WO2022044205A1 - Système d'authentification, terminal, serveur de gestion, procédé de fourniture d'informations personnelles et support de stockage - Google Patents

Système d'authentification, terminal, serveur de gestion, procédé de fourniture d'informations personnelles et support de stockage Download PDF

Info

Publication number
WO2022044205A1
WO2022044205A1 PCT/JP2020/032371 JP2020032371W WO2022044205A1 WO 2022044205 A1 WO2022044205 A1 WO 2022044205A1 JP 2020032371 W JP2020032371 W JP 2020032371W WO 2022044205 A1 WO2022044205 A1 WO 2022044205A1
Authority
WO
WIPO (PCT)
Prior art keywords
information
authentication
service
user
personal information
Prior art date
Application number
PCT/JP2020/032371
Other languages
English (en)
Japanese (ja)
Inventor
美樹 大谷
Original Assignee
日本電気株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 日本電気株式会社 filed Critical 日本電気株式会社
Priority to PCT/JP2020/032371 priority Critical patent/WO2022044205A1/fr
Priority to JP2022545002A priority patent/JPWO2022044205A5/ja
Publication of WO2022044205A1 publication Critical patent/WO2022044205A1/fr

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules

Definitions

  • the present invention relates to an authentication system, a terminal, a management server, a personal information providing method, and a storage medium.
  • a terminal acquires a face image of a user and generates a feature amount (feature vector) that characterizes the face image.
  • the generated features are sent to a server on the network.
  • the server is equipped with a database that stores the biometric information and personal information (name, address, etc.) of the user who receives the service by face recognition.
  • the server searches (collates) the database and identifies the biometric information and personal information corresponding to the collation request from the terminal.
  • the server sends the specified personal information to the terminal, and the terminal installed at the airport or the like performs business based on the acquired personal information.
  • Patent Document 1 personal information is traded in a situation where a general user (ISP user) who is the original owner can be involved while responding to various demands of a company using the Internet and a general user. It is stated that the method and system are provided.
  • Patent Document 2 describes that it is not necessary to register authentication information in advance for an unspecified counterparty who requests safety confirmation, and it is possible to provide effective information for safety confirmation in a privacy-friendly manner. There is.
  • Patent Document 3 describes that services and products are provided as consideration for personal information related to consumer behavior.
  • Japanese Unexamined Patent Publication No. 2002-056111 Japanese Unexamined Patent Publication No. 2006-2437998 Japanese Unexamined Patent Publication No. 2008-243072
  • the personal information of the user is required.
  • the personal information creates great value. Specifically, data such as what kind of service is provided by users of what age group is a great factor in making a decision in corporate marketing.
  • the main object of the present invention is to provide an authentication system, a terminal, a management server, a personal information providing method and a storage medium, which contribute to the control and management of personal information related to the provision of services by biometric authentication. do.
  • an information server an authentication server that stores biometric information of each of a plurality of users and performs biometric authentication using the stored biometric information, and authentication by the biometric authentication.
  • Behavioral information including personal information for providing a service to a successful person and personal information of the authenticated successful person to whom the service is provided, including personal information that the authenticated successful person has permitted to be provided to a third party.
  • An authentication system is provided, including a management server, which sends the information to the information server.
  • the above-mentioned A terminal is provided that generates a GUI for a successful authentication person to enter personal information that is permitted to be provided to a third party.
  • the third viewpoint of the present invention is connected to an information server and an authentication server that stores biometric information of each of a plurality of users and performs bioauthentication using the stored biometric information.
  • the personal information for providing the service to the successful authentication person by bio-authentication is stored, and the personal information of the successful authentication person to whom the service is provided is the personal information that the successful authentication person permits to provide to the third party.
  • a management server is provided that sends behavioral information including the above to the information server.
  • the management connected to the information server and the authentication server that stores the biometric information of each of the plurality of users and performs the biometric authentication using the stored biometric information.
  • the personal information for providing the service to the successful authentication person by the biometric authentication is stored, and among the personal information of the successful authentication person to which the service is provided, the successful authentication person permits the provision to a third party.
  • a method for providing personal information is provided, in which behavioral information including personal information is transmitted to the information server.
  • a management connected to an information server and an authentication server that stores biometric information of each of a plurality of users and performs biometric authentication using the stored biometric information.
  • the process of storing personal information for providing a service to the successful authentication person by bio-authentication in the computer mounted on the server, and the personal information of the successful authentication person to which the service is provided, the successful authentication person is the first.
  • a computer-readable storage medium for storing a process for transmitting behavioral information including personal information permitted to be provided to the three parties to the information server and a program for executing the processing is provided.
  • an authentication system a terminal, a management server, a personal information providing method and a storage medium that contribute to the control and management of personal information related to the provision of services by biometric authentication are provided.
