WO2021229763A1 - 認証方法、認証プログラム及び認証装置 - Google Patents

認証方法、認証プログラム及び認証装置 Download PDF

Info

Publication number
WO2021229763A1
WO2021229763A1 PCT/JP2020/019328 JP2020019328W WO2021229763A1 WO 2021229763 A1 WO2021229763 A1 WO 2021229763A1 JP 2020019328 W JP2020019328 W JP 2020019328W WO 2021229763 A1 WO2021229763 A1 WO 2021229763A1
Authority
WO
WIPO (PCT)
Prior art keywords
face image
feature information
list data
authentication
biometric information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/JP2020/019328
Other languages
English (en)
French (fr)
Japanese (ja)
Inventor
一樹 長村
太一 村瀬
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Fujitsu Ltd
Original Assignee
Fujitsu Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Fujitsu Ltd filed Critical Fujitsu Ltd
Priority to PCT/JP2020/019328 priority Critical patent/WO2021229763A1/ja
Priority to JP2022522446A priority patent/JP7327662B2/ja
Priority to CN202080100367.4A priority patent/CN115461741A/zh
Priority to EP20935628.6A priority patent/EP4152183A4/en
Publication of WO2021229763A1 publication Critical patent/WO2021229763A1/ja
Priority to US17/968,826 priority patent/US20230044788A1/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan

