera 250 may be used as a monitoring camera, and may also be used as the sensor 260. The camera 250 is an example of the acquisition unit described in the claims.
  • the temporary memory 240 is a memory that temporarily stores image data of a face photograph taken by the camera 250.
  • the image data of the facial photograph stored in the temporary memory 240 is erased after being transmitted to the terminal 100 via the transmitter 230. As a result, it is possible to entrust the authentication in the terminal 100 without leaving the image data of the taken face photograph in the gate device 200.
  • the flapper gate 270 is a gate that opens and closes at the entrance of the facility. Under the control of the control unit 290, the flapper gate 270 performs an opening operation when passing a person approaching the gate apparatus 200, and performs a closing operation when not passing the person.
  • the flapper gate 270 is an example of the gate unit described in the claims.
  • the display unit 280 outputs images and sounds. Under the control of the control unit 290, the display unit 280 outputs a character or voice indicating that the person who approaches the gate apparatus 200 is able to pass, and when not passing the person, it is impossible to pass. Output characters and voice.
  • the control unit 290 controls the operation of each unit of the gate device 200.
  • the control unit 290 is an example of the control unit described in the claims.
  • FIG. 4 is a diagram showing an example of an external image of the gate device 200 according to the embodiment of the present technology.
  • the gate device 200 is provided at the entrance of the facility, and the visitors can enter the facility by passing between the gate devices 200.
  • the sensor 260 detects it.
  • the camera 250 takes a picture of the person's face and stores it in the temporary memory 240.
  • the control unit 290 may control the flapper gate 270 to close it once.
  • the image data of the face photograph stored in the temporary memory 240 passes through the transmitter 230 from the temporary memory 240, is switched by the antenna switch 215, and is transmitted to the terminal 100 via the antenna 210.
  • the signal received by the antenna 110 is sent to the receiver 120 through the antenna switch 115, and the captured face data is stored in the reception memory 140 as it is.
  • the comparator 160 compares the photographed face data stored in the reception memory 140 with the face photograph data of the attendee stored in the personal information memory 150 in advance. Then, if the two face photographs match, authentication success is transmitted, and if they do not match, authentication failure is transmitted from the transmitter 130 as the authentication result. At this time, the antenna switch 115 is switched to the transmission side, and transmission is performed to the gate device 200 via the antenna 110.
  • the receiver 220 receives this via the antenna 210 and the antenna switch 215, and the control unit 290 judges the result.
  • the control unit 290 opens the flapper gate 270, expresses the characters and sounds that can be passed on the display unit 280, and passes the visitors.
  • the flapper gate 270 is closed, and the display unit 280 is used to perform a process of not letting the visitors pass by using characters or sounds.
  • FIG. 5 is a sequence diagram showing an example of a communication procedure between the terminal 100 and the gate device 200 according to the embodiment of the present technology.
  • Gate apparatus 200 transmits beacon 711 at a certain fixed interval.
  • the terminal 100 approaching the gate device 200 receives this beacon 711 and returns an association request 721.
  • the gate apparatus 200 that has received the association request 721 transmits an association response 722.
  • the terminal 100 transmits a reception confirmation signal (Ack) 723 to the association response 722, and when the gate device 200 receives the reception confirmation signal (Ack) 723, the connection for one-to-one communication is completed.
  • the gate device 200 transmits the captured face image data 731 to the terminal 100.
  • the terminal 100 which has received the face image data 731, returns a reception confirmation signal (Ack) 732 to the gate device 200.
  • the terminal 100 compares face images and sends the determination result 733 to the gate device 200.
  • the gate device 200 that has received the determination result 733 returns a reception confirmation signal (Ack) 734 to the gate device 200, and performs processing corresponding to the determination result.
  • Ack reception confirmation signal
  • FIG. 6 is a timing diagram showing an example of a communication procedure of IEEE802.15.3e, which is an application example of the embodiment of the present technology.
  • Gate apparatus 200 transmits beacon 711 at regular intervals during the setup period.
  • the terminal 100 that has received the beacon 711 transmits an association request 721 in the access slot after the SIFS (Short Inter Frame Space) has elapsed from the beacon 711.
  • SIFS Short Inter Frame Space
  • the terminal 100 When releasing the connection state, the terminal 100 transmits a disassociation request 739. As a result, the connection state is released, and the gate apparatus 200 transits again to the setup state in which the beacon is transmitted.
  • FIG. 7 is a diagram showing an example of the field configuration of the ticket database managed by the management server 400 according to the embodiment of the present technology.
  • the management server 400 stores the qualification information such as the ticket ID of the ticket sold by the sales device 300, and supplies the qualification information to the gate device 200 as necessary.
  • the management server 400 stores a ticket ID 411, a ticket sales date and time 412, ticket information 413, and a member number 414 as a ticket database.
  • the ticket ID 411 is an identifier of the sold ticket.
  • the ticket sale date and time 412 is the date and time when the ticket corresponding to the ticket ID 411 was sold.
  • the ticket information 413 is information regarding the ticket corresponding to the ticket ID 411.
  • the ticket information 413 includes, for example, the validity period of the ticket and information that identifies available facilities.
  • the gate device 200 can determine whether the ticket ID received from the terminal 100 is valid at the facility by referring to the ticket information 413 corresponding to the ticket ID 411.
  • the member number 414 is an identifier of the owner who owns the ticket corresponding to the ticket ID 411.
  • the member number 414 is an identifier for accessing a member database different from the ticket database.
  • the information managed in the member database may include personal information, and is normally managed so that it cannot be freely accessed from the gate device 200.
  • FIG. 8 is a flowchart showing an example of a processing procedure when purchasing a ticket according to the embodiment of the present technology.
  • the ticket purchaser uses the camera 180 of the terminal 100 to take a facial photograph of himself (step S931).
  • the image data of this facial photograph is stored in the personal information memory 150.
  • the image data stored in the personal information memory 150 may be acquired by another method.
  • the ticket purchaser accesses the selling device 300 through the terminal 100 and performs the ticket purchase procedure (step S932).
  • the selling device 300 sells a ticket according to the information transmitted from the terminal 100, and issues a ticket ID of the ticket (step S933).
  • the issued ticket ID is transmitted to the terminal 100 and stored in the ticket database of the management server 400 (step S934).
  • the terminal 100 which has received the ticket ID from the selling device 300, is stored in the personal information memory 150 in association with the image data of the face photograph stored in the personal information memory 150 (step S935). That is, the ticket ID is stored in association with the image data of the face photograph.
  • the image data of the face photograph taken in advance is associated with the ticket ID, but the camera 180 of the terminal 100 may be used during the ticket purchase.
  • the ticket may be tied before admission without being tied.
  • FIG. 9 is a flowchart showing an example of a processing procedure at the time of facility entrance in the first embodiment of the present technology.
  • Visitors who purchased the ticket carry the terminal 100 and head to the entrance.
  • the connection is established by the communication protocol described above.
  • the terminal 100 presents the ticket ID by transmitting the ticket ID to the gate device 200 (step S911).
  • the gate device 200 having received the ticket ID from the terminal 100 determines whether the ticket ID is valid at this facility (step S912). If the ticket ID is not valid (step S912: No), the person carrying the terminal 100 is denied entry (step S922). That is, processing such as closing the flapper gate 270 is performed.
  • step S912 If the ticket ID is valid (step S912: Yes), the gate device 200 takes a facial photograph of a person who approaches the gate device 200 with the camera 250 (step S913), and the image data of the facial photograph is sent to the terminal. It is transmitted to 100 (step S914). The image data of the photographed face photograph is temporarily stored in the temporary memory 240, but is then immediately erased (step S915).
  • the terminal 100 receiving the image data of the face photograph from the gate device 200 stores the image data of the face photograph in the reception memory 140. Then, the image data of the facial photograph stored in the reception memory 140 and the image data of the facial photograph stored in the personal information memory 150 are compared by the comparator 160 (step S916). The authentication result based on this comparison is transmitted from the transmitter 130 to the gate device 200 (step S917).
  • step S919: Yes If the authentication result indicates that the authentication is successful (step S919: Yes), the gate apparatus 200 that has received the authentication result from the terminal 100 allows the person carrying the terminal 100 to enter (step S921). That is, processing such as opening the flapper gate 270 and passing it is performed.
  • step S919: No if the authentication result indicates that the authentication has failed (step S919: No), the person who carries the terminal 100 is denied entry (step S922). If the authentication result is not received even after a certain period of time, it is determined that the authentication has failed, and the entrance is rejected (step S922).
  • the gate device 200 takes a facial photograph of the person who has presented the ticket ID, transmits the photograph to the terminal 100, and the terminal 100 performs authentication.
  • the entrance to the facility can be controlled by using the authentication result in the terminal 100 without registering the image data of the facial photograph, which is the personal information, in the device of the third party other than the terminal 100.
  • FIG. 10 is a diagram showing a first modification example in the embodiment of the present technology.
  • the terminal 100 that has presented the ticket ID is specified, and the facial photograph of the person carrying the terminal 100 is taken. Under the condition that the persons approaching the gate apparatus 200 are lined up in order, the identification is considered to be easy. However, when a large number of people flood the entrance, a plurality of candidates may be photographed. In that case, as shown in the figure, the face regions 510 of a plurality of candidates may be photographed, and these may be collectively transmitted from the gate device 200 to the terminal 100.
  • the terminal 100 having received the image data of a plurality of face photographs compares them with the image data of the face photograph stored in the personal information memory 150. If even one of them matches the person's face, it may be determined that the authentication is successful.
  • FIG. 11 is a diagram showing a second modification example of the embodiment of the present technology.
  • one camera 250 takes a face picture, but a plurality of cameras may be taken. This makes it possible to limit the passersby as much as possible.
  • a plurality of cameras 251 and 252 may be installed, images may be taken from different angles, and the images may be transmitted to the terminal 100.
  • the terminal 100 which has received the image data of a plurality of face photographs, compares them with the image data of the face photographs stored in the personal information memory 150. If even one of them matches the person's face, it may be determined that the authentication is successful.
  • the face photograph is taken after confirming the validity of the ticket, but the face photograph may be taken first.
  • the terminal 100 confirms the validity of the ticket after the terminal 100 receives the image data of the facial photograph from the gate device 200. Since the basic configuration of the gate system is the same as that of the first embodiment described above, detailed description of the configuration is omitted.
  • FIG. 12 is a flowchart showing an example of a processing procedure at the time of entering a facility according to the second embodiment of the present technology.
  • the attendee who purchased the ticket carries the terminal 100 and heads for the entrance (step S941).
  • the camera 250 of the gate apparatus 200 captures the face of the person (step S943).
  • the image data of the photographed face photograph is transmitted to the terminal 100 together with the permission conditions (step S944).
  • the permission condition is a condition for obtaining permission to pass through the gate device 200.
  • a range of ticket IDs permitted to pass through the gate device 200, a specific field value of the ticket ID, and the like are assumed. To be done.
  • the employee ID may be stored in the terminal 100 and the range of entryable employee IDs may be specified by permission conditions.
  • the image data of the photographed face photograph is temporarily stored in the temporary memory 240, but is then immediately deleted (step S945).
  • the terminal 100 which has received the image data of the facial photograph and the permission conditions, stores them in the reception memory 140. Then, it is determined whether the ticket ID stored in the personal information memory 150 satisfies the permission condition stored in the reception memory 140 (step S942).
  • the permission condition is satisfied (step S942: Yes)
  • the image data of the facial photograph stored in the reception memory 140 and the image data of the facial photograph stored in the personal information memory 150 are compared by the comparator 160 (Ste S946).
  • the authentication result based on this comparison is transmitted from the transmitter 130 to the gate device 200 (step S947).
  • step S942 No
  • the comparison of the face photographs is not performed.
  • step S949: Yes If the authentication result indicates that the authentication is successful (step S949: Yes), the gate apparatus 200 that has received the authentication result from the terminal 100 permits the person carrying the terminal 100 to enter (step S951). That is, processing such as opening the flapper gate 270 and passing it is performed. On the other hand, if the authentication result indicates that the authentication has failed (step S949: No), the person carrying the terminal 100 is denied entry (step S952). If the authentication result is not received even after a certain period of time, it is determined that the authentication has failed, and the entrance is rejected (step S952).
  • the facial photograph taken by the gate device 200 and the permission condition are transmitted to the terminal 100, and the terminal 100 performs authentication.
  • the entrance to the facility can be controlled by using the authentication result in the terminal 100 without registering the image data of the facial photograph, which is the personal information, in the device of the third party other than the terminal 100.
  • biometric authentication information such as a fingerprint, a vein, or an iris. May be used.
  • the processing procedure described in the above-described embodiment may be regarded as a method having these series of procedures, or as a program for causing a computer to execute these series of procedures or a recording medium storing the program. You can catch it.
  • this recording medium for example, a CD (Compact Disc), an MD (MiniDisc), a DVD (Digital Versatile Disc), a memory card, a Blu-ray disc (Blu-ray (registered trademark) Disc), or the like can be used.
  • the present technology may have the following configurations.
  • a memory that stores the first biometric information that is the biometric information of the device owner and the qualification information in association with each other;
  • a receiving unit that receives the second biometric authentication information that is the biometric authentication information of the authentication target person acquired in another device;
  • a comparing unit configured to compare the first biometric authentication information and the second biometric authentication information to generate an authentication result;
  • An authentication device comprising: a transmission unit that transmits the authentication result to the other device when the qualification information satisfies a predetermined condition.
  • the transmission unit transmits the qualification information to the other device, The authentication according to (1), wherein the receiving unit receives the second biometric authentication information from the other device when the other device determines that the predetermined condition is satisfied for the qualification information. apparatus.
  • the receiving unit further receives permission conditions for the other device from the other device, The authentication device according to (1), wherein the transmission unit transmits the authentication result to the other device assuming that the predetermined condition is satisfied when the qualification information satisfies the permission condition.
  • the second biometric authentication information includes a plurality of face images
  • the comparison unit generates the authentication result indicating that the authentication is successful when any face image of the second biometric authentication information matches the face image of the first biometric authentication information.
  • the described authentication device (7)
  • the authentication device according to (6), wherein the plurality of face images of the second biometric authentication information are face images of different persons.
  • the authentication device according to (6), wherein the plurality of face images of the second biometric authentication information are face images of the same person at different angles.
  • the qualification information is information regarding the qualification for admission to the facility, The transmitting unit notifies the admission to the facility when the first biometric authentication information and the second biometric authentication information match and the qualification information satisfies a predetermined condition.
  • the authentication device according to any one of (1) to (8), wherein the authentication device transmits the message to the other device.
  • a receiving unit that receives the qualification information from the other device that stores the first biometric authentication information and the qualification information of the owner of the other device in association with each other,
  • An acquisition unit that acquires second biometric information that is biometric information of an approaching individual when the qualification information satisfies a predetermined condition;
  • a transmitting unit that transmits the second biometric authentication information to the other device;
  • An authentication device comprising: a control unit that receives an authentication result based on a comparison between the first biometric authentication information and the second biometric authentication information from the other device and performs control according to the authentication result.
  • the said control part is an authentication device as described in said (10) which controls the said gate part according to the said authentication result.
  • the control unit erases the second biometric authentication information after the second biometric authentication information acquired by the acquisition unit is transmitted by the transmission unit. The described authentication device.
  • Second biometric authentication information that is biometric authentication information of an approaching individual when the other device that stores the first biometric authentication information and the qualification information of the owner of the other device in association with each other approaches
  • the acquisition part A transmission unit that transmits the second biometric authentication information and the permission condition to the other device; When the qualification information satisfies the permission condition, an authentication result based on the comparison between the first biometric authentication information and the second biometric authentication information is received from the other device, and control is performed according to the authentication result.
  • An authentication device including a control unit.
  • the said control part is an authentication apparatus as described in said (13) which controls the said gate part according to the said authentication result.
  • the control unit deletes the second biometric authentication information after the second biometric authentication information acquired by the acquisition unit is transmitted by the transmission unit.
  • the described authentication device (16) An authentication method in an authentication device, which stores the first biometric authentication information that is the biometric authentication information of the device owner and the qualification information in association with each other, A procedure in which the receiving unit receives the second biometric authentication information that is the biometric authentication information of the authentication target person acquired in another device; A procedure in which the comparison unit compares the first biometric authentication information with the second biometric authentication information to generate an authentication result; And a transmitting unit transmitting the authentication result to the other device when the qualification information satisfies a predetermined condition.
  • Second biometric authentication which is biometric authentication information of an approaching individual when the acquisition unit associates and stores the first biometric authentication information and qualification information of the owner of the other device when the other device approaches The steps to get the information, A procedure in which the transmission unit transmits the second biometric authentication information and the permission condition to the other device; The control unit receives an authentication result based on the comparison between the first biometric authentication information and the second biometric authentication information from the other device when the qualification information satisfies the permission condition, and responds to the authentication result.
  • An authentication method including a procedure for performing the above control.
  • an authentication device that stores the first biometric authentication information that is the biometric authentication information of the device owner and the qualification information in association with each other, A procedure of receiving second biometrics information, which is the biometrics information of the authentication target person acquired in another device, A procedure of comparing the first biometric authentication information and the second biometric authentication information to generate an authentication result; A program for causing a computer to execute a procedure of transmitting the authentication result to the other device when the qualification information satisfies a predetermined condition.
  • terminal 110 antenna 115 antenna switch 120 receiver 130 transmitter 140 reception memory 150 personal information memory 160 comparator 180 camera 190 control unit 200 gate device 210 antenna 215 antenna switch 220 receiver 230 transmitter 240 temporary memory 250-252 camera 260 Sensor 270 Flapper gate 280 Display unit 290 Control unit 300 Sales device