  • the effect of the present invention is not limited to the above. According to the present invention, other effects may be produced in place of or in combination with the effect.
  • the authentication system includes an information server 101, an authentication server 102, and a management server 103 (see FIG. 1).
  • the authentication server 102 stores biometric information of each of the plurality of users, and performs biometric authentication using the stored biometric information.
  • the management server 103 stores personal information for providing a service to a person who has succeeded in biometric authentication.
  • the management server 103 transmits to the information server 101 the behavioral information including the personal information of the successful authentication person to whom the service is provided, including the personal information that the successful authentication person has permitted to provide to the third party.
  • a user who has received the service by biometric authentication inputs personal information that is permitted to be provided to a third party to the management server 103 that stores and manages the personal information of the user. .. That is, the user can control and manage whether or not to provide personal information related to the provision of services by biometric authentication to a third party.
  • FIG. 2 is a diagram showing an example of a schematic configuration of the authentication system according to the first embodiment.
  • the authentication system includes an authentication center, an information center, and a plurality of service providers.
  • Each service provider participating in the authentication system provides services using biometric authentication.
  • services provided by service providers include payment services at retail stores and accommodation services at hotels and the like.
  • the service provided by the service provider may be immigration at an airport or port.
  • the service provider disclosed in the present application may be able to provide any service that can be provided by using biometric authentication.
  • the authentication server 10 is installed in the authentication center.
  • the authentication server 10 stores the biometric information of the user and performs biometric authentication of the user using the biometric information.
  • the authentication server 10 operates as a certificate authority for authentication using biometric information.
  • the authentication server 10 may be a server installed on the site of the authentication center or a server installed on the cloud.
  • the biometric information of the user exemplifies data (feature amount) calculated from physical characteristics peculiar to an individual such as a face, a fingerprint, a voice print, a vein, a retina, and an iris pattern (pattern) of the pupil.
  • the biometric information of the user may be image data such as a face image and a fingerprint image.
  • the biometric information of the user may be any information that includes the physical characteristics of the user. In the disclosure of the present application, a case where biometric information regarding a person's "face" is used will be described.
  • the authentication server 10 is a server device for realizing a service by biometric authentication.
  • the authentication server 10 processes the "authentication request" transmitted from each service provider, and transmits the result of the authentication process to the service provider.
  • the authentication server 10 stores biometric information of each of the plurality of users, and performs biometric authentication using the stored biometric information.
  • Each service provider has a management server and an authentication terminal.
  • the service provider S1 is provided with a management server 20 and a plurality of authentication terminals 30.
  • the service provider S2 is provided with a management server 20 and a plurality of authentication terminals 31.
  • the devices shown in FIG. 2 are connected to each other.
  • the authentication server 10 and the management server 20 are connected by a wired or wireless communication means and are configured to be able to communicate with each other.
  • the management server 20 is a server that controls and manages the entire business of the service provider. For example, when the service provider is a retail store, the management server 20 manages inventory of products. Alternatively, if the service provider is a hotel operator, the management server 20 manages the reservation information of the guest.
  • the management server 20 has a control function and a management function related to biometric authentication of the user, in addition to the functions related to the above service provision.
  • the management server 20 stores personal information (for example, name, etc.) of a user who uses the authentication system. That is, the management server 20 stores personal information for providing a service to a person who has succeeded in biometric authentication. Further, the management server 20 transmits to the information server 40 the personal information of the successful authentication person to whom the service is provided, which the successful authentication person permits to provide to a third party (information center, information server 40). ..
  • the authentication terminal 30 is a device that is connected to the management server 20 and serves as an interface for users (users) who visit the service provider.
  • the user receives various services via the authentication terminal 30. For example, when the service provider is a retail store, the user pays the price using the authentication terminal 30. Alternatively, if the service provider is a hotel operator, the user performs a check-in procedure using the authentication terminal 30.
  • An information server 40 is installed in the information center.
  • the information center and the information server 40 correspond to a "third party" from the user's point of view.
  • the information server 40 collects information on the behavior of the user who received the service from the service provider. For example, the information server 40 collects the type, name, age, gender, etc. of the service used by the user. The collected information will be transferred to other businesses. Alternatively, the information server 40 analyzes the collected information and transfers the analysis result to another business operator or the like. Other businesses will use the acquired analysis results for marketing.
  • the information server 40 gives the personal information provider a consideration and a profit for the provision of the personal information.
  • the terminal 50 is a terminal possessed by a user (a user who receives a service using biometric authentication; a successful authentication person).
  • FIG. 2 is an example, and does not mean to limit the configuration of the authentication system disclosed in the present application.
  • the authentication center may include two or more authentication servers 10.
  • the service provider may include at least one authentication terminal 30.