Definitions

  • the present invention relates to authentication technology.
  • one-to-N authentication that identifies a specific individual from a large number of people using one type of biometric information is known. While one-to-N authentication does not require ID (IDentification) key input or card presentation, its accuracy is limited by a single biometric information modality alone.
  • ID IDentification
  • an authentication system that uses both face authentication and vein authentication has been proposed.
  • a first photographing device installed at the entrance of a store photographs the face of a person entering the store from the entrance of the store.
  • a part of the vein recognition registration data is narrowed down as authentication candidates from the vein recognition registration data of N users by using the face image taken by the first photographing device.
  • the above authentication system only narrows down an unspecified number of authentication candidates in the order of entry into the store, and the authentication time may increase.
  • the vein authentication registration data associated with the face image shooting date and time in the past predetermined time zone is used for the verification of the vein authentication in the order of entering the store.
  • the order of entering the store and the order of arrival at the counter do not always match.
  • the verification of the vein authentication is repeated until the final verification of the vein authentication registration data narrowed down as the authentication candidate is repeated, and as a result, the authentication time is increased.
  • the biometric information of the person is stored in association with the feature information of the face image of the person.
  • the first biometric information group including a plurality of biometric information associated with the feature information whose similarity with the feature information of the first face image included in the first captured data satisfies the criteria with reference to the section.
  • a second biometric information group including a plurality of biometric information associated with the feature information whose similarity with the feature information of the second facial image included in the second captured data satisfies the criteria.
  • the feature information of the third face image included in the third shooting data, the feature information of the first face image, and the second face image are received. Based on the degree of similarity with each of the feature information of the face image, any one of the first biometric information group and the second biometric information group is specified, and the biometric information detected by the sensor is obtained.
  • the computer executes an authentication process using the acquired biometric information and a plurality of biometric information included in the specified biometric information group.
  • the authentication time can be shortened.
  • FIG. 1 is a block diagram showing an example of a functional configuration of each device included in the authentication system according to the first embodiment.
  • FIG. 2 is a diagram showing an example of narrowed-down list data.
  • FIG. 3 is a diagram showing an implementation example of the store-side system.
  • FIG. 4 is a diagram showing an example of narrowed-down list data.
  • FIG. 5 is a diagram showing an example of a control sequence of the first specific process according to the first embodiment.
  • FIG. 6 is a diagram showing an example of a control sequence of the second specific process according to the first embodiment.
  • FIG. 7 is a diagram showing an example of a control sequence of the first specific process according to the application example.
  • FIG. 8 is a diagram showing an example of sorted list data.
  • FIG. 9 is a diagram showing an example of a computer hardware configuration.
  • FIG. 1 is a block diagram showing an example of a functional configuration of each device included in the authentication system according to the first embodiment.
  • a plurality of types of biometric information can be obtained from the aspect corresponding to a use case in which the number of registered biometric information N can be expanded to a scale of millions or tens of millions. It provides a multi-biometric authentication service that authenticates the person by using it.
  • palm veins and face information are used as examples of a plurality of types of biometric information from the aspect of realizing non-contact authentication while eliminating the need for ID key input and card presentation.
  • face information is used as the first modality to narrow down the collation target person to be collated by the person authentication from the number of registrants N
  • the palm is used as the second modality to authenticate the person from the collation target persons narrowed down by the first modality.
  • Veins are used.
  • the "modality" referred to here can correspond to a term such as a type of biometric information or a biometric identification site.
  • the authentication system 1 may include a server device 10 and a store-side system 30 as an example.
  • the server device 10 and the store-side system 30 may be connected via an arbitrary network.
  • the server device 10 is an example of a computer that provides the above-mentioned multi-biometric authentication service.
  • the server device 10 corresponds to an example of an authentication device.
  • the server device 10 can be implemented as package software or online software by installing an authentication program that realizes the above-mentioned multi-biometric authentication service on an arbitrary computer.
  • the server device 10 can be implemented as a server that provides the above-mentioned functions related to the multi-biometric authentication service on-premises, for example, a Web server.
  • the server device 10 may be implemented as a SaaS (Software as a Service) type application to provide the above-mentioned multi-biometric authentication service as a cloud service.
  • SaaS Software as a Service
  • the store-side system 30 corresponds to an example of the components provided on the store-side of the authentication system 1 shown in FIG.
  • the store-side system 30 extracts biological information of the first modality, for example, a facial feature amount from a face image of a person entering the store from the entrance of the store, or acquires it at a counter where payment is made at the store.
  • biological information of the second modality for example, the feature amount of the palm vein is extracted from the vein image.
  • FIG. 2 is a diagram showing an example of narrowed-down list data.
  • FIG. 2 illustrates, as an example, three refined list data L11 to L13 generated by using the prior art.
  • the narrowing list data L11 the face of the user U1 entering the store is narrowed down by using the face image included in the shooting data taken at 9:00 on December 24, 2019.
  • the narrowing list data L12 the face of the user U2 entering the store is narrowed down by using the face image included in the shooting data taken at 9:01 on December 24, 2019.
  • the face of the user U3 entering the store is narrowed down by using the face image included in the shooting data taken at 9:02 on December 24, 2019.
  • the degree of similarity with the input face information acquired from the face image taken at the time of entering the store is the top predetermined number, for example, the top nine.
  • An example is given in which the registered palm vein information associated with the registered face information of is narrowed down.
  • the input palm vein information acquired by the counter of the store is the order of entry into the store, that is, narrowing down.
