WO2022024281A1 - Authentication server, authentication system, authentication request processing method, and storage medium - Google Patents

Authentication server, authentication system, authentication request processing method, and storage medium Download PDF

Info

Publication number
WO2022024281A1
WO2022024281A1 PCT/JP2020/029149 JP2020029149W WO2022024281A1 WO 2022024281 A1 WO2022024281 A1 WO 2022024281A1 JP 2020029149 W JP2020029149 W JP 2020029149W WO 2022024281 A1 WO2022024281 A1 WO 2022024281A1
Authority
WO
WIPO (PCT)
Prior art keywords
authentication
electronic
server
biometric
service provider
Prior art date
Application number
PCT/JP2020/029149
Other languages
French (fr)
Japanese (ja)
Inventor
雄司 山口
圭 斎藤
祐一 矢部
Original Assignee
日本電気株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 日本電気株式会社 filed Critical 日本電気株式会社
Priority to JP2022539887A priority Critical patent/JPWO2022024281A5/en
Priority to PCT/JP2020/029149 priority patent/WO2022024281A1/en
Publication of WO2022024281A1 publication Critical patent/WO2022024281A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/33User authentication using certificates
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards

Definitions

  • the present invention relates to an authentication server, an authentication system, an authentication request processing method, and a storage medium.
  • Patent Document 1 discloses a technique for reducing the burden on local government employees and the like.
  • the personal authentication card such as My Number Card is not required by the applicant who visited the counter by inputting the name and date of birth, and the data input of the person in charge of the counter is not required. It is stated that it will provide a system to support the application of certificates.
  • identity verification is performed using an ID card such as My Number Card.
  • ID card such as My Number Card.
  • the user who has been issued the certificate presents the correct certificate, and the presented identification card is genuine. Confirmation is required.
  • the main object of the present invention is to provide an authentication server, an authentication system, an authentication request processing method, and a storage medium that contribute to efficient identity verification using an identification card.
  • the receiving unit that receives the authentication request regarding the authenticated person presenting the identification certificate from the service provider, the biometric authentication using the biometric information of the authenticated person, and the above-mentioned
  • An authentication request processing unit that processes the authentication request by executing electronic authentication using electronic information extracted from the identification certificate, and an authentication result according to the result of the biometric authentication and the electronic authentication.
  • an authentication server comprising a transmission unit that transmits the above to the service provider.
  • the authentication server includes a business management server and an authentication server connected to the business management server, which sends an authentication request for an authenticated person presenting an identification card. Is to execute the receiving unit that receives the authentication request, the bioauthentication using the biometric information of the person to be authenticated, and the electronic authentication using the electronic information extracted from the identification certificate.
  • an authentication system including an authentication request processing unit that processes the authentication request and a transmission unit that transmits the authentication result according to the result of the biometric authentication and the electronic authentication to the business management server. ..
  • the authentication server receives an authentication request regarding the authenticated person presenting the identification certificate from the service provider, and the biometric authentication using the biometric information of the authenticated person is described.
  • the authentication request is processed, and the authentication result according to the result of the bioauthentication and the electronic authentication is given to the service provider.
  • An authentication request processing method to be sent is provided.
  • the processing of receiving the authentication request regarding the authenticated person presenting the identification card from the service provider and the biometric information of the authenticated person are transmitted to the computer mounted on the authentication server.
  • the service provider performs a process of executing the bioauthentication used and the electronic authentication using the electronic information extracted from the identification certificate, and the authentication result according to the bioauthentication and the result of the electronic authentication.
  • a computer-readable storage medium is provided that stores the process of sending to and the program for executing.
  • an authentication server an authentication system, an authentication request processing method, and a storage medium that contribute to efficient identity verification using an identification card are provided.
  • the effect of the present invention is not limited to the above. According to the present invention, other effects may be produced in place of or in combination with the effect.
  • the authentication server 100 includes a receiving unit 101, an authentication request processing unit 102, and a transmitting unit 103 (see FIG. 1).
  • the receiving unit 101 receives an authentication request regarding the person to be authenticated who presents the identification card from the service provider.
  • the authentication request processing unit 102 processes the authentication request by executing biometric authentication using the biometric information of the person to be authenticated and electronic authentication using the electronic information extracted from the identification card.
  • the transmission unit 103 transmits the authentication result according to the result of the biometric authentication and the electronic authentication to the service provider.
  • the authentication server 100 executes two authentications using an identification card without human intervention. In addition, since two identity verifications can be performed in parallel, efficient identity verification using an identification card can be realized.
  • FIG. 2 is a diagram showing an example of a schematic configuration of the authentication system according to the first embodiment.
  • the authentication system includes a plurality of service providers, an authentication center, and the like.
  • Service providers are individuals, groups, organizations, etc. that provide various services to users.
  • a service provider a retail business, a medical business, a financial business, an insurance business, and the like are exemplified.
  • the service provider may be a public institution such as a city hall.
  • the service provider disclosed in the present application should be able to provide the service to the user who presents the "identification card".
  • Examples of services provided by private service providers include medical services provided by hospitals and pharmacies and financial services provided by banks.
  • the disclosure of the present application may be applied to insurance services provided by an insurer.
  • the service provided by the service provider may be a subsidy, payment of benefits, etc. by the local government.
  • the service provider may provide a service for identifying the heir from the family register information.
  • the service provider disclosed in this application provides arbitrary services to users whose identities are certain.
  • the service provider provides the service to the user who presents the identification card.
  • the identification card include a card having an IC (Integrated Circuit) chip such as an Individual Number Card, a driver's license, and a passport.
  • IC Integrated Circuit
  • a smartphone or the like including the function of the identification card equipped with the IC chip may be used as the identification card.
  • the IC chip of the ID card stores electronic information such as an electronic certificate issued by a public certificate authority and an electronic signature signed by a public institution.
  • electronic information such as an electronic certificate issued by a public certificate authority and an electronic signature signed by a public institution.
  • an electronic certificate or an electronic signature is stored in an IC chip of an identification card.
  • the service provider provides the service to the user who has completed the identity verification based on the ID card.
  • the case where the "electronic certificate” is stored in the IC chip mounted on the identification card will be described as an example.
  • the certification center is operated by an organization or organization that provides "certification services" to multiple service providers. Specifically, the authentication center provides a service related to identity verification (identification) based on the above identification card.
  • the authentication server 10 is installed in the authentication center.
  • the authentication server 10 is responsible for the above-mentioned processing related to identity verification.
  • the authentication server 10 may be a server installed on the site of the authentication center or a server installed on the cloud.
  • a plurality of authentication servers 10 may cooperate to perform the above-mentioned identity verification.
  • the authentication server 10 is a certificate authority that supports two types of authentication methods (means, method).
  • the first authentication method is personal authentication (biometric authentication) using biometric information.
  • biometric authentication it is determined whether or not the user who submitted the identification card is the user who correctly received the issuance of the identification card. For example, if the user B presents the identification card issued to the user A, the authentication fails.
  • the biometric information of the user exemplifies data (feature amount) calculated from physical characteristics peculiar to an individual such as a face, a fingerprint, a voice print, a vein, a retina, and an iris pattern (pattern) of the pupil.
  • the biometric information of the user may be image data such as a face image and a fingerprint image.
  • the biometric information of the user may be any information that includes the physical characteristics of the user. In the disclosure of the present application, a case where biometric information regarding a person's "face" is used will be described.
  • the second authentication method is personal authentication (hereinafter referred to as electronic authentication) using electronic information stored in the IC chip of the identification card.
  • Electronic authentication determines the validity and authenticity of the ID card. For example, an ID card has a defined validity period, and authentication of a user who presents an ID card whose validity period has expired fails.
  • the items described on the ID card for example, name, address, etc.
  • the user must be issued an ID card with the correct contents. That is, even if an identification card that does not reflect the correct content is presented, the authentication of the user presenting the identification card fails.
  • Electronic authentication which is the second authentication method, can also be regarded as "electronic verification" in which the identification card presented by the user is verified by the electronic information contained in the identification card.
  • the service provider cannot perform business (for example, subsidy application) based on the information (for example, address) obtained from the identification card that does not reflect the correct information.
  • business for example, subsidy application
  • information for example, address
  • the service provider requests the authentication server 10 to authenticate by at least one of the above two authentication methods (biometric authentication and electronic authentication).
  • authentication request 1 The authentication request requested by the service provider to the authentication server 10 and requesting both biometric authentication and electronic authentication is referred to as "authentication request 1".
  • authentication request 2 The authentication request that the service provider requests authentication by electronic authentication is referred to as "authentication request 2".
  • authentication request 3 The authentication request that the service provider requests authentication by biometric authentication is referred to as "authentication request 3".
  • the authentication server 10 accepts any of the authentication requests 1 to 3 and sends the result of the authentication process (authentication success, authentication failure) to the source of the authentication request (service provider).
  • the authentication server 10 transmits "authentication success" to the service provider when the authentication of each of the biometric authentication and the electronic authentication is successful.
  • Each service provider has a business management server and a terminal.
  • the service provider S1 is provided with a business management server 20 and a plurality of authentication terminals 30.
  • the service provider S2 is provided with a business management server 21 and a plurality of authentication terminals 31.
  • the devices shown in FIG. 2 are connected to each other.
  • the authentication server 10 and the business management server 20 are connected by a wired or wireless communication means, and are configured to be able to communicate with each other.
  • the business management server 20 is a server that controls and manages the entire business of the service provider. For example, when the service provider is a local government such as a city hall, the business management server 20 manages the history of services provided to residents. For example, the business management server 20 stores whether or not the subsidy payment has been completed to the resident. When the service provider is a medical institution such as a hospital, the business management server stores the patient's clinical department, consultation date, and the like.
  • the business management server 20 provides services to users who have completed identity verification using an ID card.
  • the business management server 20 selects one of the above authentication requests 1 to 3 according to the business content, business form, business scale, etc. of the service provider, and requests the authentication server 10 to authenticate the user.
  • the business management server 20 requests both the biometric authentication and the electronic authentication to the authentication server 10 (transmits the authentication request 1).
  • the business management server 20 requests the authentication server 10 for electronic authentication. (Send authentication request 2).
  • the business management server 20 performs biometric authentication by itself, it is sufficient for the business management server 20 to request the authentication server 10 for electronic authentication.
  • the business management server 20 requests the authentication server 10 for biometric authentication. (Send authentication request 3).
  • the service provider does not use the information on the ID card, such as the name and address, which may change, to provide the service, so electronic authentication is not required to confirm the validity of the ID card. ..
  • the terminal 30 is a device that is connected to the business management server 20 and serves as an interface for users who visit the service provider.
  • the user receives various services via the terminal 30.
  • the service provider is a medical institution such as a hospital
  • the user applies for a medical examination using the terminal 30.
  • the service provider is a retail store
  • the user purchases the product using the terminal 30.
  • the service provider is a local government such as a city hall, the user applies for a subsidy or the like using the terminal 30.
  • the user When receiving the service, the user presents his / her identification card to the service provider. For example, the user inserts an identification card into a card reader connected to the terminal 30.
  • the terminal 30 acquires the user's biometric information (for example, a face image) and the information stored in the IC chip of the identification card (hereinafter referred to as IC chip information) and transmits the information to the business management server 20.
  • biometric information for example, a face image
  • IC chip information information stored in the IC chip of the identification card
  • the business management server 20 generates an authentication request using this information and sends it to the authentication server 10. Upon acquiring "authentication success" from the authentication server 10, the business management server 20 provides the service to the user via the terminal 30 or directly.
  • FIG. 2 is an example, and does not mean to limit the configuration of the authentication system disclosed in the present application.
  • the authentication center may include two or more authentication servers 10.
  • the service provider may include at least one terminal 30.
  • the functions of the business management server 20 and the terminal 30 may be integrated, and the service may be provided by the integrated device.
  • a plurality of terminals 30 may be connected to one business management server 20, or one terminal 30 may be connected to one business management server 20. It may have been done.
  • FIG. 3 is a diagram for explaining an outline of the operation of the authentication system when the service provider sends the “authentication request 1” to the authentication server 10.
  • the terminal 30 takes a picture of the user presenting the identification card and acquires a face image.
  • the face image obtained by the terminal 30 taking a picture of the user is referred to as a "photographed face image”.
  • the terminal 30 acquires IC chip information from the identification card inserted in the card reader. At that time, the terminal 30 acquires a password for reading the digital certificate stored in the IC chip, if necessary.
  • the terminal 30 transmits the acquired photographed face image and IC chip information (IC chip information including an electronic certificate) to the business management server 20.
  • the IC chip information includes a face image of the person to whom the identification card is issued and personal information of the user (for example, name, gender, address, basic 4 information of date of birth). There is.
  • the business management server 20 extracts the face image from the IC chip information.
  • the face image (or information about the face image; for example, the feature amount that characterizes the face image) stored in the IC chip of the identification card is referred to as “chip face image”.
  • the personal information included in the IC chip information is not limited to the name and the like, and the passport number and the like are also included in the personal information.
  • the business management server 20 transmits "authentication request 1" including a service provider ID, two face images (photographed face image, chip face image), and an electronic certificate to the authentication server 10.
  • the business management server 20 may also transmit personal information included in the IC chip information to the authentication server 10.
  • the service provider ID is identification information for uniquely identifying the service provider included in the authentication system.
  • different service provider IDs are assigned to each of the service providers S1 and S2.
  • the service provider ID is an ID assigned to each service provider, not an ID assigned to each service. For example, in FIG. 2, even if service providers S1 and S2 provide the same type of service (for example, medical service), different IDs are assigned to these service providers if the management entity is different. ..
  • the authentication server 10 and the business management server 20 share the service provider ID by any method.
  • the authentication server 10 may generate a service provider ID and distribute (notify) the generated service provider ID to the service provider.
  • the authentication server 10 that has received the authentication request 1 performs biometric authentication using the two facial images (biological information) included in the request.
  • the authentication server 10 executes one-to-one matching using two face images, and determines that "biometric authentication is successful" when the two face images are the face images of the same person.
  • the authentication server 10 Before and after biometric authentication, or in parallel with biometric authentication, the authentication server 10 performs electronic authentication using an electronic certificate. Specifically, the authentication server 10 transmits the digital certificate taken out from the authentication request 1 to the external verification server 40. The authentication server 10 requests the verification server 40 to verify the digital certificate.
  • the verification server 40 is the issuing entity of the digital certificate stored in the IC chip, and is also called PKI (Public Key Infrastructure).
  • the verification server 40 confirms the expiration date and the like of the acquired digital certificate, and sends the verification result to the authentication server 10.
  • the authentication server 10 determines that "electronic authentication is successful" when the verification result of the verification server 40 is "verification successful".
  • the authentication server 10 sets the authentication result for the authentication request 1 acquired from the business management server 20 to "authentication successful”. In other words, if at least one of the above two authentications fails, the authentication server 10 sets the authentication result for the authentication request 1 to "authentication failure”.
  • the authentication server 10 transmits the authentication result (authentication success, authentication failure) to the business management server 20.
  • the authentication server 10 When the authentication of the authenticated person is successful, the authentication server 10 generates a user ID (Identifier) for identifying the authenticated person, and sends a response (authentication success) including the user ID to the business management server. Send to 20.
  • the business management server 20 When the authentication success is received, the business management server 20 provides a service to the user via the terminal 30. For example, the business management server 20 notifies the resident of the application result of the subsidy and guides the patient to the clinical department.
  • the authentication server 10 receives an authentication request regarding the person to be authenticated who presents the identification card from the service provider.
  • the authentication server 10 processes an authentication request by executing biometric authentication using the biometric information of the person to be authenticated and electronic authentication using electronic information extracted from the identification card.
  • the authentication server 10 transmits an authentication result according to the result of biometric authentication and electronic authentication to the service provider.
  • FIG. 4 is a diagram for explaining an outline of the operation of the authentication system when the service provider sends the “authentication request 2” to the authentication server 10.
  • the terminal 30 transmits the user's face image and IC chip information to the business management server 20.
  • the business management server 20 performs biometric authentication (one-to-one collation) using two face images (photographed face image and chip face image).
  • biometric authentication one-to-one collation
  • the business management server 20 transmits an authentication request 2 including a service provider ID and an electronic certificate to the authentication server 10.
  • the business management server 20 may transmit the personal information extracted from the IC chip information to the authentication server 10.
  • the authentication server 10 takes out the digital certificate from the authentication request 2 and requests the verification server 40 to verify the certificate.
  • the authentication server 10 transmits the authentication result according to the verification result to the business management server 20. If the authentication is successful, the authentication server 10 sends a response including the user ID to the business management server 20.
  • the business management server 20 provides a service to the user when both biometric authentication and electronic authentication are "authentication successful”.
  • biometric authentication may be executed on the service provider side (edge side), and electronic authentication may be executed on the authentication center side (cloud side).
  • FIG. 4 describes the operation when the business management server 20 performs biometric authentication.
  • biometric authentication may be performed visually by the staff of the service provider.
  • the service provider business management server 20, terminal 30
  • the service provider does not need to acquire a face image or perform biometric authentication using the face image.
  • FIG. 5 is a diagram for explaining an outline of the operation of the authentication system when the service provider sends the “authentication request 3” to the authentication server 10.
  • the terminal 30 transmits the user's face image and IC chip information to the business management server 20.
  • the business management server 20 transmits an authentication request 3 including a service provider ID and two face images (photographed face image and chip face image) to the authentication server 10.
  • the business management server 20 may send personal information to the authentication server 10.
  • the authentication server 10 performs biometric authentication (one-to-one matching) using two face images (photographed face image and chip face image).
  • the authentication server 10 transmits the authentication result (authentication success, authentication failure) to the business management server 20. If the authentication is successful, the authentication server 10 sends a response including the user ID to the business management server 20.
  • the business management server 20 provides a service to the user when the authentication result is "authentication successful”.
  • the terminal 30 does not need to acquire a password for reading the digital certificate.
  • the authentication server 10 executes at least one of biometric authentication and electronic authentication depending on the type of authentication request.
  • FIG. 6 is a diagram showing an example of a processing configuration (processing module) of the terminal 30 according to the first embodiment.
  • the terminal 30 includes a communication control unit 201, a user information acquisition unit 202, a message output unit 203, and a storage unit 204.
  • the communication control unit 201 is a means for controlling communication with other devices. For example, the communication control unit 201 receives data (packets) from the business management server 20. Further, the communication control unit 201 transmits data to the business management server 20. The communication control unit 201 passes the data received from the other device to the other processing module. The communication control unit 201 transmits the data acquired from the other processing module to the other device. In this way, the other processing module transmits / receives data to / from the other device via the communication control unit 201.
  • the user information acquisition unit 202 is a means for acquiring information about a user who wishes to provide a service.
  • the user information acquisition unit 202 acquires the service desired by the user by using a GUI (Graphical User Interface) including a list of services that can be provided by the service provider as shown in FIG. .. After that, the user information acquisition unit 202 displays a GUI as shown in FIG. 8 and acquires a user's face image (photographed face image) and a password for reading the digital certificate.
  • GUI Graphic User Interface
  • the user information acquisition unit 202 controls the camera and acquires image data in which the user is captured.
  • the user information acquisition unit 202 extracts a face image from the acquired image data.
  • the user information acquisition unit 202 may extract a face image (face region) from the image data by using a learning model learned by CNN (Convolutional Neural Network).
  • CNN Convolutional Neural Network
  • the user information acquisition unit 202 may extract a face image by using a method such as template matching.
  • the user information acquisition unit 202 controls the card reader and reads information from the IC chip mounted on the identification card.
  • the user information acquisition unit 202 acquires a face image (chip face image), an electronic certificate, and the like from the IC chip.
  • the password obtained above is required when reading the digital certificate.
  • the user information acquisition unit 202 notifies the user to that effect.
  • the user information acquisition unit 202 transmits the photographed face image and IC chip information (chip face image, electronic certificate, personal information) to the business management server 20.
  • the message output unit 203 is a means for outputting various messages to the user. For example, the message output unit 203 outputs a message regarding service provision.
  • the message output unit 203 may display a message using a display device such as a liquid crystal monitor, or may reproduce a voice message using an audio device such as a speaker.
  • the storage unit 204 stores information necessary for the operation of the terminal 30.
  • FIG. 9 is a diagram showing an example of a processing configuration (processing module) of the business management server 20 according to the first embodiment.
  • the business management server 20 includes a communication control unit 301, an authentication request unit 302, a service provision unit 303, a biometric authentication unit 304, and a storage unit 305.
  • the communication control unit 301 is a means for controlling communication with other devices. For example, the communication control unit 301 receives data (packet) from the authentication server 10. Further, the communication control unit 301 transmits data to the authentication server 10. The communication control unit 301 passes the data received from the other device to the other processing module. The communication control unit 301 transmits the data acquired from the other processing module to the other device. In this way, the other processing module transmits / receives data to / from other devices via the communication control unit 301.
  • the authentication request unit 302 is a means for requesting the authentication server 10 to authenticate the user. It is predetermined what kind of authentication is required from the authentication server 10 according to the type of business of the service provider and the like. The authentication request unit 302 generates any one of the authentication requests 1 to 3 according to a predetermined setting and transmits it to the authentication server 10.
  • the authentication request unit 302 generates an authentication request in the format shown in FIG.
  • an ID indicating what type of authentication is requested (authentication type ID), an ID for identifying a service provider (service provider ID), two facial images, an electronic certificate, etc. are stored. Includes fields.
  • the authentication request unit 302 may generate an authentication request including personal information read from the IC chip.
  • the authentication request unit 302 sets "1" for the authentication type ID when requesting biometric authentication and electronic authentication. When requesting electronic authentication, the authentication request unit 302 sets "2" for the authentication type ID. When requesting biometric authentication, the authentication request unit 302 sets "3" for the authentication type ID.
  • the authentication request unit 302 sets a blank in the information field that does not require authentication. For example, the authentication request unit 302 sets a blank in the face image field when transmitting the authentication request 2, and sets a blank in the electronic certificate field when transmitting the authentication request 3.
  • the format of the authentication request shown in FIG. 10 is an example, and the content is not intended to be limited.
  • the authentication type ID does not have to be included in the authentication request.
  • the authentication server 10 may determine which type of authentication is requested according to the information set in the authentication request. For example, when the authentication request including the two facial images and the digital certificate is received, the authentication server 10 may determine that the authentication request 1 has been received. The authentication server 10 may determine that the authentication request that does not include the two facial images is the authentication request 2 and the authentication request that does not include the digital certificate is the authentication request 3.
  • the authentication request unit 302 Upon receiving the authentication failure from the authentication server 10, the authentication request unit 302 notifies the user via the terminal 30 to that effect.
  • the authentication request unit 302 Upon receiving the authentication success from the authentication server 10, the authentication request unit 302 hands over the user ID transmitted together with the authentication result to the service providing unit 303.
  • the service providing unit 303 is a means for providing a service to a successful authentication person.
  • the service providing unit 303 manages users by using a business management database (DB; DataBase).
  • DB business management database
  • FIG. 11 is a diagram showing an example of a business management database according to the first embodiment.
  • the service providing unit 303 manages business using a database as shown in FIG.
  • the service providing unit 303 adds a new entry if the user ID acquired from the authentication server 10 is not registered in the database.
  • the service providing unit 303 provides the service based on the information read from the corresponding entry. In the example of FIG. 11, the service providing unit 303 guides the certified successful person to the internal medicine department.
  • the business management database shown in FIG. 11 is an example and does not mean to limit its contents.
  • the service providing unit 303 may manage the user (authentication successful person) by using the basic 4 information or the like without using the user ID. Further, if the type of business and the type of business of the service provider are different, the information stored in the business management database is also different, and it is natural that the operation of the service providing unit 303 is different.
  • the biometric authentication unit 304 is a means for performing biometric authentication of the user. As shown in FIG. 4, the biometric authentication unit 304 is a module required when the business management server 20 executes biometric authentication.
  • the authentication requesting unit 302 delivers two face images (photographed face image and chip face image) to the biometric authentication unit 304.
  • the biometric authentication unit 304 executes one-to-one collation using two face images. Specifically, the biometric authentication unit 304 generates a feature amount (feature vector composed of a plurality of feature amounts) from each of the two face images. The biometric authentication unit 304 calculates the similarity between the two features. If the calculated similarity is equal to or higher than a predetermined value, the biometric authentication unit 304 determines that the authentication is successful. If the calculated similarity is smaller than a predetermined value, the biometric authentication unit 304 determines that the authentication has failed.
  • a feature amount feature vector composed of a plurality of feature amounts
  • the biometric authentication unit 304 extracts eyes, nose, mouth and the like as feature points from the face image. After that, the biometric authentication unit 304 calculates the position of each feature point and the distance between each feature point as a feature amount, and generates a feature vector (vector information that characterizes the face image) composed of a plurality of feature amounts. Further, the biometric authentication unit 304 calculates the chi-square distance, the Euclidean distance, and the like as the similarity of the feature amount (face image). The farther the distance is, the lower the similarity is, and the closer the distance is, the higher the similarity is.
  • the biometric authentication unit 304 notifies the authentication request unit 302 of the authentication result (authentication success, authentication failure).
  • the authentication request unit 302 When performing biometric authentication on the business management server 20, the authentication request unit 302 sends an authentication request 2 to the authentication server 10 according to the success of the biometric authentication.
  • the authentication requesting unit 302 determines whether or not the authentication of the person to be authenticated is successful according to the results of the two authentications (biometric authentication and electronic authentication).
  • the storage unit 305 stores information necessary for the operation of the business management server 20.
  • FIG. 12 is a diagram showing an example of a processing configuration (processing module) of the authentication server 10 according to the first embodiment.
  • the authentication server 10 includes a communication control unit 401, an authentication request processing unit 402, an authentication history management unit 403, and a storage unit 404.
  • the authentication request processing unit 402 is a means for processing an authentication request acquired from a service provider.
  • the authentication request processing unit 402 includes submodules of the biometric authentication unit 411 and the electronic authentication unit 412.
  • the biometric authentication unit 411 When the authentication request 1 or the authentication request 3 is received from the business management server 20, the biometric authentication unit 411 performs biometric authentication.
  • the biometric authentication unit 411 executes one-to-one verification (biometric authentication) using the biometric information (photographed face image) of the person to be authenticated and the biometric information (chip face image) extracted from the identification card. That is, the biometric authentication unit 411 performs a collation process (one-to-one collation) using two face images (photographed face image and chip face image), and whether the two face images are images obtained from the same person. Judge whether or not. Since the operation of the biometric authentication unit 411 can be the same as that of the biometric authentication unit 304 of the business management server 20, further detailed description will be omitted.
  • the electronic authentication unit 412 performs electronic authentication.
  • the electronic authentication unit 412 sends the digital certificate to the verification server 40, and requests the verification server 40 to verify the certificate. When the response to the effect that the verification of the digital certificate is successful is received from the verification server 40, the electronic authentication unit 412 determines that the digital authentication is successful. When the response to the effect that the verification of the digital certificate has failed is received from the verification server 40, the electronic authentication unit 412 determines that the digital authentication has failed.
  • the authentication request processing unit 402 sets the authentication result to "authentication success" when both biometric authentication and electronic authentication are “successful”. In other words, if at least one of biometric authentication and electronic authentication is "failure", "authentication failure” is set.
  • the authentication request processing unit 402 may perform electronic authentication depending on the success of biometric authentication. That is, when the biometric authentication fails, the authentication result transmitted to the service provider is "authentication failure" regardless of the result of the electronic authentication.
  • the authentication request processing unit 402 can suppress unnecessary verification requests by making an electronic authentication request to the verification server 40 in response to the success of biometric authentication.
  • the authentication request processing unit 402 may perform biometric authentication depending on the success of the electronic authentication.
  • the authentication request processing unit 402 sets the authentication result to "authentication successful" when the electronic authentication is “successful”.
  • the authentication request processing unit 402 sets the authentication result to "authentication successful" when the biometric authentication is “successful”.
  • the authentication request processing unit 402 When "authentication success" is set in the authentication result, the authentication request processing unit 402 generates a user ID for identifying the authentication success person.
  • the authentication request processing unit 402 generates the user ID by an arbitrary method. For example, the authentication request processing unit 402 may generate a user ID by calculating a hash value of a face image (feature amount) of a successful authentication person. Alternatively, the authentication request processing unit 402 may concatenate the four basic information (name, gender, address, date of birth) of the successful authentication person, and generate the hash value of the concatenated value as the user ID. If the successful authentication user is not a new user, it is not necessary for the authentication request processing unit 402 to generate a user ID. The authentication request processing unit 402 may determine (specify) whether or not the user is new by using the authentication history database described later.
  • the authentication request processing unit 402 sends the authentication result (authentication success) including the generated user ID to the business management server 20.
  • the authentication request processing unit 402 notifies the business management server 20 of the fact (authentication failure).
  • the response sent from the authentication request processing unit 402 to the business management server 20 may include other information (for example, the name of the person to be authenticated, the date and time of authentication, etc.) in addition to the authentication result.
  • the authentication request processing unit 402 hands over the generated user ID and the service provider ID extracted from the authentication request to the authentication history management unit 403.
  • the authentication history management unit 403 is a means for managing the authentication history of successful authentication persons.
  • the authentication history management unit 403 manages the authentication history using the authentication history database.
  • the authentication history database stores the history of successful authentication for each service provider for each of biometric authentication and electronic authentication.
  • FIG. 13 is a diagram showing an example of the authentication history database according to the first embodiment. As shown in FIG. 13, the date and time when the biometric authentication and the electronic authentication are successful are stored for each user ID of the successful authentication person and the service provider.
  • the authentication history management unit 403 searches the authentication history database using the user ID acquired from the authentication request processing unit 402 as a key. If there is no corresponding entry, the authentication history management unit 403 generates a new entry and stores the date and time of biometric authentication and electronic authentication separately for each service provider.
  • the authentication history management unit 403 updates the authentication date and time stored in the field. If the entry corresponding to the user ID does not exist and the corresponding service provider field does not exist, the authentication history management unit 403 adds a new service provider field and stores the authentication date and time in the field. ..
  • the authentication history management unit 403 updates the authentication history database using the authentication dates and times of the user ID, the service provider ID, the biometric authentication, and the electronic authentication.
  • the required authentication method biometric authentication, electronic authentication
  • the service provider may differ depending on the service provider.
  • the authentication history management unit 403 manages the authentication history of each service provider, so that the service provider can refer to the authentication history of the user. Specifically, the service provider transmits the user ID of the user who wants to refer to the history and his / her service provider ID to the authentication server 10. The authentication history management unit 403 specifies the corresponding authentication date and time based on the user ID and the service provider ID, and returns the authentication date and time to the service provider.
  • the storage unit 404 stores information necessary for the operation of the authentication server 10.
  • the verification server 40 can be configured by the existing authentication infrastructure technology, and its configuration and operation are obvious to those skilled in the art, so detailed description thereof will be omitted.
  • FIG. 14 is a sequence diagram showing an example of the operation of the authentication system according to the first embodiment.
  • the terminal 30 acquires the user's face image and IC chip information, and transmits these information to the business management server 20 (step S01).
  • the business management server 20 generates an authentication request using the acquired face image and IC chip information, and sends the authentication request to the authentication server 10 (step S02).
  • the authentication server 10 confirms the "authentication type ID" included in the authentication request, and determines the authentication method that needs to be executed (step S03).
  • the authentication server 10 executes the determined authentication method (execution of authentication; step S04). Specifically, when the authentication request 1 is received, the authentication server 10 executes biometric authentication and electronic authentication. When the authentication request 2 is received, the authentication server 10 executes electronic authentication. Upon receiving the authentication request 3, the authentication server 10 executes biometric authentication.
  • the authentication server 10 generates an authentication result and sends it to the business management server 20 (step S05).
  • the service provider (terminal 30, business management server 20) provides the service to the user (step S06).
  • the authentication server 10 processes an authentication request from a service provider.
  • the authentication server 10 can process an authentication request that simultaneously requests biometric authentication and electronic authentication of the person to be authenticated.
  • the service provider does not need to take measures such as the staff or the like comparing the face of the user with the face written on the ID card. Since the validity of the identification card is guaranteed by the electronic authentication using the electronic information, the service provider can provide the service to the user based on the highly reliable and reliable information. That is, in the authentication system according to the first embodiment, it is not necessary for the staff or the like to compare faces and determine whether or not the identification card is correct.
  • two identity verifications identification verifications
  • two identity verifications can be performed in parallel, so that efficient identity verification using an identification card is realized.
  • the authentication server 10 can respond to various requests (biometric authentication and electronic authentication request, electronic authentication limited request, biometric limited limited request), it is flexible according to the type of business, business type, etc. of each of the plurality of service providers. Authentication services can be provided.
  • the service provider sends an authentication request suitable for its own industry and business type to the authentication server 10 and the authentication server 10 responds to the request.
  • biometric authentication and electronic authentication are required but either authentication can be omitted.
  • the above two certifications are required at the time of the first medical examination, but it is conceivable to omit the electronic certification within the same month.
  • the configuration of the authentication system according to the second embodiment can be the same as that of the first embodiment, the description corresponding to FIG. 2 will be omitted. Further, since the processing configuration of the authentication server 10, the business management server 20, and the terminal 30 according to the second embodiment can be the same as that of the first embodiment, the description thereof will be omitted.
  • the service provider pre-registers an authentication policy that defines how the authentication server 10 processes the authentication request transmitted by itself in the authentication server 10.
  • the service provider S1 requests biometric authentication and electronic authentication (sends authentication request 1 to authentication server 1).
  • the service provider S1 registers in the authentication server 10 an authentication policy that requires the execution of each of biometric authentication and electronic authentication each time the authentication request is received.
  • the service provider S2 also requests biometric authentication and electronic authentication from the authentication server 10 in the same manner as the service provider S1.
  • the service provider S2 requires that biometric authentication be executed each time the authentication request is received, while the electronic authentication requires authentication once within the same month. To register with.
  • the service provider can also register the same authentication policy in the authentication server 10 even when requesting only one of biometric authentication and electronic authentication. For example, the service provider requests electronic authentication (authentication request 2 is transmitted to the authentication server 10). The service provider can also register an authentication policy that executes electronic authentication once a month in the authentication server 10 regarding the processing of the authentication request 2.
  • the service provider may register the authentication policy in the authentication server 10 by any method.
  • the certification policy may be registered when the service provider participates in the certification system, or the person in charge of the service provider may visit the certification center and register the certification policy.
  • the service provider may notify (input) the assigned service provider ID and the authentication policy to the authentication server 10.
  • the authentication server 10 stores the authentication policy for each service provider.
  • the authentication server 10 includes an authentication policy database for storing authentication policies (see FIG. 15).
  • the authentication policy database stores the ID of the service provider and the authentication policy in association with each other.
  • the authentication request processing unit 402 processes the authentication request based on the authentication policy defined by the service provider as the authentication request processing method.
  • the operation of the authentication request processing unit 402 will be described with reference to the drawings.
  • FIG. 16 is a flowchart showing an example of the operation of the authentication server 10 according to the second embodiment. With reference to FIG. 16, the operation of the authentication request processing unit 402 will be mainly described.
  • the authentication request processing unit 402 Upon receiving the authentication request from the business management server 20, the authentication request processing unit 402 generates a user ID of the person to be authenticated (step S101).
  • the authentication request processing unit 402 searches the authentication history database using the generated user ID as a key (step S102).
  • the authenticated person is a user who has been authenticated in the past (hereinafter referred to as an existing authenticated person) or a user who is newly authenticated (hereinafter referred to as a new authenticated person) by the search. (Indicated as a person)).
  • the authentication request processing unit 402 determines that the authenticated person is an "existing authenticated person”. If the entry corresponding to the generated user ID does not exist in the authentication history database, the authentication request processing unit 402 determines that the authenticated person is a "new authenticated person”.
  • the authentication request processing unit 402 executes the process described in the first embodiment. That is, the authentication request processing unit 402 executes the authentication process according to the type of the authentication request (step S104).
  • the authentication request processing unit 402 searches the authentication policy database using the service provider ID acquired together with the authentication request as a key, and obtains the corresponding authentication policy. Specify (step S105).
  • the authentication request processing unit 402 determines whether or not each of biometric authentication and electronic authentication for the person to be authenticated (existing person to be authenticated) needs to be executed (step S106). Specifically, the authentication request processing unit 402 biometrically authenticates based on the authentication policy of the service provider (the service provider that is the sender of the authentication request) and the authentication history of the existing authenticated person obtained from the authentication history database. And, it is judged whether or not the electronic authentication needs to be executed.
  • the authentication request processing unit 402 performs the authentication history of the person to be authenticated. It is determined that two authentications are executed regardless of the above.
  • the authentication request processing unit 402 determines whether or not to execute the electronic authentication based on the authentication policy and the electronic authentication history stored in the authentication history database.
  • the authentication request processing unit 402 executes authentication (biometric authentication, electronic authentication) determined to be necessary (step S107).
  • the authentication request processing unit 402 transmits the authentication result to the business management server 20 (step S108). If the authentication is not performed according to the authentication policy, the authentication request processing unit 402 treats the unexecuted authentication according to the authentication policy as "authentication success” and generates the authentication result (authentication success, authentication failure) for the authentication request. Just do it. Alternatively, the authentication request processing unit 402 may notify the business management server 20 of an authentication method that has not been implemented according to the authentication policy.
  • the authentication system according to the second embodiment can meet the complicated demands of the service provider by using the authentication policy. That is, the service provider does not need to manage the user's authentication status (authentication history), and by transmitting the user's biometric information and electronic information to the authentication server 10, the minimum required for providing his / her own service. Limited authentication can be performed. Further, in the second embodiment, since the data transmission / reception between the authentication server 10 and the verification server 40 is reduced, it is possible to suppress the frequent transmission / reception of highly confidential information such as a digital certificate.
  • different types of authentication requests may be sent from the same service provider to the certification center.
  • the service provider is a casino operator.
  • a terminal 30 is installed at the entrance / exit to the casino, and a user who has passed biometric authentication and electronic authentication can enter.
  • shops and the like are set up in various places in the casino, and biometric authentication is used to settle the purchase of goods at the shops.
  • the third embodiment describes a case where a plurality of types of authentication requests are transmitted to the authentication server 10 as in a casino.
  • the configuration of the authentication system according to the third embodiment can be the same as that of the first embodiment, the description corresponding to FIG. 2 will be omitted. Further, since the processing configuration of the authentication server 10, the business management server 20, and the terminal 30 according to the third embodiment can be the same as that of the first embodiment, the description thereof will be omitted.
  • the service provider registers the authentication policy including the matters accompanying the authentication in the authentication server 10 in addition to the policy regarding the implementation of the authentication (biometric authentication, electronic authentication).
  • the authentication server 10 provides an authentication service as required by the casino operator or the like by performing an operation according to the authentication policy.
  • the service provider registers the following authentication policy 1 regarding authentication request 1.
  • the biometric information of the successful authentication person and the personal information are associated and stored in the biometric information database.
  • the personal information in this case includes credit information for payment (for example, bank account, credit card information).
  • the service provider registers the following authentication policy 2 regarding the authentication request 3.
  • the authentication request processing unit 402 Upon receiving the authentication request from the business management server 20, the authentication request processing unit 402 according to the third embodiment acquires the service provider ID.
  • the authentication request processing unit 402 refers to the authentication policy database using the service provider ID and acquires the corresponding authentication policy.
  • the authentication request processing unit 402 executes the process according to the "authentication policy 1".
  • the authentication request processing unit 402 executes biometric authentication and electronic authentication.
  • the authentication request processing unit 402 notifies the business management server 20 of the authentication result. If both authentications are successful, the authentication request processing unit 402 associates the face image (photographed face image and / or chip face image) of the successful authentication person acquired from the business management server 20 with the personal information. Store in the biometric information database (see FIG. 17).
  • the authentication request processing unit 402 executes the process according to the "authentication policy 2".
  • the authentication request processing unit 402 executes biometric authentication.
  • the authentication request processing unit 402 (biometric authentication unit 411) sets the face image acquired from the business management server 20 on the collation side and the face image registered in the biometric information database on the registration side, respectively, and performs 1-to-N collation.
  • the biometric authentication unit 411 identifies the face image of the registration side having the similarity between the collation side and the registration side at a predetermined value or more and has the highest similarity, and acquires the corresponding personal information.
  • the authentication request processing unit 402 calculates the feature amount from the face image and calculates the similarity (distance) between the feature amounts.
  • the authentication request processing unit 402 transmits the personal information of the successful authentication person to the business management server 20.
  • the business management server 20 provides a service to a successful authentication person using the acquired personal information. For example, the business management server 20 performs payment processing using credit information registered as personal information.
  • the operation according to the third embodiment will be specifically described with reference to FIG. Note that the business management server 20 is not shown in FIG.
  • the authentication terminal 30 and the authentication server 10 transmit and receive data via the business management server 20.
  • User U1 presents an ID card to the terminal 30-3 installed at the entrance of a casino or the like.
  • the user U1 operates the terminal 30-3 to input personal information (credit information).
  • the personal information may be input using a terminal such as a smartphone of the user U1.
  • personal information may be input to the terminal 30-3 by presenting the two-dimensional bar code including the personal information to the terminal 30-3.
  • the terminal 30-3 transmits the face image, IC chip information, and personal information of the user U1 to the business management server 20.
  • the business management server 20 transmits the authentication request 1 including the face image, the digital certificate, and the personal information acquired from the terminals 30-3 to the authentication server 10.
  • the authentication server 10 stores the face image of the successful authentication person (user U1) and personal information in the biometric information database in association with each other.
  • the authentication server 10 notifies the service provider (business management server 20, terminal 30-3) of the success of the authentication. Upon receiving the successful authentication, the terminal 30-3 opens the gate and allows the user U1 to enter.
  • User U1 moves to the casino and pays for the purchased product at the terminal 30-4 installed at the shop.
  • the terminal 30-4 acquires the face image of the user U1 and sends it to the business management server 20.
  • the business management server 20 transmits an authentication request 3 including a face image of the user U1 to the authentication server 10.
  • the authentication server 10 identifies the personal information of the user U1 by biometric authentication. More specifically, the authentication server 10 executes 1-to-N collation using the face image registered in the biological information database and the face image extracted from the authentication request 3, and identifies the personal information of the user U1.
  • the authentication server 10 transmits the specified personal information (credit information) to the service provider (business management server 20, authentication terminal 30-4).
  • the service provider completes the payment processing of the user U1 using the acquired personal information.
  • the authentication server 10 is required to perform biometric authentication and electronic authentication by a service provider that sends different types of authentication requests.
  • the authentication server 10 stores the biometric information of the successful authentication person and the personal information (credit information) in the biometric information database in association with each other.
  • the authentication server 10 performs a one-to-N verification using the biometric information stored in the biometric information database and the biometric information of the authenticated person to perform the individual authentication of the authenticated person. Identify the information.
  • the authentication server 10 transmits the specified personal information to the service provider.
  • the service provider can realize the required authentication without being aware of the specific content of the authentication process. That is, in the third embodiment, the authentication terminal 30 installed at the entrance is set to transmit the authentication request 1 and the authentication terminal 30 installed at the shop is set to transmit the authentication request 3, as in the casino hall. It is possible to provide an authentication service suitable for the service provider.
  • FIG. 19 is a diagram showing an example of the hardware configuration of the authentication server 10.
  • the authentication server 10 can be configured by an information processing device (so-called computer), and includes the configuration illustrated in FIG.
  • the authentication server 10 includes a processor 311, a memory 312, an input / output interface 313, a communication interface 314, and the like.
  • the components such as the processor 311 are connected by an internal bus or the like and are configured to be able to communicate with each other.
  • the configuration shown in FIG. 19 does not mean to limit the hardware configuration of the authentication server 10.
  • the authentication server 10 may include hardware (not shown). Further, the number of processors 311 and the like included in the authentication server 10 is not limited to the example shown in FIG. 19, and for example, a plurality of processors 311 may be included in the authentication server 10.
  • the processor 311 is a programmable device such as a CPU (Central Processing Unit), an MPU (Micro Processing Unit), and a DSP (Digital Signal Processor). Alternatively, the processor 311 may be a device such as an FPGA (Field Programmable Gate Array) or an ASIC (Application Specific Integrated Circuit). The processor 311 executes various programs including an operating system (OS).
  • OS operating system
  • the memory 312 is a RAM (RandomAccessMemory), a ROM (ReadOnlyMemory), an HDD (HardDiskDrive), an SSD (SolidStateDrive), or the like.
  • the memory 312 stores an OS program, an application program, and various data.
  • the input / output interface 313 is an interface of a display device or an input device (not shown).
  • the display device is, for example, a liquid crystal display or the like.
  • the input device is, for example, a device that accepts user operations such as a keyboard and a mouse.
  • the communication interface 314 is a circuit, module, etc. that communicates with other devices.
  • the communication interface 314 includes a wireless communication circuit, a NIC (Network Interface Card), and the like.
  • the function of the authentication server 10 is realized by various processing modules.
  • the processing module is realized, for example, by the processor 311 executing a program stored in the memory 312.
  • the program can also be recorded on a computer-readable storage medium.
  • the storage medium may be a non-transient such as a semiconductor memory, a hard disk, a magnetic recording medium, or an optical recording medium. That is, the present invention can also be embodied as a computer program product. Further, the above program can be downloaded via a network or updated by using a storage medium in which the program is stored. Further, the processing module may be realized by a semiconductor chip.
  • the business management server 20, the terminal 30, and the like can also be configured by the information processing device in the same manner as the authentication server 10, and the basic hardware configuration thereof is not different from that of the authentication server 10, so the description thereof will be omitted.
  • the terminal 30 may be provided with a camera for photographing a user or a card reader for reading information from an IC chip.
  • the authentication server 10 is equipped with a computer, and the function of the authentication server 10 can be realized by causing the computer to execute a program. Further, the authentication server 10 executes the authentication request processing method by the program.
  • the case where the user who receives the service visits the service provider and presents the identification card is mainly described.
  • the disclosure of the present application can be applied even when the user receives the service via the WEB (web) page or the like.
  • the user takes a face image of himself / herself using a terminal such as a smartphone, and registers the face image on the WEB page.
  • the user may input the IC chip information read from the IC chip of the identification card into the WEB page using a card reader.
  • the disclosure of this application is intended for any identification card that stores electronic information.
  • a driver's license equipped with an IC chip may be used as an identification card, or an identification card for certifying a specific qualification (for example, a doctor) may be used.
  • an IC chip is mounted on an identification card such as an SNN (Social Security Number) card in the United States, the card can also be used as the identification card disclosed in the present application.
  • SNN Social Security Number
  • the information used for electronic authentication is not limited to the electronic certificate, and the electronic signature may be used for the electronic authentication.
  • the authentication server 10 receives an authentication request including an electronic signature extracted from the IC chip of the driver's license, the authentication server 10 acquires information for verifying the electronic signature from an external server. Specifically, the authentication server 10 acquires the public key of the signer of the electronic signature (the issuer of the driver's license). When the authentication server 10 succeeds in verifying the electronic signature using the acquired information (public key), the authentication server 10 determines that the electronic authentication is successful.
  • the authentication server 10 can perform electronic authentication using the information taken out from the IC chip of the identification card. be.
  • the authentication server 10 may perform electronic authentication by inquiring an external server about the validity of the passport number and the like.
  • the biometric information related to the "face image” is transmitted from the business management server 20 to the authentication server 10 has been described.
  • the biometric information related to the "feature amount generated from the face image” may be transmitted from the business management server 20 to the authentication server 10.
  • the authentication server 10 generates a feature amount corresponding to the chip face image from the photographed face image and performs biometric authentication (1). One-to-one matching) may be executed.
  • the plurality of authentication terminals 30 owned by the service provider do not have to be installed on the same site, building, or the like. If the service providers are common, each authentication terminal 30 may be installed in a spatially separated place.
  • the business management server 20 may generate a user ID, and the generated user ID may be notified to the authentication server 10.
  • the business management server 20 may generate a user ID from the basic 4 information. In this case, frequent transmission / reception of personal information can be suppressed.
  • the authentication server 10 notifies only the fact to the business management server 20 when the authentication fails.
  • the authentication server 10 may also notify the business management server 20 of the reason why the authentication has failed.
  • the authentication server 10 may notify the business management server 20 of the type (biometric authentication, electronic authentication) for which authentication has failed.
  • the authentication server 10 may notify the business management server 20 of the reason for the failure of the electronic authentication (for example, the validity period of the electronic certificate has expired).
  • the service provider may notify the user of the reason why the authentication fails.
  • the terminal 30 may display so that the reason why the user cannot receive the service can be intuitively grasped. For example, the terminal 30 clearly informs the user whether the service cannot be provided due to an incorrect password or whether the service cannot be provided because the validity period of the identification card has expired. May be provided.
  • the authentication server 10 may notify the business management server 20 of the fact when the validity period is about to expire.
  • the service provider may notify the user of the fact that the validity period of the digital certificate is about to expire.
  • the case where the user inputs the password for reading the digital certificate has been described.
  • the user can omit the input of the password.
  • the user registers his / her face image and the above password in the authentication server 10.
  • the terminal 30 transmits the photographed face image and the IC chip information to the business management server 20.
  • the business management server 20 transmits the photographed face image to the authentication server 10.
  • the authentication server 10 executes collation (one-to-N collation) using the face image registered in advance and the photographed face image acquired via the business management server 20, and identifies the corresponding password.
  • the authentication server 10 transmits the specified password to the business management server 20.
  • the business management server 20 retrieves the digital certificate using the acquired password.
  • the business management server 20 may transmit the authentication request 1 or the authentication request 2 described above.
  • the business management server 20 may store the user's biometric information and the password in association with each other.
  • the business management server 20 can acquire the digital certificate without obtaining the password for extracting the digital certificate from the authentication server 10. That is, when the authentication request 2 is transmitted, if the biometric authentication by the service provider on the edge side is successful, the business management server 20 can read the electronic certificate without acquiring the password from the user.
  • the authentication server 10 may check the authentication history periodically or at a predetermined timing, and notify the service provider (business management server 20) of various information according to the result. For example, the authentication server 10 uses a successful authentication person (user who has entered the casino) according to the authentication request 1 after a predetermined time (for example, 24 hours) has elapsed after processing the authentication request 1 from the casino. The person ID may be notified to the business management server 20. The casino operator may urge the corresponding user (the user who has passed 24 hours after entering the casino) to leave and re-enter in response to the notification. Alternatively, the authentication server 10 may again request the user who has passed a predetermined period of time after entering the casino to perform biometric authentication and electronic authentication by presenting an identification card.
  • a predetermined time for example, 24 hours
  • the authentication server 10 notifies the service provider (business management server 20) of the above fact (a predetermined period has passed since the entrance to the casino) and the user ID of the user. Even if the service provider (business management server 20) instructs (notifies) the user corresponding to the notified user ID to leave the casino once and move to the authentication terminal 30 at the entrance. good. Alternatively, the service provider may instruct the user to move to the authentication terminal 30 installed inside the casino. The user may present the identification card at the instructed authentication terminal 30 and receive biometric authentication and electronic authentication again.
  • the authentication server 10 may use the result (authentication history) of processing the authentication request from another service provider. For example, in the example of FIG. 13, consider the case where the authentication server 10 receives the authentication request 1 from the service provider S2. In this case, if the month including the authentication request date is "July 2020", the user (use) because the immediately preceding electronic authentication date and the authentication request date are not within the same month according to the authentication policy of the service provider S2. Electronic authentication of the user whose personal ID is ID 11) is executed. However, since the electronic authentication by the service provider S1 of the user has already been executed and succeeded in "July 2020", the authentication server 10 has "the immediately preceding electronic authentication date and the authentication request date" due to the fact. It is also possible to omit the electronic authentication by judging that it is within the same month.
  • the service provider registers its own authentication policy in the authentication server 10 in advance.
  • the service provider may send the authentication policy to the authentication server 10 together with the authentication request. With such a response, even if the authentication policy of the service provider is changed, it is possible to change the processing method of the authentication request without requiring any procedure.
  • the authentication request may be extended to realize the request of the service provider.
  • the authentication server 10 processes an authentication request whose authentication type is set to "4" according to the contents of the authentication policy 1 described above.
  • the authentication server 10 processes the authentication request whose authentication type is set to "5" according to the contents of the authentication policy 2 described above.
  • the third embodiment may be applied to the provision of services related to preferential treatment regarding the use of transportation by the local government to the elderly and persons with disabilities.
  • the service provider local government
  • the transportation provides biometric information (photographed face image, chip face image) of the user to the business management server 20.
  • the business management server 20 requests the authentication server 10 to authenticate the biometric information.
  • the business management server 20 manages the use of the welfare pass according to the result of biometric authentication.
  • biometric authentication is executed only within the same month, and electronic authentication is omitted. good.
  • the authentication server 10 may change the request destination for electronic verification or the like according to the type of the presented identification card (IC chip information acquired from the service provider). That is, the authentication system may include a plurality of external servers 50 as shown in FIG.
  • the authentication server 10 (electronic authentication unit 412) may switch the external server 50 to be accessed according to the type of the identification card presented by the user to the service provider.
  • the authentication server 10 may determine the type of the identification card presented from the information (for example, an electronic certificate) acquired from the business management server 20, or the type of the identification card presented by the business management server 20. May be notified to the authentication server 10.
  • the authentication server 10 when a plurality of external servers 50 are included performs the operation as shown in FIG. 21.
  • the authentication server 10 acquires information regarding the identification card acquired from the service provider (step S201).
  • the authentication server 10 specifies the type of the acquired identification card (step S202).
  • the authentication server 10 selects an external server 50 (verification server) to be accessed according to the type of the specified identification card (step S203).
  • the authentication server 10 accesses the selected external server 50 and performs electronic authentication suitable for the specified identification card (step S204).
  • the authentication server 10 may store the authentication history for each identification card. More specifically, the authentication server 10 may store and manage the successful date and time of electronic authentication for each identification card (or for each external server 50).
  • the certification center can request the service provider that provided the certification service to pay the fee. At that time, the certification center may change the amount to be charged according to the type of service provider (public institution or private operator) and industry (financial industry, retail industry, etc.).
  • the form of data transmission / reception between each device is not particularly limited, but the data transmitted / received between these devices may be encrypted.
  • Biometric information is transmitted and received between these devices, and it is desirable that encrypted data be transmitted and received in order to appropriately protect the biometric information.
  • each embodiment may be used alone or in combination. For example, it is possible to replace a part of the configuration of the embodiment with the configuration of another embodiment, or to add the configuration of another embodiment to the configuration of the embodiment. Further, it is possible to add, delete, or replace a part of the configuration of the embodiment with another configuration.
  • the present invention is suitably applicable to an authentication system or the like for identity verification using an identification card.
  • [Appendix 1] A receiver that receives an authentication request from a service provider regarding a person to be authenticated who presents an ID card.
  • An authentication request processing unit that processes the authentication request by executing biometric authentication using the biometric information of the person to be authenticated and electronic authentication using the electronic information extracted from the identification card.
  • a transmission unit that transmits authentication results according to the results of the biometric authentication and the electronic authentication to the service provider, and An authentication server.
  • [Appendix 3] The authentication server according to Appendix 1 or 2, wherein the authentication request processing unit executes one-to-one collation using the biometric information of the person to be authenticated and the biometric information extracted from the identification card as the biometric authentication.
  • the authentication request processing unit If the electronic information is an electronic certificate, the authentication request processing unit requests an external server to verify the electronic certificate, and if the verification result is successful, it is determined that the electronic authentication is successful.
  • [Appendix 5] The authentication server according to any one of Supplementary note 1 to 4, further comprising an authentication history database that stores the history of successful authentication for each of the biometric authentication and the electronic authentication for each service provider.
  • [Appendix 6] The authentication server according to Appendix 5, wherein the authentication request processing unit processes the authentication request based on the authentication policy defined by the service provider for the processing method of the authentication request.
  • [Appendix 7] The authentication server according to Appendix 6, further comprising an authentication policy database that stores the ID of the service provider in association with the authentication policy.
  • [Appendix 8] The authentication server according to Appendix 7, wherein the authentication request processing unit determines whether or not to execute the electronic authentication based on the authentication policy and the history of the electronic authentication stored in the authentication history database.
  • the authentication request processing unit is If the service provider who sends a different type of authentication request requests the biometric authentication and the electronic authentication, and the biometric authentication and the electronic authentication are successful, the biometric information and the individual of the authentication successful person.
  • the information is associated and stored in the biometric information database,
  • the biometric authentication is requested by the service provider who sends the different type of authentication request, a pair using the biometric information stored in the biometric information database and the biometric information of the person to be authenticated.
  • the personal information of the person to be authenticated is identified by N collation,
  • the transmitter is The authentication server according to any one of Supplementary note 1 to 8, which transmits the specified personal information to the service provider that transmits the authentication request of the different type.
  • the authentication request processing unit executes the biometric authentication using the face image of the person to be authenticated and the face image extracted from the IC chip of the identification card, and also uses the electronic certificate stored in the IC chip.
  • the authentication server according to Appendix 9, which is used to perform the electronic authentication.
  • the electronic information is an electronic signature
  • the authentication request processing unit acquires information for verifying the electronic signature from an external server, and when the verification of the electronic signature is successful, the electronic authentication is performed.
  • the authentication server according to any one of Supplementary note 1 to 3, which is determined to be successful.
  • a business management server that sends an authentication request for a person to be authenticated who presents an ID card
  • the authentication server connected to the business management server and Including The authentication server is The receiver that receives the authentication request and An authentication request processing unit that processes the authentication request by executing biometric authentication using the biometric information of the person to be authenticated and electronic authentication using the electronic information extracted from the identification card.
  • a transmission unit that transmits authentication results according to the results of the biometric authentication and the electronic authentication to the business management server.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Collating Specific Patterns (AREA)