  • the functions of the management server 20 and the authentication terminal 30 may be integrated, and the integrated device may provide a service using biometric authentication.
  • a plurality of authentication terminals 30 may be connected to one management server 20, or one authentication terminal 30 may be connected to one management server 20. It may have been done.
  • the functions of the authentication server 10 and the information server 40 may be integrated. That is, the authentication server 10 can also correspond to a "third party" from the user's point of view.
  • the operation of the authentication system includes four phases.
  • the first phase is the phase for registering the user's system (user registration phase).
  • the second phase is the service registration phase (service registration phase).
  • the third phase is a phase (service provision phase) in which a service using biometric authentication is provided to a user.
  • the fourth phase is a phase (information gathering phase) for collecting information on the behavior of users who have received the service.
  • FIG. 3 is a diagram for explaining the operation in the user registration phase of the authentication system according to the first embodiment.
  • the user determines the information (user ID (Identifier), password (PW; PassWord)) for identifying the user himself / herself in the authentication system, and registers the information in the system.
  • the user ID is referred to as "uID”.
  • the user registers his / her own biometric information (for example, a face image) in the system.
  • his / her own biometric information for example, a face image
  • the user registers the above three pieces of information (user ID, password, biometric information) in the system by any means.
  • the user may mail a document containing the above three information to the authentication center, and an employee of the authentication center may input the above three information into the authentication server 10.
  • the user may mail an external storage device such as USB (Universal Serial Bus) in which the above three pieces of information are stored to the authentication center.
  • USB Universal Serial Bus
  • the user may input his / her own face image, a user ID, and a password captured by operating the terminal 50 owned by the user into the authentication server 10.
  • the terminal 50 include mobile terminal devices such as smartphones, mobile phones, game machines, and tablets, computers (personal computers, notebook computers), and the like.
  • the authentication server 10 generates a feature amount (feature vector consisting of a plurality of feature amounts) from the acquired face image, and stores the feature amount in association with a user ID and a password. Specifically, the authentication server 10 adds a new entry to the authentication information database, and stores the above three pieces of information in association with each other.
  • the first ID for example, user ID
  • the first biometric information used for user authentication are registered in the system.
  • first ID an example in which a user ID and a password are used as an identifier (first ID) uniquely defining a system user will be described.
  • first ID an identifier uniquely defining a system user
  • FIG. 4 is a diagram for explaining the operation of the authentication system according to the first embodiment in the service registration phase.
  • the user who has completed user registration selects the service provider who wants to receive the service by biometric authentication, and registers the selected service provider in the system. For example, in FIG. 2, when the user wishes to provide the service from the service provider S1, the service provider S1 is registered in the system.
  • the user registers the personal information necessary to receive the service from the selected service provider in the system.
  • Examples of personal information registered in the system include name, age, gender, contact information, and information for receiving consideration.
  • the contact information is, for example, an e-mail address of an account that can be received by the terminal 50.
  • the user registers the consideration receiving information for receiving the consideration (the consideration for the provision of personal information) in the system.
  • Examples of the consideration receipt information include a bank account, a virtual currency receipt account, and online shopping ID information.
  • the user registers the user ID and password determined in the user registration phase in the system.
  • personal information is defined as information that does not include the biometric information of the user (certified person). That is, the biometric information and the feature amount generated from the biometric information are excluded from the "personal information" disclosed in the present application.
  • the user inputs the above three pieces of information (personal information, user ID, password) to the service provider by any means.
  • the user mails a medium (paper medium, electronic medium) containing the above three pieces of information to the selected service provider.
  • An employee of the service provider inputs the above three pieces of information into the management server 20.
  • the user may operate the authentication terminal 30 installed in the service provider and input the above three information into the management server 20.
  • the user may operate the terminal 50 to input the above three pieces of information into the management server 20.
  • the user inputs the above three pieces of information on the WEB (web) page managed and operated by the service provider.
  • the management server 20 When the management server 20 acquires the above three pieces of information (personal information, user ID, password), it sends a "service registration request" to the authentication server 10. Specifically, the management server 20 transmits a service registration request including a service provider ID, a user ID, and a password to the authentication server 10.
  • the service provider ID is identification information for uniquely identifying the service provider included in the authentication system (retail stores participating in the authentication platform using biometric authentication, etc.). In the example of FIG. 2, different service provider IDs are assigned to each of the service providers S1 and S2.
  • the service provider ID is an ID assigned to each service provider, not an ID assigned to each service. For example, in FIG. 2, even if service providers S1 and S2 are businesses that provide the same type of service (for example, accommodation service), different IDs are assigned to these service providers if the management entity is different. ..
  • the authentication server 10 and the management server 20 share the service provider ID by any method.
  • the authentication server 10 may generate a service provider ID and distribute (notify) the generated service provider ID to the service provider.