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Devices For Checking Fares Or Tickets At Control Points (AREA)
  • Time Recorders, Dirve Recorders, Access Control (AREA)
  • Collating Specific Patterns (AREA)

Abstract

An authentication device according to the present embodiment is provided with a memory, a receiving unit, a comparison unit, and a transmission unit. The memory stores first biometric authentication information, which is about a device owner, in association with qualification information. The receiving unit receives second biometric authentication information about an authentication target person, which is acquired by another device. The comparison unit compares the first biometric authentication information with the second biometric authentication information, and generates an authentication result. The transmission unit transmits, to another device, the authentication result when the qualification information meets a prescribed condition.

Description

認証装置、認証方法およびプログラムAuthentication device, authentication method and program
 本技術は、認証装置に関する。詳しくは、生体認証情報を用いて資格情報に応じた認証を行う認証装置、および、その処理方法ならびに当該方法をコンピュータに実行させるプログラムに関する。 The present technology relates to an authentication device. More specifically, the present invention relates to an authentication device that performs authentication according to qualification information using biometric authentication information, a processing method thereof, and a program that causes a computer to execute the method.
 近年、施設への入場の際に本人であることを認証するために、顔認証などの生体認証が利用されるようになっている。例えば、顔写真などの個人情報を予め認証サーバに登録しておいて、商取引の際にカメラや指紋照合器によって照合を行い、本人確認を行う認証システムが提案されている(例えば、特許文献1参照。)。 In recent years, biometric authentication such as face authentication has been used to authenticate the identity of the person when entering the facility. For example, an authentication system has been proposed in which personal information such as a face photograph is registered in advance in an authentication server, and a camera or a fingerprint collator is used for verification during a commercial transaction to verify the identity of the person (for example, Patent Document 1). reference.).
特開2004-038917号公報JP, 2004-038917, A
 上述の従来技術では、予め登録された生体情報と実際に取得された生体情報とを比較することにより、本人であるか否かの認証を行っている。しかしながら、この従来技術では、個人情報である顔写真などを第三者に予め提出しなければならず、個人情報の取り扱いに問題を生じる可能性がある。また、不特定多数が通るゲートや交通系改札機では、全ての通過者の生体情報を用意することが現実的ではないという問題がある。 In the above-mentioned conventional technique, the biometric information registered in advance and the biometric information actually acquired are compared to authenticate the person. However, with this conventional technique, a facial photograph or the like, which is personal information, must be submitted in advance to a third party, which may cause a problem in handling personal information. In addition, there is a problem that it is not realistic to prepare biometric information of all passers in a gate or a traffic ticket gate through which an unspecified number of people pass.
 本技術はこのような状況に鑑みて生み出されたものであり、個人情報を第三者に登録することなく、本人認証を行うことを目的とする。  This technology was created in view of such a situation, and the purpose is to perform personal authentication without registering personal information with a third party.
 本技術は、上述の問題点を解消するためになされたものであり、その第1の側面は、装置所有者の生体認証情報である第1の生体認証情報および資格情報を関連付けて記憶するメモリと、他の装置において取得された認証対象者の生体認証情報である第2の生体認証情報を受信する受信部と、上記第1の生体認証情報と上記第2の生体認証情報とを比較して認証結果を生成する比較部と、上記資格情報が所定の条件を満たす場合に上記認証結果を上記他の装置に送信する送信部とを具備する認証装置、その認証方法、および、プログラムである。これにより、資格情報と関連付けて記憶する第1の生体認証情報と他の装置において取得された第2の生体認証情報と比較して、資格情報が所定の条件を満たす場合にその認証結果を送信するという作用をもたらす。 The present technology has been made in order to solve the above-mentioned problems, and a first aspect thereof is a memory that stores first biometric authentication information that is biometric authentication information of a device owner and qualification information in association with each other. And a receiving unit that receives the second biometric authentication information, which is the biometric authentication information of the person to be authenticated acquired in another device, and the first biometric authentication information and the second biometric authentication information. An authentication apparatus, an authentication method, and a program including a comparing section for generating an authentication result according to the above, and a transmitting section for transmitting the authentication result to the other apparatus when the qualification information satisfies a predetermined condition. .. Thus, the first biometric authentication information stored in association with the qualification information is compared with the second biometric authentication information acquired by another device, and if the qualification information satisfies a predetermined condition, the authentication result is transmitted. Brings the effect of doing.
 また、この第1の側面において、上記送信部は、上記資格情報を上記他の装置に送信し、上記受信部は、上記資格情報について上記所定の条件を満たす旨が上記他の装置において判断された場合に上記他の装置から上記第2の生体認証情報を受信するようにしてもよい。これにより、資格情報が所定の条件を満たすか否かを他の装置に判断させるという作用をもたらす。 Further, in the first aspect, the transmission unit transmits the qualification information to the other device, and the reception unit determines that the qualification information satisfies the predetermined condition in the other device. In this case, the second biometric authentication information may be received from the other device. This brings about the effect of causing another device to judge whether or not the qualification information satisfies a predetermined condition.
 また、この第1の側面において、上記受信部は、上記他の装置における許可条件を上記他の装置からさらに受信し、上記送信部は、上記資格情報が上記許可条件を満たす場合に上記所定の条件を満たすものとして上記認証結果を上記他の装置に送信するようにしてもよい。これにより、資格情報が所定の条件を満たすか否かを判断した上で認証結果を他の装置に送信するという作用をもたらす。 Further, in the first aspect, the reception unit further receives a permission condition in the other device from the other device, and the transmission unit determines the predetermined condition when the qualification information satisfies the permission condition. The authentication result may be transmitted to the other device as satisfying the condition. This brings about an effect that the authentication result is transmitted to another device after determining whether the qualification information satisfies a predetermined condition.
 また、この第1の側面において、上記受信部および上記送信部は、所定の1対1通信により上記他の装置との間で送受信を行うようにしてもよい。これにより、接続に要する時間を短縮するという作用をもたらす。 Also, in the first aspect, the receiving unit and the transmitting unit may perform transmission and reception with the other device by predetermined one-to-one communication. This brings about the effect of shortening the time required for connection.
 また、この第1の側面において、上記第1および第2の生体認証情報は、例えば、人物の顔画像、虹彩画像、指紋画像が想定される。 Further, in the first aspect, the first and second biometric authentication information is assumed to be, for example, a face image of a person, an iris image, or a fingerprint image.
 また、この第1の側面において、上記第2の生体認証情報は、複数の顔画像を備え、上記比較部は、上記第2の生体認証情報の何れかの顔画像が上記第1の生体認証情報の顔画像と一致した場合に認証成功した旨の上記認証結果を生成するようにしてもよい。この場合において、上記第2の生体認証情報の複数の顔画像は、互いに異なる人物の顔画像であってもよく、また、同一人物の異なる角度の顔画像であってもよい。 In the first aspect, the second biometric authentication information includes a plurality of face images, and the comparing unit determines that the face image of any one of the second biometric authentication information is the first biometric authentication. The authentication result indicating that the authentication is successful may be generated when the information matches the face image of the information. In this case, the plurality of face images of the second biometric authentication information may be face images of different persons or face images of the same person at different angles.
 また、この第1の側面において、上記資格情報は、施設への入場資格に関する情報であり、上記送信部は、上記第1の生体認証情報と上記第2の生体認証情報とが一致し、かつ、上記資格情報が所定の条件を満たす場合に、上記施設への入場を許可する旨の通知を上記他の装置に送信するようにしてもよい。これにより、生体認証情報の認証結果に応じて施設への入場を制御するという作用をもたらす。 Further, in the first aspect, the qualification information is information regarding entrance qualification to the facility, and the transmission unit is configured such that the first biometric authentication information and the second biometric authentication information match, and Alternatively, when the qualification information satisfies a predetermined condition, a notification to the effect that admission to the facility is permitted may be transmitted to the other device. This brings about the effect of controlling entrance to the facility according to the authentication result of the biometric authentication information.
 また、本技術の第2の側面は、他の装置の所有者の第1の生体認証情報および資格情報を関連付けて記憶する上記他の装置から上記資格情報を受信する受信部と、上記資格情報が所定の条件を満たす場合に接近者の生体認証情報である第2の生体認証情報を取得する取得部と、上記第2の生体認証情報を上記他の装置に送信する送信部と、上記第1の生体認証情報と上記第2の生体認証情報との比較に基づく認証結果を上記他の装置から受けて上記認証結果に応じた制御を行う制御部とを具備する認証装置、その認証方法、および、プログラムである。これにより、資格情報が所定の条件を満たす場合に第2の生体認証情報を他の装置に送信して認証を実行させて、その認証結果に応じて制御を行うという作用をもたらす。また、この場合において、開閉動作を行うゲート部をさらに具備し、上記制御部は、上記認証結果に応じて上記ゲート部を制御するようにしてもよい。また、上記制御部は、上記取得部によって取得された上記第2の生体認証情報が上記送信部によって送信された後に、上記第2の生体認証情報を消去するようにしてもよい。 In addition, a second aspect of the present technology is a receiving unit that receives the qualification information from the other device that stores the first biometric authentication information and the qualification information of the owner of the other device in association with each other, and the qualification information. When a predetermined condition is satisfied, an acquisition unit that acquires second biometric authentication information that is biometric authentication information of an approaching individual, a transmission unit that transmits the second biometric authentication information to the other device, and An authentication device comprising an authentication result based on a comparison between the first biometric authentication information and the second biometric authentication information from the other device and performs control according to the authentication result, and an authentication method thereof. And a program. As a result, when the qualification information satisfies a predetermined condition, the second biometric authentication information is transmitted to another device to perform authentication, and control is performed according to the authentication result. Further, in this case, a gate unit for performing an opening/closing operation may be further provided, and the control unit may control the gate unit according to the authentication result. Further, the control unit may delete the second biometric authentication information after the second biometric authentication information acquired by the acquisition unit is transmitted by the transmission unit.
 また、本技術の第3の側面は、他の装置の所有者の第1の生体認証情報および資格情報を関連付けて記憶する上記他の装置が接近した際に接近者の生体認証情報である第2の生体認証情報を取得する取得部と、上記第2の生体認証情報および許可条件を上記他の装置に送信する送信部と、上記資格情報が上記許可条件を満たす場合に上記第1の生体認証情報と上記第2の生体認証情報との比較に基づく認証結果を上記他の装置から受けて上記認証結果に応じた制御を行う制御部とを具備する認証装置、その認証方法、および、プログラムである。これにより、接近者の第2の生体認証情報および許可条件を他の装置に送信して、資格情報が許可条件を満たす場合に認証を実行させて、その認証結果に応じて制御を行うという作用をもたらす。また、この場合において、開閉動作を行うゲート部をさらに具備し、上記制御部は、上記認証結果に応じて上記ゲート部を制御するようにしてもよい。また、上記制御部は、上記取得部によって取得された上記第2の生体認証情報が上記送信部によって送信された後に、上記第2の生体認証情報を消去するようにしてもよい。 Further, a third aspect of the present technology is biometric authentication information of an approaching individual when the other device, which stores the first biometric authentication information and the qualification information of the owner of the other device in association with each other, approaches. No. 2 acquisition unit for acquiring biometric authentication information, a transmission unit for transmitting the second biometric authentication information and the permission condition to the other device, and the first biometric unit when the qualification information satisfies the permission condition. An authentication device including an authentication result based on a comparison between the authentication information and the second biometric authentication information from the other device and performing control according to the authentication result, an authentication method thereof, and a program Is. Thus, the second biometric authentication information of the approaching individual and the permission condition are transmitted to another device, authentication is performed when the qualification information satisfies the permission condition, and control is performed according to the authentication result. Bring Further, in this case, a gate unit for performing an opening/closing operation may be further provided, and the control unit may control the gate unit according to the authentication result. Further, the control unit may delete the second biometric authentication information after the second biometric authentication information acquired by the acquisition unit is transmitted by the transmission unit.