  • the list data L11, the narrowed list data L12, and the narrowed list data L13 are collated in this order.
  • the order of entering the store and the order of arrival at the counter do not always match.
  • the input palm vein information f Palm_U3 of the user U3 thus acquired by the counter or the like of the store is collated in the following order. That is, as shown in FIG. 2, registered palm vein information group F Palm_L11 of narrowing the list data L11, registered palm vein information group F Palm_L12 of narrowing the list data L12, registered palm vein information group narrowing list data L13 F Palm_L13 It is collated in the order of.
  • the narrowed-down list data L13 narrowed down when the face image of the user U3 is taken is the narrowed-down list data narrowed down when the face image of the user U1 and the user U2 who entered the store before the user U3 was taken. It is collated after L11 and the refined list data L12.
  • the multi-biometric authentication service an approach of dividing the narrowing down using face information into two is adopted.
  • the face image of the first modality taken at the time of entering the store is used to generate a narrowing list including the registered biometric information group of the second modality.
  • the face image of the first modality taken at the time of payment is specified from a plurality of narrowing lists to the narrowing list to be collated by the personal authentication of the second modality. Used for.
  • FIG. 3 is a diagram showing an implementation example of the store-side system 30.
  • FIG. 3 shows an example of applying a multi-biometric authentication service to personal authentication at the time of payment of purchased products at a store without a cash register, an unmanned cash register, a self-checkout, or the like.
  • the store-side system 30 may include a first camera 31A installed so as to be able to photograph the face of a person entering the store from the entrance of the store 3.
  • the store-side system 30 may include a terminal 32 installed in the payment counter of the store 3.
  • the terminal 32 has a reading unit that reads product information, such as the name and price of a product, from tags, barcodes, etc. attached to the product, as well as a list and total of products that the user of the store 3 targets for purchase.
  • a display unit 35 or the like that displays various types of amounts and the like may be connected.
  • the store-side system 30 may include a second camera 32A installed in a state in which the face of a person using the terminal 32 can be photographed.
  • the second camera 32A can be realized as an in-camera arranged with the lens facing in the same direction as the screen orientation of the display unit 35.
  • the store-side system 30 may include a sensor 33 that detects a palm vein of a person who uses the terminal 32.
  • the above narrowing list is generated using face information extracted from the face image included in the shooting data of the first camera 31A, for example, a face feature amount.
  • face information at the time of entering the store since the face information extracted from the face image included in the shooting data of the first camera 31A has an aspect of being extracted at the time of entering the store 3, it is hereinafter referred to as "face information at the time of entering the store". May be done.
  • face information at the time of entering the store May be done.
  • the narrowing list among the registered palm vein information for which user registration has been performed, the registered palm vein information associated with each of the registered face information having a similarity degree with the face information at the time of entering the store up to a predetermined number is high. Is generated by listing.
  • Face information at the time of entering the store can be associated with the registered palm vein information listed in this way.
  • the face information at the time of entering the store can be added to the narrowing list as a label for identifying the narrowing list.
  • the face information at the time of entering the store and the narrowing list can be associated with arbitrary identification information such as the shooting date and time of the shooting data.
  • FIG. 4 is a diagram showing an example of narrowing list data.
  • FIG. 4 illustrates, as an example, three narrowed-down list data L1 to L3 generated according to the multi-biometric authentication service according to the present embodiment.
  • the face information f of the user U1 at the time of entering the store from the face image of the user U1 included in the shooting data in which the face of the user U1 entering the store 3 was taken at 9:00 on December 24, 2019.
  • face1_U1 is extracted.
  • the face information f face1_U1 at the time of entering the store of the user U1 extracted in this way is given as a label, and the registered palm vein information group F Palm_L1 narrowed down using the face information f face1_U1 at the time of entering the store is listed.
  • the refined list data L1 is generated.
  • the face information f of the user U2 at the time of entering the store f. face1_U2 is extracted.
  • the user U2's face information at the time of entering the store, f face1_U2 , extracted in this way is given as a label, and the registered palm vein information group F Palm_L2 narrowed down using the face information at the time of entering the store, f face1_U2 , is listed.
  • the refined list data L2 is generated.
  • the face information f of the user U3 at the time of entering the store f. face1_U3 is extracted.
  • the user U3's face information at the time of entering the store, f face1_U3 , extracted in this way is given as a label, and the registered palm vein information group F Palm_L3 narrowed down using the face information at the time of entering the store, f face1_U3 , is listed.
  • the refined list data L3 is generated.
  • face information extracted from the face image included in the shooting data of the second camera 32A is used as a collation target by vein authentication of the second modality from a plurality of narrowing lists.
  • the refined list is identified.
  • face information at the time of payment since the face information extracted from the face image included in the shooting data of the second camera 32A has an aspect of being extracted at the time of payment at the counter of the store 3, it is hereinafter referred to as "face information at the time of payment”. May be done.
  • face information at the time of payment is collated with the face information at the time of entering the store included in each of the narrowing list.
  • a narrowing list to which the face information at the time of entering the store whose similarity with the face information at the time of payment exceeds a predetermined threshold is specified as a label is specified.
  • the narrowing list to which the face information at the time of entering the store, which has the maximum similarity with the face information at the time of payment, is attached as a label is specified.
  • the payment face information f face2_U3 of the user U3 is extracted from the shooting data of the second camera 32A, the payment face information f face2_U3 is narrowed down in the order of entering the store, as shown in FIG. visiting time face information f Face1_U1 the write list data L1, visiting at face information f Face1_U3 of visiting at face information f Face1_U2 and narrowing list data L3 of narrowing the list data L2 is collated.
  • the degree of similarity of the settlement during the face information f face2_U3 and enter the store when the face information f face1_U1 is smaller than the similarity of face information f face1_U3 and does not exceed the threshold.