  • the service provider ID is referred to as "spID".
  • the authentication server 10 Upon receiving the service registration request, the authentication server 10 searches the authentication information database using the user ID and password included in the request as keys, and identifies the corresponding user. After that, the authentication server 10 generates a "service user ID".
  • the service user ID is identification information that uniquely defines the correspondence (combination) between the user and the service provider. For example, in the example of FIG. 2, different values are set for the service user ID determined from the combination of the user U1 and the service provider S1 and the service user ID determined from the combination of the user U1 and the service provider S2. ..
  • the authentication server 10 stores the user ID, password, feature amount, service provider ID, and the generated service user ID in association with each other.
  • the service user ID is referred to as "suID”.
  • the authentication server 10 transmits the service user ID generated above to the sender of the service registration request.
  • the authentication server 10 sends a response including the service user ID to the management server 20, and issues the service user ID.
  • the management server 20 stores the service user ID acquired from the authentication server 10 in association with the user's personal information (personal information including consideration receipt information).
  • the management server 20 adds a new entry to the user information database and stores the above information (personal information, service user ID).
  • the user repeats the above registration operation for each service provider who wants to receive the service using biometric authentication. In other words, the user does not need to register the use of the service provider who does not need to provide the service.
  • a service registration including a first ID (for example, a user ID) and a second ID (for example, a service provider ID) is provided by the service provider of the service that the user desires to use.
  • the request is sent to the authentication server 10.
  • the authentication server 10 When processing the service registration request, the authentication server 10 generates a third ID (for example, a service user ID) uniquely determined by the combination of the user and the service provider.
  • the authentication server 10 transmits the third ID to the service provider.
  • the service provider (management server 20) stores the personal information of the user in association with the third ID.
  • FIG. 5 is a diagram for explaining the operation of the authentication system according to the first embodiment in the service provision phase.
  • a user who has completed the service registration visits the service provider.
  • the user moves in front of the authentication terminal 30.
  • the authentication terminal 30 acquires biometric information from the user in front of it. Specifically, the authentication terminal 30 takes an image of the user and acquires a face image. The authentication terminal 30 transmits the acquired face image to the management server 20.
  • the management server 20 generates a feature amount from the acquired face image.
  • the management server 20 transmits an authentication request including the generated feature amount and the service provider ID to the authentication server 10.
  • the authentication server 10 extracts a feature amount from the authentication request and executes a collation process (1 to N collation; N is a positive integer, the same applies hereinafter) using the extracted feature amount and the feature amount registered in the authentication information database. do.
  • the authentication server 10 identifies a user by a collation process, and identifies a service user ID corresponding to a service provider ID included in an authentication request among a plurality of service user IDs associated with the specified user. ..
  • the authentication server 10 transmits the specified service user ID to the sender of the authentication request.
  • the authentication server 10 transmits a response (response to the authentication request) including the specified service user ID to the management server 20.
  • the management server 20 searches the user information database using the acquired service user ID as a key, and identifies the user corresponding to the service user ID.
  • the management server 20 transmits the personal information of all or part of the specified user to the authentication terminal 30.
  • the authentication terminal 30 provides a service using the acquired personal information.
  • the authentication terminal 30 When the authentication terminal 30 ends the provision of the service, the authentication terminal 30 notifies the management server 20 to that effect. Specifically, the authentication terminal 30 transmits a "service provision end notification" to the management server 20.
  • the authentication terminal 30 acquires the second biometric information of the user and transmits the acquired second biometric information to the management server.
  • the authentication server 10 receives an authentication request including a user's biometric information and a second ID (service provider ID) from the service provider.
  • the authentication server 10 identifies a third ID (service user ID) by collation processing using the first and second biometric information and the second ID.
  • the authentication server 10 transmits the specified third ID to the service provider.
  • the management server 20 provides a service to the user
  • the management server 20 identifies the personal information of the user by using the third ID acquired by transmitting the authentication request to the authentication server 10.
  • the service provider provides the service to the user by using the specified personal information.
  • FIG. 6 is a diagram for explaining the operation in the information collection phase of the authentication system according to the first embodiment.
  • the information server 40 collects information on the behavior of the user (successful authentication person) who received the service from the service provider.
  • the information collected by the information server 40 (information provided by the management server 20 to the information server 40) is referred to as "behavior information”.
  • the service provider (management server 20) indicates the user's intention to provide the personal information of the user who received the service by biometric authentication to a third party. get. Specifically, the management server 20 transmits an inquiry regarding the availability of personal information (hereinafter referred to as an information provision inquiry) to the terminal 50 possessed by the user.
  • the information provision inquiry includes a list of personal information (for example, name, age, gender, address, etc.) stored in the management server 20 and a service user ID of a user who has enjoyed the service by biometric authentication.