本技術の実施の形態におけるゲートシステムの全体構成の一例を示す図である。It is a figure showing an example of the whole composition of the gate system in an embodiment of this art. 本技術の実施の形態における端末100の構成の一例を示す図である。It is a figure showing an example of composition of terminal 100 in an embodiment of this art. 本技術の実施の形態におけるゲート装置200の構成の一例を示す図である。It is a figure showing an example of composition of gate device 200 in an embodiment of this art. 本技術の実施の形態におけるゲート装置200の外観イメージ例を示す図である。It is a figure showing an example of appearance image of gate device 200 in an embodiment of this art. 本技術の実施の形態における端末100とゲート装置200との間の通信手順例を示すシーケンス図である。It is a sequence diagram which shows the example of a communication procedure between the terminal 100 and the gate apparatus 200 in embodiment of this technique. 本技術の実施の形態の適用例であるIEEE802.15.3eの通信手順例を示すタイミング図である。It is a timing diagram which shows the example of a communication procedure of IEEE802.15.3e which is an application example of embodiment of this technique. 本技術の実施の形態における管理サーバ400によって管理されるチケットデータベースのフィールド構成の一例を示す図である。It is a figure showing an example of field composition of a ticket database managed by management server 400 in an embodiment of this art. 本技術の実施の形態におけるチケット購入時の処理手順の一例を示す流れ図である。It is a flow chart which shows an example of a processing procedure at the time of ticket purchase in an embodiment of this art. 本技術の第1の実施の形態における施設入場時の処理手順の一例を示す流れ図である。It is a flow chart which shows an example of a processing procedure at the time of facility entrance in a 1st embodiment of this art. 本技術の実施の形態における第1の変形例を示す図である。It is a figure showing the 1st modification in an embodiment of this art. 本技術の実施の形態における第2の変形例を示す図である。It is a figure which shows the 2nd modification in embodiment of this technique. 本技術の第2の実施の形態における施設入場時の処理手順の一例を示す流れ図である。It is a flow chart showing an example of a processing procedure at the time of facility entrance in a 2nd embodiment of this art.
 以下、本技術を実施するための形態(以下、実施の形態と称する)について説明する。説明は以下の順序により行う。
 1.第1の実施の形態(端末からチケットIDを提示する例)
 2.第2の実施の形態(ゲート装置が生体認証情報とともに許可条件を送信する例) Hereinafter, modes for carrying out the present technology (hereinafter, referred to as embodiments) will be described. The description will be given in the following order.
1. First embodiment (example of presenting a ticket ID from a terminal)
2. Second embodiment (example in which a gate device transmits permission conditions together with biometric authentication information)
 <1.第1の実施の形態>
 [ゲートシステム]
 図1は、本技術の実施の形態におけるゲートシステムの全体構成の一例を示す図である。 <1. First Embodiment>
[Gate system]
FIG. 1 is a diagram showing an example of the overall configuration of a gate system according to an embodiment of the present technology.
 このゲートシステムは、施設への入場を管理するシステムである。このゲートシステムは、端末100と、ゲート装置200と、販売装置300と、管理サーバ400とを備える。  This gate system is a system that manages entrance to the facility. This gate system includes a terminal 100, a gate device 200, a selling device 300, and a management server 400.
 端末100は、ユーザが所有する端末である。ユーザは、この端末100を利用してチケットの購入をし、この端末100を携帯して施設に入場する。この実施の形態において、チケットは、特定の人物が施設に入場できる権利を証明するもの全般を意味し、コンサート会場や映画館への入場券、交通機関の旅券や定期券、スキー場の1日リフト券などの電子チケットを広く包含する概念である。 The terminal 100 is a terminal owned by the user. The user uses the terminal 100 to purchase a ticket and carries the terminal 100 to enter the facility. In this embodiment, the ticket means all things that prove the right of a specific person to enter the facility, such as an admission ticket to a concert venue or a movie theater, a transportation passport or a commuter pass, and a day at a ski resort. It is a concept that widely includes electronic tickets such as lift tickets.
 ゲート装置200は、施設の入場口に設置される入場ゲートである。このゲート装置200は、端末100を携帯するユーザから顔写真の画像データ(顔画像)などの生体認証情報を取得して、その取得した生体認証情報を端末100に送信する。その後、端末100から認証成功の通知を受けると、ゲートを開く等の通過許可動作を行う。 The gate device 200 is an entrance gate installed at the entrance of the facility. The gate device 200 acquires biometric authentication information such as image data of a face photograph (face image) from a user who carries the terminal 100, and transmits the acquired biometric authentication information to the terminal 100. After that, when a notification of successful authentication is received from the terminal 100, a pass permission operation such as opening a gate is performed.
 販売装置300は、施設に入場するためのチケットを販売するものである。この販売装置300は、端末100からの購入依頼に応じてチケット等を販売する。この販売装置300は、チケットの販売の際にチケットID等の資格情報を発行して、端末100に送信する。 The selling device 300 sells tickets for entering the facility. The selling device 300 sells tickets and the like in response to a purchase request from the terminal 100. This vending device 300 issues qualification information such as a ticket ID when the ticket is sold, and sends it to the terminal 100.
 管理サーバ400は、販売されたチケットに関する情報を管理するサーバである。この管理サーバ400は、販売装置300によって販売されたチケットのチケットID等の資格情報を記憶して、必要に応じてその資格情報をゲート装置200に供給する。この管理サーバ400は、ユーザに関する必要最低限の情報を記憶し得るが、ユーザの顔写真の画像データなどの生体認証情報は記憶しない。 The management server 400 is a server that manages information about sold tickets. The management server 400 stores qualification information such as a ticket ID of a ticket sold by the sales device 300, and supplies the qualification information to the gate device 200 as necessary. The management server 400 can store the minimum necessary information about the user, but does not store biometric authentication information such as image data of a facial photograph of the user.
 [端末]
 図2は、本技術の実施の形態における端末100の構成の一例を示す図である。 [Terminal]
FIG. 2 is a diagram showing an example of the configuration of the terminal 100 in the embodiment of the present technology.
 この端末100は、アンテナ110と、アンテナスイッチ115と、受信機120と、送信機130と、受信メモリ140と、個人情報メモリ150と、比較機160と、カメラ180と、制御部190とを備える。 This terminal 100 includes an antenna 110, an antenna switch 115, a receiver 120, a transmitter 130, a reception memory 140, a personal information memory 150, a comparator 160, a camera 180, and a controller 190. ..
 アンテナ110は、他の装置との間の通信を行うためのアンテナである。受信機120は、他の装置からの信号を受信して復調するものである。送信機130は、信号を変調して他の装置に送信するものである。アンテナスイッチ115は、アンテナ110と受信機120または送信機130との間の経路を切り替えるスイッチである。なお、受信機120は、特許請求の範囲に記載の受信部の一例である。また、送信機130は、特許請求の範囲に記載の送信部の一例である。 The antenna 110 is an antenna for communicating with other devices. The receiver 120 receives a signal from another device and demodulates it. The transmitter 130 modulates a signal and transmits it to another device. The antenna switch 115 is a switch that switches a path between the antenna 110 and the receiver 120 or the transmitter 130. The receiver 120 is an example of the receiving unit described in the claims. Further, the transmitter 130 is an example of the transmission unit described in the claims.
 受信メモリ140は、他の装置から受信したデータを記憶するメモリである。具体的には、この受信メモリ140は、ゲート装置200から受信した顔写真の画像データを生体認証情報として記憶する。 The reception memory 140 is a memory that stores data received from another device. Specifically, the reception memory 140 stores the image data of the face photograph received from the gate device 200 as biometric authentication information.
 カメラ180は、被写体を撮影するためのカメラである。このカメラ180は、例えば、端末100の所有者の顔写真を撮影するために用いられる。 The camera 180 is a camera for photographing a subject. The camera 180 is used, for example, to take a facial photograph of the owner of the terminal 100.
 個人情報メモリ150は、端末100の所有者を認証するために必要な個人情報を記憶するメモリである。具体的には、この個人情報メモリ150は、端末100の所有者の顔写真を生体認証情報として記憶する。この顔写真は、カメラ180によって撮影された顔写真であってもよく、また、別途用意されたものであってもよい。また、この個人情報メモリ150は、チケット購入時に販売装置300から発行されたチケットID等の資格情報を記憶する。この個人情報メモリ150において、資格情報および生体認証情報は関連付けて記憶される。すなわち、資格情報が所定の条件を満たす場合に、その資格情報に関連付けて記憶される生体認証情報が認証対象となる。 The personal information memory 150 is a memory that stores personal information necessary for authenticating the owner of the terminal 100. Specifically, the personal information memory 150 stores a face photograph of the owner of the terminal 100 as biometric authentication information. This facial photograph may be a facial photograph taken by the camera 180 or may be prepared separately. The personal information memory 150 also stores qualification information such as a ticket ID issued from the selling device 300 when the ticket is purchased. In the personal information memory 150, the qualification information and the biometric authentication information are stored in association with each other. That is, when the qualification information satisfies a predetermined condition, the biometric authentication information stored in association with the qualification information becomes an authentication target.
 この個人情報メモリ150は、改竄され難いセキュアなメモリであることが望ましい。特に、チケットの転売を防止するために、資格情報と生体認証情報との関連付けについては一定の規則を設けることが望ましい。例えば、チケット購入時またはチケット購入後の一定期間内に顔写真の画像データを個人情報メモリ150に、資格情報と紐付けて登録することを義務付けて、その後の書き換えを禁止することが考えられる。これにより、チケット購入後に他者に転売されて、なりすましによる入場が行われてしまうことを防止することができる。なお、個人情報メモリ150は、特許請求の範囲に記載のメモリの一例である。 It is desirable that the personal information memory 150 is a secure memory that is hard to be tampered with. In particular, in order to prevent resale of tickets, it is desirable to set a certain rule for associating the qualification information with the biometric authentication information. For example, it is conceivable that the image data of the face photograph is required to be registered in the personal information memory 150 in association with the qualification information when the ticket is purchased or within a certain period after the ticket is purchased, and the rewriting after that is prohibited. As a result, it is possible to prevent the person from being resold to another person after the ticket is purchased and being impersonated. The personal information memory 150 is an example of the memory described in the claims.
 比較機160は、受信メモリ140に記憶される生体認証情報と、個人情報メモリ150に記憶される生体認証情報とを比較して、認証結果を生成するものである。すなわち、ゲート装置200から受信した顔写真の画像データが、個人情報メモリ150に記憶される顔写真の画像データと一致していれば、認証に成功したとの認証結果を生成する。一方、ゲート装置200から受信した顔写真の画像データが、個人情報メモリ150に記憶される顔写真の画像データと一致していなければ、認証に失敗したとの認証結果を生成する。この比較機160による認証結果は、送信機130によってゲート装置200に送信される。なお、比較機160は、特許請求の範囲に記載の比較部の一例である。 The comparator 160 compares the biometric authentication information stored in the reception memory 140 with the biometric authentication information stored in the personal information memory 150 to generate an authentication result. That is, if the image data of the face photograph received from the gate device 200 matches the image data of the face photograph stored in the personal information memory 150, an authentication result indicating that the authentication is successful is generated. On the other hand, if the image data of the face photograph received from the gate device 200 does not match the image data of the face photograph stored in the personal information memory 150, an authentication result indicating that the authentication has failed is generated. The authentication result by the comparator 160 is transmitted to the gate device 200 by the transmitter 130. The comparator 160 is an example of a comparison unit described in the claims.
 制御部190は、端末100の各部の動作を制御するものである。 The control unit 190 controls the operation of each unit of the terminal 100.
 この第1の実施の形態では、施設への入場の際に、端末100からゲート装置200に資格情報(チケットID)が送信されることを想定している。これにより、ゲート装置200において資格情報の有効性が判断され、資格情報が所定の条件を満たす場合に、ゲート装置200から端末100に生体認証情報(顔写真の画像データ)が送信される。したがって、比較機160によって認証が行われている段階においては、既に資格情報が所定の条件を満たしていることになる。なお、個人情報メモリ150に記憶された顔写真の画像データは、特許請求の範囲に記載の第1の生体認証情報の一例である。また、受信メモリ150に記憶された顔写真の画像データは、特許請求の範囲に記載の第2の生体認証情報の一例である。また、チケットIDは、特許請求の範囲に記載の資格情報の一例である。 In the first embodiment, it is assumed that the qualification information (ticket ID) is transmitted from the terminal 100 to the gate device 200 when entering the facility. As a result, the validity of the qualification information is determined in the gate device 200, and when the qualification information satisfies a predetermined condition, the biometric authentication information (image data of a face photograph) is transmitted from the gate device 200 to the terminal 100. Therefore, at the stage when the authentication is being performed by the comparator 160, the qualification information already satisfies the predetermined condition. The image data of the face photograph stored in the personal information memory 150 is an example of the first biometric authentication information described in the claims. The image data of the face photograph stored in the reception memory 150 is an example of the second biometric authentication information described in the claims. The ticket ID is an example of the qualification information described in the claims.
 [ゲート装置]
 図3は、本技術の実施の形態におけるゲート装置200の構成の一例を示す図である。 [Gate device]
FIG. 3 is a diagram illustrating an example of a configuration of the gate device 200 according to the embodiment of the present technology.
 このゲート装置200は、アンテナ210と、アンテナスイッチ215と、受信機220と、送信機230と、一時メモリ240と、カメラ250と、センサ260と、フラッパーゲート270と、表示部280と、制御部290とを備える。 The gate device 200 includes an antenna 210, an antenna switch 215, a receiver 220, a transmitter 230, a temporary memory 240, a camera 250, a sensor 260, a flapper gate 270, a display unit 280, and a control unit. And 290.
 アンテナ210は、他の装置との間の通信を行うためのアンテナである。受信機220は、他の装置からの信号を受信して復調するものである。送信機230は、信号を変調して他の装置に送信するものである。アンテナスイッチ215は、アンテナ210と受信機220または送信機230との間の経路を切り替えるスイッチである。なお、受信機220は、特許請求の範囲に記載の受信部の一例である。また、送信機230は、特許請求の範囲に記載の送信部の一例である。 The antenna 210 is an antenna for communicating with another device. The receiver 220 receives a signal from another device and demodulates it. The transmitter 230 modulates a signal and transmits it to another device. The antenna switch 215 is a switch that switches a path between the antenna 210 and the receiver 220 or the transmitter 230. The receiver 220 is an example of the receiving unit described in the claims. Further, the transmitter 230 is an example of the transmission unit described in the claims.
 センサ260は、ゲート装置200に近づく人物を感知するセンサである。このセンサ260は、例えば、赤外線、超音波、可視光などを利用した人感センサにより実現することができる。 The sensor 260 is a sensor that detects a person approaching the gate device 200. The sensor 260 can be realized by, for example, a human sensor that uses infrared rays, ultrasonic waves, visible light, or the like.
 カメラ250は、ゲート装置200に近づく人物がセンサ260により感知された際に、その人物の顔を撮影するためのカメラである。なお、このカメラ250を監視カメラとして用いることにより、センサ260と兼用してもよい。なお、カメラ250は、特許請求の範囲に記載の取得部の一例である。 The camera 250 is a camera for photographing the face of a person who approaches the gate device 200 when the sensor 260 detects the person. It should be noted that the camera 250 may be used as a monitoring camera, and may also be used as the sensor 260. The camera 250 is an example of the acquisition unit described in the claims.