Abstract

Provided is an authentication server (10) that efficiently performs identity verification using an identification card. The authentication server (10) is provided with: a reception unit (101); an authentication request processing unit (102); and a transmission unit (103). The reception unit (101) receives, from a service provider, an authentication request regarding a to-be-authenticated person who presents an identification card. The authentication request processing unit (102) processes the authentication request by executing biometric authentication using biological information about the to-be-authenticated person and electronic authentication using electronic information extracted from the identification card. The transmission unit (103) transmits the authentication result based on the results of the biometric authentication and the electronic authentication.

Description

認証サーバ、認証システム、認証要求処理方法及び記憶媒体Authentication server, authentication system, authentication request processing method and storage medium
 本発明は、認証サーバ、認証システム、認証要求処理方法及び記憶媒体に関する。 The present invention relates to an authentication server, an authentication system, an authentication request processing method, and a storage medium.
 自治体等が住民にサービスを提供する際には、厳格な本人確認が求められることも多い。例えば、補助金等の支払い業務等においては、不正受給を防止する観点から厳格な本人確認が必要となる。 When local governments provide services to residents, strict identity verification is often required. For example, in the payment business of subsidies, etc., strict identity verification is required from the viewpoint of preventing illegal receipt.
 特許文献1には、自治体職員等の負担を軽減するための技術が開示されている。特許文献1には、窓口に訪れた申請者によるカナ氏名および生年月日の入力により、マイナンバーカードなどの個人認証カードを不要とし、かつ、窓口担当者のデータ入力を不要とする、行政関連の証明書類の申請を支援するシステムを提供する、と記載されている。 Patent Document 1 discloses a technique for reducing the burden on local government employees and the like. In Patent Document 1, the personal authentication card such as My Number Card is not required by the applicant who visited the counter by inputting the name and date of birth, and the data input of the person in charge of the counter is not required. It is stated that it will provide a system to support the application of certificates.
特開2020-024479号公報Japanese Unexamined Patent Publication No. 2020-024479
 上述のように、マイナンバーカード等の身分証明書を用いた本人確認が行われる。ここで、当該身分証明書を用いた本人確認には、証明書の発行を受けた利用者が正しい証明書を提示していること、提示された身分証明書が真正なものであること、といった確認が必要である。 As mentioned above, identity verification is performed using an ID card such as My Number Card. Here, in order to verify the identity using the identification card, the user who has been issued the certificate presents the correct certificate, and the presented identification card is genuine. Confirmation is required.
 このような本人確認を自治体職員が行うと、短時間で大量の業務を処理する必要のある状況下等において職員の負担が増加する。あるいは、短時間で大量の業務が処理されないので、利用者の利便性が低下する。 If such identity verification is performed by a local government employee, the burden on the employee will increase in situations where it is necessary to process a large amount of work in a short time. Alternatively, since a large amount of work is not processed in a short time, the convenience of the user is reduced.
 本発明は、身分証明書を用いた本人確認を効率的に行うことに寄与する、認証サーバ、認証システム、認証要求処理方法及び記憶媒体を提供することを主たる目的とする。 The main object of the present invention is to provide an authentication server, an authentication system, an authentication request processing method, and a storage medium that contribute to efficient identity verification using an identification card.
 本発明の第1の視点によれば、身分証明書を提示する被認証者に関する認証要求をサービス事業者から受信する、受信部と、前記被認証者の生体情報を用いた生体認証と、前記身分証明書から抽出された電子的な情報を用いた電子認証と、を実行することで前記認証要求を処理する、認証要求処理部と、前記生体認証及び前記電子認証の結果に応じた認証結果を前記サービス事業者に送信する、送信部と、を備える、認証サーバが提供される。 According to the first aspect of the present invention, the receiving unit that receives the authentication request regarding the authenticated person presenting the identification certificate from the service provider, the biometric authentication using the biometric information of the authenticated person, and the above-mentioned An authentication request processing unit that processes the authentication request by executing electronic authentication using electronic information extracted from the identification certificate, and an authentication result according to the result of the biometric authentication and the electronic authentication. Is provided with an authentication server comprising a transmission unit that transmits the above to the service provider.
 本発明の第2の視点によれば、身分証明書を提示する被認証者に関する認証要求を送信する、業務管理サーバと、前記業務管理サーバと接続された認証サーバと、を含み、前記認証サーバは、前記認証要求を受信する、受信部と、前記被認証者の生体情報を用いた生体認証と、前記身分証明書から抽出された電子的な情報を用いた電子認証と、を実行することで前記認証要求を処理する、認証要求処理部と、前記生体認証及び前記電子認証の結果に応じた認証結果を前記業務管理サーバに送信する、送信部と、を備える、認証システムが提供される。 According to the second aspect of the present invention, the authentication server includes a business management server and an authentication server connected to the business management server, which sends an authentication request for an authenticated person presenting an identification card. Is to execute the receiving unit that receives the authentication request, the bioauthentication using the biometric information of the person to be authenticated, and the electronic authentication using the electronic information extracted from the identification certificate. Provided is an authentication system including an authentication request processing unit that processes the authentication request and a transmission unit that transmits the authentication result according to the result of the biometric authentication and the electronic authentication to the business management server. ..
 本発明の第3の視点によれば、認証サーバにおいて、身分証明書を提示する被認証者に関する認証要求をサービス事業者から受信し、前記被認証者の生体情報を用いた生体認証と、前記身分証明書から抽出された電子的な情報を用いた電子認証と、を実行することで前記認証要求を処理し、前記生体認証及び前記電子認証の結果に応じた認証結果を前記サービス事業者に送信する、認証要求処理方法が提供される。 According to the third viewpoint of the present invention, the authentication server receives an authentication request regarding the authenticated person presenting the identification certificate from the service provider, and the biometric authentication using the biometric information of the authenticated person is described. By executing electronic authentication using electronic information extracted from the identification certificate, the authentication request is processed, and the authentication result according to the result of the bioauthentication and the electronic authentication is given to the service provider. An authentication request processing method to be sent is provided.
 本発明の第4の視点によれば、認証サーバに搭載されたコンピュータに、身分証明書を提示する被認証者に関する認証要求をサービス事業者から受信する処理と、前記被認証者の生体情報を用いた生体認証と、前記身分証明書から抽出された電子的な情報を用いた電子認証と、を実行する処理と、前記生体認証及び前記電子認証の結果に応じた認証結果を前記サービス事業者に送信する処理と、を実行させるためのプログラムを記憶する、コンピュータ読取可能な記憶媒体が提供される。 According to the fourth viewpoint of the present invention, the processing of receiving the authentication request regarding the authenticated person presenting the identification card from the service provider and the biometric information of the authenticated person are transmitted to the computer mounted on the authentication server. The service provider performs a process of executing the bioauthentication used and the electronic authentication using the electronic information extracted from the identification certificate, and the authentication result according to the bioauthentication and the result of the electronic authentication. A computer-readable storage medium is provided that stores the process of sending to and the program for executing.
 本発明の各視点によれば、身分証明書を用いた本人確認を効率的に行うことに寄与する、認証サーバ、認証システム、認証要求処理方法及び記憶媒体が提供される。なお、本発明の効果は上記に限定されない。本発明により、当該効果の代わりに、又は当該効果と共に、他の効果が奏されてもよい。 According to each viewpoint of the present invention, an authentication server, an authentication system, an authentication request processing method, and a storage medium that contribute to efficient identity verification using an identification card are provided. The effect of the present invention is not limited to the above. According to the present invention, other effects may be produced in place of or in combination with the effect.
一実施形態の概要を説明するための図である。It is a figure for demonstrating the outline of one Embodiment. 第1の実施形態に係る認証システムの概略構成の一例を示す図である。It is a figure which shows an example of the schematic structure of the authentication system which concerns on 1st Embodiment. 第1の実施形態に係る認証システムの動作概略を説明するための図である。It is a figure for demonstrating the operation outline of the authentication system which concerns on 1st Embodiment. 第1の実施形態に係る認証システムの動作概略を説明するための図である。It is a figure for demonstrating the operation outline of the authentication system which concerns on 1st Embodiment. 第1の実施形態に係る認証システムの動作概略を説明するための図である。It is a figure for demonstrating the operation outline of the authentication system which concerns on 1st Embodiment. 第1の実施形態に係る端末の処理構成の一例を示す図である。It is a figure which shows an example of the processing structure of the terminal which concerns on 1st Embodiment. 第1の実施形態に係る利用者情報取得部の動作を説明するための図である。It is a figure for demonstrating the operation of the user information acquisition part which concerns on 1st Embodiment. 第1の実施形態に係る利用者情報取得部の動作を説明するための図である。It is a figure for demonstrating the operation of the user information acquisition part which concerns on 1st Embodiment. 第1の実施形態に係る業務管理サーバの処理構成の一例を示す図である。It is a figure which shows an example of the processing configuration of the business management server which concerns on 1st Embodiment. 第1の実施形態に係る認証要求の一例を示す図である。It is a figure which shows an example of the authentication request which concerns on 1st Embodiment. 第1の実施形態に係る業務管理データベースの一例を示す図である。It is a figure which shows an example of the business management database which concerns on 1st Embodiment. 第1の実施形態に係る認証サーバの処理構成の一例を示す図である。It is a figure which shows an example of the processing configuration of the authentication server which concerns on 1st Embodiment. 第1の実施形態に係る認証履歴データベースの一例を示す図である。It is a figure which shows an example of the authentication history database which concerns on 1st Embodiment. 第1の実施形態に係る認証システムの動作の一例を示すシーケンス図である。It is a sequence diagram which shows an example of the operation of the authentication system which concerns on 1st Embodiment. 第2の実施形態に係る認証ポリシデータベースの一例を示す図である。It is a figure which shows an example of the authentication policy database which concerns on 2nd Embodiment. 第2の実施形態に係る認証サーバの動作の一例を示すフローチャートである。It is a flowchart which shows an example of the operation of the authentication server which concerns on 2nd Embodiment. 第3の実施形態に係る生体情報データベースの一例を示す図である。It is a figure which shows an example of the biological information database which concerns on 3rd Embodiment. 第3の実施形態に係る認証システムの動作を説明するための図である。It is a figure for demonstrating the operation of the authentication system which concerns on 3rd Embodiment. 認証サーバのハードウェア構成の一例を示す図である。It is a figure which shows an example of the hardware configuration of an authentication server. 本願開示の変形例に係る認証システムの概略構成の一例を示す図である。It is a figure which shows an example of the schematic structure of the authentication system which concerns on the modification of the present disclosure. 本願開示の変形例に係る認証サーバの動作の一例を示すフローチャートである。It is a flowchart which shows an example of the operation of the authentication server which concerns on the modification of the present disclosure.
 はじめに、一実施形態の概要について説明する。なお、この概要に付記した図面参照符号は、理解を助けるための一例として各要素に便宜上付記したものであり、この概要の記載はなんらの限定を意図するものではない。また、特段の釈明がない場合には、各図面に記載されたブロックはハードウェア単位の構成ではなく、機能単位の構成を表す。各図におけるブロック間の接続線は、双方向及び単方向の双方を含む。一方向矢印については、主たる信号(データ)の流れを模式的に示すものであり、双方向性を排除するものではない。なお、本明細書及び図面において、同様に説明されることが可能な要素については、同一の符号を付することにより重複説明が省略され得る。 First, the outline of one embodiment will be explained. It should be noted that the drawing reference reference numerals added to this outline are added to each element for convenience as an example for assisting understanding, and the description of this outline is not intended to limit anything. Further, unless otherwise specified, the blocks described in each drawing represent not the configuration of hardware units but the configuration of functional units. Connection lines between blocks in each figure include both bidirectional and unidirectional. The one-way arrow schematically shows the flow of the main signal (data), and does not exclude bidirectionality. In the present specification and the drawings, the same reference numerals may be given to elements that can be similarly described, so that duplicate description may be omitted.
 一実施形態に係る認証サーバ100は、受信部101と、認証要求処理部102と、送信部103と、を備える(図1参照)。受信部101は、身分証明書を提示する被認証者に関する認証要求をサービス事業者から受信する。認証要求処理部102は、被認証者の生体情報を用いた生体認証と、身分証明書から抽出された電子的な情報を用いた電子認証と、を実行することで認証要求を処理する。送信部103は、生体認証及び電子認証の結果に応じた認証結果をサービス事業者に送信する。 The authentication server 100 according to the embodiment includes a receiving unit 101, an authentication request processing unit 102, and a transmitting unit 103 (see FIG. 1). The receiving unit 101 receives an authentication request regarding the person to be authenticated who presents the identification card from the service provider. The authentication request processing unit 102 processes the authentication request by executing biometric authentication using the biometric information of the person to be authenticated and electronic authentication using the electronic information extracted from the identification card. The transmission unit 103 transmits the authentication result according to the result of the biometric authentication and the electronic authentication to the service provider.
 認証サーバ100は、人手を介さず身分証明書を用いた2つの認証を実行する。また、2つの本人確認を並行して実施することもできるので、身分証明書を用いた効率的な本人確認が実現される。 The authentication server 100 executes two authentications using an identification card without human intervention. In addition, since two identity verifications can be performed in parallel, efficient identity verification using an identification card can be realized.
 以下に具体的な実施形態について、図面を参照してさらに詳しく説明する。 The specific embodiments will be described in more detail below with reference to the drawings.
[第1の実施形態]
 第1の実施形態について、図面を用いてより詳細に説明する。 [First Embodiment]
The first embodiment will be described in more detail with reference to the drawings.
[システムの構成]
 図2は、第1の実施形態に係る認証システムの概略構成の一例を示す図である。図2に示すように、認証システムには、複数のサービス事業者、認証センター等が含まれる。 [System configuration]
FIG. 2 is a diagram showing an example of a schematic configuration of the authentication system according to the first embodiment. As shown in FIG. 2, the authentication system includes a plurality of service providers, an authentication center, and the like.
 サービス事業者は、利用者に対して種々のサービスを提供する個人、団体、組織等である。例えば、サービス事業者として、小売業、医療業、金融業、保険業等が例示される。あるいは、サービス事業者は、市役所等の公的機関であってもよい。本願開示のサービス事業者は、「身分証明書」を提示する利用者に対してサービスを提供できればよい。 Service providers are individuals, groups, organizations, etc. that provide various services to users. For example, as a service provider, a retail business, a medical business, a financial business, an insurance business, and the like are exemplified. Alternatively, the service provider may be a public institution such as a city hall. The service provider disclosed in the present application should be able to provide the service to the user who presents the "identification card".
 民間のサービス事業者により提供されるサービスとして、病院や薬局等による医療サービスや銀行による金融サービスが例示される。あるいは、保険業者による保険サービスに本願開示が適用されてもよい。 Examples of services provided by private service providers include medical services provided by hospitals and pharmacies and financial services provided by banks. Alternatively, the disclosure of the present application may be applied to insurance services provided by an insurer.
 あるいは、サービス事業者により提供されるサービスは、自治体による補助金、給付金の支給等であってもよい。あるいは、戸籍情報から相続人を特定するようなサービスがサービス事業者から提供されてもよい。 Alternatively, the service provided by the service provider may be a subsidy, payment of benefits, etc. by the local government. Alternatively, the service provider may provide a service for identifying the heir from the family register information.
 本願開示のサービス事業者は、身元が確かな利用者に対して任意のサービスを提供する。 The service provider disclosed in this application provides arbitrary services to users whose identities are certain.
 上述のように、サービス事業者は、身分証明書を提示する利用者に対してサービスを提供する。身分証明書には、マイナンバーカード、運転免許証、パスポート等のIC(Integrated Circuit)チップを内蔵したカードが例示される。あるいは、上記ICチップが搭載された身分証明書の機能を包含するスマートフォン等が身分証明書として用いられてもよい。 As mentioned above, the service provider provides the service to the user who presents the identification card. Examples of the identification card include a card having an IC (Integrated Circuit) chip such as an Individual Number Card, a driver's license, and a passport. Alternatively, a smartphone or the like including the function of the identification card equipped with the IC chip may be used as the identification card.
 身分証明書のICチップには、公的な認証局が発行した電子証明書や公的機関が署名した電子署名等の電子的な情報が記憶されている。例えば、電子証明書や電子署名が身分証明書のICチップに格納されている。 The IC chip of the ID card stores electronic information such as an electronic certificate issued by a public certificate authority and an electronic signature signed by a public institution. For example, an electronic certificate or an electronic signature is stored in an IC chip of an identification card.
 サービス事業者は、身分証明書に基づく本人確認が完了した利用者に対してサービスを提供する。以下、身分証明書に搭載されたICチップには「電子証明書」が格納されている場合を例に取り説明を行う。 The service provider provides the service to the user who has completed the identity verification based on the ID card. Hereinafter, the case where the "electronic certificate" is stored in the IC chip mounted on the identification card will be described as an example.
 認証センターは、複数のサービス事業者に対して「認証サービス」を提供する団体、組織等により運営される。具体的には、認証センターは、上記身分証明書に基づく本人確認(本人認証)に関するサービスを提供する。 The certification center is operated by an organization or organization that provides "certification services" to multiple service providers. Specifically, the authentication center provides a service related to identity verification (identification) based on the above identification card.
 認証センターには、認証サーバ10が設置されている。認証サーバ10が、上記本人確認に関する処理を担う。認証サーバ10は、認証センターの敷地に設置されたサーバであってもよいし、クラウド上に設置されたサーバであってもよい。複数の認証サーバ10が協働して、上記本人確認を行ってもよい。 The authentication server 10 is installed in the authentication center. The authentication server 10 is responsible for the above-mentioned processing related to identity verification. The authentication server 10 may be a server installed on the site of the authentication center or a server installed on the cloud. A plurality of authentication servers 10 may cooperate to perform the above-mentioned identity verification.
 認証サーバ10は、2種類の認証方式(手段、方法)に対応した認証局である。 The authentication server 10 is a certificate authority that supports two types of authentication methods (means, method).
 第1の認証方式は、生体情報を用いた本人認証(生体認証)である。生体認証により、身分証明書を提出した利用者が正しく身分証明書の発行を受けた利用者か否か判定される。例えば、利用者Aに発行された身分証明書を利用者Bが提示した場合などは、認証失敗となる。 The first authentication method is personal authentication (biometric authentication) using biometric information. By biometric authentication, it is determined whether or not the user who submitted the identification card is the user who correctly received the issuance of the identification card. For example, if the user B presents the identification card issued to the user A, the authentication fails.
 利用者の生体情報には、例えば、顔、指紋、声紋、静脈、網膜、瞳の虹彩の模様(パターン)といった個人に固有の身体的特徴から計算されるデータ(特徴量)が例示される。あるいは、利用者の生体情報は、顔画像、指紋画像等の画像データであってもよい。利用者の生体情報は、利用者の身体的特徴を情報として含むものであればよい。本願開示では、人の「顔」に関する生体情報を用いる場合について説明する。 The biometric information of the user exemplifies data (feature amount) calculated from physical characteristics peculiar to an individual such as a face, a fingerprint, a voice print, a vein, a retina, and an iris pattern (pattern) of the pupil. Alternatively, the biometric information of the user may be image data such as a face image and a fingerprint image. The biometric information of the user may be any information that includes the physical characteristics of the user. In the disclosure of the present application, a case where biometric information regarding a person's "face" is used will be described.
 第2の認証方式は、身分証明書のICチップに格納された電子的な情報を用いた本人認証(以下、電子認証と表記する)である。電子認証により身分証明書の有効性や真正性が判定される。例えば、身分証明書には有効期間が定められており、有効期間が徒過した身分証明書を提示する利用者の認証は失敗する。また、身分証明書の記載事項(例えば、氏名や住所等)は変更になることがある。身分証明書の記載事項が変更となった場合には、利用者は、正しい内容が記載された身分証明書の発行を受ける必要がある。即ち、正しい内容が反映されていない身分証明書が提示された場合にも、当該身分証明書を提示する利用者の認証は失敗する。 The second authentication method is personal authentication (hereinafter referred to as electronic authentication) using electronic information stored in the IC chip of the identification card. Electronic authentication determines the validity and authenticity of the ID card. For example, an ID card has a defined validity period, and authentication of a user who presents an ID card whose validity period has expired fails. In addition, the items described on the ID card (for example, name, address, etc.) are subject to change. If the information on the ID card is changed, the user must be issued an ID card with the correct contents. That is, even if an identification card that does not reflect the correct content is presented, the authentication of the user presenting the identification card fails.
 第2の認証方式である電子認証は、利用者の提示する身分証明書を、当該身分証明書に含まれる電子的な情報により検証する「電子検証」と捉えることもできる。サービス事業者は、正しい情報が反映されていない身分証明書から得られる情報(例えば、住所)に基づいて業務(例えば、補助金申請)を遂行することはできない。この点で、生体認証による本人確認だけでなく、電子認証(電子検証)が必要となる。 Electronic authentication, which is the second authentication method, can also be regarded as "electronic verification" in which the identification card presented by the user is verified by the electronic information contained in the identification card. The service provider cannot perform business (for example, subsidy application) based on the information (for example, address) obtained from the identification card that does not reflect the correct information. In this respect, not only identity verification by biometric authentication but also electronic authentication (electronic verification) is required.
 サービス事業者は、上記2つの認証方式(生体認証、電子認証)のうち少なくとも1つの方式による認証を認証サーバ10に要求する。 The service provider requests the authentication server 10 to authenticate by at least one of the above two authentication methods (biometric authentication and electronic authentication).
 サービス事業者が認証サーバ10に要求する認証要求であって、生体認証及び電子認証を共に要求する認証要求を「認証要求1」と表記する。 The authentication request requested by the service provider to the authentication server 10 and requesting both biometric authentication and electronic authentication is referred to as "authentication request 1".
 サービス事業者が、電子認証による認証を要求する認証要求を「認証要求2」と表記する。 The authentication request that the service provider requests authentication by electronic authentication is referred to as "authentication request 2".
 サービス事業者が、生体認証による認証を要求する認証要求を「認証要求3」と表記する。 The authentication request that the service provider requests authentication by biometric authentication is referred to as "authentication request 3".
 認証サーバ10は、認証要求1~3のいずれかを受け付け、認証処理の結果(認証成功、認証失敗)を認証要求の送信元(サービス事業者)に送信する。認証要求1を受信した場合には、認証サーバ10は、生体認証と電子認証それぞれの認証に成功した場合に、「認証成功」をサービス事業者に送信する。 The authentication server 10 accepts any of the authentication requests 1 to 3 and sends the result of the authentication process (authentication success, authentication failure) to the source of the authentication request (service provider). When the authentication request 1 is received, the authentication server 10 transmits "authentication success" to the service provider when the authentication of each of the biometric authentication and the electronic authentication is successful.
 各サービス事業者は、業務管理サーバと端末を有する。 Each service provider has a business management server and a terminal.
 例えば、サービス事業者S1には、業務管理サーバ20と、複数の認証端末30が設置されている。サービス事業者S2には、業務管理サーバ21と、複数の認証端末31が設置されている。 For example, the service provider S1 is provided with a business management server 20 and a plurality of authentication terminals 30. The service provider S2 is provided with a business management server 21 and a plurality of authentication terminals 31.
 以降の説明において、各構成要素を区別する必要がある場合には、ハイフンより右側の符号を用いる。サービス事業者S1とサービス事業者S2に含まれる各装置の動作等は同一とすることができるので、以降の説明は、サービス事業者S1を中心に説明する。 In the following explanation, when it is necessary to distinguish each component, the code on the right side of the hyphen is used. Since the operation and the like of each device included in the service provider S1 and the service provider S2 can be the same, the following description will be centered on the service provider S1.
 図2に示す各装置は相互に接続されている。例えば、認証サーバ10と業務管理サーバ20は、有線又は無線の通信手段により接続され、相互に通信が可能となるように構成されている。 The devices shown in FIG. 2 are connected to each other. For example, the authentication server 10 and the business management server 20 are connected by a wired or wireless communication means, and are configured to be able to communicate with each other.
 業務管理サーバ20は、サービス事業者の業務全般を制御、管理するサーバである。例えば、サービス事業者が市役所等の自治体である場合には、業務管理サーバ20は、住人に対して行ったサービスの履歴等を管理する。例えば、業務管理サーバ20は、住人に対して補助金の支払いを完了したか否か等を記憶する。サービス事業者が病院等の医療機関である場合には、業務管理サーバは、患者の診療科や受診日等を記憶する。 The business management server 20 is a server that controls and manages the entire business of the service provider. For example, when the service provider is a local government such as a city hall, the business management server 20 manages the history of services provided to residents. For example, the business management server 20 stores whether or not the subsidy payment has been completed to the resident. When the service provider is a medical institution such as a hospital, the business management server stores the patient's clinical department, consultation date, and the like.
 業務管理サーバ20は、身分証明書による本人確認が完了した利用者に対してサービスを提供する。業務管理サーバ20は、サービス事業者の業務内容、業務形態、業務の規模等に応じて、上記認証要求1~3のいずれかを選択し、利用者の認証を認証サーバ10に依頼する。 The business management server 20 provides services to users who have completed identity verification using an ID card. The business management server 20 selects one of the above authentication requests 1 to 3 according to the business content, business form, business scale, etc. of the service provider, and requests the authentication server 10 to authenticate the user.
 例えば、サービス事業者の業種が厳格な本人確認が必要な業種であれば、サービスを享受する利用者は、生体認証と電子認証の両方に成功する必要がある。この場合、業務管理サーバ20は、生体認証と電子認証の両方を認証サーバ10に依頼する(認証要求1を送信する)。 For example, if the industry of the service provider is an industry that requires strict identity verification, the user who enjoys the service needs to succeed in both biometric authentication and electronic authentication. In this case, the business management server 20 requests both the biometric authentication and the electronic authentication to the authentication server 10 (transmits the authentication request 1).
 サービス事業者の業種が厳格な本人確認が必要な業種であっても、職員等が利用者の顔等により本人確認する場合には、業務管理サーバ20は、電子認証を認証サーバ10に依頼する(認証要求2を送信する)。あるいは、業務管理サーバ20が自ら生体認証を行う場合には、業務管理サーバ20は電子認証を認証サーバ10に依頼すれば足りる。 Even if the industry of the service provider is an industry that requires strict identity verification, when the staff or the like confirms the identity by the user's face or the like, the business management server 20 requests the authentication server 10 for electronic authentication. (Send authentication request 2). Alternatively, when the business management server 20 performs biometric authentication by itself, it is sufficient for the business management server 20 to request the authentication server 10 for electronic authentication.
 また、例えば、サービス事業者がアルコールや煙草を販売する小売店等であって、利用者の年齢を確認すれば十分な場合には、業務管理サーバ20は、生体認証を認証サーバ10に依頼する(認証要求3を送信する)。当該サービス事業者は、身分証明書に記載された氏名、住所等の変更になる可能性のある情報をサービス提供に使用しないので、身分証明書の有効性を確認するための電子認証は必要ない。 Further, for example, when the service provider is a retail store selling alcohol or cigarettes and it is sufficient to confirm the age of the user, the business management server 20 requests the authentication server 10 for biometric authentication. (Send authentication request 3). The service provider does not use the information on the ID card, such as the name and address, which may change, to provide the service, so electronic authentication is not required to confirm the validity of the ID card. ..
 端末30は、業務管理サーバ20と接続され、サービス事業者を訪れた利用者のインターフェイスとなる装置である。利用者は、端末30を介して種々のサービス提供を受ける。例えば、サービス事業者が病院等の医療機関である場合には、利用者は端末30を用いて診察の申し込みを行う。あるいは、サービス事業者が小売店である場合には、利用者は、端末30を用いて商品を購入する。あるいは、サービス事業者が市役所等の自治体である場合には、利用者は端末30を用いて補助金の申請等を行う。 The terminal 30 is a device that is connected to the business management server 20 and serves as an interface for users who visit the service provider. The user receives various services via the terminal 30. For example, when the service provider is a medical institution such as a hospital, the user applies for a medical examination using the terminal 30. Alternatively, when the service provider is a retail store, the user purchases the product using the terminal 30. Alternatively, if the service provider is a local government such as a city hall, the user applies for a subsidy or the like using the terminal 30.