  • the terminal 50 that has received the information provision inquiry acquires the user's intention regarding the provision of personal information.
  • the terminal 50 uses a GUI (Graphical User Interface) as shown in FIG. 7 to acquire whether or not personal information can be provided.
  • the terminal 50 may display so as to clearly indicate that the consideration can be obtained by providing the personal information.
  • the terminal 50 When the user refuses to provide personal information, the terminal 50 notifies the management server 20 to that effect (sends a negative response to the information provision inquiry).
  • the management server 20 transmits information about the outline of the service provided to the successful authentication person (hereinafter referred to as outline information) to the information server 40 as "behavior information".
  • outline information information about the outline of the service provided to the successful authentication person (hereinafter referred to as outline information) to the information server 40 as "behavior information”.
  • the schematic information exemplifies the type of industry (accommodation industry, retail industry) of the service provider, the place where the service is provided, the date and time, and the like.
  • the terminal 50 displays a GUI for inputting whether or not to provide each item (type) of personal information held by the management server 20 (see FIG. 8). ..
  • the terminal 50 may display the outline of the service received by biometric authentication on the input screen for whether or not to provide personal information.
  • the terminal 50 may display a GUI as shown in FIG.
  • the management server 20 may send an information provision inquiry including schematic information and a user's face image (face image acquired from the authentication terminal 30) to the terminal 50.
  • the terminal 50 transmits the information (type of personal information permitted to be provided to a third party) acquired by the GUI as shown in FIGS. 8 and 9 to the management server 20. Specifically, the terminal 50 transmits an acknowledgment including the information and the service user ID to the management server 20.
  • the management server 20 that received the affirmative response searches the user information database using the service user ID as a key, and identifies the corresponding user.
  • the management server 20 transmits "behavior information" including personal information permitted to be provided and summary information among the personal information of the specified user to the information server 40.
  • the information server 40 stores the received action information.
  • the information server 40 determines the consideration given to the personal information provider according to the type (item, item) of the provided personal information. Specifically, the information server 40 calculates the consideration according to a predetermined standard. For example, the information server 40 gives a high price to a user who provides high-value information such as name and age, and a low price to a user who provides low-value information such as gender. The information server 40 notifies the management server 20 of the calculated consideration.
  • the determination of the consideration by the information server 40 is an example, and the information server 40 can determine the consideration given to the personal information provider according to various methods and criteria.
  • the information server 40 may determine the consideration according to the demand for personal information (the number of companies wishing to purchase personal information). That is, the information server 40 may give a high price for personal information with high demand (high value) and a low price for personal information with low importance (low value).
  • the information server 40 may determine the consideration to be given to the personal information provider according to the amount presented (offer amount) from the company or the like that wishes to provide the information.
  • the information server 40 may give a high consideration to the user who provided the personal information with a large presentation amount.
  • the management server 20 refers to the consideration receipt information of the personal information provider, and pays the consideration (money, virtual currency, points) notified from the information server 40 to the personal information provider.
  • the provider of personal information can obtain compensation for the provision of personal information from the information center through the service provider.
  • the service provider may acquire a part of the consideration paid to the personal information provider from the information center (information server 40) as a brokerage fee.
  • the information center may pay the service provider a fee according to the total amount of personal information acquired in a predetermined period (for example, one month).
  • the service provider and the information center may conclude a contract regarding payment of consideration in advance, and the service provider may reimburse the consideration paid by the information center to the personal information provider.
  • an ID is assigned to the information (behavior information, notification of consideration) exchanged between the management server 20 and the information server 40, and the management server 20 manages the ID in association with the service user ID of the personal information provider. By doing so, it is possible to identify the user who pays the consideration.
  • the management server 20 makes an information provision inquiry (inquiry regarding whether or not the personal information can be provided, which is stored in the management server 20) to the terminal 50. Inquiries including a list of personal information items) will be sent.
  • the terminal 50 uses the acquired list of personal information to generate a GUI for a successful authentication person to input the type of personal information that is permitted to be provided to a third party.
  • the terminal 50 acquires the type of personal information permitted to be provided to a third party via the GUI, and transmits the acquired type of personal information to the management server 20.
  • the management server 20 receives the acknowledgment from the terminal 50, the management server 20 transmits the behavior information including the personal information permitted to be provided and the schematic information indicating the outline of the provided service to the information server 40.
  • FIG. 10 is a diagram showing an example of a processing configuration (processing module) of the authentication server 10 according to the first embodiment.
  • the authentication server 10 includes a communication control unit 201, a user registration unit 202, a database management unit 203, a service registration unit 204, an authentication unit 205, and a storage unit 206.