 一時メモリ240は、カメラ250によって撮影された顔写真の画像データを一時的に記憶するメモリである。この一時メモリ240に記憶された顔写真の画像データは、送信機230を介して端末100に送信された後に消去される。これにより、撮影された顔写真の画像データをゲート装置200に残すことなく、端末100における認証に委ねることができる。 The temporary memory 240 is a memory that temporarily stores image data of a face photograph taken by the camera 250. The image data of the facial photograph stored in the temporary memory 240 is erased after being transmitted to the terminal 100 via the transmitter 230. As a result, it is possible to entrust the authentication in the terminal 100 without leaving the image data of the taken face photograph in the gate device 200.
 フラッパーゲート270は、施設の入場口において開閉動作を行うゲートである。このフラッパーゲート270は、制御部290からの制御に従って、ゲート装置200に近づく人物を通過させる場合には開く動作を行い、通過させない場合には閉じる動作を行う。なお、フラッパーゲート270は、特許請求の範囲に記載のゲート部の一例である。 The flapper gate 270 is a gate that opens and closes at the entrance of the facility. Under the control of the control unit 290, the flapper gate 270 performs an opening operation when passing a person approaching the gate apparatus 200, and performs a closing operation when not passing the person. The flapper gate 270 is an example of the gate unit described in the claims.
 表示部280は、画像や音声を出力するものである。この表示部280は、制御部290からの制御に従って、ゲート装置200に近づく人物を通過させる場合には通過可能である旨の文字や音声を出力し、通過させない場合には通過不可である旨の文字や音声を出力する。 The display unit 280 outputs images and sounds. Under the control of the control unit 290, the display unit 280 outputs a character or voice indicating that the person who approaches the gate apparatus 200 is able to pass, and when not passing the person, it is impossible to pass. Output characters and voice.
 制御部290は、ゲート装置200の各部の動作を制御するものである。なお、制御部290は、特許請求の範囲に記載の制御部の一例である。 The control unit 290 controls the operation of each unit of the gate device 200. The control unit 290 is an example of the control unit described in the claims.
 図4は、本技術の実施の形態におけるゲート装置200の外観イメージ例を示す図である。 FIG. 4 is a diagram showing an example of an external image of the gate device 200 according to the embodiment of the present technology.
 この例では、施設の入場口にゲート装置200が設けられており、入場者はこのゲート装置200の間を通過することにより施設内に入場することができる。人物が近付くとセンサ260がそれを感知する。センサ260が人物を感知すると、カメラ250はその人物の顔を撮影して、一時メモリ240に記憶する。このとき、制御部290は、フラッパーゲート270をいったん閉じるように制御してもよい。 In this example, the gate device 200 is provided at the entrance of the facility, and the visitors can enter the facility by passing between the gate devices 200. When a person approaches, the sensor 260 detects it. When the sensor 260 detects a person, the camera 250 takes a picture of the person's face and stores it in the temporary memory 240. At this time, the control unit 290 may control the flapper gate 270 to close it once.
 一時メモリ240に記憶された顔写真の画像データは、一時メモリ240から送信機230を通り、アンテナスイッチ215で切り替えられて、アンテナ210を介して端末100に向けて送信される。 The image data of the face photograph stored in the temporary memory 240 passes through the transmitter 230 from the temporary memory 240, is switched by the antenna switch 215, and is transmitted to the terminal 100 via the antenna 210.
 このとき、端末100は通常は受信モードになっているため、アンテナ110によって受信した信号は、アンテナスイッチ115を通って受信機120に送られ、そのまま撮影顔データは受信メモリ140に格納される。 At this time, since the terminal 100 is normally in the reception mode, the signal received by the antenna 110 is sent to the receiver 120 through the antenna switch 115, and the captured face data is stored in the reception memory 140 as it is.
 比較機160は、この受信メモリ140に格納された撮影顔データと、予め個人情報メモリ150に記憶されている入場者の顔写真データとを比較する。そして、この2つの顔写真が一致した場合には認証成功が、一致していない場合には認証失敗が、認証結果として、送信機130から送信される。このとき、アンテナスイッチ115が送信側に切り替えられて、アンテナ110を介してゲート装置200に送信が行われる。 The comparator 160 compares the photographed face data stored in the reception memory 140 with the face photograph data of the attendee stored in the personal information memory 150 in advance. Then, if the two face photographs match, authentication success is transmitted, and if they do not match, authentication failure is transmitted from the transmitter 130 as the authentication result. At this time, the antenna switch 115 is switched to the transmission side, and transmission is performed to the gate device 200 via the antenna 110.
 ゲート装置200では、アンテナ210およびアンテナスイッチ215を介して受信機220によってこれを受信して、その結果を制御部290が判断する。制御部290は、認証成功の場合にはフラッパーゲート270を開き、表示部280では通過可能の文字や音で表現し、入場者を通す。一方、認証失敗の場合には、フラッパーゲート270を閉じるとともに、表示部280を使って文字や音で入場者を通過させない処理を行う。 In the gate apparatus 200, the receiver 220 receives this via the antenna 210 and the antenna switch 215, and the control unit 290 judges the result. When the authentication is successful, the control unit 290 opens the flapper gate 270, expresses the characters and sounds that can be passed on the display unit 280, and passes the visitors. On the other hand, in the case of the authentication failure, the flapper gate 270 is closed, and the display unit 280 is used to perform a process of not letting the visitors pass by using characters or sounds.
 [通信プロトコル]
 図5は、本技術の実施の形態における端末100とゲート装置200との間の通信手順例を示すシーケンス図である。 [Communication protocol]
FIG. 5 is a sequence diagram showing an example of a communication procedure between the terminal 100 and the gate device 200 according to the embodiment of the present technology.
 ゲートシステムにおいては、端末100を携帯する人物がゲート装置200に近づいた際に速やかに通信接続を行う必要がある。Wi-Fiに代表されるような1対N通信では、接続時に周囲端末のサーチが必要で、そのサーチ処理に時間がかかり、ゲート通過までに確実に通信処理が完了しないおそれがある。そのため、ゲートシステムには、高速接続可能な1対1通信が適していると考えられる。そのような通信規格として、例えば、IEEE802.15.3eやTransferJet X(トランスファージェット エックス)などが想定される。ここでは、IEEE802.15.3eに適用した場合の通信手順例について説明する。 In the gate system, when a person carrying the terminal 100 approaches the gate device 200, it is necessary to make a communication connection promptly. In 1-to-N communication represented by Wi-Fi, it is necessary to search for surrounding terminals at the time of connection, the search processing takes time, and there is a possibility that communication processing will not be completed by the time the gate passes. Therefore, it is considered that one-to-one communication capable of high-speed connection is suitable for the gate system. As such a communication standard, for example, IEEE802.15.3e or TransferJet X (Transfer Jet X) is assumed. Here, an example of a communication procedure when applied to IEEE802.15.3e will be described.
 ゲート装置200は、ある一定間隔でビーコン711を送信している。ゲート装置200に近づいた端末100はこのビーコン711を受信し、アソシエーションリクエスト721を返送する。アソシエーションリクエスト721を受けたゲート装置200は、アソシエーションレスポンス722を送信する。端末100は、アソシエーションレスポンス722に対する受信確認信号(Ack)723を送信し、これをゲート装置200が受信すると、1対1通信の接続が完了する。 Gate apparatus 200 transmits beacon 711 at a certain fixed interval. The terminal 100 approaching the gate device 200 receives this beacon 711 and returns an association request 721. The gate apparatus 200 that has received the association request 721 transmits an association response 722. The terminal 100 transmits a reception confirmation signal (Ack) 723 to the association response 722, and when the gate device 200 receives the reception confirmation signal (Ack) 723, the connection for one-to-one communication is completed.
 接続が完了すると、ゲート装置200は、撮影した顔画像のデータ731を端末100に送信する。顔画像のデータ731を受信した端末100は、受信確認信号(Ack)732をゲート装置200に返送する。 When the connection is completed, the gate device 200 transmits the captured face image data 731 to the terminal 100. The terminal 100, which has received the face image data 731, returns a reception confirmation signal (Ack) 732 to the gate device 200.
 端末100は、顔画像の比較を行い、その判定結果733をゲート装置200に送信する。判定結果733を受信したゲート装置200は、受信確認信号(Ack)734をゲート装置200に返送し、判定結果に対応した処理を行うことになる。 The terminal 100 compares face images and sends the determination result 733 to the gate device 200. The gate device 200 that has received the determination result 733 returns a reception confirmation signal (Ack) 734 to the gate device 200, and performs processing corresponding to the determination result.
 図6は、本技術の実施の形態の適用例であるIEEE802.15.3eの通信手順例を示すタイミング図である。 FIG. 6 is a timing diagram showing an example of a communication procedure of IEEE802.15.3e, which is an application example of the embodiment of the present technology.
 ゲート装置200は、セットアップ期間においてビーコン711を一定間隔で送信する。ビーコン711を受信した端末100は、ビーコン711からSIFS(Short InterFrame Space)経過後のアクセススロットにおいて、アソシエーションリクエスト721を送信する。 Gate apparatus 200 transmits beacon 711 at regular intervals during the setup period. The terminal 100 that has received the beacon 711 transmits an association request 721 in the access slot after the SIFS (Short Inter Frame Space) has elapsed from the beacon 711.
 アソシエーションリクエスト721を受信したゲート装置200がアソシエーションレスポンス722を送信して、端末100が受信確認信号(Stk-Ack)723を送信すると、接続が完了して、セット期間から接続状態に移行する。なお、IEEE802.15.3eにおいては、ビーコン711の受信から受信確認信号723の送信までのセットアップタイムは、2ミリ秒未満でなければならない旨が規定されている。 When the gate device 200 that has received the association request 721 transmits an association response 722 and the terminal 100 transmits a reception confirmation signal (Stk-Ack) 723, the connection is completed and the set period is changed to the connected state. Note that IEEE802.15.3e stipulates that the setup time from the reception of the beacon 711 to the transmission of the reception confirmation signal 723 must be less than 2 milliseconds.
 接続状態を解除する際には、端末100からディスアソシエーションリクエスト739を送信する。これにより、接続状態は解除され、ゲート装置200は、ビーコンを送信するセットアップ状態に再び遷移する。 When releasing the connection state, the terminal 100 transmits a disassociation request 739. As a result, the connection state is released, and the gate apparatus 200 transits again to the setup state in which the beacon is transmitted.
 [管理サーバ]
 図7は、本技術の実施の形態における管理サーバ400によって管理されるチケットデータベースのフィールド構成の一例を示す図である。 Management server
FIG. 7 is a diagram showing an example of the field configuration of the ticket database managed by the management server 400 according to the embodiment of the present technology.
 管理サーバ400は、販売装置300によって販売されたチケットのチケットID等の資格情報を記憶して、必要に応じてその資格情報をゲート装置200に供給する。この例では、管理サーバ400は、チケットデータベースとして、チケットID411と、チケット販売日時412と、チケット情報413と、会員番号414とを記憶している。 The management server 400 stores the qualification information such as the ticket ID of the ticket sold by the sales device 300, and supplies the qualification information to the gate device 200 as necessary. In this example, the management server 400 stores a ticket ID 411, a ticket sales date and time 412, ticket information 413, and a member number 414 as a ticket database.
 チケットID411は、販売されたチケットの識別子である。チケット販売日時412は、チケットID411に対応するチケットが販売された日にちおよび時刻である。チケット情報413は、チケットID411に対応するチケットに関する情報である。このチケット情報413は、例えば、そのチケットの有効期間や、利用可能な施設を特定する情報などを含む。ゲート装置200は、チケットID411に対応するチケット情報413を参照することにより、端末100から受信したチケットIDがその施設において有効なものであるか否かを判断することができる。 The ticket ID 411 is an identifier of the sold ticket. The ticket sale date and time 412 is the date and time when the ticket corresponding to the ticket ID 411 was sold. The ticket information 413 is information regarding the ticket corresponding to the ticket ID 411. The ticket information 413 includes, for example, the validity period of the ticket and information that identifies available facilities. The gate device 200 can determine whether the ticket ID received from the terminal 100 is valid at the facility by referring to the ticket information 413 corresponding to the ticket ID 411.
 会員番号414は、チケットID411に対応するチケットを所有する所有者の識別子である。この会員番号414は、チケットデータベースとは異なる会員データベースにアクセスするための識別子である。会員データベースにおいて管理される情報は、個人情報を含み得るものであり、通常の場合、ゲート装置200からは自由にアクセスできないように管理される。 The member number 414 is an identifier of the owner who owns the ticket corresponding to the ticket ID 411. The member number 414 is an identifier for accessing a member database different from the ticket database. The information managed in the member database may include personal information, and is normally managed so that it cannot be freely accessed from the gate device 200.
 [動作]
 図8は、本技術の実施の形態におけるチケット購入時の処理手順の一例を示す流れ図である。 [motion]
FIG. 8 is a flowchart showing an example of a processing procedure when purchasing a ticket according to the embodiment of the present technology.
 チケット購入者は、端末100のカメラ180を用いて、自身の顔写真を撮影する(ステップS931)。この顔写真の画像データは個人情報メモリ150に記憶される。なお、個人情報メモリ150に記憶される画像データは、他の方法により取得されたものであってもよい。 The ticket purchaser uses the camera 180 of the terminal 100 to take a facial photograph of himself (step S931). The image data of this facial photograph is stored in the personal information memory 150. The image data stored in the personal information memory 150 may be acquired by another method.
 チケット購入者は、端末100を介して販売装置300にアクセスし、チケット購入手続を行う(ステップS932)。販売装置300は、端末100から送信された情報に従ってチケットを販売し、そのチケットのチケットIDを発行する(ステップS933)。発行されたチケットIDは、端末100に送信されるとともに、管理サーバ400のチケットデータベースに格納される(ステップS934)。 The ticket purchaser accesses the selling device 300 through the terminal 100 and performs the ticket purchase procedure (step S932). The selling device 300 sells a ticket according to the information transmitted from the terminal 100, and issues a ticket ID of the ticket (step S933). The issued ticket ID is transmitted to the terminal 100 and stored in the ticket database of the management server 400 (step S934).
 販売装置300からチケットIDを受信した端末100は、個人情報メモリ150に記憶される顔写真の画像データと紐付けて、個人情報メモリ150に格納される(ステップS935)。すなわち、チケットIDは顔写真の画像データと関連付けて記憶される。 The terminal 100, which has received the ticket ID from the selling device 300, is stored in the personal information memory 150 in association with the image data of the face photograph stored in the personal information memory 150 (step S935). That is, the ticket ID is stored in association with the image data of the face photograph.