 サービスの提供を受ける際、利用者は、所持する身分証明書をサービス事業者に提示する。例えば、利用者は、端末30に接続されたカードリーダに身分証明書を挿入する。 When receiving the service, the user presents his / her identification card to the service provider. For example, the user inserts an identification card into a card reader connected to the terminal 30.
 端末30は、利用者の生体情報(例えば、顔画像)と身分証明書のICチップに格納された情報(以下、ICチップ情報と表記する)を取得し、業務管理サーバ20に送信する。 The terminal 30 acquires the user's biometric information (for example, a face image) and the information stored in the IC chip of the identification card (hereinafter referred to as IC chip information) and transmits the information to the business management server 20.
 業務管理サーバ20は、これらの情報を用いて認証要求を生成し、認証サーバ10に送信する。認証サーバ10から「認証成功」を取得すると、業務管理サーバ20は、端末30を介して又は直接、利用者にサービスを提供する。 The business management server 20 generates an authentication request using this information and sends it to the authentication server 10. Upon acquiring "authentication success" from the authentication server 10, the business management server 20 provides the service to the user via the terminal 30 or directly.
 図2は例示であって、本願開示の認証システムの構成等を限定する趣旨ではない。例えば、認証センターには2台以上の認証サーバ10が含まれていてもよい。あるいは、サービス事業者には少なくとも1台以上の端末30が含まれればよい。あるいは、業務管理サーバ20と端末30の機能が統合され、当該統合された1台の装置によりサービスが提供されてもよい。あるいは、各サービス事業者において、図2に示すように1台の業務管理サーバ20に複数の端末30が接続されていてもよいし、1台の業務管理サーバ20に1台の端末30が接続されていてもよい。 FIG. 2 is an example, and does not mean to limit the configuration of the authentication system disclosed in the present application. For example, the authentication center may include two or more authentication servers 10. Alternatively, the service provider may include at least one terminal 30. Alternatively, the functions of the business management server 20 and the terminal 30 may be integrated, and the service may be provided by the integrated device. Alternatively, in each service provider, as shown in FIG. 2, a plurality of terminals 30 may be connected to one business management server 20, or one terminal 30 may be connected to one business management server 20. It may have been done.
 続いて、図面を参照しつつ、第1の実施形態に係る認証システムの概略動作について説明する。 Subsequently, the schematic operation of the authentication system according to the first embodiment will be described with reference to the drawings.
<認証要求1(生体認証及び電子認証)>
 図3は、サービス事業者が「認証要求1」を認証サーバ10に送信する場合の認証システムの動作概略を説明するための図である。 <Authentication request 1 (biometric authentication and electronic authentication)>
FIG. 3 is a diagram for explaining an outline of the operation of the authentication system when the service provider sends the “authentication request 1” to the authentication server 10.
 端末30は、身分証明書を提示する利用者を撮影し、顔画像を取得する。以降の説明において、端末30が利用者を撮影することで得られる顔画像を「撮影顔画像」と表記する。 The terminal 30 takes a picture of the user presenting the identification card and acquires a face image. In the following description, the face image obtained by the terminal 30 taking a picture of the user is referred to as a "photographed face image".
 端末30は、カードリーダに挿入された身分証明書からICチップ情報を取得する。その際、端末30は、必要に応じて、ICチップに格納された電子証明書を読み出すためのパスワードを取得する。 The terminal 30 acquires IC chip information from the identification card inserted in the card reader. At that time, the terminal 30 acquires a password for reading the digital certificate stored in the IC chip, if necessary.
 端末30は、取得した撮影顔画像とICチップ情報(電子証明書を含むICチップ情報)を業務管理サーバ20に送信する。 The terminal 30 transmits the acquired photographed face image and IC chip information (IC chip information including an electronic certificate) to the business management server 20.
 ICチップ情報には、上記電子証明書に加え、身分証明書の発行対象者の顔画像、利用者の個人情報(例えば、氏名、性別、住所、生年月日の基本4情報)が含まれている。業務管理サーバ20は、顔画像をICチップ情報から取り出す。以降の説明において、身分証明書のICチップに格納された顔画像(又は、顔画像に関する情報;例えば、顔画像を特徴付ける特徴量)を「チップ顔画像」と表記する。なお、ICチップ情報に含まれる個人情報は、氏名等に限定されず、パスポート番号等も個人情報に含まれる。 In addition to the above electronic certificate, the IC chip information includes a face image of the person to whom the identification card is issued and personal information of the user (for example, name, gender, address, basic 4 information of date of birth). There is. The business management server 20 extracts the face image from the IC chip information. In the following description, the face image (or information about the face image; for example, the feature amount that characterizes the face image) stored in the IC chip of the identification card is referred to as “chip face image”. The personal information included in the IC chip information is not limited to the name and the like, and the passport number and the like are also included in the personal information.
 業務管理サーバ20は、サービス事業者ID、2つの顔画像(撮影顔画像、チップ顔画像)、電子証明書を含む「認証要求1」を認証サーバ10に送信する。業務管理サーバ20は、ICチップ情報に含まれる個人情報も認証サーバ10に送信してもよい。 The business management server 20 transmits "authentication request 1" including a service provider ID, two face images (photographed face image, chip face image), and an electronic certificate to the authentication server 10. The business management server 20 may also transmit personal information included in the IC chip information to the authentication server 10.
 サービス事業者IDは、認証システムに含まれるサービス事業者を一意に識別するための識別情報である。図2の例では、サービス事業者S1、S2のそれぞれに異なるサービス事業者IDが割り当てられている。 The service provider ID is identification information for uniquely identifying the service provider included in the authentication system. In the example of FIG. 2, different service provider IDs are assigned to each of the service providers S1 and S2.
 なお、サービス事業者IDは、サービス事業者ごとに割り当てられるIDであって、サービスごとに割り当てられるIDではない。例えば、図2において、サービス事業者S1とS2が同じ種類のサービス(例えば、医療サービス)を提供する事業者であっても、経営主体が異なればこれらのサービス事業者には異なるIDが割り当てられる。 The service provider ID is an ID assigned to each service provider, not an ID assigned to each service. For example, in FIG. 2, even if service providers S1 and S2 provide the same type of service (for example, medical service), different IDs are assigned to these service providers if the management entity is different. ..
 認証サーバ10と業務管理サーバ20は、任意の方法によりサービス事業者IDを共有する。例えば、サービス事業者が認証システムに参加する際、認証サーバ10がサービス事業者IDを生成し、当該生成したサービス事業者IDをサービス事業者に配付(通知)すればよい。 The authentication server 10 and the business management server 20 share the service provider ID by any method. For example, when the service provider participates in the authentication system, the authentication server 10 may generate a service provider ID and distribute (notify) the generated service provider ID to the service provider.
 認証要求1を受信した認証サーバ10は、当該要求に含まれる2つの顔画像(生体情報)を用いた生体認証を行う。認証サーバ10は、2つの顔画像を用いた1対1照合を実行し、2つの顔画像が同一人物の顔画像である場合に「生体認証に成功」と判定する。 The authentication server 10 that has received the authentication request 1 performs biometric authentication using the two facial images (biological information) included in the request. The authentication server 10 executes one-to-one matching using two face images, and determines that "biometric authentication is successful" when the two face images are the face images of the same person.
 生体認証に前後して、あるいは、生体認証と並行して、認証サーバ10は、電子証明書を用いた電子認証を行う。具体的には、認証サーバ10は、認証要求1から取り出した電子証明書を外部の検証サーバ40に送信する。認証サーバ10は、検証サーバ40に電子証明書の検証を依頼する。 Before and after biometric authentication, or in parallel with biometric authentication, the authentication server 10 performs electronic authentication using an electronic certificate. Specifically, the authentication server 10 transmits the digital certificate taken out from the authentication request 1 to the external verification server 40. The authentication server 10 requests the verification server 40 to verify the digital certificate.
 検証サーバ40は、ICチップに格納された電子証明書の発行主体であって、PKI(Public Key Infrastructure)とも称される。 The verification server 40 is the issuing entity of the digital certificate stored in the IC chip, and is also called PKI (Public Key Infrastructure).
 検証サーバ40は、取得した電子証明書の有効期限等を確認し、検証結果を認証サーバ10に送信する。 The verification server 40 confirms the expiration date and the like of the acquired digital certificate, and sends the verification result to the authentication server 10.
 認証サーバ10は、検証サーバ40の検証結果が「検証成功」である場合に「電子認証に成功」と判定する。 The authentication server 10 determines that "electronic authentication is successful" when the verification result of the verification server 40 is "verification successful".
 「生体認証に成功」且つ「電子認証に成功」の場合に、認証サーバ10は、業務管理サーバ20から取得した認証要求1に対する認証結果を「認証成功」に設定する。換言すれば、上記2つの認証の少なくとも1つに失敗した場合には、認証サーバ10は、認証要求1に対する認証結果を「認証失敗」に設定する。 In the case of "successful biometric authentication" and "successful electronic authentication", the authentication server 10 sets the authentication result for the authentication request 1 acquired from the business management server 20 to "authentication successful". In other words, if at least one of the above two authentications fails, the authentication server 10 sets the authentication result for the authentication request 1 to "authentication failure".
 認証サーバ10は、認証結果(認証成功、認証失敗)を業務管理サーバ20に送信する。被認証者の認証に成功した場合には、認証サーバ10は、認証成功者を識別するための利用者ID(Identifier)を生成し、当該利用者IDを含む応答(認証成功)を業務管理サーバ20に送信する。 The authentication server 10 transmits the authentication result (authentication success, authentication failure) to the business management server 20. When the authentication of the authenticated person is successful, the authentication server 10 generates a user ID (Identifier) for identifying the authenticated person, and sends a response (authentication success) including the user ID to the business management server. Send to 20.
 認証成功を受信した場合に、業務管理サーバ20は、端末30を介して利用者にサービスを提供する。例えば、業務管理サーバ20は、補助金の申請結果を住人に通知したり、患者に診療科の案内をしたりする。 When the authentication success is received, the business management server 20 provides a service to the user via the terminal 30. For example, the business management server 20 notifies the resident of the application result of the subsidy and guides the patient to the clinical department.
 このように、認証サーバ10は、身分証明書を提示する被認証者に関する認証要求をサービス事業者から受信する。認証サーバ10は、被認証者の生体情報を用いた生体認証と、身分証明書から抽出された電子的な情報を用いた電子認証と、を実行することで認証要求を処理する。認証サーバ10は、生体認証及び電子認証の結果に応じた認証結果をサービス事業者に送信する。 In this way, the authentication server 10 receives an authentication request regarding the person to be authenticated who presents the identification card from the service provider. The authentication server 10 processes an authentication request by executing biometric authentication using the biometric information of the person to be authenticated and electronic authentication using electronic information extracted from the identification card. The authentication server 10 transmits an authentication result according to the result of biometric authentication and electronic authentication to the service provider.
<認証要求2(電子認証)>
 図4は、サービス事業者が「認証要求2」を認証サーバ10に送信する場合の認証システムの動作概略を説明するための図である。 <Authentication request 2 (electronic authentication)>
FIG. 4 is a diagram for explaining an outline of the operation of the authentication system when the service provider sends the “authentication request 2” to the authentication server 10.
 端末30は、利用者の顔画像とICチップ情報を業務管理サーバ20に送信する。 The terminal 30 transmits the user's face image and IC chip information to the business management server 20.
 業務管理サーバ20は、2枚の顔画像(撮影顔画像、チップ顔画像)を用いた生体認証(1対1照合)を行う。業務管理サーバ20は、生体認証に成功すると、サービス事業者IDと電子証明書を含む認証要求2を認証サーバ10に送信する。業務管理サーバ20は、ICチップ情報から取り出した個人情報を認証サーバ10に送信してもよい。 The business management server 20 performs biometric authentication (one-to-one collation) using two face images (photographed face image and chip face image). When the business management server 20 succeeds in biometric authentication, the business management server 20 transmits an authentication request 2 including a service provider ID and an electronic certificate to the authentication server 10. The business management server 20 may transmit the personal information extracted from the IC chip information to the authentication server 10.
 認証サーバ10は、認証要求2から電子証明書を取り出し、当該証明書の検証を検証サーバ40に依頼する。認証サーバ10は、検証結果に応じた認証結果を業務管理サーバ20に送信する。認証成功の場合には、認証サーバ10は、利用者IDを含む応答を業務管理サーバ20に送信する。 The authentication server 10 takes out the digital certificate from the authentication request 2 and requests the verification server 40 to verify the certificate. The authentication server 10 transmits the authentication result according to the verification result to the business management server 20. If the authentication is successful, the authentication server 10 sends a response including the user ID to the business management server 20.
 業務管理サーバ20は、生体認証及び電子認証が共に「認証成功」である場合に、利用者にサービスを提供する。 The business management server 20 provides a service to the user when both biometric authentication and electronic authentication are "authentication successful".
 このように、生体認証及び電子認証が必要なサービス事業者において、生体認証はサービス提供側(エッジ側)にて実行され、電子認証は認証センター側(クラウド側)にて実行されてもよい。 In this way, in a service provider that requires biometric authentication and electronic authentication, biometric authentication may be executed on the service provider side (edge side), and electronic authentication may be executed on the authentication center side (cloud side).
 図4には、業務管理サーバ20が生体認証を行う場合の動作が記載されている。上述のように、生体認証はサービス事業者の職員等が目視で行う場合もある。この場合、サービス事業者(業務管理サーバ20、端末30)は顔画像の取得や顔画像を用いた生体認証は不要である。 FIG. 4 describes the operation when the business management server 20 performs biometric authentication. As described above, biometric authentication may be performed visually by the staff of the service provider. In this case, the service provider (business management server 20, terminal 30) does not need to acquire a face image or perform biometric authentication using the face image.
<認証要求3(生体認証)>
 図5は、サービス事業者が「認証要求3」を認証サーバ10に送信する場合の認証システムの動作概略を説明するための図である。 <Authentication request 3 (biometric authentication)>
FIG. 5 is a diagram for explaining an outline of the operation of the authentication system when the service provider sends the “authentication request 3” to the authentication server 10.
 端末30は、利用者の顔画像とICチップ情報を業務管理サーバ20に送信する。 The terminal 30 transmits the user's face image and IC chip information to the business management server 20.
 業務管理サーバ20は、サービス事業者ID、2つの顔画像(撮影顔画像、チップ顔画像)を含む認証要求3を認証サーバ10に送信する。業務管理サーバ20は、個人情報を認証サーバ10に送信してもよい。 The business management server 20 transmits an authentication request 3 including a service provider ID and two face images (photographed face image and chip face image) to the authentication server 10. The business management server 20 may send personal information to the authentication server 10.
 認証サーバ10は、2枚の顔画像(撮影顔画像、チップ顔画像)を用いた生体認証(1対1照合)を行う。認証サーバ10は、認証結果(認証成功、認証失敗)を業務管理サーバ20に送信する。認証成功の場合には、認証サーバ10は、利用者IDを含む応答を業務管理サーバ20に送信する。 The authentication server 10 performs biometric authentication (one-to-one matching) using two face images (photographed face image and chip face image). The authentication server 10 transmits the authentication result (authentication success, authentication failure) to the business management server 20. If the authentication is successful, the authentication server 10 sends a response including the user ID to the business management server 20.
 業務管理サーバ20は、認証結果が「認証成功」である場合に、利用者にサービスを提供する。 The business management server 20 provides a service to the user when the authentication result is "authentication successful".
 なお、サービス事業者が生体認証を認証サーバ10に依頼する場合には、電子証明書を認証サーバ10に送信することは不要である。従って、端末30は、電子証明書を読み出すためのパスワードを取得する必要もない。 When the service provider requests biometric authentication from the authentication server 10, it is not necessary to send the digital certificate to the authentication server 10. Therefore, the terminal 30 does not need to acquire a password for reading the digital certificate.
 上記認証要求1~3の処理について説明したように、認証サーバ10は、認証要求のタイプに応じて、少なくとも生体認証及び電子認証のいずれか一方を実行する。 As described above for the processes of authentication requests 1 to 3, the authentication server 10 executes at least one of biometric authentication and electronic authentication depending on the type of authentication request.
 続いて、第1の実施形態に係る認証システムに含まれる各装置の詳細について説明する。 Subsequently, the details of each device included in the authentication system according to the first embodiment will be described.
[端末]
 図6は、第1の実施形態に係る端末30の処理構成(処理モジュール)の一例を示す図である。図6を参照すると、端末30は、通信制御部201と、利用者情報取得部202と、メッセージ出力部203と、記憶部204と、を備える。 [Terminal]
FIG. 6 is a diagram showing an example of a processing configuration (processing module) of the terminal 30 according to the first embodiment. Referring to FIG. 6, the terminal 30 includes a communication control unit 201, a user information acquisition unit 202, a message output unit 203, and a storage unit 204.
 通信制御部201は、他の装置との間の通信を制御する手段である。例えば、通信制御部201は、業務管理サーバ20からデータ(パケット)を受信する。また、通信制御部201は、業務管理サーバ20に向けてデータを送信する。通信制御部201は、他の装置から受信したデータを他の処理モジュールに引き渡す。通信制御部201は、他の処理モジュールから取得したデータを他の装置に向けて送信する。このように、他の処理モジュールは、通信制御部201を介して他の装置とデータの送受信を行う。 The communication control unit 201 is a means for controlling communication with other devices. For example, the communication control unit 201 receives data (packets) from the business management server 20. Further, the communication control unit 201 transmits data to the business management server 20. The communication control unit 201 passes the data received from the other device to the other processing module. The communication control unit 201 transmits the data acquired from the other processing module to the other device. In this way, the other processing module transmits / receives data to / from the other device via the communication control unit 201.
 利用者情報取得部202は、サービスの提供を希望する利用者に関する情報を取得する手段である。 The user information acquisition unit 202 is a means for acquiring information about a user who wishes to provide a service.
 例えば、利用者情報取得部202は、図7に示すような、サービス事業者が提供可能なサービスのリストを含むようなGUI(Graphical User Interface)を用いて、利用者が希望するサービスを取得する。その後、利用者情報取得部202は、図8に示すようなGUIを表示し、利用者の顔画像(撮影顔画像)と電子証明書を読み出すためのパスワードを取得する。 For example, the user information acquisition unit 202 acquires the service desired by the user by using a GUI (Graphical User Interface) including a list of services that can be provided by the service provider as shown in FIG. .. After that, the user information acquisition unit 202 displays a GUI as shown in FIG. 8 and acquires a user's face image (photographed face image) and a password for reading the digital certificate.
 利用者情報取得部202は、カメラを制御し利用者が写る画像データを取得する。利用者情報取得部202は、取得した画像データから顔画像を抽出する。 The user information acquisition unit 202 controls the camera and acquires image data in which the user is captured. The user information acquisition unit 202 extracts a face image from the acquired image data.
 なお、利用者情報取得部202による顔画像の抽出処理には既存の技術を用いることができるので詳細な説明を省略する。例えば、利用者情報取得部202は、CNN(Convolutional Neural Network)により学習された学習モデルを用いて、画像データの中から顔画像(顔領域)を抽出してもよい。あるいは、利用者情報取得部202は、テンプレートマッチング等の手法を用いて顔画像を抽出してもよい。 Since the existing technology can be used for the face image extraction process by the user information acquisition unit 202, detailed description thereof will be omitted. For example, the user information acquisition unit 202 may extract a face image (face region) from the image data by using a learning model learned by CNN (Convolutional Neural Network). Alternatively, the user information acquisition unit 202 may extract a face image by using a method such as template matching.
 利用者情報取得部202は、カードリーダを制御し身分証明書に搭載されたICチップから情報を読み出す。利用者情報取得部202は、ICチップから顔画像(チップ顔画像)、電子証明書等を取得する。電子証明書を読み出す際に上記取得されたパスワードが必要となる。 The user information acquisition unit 202 controls the card reader and reads information from the IC chip mounted on the identification card. The user information acquisition unit 202 acquires a face image (chip face image), an electronic certificate, and the like from the IC chip. The password obtained above is required when reading the digital certificate.
 利用者情報取得部202は、取得したパスワードでは電子証明書を読み出せない場合には、その旨を利用者に通知する。 If the digital certificate cannot be read by the acquired password, the user information acquisition unit 202 notifies the user to that effect.
 利用者情報取得部202は、撮影顔画像とICチップ情報(チップ顔画像、電子証明書、個人情報)を業務管理サーバ20に送信する。 The user information acquisition unit 202 transmits the photographed face image and IC chip information (chip face image, electronic certificate, personal information) to the business management server 20.
 メッセージ出力部203は、利用者に向けた種々のメッセージを出力する手段である。例えば、メッセージ出力部203は、サービス提供に関するメッセージを出力する。メッセージ出力部203は、液晶モニタ等の表示デバイスを用いてメッセージを表示してもよいし、スピーカー等の音響機器を用いて音声メッセージを再生してもよい。 The message output unit 203 is a means for outputting various messages to the user. For example, the message output unit 203 outputs a message regarding service provision. The message output unit 203 may display a message using a display device such as a liquid crystal monitor, or may reproduce a voice message using an audio device such as a speaker.
 記憶部204は、端末30の動作に必要な情報を記憶する。 The storage unit 204 stores information necessary for the operation of the terminal 30.
[業務管理サーバ]
 図9は、第1の実施形態に係る業務管理サーバ20の処理構成(処理モジュール)の一例を示す図である。図9を参照すると、業務管理サーバ20は、通信制御部301と、認証要求部302と、サービス提供部303と、生体認証部304と、記憶部305と、を備える。 [Business management server]
FIG. 9 is a diagram showing an example of a processing configuration (processing module) of the business management server 20 according to the first embodiment. Referring to FIG. 9, the business management server 20 includes a communication control unit 301, an authentication request unit 302, a service provision unit 303, a biometric authentication unit 304, and a storage unit 305.
 通信制御部301は、他の装置との間の通信を制御する手段である。例えば、通信制御部301は、認証サーバ10からデータ(パケット)を受信する。また、通信制御部301は、認証サーバ10に向けてデータを送信する。通信制御部301は、他の装置から受信したデータを他の処理モジュールに引き渡す。通信制御部301は、他の処理モジュールから取得したデータを他の装置に向けて送信する。このように、他の処理モジュールは、通信制御部301を介して他の装置とデータの送受信を行う。 The communication control unit 301 is a means for controlling communication with other devices. For example, the communication control unit 301 receives data (packet) from the authentication server 10. Further, the communication control unit 301 transmits data to the authentication server 10. The communication control unit 301 passes the data received from the other device to the other processing module. The communication control unit 301 transmits the data acquired from the other processing module to the other device. In this way, the other processing module transmits / receives data to / from other devices via the communication control unit 301.
 認証要求部302は、利用者の認証を認証サーバ10に要求する手段である。サービス事業者の業種等に応じてどのような認証を認証サーバ10に要求するか予め定められている。認証要求部302は、予め定められた設定に従い認証要求1~3のいずれかを生成し、認証サーバ10に送信する。 The authentication request unit 302 is a means for requesting the authentication server 10 to authenticate the user. It is predetermined what kind of authentication is required from the authentication server 10 according to the type of business of the service provider and the like. The authentication request unit 302 generates any one of the authentication requests 1 to 3 according to a predetermined setting and transmits it to the authentication server 10.
 認証要求部302は、図10に示すようなフォーマットの認証要求を生成する。認証要求には、どのようなタイプの認証を要求するかを示すID(認証タイプID)、サービス事業者を識別するID(サービス事業者ID)、2つの顔画像、電子証明書等を格納するフィールドを含む。上述のように、認証要求部302は、ICチップから読み出された個人情報を含む認証要求を生成してもよい。 The authentication request unit 302 generates an authentication request in the format shown in FIG. In the authentication request, an ID indicating what type of authentication is requested (authentication type ID), an ID for identifying a service provider (service provider ID), two facial images, an electronic certificate, etc. are stored. Includes fields. As described above, the authentication request unit 302 may generate an authentication request including personal information read from the IC chip.
 認証要求部302は、生体認証と電子認証を要求する場合には、認証タイプIDに「1」を設定する。認証要求部302は、電子認証を要求する場合には、認証タイプIDに「2」を設定する。認証要求部302は、生体認証を要求する場合には、認証タイプIDに「3」を設定する。 The authentication request unit 302 sets "1" for the authentication type ID when requesting biometric authentication and electronic authentication. When requesting electronic authentication, the authentication request unit 302 sets "2" for the authentication type ID. When requesting biometric authentication, the authentication request unit 302 sets "3" for the authentication type ID.
 認証要求部302は、認証を必要としない情報のフィールドにはブランクを設定する。例えば、認証要求部302は、認証要求2を送信する場合には顔画像のフィールドにブランクを設定し、認証要求3を送信する場合には電子証明書のフィールドにブランクを設定する。 The authentication request unit 302 sets a blank in the information field that does not require authentication. For example, the authentication request unit 302 sets a blank in the face image field when transmitting the authentication request 2, and sets a blank in the electronic certificate field when transmitting the authentication request 3.
 図10に示す認証要求のフォーマットは例示であって、その内容を限定する趣旨ではない。例えば、認証タイプIDは認証要求に含まれていなくともよい。認証サーバ10は、認証要求に設定された情報に応じてどのタイプの認証が要求されているか判定してもよい。例えば、2枚の顔画像と電子証明書を含む認証要求を受信した場合には、認証サーバ10は認証要求1を受信したと判断すればよい。認証サーバ10は、2つの顔画像を含まない認証要求は認証要求2、電子証明書を含まない認証要求は認証要求3とそれぞれ判断すればよい。 The format of the authentication request shown in FIG. 10 is an example, and the content is not intended to be limited. For example, the authentication type ID does not have to be included in the authentication request. The authentication server 10 may determine which type of authentication is requested according to the information set in the authentication request. For example, when the authentication request including the two facial images and the digital certificate is received, the authentication server 10 may determine that the authentication request 1 has been received. The authentication server 10 may determine that the authentication request that does not include the two facial images is the authentication request 2 and the authentication request that does not include the digital certificate is the authentication request 3.
 認証サーバ10から認証失敗を受信すると、認証要求部302は、その旨を、端末30を介して利用者に通知する。 Upon receiving the authentication failure from the authentication server 10, the authentication request unit 302 notifies the user via the terminal 30 to that effect.
 認証サーバ10から認証成功を受信すると、認証要求部302は、認証結果と共に送信されてきた利用者IDをサービス提供部303に引き渡す。 Upon receiving the authentication success from the authentication server 10, the authentication request unit 302 hands over the user ID transmitted together with the authentication result to the service providing unit 303.
 サービス提供部303は、認証成功者に対してサービスを提供する手段である。サービス提供部303は、業務管理データベース(DB;Data Base)を用いて利用者の管理等を行う。 The service providing unit 303 is a means for providing a service to a successful authentication person. The service providing unit 303 manages users by using a business management database (DB; DataBase).
 図11は、第1の実施形態に係る業務管理データベースの一例を示す図である。例えば、サービス提供部303は、図11に示すようなデータベースを用いて業務の管理を行う。 FIG. 11 is a diagram showing an example of a business management database according to the first embodiment. For example, the service providing unit 303 manages business using a database as shown in FIG.
 例えば、サービス提供部303は、認証サーバ10から取得した利用者IDがデータベースに登録されていなければ、新規なエントリを追加する。 For example, the service providing unit 303 adds a new entry if the user ID acquired from the authentication server 10 is not registered in the database.
 認証サーバから取得した利用者IDが既にデータベースに登録されていれば、サービス提供部303は、対応するエントリから読み出した情報に基づきサービスを提供する。図11の例では、サービス提供部303は、認証成功者を内科に案内する。 If the user ID acquired from the authentication server is already registered in the database, the service providing unit 303 provides the service based on the information read from the corresponding entry. In the example of FIG. 11, the service providing unit 303 guides the certified successful person to the internal medicine department.
 なお、図11に示す業務管理データベースは例示であって、その内容等を限定する趣旨ではないことは勿論である。例えば、サービス提供部303は、利用者IDを用いずに基本4情報等を用いて利用者(認証成功者)を管理してもよい。また、サービス事業者の業種、業態が異なれば、業務管理データベースに記憶される情報も異なるし、サービス提供部303の動作が異なることは当然である。 Of course, the business management database shown in FIG. 11 is an example and does not mean to limit its contents. For example, the service providing unit 303 may manage the user (authentication successful person) by using the basic 4 information or the like without using the user ID. Further, if the type of business and the type of business of the service provider are different, the information stored in the business management database is also different, and it is natural that the operation of the service providing unit 303 is different.
 生体認証部304は、利用者の生体認証を行う手段である。生体認証部304は、図4に示すように、業務管理サーバ20が生体認証を実行する場合に必要となるモジュールである。 The biometric authentication unit 304 is a means for performing biometric authentication of the user. As shown in FIG. 4, the biometric authentication unit 304 is a module required when the business management server 20 executes biometric authentication.
 業務管理サーバ20にて生体認証を行う場合には、認証要求部302は、2つの顔画像(撮影顔画像、チップ顔画像)を生体認証部304に引き渡す。 When performing biometric authentication on the business management server 20, the authentication requesting unit 302 delivers two face images (photographed face image and chip face image) to the biometric authentication unit 304.