  • the communication control unit 201 is a means for controlling communication with other devices. For example, the communication control unit 201 receives data (packets) from the management server 20. Further, the communication control unit 201 transmits data to the management server 20. The communication control unit 201 passes the data received from the other device to the other processing module. The communication control unit 201 transmits the data acquired from the other processing module to the other device. In this way, the other processing module transmits / receives data to / from the other device via the communication control unit 201.
  • the user registration unit 202 is a means for realizing the above-mentioned user registration.
  • the user registration unit 202 acquires a user ID, password, and biometric information (face image) of a user (a user who desires to provide a service using biometric authentication; a system user).
  • the user registration unit 202 acquires the above three pieces of information (user ID, password, biometric information) by any means. For example, the user registration unit 202 displays a GUI and an input form for determining a user ID and a password on the terminal 50. For example, the user registration unit 202 displays a GUI as shown in FIG. 11 on the terminal 50.
  • the user registration unit 202 verifies that the user ID and password acquired by the GUI or the like do not overlap with the already registered user ID and password. If the duplication does not occur, the user registration unit 202 displays a GUI for acquiring the biometric information of the user on the terminal 50.
  • the user registration unit 202 displays a GUI as shown in FIG. 12 on the terminal 50.
  • the user presses the "file selection" button shown in FIG. 12 and specifies the image data of the face image to be registered in the system.
  • the designated face image is displayed in the preview area (displayed as a selected face image in FIG. 12).
  • a feature amount (feature vector composed of a plurality of feature amounts) is obtained from the face image. To generate.
  • the user registration unit 202 extracts feature points from the acquired face image. Since existing techniques can be used for the feature point extraction process, detailed description thereof will be omitted. For example, the user registration unit 202 extracts eyes, nose, mouth, and the like as feature points from the face image. After that, the user registration unit 202 calculates the position of each feature point and the distance between each feature point as a feature amount, and generates a feature vector (vector information that characterizes the face image) composed of a plurality of feature amounts.
  • a feature vector vector information that characterizes the face image
  • the user registration unit 202 hands over the user ID, password, and the above-generated feature amount to the database management unit 203.
  • the database management unit 203 is a means for managing the authentication information database.
  • the authentication information database supports information that identifies system users (user ID, password), biometric information (features), service provider ID that identifies service providers, and service user IDs that identify users in each service. Attach and memorize.
  • the database management unit 203 When the database management unit 203 acquires the above three pieces of information (user ID, password, feature amount) from the user registration unit 202, the database management unit 203 adds a new entry to the authentication information database. For example, when the above three pieces of information regarding the user U1 are acquired, the database management unit 203 adds the entry shown at the bottom of FIG. At the stage of user registration, since the service provider ID and the service user ID are not generated, nothing is set in these fields.
  • the service registration unit 204 is a means for realizing individual service registration by system users.
  • the service registration unit 204 processes the service registration request acquired from the management server 20 of the service provider.
  • the service registration unit 204 searches the authentication information database using the user ID and password included in the acquired service registration request as keys.
  • the service registration unit 204 confirms the service provider ID field of the specified user (user specified from the set of user ID and password).
  • the service registration unit 204 determines whether or not the service provider ID included in the service registration request acquired from the management server 20 is set in the service provider ID field. If the service provider ID acquired from the management server 20 is already registered in the database, the service registration unit 204 notifies the management server 20 to that effect. In this case, since the service (service provider) that the user is trying to register is already registered in the authentication information database, the service registration unit 204 sends a "negative response" as a response to the service registration request.
  • the service registration unit 204 will perform the service corresponding to the user and the service provider. Generate a user ID.
  • the service user ID is identification information uniquely determined from the combination of the user and the service provider.
  • the service registration unit 204 calculates a hash value using a user ID, a password, and a service provider ID, and uses the calculated hash value as a service user ID.
  • the service registration unit 204 calculates a concatenated value of a user ID, a password, and a service provider ID, and generates a service user ID by calculating a hash value of the calculated concatenated value.
  • the service user ID may be any information as long as it can uniquely identify the combination of the system user and the service provider.
  • the service registration unit 204 may assign a unique value as a service user ID each time it processes a service registration request.
  • the service registration unit 204 hands over the service provider ID and the service user ID to the database management unit 203 together with the user ID and password.
  • the database management unit 203 registers two IDs (service provider ID and service user ID) in the authentication information database. For example, when the user U1 registers the service for the service provider S1, the above two IDs are added to the entry shown at the bottom of FIG.
  • service registration is performed for each service provider, multiple service providers and service user IDs may be set for one user. For example, when the user U1 registers the service for each of the service providers S1 and S2, the entries in the second and third lines of FIG. 15 are generated. When the user U2 registers the service with respect to the service provider S1, the entry at the bottom of FIG. 15 is generated.
  • the authentication information database shown in FIG. 15 and the like is an example, and does not mean to limit the information stored in the authentication information database.