 なお、この例では、予め撮影された顔写真の画像データとチケットIDとを紐付けることを想定したが、チケット購入中に端末100のカメラ180を用いて撮影するようにしてもよい。また、チケット購入の際には紐付けを行わずに、入場までの間に紐付けを行うようにしてもよい。ただし、上述のチケット転売防止の観点からは、早い段階で紐付けを行い、その後の書き換えを禁止することが望ましい。 In this example, it is assumed that the image data of the face photograph taken in advance is associated with the ticket ID, but the camera 180 of the terminal 100 may be used during the ticket purchase. Alternatively, the ticket may be tied before admission without being tied. However, from the viewpoint of preventing ticket resale as described above, it is desirable to perform the linking at an early stage and prohibit the subsequent rewriting.
 図9は、本技術の第1の実施の形態における施設入場時の処理手順の一例を示す流れ図である。 FIG. 9 is a flowchart showing an example of a processing procedure at the time of facility entrance in the first embodiment of the present technology.
 チケットを購入した入場者は、端末100を携帯して入場口に向かう。端末100がゲート装置200との通信範囲内に入ると、上述の通信プロトコルにより接続が行われる。そして、端末100は、チケットIDをゲート装置200に送信することにより、チケットIDの提示が行われる(ステップS911)。 Visitors who purchased the ticket carry the terminal 100 and head to the entrance. When the terminal 100 enters the communication range with the gate device 200, the connection is established by the communication protocol described above. Then, the terminal 100 presents the ticket ID by transmitting the ticket ID to the gate device 200 (step S911).
 端末100からチケットIDを受信したゲート装置200は、そのチケットIDがこの施設において有効なものであるか否かを判断する(ステップS912)。そのチケットIDが有効なものでなければ(ステップS912:No)、その端末100を携帯する人物の入場を拒否する(ステップS922)。すなわち、フラッパーゲート270を閉じる等の処理を行う。 The gate device 200 having received the ticket ID from the terminal 100 determines whether the ticket ID is valid at this facility (step S912). If the ticket ID is not valid (step S912: No), the person carrying the terminal 100 is denied entry (step S922). That is, processing such as closing the flapper gate 270 is performed.
 そのチケットIDが有効なものであれば(ステップS912:Yes)、ゲート装置200はカメラ250によってゲート装置200に近づく人物の顔写真を撮影して(ステップS913)、その顔写真の画像データを端末100に送信する(ステップS914)。撮影された顔写真の画像データは、一時メモリ240に一時的に記憶されるが、その後、すみやかに消去される(ステップS915)。 If the ticket ID is valid (step S912: Yes), the gate device 200 takes a facial photograph of a person who approaches the gate device 200 with the camera 250 (step S913), and the image data of the facial photograph is sent to the terminal. It is transmitted to 100 (step S914). The image data of the photographed face photograph is temporarily stored in the temporary memory 240, but is then immediately erased (step S915).
 ゲート装置200から顔写真の画像データを受信した端末100は、その顔写真の画像データを受信メモリ140に記憶する。そして、受信メモリ140に記憶した顔写真の画像データと、個人情報メモリ150に格納される顔写真の画像データとを、比較機160によって比較する(ステップS916)。この比較に基づく認証結果は送信機130からゲート装置200に送信される(ステップS917)。 The terminal 100 receiving the image data of the face photograph from the gate device 200 stores the image data of the face photograph in the reception memory 140. Then, the image data of the facial photograph stored in the reception memory 140 and the image data of the facial photograph stored in the personal information memory 150 are compared by the comparator 160 (step S916). The authentication result based on this comparison is transmitted from the transmitter 130 to the gate device 200 (step S917).
 端末100から認証結果を受信したゲート装置200は、その認証結果が認証成功を示していれば(ステップS919:Yes)、その端末100を携帯する人物の入場を許可する(ステップS921)。すなわち、フラッパーゲート270を開けて通過させる等の処理を行う。一方、認証結果が認証失敗を示していれば(ステップS919:No)、その端末100を携帯する人物の入場を拒否する(ステップS922)。なお、一定期間を経過しても認証結果を受信しない場合には、認証に失敗したものと判断され、入場は拒否される(ステップS922)。 If the authentication result indicates that the authentication is successful (step S919: Yes), the gate apparatus 200 that has received the authentication result from the terminal 100 allows the person carrying the terminal 100 to enter (step S921). That is, processing such as opening the flapper gate 270 and passing it is performed. On the other hand, if the authentication result indicates that the authentication has failed (step S919: No), the person who carries the terminal 100 is denied entry (step S922). If the authentication result is not received even after a certain period of time, it is determined that the authentication has failed, and the entrance is rejected (step S922).
 このように、本技術の第1の実施の形態では、チケットIDを提示した人物の顔写真をゲート装置200が撮影して、端末100に送信し、端末100において認証を行う。これにより、個人情報である顔写真の画像データを端末100以外の第三者の装置に登録することなく、端末100における認証結果を用いて、施設への入場を制御することができる。 As described above, in the first embodiment of the present technology, the gate device 200 takes a facial photograph of the person who has presented the ticket ID, transmits the photograph to the terminal 100, and the terminal 100 performs authentication. Thereby, the entrance to the facility can be controlled by using the authentication result in the terminal 100 without registering the image data of the facial photograph, which is the personal information, in the device of the third party other than the terminal 100.
 [変形例]
 図10は、本技術の実施の形態における第1の変形例を示す図である。 [Modification]
FIG. 10 is a diagram showing a first modification example in the embodiment of the present technology.
 上述の第1の実施の形態では、チケットIDを提示した端末100を特定して、その端末100を携帯する人物の顔写真を撮影していた。ゲート装置200に近づく人物が順番に並んでいるなどの条件下では、その特定は容易であると考えられる。ただし、大勢の人物が入場口に殺到した場合などには、候補となる複数人が撮影されてしまう場合もあり得る。その場合には、同図に示すように、候補となる複数人の顔領域510を撮影し、それらをまとめてゲート装置200から端末100に送信するようにしてもよい。 In the above-described first embodiment, the terminal 100 that has presented the ticket ID is specified, and the facial photograph of the person carrying the terminal 100 is taken. Under the condition that the persons approaching the gate apparatus 200 are lined up in order, the identification is considered to be easy. However, when a large number of people flood the entrance, a plurality of candidates may be photographed. In that case, as shown in the figure, the face regions 510 of a plurality of candidates may be photographed, and these may be collectively transmitted from the gate device 200 to the terminal 100.
 複数の顔写真の画像データを受信した端末100は、それらと個人情報メモリ150に格納される顔写真の画像データとを比較する。そして、それらのうち1つでも本人の顔と一致した場合には認証成功と判断するようにしてもよい。 The terminal 100 having received the image data of a plurality of face photographs compares them with the image data of the face photograph stored in the personal information memory 150. If even one of them matches the person's face, it may be determined that the authentication is successful.
 図11は、本技術の実施の形態における第2の変形例を示す図である。 FIG. 11 is a diagram showing a second modification example of the embodiment of the present technology.
 上述の第1の実施の形態では、1台のカメラ250により顔写真を撮影することを想定していたが、複数台のカメラにより撮影するようにしてもよい。これにより、通過者をできる限り限定することが可能となる。例えば、同図に示すように、複数のカメラ251および252を設置して、互いに異なる角度から撮影して、端末100に送信するようにしてもよい。 In the above-described first embodiment, it is assumed that one camera 250 takes a face picture, but a plurality of cameras may be taken. This makes it possible to limit the passersby as much as possible. For example, as shown in the figure, a plurality of cameras 251 and 252 may be installed, images may be taken from different angles, and the images may be transmitted to the terminal 100.
 この場合、複数の顔写真の画像データを受信した端末100は、それらと個人情報メモリ150に格納される顔写真の画像データとを比較する。そして、それらのうち1つでも本人の顔と一致した場合には認証成功と判断するようにしてもよい。 In this case, the terminal 100, which has received the image data of a plurality of face photographs, compares them with the image data of the face photographs stored in the personal information memory 150. If even one of them matches the person's face, it may be determined that the authentication is successful.
 <2.第2の実施の形態>
 上述の第1の実施の形態では、チケットの有効性を確認した上で顔写真を撮影していたが、顔写真の撮影を先に行うようにしてもよい。この第2の実施の形態では、ゲート装置200から顔写真の画像データを端末100が受け取った後に、端末100においてチケットの有効性を確認することを想定する。なお、ゲートシステムとしての基本的な構成は上述の第1の実施の形態と同様であるため、構成に関する詳細な説明は省略する。 <2. Second Embodiment>
In the above-described first embodiment, the face photograph is taken after confirming the validity of the ticket, but the face photograph may be taken first. In the second embodiment, it is assumed that the terminal 100 confirms the validity of the ticket after the terminal 100 receives the image data of the facial photograph from the gate device 200. Since the basic configuration of the gate system is the same as that of the first embodiment described above, detailed description of the configuration is omitted.
 [動作]
 図12は、本技術の第2の実施の形態における施設入場時の処理手順の一例を示す流れ図である。 [motion]
FIG. 12 is a flowchart showing an example of a processing procedure at the time of entering a facility according to the second embodiment of the present technology.
 チケットを購入した入場者は、端末100を携帯して入場口に向かう(ステップS941)。ゲート装置200に近づく人物がセンサ260により感知された際に、ゲート装置200のカメラ250がその人物の顔を撮影する(ステップS943)。 The attendee who purchased the ticket carries the terminal 100 and heads for the entrance (step S941). When a person approaching the gate apparatus 200 is detected by the sensor 260, the camera 250 of the gate apparatus 200 captures the face of the person (step S943).
 撮影された顔写真の画像データは、許可条件とともに端末100に送信される(ステップS944)。ここで、許可条件は、ゲート装置200を通過する許可を得るための条件であり、例えば、ゲート装置200を通過することが許されるチケットIDの範囲や、チケットIDの特定のフィールド値などが想定される。また、企業における社員の入門を管理する際、端末100に社員IDを格納して、入門可能な社員IDの範囲を許可条件により指定するようにしてもよい。 The image data of the photographed face photograph is transmitted to the terminal 100 together with the permission conditions (step S944). Here, the permission condition is a condition for obtaining permission to pass through the gate device 200. For example, a range of ticket IDs permitted to pass through the gate device 200, a specific field value of the ticket ID, and the like are assumed. To be done. Further, when managing entry of an employee in a company, the employee ID may be stored in the terminal 100 and the range of entryable employee IDs may be specified by permission conditions.
 撮影された顔写真の画像データは、一時メモリ240に一時的に記憶されるが、その後、すみやかに消去される(ステップS945)。 The image data of the photographed face photograph is temporarily stored in the temporary memory 240, but is then immediately deleted (step S945).
 顔写真の画像データおよび許可条件を受信した端末100は、受信メモリ140にそれらを記憶する。そして、個人情報メモリ150に格納されるチケットIDが、受信メモリ140に記憶された許可条件を満たすか否かを判断する(ステップS942)。許可条件を満たす場合には(ステップS942:Yes)、受信メモリ140に記憶した顔写真の画像データと、個人情報メモリ150に格納される顔写真の画像データとを、比較機160によって比較する(ステップS946)。この比較に基づく認証結果は送信機130からゲート装置200に送信される(ステップS947)。一方、許可条件を満たさない場合には(ステップS942:No)、顔写真の比較は行われない。 The terminal 100, which has received the image data of the facial photograph and the permission conditions, stores them in the reception memory 140. Then, it is determined whether the ticket ID stored in the personal information memory 150 satisfies the permission condition stored in the reception memory 140 (step S942). When the permission condition is satisfied (step S942: Yes), the image data of the facial photograph stored in the reception memory 140 and the image data of the facial photograph stored in the personal information memory 150 are compared by the comparator 160 ( Step S946). The authentication result based on this comparison is transmitted from the transmitter 130 to the gate device 200 (step S947). On the other hand, when the permission condition is not satisfied (step S942: No), the comparison of the face photographs is not performed.
 端末100から認証結果を受信したゲート装置200は、その認証結果が認証成功を示していれば(ステップS949:Yes)、その端末100を携帯する人物の入場を許可する(ステップS951)。すなわち、フラッパーゲート270を開けて通過させる等の処理を行う。一方、認証結果が認証失敗を示していれば(ステップS949:No)、その端末100を携帯する人物の入場を拒否する(ステップS952)。なお、一定期間を経過しても認証結果を受信しない場合には、認証に失敗したものと判断され、入場は拒否される(ステップS952)。 If the authentication result indicates that the authentication is successful (step S949: Yes), the gate apparatus 200 that has received the authentication result from the terminal 100 permits the person carrying the terminal 100 to enter (step S951). That is, processing such as opening the flapper gate 270 and passing it is performed. On the other hand, if the authentication result indicates that the authentication has failed (step S949: No), the person carrying the terminal 100 is denied entry (step S952). If the authentication result is not received even after a certain period of time, it is determined that the authentication has failed, and the entrance is rejected (step S952).
 このように、本技術の第2の実施の形態では、ゲート装置200が撮影した顔写真と許可条件を端末100に送信し、端末100において認証を行う。これにより、個人情報である顔写真の画像データを端末100以外の第三者の装置に登録することなく、端末100における認証結果を用いて、施設への入場を制御することができる。 As described above, in the second embodiment of the present technology, the facial photograph taken by the gate device 200 and the permission condition are transmitted to the terminal 100, and the terminal 100 performs authentication. Thereby, the entrance to the facility can be controlled by using the authentication result in the terminal 100 without registering the image data of the facial photograph, which is the personal information, in the device of the third party other than the terminal 100.
 なお、上述の第1の実施の形態において説明した変形例は、この第2の実施の形態についても同様に適用可能である。 Note that the modified example described in the above-described first embodiment can be similarly applied to this second embodiment.
 また、上述の実施の形態では、生体認証情報として顔写真の画像データを用いた例について説明したが、これに限定されるものではなく、例えば、指紋、静脈、虹彩などの他の生体認証情報を利用してもよい。 Further, in the above-described embodiment, the example in which the image data of the face photograph is used as the biometric authentication information has been described, but the present invention is not limited to this. For example, other biometric authentication information such as a fingerprint, a vein, or an iris. May be used.
 なお、上述の実施の形態は本技術を具現化するための一例を示したものであり、実施の形態における事項と、特許請求の範囲における発明特定事項とはそれぞれ対応関係を有する。同様に、特許請求の範囲における発明特定事項と、これと同一名称を付した本技術の実施の形態における事項とはそれぞれ対応関係を有する。ただし、本技術は実施の形態に限定されるものではなく、その要旨を逸脱しない範囲において実施の形態に種々の変形を施すことにより具現化することができる。 Note that the above-described embodiment shows an example for embodying the present technology, and the matters in the embodiment and the matters specifying the invention in the claims have a correspondence relationship. Similarly, the matters specifying the invention in the claims and the matters having the same names in the embodiments of the present technology have a correspondence relationship. However, the present technology is not limited to the embodiments and can be embodied by making various modifications to the embodiments without departing from the gist thereof.