  • the similarity of the settlement at the face information f Face2_U3 and visiting time face information f Face1_U3 is the maximum among the three similarity exceeds a threshold.
  • the narrowed list data L3 to which the face information f face1_U3 at the time of entering the store is attached as a label is specified as a collation target in the vein authentication of the second modality.
  • the input palm vein information detected from the sensor 33 is collated with the registered palm vein information group F Palm_L1 of the narrowed list data L3.
  • the extra narrowing list data L11 is obtained until the user U3's input palm vein information f Palm_U3 is collated with the registered palm vein information F Palm_U3.
  • the collation with the narrowed list data L12 can be omitted.
  • collation with the settlement time of face information face2_U3 not similar to the visiting time face information registering palm vein information group F Palm_L1 associated with f Face1_U1, furthermore, when visiting dissimilar settlement during face information face2_U3
  • the collation with the registered palm vein information group F Palm_L2 associated with the face information f face1_U2 can be skipped.
  • FIG. 1 shows a block corresponding to the above-mentioned multi-biometric authentication service function for each of the server device 10 and the store-side system 30.
  • the store-side system 30 includes a first camera 31A, a first extraction unit 31B, a second camera 32A, a second extraction unit 32B, a sensor 33, and a display unit 35. And have.
  • FIG. 1 merely shows an excerpt of the functional unit related to the multi-biometric authentication service, and the store-side system 30 is provided with a functional unit (not shown) such as the reading unit. Do not interfere.
  • the first camera 31A and the second camera 32A are both functional units that capture a facial image of the first modality.
  • the first camera 31A and the second camera 32A can be realized by an image pickup device equipped with an image pickup device such as a CCD (Charge Coupled Device) or a CMOS (Complementary Metal Oxide Semiconductor).
  • an image pickup device such as a CCD (Charge Coupled Device) or a CMOS (Complementary Metal Oxide Semiconductor).
  • the narrowing down based on the face information is completed by the time the user visits the payment counter from the entrance of the store 3 through the selection and movement of products. It will be used.
  • the first camera 31A is installed in a state where the face of a person entering the store from the entrance of the store 3 can be photographed.
  • the first camera 31A does not necessarily have to be a camera dedicated to the multi-biometric authentication service, and a surveillance camera used in another system, for example, a surveillance system can be shared with the multi-biometric authentication service.
  • the "shooting data" taken by the second camera 32A is used in the aspect of specifying the narrowing list to be collated by the vein authentication of the second modality from a plurality of narrowing lists.
  • the second camera 32A is installed in a state where the face of a person who uses the terminal 32 can be photographed.
  • the second camera 32A can be realized as an in-camera arranged with the lens facing in the same direction as the screen orientation of the display unit 35.
  • the first extraction unit 31B and the second extraction unit 32B are functional units that extract biological information of the first modality.
  • the face information may be the image itself in which the face is photographed, or may be the feature amount of the face extracted from the face image.
  • the first extraction unit 31B and the second extraction unit 32B can use a model in which the embedded space is learned by deep learning or the like, for example, a CNN (Convolutional Neural Network).
  • the first extraction unit 31B and the second extraction unit 32B perform face detection on the output of the first camera 31A or the second camera 32A, for example, an image captured in frame units.
  • the first extraction unit 31B and the second extraction unit 32B input the partial image corresponding to the face region obtained by the face detection, that is, the face image into the CNN in which the embedded space has been learned. This allows an embedded vector to be obtained from the CNN. Then, the first extraction unit 31B and the second extraction unit 32B encrypt the above face information as face information at the time of entering the store or face information at the time of payment according to a predetermined encryption method, for example, an algorithm such as public key encryption. The encrypted and encrypted face information at the time of entering the store or the face information at the time of payment is transmitted to the server device 10.
  • the embedded vector is merely an example of face information, and other feature quantities such as SIFT (Scale-Invariant Feature Transform) may be extracted.
  • SIFT Scale-Invariant Feature Transform
  • the sensor 33 is a functional unit that detects biometric information of the second modality.
  • the sensor 33 captures infrared light having a wavelength suitable for reflecting the blood vessel pattern of veins existing in the palm, for example, lighting irradiating near infrared light and infrared light. It can be realized as a sensor unit including a camera that can be used. For example, when the palm is placed in a predetermined shooting position, infrared light is emitted to the palm by illumination. The infrared light reflected from the inside of the palm and returned is photographed by the camera activated in conjunction with the irradiation of the infrared light.
  • a palm vein image in which the blood vessel pattern of the vein in the palm appears is obtained as a biological image.
  • the sensor 33 extracts the blood vessel portion from the palm vein image and then thins it, and extracts feature quantities such as the coordinates of the branch point in the blood vessel, the length between the branch points, and the branch angle of the branch point as palm vein information. ..
  • the sensor 33 encrypts the palm vein information as input palm vein information according to a predetermined encryption method, for example, an algorithm such as public key cryptography, and then transmits the encrypted palm vein information to the server device 10. do.
  • the display unit 35 is a functional unit that displays various types of information.
  • the display unit 35 can be realized by a liquid crystal display, an organic EL (Electro-Luminescence) display, or the like.
  • the display unit 35 may be realized as a touch panel by integrating with an input unit (not shown).
  • the processor may be mounted on any device of the store-side system 30 described above.
  • a processor mounted on a terminal 32 to which the first camera 31A, the second camera 32A, and the sensor 33 are connected can be used.
  • the processor reads a feature extraction program that realizes the above-mentioned function extraction and the like from a storage device (not shown), for example, a ROM (Read Only Memory) or an auxiliary storage device.
  • the processor executes the above-mentioned feature extraction program to develop a process corresponding to the above-mentioned function on a memory such as a RAM (Random Access Memory).
  • a memory such as a RAM (Random Access Memory).
  • the above functions are virtually realized as a process.
  • a CPU and an MPU are exemplified as an example of a processor, but the above-mentioned functional unit may be realized by an arbitrary processor regardless of a general-purpose type or a specialized type.