 生体認証部304は、2つの顔画像を用いた1対1照合を実行する。具体的には、生体認証部304は、2つの顔画像それぞれから特徴量(複数の特徴量からなる特徴ベクトル)を生成する。生体認証部304は、2つの特徴量の類似度を計算する。生体認証部304は、当該計算された類似度が所定の値以上であれば、認証成功と判定する。生体認証部304は、当該計算された類似度が所定の値より小さい場合には、認証失敗と判定する。 The biometric authentication unit 304 executes one-to-one collation using two face images. Specifically, the biometric authentication unit 304 generates a feature amount (feature vector composed of a plurality of feature amounts) from each of the two face images. The biometric authentication unit 304 calculates the similarity between the two features. If the calculated similarity is equal to or higher than a predetermined value, the biometric authentication unit 304 determines that the authentication is successful. If the calculated similarity is smaller than a predetermined value, the biometric authentication unit 304 determines that the authentication has failed.
 特徴量の生成処理に関しては既存の技術を用いることができるのでその詳細な説明を省略する。例えば、生体認証部304は、顔画像から目、鼻、口等を特徴点として抽出する。その後、生体認証部304は、特徴点それぞれの位置や各特徴点間の距離を特徴量として計算し、複数の特徴量からなる特徴ベクトル(顔画像を特徴づけるベクトル情報)を生成する。また、生体認証部304は、特徴量(顔画像)の類似度としてカイ二乗距離やユークリッド距離等を計算する。距離が離れているほど類似度は低く、距離が近いほど類似度が高い。 Since existing technology can be used for the feature quantity generation process, detailed description thereof will be omitted. For example, the biometric authentication unit 304 extracts eyes, nose, mouth and the like as feature points from the face image. After that, the biometric authentication unit 304 calculates the position of each feature point and the distance between each feature point as a feature amount, and generates a feature vector (vector information that characterizes the face image) composed of a plurality of feature amounts. Further, the biometric authentication unit 304 calculates the chi-square distance, the Euclidean distance, and the like as the similarity of the feature amount (face image). The farther the distance is, the lower the similarity is, and the closer the distance is, the higher the similarity is.
 生体認証部304は、認証結果(認証成功、認証失敗)を認証要求部302に通知する。 The biometric authentication unit 304 notifies the authentication request unit 302 of the authentication result (authentication success, authentication failure).
 業務管理サーバ20にて生体認証を行う場合には、認証要求部302は、生体認証に成功したことに応じて認証要求2を認証サーバ10に送信する。認証要求部302は、2つの認証(生体認証、電子認証)の結果に応じて被認証者の認証に成功したか否かを判定する。 When performing biometric authentication on the business management server 20, the authentication request unit 302 sends an authentication request 2 to the authentication server 10 according to the success of the biometric authentication. The authentication requesting unit 302 determines whether or not the authentication of the person to be authenticated is successful according to the results of the two authentications (biometric authentication and electronic authentication).
 記憶部305は、業務管理サーバ20の動作に必要な情報を記憶する。 The storage unit 305 stores information necessary for the operation of the business management server 20.
[認証サーバ]
 図12は、第1の実施形態に係る認証サーバ10の処理構成(処理モジュール)の一例を示す図である。図12を参照すると、認証サーバ10は、通信制御部401と、認証要求処理部402と、認証履歴管理部403と、記憶部404と、を備える。 [Authentication server]
FIG. 12 is a diagram showing an example of a processing configuration (processing module) of the authentication server 10 according to the first embodiment. Referring to FIG. 12, the authentication server 10 includes a communication control unit 401, an authentication request processing unit 402, an authentication history management unit 403, and a storage unit 404.
 通信制御部401は、他の装置との間の通信を制御する手段である。例えば、通信制御部401は、業務管理サーバ20からデータ(パケット)を受信する。また、通信制御部401は、業務管理サーバ20に向けてデータを送信する。通信制御部401は、他の装置から受信したデータを他の処理モジュールに引き渡す。通信制御部401は、他の処理モジュールから取得したデータを他の装置に向けて送信する。このように、他の処理モジュールは、通信制御部401を介して他の装置とデータの送受信を行う。通信制御部401は、認証要求を受信する受信部としての機能と、認証結果を送信する送信部としての機能と、を備える。 The communication control unit 401 is a means for controlling communication with other devices. For example, the communication control unit 401 receives data (packets) from the business management server 20. Further, the communication control unit 401 transmits data to the business management server 20. The communication control unit 401 passes the data received from the other device to the other processing module. The communication control unit 401 transmits the data acquired from the other processing module to the other device. In this way, the other processing module transmits / receives data to / from other devices via the communication control unit 401. The communication control unit 401 includes a function as a receiving unit for receiving an authentication request and a function as a transmitting unit for transmitting an authentication result.
 認証要求処理部402は、サービス事業者から取得する認証要求を処理する手段である。認証要求処理部402は、生体認証部411と電子認証部412のサブモジュールを備える。 The authentication request processing unit 402 is a means for processing an authentication request acquired from a service provider. The authentication request processing unit 402 includes submodules of the biometric authentication unit 411 and the electronic authentication unit 412.
 業務管理サーバ20から認証要求1又は認証要求3を受信した場合には、生体認証部411が生体認証を行う。 When the authentication request 1 or the authentication request 3 is received from the business management server 20, the biometric authentication unit 411 performs biometric authentication.
 生体認証部411は、被認証者の生体情報(撮影顔画像)と身分証明書から抽出された生体情報(チップ顔画像)を用いた1対1照合(生体認証)を実行する。即ち、生体認証部411は、2つの顔画像(撮影顔画像、チップ顔画像)を用いた照合処理(1対1照合)を行い、2つの顔画像が同一人物から取得された画像であるか否かを判定する。生体認証部411の動作は、業務管理サーバ20の生体認証部304と同一とすることができるので更なる詳細な説明を省略する。 The biometric authentication unit 411 executes one-to-one verification (biometric authentication) using the biometric information (photographed face image) of the person to be authenticated and the biometric information (chip face image) extracted from the identification card. That is, the biometric authentication unit 411 performs a collation process (one-to-one collation) using two face images (photographed face image and chip face image), and whether the two face images are images obtained from the same person. Judge whether or not. Since the operation of the biometric authentication unit 411 can be the same as that of the biometric authentication unit 304 of the business management server 20, further detailed description will be omitted.
 業務管理サーバ20から認証要求1又は認証要求2を受信した場合には、電子認証部412が電子認証を行う。 When the authentication request 1 or the authentication request 2 is received from the business management server 20, the electronic authentication unit 412 performs electronic authentication.
 電子認証部412は、電子証明書を検証サーバ40に送信し、当該証明書の検証を検証サーバ40に依頼する。検証サーバ40から電子証明書の検証に成功した旨の応答を受信した場合に、電子認証部412は、「電子認証成功」とする。検証サーバ40から電子証明書の検証に失敗した旨の応答を受信した場合に、電子認証部412は、「電子認証失敗」とする。 The electronic authentication unit 412 sends the digital certificate to the verification server 40, and requests the verification server 40 to verify the certificate. When the response to the effect that the verification of the digital certificate is successful is received from the verification server 40, the electronic authentication unit 412 determines that the digital authentication is successful. When the response to the effect that the verification of the digital certificate has failed is received from the verification server 40, the electronic authentication unit 412 determines that the digital authentication has failed.
 認証要求1を受信した場合には、認証要求処理部402は、生体認証及び電子認証が共に「成功」である場合に、認証結果を「認証成功」に設定する。換言すれば、少なくとも生体認証及び電子認証のいずれか一方が「失敗」である場合には、「認証失敗」が設定される。 When the authentication request 1 is received, the authentication request processing unit 402 sets the authentication result to "authentication success" when both biometric authentication and electronic authentication are "successful". In other words, if at least one of biometric authentication and electronic authentication is "failure", "authentication failure" is set.
 また、認証要求処理部402は、生体認証に成功したことに応じて、電子認証を行ってもよい。即ち、生体認証に失敗している場合には電子認証の結果に関わらず、サービス事業者に送信する認証結果は「認証失敗」となる。認証要求処理部402は、生体認証が成功したことに応じて、電子認証の依頼を検証サーバ40に行うことで、無駄な検証依頼を抑制できる。あるいは、認証要求処理部402は、電子認証に成功したことに応じて、生体認証を行ってもよい。 Further, the authentication request processing unit 402 may perform electronic authentication depending on the success of biometric authentication. That is, when the biometric authentication fails, the authentication result transmitted to the service provider is "authentication failure" regardless of the result of the electronic authentication. The authentication request processing unit 402 can suppress unnecessary verification requests by making an electronic authentication request to the verification server 40 in response to the success of biometric authentication. Alternatively, the authentication request processing unit 402 may perform biometric authentication depending on the success of the electronic authentication.
 認証要求2を受信した場合には、認証要求処理部402は、電子認証が「成功」である場合に、認証結果を「認証成功」に設定する。 When the authentication request 2 is received, the authentication request processing unit 402 sets the authentication result to "authentication successful" when the electronic authentication is "successful".
 認証要求3を受信した場合には、認証要求処理部402は、生体認証が「成功」である場合に、認証結果を「認証成功」に設定する。 When the authentication request 3 is received, the authentication request processing unit 402 sets the authentication result to "authentication successful" when the biometric authentication is "successful".
 認証結果に「認証成功」が設定されると、認証要求処理部402は、認証成功者を識別するための利用者IDを生成する。認証要求処理部402は、任意の方法により上記利用者IDを生成する。例えば、認証要求処理部402は、認証成功者の顔画像(特徴量)のハッシュ値を計算することで、利用者IDを生成してもよい。あるいは、認証要求処理部402は、認証成功者の基本4情報(氏名、性別、住所、生年月日)を連結し、当該連結値のハッシュ値を利用者IDとして生成してもよい。なお、認証成功者が新規な利用者でなければ、認証要求処理部402による利用者IDの生成は不要である。認証要求処理部402は、後述する認証履歴データベースを用いて利用者が新規か否かを判定(特定)すればよい。 When "authentication success" is set in the authentication result, the authentication request processing unit 402 generates a user ID for identifying the authentication success person. The authentication request processing unit 402 generates the user ID by an arbitrary method. For example, the authentication request processing unit 402 may generate a user ID by calculating a hash value of a face image (feature amount) of a successful authentication person. Alternatively, the authentication request processing unit 402 may concatenate the four basic information (name, gender, address, date of birth) of the successful authentication person, and generate the hash value of the concatenated value as the user ID. If the successful authentication user is not a new user, it is not necessary for the authentication request processing unit 402 to generate a user ID. The authentication request processing unit 402 may determine (specify) whether or not the user is new by using the authentication history database described later.
 被認証者の認証に成功した場合には、認証要求処理部402は、上記生成した利用者IDを含む認証結果(認証成功)を業務管理サーバ20に送信する。被認証者の認証に失敗した場合には、認証要求処理部402は、当該事実(認証失敗)を業務管理サーバ20に通知する。なお、認証要求処理部402から業務管理サーバ20に送信される応答には認証結果に加え、他の情報(例えば、被認証者の氏名や認証日時等)が含まれていてもよい。 When the authentication of the authenticated person is successful, the authentication request processing unit 402 sends the authentication result (authentication success) including the generated user ID to the business management server 20. When the authentication of the person to be authenticated fails, the authentication request processing unit 402 notifies the business management server 20 of the fact (authentication failure). The response sent from the authentication request processing unit 402 to the business management server 20 may include other information (for example, the name of the person to be authenticated, the date and time of authentication, etc.) in addition to the authentication result.
 認証要求処理部402は、生成した利用者IDと認証要求から取り出したサービス事業者IDを認証履歴管理部403に引き渡す。 The authentication request processing unit 402 hands over the generated user ID and the service provider ID extracted from the authentication request to the authentication history management unit 403.
 認証履歴管理部403は、認証成功者の認証履歴を管理する手段である。認証履歴管理部403は、認証履歴データベースを用いて上記認証履歴を管理する。認証履歴データベースは、生体認証及び電子認証のそれぞれについて、認証に成功した履歴をサービス事業者ごとに記憶する。 The authentication history management unit 403 is a means for managing the authentication history of successful authentication persons. The authentication history management unit 403 manages the authentication history using the authentication history database. The authentication history database stores the history of successful authentication for each service provider for each of biometric authentication and electronic authentication.
 図13は、第1の実施形態に係る認証履歴データベースの一例を示す図である。図13に示すように、認証成功者の利用者ID及びサービス事業者ごとに、生体認証、電子認証に成功した日時が記憶される。 FIG. 13 is a diagram showing an example of the authentication history database according to the first embodiment. As shown in FIG. 13, the date and time when the biometric authentication and the electronic authentication are successful are stored for each user ID of the successful authentication person and the service provider.
 認証履歴管理部403は、認証要求処理部402から取得した利用者IDをキーとして認証履歴データベースを検索する。対応するエントリがなければ、認証履歴管理部403は、新たなエントリを生成し、サービス事業者ごとに区分して生体認証と電子認証の日時を記憶する。 The authentication history management unit 403 searches the authentication history database using the user ID acquired from the authentication request processing unit 402 as a key. If there is no corresponding entry, the authentication history management unit 403 generates a new entry and stores the date and time of biometric authentication and electronic authentication separately for each service provider.
 利用者IDに対応するエントリが存在し、且つ、対応するサービス事業者フィールドが存在すれば、認証履歴管理部403は、当該フィールドに格納された認証日時を更新する。利用者IDに対応するエントリが存在し、且つ、対応するサービス事業者フィールドが存在しなければ、認証履歴管理部403は、新たなサービス事業者フィールドを追加し、当該フィールドに認証日時を記憶する。 If the entry corresponding to the user ID exists and the corresponding service provider field exists, the authentication history management unit 403 updates the authentication date and time stored in the field. If the entry corresponding to the user ID does not exist and the corresponding service provider field does not exist, the authentication history management unit 403 adds a new service provider field and stores the authentication date and time in the field. ..
 このように、認証履歴管理部403は、利用者ID、サービス事業者ID、生体認証及び電子認証それぞれの認証日時を用いて認証履歴データベースを更新する。 In this way, the authentication history management unit 403 updates the authentication history database using the authentication dates and times of the user ID, the service provider ID, the biometric authentication, and the electronic authentication.
 なお、図13に示すように、同じ認証成功者であってもサービス事業者が異なれば、求められる認証方式(生体認証、電子認証)が異なることもある。 As shown in FIG. 13, even if the same authentication is successful, the required authentication method (biometric authentication, electronic authentication) may differ depending on the service provider.
 認証履歴管理部403が各サービス事業者の認証履歴を管理することで、サービス事業者は利用者の認証履歴を参照することができる。具体的には、サービス事業者は、履歴を参照したい利用者の利用者ID、自身のサービス事業者IDを認証サーバ10に送信する。認証履歴管理部403は、利用者ID、サービス事業者IDに基づき対応する認証日時を特定し、当該認証日時をサービス事業者に返信する。 The authentication history management unit 403 manages the authentication history of each service provider, so that the service provider can refer to the authentication history of the user. Specifically, the service provider transmits the user ID of the user who wants to refer to the history and his / her service provider ID to the authentication server 10. The authentication history management unit 403 specifies the corresponding authentication date and time based on the user ID and the service provider ID, and returns the authentication date and time to the service provider.
 記憶部404は、認証サーバ10の動作に必要な情報を記憶する。 The storage unit 404 stores information necessary for the operation of the authentication server 10.
[検証サーバ]
 検証サーバ40は、既存の認証基盤技術により構成可能であり、且つ、その構成や動作は当業者にとって明らかであるので詳細な説明を省略する。 [Verification server]
The verification server 40 can be configured by the existing authentication infrastructure technology, and its configuration and operation are obvious to those skilled in the art, so detailed description thereof will be omitted.
[システムの動作]
 続いて、第1の実施形態に係る認証システムの動作について説明する。 [System operation]
Subsequently, the operation of the authentication system according to the first embodiment will be described.
 図14は、第1の実施形態に係る認証システムの動作の一例を示すシーケンス図である。 FIG. 14 is a sequence diagram showing an example of the operation of the authentication system according to the first embodiment.
 端末30は、利用者の顔画像とICチップ情報を取得し、これらの情報を業務管理サーバ20に送信する(ステップS01)。 The terminal 30 acquires the user's face image and IC chip information, and transmits these information to the business management server 20 (step S01).
 業務管理サーバ20は、取得した顔画像、ICチップ情報を用いて認証要求を生成し、認証サーバ10に送信する(ステップS02)。 The business management server 20 generates an authentication request using the acquired face image and IC chip information, and sends the authentication request to the authentication server 10 (step S02).
 認証サーバ10は、認証要求に含まれる「認証タイプID」を確認し、実行が必要な認証方式を判定する(ステップS03)。 The authentication server 10 confirms the "authentication type ID" included in the authentication request, and determines the authentication method that needs to be executed (step S03).
 認証サーバ10は、判定された認証方式を実行(認証の実行;ステップS04)。具体的には、認証要求1を受信した場合、認証サーバ10は生体認証及び電子認証を実行する。認証要求2を受信した場合、認証サーバ10は、電子認証を実行する。認証要求3を受信した場合、認証サーバ10は、生体認証を実行する。 The authentication server 10 executes the determined authentication method (execution of authentication; step S04). Specifically, when the authentication request 1 is received, the authentication server 10 executes biometric authentication and electronic authentication. When the authentication request 2 is received, the authentication server 10 executes electronic authentication. Upon receiving the authentication request 3, the authentication server 10 executes biometric authentication.
 認証サーバ10は、認証結果を生成し、業務管理サーバ20に送信する(ステップS05)。 The authentication server 10 generates an authentication result and sends it to the business management server 20 (step S05).
 サービス事業者(端末30、業務管理サーバ20)は、認証成功を受信すると、利用者にサービスを提供する(ステップS06)。 Upon receiving the successful authentication, the service provider (terminal 30, business management server 20) provides the service to the user (step S06).
 以上のように、第1の実施形態に係る認証システムでは、認証サーバ10は、サービス事業者からの認証要求を処理する。とりわけ、認証サーバ10は、被認証者の生体認証と電子認証を同時に要求するような認証要求を処理することができる。その結果、サービス事業者では、職員等が利用者の顔と身分証明書に記載された顔を比較するといった対応は不要となる。電子情報を用いた電子認証により身分証明書の有効性等が担保されるので、サービス事業者は、信頼性の高い確実な情報に基づいて利用者に対してサービスを提供することができる。即ち、第1の実施形態に係る認証システムでは、職員等が顔の比較をすることや身分証明書が正しいか否かの判定は不要となる。また、第1の実施形態に係る認証システムでは、2つの本人確認(本人認証)を並行して実施することもできるので、身分証明書を用いた効率的な本人確認が実現される。 As described above, in the authentication system according to the first embodiment, the authentication server 10 processes an authentication request from a service provider. In particular, the authentication server 10 can process an authentication request that simultaneously requests biometric authentication and electronic authentication of the person to be authenticated. As a result, the service provider does not need to take measures such as the staff or the like comparing the face of the user with the face written on the ID card. Since the validity of the identification card is guaranteed by the electronic authentication using the electronic information, the service provider can provide the service to the user based on the highly reliable and reliable information. That is, in the authentication system according to the first embodiment, it is not necessary for the staff or the like to compare faces and determine whether or not the identification card is correct. Further, in the authentication system according to the first embodiment, two identity verifications (identity verifications) can be performed in parallel, so that efficient identity verification using an identification card is realized.
 認証サーバ10は、種々の要求(生体認証と電子認証の要求、電子認証に限る要求、生体認証に限る要求)に対応できるので、複数のサービス事業者それぞれの業種、業態等に応じた柔軟な認証サービスを提供することができる。 Since the authentication server 10 can respond to various requests (biometric authentication and electronic authentication request, electronic authentication limited request, biometric limited limited request), it is flexible according to the type of business, business type, etc. of each of the plurality of service providers. Authentication services can be provided.
[第2の実施形態]
 続いて、第2の実施形態について図面を参照して詳細に説明する。 [Second Embodiment]
Subsequently, the second embodiment will be described in detail with reference to the drawings.
 第1の実施形態では、サービス事業者が自身の業種、業態に適した認証要求を認証サーバ10に送信し、認証サーバ10は当該要求に応える場合について説明した。ここで、サービス事業者の業種等によっては、生体認証と電子認証を必要としつつもいずれか一方の認証を省略できる場合も存在する。例えば、病院等の医療機関において、初診時には上記2つの認証を必要とするが、同じ月内であえば電子認証を省略するといった運用も考えられる。 In the first embodiment, the case where the service provider sends an authentication request suitable for its own industry and business type to the authentication server 10 and the authentication server 10 responds to the request has been described. Here, depending on the type of business of the service provider, there are cases where biometric authentication and electronic authentication are required but either authentication can be omitted. For example, in a medical institution such as a hospital, the above two certifications are required at the time of the first medical examination, but it is conceivable to omit the electronic certification within the same month.
 第2の実施形態では、認証サーバ10が、各サービス事業者の実務にそった柔軟な認証サービスを提供する場合について説明する。 In the second embodiment, a case where the authentication server 10 provides a flexible authentication service in line with the business of each service provider will be described.
 第2の実施形態に係る認証システムの構成は第1の実施形態と同一とすることができるので図2に相当する説明を省略する。また、第2の実施形態に係る認証サーバ10、業務管理サーバ20、端末30の処理構成も第1の実施形態と同一とすることができるので、その説明を省略する。 Since the configuration of the authentication system according to the second embodiment can be the same as that of the first embodiment, the description corresponding to FIG. 2 will be omitted. Further, since the processing configuration of the authentication server 10, the business management server 20, and the terminal 30 according to the second embodiment can be the same as that of the first embodiment, the description thereof will be omitted.
 以下、第1及び第2の実施形態の相違点を中心に説明する。 Hereinafter, the differences between the first and second embodiments will be mainly described.
 第2の実施形態に係るサービス事業者は、自ら送信した認証要求を認証サーバ10がどのように処理するか定めた認証ポリシを認証サーバ10に事前登録する。 The service provider according to the second embodiment pre-registers an authentication policy that defines how the authentication server 10 processes the authentication request transmitted by itself in the authentication server 10.
 例えば、サービス事業者S1は、生体認証と電子認証を要求する(認証要求1を認証サーバ1に送信する)。サービス事業者S1は、当該認証要求1の処理に関して、認証要求の受信のたびに生体認証、電子認証のそれぞれの実行を求めるような認証ポリシを認証サーバ10に登録する。 For example, the service provider S1 requests biometric authentication and electronic authentication (sends authentication request 1 to authentication server 1). Regarding the processing of the authentication request 1, the service provider S1 registers in the authentication server 10 an authentication policy that requires the execution of each of biometric authentication and electronic authentication each time the authentication request is received.
 サービス事業者S2もサービス事業者S1と同様に、生体認証と電子認証を認証サーバ10に要求する。サービス事業者S2は、認証要求1の処理に関して、認証要求の受信のたびに生体認証を実行することを求めつつ、電子認証は同じ月内に一度の認証を求めるような認証ポリシを認証サーバ10に登録する。 The service provider S2 also requests biometric authentication and electronic authentication from the authentication server 10 in the same manner as the service provider S1. Regarding the processing of the authentication request 1, the service provider S2 requires that biometric authentication be executed each time the authentication request is received, while the electronic authentication requires authentication once within the same month. To register with.
 サービス事業者は、生体認証、電子認証の一方だけを要求する場合であっても同様の認証ポリシを認証サーバ10に登録することもできる。例えば、サービス事業者は、電子認証を要求する(認証要求2を認証サーバ10に送信する)。サービス事業者は、当該認証要求2の処理に関し、電子認証を月に1度実行するような認証ポリシを認証サーバ10に登録することもできる。 The service provider can also register the same authentication policy in the authentication server 10 even when requesting only one of biometric authentication and electronic authentication. For example, the service provider requests electronic authentication (authentication request 2 is transmitted to the authentication server 10). The service provider can also register an authentication policy that executes electronic authentication once a month in the authentication server 10 regarding the processing of the authentication request 2.
 なお、サービス登録者による認証ポリシの登録方法に関する詳細な説明は省略する。サービス事業者は任意の方法を用いて認証ポリシを認証サーバ10に登録すればよい。例えば、サービス事業者が認証システムに参加する際に認証ポリシの登録をしてもよいし、サービス事業者の担当者が認証センターを訪れ認証ポリシを登録してもよい。サービス事業者は、割り当てられたサービス事業者IDと認証ポリシを認証サーバ10に通知(入力)してもよい。 The detailed explanation on how to register the authentication policy by the service registrant is omitted. The service provider may register the authentication policy in the authentication server 10 by any method. For example, the certification policy may be registered when the service provider participates in the certification system, or the person in charge of the service provider may visit the certification center and register the certification policy. The service provider may notify (input) the assigned service provider ID and the authentication policy to the authentication server 10.
 第2の実施形態に係る認証サーバ10は、上記サービス事業者ごとの認証ポリシを記憶する。認証サーバ10は、認証ポリシを記憶する認証ポリシデータベースを備える(図15参照)。認証ポリシデータベースは、サービス事業者のIDと認証ポリシを対応付けて記憶する。 The authentication server 10 according to the second embodiment stores the authentication policy for each service provider. The authentication server 10 includes an authentication policy database for storing authentication policies (see FIG. 15). The authentication policy database stores the ID of the service provider and the authentication policy in association with each other.
 認証要求処理部402は、認証要求の処理方法をサービス事業者が定めた認証ポリシに基づき、認証要求を処理する。以下、図面を参照しつつ、認証要求処理部402の動作を説明する。 The authentication request processing unit 402 processes the authentication request based on the authentication policy defined by the service provider as the authentication request processing method. Hereinafter, the operation of the authentication request processing unit 402 will be described with reference to the drawings.
 図16は、第2の実施形態に係る認証サーバ10の動作の一例を示すフローチャートである。図16を参照して、主に認証要求処理部402の動作を説明する。 FIG. 16 is a flowchart showing an example of the operation of the authentication server 10 according to the second embodiment. With reference to FIG. 16, the operation of the authentication request processing unit 402 will be mainly described.
 認証要求処理部402は、業務管理サーバ20から認証要求を受信すると、被認証者の利用者IDを生成する(ステップS101)。 Upon receiving the authentication request from the business management server 20, the authentication request processing unit 402 generates a user ID of the person to be authenticated (step S101).
 認証要求処理部402は、当該生成された利用者IDをキーとして認証履歴データベースを検索する(ステップS102)。認証要求処理部402は、当該検索により、被認証者は過去に認証が行われた利用者(以下、既存被認証者と表記する)か新規に認証が行われる利用者(以下、新規被認証者と表記する)か判定する。 The authentication request processing unit 402 searches the authentication history database using the generated user ID as a key (step S102). In the authentication request processing unit 402, the authenticated person is a user who has been authenticated in the past (hereinafter referred to as an existing authenticated person) or a user who is newly authenticated (hereinafter referred to as a new authenticated person) by the search. (Indicated as a person)).
 生成された利用者IDに対応するエントリが認証履歴データベースに存在すれば、認証要求処理部402は、被認証者は「既存被認証者」と判定する。生成された利用者IDに対応するエントリが認証履歴データベースに存在しなければ、認証要求処理部402は、被認証者は「新規被認証者」と判定する。 If the entry corresponding to the generated user ID exists in the authentication history database, the authentication request processing unit 402 determines that the authenticated person is an "existing authenticated person". If the entry corresponding to the generated user ID does not exist in the authentication history database, the authentication request processing unit 402 determines that the authenticated person is a "new authenticated person".
 被認証者が新規被認証者であれば(ステップS103、Yes分岐)、認証要求処理部402は、第1の実施形態にて説明した処理を実行する。即ち、認証要求処理部402は、認証要求のタイプに応じて認証処理を実行する(ステップS104)。 If the authenticated person is a new authenticated person (step S103, Yes branch), the authentication request processing unit 402 executes the process described in the first embodiment. That is, the authentication request processing unit 402 executes the authentication process according to the type of the authentication request (step S104).
 被認証者が既存被認証者であれば(ステップS103、No分岐)、認証要求処理部402は、認証要求と共に取得したサービス事業者IDをキーとして認証ポリシデータベースを検索し、対応する認証ポリシを特定する(ステップS105)。 If the authenticated person is an existing authenticated person (step S103, No branch), the authentication request processing unit 402 searches the authentication policy database using the service provider ID acquired together with the authentication request as a key, and obtains the corresponding authentication policy. Specify (step S105).