 また、上述の実施の形態において説明した処理手順は、これら一連の手順を有する方法として捉えてもよく、また、これら一連の手順をコンピュータに実行させるためのプログラム乃至そのプログラムを記憶する記録媒体として捉えてもよい。この記録媒体として、例えば、CD(Compact Disc)、MD(MiniDisc)、DVD(Digital Versatile Disc)、メモリカード、ブルーレイディスク(Blu-ray(登録商標)Disc)等を用いることができる。 Further, the processing procedure described in the above-described embodiment may be regarded as a method having these series of procedures, or as a program for causing a computer to execute these series of procedures or a recording medium storing the program. You can catch it. As this recording medium, for example, a CD (Compact Disc), an MD (MiniDisc), a DVD (Digital Versatile Disc), a memory card, a Blu-ray disc (Blu-ray (registered trademark) Disc), or the like can be used.
 なお、本明細書に記載された効果はあくまで例示であって、限定されるものではなく、また、他の効果があってもよい。 It should be noted that the effects described in the present specification are merely examples, and the effects are not limited and may have other effects.
 なお、本技術は以下のような構成もとることができる。
(1)装置所有者の生体認証情報である第1の生体認証情報および資格情報を関連付けて記憶するメモリと、
 他の装置において取得された認証対象者の生体認証情報である第2の生体認証情報を受信する受信部と、
 前記第1の生体認証情報と前記第2の生体認証情報とを比較して認証結果を生成する比較部と、
 前記資格情報が所定の条件を満たす場合に前記認証結果を前記他の装置に送信する送信部と
を具備する認証装置。
(2)前記送信部は、前記資格情報を前記他の装置に送信し、
 前記受信部は、前記資格情報について前記所定の条件を満たす旨が前記他の装置において判断された場合に前記他の装置から前記第2の生体認証情報を受信する
前記(1)に記載の認証装置。
(3)前記受信部は、前記他の装置における許可条件を前記他の装置からさらに受信し、
 前記送信部は、前記資格情報が前記許可条件を満たす場合に前記所定の条件を満たすものとして前記認証結果を前記他の装置に送信する
前記(1)に記載の認証装置。
(4)前記受信部および前記送信部は、所定の1対1通信により前記他の装置との間で送受信を行う
前記(1)から(3)のいずれかに記載の認証装置。
(5)前記第1および第2の生体認証情報は、人物の顔画像である
前記(1)から(4)のいずれかに記載の認証装置。
(6)前記第2の生体認証情報は、複数の顔画像を備え、
 前記比較部は、前記第2の生体認証情報の何れかの顔画像が前記第1の生体認証情報の顔画像と一致した場合に認証成功した旨の前記認証結果を生成する
前記(5)に記載の認証装置。
(7)前記第2の生体認証情報の複数の顔画像は、互いに異なる人物の顔画像である
前記(6)に記載の認証装置。
(8)前記第2の生体認証情報の複数の顔画像は、同一人物の異なる角度の顔画像である
前記(6)に記載の認証装置。
(9)前記資格情報は、施設への入場資格に関する情報であり、
 前記送信部は、前記第1の生体認証情報と前記第2の生体認証情報とが一致し、かつ、前記資格情報が所定の条件を満たす場合に、前記施設への入場を許可する旨の通知を前記他の装置に送信する
前記(1)から(8)のいずれかに記載の認証装置。
(10)他の装置の所有者の第1の生体認証情報および資格情報を関連付けて記憶する前記他の装置から前記資格情報を受信する受信部と、
 前記資格情報が所定の条件を満たす場合に接近者の生体認証情報である第2の生体認証情報を取得する取得部と、
 前記第2の生体認証情報を前記他の装置に送信する送信部と、
 前記第1の生体認証情報と前記第2の生体認証情報との比較に基づく認証結果を前記他の装置から受けて前記認証結果に応じた制御を行う制御部と
を具備する認証装置。
(11)開閉動作を行うゲート部をさらに具備し、
 前記制御部は、前記認証結果に応じて前記ゲート部を制御する
前記(10)に記載の認証装置。
(12)前記制御部は、前記取得部によって取得された前記第2の生体認証情報が前記送信部によって送信された後に前記第2の生体認証情報を消去する
前記(10)または(11)に記載の認証装置。
(13)他の装置の所有者の第1の生体認証情報および資格情報を関連付けて記憶する前記他の装置が接近した際に接近者の生体認証情報である第2の生体認証情報を取得する取得部と、
 前記第2の生体認証情報および許可条件を前記他の装置に送信する送信部と、
 前記資格情報が前記許可条件を満たす場合に前記第1の生体認証情報と前記第2の生体認証情報との比較に基づく認証結果を前記他の装置から受けて前記認証結果に応じた制御を行う制御部と
を具備する認証装置。
(14)開閉動作を行うゲート部をさらに具備し、
 前記制御部は、前記認証結果に応じて前記ゲート部を制御する
前記(13)に記載の認証装置。
(15)前記制御部は、前記取得部によって取得された前記第2の生体認証情報が前記送信部によって送信された後に前記第2の生体認証情報を消去する
前記(13)または(14)に記載の認証装置。
(16)装置所有者の生体認証情報である第1の生体認証情報および資格情報を関連付けて記憶する認証装置における認証方法であって、
 受信部が、他の装置において取得された認証対象者の生体認証情報である第2の生体認証情報を受信する手順と、
 比較部が、前記第1の生体認証情報と前記第2の生体認証情報とを比較して認証結果を生成する手順と、
 送信部が、前記資格情報が所定の条件を満たす場合に前記認証結果を前記他の装置に送信する手順と
を具備する認証方法。
(17)受信部が、他の装置の所有者の第1の生体認証情報および資格情報を関連付けて記憶する前記他の装置から前記資格情報を受信する手順と、
 取得部が、前記資格情報が所定の条件を満たす場合に接近者の生体認証情報である第2の生体認証情報を取得する手順と、
 送信部が、前記第2の生体認証情報を前記他の装置に送信する手順と、
 制御部が、前記第1の生体認証情報と前記第2の生体認証情報との比較に基づく認証結果を前記他の装置から受けて前記認証結果に応じた制御を行う手順と
を具備する認証方法。
(18)取得部が、他の装置の所有者の第1の生体認証情報および資格情報を関連付けて記憶する前記他の装置が接近した際に接近者の生体認証情報である第2の生体認証情報を取得する手順と、
 送信部が、前記第2の生体認証情報および許可条件を前記他の装置に送信する手順と、
 制御部が、前記資格情報が前記許可条件を満たす場合に前記第1の生体認証情報と前記第2の生体認証情報との比較に基づく認証結果を前記他の装置から受けて前記認証結果に応じた制御を行う手順と
を具備する認証方法。
(19)装置所有者の生体認証情報である第1の生体認証情報および資格情報を関連付けて記憶する認証装置において、
 他の装置において取得された認証対象者の生体認証情報である第2の生体認証情報を受信する手順と、
 前記第1の生体認証情報と前記第2の生体認証情報とを比較して認証結果を生成する手順と、
 前記資格情報が所定の条件を満たす場合に前記認証結果を前記他の装置に送信する手順と
をコンピュータに実行させるプログラム。 The present technology may have the following configurations.
(1) A memory that stores the first biometric information that is the biometric information of the device owner and the qualification information in association with each other;
A receiving unit that receives the second biometric authentication information that is the biometric authentication information of the authentication target person acquired in another device;
A comparing unit configured to compare the first biometric authentication information and the second biometric authentication information to generate an authentication result;
An authentication device, comprising: a transmission unit that transmits the authentication result to the other device when the qualification information satisfies a predetermined condition.
(2) The transmission unit transmits the qualification information to the other device,
The authentication according to (1), wherein the receiving unit receives the second biometric authentication information from the other device when the other device determines that the predetermined condition is satisfied for the qualification information. apparatus.
(3) The receiving unit further receives permission conditions for the other device from the other device,
The authentication device according to (1), wherein the transmission unit transmits the authentication result to the other device assuming that the predetermined condition is satisfied when the qualification information satisfies the permission condition.
(4) The authentication device according to any one of (1) to (3), wherein the reception unit and the transmission unit perform transmission and reception with the other device by predetermined one-to-one communication.
(5) The authentication device according to any one of (1) to (4), wherein the first and second biometric authentication information is a face image of a person.
(6) The second biometric authentication information includes a plurality of face images,
In the above (5), the comparison unit generates the authentication result indicating that the authentication is successful when any face image of the second biometric authentication information matches the face image of the first biometric authentication information. The described authentication device.
(7) The authentication device according to (6), wherein the plurality of face images of the second biometric authentication information are face images of different persons.
(8) The authentication device according to (6), wherein the plurality of face images of the second biometric authentication information are face images of the same person at different angles.
(9) The qualification information is information regarding the qualification for admission to the facility,
The transmitting unit notifies the admission to the facility when the first biometric authentication information and the second biometric authentication information match and the qualification information satisfies a predetermined condition. The authentication device according to any one of (1) to (8), wherein the authentication device transmits the message to the other device.
(10) A receiving unit that receives the qualification information from the other device that stores the first biometric authentication information and the qualification information of the owner of the other device in association with each other,
An acquisition unit that acquires second biometric information that is biometric information of an approaching individual when the qualification information satisfies a predetermined condition;
A transmitting unit that transmits the second biometric authentication information to the other device;
An authentication device, comprising: a control unit that receives an authentication result based on a comparison between the first biometric authentication information and the second biometric authentication information from the other device and performs control according to the authentication result.
(11) Further comprising a gate unit for opening and closing,
The said control part is an authentication device as described in said (10) which controls the said gate part according to the said authentication result.
(12) In the above (10) or (11), the control unit erases the second biometric authentication information after the second biometric authentication information acquired by the acquisition unit is transmitted by the transmission unit. The described authentication device.
(13) Obtaining second biometric authentication information that is biometric authentication information of an approaching individual when the other device that stores the first biometric authentication information and the qualification information of the owner of the other device in association with each other approaches The acquisition part,
A transmission unit that transmits the second biometric authentication information and the permission condition to the other device;
When the qualification information satisfies the permission condition, an authentication result based on the comparison between the first biometric authentication information and the second biometric authentication information is received from the other device, and control is performed according to the authentication result. An authentication device including a control unit.
(14) Further comprising a gate unit for opening and closing,
The said control part is an authentication apparatus as described in said (13) which controls the said gate part according to the said authentication result.
(15) In the above (13) or (14), the control unit deletes the second biometric authentication information after the second biometric authentication information acquired by the acquisition unit is transmitted by the transmission unit. The described authentication device.
(16) An authentication method in an authentication device, which stores the first biometric authentication information that is the biometric authentication information of the device owner and the qualification information in association with each other,
A procedure in which the receiving unit receives the second biometric authentication information that is the biometric authentication information of the authentication target person acquired in another device;
A procedure in which the comparison unit compares the first biometric authentication information with the second biometric authentication information to generate an authentication result;
And a transmitting unit transmitting the authentication result to the other device when the qualification information satisfies a predetermined condition.
(17) A procedure in which the reception unit receives the qualification information from the other device that stores the first biometric authentication information and the qualification information of the owner of the other device in association with each other,
A procedure in which the acquisition unit acquires second biometric authentication information that is biometric authentication information of an approaching individual when the qualification information satisfies a predetermined condition;
A procedure in which the transmission unit transmits the second biometric authentication information to the other device;
An authentication method, including a procedure in which a control unit receives an authentication result based on a comparison between the first biometric authentication information and the second biometric authentication information from the other device and performs control according to the authentication result. ..
(18) Second biometric authentication, which is biometric authentication information of an approaching individual when the acquisition unit associates and stores the first biometric authentication information and qualification information of the owner of the other device when the other device approaches The steps to get the information,
A procedure in which the transmission unit transmits the second biometric authentication information and the permission condition to the other device;
The control unit receives an authentication result based on the comparison between the first biometric authentication information and the second biometric authentication information from the other device when the qualification information satisfies the permission condition, and responds to the authentication result. An authentication method including a procedure for performing the above control.
(19) In an authentication device that stores the first biometric authentication information that is the biometric authentication information of the device owner and the qualification information in association with each other,
A procedure of receiving second biometrics information, which is the biometrics information of the authentication target person acquired in another device,
A procedure of comparing the first biometric authentication information and the second biometric authentication information to generate an authentication result;
A program for causing a computer to execute a procedure of transmitting the authentication result to the other device when the qualification information satisfies a predetermined condition.
 100 端末
 110 アンテナ
 115 アンテナスイッチ
 120 受信機
 130 送信機
 140 受信メモリ
 150 個人情報メモリ
 160 比較機
 180 カメラ
 190 制御部
 200 ゲート装置
 210 アンテナ
 215 アンテナスイッチ
 220 受信機
 230 送信機
 240 一時メモリ
 250~252 カメラ
 260 センサ
 270 フラッパーゲート
 280 表示部
 290 制御部
 300 販売装置 100 terminal 110 antenna 115 antenna switch 120 receiver 130 transmitter 140 reception memory 150 personal information memory 160 comparator 180 camera 190 control unit 200 gate device 210 antenna 215 antenna switch 220 receiver 230 transmitter 240 temporary memory 250-252 camera 260 Sensor 270 Flapper gate 280 Display unit 290 Control unit 300 Sales device