  • the above functions may be realized by hard-wired logic such as ASIC (Application Specific Integrated Circuit) or FPGA (Field Programmable Gate Array).
  • FIG. 1 shows an excerpt of the functional part related to the above-mentioned multi-biometric authentication service, and the functional part other than the figure, for example, the functional part that the existing computer is equipped with by default or as an option, For example, it does not prevent the server device 10 from having an input unit, a display unit, or the like.
  • the communication interface unit 11 corresponds to an example of a communication control unit that controls communication with another device, for example, a store-side system 30.
  • the communication interface unit 11 is realized by a network interface card such as a LAN (Local Area Network) card.
  • the communication interface unit 11 receives face information at the time of entering a store from the first extraction unit 31B, face information at the time of payment from the second extraction unit 32B, and receives input palm vein information from the sensor 33. do. Further, the communication interface unit 11 outputs a retry request for personal authentication, an authentication result, a payment processing result, and the like to the display unit 35.
  • LAN Local Area Network
  • the storage unit 13 is a functional unit that stores data used in various programs such as an OS (Operating System) executed by the control unit 15 and an authentication program that realizes the above-mentioned multi-biometric authentication service.
  • OS Operating System
  • the storage unit 13 can be realized by an auxiliary storage device.
  • HDD Hard Disk Drive
  • optical disk optical disk
  • SSD Solid State Drive
  • flash memory such as EPROM (Erasable Programmable Read Only Memory) can also be used for auxiliary storage devices.
  • the storage unit 13 stores the registered data 13A and the narrowed list data L1 to Lm as an example of the data used in the program executed by the control unit 15.
  • the storage unit 13 can store various data such as shooting data of the first camera 31A and the second camera 32A. Since the narrowing list data L1 to Lm has an aspect of being dynamically generated from the shooting data of the first camera 31A, it will be described later in accordance with the description of the functional unit that generates the narrowing list data L1 to Lm.
  • the registration data 13A is data for which a predetermined registration process, for example, user registration has been performed.
  • the registration data 13A it is possible to adopt data in which the registered face information and the registered palm vein information are associated with each identification information of N users, for example, the registrant who has been registered as a user.
  • the registration data 13A may include user attribute information such as name, age, and gender.
  • the control unit 15 is a processing unit that controls the entire server device 10.
  • the control unit 15 is realized by a hardware processor such as a CPU or an MPU.
  • a CPU and an MPU are exemplified as an example of a processor, but it can be implemented by any processor regardless of whether it is a general-purpose type or a specialized type.
  • the control unit 15 may be realized by hard-wired logic such as ASIC or FPGA.
  • the control unit 15 virtually realizes the following processing unit by deploying the above authentication program on a memory (for example, a RAM work area) (not shown). As shown in FIG. 1, the control unit 15 has a first specific unit 15A, a generation unit 15B, a second specific unit 15C, and an authentication unit 15D.
  • a memory for example, a RAM work area
  • the control unit 15 has a first specific unit 15A, a generation unit 15B, a second specific unit 15C, and an authentication unit 15D.
  • the first specific unit 15A refers to the registration data 13A stored in the storage unit 13, and has a second modality associated with the registered face information whose similarity with the face information at the time of entering the store meets a predetermined criterion. It is a processing unit that identifies registered biometric information. As one embodiment, the first specific unit 15A can be activated when the face information at the time of entering the store is received from the first extraction unit 31B. For example, the first specific unit 15A determines the degree of similarity between the registered face information and the face information at the time of entering the store extracted by the first extraction unit 31B for each registered face information included in the registration data 13A. calculate.
  • the Hamming distance between the registered face information and the input face information can be used for the similarity.
  • the first specific unit 15A registers up to a predetermined number of registered palm vein information included in the registration data 13A, for example, up to the top K ( ⁇ N) pieces having a degree of similarity to the face information at the time of entering the store.
  • the registered palm vein information associated with each of the facial information is specified. As a result, the palm vein information of the registered hand is narrowed down from N to K.
  • an example of specifying the registered palm vein information associated with each of the registered face information up to the upper predetermined number of similarities with the face information at the time of entering the store is given. Not limited to this.
  • registration palm similarity between the entering time of the face information is associated with each of the registered face information corresponding to the upper predetermined rate corresponding to such one percent of predetermined narrowing ratio R Nd, for example, subscribers N It is also possible to identify vein information.
  • the generation unit 15B is a processing unit that generates a narrowing list.
  • the generation unit 15B assigns the face information at the time of entering the store extracted by the first extraction unit 31B as a label, and lists the registered palm vein information group specified by the first specific unit 15A.
  • the refined list data Lj is generated.
  • the narrowing list data Lj generated in this way is stored in the storage unit 13.
  • the narrowing list data Lj stored in the storage unit 13 in this way can be deleted when a predetermined condition is satisfied.
  • the narrowed list data Lj used for authentication or payment may be deleted, the narrowed list data Lj may be deleted after a certain period of time, for example, one hour has passed since the storage, or at a regular time, for example, the closing time.
  • the narrowing list data L1 to Lm can be deleted. Further, the narrowing list data Lj does not necessarily have to be deleted, and it is also possible to distinguish between the data after being used for authentication or settlement and the data not used for authentication by using a flag or the like.
  • the second specifying unit 15C is a process for specifying a registered biometric information group narrowed down by using any of the face information at the time of entering the store, based on the degree of similarity between the face information at the time of payment and the face information at the time of entering the store. It is a department.
  • the second specific unit 15C has, for each of the narrowed-down list data L1 to Lm stored in the storage unit 13, the face information at the time of entering the store given as the label of the narrowed-down list data Lj, and the first. The degree of similarity with the face information at the time of settlement extracted by the extraction unit 32B of 2 is calculated.