 認証要求処理部402は、被認証者(既存被認証者)に関する生体認証、電子認証それぞれの実行要否を決定する(ステップS106)。具体的には、認証要求処理部402は、サービス事業者(認証要求の送信元であるサービス事業者)の認証ポリシと、認証履歴データベースから得られる既存被認証者の認証履歴に基づき、生体認証及び電子認証の実行要否を判定する。 The authentication request processing unit 402 determines whether or not each of biometric authentication and electronic authentication for the person to be authenticated (existing person to be authenticated) needs to be executed (step S106). Specifically, the authentication request processing unit 402 biometrically authenticates based on the authentication policy of the service provider (the service provider that is the sender of the authentication request) and the authentication history of the existing authenticated person obtained from the authentication history database. And, it is judged whether or not the electronic authentication needs to be executed.
 例えば、図15に示すサービス事業者S1の認証ポリシに関しては、認証要求の受信の都度、生体認証及び電子認証の実行が求められているので、認証要求処理部402は、被認証者の認証履歴に依らず2つの認証を実行すると判定する。 For example, regarding the authentication policy of the service provider S1 shown in FIG. 15, since it is required to execute biometric authentication and electronic authentication each time an authentication request is received, the authentication request processing unit 402 performs the authentication history of the person to be authenticated. It is determined that two authentications are executed regardless of the above.
 対して、サービス事業者S2の認証ポリシに関しては、生体認証の実行は必要であるが、電子認証の実行要否は既存被認証者の認証実績に応じて定まる。つまり、直前に電子認証された日と認証要求を受信した日が同じ月内であれば電子認証は不要と判断され、上記認証日と受信日が異なる月に含まる場合には電子認証は必要と判断される。このように、認証要求処理部402は、認証ポリシと認証履歴データベースに記憶された電子認証の履歴に基づき、電子認証を実行するか否か判定する。 On the other hand, regarding the authentication policy of the service provider S2, it is necessary to execute biometric authentication, but whether or not to execute electronic authentication is determined according to the authentication record of the existing certified person. In other words, if the date of electronic authentication immediately before and the date of receiving the authentication request are within the same month, it is judged that electronic authentication is not necessary, and if the date of receipt is different from the above authentication date, electronic authentication is required. Is judged. In this way, the authentication request processing unit 402 determines whether or not to execute the electronic authentication based on the authentication policy and the electronic authentication history stored in the authentication history database.
 認証要求処理部402は、必要と判断された認証(生体認証、電子認証)を実行する(ステップS107)。 The authentication request processing unit 402 executes authentication (biometric authentication, electronic authentication) determined to be necessary (step S107).
 認証要求処理部402は、認証結果を業務管理サーバ20に送信する(ステップS108)。認証ポリシに従って認証を行わなかった場合には、認証要求処理部402は、当該認証ポリシに従い不実施の認証について「認証成功」と扱い、認証要求に対する認証結果(認証成功、認証失敗)を生成すればよい。あるいは、認証要求処理部402は、認証ポリシに従って不実施な認証方式を業務管理サーバ20に通知してもよい。 The authentication request processing unit 402 transmits the authentication result to the business management server 20 (step S108). If the authentication is not performed according to the authentication policy, the authentication request processing unit 402 treats the unexecuted authentication according to the authentication policy as "authentication success" and generates the authentication result (authentication success, authentication failure) for the authentication request. Just do it. Alternatively, the authentication request processing unit 402 may notify the business management server 20 of an authentication method that has not been implemented according to the authentication policy.
 以上のように、第2の実施形態に係る認証システムでは、認証ポリシを用いることでサービス事業者の複雑な要求にも応えることができる。即ち、サービス事業者は、利用者の認証状況(認証履歴)も管理する必要はなく、利用者の生体情報や電子情報を認証サーバ10に送信することで、自身のサービス提供に求められる必要最小限の認証を実行できる。また、第2の実施形態では、認証サーバ10と検証サーバ40の間のデータ送受信が削減されるので、電子証明書といった機密性の高い情報の頻繁な送受信を抑制することができる。 As described above, the authentication system according to the second embodiment can meet the complicated demands of the service provider by using the authentication policy. That is, the service provider does not need to manage the user's authentication status (authentication history), and by transmitting the user's biometric information and electronic information to the authentication server 10, the minimum required for providing his / her own service. Limited authentication can be performed. Further, in the second embodiment, since the data transmission / reception between the authentication server 10 and the verification server 40 is reduced, it is possible to suppress the frequent transmission / reception of highly confidential information such as a digital certificate.
[第3の実施形態]
 続いて、第3の実施形態について図面を参照して詳細に説明する。 [Third Embodiment]
Subsequently, the third embodiment will be described in detail with reference to the drawings.
 第1及び第2の実施形態では、1つのサービス事業者から1種類の認証要求が送信される場合を前提に説明を行った。しかし、サービス事業者の業種、業態によっては同じサービス事業者から異なる種類の認証要求が認証センターに送信される場合もある。 In the first and second embodiments, the description has been made on the premise that one type of authentication request is transmitted from one service provider. However, depending on the type of business and business type of the service provider, different types of authentication requests may be sent from the same service provider to the certification center.
 例えば、サービス事業者がカジノ運営業者の場合を考える。この場合、カジノ場への出入り口に端末30が設置され、生体認証と電子認証を通過した利用者が入場できる。また、カジノ場の各所に売店等が設けられ、売店における商品購入の決済に生体認証が使われる。 For example, consider the case where the service provider is a casino operator. In this case, a terminal 30 is installed at the entrance / exit to the casino, and a user who has passed biometric authentication and electronic authentication can enter. In addition, shops and the like are set up in various places in the casino, and biometric authentication is used to settle the purchase of goods at the shops.
 第3の実施形態では、カジノ場のように複数種類の認証要求が認証サーバ10に送信される場合について説明する。 The third embodiment describes a case where a plurality of types of authentication requests are transmitted to the authentication server 10 as in a casino.
 第3の実施形態に係る認証システムの構成は第1の実施形態と同一とすることができるので図2に相当する説明を省略する。また、第3の実施形態に係る認証サーバ10、業務管理サーバ20、端末30の処理構成も第1の実施形態と同一とすることができるので、その説明を省略する。 Since the configuration of the authentication system according to the third embodiment can be the same as that of the first embodiment, the description corresponding to FIG. 2 will be omitted. Further, since the processing configuration of the authentication server 10, the business management server 20, and the terminal 30 according to the third embodiment can be the same as that of the first embodiment, the description thereof will be omitted.
 以下、第1乃至第3の実施形態の相違点を中心に説明する。 Hereinafter, the differences between the first to third embodiments will be mainly described.
 第3の実施形態に係るサービス事業者は、認証(生体認証、電子認証)の実施に関するポリシに加え、認証に付随する事項を含む認証ポリシを認証サーバ10に登録する。認証サーバ10は、当該認証ポリシに従った動作を行うことで、上記カジノ事業者等から求められるような認証サービスを提供する。 The service provider according to the third embodiment registers the authentication policy including the matters accompanying the authentication in the authentication server 10 in addition to the policy regarding the implementation of the authentication (biometric authentication, electronic authentication). The authentication server 10 provides an authentication service as required by the casino operator or the like by performing an operation according to the authentication policy.
 サービス事業者は、認証要求1に関する以下の認証ポリシ1を登録する。 The service provider registers the following authentication policy 1 regarding authentication request 1.
<認証ポリシ1>
 生体認証及び電子認証を要求する認証要求1を受信した場合、認証成功者の生体情報と個人情報を対応付けて生体情報データベースに記憶する。なお、この場合の個人情報には、代金決済のためのクレジット情報(例えば、銀行口座、クレジットカード情報)が含まれる。 <Authentication policy 1>
When the authentication request 1 requesting the biometric authentication and the electronic authentication is received, the biometric information of the successful authentication person and the personal information are associated and stored in the biometric information database. The personal information in this case includes credit information for payment (for example, bank account, credit card information).
 さらに、サービス事業者は、認証要求3に関する以下の認証ポリシ2を登録する。 Furthermore, the service provider registers the following authentication policy 2 regarding the authentication request 3.
<認証ポリシ2>
 生体認証を要求する認証要求3を受信した場合、生体情報データベースを用いた1対N(Nは正の整数、以下同じ)照合を実行し、対応する個人情報をサービス事業者に送信する。 <Authentication policy 2>
When the authentication request 3 requesting biometric authentication is received, 1-to-N (N is a positive integer, the same applies hereinafter) collation using the biometric information database is executed, and the corresponding personal information is transmitted to the service provider.
 第3の実施形態に係る認証要求処理部402は、業務管理サーバ20から認証要求を受信すると、サービス事業者IDを取得する。認証要求処理部402は、当該サービス事業者IDを用いて認証ポリシデータベースを参照し、対応する認証ポリシを取得する。 Upon receiving the authentication request from the business management server 20, the authentication request processing unit 402 according to the third embodiment acquires the service provider ID. The authentication request processing unit 402 refers to the authentication policy database using the service provider ID and acquires the corresponding authentication policy.
 上記認証ポリシ1、2を登録したサービス事業者から認証要求1を受信した場合には、認証要求処理部402は「認証ポリシ1」に従った処理を実行する。 When the authentication request 1 is received from the service provider who registered the above authentication policies 1 and 2, the authentication request processing unit 402 executes the process according to the "authentication policy 1".
 この場合、認証要求処理部402は、生体認証、電子認証を実行する。認証要求処理部402は、認証結果を業務管理サーバ20に通知する。また、2つの認証が共に成功であれば、認証要求処理部402は、業務管理サーバ20から取得した認証成功者の顔画像(撮影顔画像及び/又はチップ顔画像)と個人情報を対応付けて生体情報データベースに記憶する(図17参照)。 In this case, the authentication request processing unit 402 executes biometric authentication and electronic authentication. The authentication request processing unit 402 notifies the business management server 20 of the authentication result. If both authentications are successful, the authentication request processing unit 402 associates the face image (photographed face image and / or chip face image) of the successful authentication person acquired from the business management server 20 with the personal information. Store in the biometric information database (see FIG. 17).
 上記サービス事業者の業務管理サーバ20から認証要求3を受信した場合には、認証要求処理部402は「認証ポリシ2」に従った処理を実行する。 When the authentication request 3 is received from the business management server 20 of the service provider, the authentication request processing unit 402 executes the process according to the "authentication policy 2".
 この場合、認証要求処理部402は、生体認証を実行する。その際、認証要求処理部402(生体認証部411)は、業務管理サーバ20から取得した顔画像を照合側、生体情報データベースに登録された顔画像を登録側にそれぞれ設定し、1対N照合を実行する。生体認証部411は、照合側と登録側の類似度が所定の値以上であって、最も類似度が高い登録側の顔画像を特定し、対応する個人情報を取得する。なお、認証要求処理部402は、顔画像から特徴量を計算し、特徴量同士の類似度(距離)を計算する。 In this case, the authentication request processing unit 402 executes biometric authentication. At that time, the authentication request processing unit 402 (biometric authentication unit 411) sets the face image acquired from the business management server 20 on the collation side and the face image registered in the biometric information database on the registration side, respectively, and performs 1-to-N collation. To execute. The biometric authentication unit 411 identifies the face image of the registration side having the similarity between the collation side and the registration side at a predetermined value or more and has the highest similarity, and acquires the corresponding personal information. The authentication request processing unit 402 calculates the feature amount from the face image and calculates the similarity (distance) between the feature amounts.
 認証要求処理部402は、認証成功者の個人情報を業務管理サーバ20に送信する。 The authentication request processing unit 402 transmits the personal information of the successful authentication person to the business management server 20.
 業務管理サーバ20は、取得した個人情報を用いて認証成功者に対してサービスを提供する。例えば、業務管理サーバ20は、個人情報として登録されたクレジット情報を用いて決済処理を行う。 The business management server 20 provides a service to a successful authentication person using the acquired personal information. For example, the business management server 20 performs payment processing using credit information registered as personal information.
 上記第3の実施形態に係る動作を、図18を参照しつつ具体的に説明する。なお、図18において業務管理サーバ20の図示を省略している。認証端末30と認証サーバ10は、業務管理サーバ20を介してデータの送受信を行う。 The operation according to the third embodiment will be specifically described with reference to FIG. Note that the business management server 20 is not shown in FIG. The authentication terminal 30 and the authentication server 10 transmit and receive data via the business management server 20.
 利用者U1は、カジノ場等の入り口に設置された端末30-3に身分証明書を提示する。利用者U1は、端末30-3を操作して個人情報(クレジット情報)を入力する。あるいは、当該個人情報は利用者U1のスマートフォン等の端末を利用して入力されてもよい。例えば、個人情報が含まれる2次元バーコードを端末30-3に提示することにより端末30-3に個人情報が入力されてもよい。 User U1 presents an ID card to the terminal 30-3 installed at the entrance of a casino or the like. The user U1 operates the terminal 30-3 to input personal information (credit information). Alternatively, the personal information may be input using a terminal such as a smartphone of the user U1. For example, personal information may be input to the terminal 30-3 by presenting the two-dimensional bar code including the personal information to the terminal 30-3.
 端末30-3は、利用者U1の顔画像、ICチップ情報、個人情報を業務管理サーバ20に送信する。業務管理サーバ20は、端末30-3から取得した顔画像、電子証明書、個人情報を含む認証要求1を認証サーバ10に送信する。 The terminal 30-3 transmits the face image, IC chip information, and personal information of the user U1 to the business management server 20. The business management server 20 transmits the authentication request 1 including the face image, the digital certificate, and the personal information acquired from the terminals 30-3 to the authentication server 10.
 認証サーバ10は、生体認証、電子認証の認証結果が共に成功であれば、認証成功者(利用者U1)の顔画像と個人情報を対応付けて生体情報データベースに記憶する。 If the authentication results of both biometric authentication and electronic authentication are successful, the authentication server 10 stores the face image of the successful authentication person (user U1) and personal information in the biometric information database in association with each other.
 認証サーバ10は、認証成功をサービス事業者(業務管理サーバ20、端末30-3)に通知する。認証成功を受信したことに応じて、端末30-3はゲートを開き利用者U1の入場を許可する。 The authentication server 10 notifies the service provider (business management server 20, terminal 30-3) of the success of the authentication. Upon receiving the successful authentication, the terminal 30-3 opens the gate and allows the user U1 to enter.
 利用者U1はカジノ場を移動し、売店に設置された端末30-4にて購入商品の決済を行う。 User U1 moves to the casino and pays for the purchased product at the terminal 30-4 installed at the shop.
 端末30-4は、利用者U1の顔画像を取得し、業務管理サーバ20に送信する。業務管理サーバ20は、利用者U1の顔画像を含む認証要求3を認証サーバ10に送信する。 The terminal 30-4 acquires the face image of the user U1 and sends it to the business management server 20. The business management server 20 transmits an authentication request 3 including a face image of the user U1 to the authentication server 10.
 認証サーバ10は、生体認証により利用者U1の個人情報を特定する。より具体的には、認証サーバ10は、生体情報データベースに登録された顔画像と認証要求3から取り出した顔画像を用いた1対N照合を実行し、利用者U1の個人情報を特定する。 The authentication server 10 identifies the personal information of the user U1 by biometric authentication. More specifically, the authentication server 10 executes 1-to-N collation using the face image registered in the biological information database and the face image extracted from the authentication request 3, and identifies the personal information of the user U1.
 認証サーバ10は、特定した個人情報(クレジット情報)をサービス事業者(業務管理サーバ20、認証端末30-4)に送信する。 The authentication server 10 transmits the specified personal information (credit information) to the service provider (business management server 20, authentication terminal 30-4).
 サービス事業者は、取得した個人情報を用いて利用者U1の代金決済処理を完了する。 The service provider completes the payment processing of the user U1 using the acquired personal information.
 以上のように、第3の実施形態に係る認証サーバ10は、異なるタイプの認証要求を送信するサービス事業者から、生体認証及び電子認証を要求される。認証サーバ10は、生体認証及び電子認証に成功した場合には、認証成功者の生体情報と個人情報(クレジット情報)を対応付けて生体情報データベースに記憶する。認証サーバ10は、当該サービス事業者から、生体認証を要求された場合には、生体情報データベースに記憶された生体情報と被認証者の生体情報を用いた1対N照合により被認証者の個人情報を特定する。認証サーバ10は、特定された個人情報を上記サービス事業者に送信する。その結果、第3の実施形態では、同一の施設で異なるタイプの認証が必要なる場合であってもサービス事業者は、認証処理の具体的内容を意識することなく、必要な認証を実現できる。即ち、第3の実施形態では、カジノ場のように、入口に設置された認証端末30は認証要求1を送信し、売店に設置された認証端末30は認証要求3を送信するように設定されているサービス事業者に適した認証サービスを提供できる。 As described above, the authentication server 10 according to the third embodiment is required to perform biometric authentication and electronic authentication by a service provider that sends different types of authentication requests. When the biometric authentication and the electronic authentication are successful, the authentication server 10 stores the biometric information of the successful authentication person and the personal information (credit information) in the biometric information database in association with each other. When the service provider requests biometric authentication, the authentication server 10 performs a one-to-N verification using the biometric information stored in the biometric information database and the biometric information of the authenticated person to perform the individual authentication of the authenticated person. Identify the information. The authentication server 10 transmits the specified personal information to the service provider. As a result, in the third embodiment, even if different types of authentication are required in the same facility, the service provider can realize the required authentication without being aware of the specific content of the authentication process. That is, in the third embodiment, the authentication terminal 30 installed at the entrance is set to transmit the authentication request 1 and the authentication terminal 30 installed at the shop is set to transmit the authentication request 3, as in the casino hall. It is possible to provide an authentication service suitable for the service provider.
 続いて、認証システムを構成する各装置のハードウェアについて説明する。図19は、認証サーバ10のハードウェア構成の一例を示す図である。 Next, the hardware of each device that constitutes the authentication system will be described. FIG. 19 is a diagram showing an example of the hardware configuration of the authentication server 10.
 認証サーバ10は、情報処理装置(所謂、コンピュータ)により構成可能であり、図19に例示する構成を備える。例えば、認証サーバ10は、プロセッサ311、メモリ312、入出力インターフェイス313及び通信インターフェイス314等を備える。上記プロセッサ311等の構成要素は内部バス等により接続され、相互に通信可能に構成されている。 The authentication server 10 can be configured by an information processing device (so-called computer), and includes the configuration illustrated in FIG. For example, the authentication server 10 includes a processor 311, a memory 312, an input / output interface 313, a communication interface 314, and the like. The components such as the processor 311 are connected by an internal bus or the like and are configured to be able to communicate with each other.
 但し、図19に示す構成は、認証サーバ10のハードウェア構成を限定する趣旨ではない。認証サーバ10は、図示しないハードウェアを含んでもよい。また、認証サーバ10に含まれるプロセッサ311等の数も図19の例示に限定する趣旨ではなく、例えば、複数のプロセッサ311が認証サーバ10に含まれていてもよい。 However, the configuration shown in FIG. 19 does not mean to limit the hardware configuration of the authentication server 10. The authentication server 10 may include hardware (not shown). Further, the number of processors 311 and the like included in the authentication server 10 is not limited to the example shown in FIG. 19, and for example, a plurality of processors 311 may be included in the authentication server 10.
 プロセッサ311は、例えば、CPU(Central Processing Unit)、MPU(Micro Processing Unit)、DSP(Digital Signal Processor)等のプログラマブルなデバイスである。あるいは、プロセッサ311は、FPGA(Field Programmable Gate Array)、ASIC(Application Specific Integrated Circuit)等のデバイスであってもよい。プロセッサ311は、オペレーティングシステム(OS;Operating System)を含む各種プログラムを実行する。 The processor 311 is a programmable device such as a CPU (Central Processing Unit), an MPU (Micro Processing Unit), and a DSP (Digital Signal Processor). Alternatively, the processor 311 may be a device such as an FPGA (Field Programmable Gate Array) or an ASIC (Application Specific Integrated Circuit). The processor 311 executes various programs including an operating system (OS).
 メモリ312は、RAM(Random Access Memory)、ROM(Read Only Memory)、HDD(Hard Disk Drive)、SSD(Solid State Drive)等である。メモリ312は、OSプログラム、アプリケーションプログラム、各種データを格納する。 The memory 312 is a RAM (RandomAccessMemory), a ROM (ReadOnlyMemory), an HDD (HardDiskDrive), an SSD (SolidStateDrive), or the like. The memory 312 stores an OS program, an application program, and various data.
 入出力インターフェイス313は、図示しない表示装置や入力装置のインターフェイスである。表示装置は、例えば、液晶ディスプレイ等である。入力装置は、例えば、キーボードやマウス等のユーザ操作を受け付ける装置である。 The input / output interface 313 is an interface of a display device or an input device (not shown). The display device is, for example, a liquid crystal display or the like. The input device is, for example, a device that accepts user operations such as a keyboard and a mouse.
 通信インターフェイス314は、他の装置と通信を行う回路、モジュール等である。例えば、通信インターフェイス314は、無線通信回路やNIC(Network Interface Card)等を備える。 The communication interface 314 is a circuit, module, etc. that communicates with other devices. For example, the communication interface 314 includes a wireless communication circuit, a NIC (Network Interface Card), and the like.
 認証サーバ10の機能は、各種処理モジュールにより実現される。当該処理モジュールは、例えば、メモリ312に格納されたプログラムをプロセッサ311が実行することで実現される。また、当該プログラムは、コンピュータが読み取り可能な記憶媒体に記録することができる。記憶媒体は、半導体メモリ、ハードディスク、磁気記録媒体、光記録媒体等の非トランジェント(non-transitory)なものとすることができる。即ち、本発明は、コンピュータプログラム製品として具現することも可能である。また、上記プログラムは、ネットワークを介してダウンロードするか、あるいは、プログラムを記憶した記憶媒体を用いて、更新することができる。さらに、上記処理モジュールは、半導体チップにより実現されてもよい。 The function of the authentication server 10 is realized by various processing modules. The processing module is realized, for example, by the processor 311 executing a program stored in the memory 312. The program can also be recorded on a computer-readable storage medium. The storage medium may be a non-transient such as a semiconductor memory, a hard disk, a magnetic recording medium, or an optical recording medium. That is, the present invention can also be embodied as a computer program product. Further, the above program can be downloaded via a network or updated by using a storage medium in which the program is stored. Further, the processing module may be realized by a semiconductor chip.
 なお、業務管理サーバ20、端末30等も認証サーバ10と同様に情報処理装置により構成可能であり、その基本的なハードウェア構成は認証サーバ10と相違する点はないので説明を省略する。例えば、端末30は、利用者を撮像するためのカメラやICチップから情報を読み出すためのカードリーダを備えていればよい。 Note that the business management server 20, the terminal 30, and the like can also be configured by the information processing device in the same manner as the authentication server 10, and the basic hardware configuration thereof is not different from that of the authentication server 10, so the description thereof will be omitted. For example, the terminal 30 may be provided with a camera for photographing a user or a card reader for reading information from an IC chip.
 認証サーバ10は、コンピュータを搭載し、当該コンピュータにプログラムを実行させることで認証サーバ10の機能が実現できる。また、認証サーバ10は、当該プログラムにより認証要求処理方法を実行する。 The authentication server 10 is equipped with a computer, and the function of the authentication server 10 can be realized by causing the computer to execute a program. Further, the authentication server 10 executes the authentication request processing method by the program.
[変形例]
 なお、上記実施形態にて説明した認証システムの構成、動作等は例示であって、システムの構成等を限定する趣旨ではない。 [Modification example]
The configuration, operation, and the like of the authentication system described in the above embodiment are examples, and are not intended to limit the system configuration and the like.
 上記実施形態では、サービスの提供を受ける利用者がサービス事業者を訪問し、身分証明書を提示する場合を主に説明した。しかし、利用者がWEB(ウェブ)ページ等を介してサービスの提供を受ける場合であっても、本願開示を適用することができる。具体的には、利用者は、スマートフォン等の端末を利用して自身の顔画像を撮影し、当該顔画像をWEBページに登録する。さらに、利用者は、カードリーダを用いて身分証明書のICチップから読み出したICチップ情報を当該WEBページに入力すればよい。 In the above embodiment, the case where the user who receives the service visits the service provider and presents the identification card is mainly described. However, the disclosure of the present application can be applied even when the user receives the service via the WEB (web) page or the like. Specifically, the user takes a face image of himself / herself using a terminal such as a smartphone, and registers the face image on the WEB page. Further, the user may input the IC chip information read from the IC chip of the identification card into the WEB page using a card reader.
 本願開示は、電子情報を格納する任意の身分証明書を対象とする。例えば、ICチップが搭載された運転免許証が身分証明書として用いられてもよいし、特定の資格(例えば、医師)を証明するための身分証明書が使用されてもよい。あるいは、米国のSNN(Social Security Number)カードのような身分証明書にICチップが搭載されるようになれば、当該カードも本願開示の身分証明書として用いることもできる。 The disclosure of this application is intended for any identification card that stores electronic information. For example, a driver's license equipped with an IC chip may be used as an identification card, or an identification card for certifying a specific qualification (for example, a doctor) may be used. Alternatively, if an IC chip is mounted on an identification card such as an SNN (Social Security Number) card in the United States, the card can also be used as the identification card disclosed in the present application.
 上記実施形態では、ICチップから抽出された電子証明書を用いた電子認証について説明した。しかし、電子認証に用いる情報は電子証明書に限定されず、電子署名が電子認証に用いられてもよい。認証サーバ10は、運転免許証のICチップから抽出された電子署名を含む認証要求を受信した場合には、当該電子署名を検証するための情報を外部のサーバから取得する。具体的には、認証サーバ10は、電子署名の署名者(運転免許証の発行主体)の公開鍵を取得する。認証サーバ10は、取得した情報(公開鍵)を用いて電子署名の検証に成功した場合に、電子認証に成功したと判定する。あるいは、パスポートのように電子証明書、電子署名等が格納されてない身分証明書であっても、認証サーバ10は、当該身分証明書のICチップから取り出した情報を用いた電子認証が可能である。例えば、認証サーバ10は、外部のサーバにパスポート番号の有効性等を問い合わせることで、電子認証を行ってもよい。 In the above embodiment, electronic authentication using an electronic certificate extracted from an IC chip has been described. However, the information used for electronic authentication is not limited to the electronic certificate, and the electronic signature may be used for the electronic authentication. When the authentication server 10 receives an authentication request including an electronic signature extracted from the IC chip of the driver's license, the authentication server 10 acquires information for verifying the electronic signature from an external server. Specifically, the authentication server 10 acquires the public key of the signer of the electronic signature (the issuer of the driver's license). When the authentication server 10 succeeds in verifying the electronic signature using the acquired information (public key), the authentication server 10 determines that the electronic authentication is successful. Alternatively, even if the identification card does not store an electronic certificate, an electronic signature, etc. like a passport, the authentication server 10 can perform electronic authentication using the information taken out from the IC chip of the identification card. be. For example, the authentication server 10 may perform electronic authentication by inquiring an external server about the validity of the passport number and the like.
 上記実施形態では、業務管理サーバ20から認証サーバ10に「顔画像」に係る生体情報が送信される場合について説明した。しかし、業務管理サーバ20から認証サーバ10に「顔画像から生成された特徴量」に係る生体情報が送信されてもよい。また、ICチップから読み出されたチップ顔画像が「特徴量」に係る生体情報であれば、認証サーバ10は、撮影顔画像からチップ顔画像に対応した特徴量を生成し、生体認証(1対1照合)を実行すればよい。 In the above embodiment, the case where the biometric information related to the "face image" is transmitted from the business management server 20 to the authentication server 10 has been described. However, the biometric information related to the "feature amount generated from the face image" may be transmitted from the business management server 20 to the authentication server 10. Further, if the chip face image read from the IC chip is biometric information related to the "feature amount", the authentication server 10 generates a feature amount corresponding to the chip face image from the photographed face image and performs biometric authentication (1). One-to-one matching) may be executed.
 サービス事業者が有する複数の認証端末30は、同じ敷地や建物等に設置されていなくともよい。サービス事業者が共通すれば、各認証端末30は空間的に離れた場所に設置されていてもよい。 The plurality of authentication terminals 30 owned by the service provider do not have to be installed on the same site, building, or the like. If the service providers are common, each authentication terminal 30 may be installed in a spatially separated place.