Claims (19)

  1.  装置所有者の生体認証情報である第1の生体認証情報および資格情報を関連付けて記憶するメモリと、
     他の装置において取得された認証対象者の生体認証情報である第2の生体認証情報を受信する受信部と、
     前記第1の生体認証情報と前記第2の生体認証情報とを比較して認証結果を生成する比較部と、
     前記資格情報が所定の条件を満たす場合に前記認証結果を前記他の装置に送信する送信部と
     を具備する認証装置。     A memory that stores the first biometric information that is the biometric authentication information of the device owner and the qualification information in association with each other;
    A receiving unit that receives the second biometric authentication information that is the biometric authentication information of the authentication target person acquired in another device;
    A comparing unit configured to compare the first biometric authentication information and the second biometric authentication information to generate an authentication result;
    An authentication device, comprising: a transmission unit that transmits the authentication result to the other device when the qualification information satisfies a predetermined condition.
  2.  前記送信部は、前記資格情報を前記他の装置に送信し、
     前記受信部は、前記資格情報について前記所定の条件を満たす旨が前記他の装置において判断された場合に前記他の装置から前記第2の生体認証情報を受信する
     請求項1記載の認証装置。     The transmission unit transmits the qualification information to the other device,
    The authentication device according to claim 1, wherein the reception unit receives the second biometric authentication information from the other device when the other device determines that the predetermined condition is satisfied for the qualification information.
  3.  前記受信部は、前記他の装置における許可条件を前記他の装置からさらに受信し、
     前記送信部は、前記資格情報が前記許可条件を満たす場合に前記所定の条件を満たすものとして前記認証結果を前記他の装置に送信する
     請求項1記載の認証装置。     The receiving unit further receives permission conditions for the other device from the other device,
    The authentication device according to claim 1, wherein the transmission unit transmits the authentication result to the other device assuming that the predetermined condition is satisfied when the qualification information satisfies the permission condition.
  4.  前記受信部および前記送信部は、所定の1対1通信により前記他の装置との間で送受信を行う
     請求項1記載の認証装置。     The authentication device according to claim 1, wherein the reception unit and the transmission unit perform transmission and reception with the other device by predetermined one-to-one communication.
  5.  前記第1および第2の生体認証情報は、人物の顔画像である
     請求項1記載の認証装置。     The authentication device according to claim 1, wherein the first and second biometric authentication information is a face image of a person.
  6.  前記第2の生体認証情報は、複数の顔画像を備え、
     前記比較部は、前記第2の生体認証情報の何れかの顔画像が前記第1の生体認証情報の顔画像と一致した場合に認証成功した旨の前記認証結果を生成する
     請求項5記載の認証装置。     The second biometric information includes a plurality of face images,
    The said comparison part produces|generates the said authentication result that authentication was successful, when the face image of any of the said 2nd biometrics information matches the face image of the said 1st biometrics information. Authentication device.
  7.  前記第2の生体認証情報の複数の顔画像は、互いに異なる人物の顔画像である
     請求項6記載の認証装置。     The authentication device according to claim 6, wherein the plurality of face images of the second biometric authentication information are face images of different persons.
  8.  前記第2の生体認証情報の複数の顔画像は、同一人物の異なる角度の顔画像である
     請求項6記載の認証装置。     The authentication device according to claim 6, wherein the plurality of face images of the second biometric authentication information are face images of the same person at different angles.
  9.  前記資格情報は、施設への入場資格に関する情報であり、
     前記送信部は、前記第1の生体認証情報と前記第2の生体認証情報とが一致し、かつ、前記資格情報が所定の条件を満たす場合に、前記施設への入場を許可する旨の通知を前記他の装置に送信する
     請求項1記載の認証装置。     The qualification information is information about the qualification for entering the facility,
    The transmitting unit notifies the admission to the facility when the first biometric authentication information and the second biometric authentication information match and the qualification information satisfies a predetermined condition. Is transmitted to the other device.
  10.  他の装置の所有者の第1の生体認証情報および資格情報を関連付けて記憶する前記他の装置から前記資格情報を受信する受信部と、
     前記資格情報が所定の条件を満たす場合に接近者の生体認証情報である第2の生体認証情報を取得する取得部と、
     前記第2の生体認証情報を前記他の装置に送信する送信部と、
     前記第1の生体認証情報と前記第2の生体認証情報との比較に基づく認証結果を前記他の装置から受けて前記認証結果に応じた制御を行う制御部と
     を具備する認証装置。     A receiver for receiving the qualification information from the other device that stores the first biometric information and the qualification information of the owner of the other device in association with each other;
    An acquisition unit that acquires second biometric information that is biometric information of an approaching individual when the qualification information satisfies a predetermined condition;
    A transmitting unit that transmits the second biometric authentication information to the other device;
    An authentication device, comprising: a control unit that receives an authentication result based on a comparison between the first biometric authentication information and the second biometric authentication information from the other device and performs control according to the authentication result.
  11.  開閉動作を行うゲート部をさらに具備し、
     前記制御部は、前記認証結果に応じて前記ゲート部を制御する
     請求項10記載の認証装置。     Further comprising a gate unit for opening and closing operation,
    The authentication device according to claim 10, wherein the control unit controls the gate unit according to the authentication result.
  12.  前記制御部は、前記取得部によって取得された前記第2の生体認証情報が前記送信部によって送信された後に前記第2の生体認証情報を消去する
     請求項10記載の認証装置。     The authentication device according to claim 10, wherein the control unit deletes the second biometric authentication information after the second biometric authentication information acquired by the acquisition unit is transmitted by the transmission unit.
  13.  他の装置の所有者の第1の生体認証情報および資格情報を関連付けて記憶する前記他の装置が接近した際に接近者の生体認証情報である第2の生体認証情報を取得する取得部と、
     前記第2の生体認証情報および許可条件を前記他の装置に送信する送信部と、
     前記資格情報が前記許可条件を満たす場合に前記第1の生体認証情報と前記第2の生体認証情報との比較に基づく認証結果を前記他の装置から受けて前記認証結果に応じた制御を行う制御部と
     を具備する認証装置。     An acquisition unit that stores the first biometric authentication information and the qualification information of the owner of the other device in association with each other and acquires the second biometric authentication information that is the biometric authentication information of the approaching individual when the other device approaches. ,
    A transmission unit that transmits the second biometric authentication information and the permission condition to the other device;
    When the qualification information satisfies the permission condition, an authentication result based on the comparison between the first biometric authentication information and the second biometric authentication information is received from the other device, and control is performed according to the authentication result. An authentication device including a control unit.
  14.  開閉動作を行うゲート部をさらに具備し、
     前記制御部は、前記認証結果に応じて前記ゲート部を制御する
     請求項13記載の認証装置。     Further comprising a gate unit for opening and closing operation,
    The authentication device according to claim 13, wherein the control unit controls the gate unit according to the authentication result.
  15.  前記制御部は、前記取得部によって取得された前記第2の生体認証情報が前記送信部によって送信された後に前記第2の生体認証情報を消去する
     請求項13記載の認証装置。     The authentication device according to claim 13, wherein the control unit deletes the second biometric authentication information after the second biometric authentication information acquired by the acquisition unit is transmitted by the transmission unit.
  16.  装置所有者の生体認証情報である第1の生体認証情報および資格情報を関連付けて記憶する認証装置における認証方法であって、
     受信部が、他の装置において取得された認証対象者の生体認証情報である第2の生体認証情報を受信する手順と、
     比較部が、前記第1の生体認証情報と前記第2の生体認証情報とを比較して認証結果を生成する手順と、
     送信部が、前記資格情報が所定の条件を満たす場合に前記認証結果を前記他の装置に送信する手順と
     を具備する認証方法。     An authentication method in an authentication device, which stores first biometric information that is device authentication biometric information and credential information in association with each other,
    A procedure in which the receiving unit receives the second biometric authentication information that is the biometric authentication information of the authentication target person acquired in another device;
    A procedure in which the comparison unit compares the first biometric authentication information with the second biometric authentication information to generate an authentication result;
    A transmitting unit transmitting the authentication result to the other device when the qualification information satisfies a predetermined condition.
  17.  受信部が、他の装置の所有者の第1の生体認証情報および資格情報を関連付けて記憶する前記他の装置から前記資格情報を受信する手順と、
     取得部が、前記資格情報が所定の条件を満たす場合に接近者の生体認証情報である第2の生体認証情報を取得する手順と、
     送信部が、前記第2の生体認証情報を前記他の装置に送信する手順と、
     制御部が、前記第1の生体認証情報と前記第2の生体認証情報との比較に基づく認証結果を前記他の装置から受けて前記認証結果に応じた制御を行う手順と
     を具備する認証方法。     A procedure in which the receiving unit receives the qualification information from the other device that stores the first biometric information and the qualification information of the owner of the other device in association with each other;
    A procedure in which the acquisition unit acquires second biometric authentication information that is biometric authentication information of an approaching individual when the qualification information satisfies a predetermined condition;
    A procedure in which the transmission unit transmits the second biometric authentication information to the other device;
    An authentication method, wherein the control unit receives an authentication result based on a comparison between the first biometric authentication information and the second biometric authentication information from the other device, and performs control according to the authentication result. ..
  18.  取得部が、他の装置の所有者の第1の生体認証情報および資格情報を関連付けて記憶する前記他の装置が接近した際に接近者の生体認証情報である第2の生体認証情報を取得する手順と、
     送信部が、前記第2の生体認証情報および許可条件を前記他の装置に送信する手順と、
     制御部が、前記資格情報が前記許可条件を満たす場合に前記第1の生体認証情報と前記第2の生体認証情報との比較に基づく認証結果を前記他の装置から受けて前記認証結果に応じた制御を行う手順と
     を具備する認証方法。     The acquisition unit acquires the second biometric authentication information that is the biometric authentication information of the approaching individual when the other device that stores the first biometric authentication information and the qualification information of the owner of the other device in association with each other approaches. Steps to
    A procedure in which the transmission unit transmits the second biometric authentication information and the permission condition to the other device;
    The control unit receives an authentication result based on the comparison between the first biometric authentication information and the second biometric authentication information from the other device when the qualification information satisfies the permission condition, and responds to the authentication result. An authentication method comprising a procedure for performing the above control.
  19.  装置所有者の生体認証情報である第1の生体認証情報および資格情報を関連付けて記憶する認証装置において、
     他の装置において取得された認証対象者の生体認証情報である第2の生体認証情報を受信する手順と、
     前記第1の生体認証情報と前記第2の生体認証情報とを比較して認証結果を生成する手順と、
     前記資格情報が所定の条件を満たす場合に前記認証結果を前記他の装置に送信する手順と
     をコンピュータに実行させるプログラム。     In an authentication device that stores the first biometric authentication information that is the biometric authentication information of the device owner and the qualification information in association with each other,
    A procedure of receiving second biometrics information, which is the biometrics information of the authentication target person acquired in another device,
    A procedure of comparing the first biometric authentication information and the second biometric authentication information to generate an authentication result;
    A program for causing a computer to execute a procedure of transmitting the authentication result to the other device when the qualification information satisfies a predetermined condition.
PCT/JP2019/047602 2018-12-19 2019-12-05 Authentication device, authentication method, and program WO2020129675A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
JP2020561294A JP7458991B2 (en) 2018-12-19 2019-12-05 Authentication device, authentication method and program