  • the second specific unit 15C is a narrowing list to which, among the narrowing list data L1 to Lm, the face information at the time of entering the store whose similarity with the face information at the time of payment exceeds a predetermined threshold is given as a label.
  • the data is specified as a narrowing list to be collated in the second modality vein authentication.
  • an example of specifying the narrowed-down list data to which the face information at the time of entering the store, which has the maximum similarity with the face information at the time of payment, is attached as a label is given, but the present invention is not limited to this.
  • narrowed-down list data L1 to Lm it is also possible to specify the narrowed-down list data to which the face information at the time of entering the store, which has the maximum similarity with the face information at the time of settlement, is attached as a label.
  • the authentication unit 15D is a processing unit that executes the authentication process of the second modality.
  • the authentication unit 15D calculates the similarity between the registered palm vein information group included in the narrowed list data specified by the second specific unit 15C and the input palm vein information detected by the sensor 33. do.
  • the cross-correlation obtained by pattern matching of the registered palm vein information and the input palm vein information can be used.
  • the authentication unit 15D authenticates that the palm vein of the input hand belongs to the registrant when there is a palm vein of the registered hand whose similarity with the palm vein of the input hand is equal to or higher than a predetermined threshold value.
  • the authentication unit 15D authenticates that the palm vein of the input hand does not belong to the registrant when there is no palm vein of the registered hand whose similarity with the palm vein of the input hand is equal to or higher than a predetermined threshold value. Then, the authentication unit 15D notifies the store side system 30 of the authentication result, for example, authentication OK or authentication NG. The authentication result notified in this way can be output by the display unit 35 or the like.
  • the server device 10 notifies the store-side system 30 of the authentication result, but the present invention is not limited to this.
  • the server device 10 executes a payment process for a product to be purchased using payment information associated with a user who has been authenticated as the registrant, such as a credit card, a debit card, or electronic money.
  • the payment processing result can be notified to the store side system 30.
  • the server device 10 can also transfer the authentication result to an application that executes payment processing inside or outside the server device 10.
  • FIG. 5 is a diagram showing an example of a control sequence of the first specific process according to the first embodiment. As an example, this process can be executed in units where shooting is performed by the first camera 31A, for example, in frame units.
  • the first extraction unit 31B is characterized by facial features from the face image included in the shooting data acquired in step S101.
  • the amount is extracted (step S102).
  • the first extraction unit 31B notifies the server device 10 of the facial feature amount extracted in step S102 as face information at the time of entering the store (step S103).
  • the first specific unit 15A collates the registered face information with the face information at the time of entering the store notified in step S103 for each registered face information included in the registration data 13A (step S104). Then, the first specific unit 15A has a predetermined number of similarities with the face information at the time of entering the store among the registered palm vein information included in the registration data 13A, for example, the registered face information up to the top K ( ⁇ N) pieces.
  • the registered palm vein information associated with each of the above is specified (step S105).
  • the generation unit 15B attaches the face information at the time of entering the store notified in step S103 as a label, and generates the narrowed list data Lj in which the registered palm vein information group specified in step S105 is listed. (Step S106). After that, the generation unit 15B stores the narrowing list data Lj generated in step S106 in the storage unit 13 (step S107), and ends the process.
  • FIG. 6 is a diagram showing an example of a control sequence of the second specific process according to the first embodiment. As an example, this process can be executed in units where shooting is performed by the second camera 32A, for example, in frame units.
  • the second extraction unit 32B is characterized by facial features from the face image included in the shooting data acquired in step S301.
  • the amount is extracted (step S302).
  • the second extraction unit 32B notifies the server device 10 of the facial feature amount extracted in step S302 as face information at the time of settlement (step S303).
  • step S303 the processing of steps S304A and S305A performed by the server device 10 and the processing of steps S304B and S305B performed by the store-side system 30 are executed in parallel.
  • the second specific unit 15C contains face information at the time of entering the store, which is assigned as a label of the narrowed list data Lj for each of the narrowed list data L1 to Lm stored in the storage unit 13.
  • the face information at the time of payment notified in step S302 is collated.
  • the second specific unit 15C is a narrowing list to which, among the narrowing list data L1 to Lm, the face information at the time of entering the store whose similarity with the face information at the time of payment exceeds a predetermined threshold is given as a label.
  • the data is specified as a narrowing list of matching targets in the second modality vein authentication (step S305A).
  • the sensor 33 detects the feature amount of the palm vein from the palm vein image included in the captured data of the sensor 33 in parallel with the steps S304A and S305A (step S304B). Then, the sensor 33 notifies the server device 10 of the feature amount of the palm vein detected in step S304B as input palm vein information (step S305B).
  • the authentication unit 15D obtains the input palm vein information of the registrant based on the registered palm vein information group included in the narrowed list data specified in step S305A and the input palm vein information notified in step S305B.
  • the authentication process for authenticating whether or not the information is a thing is executed (step S306).
  • the authentication unit 15D notifies the store-side system 30 of the authentication result in step S306 (step S307).
  • the terminal 32 of the store side system 30 is as follows. Execute the process. That is, the terminal 32 executes the payment processing of the product to be purchased by using the payment information associated with the user authenticated to be the registrant, for example, a credit card, a debit card, electronic money, or the like ( Step S309), the process is terminated.
  • step S307 If the authentication result notified in step S307 is authentication NG, that is, if it is authenticated that the palm vein of the input hand does not belong to the registrant (step S308No), the payment process in step S309 is not executed and the process ends as it is. ..
  • the multi-biometric authentication service uses the face information at the time of entering the store, which is similar to the face information at the time of payment, among the registered palm vein information group narrowed down for each face information at the time of entering the store.