 上記実施形態では、認証サーバ10が利用者IDを生成し、サービス事業者に当該利用者IDを通知する場合について説明した。しかし、業務管理サーバ20が利用者IDを生成し、当該生成した利用者IDを認証サーバ10に通知してもよい。例えば、業務管理サーバ20は、基本4情報から利用者IDを生成してもよい。この場合、個人情報の頻繁な送受信を抑制することができる。 In the above embodiment, the case where the authentication server 10 generates the user ID and notifies the service provider of the user ID has been described. However, the business management server 20 may generate a user ID, and the generated user ID may be notified to the authentication server 10. For example, the business management server 20 may generate a user ID from the basic 4 information. In this case, frequent transmission / reception of personal information can be suppressed.
 上記実施形態では、認証サーバ10は、認証に失敗した場合、当該事実だけを業務管理サーバ20に通知することを説明した。認証サーバ10は、認証に失敗した理由等も併せて業務管理サーバ20に通知してもよい。例えば、認証サーバ10は、認証に失敗した種別(生体認証、電子認証)を業務管理サーバ20に通知してもよい。あるいは、電子認証に失敗した場合には、認証サーバ10は、電子認証に失敗した理由(例えば、電子証明書の有効期間が満了)を業務管理サーバ20に通知してもよい。サービス事業者は、認証に失敗した理由を利用者に通知してもよい。あるいは、端末30は、利用者がサービスを受けることができない理由が直感的に把握できるような表示等を行ってもよい。例えば、端末30は、パスワードの間違いが原因でサービスの提供を受けることができないのか、身分証明書の有効期間が満了しているためサービスの提供を受けることができないのか明示して利用者に情報提供してもよい。 In the above embodiment, it has been described that the authentication server 10 notifies only the fact to the business management server 20 when the authentication fails. The authentication server 10 may also notify the business management server 20 of the reason why the authentication has failed. For example, the authentication server 10 may notify the business management server 20 of the type (biometric authentication, electronic authentication) for which authentication has failed. Alternatively, when the electronic authentication fails, the authentication server 10 may notify the business management server 20 of the reason for the failure of the electronic authentication (for example, the validity period of the electronic certificate has expired). The service provider may notify the user of the reason why the authentication fails. Alternatively, the terminal 30 may display so that the reason why the user cannot receive the service can be intuitively grasped. For example, the terminal 30 clearly informs the user whether the service cannot be provided due to an incorrect password or whether the service cannot be provided because the validity period of the identification card has expired. May be provided.
 あるいは、電子証明書の有効期間が満了していなくとも、当該有効期間が満了間近の場合には、認証サーバ10は、当該事実を業務管理サーバ20に通知してもよい。サービス事業者は、利用者に対して電子証明書の有効期間が間もなく満了する事実を通知してもよい。 Alternatively, even if the validity period of the digital certificate has not expired, the authentication server 10 may notify the business management server 20 of the fact when the validity period is about to expire. The service provider may notify the user of the fact that the validity period of the digital certificate is about to expire.
 上記実施形態では、電子証明書を読み出すためのパスワードを利用者が入力する場合について説明した。しかし、認証サーバ10に当該パスワードを記憶しておくことで、当該利用者によりパスワードの入力を省略することができる。利用者は、自身の顔画像と上記パスワードを認証サーバ10に登録する。端末30は、撮影顔画像及びICチップ情報を、業務管理サーバ20に送信する。業務管理サーバ20は、撮影顔画像を認証サーバ10に送信する。認証サーバ10は、事前に登録された顔画像と業務管理サーバ20を介して取得した撮影顔画像を用いた照合(1対N照合)を実行し、対応するパスワードを特定する。認証サーバ10は、当該特定したパスワードを業務管理サーバ20に送信する。業務管理サーバ20は、取得したパスワードを用いて電子証明書を取り出す。その後の処理に関し、業務管理サーバ20は、上記説明した認証要求1又は認証要求2を送信すればよい。あるいは、業務管理サーバ20が生体認証に対応している場合には、業務管理サーバ20に利用者の生体情報とパスワードを対応付けて記憶してもよい。この場合、業務管理サーバ20は、認証サーバ10から電子証明書を取り出すためのパスワードを入手することなく、電子証明書を取得できる。即ち、認証要求2が送信される際、エッジ側であるサービス事業者における生体認証に成功すると、業務管理サーバ20は利用者からパスワードを取得しなくとも電子証明書を読み出すことができる。 In the above embodiment, the case where the user inputs the password for reading the digital certificate has been described. However, by storing the password in the authentication server 10, the user can omit the input of the password. The user registers his / her face image and the above password in the authentication server 10. The terminal 30 transmits the photographed face image and the IC chip information to the business management server 20. The business management server 20 transmits the photographed face image to the authentication server 10. The authentication server 10 executes collation (one-to-N collation) using the face image registered in advance and the photographed face image acquired via the business management server 20, and identifies the corresponding password. The authentication server 10 transmits the specified password to the business management server 20. The business management server 20 retrieves the digital certificate using the acquired password. Regarding the subsequent processing, the business management server 20 may transmit the authentication request 1 or the authentication request 2 described above. Alternatively, when the business management server 20 supports biometric authentication, the business management server 20 may store the user's biometric information and the password in association with each other. In this case, the business management server 20 can acquire the digital certificate without obtaining the password for extracting the digital certificate from the authentication server 10. That is, when the authentication request 2 is transmitted, if the biometric authentication by the service provider on the edge side is successful, the business management server 20 can read the electronic certificate without acquiring the password from the user.
 認証サーバ10は、定期的又は所定のタイミングで認証履歴を確認し、その結果に応じて種々の情報をサービス事業者(業務管理サーバ20)に通知してもよい。例えば、認証サーバ10は、カジノ場からの認証要求1を処理してから所定時間(例えば、24時間)経過した後、当該認証要求1による認証成功者(カジノ場に入場した利用者)の利用者IDを業務管理サーバ20に通知してもよい。カジノ事業者は、当該通知に応じて、対応する利用者(カジノ場に入場してから24時間経過した利用者)に対して退場、再入場を促してもよい。あるいは、認証サーバ10は、カジノ場に入場してから所定期間経過した利用者に対し、身分証明書の提示による生体認証、電子認証を再び要求してもよい。具体的には、認証サーバ10は、サービス事業者(業務管理サーバ20)に対し上記事実(カジノ場入場から所定期間経過)と共に当該利用者の利用者IDを通知する。サービス提供者(業務管理サーバ20)は、当該通知された利用者IDに対応する利用者に対してカジノ場を一度退場して入口の認証端末30に移動するように指示(通知)してもよい。あるいは、サービス事業者は、上記利用者に対して、カジノ場の内部に設置された認証端末30に移動するように指示してもよい。利用者は、当該指示された認証端末30にて身分証明書を提示し、改めて生体認証及び電子認証を受ければよい。 The authentication server 10 may check the authentication history periodically or at a predetermined timing, and notify the service provider (business management server 20) of various information according to the result. For example, the authentication server 10 uses a successful authentication person (user who has entered the casino) according to the authentication request 1 after a predetermined time (for example, 24 hours) has elapsed after processing the authentication request 1 from the casino. The person ID may be notified to the business management server 20. The casino operator may urge the corresponding user (the user who has passed 24 hours after entering the casino) to leave and re-enter in response to the notification. Alternatively, the authentication server 10 may again request the user who has passed a predetermined period of time after entering the casino to perform biometric authentication and electronic authentication by presenting an identification card. Specifically, the authentication server 10 notifies the service provider (business management server 20) of the above fact (a predetermined period has passed since the entrance to the casino) and the user ID of the user. Even if the service provider (business management server 20) instructs (notifies) the user corresponding to the notified user ID to leave the casino once and move to the authentication terminal 30 at the entrance. good. Alternatively, the service provider may instruct the user to move to the authentication terminal 30 installed inside the casino. The user may present the identification card at the instructed authentication terminal 30 and receive biometric authentication and electronic authentication again.
 認証サーバ10は、一のサービス事業者からの認証要求を処理する際、他のサービス事業者からの認証要求を処理した結果(認証履歴)を利用してもよい。例えば、図13の例おいて、認証サーバ10は、サービス事業者S2から認証要求1を受信した場合を考える。この場合、認証要求日を含む月が「2020年7月」であれば、サービス事業者S2の認証ポリシに従い、直前の電子認証日と認証要求日が同じ月内ではないので、利用者(利用者IDがID11の利用者)の電子認証が実行される。しかし、当該利用者のサービス事業者S1による電子認証は「2020年7月」に既に実行され、成功しているので、認証サーバ10は、当該事実により「直前の電子認証日と認証要求日が同じ月内」と判断し、電子認証を省略することもできる。 When processing an authentication request from one service provider, the authentication server 10 may use the result (authentication history) of processing the authentication request from another service provider. For example, in the example of FIG. 13, consider the case where the authentication server 10 receives the authentication request 1 from the service provider S2. In this case, if the month including the authentication request date is "July 2020", the user (use) because the immediately preceding electronic authentication date and the authentication request date are not within the same month according to the authentication policy of the service provider S2. Electronic authentication of the user whose personal ID is ID 11) is executed. However, since the electronic authentication by the service provider S1 of the user has already been executed and succeeded in "July 2020", the authentication server 10 has "the immediately preceding electronic authentication date and the authentication request date" due to the fact. It is also possible to omit the electronic authentication by judging that it is within the same month.
 上記実施形態では、サービス事業者が自身の認証ポリシを事前に認証サーバ10に登録することを説明した。しかし、サービス事業者は、認証要求と共に認証ポリシを認証サーバ10に送信してもよい。このような対応により、サービス事業者の認証ポリシが変更になったとしても何らの手続きを要せず、認証要求の処理方法を変更することができる。 In the above embodiment, it has been explained that the service provider registers its own authentication policy in the authentication server 10 in advance. However, the service provider may send the authentication policy to the authentication server 10 together with the authentication request. With such a response, even if the authentication policy of the service provider is changed, it is possible to change the processing method of the authentication request without requiring any procedure.
 第3の実施形態では、認証ポリシにより同じサービス事業者から異なる認証要求(異なるタイプの認証要求)を処理する場合について説明した。しかし、第3の実施形態に係る認証システムでは、認証要求を拡張し、上記サービス事業者の要望を実現してもよい。例えば、認証サーバ10は、認証タイプが「4」に設定された認証要求を上記説明した認証ポリシ1の内容で処理する。認証サーバ10は、認証タイプが「5」に設定された認証要求を上記説明した認証ポリシ2の内容で処理する。 In the third embodiment, a case where different authentication requests (different types of authentication requests) are processed from the same service provider by the authentication policy has been described. However, in the authentication system according to the third embodiment, the authentication request may be extended to realize the request of the service provider. For example, the authentication server 10 processes an authentication request whose authentication type is set to "4" according to the contents of the authentication policy 1 described above. The authentication server 10 processes the authentication request whose authentication type is set to "5" according to the contents of the authentication policy 2 described above.
 なお、自治体が高齢者や障害者等に交通機関の利用に関する優遇措置に関するサービス提供に第3の実施形態が適用されてもよい。具体的には、サービス事業者(自治体)は、高齢者等に福祉パスを発行する際、生体認証と電子認証の両方を認証サーバ10に依頼する。福祉パスを所持する利用者が交通機関を利用する際には、交通機関から当該利用者の生体情報(撮影顔画像、チップ顔画像)が業務管理サーバ20に送信される。業務管理サーバ20は、当該生体情報の認証を認証サーバ10に依頼する。業務管理サーバ20は、生体認証による結果に応じて福祉パスの利用を管理する。また、福祉パスに関するサービスの提供に関しても、同じ月内であれば電子認証が不要な場合、第2の実施形態と同様に、同一月内は生体認証に限り実行され電子認証は省略されてもよい。 The third embodiment may be applied to the provision of services related to preferential treatment regarding the use of transportation by the local government to the elderly and persons with disabilities. Specifically, the service provider (local government) requests the authentication server 10 for both biometric authentication and electronic authentication when issuing a welfare pass to the elderly and the like. When a user who has a welfare pass uses transportation, the transportation provides biometric information (photographed face image, chip face image) of the user to the business management server 20. The business management server 20 requests the authentication server 10 to authenticate the biometric information. The business management server 20 manages the use of the welfare pass according to the result of biometric authentication. Also, regarding the provision of services related to the welfare pass, if electronic authentication is not required within the same month, as in the second embodiment, biometric authentication is executed only within the same month, and electronic authentication is omitted. good.
 上記実施形態では、一種類の身分証明書がサービス事業者に提示される場合を例に取り説明を行った。しかし、各サービス事業者に提示される身分証明書は異なることもある。この場合、認証サーバ10は、提示された身分証明書(サービス事業者から取得したICチップ情報)の種類に応じて電子検証の依頼先等を変更すればよい。即ち、認証システムには、図20に示すように複数の外部サーバ50が含まれていてもよい。認証サーバ10(電子認証部412)は、利用者がサービス事業者に提示した身分証明書の種類に応じてアクセスする外部サーバ50を切り替えればよい。認証サーバ10は、業務管理サーバ20から取得した情報(例えば、電子証明書)から提示された身分証明書の種類を判定してもよいし、業務管理サーバ20が提示された身分証明書の種類を認証サーバ10に通知してもよい。 In the above embodiment, the explanation was given by taking the case where one type of identification card is presented to the service provider as an example. However, the identification card presented to each service provider may be different. In this case, the authentication server 10 may change the request destination for electronic verification or the like according to the type of the presented identification card (IC chip information acquired from the service provider). That is, the authentication system may include a plurality of external servers 50 as shown in FIG. The authentication server 10 (electronic authentication unit 412) may switch the external server 50 to be accessed according to the type of the identification card presented by the user to the service provider. The authentication server 10 may determine the type of the identification card presented from the information (for example, an electronic certificate) acquired from the business management server 20, or the type of the identification card presented by the business management server 20. May be notified to the authentication server 10.
 上記のように複数の外部サーバ50が含まれる場合の認証サーバ10は、図21に示すような動作を行う。認証サーバ10は、サービス事業者から取得した身分証明書に関する情報を取得する(ステップS201)。認証サーバ10は、取得した身分証明書の種類を特定する(ステップS202)。認証サーバ10は、特定した身分証明書の種類に応じてアクセスする外部サーバ50(検証サーバ)を選択する(ステップS203)。認証サーバ10は、選択した外部サーバ50にアクセスし上記特定された身分証明書に適した電子認証を行う(ステップS204)。 As described above, the authentication server 10 when a plurality of external servers 50 are included performs the operation as shown in FIG. 21. The authentication server 10 acquires information regarding the identification card acquired from the service provider (step S201). The authentication server 10 specifies the type of the acquired identification card (step S202). The authentication server 10 selects an external server 50 (verification server) to be accessed according to the type of the specified identification card (step S203). The authentication server 10 accesses the selected external server 50 and performs electronic authentication suitable for the specified identification card (step S204).
 上述のように、システムが複数の身分証明書に対応する場合には、認証サーバ10は、身分証明書ごとに認証の履歴を記憶してもよい。より具体的には、認証サーバ10は、身分証明書ごと(あるいは、外部サーバ50ごとに)電子認証の成功日時等を記憶、管理してもよい。 As described above, when the system supports a plurality of identification cards, the authentication server 10 may store the authentication history for each identification card. More specifically, the authentication server 10 may store and manage the successful date and time of electronic authentication for each identification card (or for each external server 50).
 認証センターは、認証サービスを提供したサービス事業者に対して手数料の支払いを求めることができる。その際、認証センターは、サービス事業者の種類(公的機関又は民間事業者)や業種(金融業、小売業等)に応じて請求する金額を変更してもよい。 The certification center can request the service provider that provided the certification service to pay the fee. At that time, the certification center may change the amount to be charged according to the type of service provider (public institution or private operator) and industry (financial industry, retail industry, etc.).
 各装置(認証サーバ10、業務管理サーバ20、端末30)間のデータ送受信の形態は特に限定されないが、これら装置間で送受信されるデータは暗号化されていてもよい。これらの装置間では、生体情報が送受信され、当該生体情報を適切に保護するためには、暗号化されたデータが送受信されることが望ましい。 The form of data transmission / reception between each device (authentication server 10, business management server 20, terminal 30) is not particularly limited, but the data transmitted / received between these devices may be encrypted. Biometric information is transmitted and received between these devices, and it is desirable that encrypted data be transmitted and received in order to appropriately protect the biometric information.
 上記説明で用いた流れ図(フローチャート、シーケンス図)では、複数の工程(処理)が順番に記載されているが、実施形態で実行される工程の実行順序は、その記載の順番に制限されない。実施形態では、例えば各処理を並行して実行する等、図示される工程の順番を内容的に支障のない範囲で変更することができる。 In the flow chart (flow chart, sequence diagram) used in the above description, a plurality of processes (processes) are described in order, but the execution order of the processes executed in the embodiment is not limited to the order of description. In the embodiment, the order of the illustrated processes can be changed within a range that does not hinder the contents, for example, each process is executed in parallel.
 上記の実施形態は本願開示の理解を容易にするために詳細に説明したものであり、上記説明したすべての構成が必要であることを意図したものではない。また、複数の実施形態について説明した場合には、各実施形態は単独で用いてもよいし、組み合わせて用いてもよい。例えば、実施形態の構成の一部を他の実施形態の構成に置き換えることや、実施形態の構成に他の実施形態の構成を加えることも可能である。さらに、実施形態の構成の一部について他の構成の追加、削除、置換が可能である。 The above embodiment has been described in detail in order to facilitate understanding of the disclosure of the present application, and is not intended to require all the configurations described above. Moreover, when a plurality of embodiments are described, each embodiment may be used alone or in combination. For example, it is possible to replace a part of the configuration of the embodiment with the configuration of another embodiment, or to add the configuration of another embodiment to the configuration of the embodiment. Further, it is possible to add, delete, or replace a part of the configuration of the embodiment with another configuration.
 上記の説明により、本発明の産業上の利用可能性は明らかであるが、本発明は、身分証明書を用いた本人確認をする認証システムなどに好適に適用可能である。 Although the industrial applicability of the present invention is clear from the above description, the present invention is suitably applicable to an authentication system or the like for identity verification using an identification card.
 上記の実施形態の一部又は全部は、以下の付記のようにも記載され得るが、以下には限られない。
[付記1]
 身分証明書を提示する被認証者に関する認証要求をサービス事業者から受信する、受信部と、
 前記被認証者の生体情報を用いた生体認証と、前記身分証明書から抽出された電子的な情報を用いた電子認証と、を実行することで前記認証要求を処理する、認証要求処理部と、
 前記生体認証及び前記電子認証の結果に応じた認証結果を前記サービス事業者に送信する、送信部と、
 を備える、認証サーバ。
[付記2]
 前記認証要求処理部は、前記認証要求のタイプに応じて、少なくとも前記生体認証及び前記電子認証のいずれか一方を実行する、付記1に記載の認証サーバ。
[付記3]
 前記認証要求処理部は、前記被認証者の生体情報と前記身分証明書から抽出された生体情報を用いた1対1照合を前記生体認証として実行する、付記1又は2に記載の認証サーバ。
[付記4]
 前記認証要求処理部は、前記電子的な情報が電子証明書であれば、前記電子証明書の検証を外部のサーバに依頼し、検証結果が成功の場合に、前記電子認証に成功したと判定する、付記1乃至3のいずれか一に記載の認証サーバ。
[付記5]
 前記生体認証及び前記電子認証のそれぞれについて、認証に成功した履歴を前記サービス事業者ごとに記憶する、認証履歴データベースをさらに備える、付記1乃至4のいずれか一に記載の認証サーバ。
[付記6]
 前記認証要求処理部は、前記認証要求の処理方法を前記サービス事業者が定めた認証ポリシに基づき、前記認証要求を処理する、付記5に記載の認証サーバ。
[付記7]
 前記サービス事業者のIDと前記認証ポリシを対応付けて記憶する、認証ポリシデータベースをさらに備える、付記6に記載の認証サーバ。
[付記8]
 前記認証要求処理部は、前記認証ポリシと前記認証履歴データベースに記憶された前記電子認証の履歴に基づき、前記電子認証を実行するか否か判定する、付記7に記載の認証サーバ。
[付記9]
 前記認証要求処理部は、
 異なるタイプの前記認証要求を送信する前記サービス事業者から、前記生体認証及び前記電子認証を要求され、且つ、前記生体認証及び前記電子認証に成功した場合には、認証成功者の生体情報と個人情報を対応付けて生体情報データベースに記憶し、
 前記異なるタイプの前記認証要求を送信する前記サービス事業者から、前記生体認証を要求された場合には、前記生体情報データベースに記憶された生体情報と前記被認証者の生体情報を用いた1対N照合により前記被認証者の個人情報を特定し、
 前記送信部は、
 前記特定された個人情報を前記異なるタイプの前記認証要求を送信する前記サービス事業者に送信する、付記1乃至8のいずれか一に記載の認証サーバ。
[付記10]
 前記認証要求処理部は、前記被認証者の顔画像と前記身分証明書のICチップから抽出された顔画像を用いて前記生体認証を実行すると共に、前記ICチップに格納された電子証明書を用いて前記電子認証を実行する、付記9に記載の認証サーバ。
[付記11]
 前記認証要求処理部は、前記電子的な情報が電子署名であれば、前記電子署名を検証するための情報を外部のサーバから取得し、前記電子署名の検証に成功した場合に、前記電子認証に成功したと判定する、付記1乃至3のいずれか一に記載の認証サーバ。
[付記12]
 身分証明書を提示する被認証者に関する認証要求を送信する、業務管理サーバと、
 前記業務管理サーバと接続された認証サーバと、
 を含み、
 前記認証サーバは、
 前記認証要求を受信する、受信部と、
 前記被認証者の生体情報を用いた生体認証と、前記身分証明書から抽出された電子的な情報を用いた電子認証と、を実行することで前記認証要求を処理する、認証要求処理部と、
 前記生体認証及び前記電子認証の結果に応じた認証結果を前記業務管理サーバに送信する、送信部と、
 を備える、認証システム。
[付記13]
 認証サーバにおいて、
 身分証明書を提示する被認証者に関する認証要求をサービス事業者から受信し、
 前記被認証者の生体情報を用いた生体認証と、前記身分証明書から抽出された電子的な情報を用いた電子認証と、を実行することで前記認証要求を処理し、
 前記生体認証及び前記電子認証の結果に応じた認証結果を前記サービス事業者に送信する、認証要求処理方法。
[付記14]
 認証サーバに搭載されたコンピュータに、
 身分証明書を提示する被認証者に関する認証要求をサービス事業者から受信する処理と、
 前記被認証者の生体情報を用いた生体認証と、前記身分証明書から抽出された電子的な情報を用いた電子認証と、を実行する処理と、
 前記生体認証及び前記電子認証の結果に応じた認証結果を前記サービス事業者に送信する処理と、
 を実行させるためのプログラムを記憶する、コンピュータ読取可能な記憶媒体。 Some or all of the above embodiments may also be described, but not limited to:
[Appendix 1]
A receiver that receives an authentication request from a service provider regarding a person to be authenticated who presents an ID card.
An authentication request processing unit that processes the authentication request by executing biometric authentication using the biometric information of the person to be authenticated and electronic authentication using the electronic information extracted from the identification card. ,
A transmission unit that transmits authentication results according to the results of the biometric authentication and the electronic authentication to the service provider, and
An authentication server.
[Appendix 2]
The authentication server according to Appendix 1, wherein the authentication request processing unit executes at least one of the biometric authentication and the electronic authentication according to the type of the authentication request.
[Appendix 3]
The authentication server according to Appendix 1 or 2, wherein the authentication request processing unit executes one-to-one collation using the biometric information of the person to be authenticated and the biometric information extracted from the identification card as the biometric authentication.
[Appendix 4]
If the electronic information is an electronic certificate, the authentication request processing unit requests an external server to verify the electronic certificate, and if the verification result is successful, it is determined that the electronic authentication is successful. The authentication server according to any one of Supplementary note 1 to 3.
[Appendix 5]
The authentication server according to any one of Supplementary note 1 to 4, further comprising an authentication history database that stores the history of successful authentication for each of the biometric authentication and the electronic authentication for each service provider.
[Appendix 6]
The authentication server according to Appendix 5, wherein the authentication request processing unit processes the authentication request based on the authentication policy defined by the service provider for the processing method of the authentication request.
[Appendix 7]
The authentication server according to Appendix 6, further comprising an authentication policy database that stores the ID of the service provider in association with the authentication policy.
[Appendix 8]
The authentication server according to Appendix 7, wherein the authentication request processing unit determines whether or not to execute the electronic authentication based on the authentication policy and the history of the electronic authentication stored in the authentication history database.
[Appendix 9]
The authentication request processing unit is
If the service provider who sends a different type of authentication request requests the biometric authentication and the electronic authentication, and the biometric authentication and the electronic authentication are successful, the biometric information and the individual of the authentication successful person. The information is associated and stored in the biometric information database,
When the biometric authentication is requested by the service provider who sends the different type of authentication request, a pair using the biometric information stored in the biometric information database and the biometric information of the person to be authenticated. The personal information of the person to be authenticated is identified by N collation,
The transmitter is
The authentication server according to any one of Supplementary note 1 to 8, which transmits the specified personal information to the service provider that transmits the authentication request of the different type.
[Appendix 10]
The authentication request processing unit executes the biometric authentication using the face image of the person to be authenticated and the face image extracted from the IC chip of the identification card, and also uses the electronic certificate stored in the IC chip. The authentication server according to Appendix 9, which is used to perform the electronic authentication.
[Appendix 11]
If the electronic information is an electronic signature, the authentication request processing unit acquires information for verifying the electronic signature from an external server, and when the verification of the electronic signature is successful, the electronic authentication is performed. The authentication server according to any one of Supplementary note 1 to 3, which is determined to be successful.
[Appendix 12]
A business management server that sends an authentication request for a person to be authenticated who presents an ID card,
The authentication server connected to the business management server and
Including
The authentication server is
The receiver that receives the authentication request and
An authentication request processing unit that processes the authentication request by executing biometric authentication using the biometric information of the person to be authenticated and electronic authentication using the electronic information extracted from the identification card. ,
A transmission unit that transmits authentication results according to the results of the biometric authentication and the electronic authentication to the business management server.
With an authentication system.
[Appendix 13]
On the authentication server
Receive an authentication request from the service provider regarding the person to be authenticated who presents the ID card,
The authentication request is processed by executing the biometric authentication using the biometric information of the person to be authenticated and the electronic authentication using the electronic information extracted from the identification card.
An authentication request processing method for transmitting an authentication result corresponding to the result of the biometric authentication and the electronic authentication to the service provider.
[Appendix 14]
On the computer installed in the authentication server,
The process of receiving an authentication request from the service provider regarding the person to be authenticated who presents the ID card,
A process for executing biometric authentication using the biometric information of the person to be authenticated and electronic authentication using the electronic information extracted from the identification card.
The process of transmitting the authentication result according to the result of the biometric authentication and the electronic authentication to the service provider, and
A computer-readable storage medium that stores programs for executing.
 なお、引用した上記の先行技術文献の各開示は、本書に引用をもって繰り込むものとする。以上、本発明の実施形態を説明したが、本発明はこれらの実施形態に限定されるものではない。これらの実施形態は例示にすぎないということ、及び、本発明のスコープ及び精神から逸脱することなく様々な変形が可能であるということは、当業者に理解されるであろう。即ち、本発明は、請求の範囲を含む全開示、技術的思想にしたがって当業者であればなし得る各種変形、修正を含むことは勿論である。 The disclosures of the above-mentioned prior art documents cited shall be incorporated into this document by citation. Although the embodiments of the present invention have been described above, the present invention is not limited to these embodiments. It will be appreciated by those skilled in the art that these embodiments are merely exemplary and that various modifications are possible without departing from the scope and spirit of the invention. That is, it goes without saying that the present invention includes all disclosure including claims, various modifications and modifications that can be made by those skilled in the art in accordance with the technical idea.
10、100 認証サーバ
20、21 業務管理サーバ
30、31、30-1~30-4、31-1、31-2 端末
40 検証サーバ
50、50-1、50-2 外部サーバ
101 受信部
102、402 認証要求処理部
103 送信部
201、301、401 通信制御部
202 利用者情報取得部
203 メッセージ出力部
204、305、404 記憶部
302 認証要求部
303 サービス提供部
304、411 生体認証部
311 プロセッサ
312 メモリ
313 入出力インターフェイス
314 通信インターフェイス
403 認証履歴管理部
412 電子認証部 10, 100 Authentication server 20, 21 Business management server 30, 31, 30-1 to 30-4, 31-1, 31-2 Terminal 40 Verification server 50, 50-1, 50-2 External server 101 Receiver 102, 402 Authentication request processing unit 103 Transmission unit 201, 301, 401 Communication control unit 202 User information acquisition unit 203 Message output unit 204, 305, 404 Storage unit 302 Authentication request unit 303 Service provision unit 304, 411 Bioauthentication unit 311 Processor 312 Memory 313 Input / output interface 314 Communication interface 403 Authentication history management unit 412 Electronic authentication unit