  • the face image may be registered in the authentication information database instead of the feature amount for authentication. That is, each time the authentication is performed, the feature amount may be generated from the face image registered in the authentication information database.
  • the service registration unit 204 When the service provider ID and the service user ID are registered in the authentication information database, the service registration unit 204 notifies the management server 20 that the service registration request has been processed normally. The service registration unit 204 transmits an “acceptance response” as a response to the service registration request. At that time, the service registration unit 204 sends a response including the service user ID to the management server 20.
  • the authentication unit 205 is a means for performing authentication processing for system users.
  • the authentication unit 205 processes the authentication request received from the management server 20 of the service provider.
  • the authentication unit 205 retrieves the feature amount and the service provider ID included in the authentication request.
  • the authentication unit 205 searches the authentication information database using the extracted feature amount and the service provider ID as keys, and identifies the corresponding service user ID.
  • the authentication unit 205 sets the feature amount extracted from the authentication request as the feature amount on the collation side and the feature amount stored in the database as the feature amount on the registration side, and executes one-to-N verification. Specifically, the authentication unit 205 calculates the degree of similarity between the matching side and the feature quantities of each of the plurality of registered sides. For the similarity, a chi-square distance, an Euclidean distance, or the like can be used. The farther the distance is, the lower the similarity is, and the closer the distance is, the higher the similarity is.
  • the authentication unit 205 determines whether or not there is a feature amount whose similarity with the feature amount to be collated is equal to or higher than a predetermined value among a plurality of feature amounts registered in the database. When such a feature amount exists, the authentication unit 205 identifies a user (user ID, password) corresponding to the feature amount having the highest degree of similarity. Whether or not the authentication unit 205 has an entry matching the service provider ID included in the authentication request among at least one service provider ID associated with the user specified by the one-to-N collation. Is determined.
  • the authentication unit 205 determines that the user authentication has been successful. In this case, the authentication unit 205 sends an “acceptance response” to the management server 20 that is the source of the authentication request. At that time, the authentication unit 205 generates a response (response to the authentication request) including the service user ID of the specified entry and sends it to the management server 20.
  • the authentication unit 205 determines that the user's authentication has failed. In this case, the authentication unit 205 transmits a "negative response" to the management server 20 that is the source of the authentication request.
  • the entry (user) in the second line and the third line is specified by the feature amount FV1.
  • the entry in the second line is specified by the service provider ID "S1".
  • the authentication request is processed normally, and an acknowledgment including the service user ID "U1S1" is transmitted to the management server 20.
  • the storage unit 206 stores information necessary for the operation of the authentication server 10.
  • An authentication information database is constructed in the storage unit 206.
  • FIG. 16 is a diagram showing an example of a processing configuration (processing module) of the management server 20 according to the first embodiment.
  • the management server 20 includes a communication control unit 301, a personal information acquisition unit 302, a service registration request unit 303, a database management unit 304, an authentication request unit 305, and an action information provision unit 306.
  • a storage unit 307 is provided.
  • the communication control unit 301 is a means for controlling communication with other devices. For example, the communication control unit 301 receives data (packet) from the authentication server 10. Further, the communication control unit 301 transmits data to the authentication server 10. The communication control unit 301 passes the data received from the other device to the other processing module. The communication control unit 301 transmits the data acquired from the other processing module to the other device. In this way, the other processing module transmits / receives data to / from other devices via the communication control unit 301.
  • the personal information acquisition unit 302 is a means for acquiring personal information required when a service provider provides a service. For example, when the service provider is a "retail store”, the personal information acquisition unit 302 provides information related to payment (for example, credit card information, bank account information) in addition to the user's name and the like. get. Alternatively, when the service provider is a "hotel operator", the personal information acquisition unit 302 acquires reservation information (for example, accommodation date, etc.) related to accommodation in addition to the name and the like.
  • reservation information for example, accommodation date, etc.
  • the personal information acquisition unit 302 receives a contact (for example, an e-mail address that can be received by the terminal 50) for sending an inquiry (information provision inquiry) regarding whether or not personal information can be provided, and a consideration for receiving the consideration from the information server 40. Receipt information is also obtained from the user.
  • a contact for example, an e-mail address that can be received by the terminal 50
  • an inquiry information provision inquiry
  • Receipt information is also obtained from the user.
  • the personal information acquisition unit 302 acquires the user ID and password determined when the user registers the system, in addition to the personal information such as the above name.
  • the personal information acquisition unit 302 acquires personal information, a user ID, and a password by any means.
  • the personal information acquisition unit 302 displays a GUI or a form for inputting the above information on the terminal 50 (see FIG. 17).
  • the information shown in FIG. 17 may be displayed on the WEB page managed and operated by the service provider.