  • the narrowed-down registered palm vein information group is collated with the input palm vein information. Therefore, in the multi-biometric authentication service according to the present embodiment, it is possible to omit collation with the biometric information group narrowed down by the face information at the time of entering the store, which is not similar to the face information at the time of payment. Therefore, according to the multi-biometric authentication service according to the present embodiment, it is possible to reduce the authentication time.
  • the server device 10 can store each user in association with the time required from the time when the user's face image is taken by the first camera 31A to the time when the second camera 32A takes a picture. ..
  • the server device 10 has a time difference between the time when the narrowed-down list data is generated and the time when the narrowed-down list data is specified as a collation target in the biometric authentication of the second modality using the face information at the time of payment. Can be calculated as the above required time.
  • the required time calculated in this way can be stored in the registration data 13A in association with the user's identification information.
  • the statistical value of the calculated value and the stored value for example, the average value or the median value may be set as a corner.
  • the server device 10 performs the narrowing down for each of m narrowing down list data L1 to Lm including the new narrowing down list data Lj.
  • the required time associated with the registered face information having the maximum similarity with the face information at the time of entering the store in the built-in list is acquired from the registration data 13A.
  • the server device 10 sorts the m narrowing list data L1 to Lm in ascending order of the required time. After that, the server device 10 stores m sorted list data L1 to Lm sorted in ascending order of required time in the storage unit 13.
  • FIG. 7 is a diagram showing an example of a control sequence of the first specific process according to the application example.
  • the same process as the process shown in FIG. 5 is assigned the same step number, and the process different from the process shown in FIG. 5 is assigned a new step number.
  • the description of the same process as that shown in FIG. 5 will be omitted, and the difference will be excerpted and described.
  • the generation unit 15B inputs the narrowing list for each of m narrowing list data L1 to Lm including the new narrowing list data Lj.
  • the required time associated with the registered face information having the maximum similarity to the store face information is acquired from the registered data 13A, and the m narrowing list data L1 to Lm are sorted in ascending order of the required time (step). S501).
  • the generation unit 15B stores m sorted list data L1 to Lm sorted in ascending order of required time in the storage unit 13 (step S502), and ends the process.
  • step S501 and S502 shown in FIG. 7 m narrowing list data L1 to Lm are stored in the storage unit 13 in order from the narrowing list data having the shortest required time.
  • step S304A shown in FIG. 6 the second specific unit 15C can collate the face information at the time of settlement and the face information at the time of entering the store of each narrowing list in the order of the shortest required time.
  • FIG. 8 is a diagram showing an example of sorted list data.
  • FIG. 8 shows the narrowed-down list data L1 to L3 shown in FIG. 4 sorted in ascending order of required time.
  • FIG. 8 shows, as an example, a case where the magnitude relation of the required time is “narrowing list data L3 ⁇ narrowing list data L1 ⁇ narrowing list data L2”.
  • the face information f face2_U3 at the time of settlement is the face information f face1_U3 at the time of entering the shop of the narrowed list data L3, and the narrowed list data.
  • L1 of the entering time of face information f face1_U1 are collated in the order of visiting at face information f Face1_U2 of narrowing the list data L2.
  • the similarity of the settlement at the face information f Face2_U3 and visiting time face information f Face1_U3 when verifying the payment when face information f Face2_U3 and visiting time face information f Face1_U3 exceeds a threshold value.
  • the function of the multi-biometric authentication service including the server device 10 and the store-side system 30 is operated in the client server system, but the above-mentioned multi-biometric authentication service is operated in a stand-alone manner. It doesn't matter.
  • each modality is not limited to a specific authentication site. For example, it does not prevent the application of other authentication sites such as fingerprints and irises to the second modality.
  • Example 1 empty-handed payment is illustrated as an example of the use case of the above-mentioned multi-biometric authentication service, but other use cases such as the use of an ATM (Automatic Teller Machine) in a financial institution and entry / exit management are also described above. Multi-biometric authentication service can be applied.
  • ATM Automatic Teller Machine
  • FIG. 9 is a diagram showing an example of computer hardware configuration.
  • the computer 100 has a first camera 110a, a second camera 110b, a sensor 110c, a display 120, and a communication unit 130. Further, the computer 100 has a CPU 150, a ROM 160, an HDD 170, and a RAM 180. Each of these 110 to 180 parts is connected via the bus 140.
  • the HDD 170 has an authentication program 170a that exhibits the same functions as the first specific unit 15A, the generation unit 15B, the second specific unit 15C, and the authentication unit 15D shown in the first embodiment. Is remembered.
  • the authentication program 170a may be integrated or separated like the components of the first specific unit 15A, the generation unit 15B, the second specific unit 15C, and the authentication unit 15D shown in FIG. That is, not all the data shown in the first embodiment may be stored in the HDD 170, and the data used for processing may be stored in the HDD 170.
  • the CPU 150 reads the authentication program 170a from the HDD 170 and expands it to the RAM 180.
  • the authentication program 170a functions as the authentication process 180a, as shown in FIG.
  • the authentication process 180a expands various data read from the HDD 170 into an area allocated to the authentication process 180a in the storage area of the RAM 180, and executes various processes using the expanded various data.
  • the process shown in FIGS. 5 to 7 is included.
  • the CPU 150 not all the processing units shown in the first embodiment need to operate, and it is sufficient that the processing units corresponding to the processes to be executed are virtually realized.
  • each program is stored in a "portable physical medium" such as a flexible disk inserted into the computer 100, a so-called FD, a CD-ROM, a DVD disk, a magneto-optical disk, or an IC card. Then, the computer 100 may acquire and execute each program from these portable physical media. Further, each program is stored in another computer or server device connected to the computer 100 via a public line, the Internet, a LAN, a WAN, or the like, and the computer 100 acquires and executes each program from these. You may do it.
  • Authentication system 10 Server device 11 Communication interface unit 13 Storage unit 13A Registration data L1 to Lm Filtered list data 15 Control unit 15A First specific unit 15B Generation unit 15C Second specific unit 15D Authentication unit 30 Store-side system 31A 1st camera 31B 1st extraction unit 32 terminal 32A 2nd camera 32B 2nd extraction unit 33 sensor 35 display unit