Claims (14)

  1.  身分証明書を提示する被認証者に関する認証要求をサービス事業者から受信する、受信部と、
     前記被認証者の生体情報を用いた生体認証と、前記身分証明書から抽出された電子的な情報を用いた電子認証と、を実行することで前記認証要求を処理する、認証要求処理部と、
     前記生体認証及び前記電子認証の結果に応じた認証結果を前記サービス事業者に送信する、送信部と、
     を備える、認証サーバ。     A receiver that receives an authentication request from a service provider regarding a person to be authenticated who presents an ID card.
    An authentication request processing unit that processes the authentication request by executing biometric authentication using the biometric information of the person to be authenticated and electronic authentication using the electronic information extracted from the identification card. ,
    A transmission unit that transmits authentication results according to the results of the biometric authentication and the electronic authentication to the service provider.
    An authentication server.
  2.  前記認証要求処理部は、前記認証要求のタイプに応じて、少なくとも前記生体認証及び前記電子認証のいずれか一方を実行する、請求項1に記載の認証サーバ。 The authentication server according to claim 1, wherein the authentication request processing unit executes at least one of the biometric authentication and the electronic authentication according to the type of the authentication request.
  3.  前記認証要求処理部は、前記被認証者の生体情報と前記身分証明書から抽出された生体情報を用いた1対1照合を前記生体認証として実行する、請求項1又は2に記載の認証サーバ。 The authentication server according to claim 1 or 2, wherein the authentication request processing unit executes one-to-one collation using the biometric information of the person to be authenticated and the biometric information extracted from the identification card as the biometric authentication. ..
  4.  前記認証要求処理部は、前記電子的な情報が電子証明書であれば、前記電子証明書の検証を外部のサーバに依頼し、検証結果が成功の場合に、前記電子認証に成功したと判定する、請求項1乃至3のいずれか一項に記載の認証サーバ。 If the electronic information is an electronic certificate, the authentication request processing unit requests an external server to verify the electronic certificate, and if the verification result is successful, it is determined that the electronic authentication is successful. The authentication server according to any one of claims 1 to 3.
  5.  前記生体認証及び前記電子認証のそれぞれについて、認証に成功した履歴を前記サービス事業者ごとに記憶する、認証履歴データベースをさらに備える、請求項1乃至4のいずれか一項に記載の認証サーバ。 The authentication server according to any one of claims 1 to 4, further comprising an authentication history database that stores the history of successful authentication for each of the biometric authentication and the electronic authentication for each service provider.
  6.  前記認証要求処理部は、前記認証要求の処理方法を前記サービス事業者が定めた認証ポリシに基づき、前記認証要求を処理する、請求項5に記載の認証サーバ。 The authentication server according to claim 5, wherein the authentication request processing unit processes the authentication request based on the authentication policy defined by the service provider as the processing method of the authentication request.
  7.  前記サービス事業者のIDと前記認証ポリシを対応付けて記憶する、認証ポリシデータベースをさらに備える、請求項6に記載の認証サーバ。 The authentication server according to claim 6, further comprising an authentication policy database that stores the ID of the service provider in association with the authentication policy.
  8.  前記認証要求処理部は、前記認証ポリシと前記認証履歴データベースに記憶された前記電子認証の履歴に基づき、前記電子認証を実行するか否か判定する、請求項7に記載の認証サーバ。 The authentication server according to claim 7, wherein the authentication request processing unit determines whether or not to execute the electronic authentication based on the authentication policy and the electronic authentication history stored in the authentication history database.
  9.  前記認証要求処理部は、
     異なるタイプの前記認証要求を送信する前記サービス事業者から、前記生体認証及び前記電子認証を要求され、且つ、前記生体認証及び前記電子認証に成功した場合には、認証成功者の生体情報と個人情報を対応付けて生体情報データベースに記憶し、
     前記異なるタイプの前記認証要求を送信する前記サービス事業者から、前記生体認証を要求された場合には、前記生体情報データベースに記憶された生体情報と前記被認証者の生体情報を用いた1対N照合により前記被認証者の個人情報を特定し、
     前記送信部は、
     前記特定された個人情報を前記異なるタイプの前記認証要求を送信する前記サービス事業者に送信する、請求項1乃至8のいずれか一項に記載の認証サーバ。     The authentication request processing unit is
    If the service provider who sends a different type of authentication request requests the biometric authentication and the electronic authentication, and the biometric authentication and the electronic authentication are successful, the biometric information and the individual of the authentication successful person. The information is associated and stored in the biometric information database,
    When the biometric authentication is requested by the service provider who sends the different type of authentication request, a pair using the biometric information stored in the biometric information database and the biometric information of the person to be authenticated. The personal information of the person to be authenticated is identified by N collation,
    The transmitter is
    The authentication server according to any one of claims 1 to 8, wherein the specified personal information is transmitted to the service provider that transmits the authentication request of the different type.
  10.  前記認証要求処理部は、前記被認証者の顔画像と前記身分証明書のICチップから抽出された顔画像を用いて前記生体認証を実行すると共に、前記ICチップに格納された電子証明書を用いて前記電子認証を実行する、請求項9に記載の認証サーバ。 The authentication request processing unit executes the biometric authentication using the face image of the person to be authenticated and the face image extracted from the IC chip of the identification card, and also uses the electronic certificate stored in the IC chip. The authentication server according to claim 9, wherein the electronic authentication is performed by using the authentication server.
  11.  前記認証要求処理部は、前記電子的な情報が電子署名であれば、前記電子署名を検証するための情報を外部のサーバから取得し、前記電子署名の検証に成功した場合に、前記電子認証に成功したと判定する、請求項1乃至3のいずれか一項に記載の認証サーバ。 If the electronic information is an electronic signature, the authentication request processing unit acquires information for verifying the electronic signature from an external server, and when the verification of the electronic signature is successful, the electronic authentication is performed. The authentication server according to any one of claims 1 to 3, which is determined to be successful.
  12.  身分証明書を提示する被認証者に関する認証要求を送信する、業務管理サーバと、
     前記業務管理サーバと接続された認証サーバと、
     を含み、
     前記認証サーバは、
     前記認証要求を受信する、受信部と、
     前記被認証者の生体情報を用いた生体認証と、前記身分証明書から抽出された電子的な情報を用いた電子認証と、を実行することで前記認証要求を処理する、認証要求処理部と、
     前記生体認証及び前記電子認証の結果に応じた認証結果を前記業務管理サーバに送信する、送信部と、
     を備える、認証システム。     A business management server that sends an authentication request for a person to be authenticated who presents an ID card,
    The authentication server connected to the business management server and
    Including
    The authentication server is
    The receiver that receives the authentication request and
    An authentication request processing unit that processes the authentication request by executing biometric authentication using the biometric information of the person to be authenticated and electronic authentication using the electronic information extracted from the identification card. ,
    A transmission unit that transmits authentication results according to the results of the biometric authentication and the electronic authentication to the business management server.
    With an authentication system.
  13.  認証サーバにおいて、
     身分証明書を提示する被認証者に関する認証要求をサービス事業者から受信し、
     前記被認証者の生体情報を用いた生体認証と、前記身分証明書から抽出された電子的な情報を用いた電子認証と、を実行することで前記認証要求を処理し、
     前記生体認証及び前記電子認証の結果に応じた認証結果を前記サービス事業者に送信する、認証要求処理方法。     On the authentication server
    Receive an authentication request from the service provider regarding the person to be authenticated who presents the ID card,
    The authentication request is processed by executing the biometric authentication using the biometric information of the person to be authenticated and the electronic authentication using the electronic information extracted from the identification card.
    An authentication request processing method for transmitting an authentication result corresponding to the result of the biometric authentication and the electronic authentication to the service provider.
  14.  認証サーバに搭載されたコンピュータに、
     身分証明書を提示する被認証者に関する認証要求をサービス事業者から受信する処理と、
     前記被認証者の生体情報を用いた生体認証と、前記身分証明書から抽出された電子的な情報を用いた電子認証と、を実行する処理と、
     前記生体認証及び前記電子認証の結果に応じた認証結果を前記サービス事業者に送信する処理と、
     を実行させるためのプログラムを記憶する、コンピュータ読取可能な記憶媒体。     On the computer installed in the authentication server,
    The process of receiving an authentication request from the service provider regarding the person to be authenticated who presents the ID card,
    A process for executing biometric authentication using the biometric information of the person to be authenticated and electronic authentication using the electronic information extracted from the identification card.
    The process of transmitting the authentication result according to the result of the biometric authentication and the electronic authentication to the service provider, and
    A computer-readable storage medium that stores programs for executing.
PCT/JP2020/029149 2020-07-29 2020-07-29 Authentication server, authentication system, authentication request processing method, and storage medium WO2022024281A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
JP2022539887A JPWO2022024281A5 (en) 2020-07-29 Authentication server, authentication system, authentication request processing method and program
PCT/JP2020/029149 WO2022024281A1 (en) 2020-07-29 2020-07-29 Authentication server, authentication system, authentication request processing method, and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2020/029149 WO2022024281A1 (en) 2020-07-29 2020-07-29 Authentication server, authentication system, authentication request processing method, and storage medium