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2018-236912 2018-12-19
JP2018236912 2018-12-19

Publications (1)

Publication Number Publication Date
WO2020129675A1 true WO2020129675A1 (en) 2020-06-25

Family

ID=71100838

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2019/047602 WO2020129675A1 (en) 2018-12-19 2019-12-05 Authentication device, authentication method, and program

Country Status (2)

Country Link
JP (1) JP7458991B2 (en)
WO (1) WO2020129675A1 (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2006132278A (en) * 2004-11-09 2006-05-25 Toshiba Corp Authentication system
JP2014161006A (en) * 2013-01-24 2014-09-04 Ricoh Co Ltd Entrance/exit management system and entrance/exit management device
JP2017117301A (en) * 2015-12-25 2017-06-29 サイレックス・テクノロジー株式会社 Ticket issuing system
JP2017182326A (en) * 2016-03-29 2017-10-05 ナスクインターナショナル株式会社 Qualification authentication system using mobile terminal, qualification authentication tool and qualification authentication method

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2006132278A (en) * 2004-11-09 2006-05-25 Toshiba Corp Authentication system
JP2014161006A (en) * 2013-01-24 2014-09-04 Ricoh Co Ltd Entrance/exit management system and entrance/exit management device
JP2017117301A (en) * 2015-12-25 2017-06-29 サイレックス・テクノロジー株式会社 Ticket issuing system
JP2017182326A (en) * 2016-03-29 2017-10-05 ナスクインターナショナル株式会社 Qualification authentication system using mobile terminal, qualification authentication tool and qualification authentication method

Also Published As

Publication number Publication date
JPWO2020129675A1 (en) 2021-11-04
JP7458991B2 (en) 2024-04-01

Similar Documents

Publication Publication Date Title
JP7240030B2 (en) Identity authentication method, device and server
US11568695B1 (en) Information-based, biometric, asynchronous access control system
US11205312B2 (en) Applying image analytics and machine learning to lock systems in hotels
US20150040212A1 (en) Locking apparatus with enhanced security using iris image
KR102008194B1 (en) System and method for checking in and out of books by facial recognition
US20210006558A1 (en) Method, apparatus and system for performing authentication using face recognition
KR102259578B1 (en) System and method for certificating adult
KR100965428B1 (en) The system and operating method using two different positioned intelligent cameras for automatic verification of authenticated person&#39;s entrance
WO2019245383A1 (en) Improved access control system and a method thereof controlling access of persons into restricted areas
US10673844B2 (en) Method for providing an access code on a portable device and portable device
JP7400862B2 (en) information processing equipment
KR101345018B1 (en) Teminal and security certification system therewith
US8065528B2 (en) Authentication device, authentication method, authentication program and computer readable recording medium
JP2007233609A (en) Authentication device, authentication system, and authentication method
KR102304731B1 (en) Illegal Admission Checking system By Block Chain and Method thereof
JP2019079511A (en) Method for confirming access permission by using access control system
WO2020129675A1 (en) Authentication device, authentication method, and program
US20220270423A1 (en) Identity-based enablement of event access control
JP7316981B2 (en) Face authentication server, information processing method and information processing system
TWM512176U (en) Improved personal access management device
JP3905090B2 (en) MOBILE BODY DEVICE SYSTEM, AUTHENTICATION SYSTEM, MOBILE BODY MOUNTING DEVICE, AND AUTHENTICATION PROGRAM
WO2022234613A1 (en) System, gate device, control method for gate device, and storage medium
WO2023188003A1 (en) Use control terminal, system and method, use management server and method, and computer-readable medium
JP7332079B1 (en) Terminal, system, terminal control method and program
WO2022260199A1 (en) User authentication device and user authentication method

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19899996

Country of ref document: EP

Kind code of ref document: A1

ENP Entry into the national phase

Ref document number: 2020561294

Country of ref document: JP

Kind code of ref document: A

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 19899996

Country of ref document: EP

Kind code of ref document: A1