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Biomedical Technology (AREA)
  • Collating Specific Patterns (AREA)
PCT/JP2020/019328 2020-05-14 2020-05-14 認証方法、認証プログラム及び認証装置 Ceased WO2021229763A1 (ja)

Priority Applications (5)

Application Number Priority Date Filing Date Title
PCT/JP2020/019328 WO2021229763A1 (ja) 2020-05-14 2020-05-14 認証方法、認証プログラム及び認証装置
JP2022522446A JP7327662B2 (ja) 2020-05-14 2020-05-14 認証方法、認証プログラム及び認証装置
CN202080100367.4A CN115461741A (zh) 2020-05-14 2020-05-14 认证方法、认证程序以及认证装置
EP20935628.6A EP4152183A4 (en) 2020-05-14 2020-05-14 AUTHENTICATION METHOD, AUTHENTICATION PROGRAM AND AUTHENTICATION DEVICE
US17/968,826 US20230044788A1 (en) 2020-05-14 2022-10-19 Authentication method, storage medium, and authentication device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2020/019328 WO2021229763A1 (ja) 2020-05-14 2020-05-14 認証方法、認証プログラム及び認証装置

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US17/968,826 Continuation US20230044788A1 (en) 2020-05-14 2022-10-19 Authentication method, storage medium, and authentication device

Publications (1)

Publication Number Publication Date
WO2021229763A1 true WO2021229763A1 (ja) 2021-11-18

Family

ID=78525572

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2020/019328 Ceased WO2021229763A1 (ja) 2020-05-14 2020-05-14 認証方法、認証プログラム及び認証装置

Country Status (5)

Country Link
US (1) US20230044788A1 (https=)
EP (1) EP4152183A4 (https=)
JP (1) JP7327662B2 (https=)
CN (1) CN115461741A (https=)
WO (1) WO2021229763A1 (https=)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11531743B2 (en) * 2011-01-14 2022-12-20 Flash Seats, Llc Systems and methods for enhancing biometric matching accuracy
US20240233444A1 (en) * 2023-01-10 2024-07-11 Amazon Technologies, Inc. System for biometric identification enrollment

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2005275508A (ja) * 2004-03-23 2005-10-06 Sanyo Electric Co Ltd 個人認証装置
JP2006031387A (ja) * 2004-07-15 2006-02-02 Yamaha Motor Co Ltd 画像認識装置、画像認識方法、画像認識プログラムおよび画像認識プログラムを記録した記録媒体
JP2019128880A (ja) 2018-01-26 2019-08-01 富士通フロンテック株式会社 認証システム、認証装置、認証プログラム、および認証方法

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2009259085A (ja) * 2008-04-18 2009-11-05 Takumi Vision株式会社 生体認証システム及び認証方法
JP2010049357A (ja) * 2008-08-19 2010-03-04 Fujitsu Ltd 認証装置、認証システム及び認証方法
EP2392259A1 (en) * 2009-01-30 2011-12-07 Fujitsu Frontech Limited Authentication device, imaging device, authentication method, and authentication program
JP5975293B2 (ja) * 2013-02-22 2016-08-23 富士ゼロックス株式会社 認証装置及びプログラム
EP3859662B1 (en) * 2018-09-28 2026-03-11 NEC Corporation Authentication device, authentication method, and storage medium

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2005275508A (ja) * 2004-03-23 2005-10-06 Sanyo Electric Co Ltd 個人認証装置
JP2006031387A (ja) * 2004-07-15 2006-02-02 Yamaha Motor Co Ltd 画像認識装置、画像認識方法、画像認識プログラムおよび画像認識プログラムを記録した記録媒体
JP2019128880A (ja) 2018-01-26 2019-08-01 富士通フロンテック株式会社 認証システム、認証装置、認証プログラム、および認証方法

Also Published As

Publication number Publication date
US20230044788A1 (en) 2023-02-09
EP4152183A1 (en) 2023-03-22
JPWO2021229763A1 (https=) 2021-11-18
EP4152183A4 (en) 2023-06-21
JP7327662B2 (ja) 2023-08-16
CN115461741A (zh) 2022-12-09

Similar Documents

Publication Publication Date Title
US12388649B2 (en) Systems and methods for secure tokenized credentials
US9779400B2 (en) Biometric matching system using input biometric sample
US11496466B2 (en) Using an enrolled biometric dataset to detect adversarial examples in biometrics-based authentication system
US20150067890A1 (en) Identification system
JP2010286937A (ja) 生体認証方法、及び、生体認証に用いるクライアント端末、認証サーバ
KR20060018839A (ko) 인증 카드, 인증 시스템 및 거래 수행 방법
US20230044788A1 (en) Authentication method, storage medium, and authentication device
US20230031788A1 (en) Biometric authentication device, biometric authentication method, and non-transitory computer-readable storage medium for storing biometric authentication program
Mishra et al. Integrating state-of-the-art face recognition and anti-spoofing techniques into enterprise information systems
Gunalan et al. Enhanced atm security using facial recognition, fingerprint authentication, and web application
Burkul et al. Exploring the intricacies of Biometric ATM operations, specifically focusing on the integration of fingerprint and facial recognition using Deep Learning techniques
JP2021128667A (ja) 認証方法、情報処理装置、及び認証プログラム
Dahiya et al. Evolving Payment Security: A Facial Recognition-Based Credit Card Reader with A Multifunctional Cascade Neural Network
Hamdan et al. A self-immune to 3D masks attacks face recognition system
US11783030B2 (en) Defense mechanism against component-wise hill climbing using synthetic face generators
Ramalingam et al. Fundamentals and advances in 3D face recognition
Abe et al. Integrated biometric authentication technology to support a cashless society
US20230013232A1 (en) Control method, storage medium, and information processing device
Ow et al. Face recognition authentication system with CNN and blink detection algorithm
Shoukat et al. Fraud detection system using facial recognition based on Google Teachable Machine for banking applications
Hari Priya et al. A Survey for Securing Online Payment Transaction Using Biometrics Authentication
Kachole et al. Advance RTO Management System
Kachole et al. Traffic Police App
Reji 3D Face Recognition System in Time Critical Security Applications
Rani Enhancing ATM Security Through Biometric Face Recognition

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20935628

Country of ref document: EP

Kind code of ref document: A1

ENP Entry into the national phase

Ref document number: 2022522446

Country of ref document: JP

Kind code of ref document: A

NENP Non-entry into the national phase

Ref country code: DE

ENP Entry into the national phase

Ref document number: 2020935628

Country of ref document: EP

Effective date: 20221214