Publications (1)

Publication Number Publication Date
WO2022024281A1 true WO2022024281A1 (en) 2022-02-03

Family

ID=80037805

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2020/029149 WO2022024281A1 (en) 2020-07-29 2020-07-29 Authentication server, authentication system, authentication request processing method, and storage medium

Country Status (1)

Country Link
WO (1) WO2022024281A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2024013984A1 (en) * 2022-07-15 2024-01-18 日本電気株式会社 Server device, method for controlling server device, and storage medium
JP7543338B2 (en) 2022-03-31 2024-09-02 株式会社ジェーシービー Authentication program, authentication system, and authentication method

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2012027657A (en) * 2010-07-22 2012-02-09 Fujitsu Ltd Biometric authentication device and biometric authentication method
JP2012118833A (en) * 2010-12-02 2012-06-21 Hitachi Ltd Access control method
JP2012141883A (en) * 2011-01-05 2012-07-26 Ntt Docomo Inc Service providing server, authorization information acquisition method and authorization information acquisition program
JP2020095752A (en) * 2015-10-02 2020-06-18 株式会社野村総合研究所 Information processing apparatus

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2012027657A (en) * 2010-07-22 2012-02-09 Fujitsu Ltd Biometric authentication device and biometric authentication method
JP2012118833A (en) * 2010-12-02 2012-06-21 Hitachi Ltd Access control method
JP2012141883A (en) * 2011-01-05 2012-07-26 Ntt Docomo Inc Service providing server, authorization information acquisition method and authorization information acquisition program
JP2020095752A (en) * 2015-10-02 2020-06-18 株式会社野村総合研究所 Information processing apparatus

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP7543338B2 (en) 2022-03-31 2024-09-02 株式会社ジェーシービー Authentication program, authentication system, and authentication method
WO2024013984A1 (en) * 2022-07-15 2024-01-18 日本電気株式会社 Server device, method for controlling server device, and storage medium

Also Published As

Publication number Publication date
JPWO2022024281A1 (en) 2022-02-03

Similar Documents

Publication Publication Date Title
KR102510706B1 (en) User authentication based on radio frequency identifiable identification documents and gesture request-response protocols
US11521720B2 (en) User medical record transport using mobile identification credential
US20210327547A1 (en) Systems, methods, and non-transitory computer-readable media for secure biometrically-enhanced data exchanges and data storage
AU2017221747A1 (en) Method, system, device and software programme product for the remote authorization of a user of digital services
US20190268158A1 (en) Systems and methods for providing mobile identification of individuals
WO2021042086A9 (en) A method and a system to locally store and authenticate a data of a user
JP2016149086A (en) Biometric authentication platform system, biometric authentication information management apparatus, biometric authentication information management method, and biometric authentication information management program
WO2022118639A1 (en) Authentication server, system, authentication server control method, and recording medium
JP5951057B1 (en) Biometric authentication platform system, biometric authentication information management apparatus, biometric authentication information management method, and biometric authentication information management program
JP7364057B2 (en) Information processing device, system, face image update method and program
WO2021260856A1 (en) Authentication system, authentication server, registration method, and storage medium
WO2022024281A1 (en) Authentication server, authentication system, authentication request processing method, and storage medium
US20230207077A1 (en) Cooperation server, system, immune certificate generation method, and non-transitory computer-readable medium
WO2021205661A1 (en) Authentication server, authentication system, authentication server control method, and storage medium
WO2021205660A1 (en) Authentication server, authentication system, authentication server control method, and storage medium
JP5977846B2 (en) Biometric authentication platform system, biometric authentication information management apparatus, biometric authentication information management method, and biometric authentication information management program
WO2023248445A1 (en) System, terminal, method for controlling terminal, and storage medium
WO2022137954A1 (en) Authentication server, authentication system, and authentication server control method and storage medium
KR102478963B1 (en) A system and method for issuing and verifying digital vaccination certificates
WO2021255821A1 (en) Authentication server, facial image update recommendation method and storage medium
WO2021214969A1 (en) Authentication system, terminal, control method for terminal, and storage medium
JP7501822B1 (en) Server device, system, and method and program for controlling server device
WO2024024043A1 (en) System and method
WO2021205659A1 (en) Authentication server, authentication system, method for controlling authentication server, and storage medium
WO2023170899A1 (en) Terminal, system, method for controlling terminal, and storage medium

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20946926

Country of ref document: EP

Kind code of ref document: A1

ENP Entry into the national phase

Ref document number: 2022539887

Country of ref document: JP

Kind code of ref document: A

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 20946926

Country of ref document: EP

Kind code of ref document: A1