  • the terminal 50 may download the application provided by the service provider and display as shown in FIG. 17 by the application.
  • the WEB page may be a WEB page that manages member information of a service provider. That is, the member of each service provider may register the service on the WEB page that manages his / her member information.
  • the personal information acquisition unit 302 delivers the personal information (personal information including contact information and consideration receipt information), user ID, and password acquired using the GUI or the like to the service registration request unit 303.
  • the service registration request unit 303 is a means for requesting (requesting) the authentication server 10 to register the user regarding the use of the service.
  • the service registration request unit 303 selects a user ID and password from the above three pieces of information (personal information, user ID, password) acquired from the personal information acquisition unit 302.
  • the service registration request unit 303 transmits a service registration request including the selected user ID, password and service provider ID to the authentication server 10.
  • the service registration request unit 303 acquires a response to the service registration request from the authentication server 10. If the acquired response is a "negative response", the service registration requesting unit 303 notifies the user to that effect. For example, the service registration request unit 303 notifies the user that the service registration has already been performed.
  • the service registration requesting unit 303 If the acquired response is an "affirmative response", the service registration requesting unit 303 notifies the user that the service registration has been successful. Further, the service registration request unit 303 includes the service user ID included in the above response and personal information (name, gender, address, family structure, contact information, consideration receipt information, etc.) acquired from the personal information acquisition unit 302. Hand over to the database management unit 304.
  • the database management unit 304 is a means for managing the user information database.
  • the user information database is a database that manages information on users (system users) who are the targets of service provision.
  • the user information database stores the personal information (for example, name, etc.) of the user in association with the service user ID acquired from the authentication server 10.
  • the database management unit 304 acquires the above information (personal information, service user ID) from the service registration request unit 303, it adds a new entry to the user information database. For example, when the management server 20 of the service provider S1 acquires the above information regarding the user U1, the entry shown at the bottom of FIG. 18 is added.
  • the authentication request unit 305 is a means for requesting the user's authentication from the authentication server 10.
  • the authentication request unit 305 When the authentication request unit 305 acquires biometric information (face image) from the authentication terminal 30, it generates a feature amount from the face image. The authentication request unit 305 transmits an authentication request including the generated feature amount and the service provider ID to the authentication server 10.
  • the authentication request unit 305 When the response from the authentication server 10 is a "negative response" (in the case of an authentication failure), the authentication request unit 305 notifies the authentication terminal 30 to that effect.
  • the authentication request unit 305 retrieves the service user ID included in the response from the authentication server 10.
  • the authentication request unit 305 searches the user information database using the service user ID as a key, and identifies the corresponding entry.
  • the authentication request unit 305 reads out the personal information of the specified entry and sends it to the authentication terminal 30. For example, in the example of FIG. 18, if the service user ID is "U1S1", the personal information at the bottom is transmitted to the authentication terminal 30. The authentication requesting unit 305 does not need to transmit personal information unnecessary for providing the service by the authentication terminal 30 to the authentication terminal 30. For example, if the contact information for the information provision inquiry and the consideration receipt information are not necessary for providing the service, such information may not be transmitted to the authentication terminal 30.
  • the behavior information providing unit 306 is a means for providing information (behavior information) regarding the user's behavior at the time of providing a service by biometric authentication to the information server 40.
  • the behavior information providing unit 306 When the behavior information providing unit 306 receives the "service provision end notification" from the authentication terminal 30, the behavior information providing unit 306 "provides information" to the terminal 50 possessed by the user (authentication successful person; user who received the service provision by biometric authentication). Send an inquiry. As described above, the inquiry includes a list of personal information stored in the management server 20 and a service user ID.
  • the behavior information providing unit 306 When the response to the information provision inquiry is a negative response (denial of provision of personal information), the behavior information providing unit 306 generates schematic information and sends the schematic information to the information server 40 as "behavior information".
  • the schematic information does not include information that can identify the user, and is information for notifying the information server 40 of the fact that the service was provided by biometric authentication and its brief contents. Therefore, the management server 20 may include the user's product purchase price, accommodation record, and the like in the schematic information.
  • the behavior information providing unit 306 identifies the user by the service user ID included in the response. Further, the behavior information providing unit 306 reads out from the user information database the personal information permitted to be provided by the user among the personal information about the specified user. The action information providing unit 306 transmits the read personal information and the outline information to the information server 40 as "behavior information".
  • the behavior information providing unit 306 When transmitting behavior information including personal information and summary information, the behavior information providing unit 306 generates an ID (behavior information ID) that enables identification of the behavior information to be transmitted, and the behavior information including the ID is transmitted to the information server 40. (See FIG. 19).
  • the action information providing unit 306 stores the action information ID and the service user ID in association with each other.
  • the behavior information providing unit 306 When the behavior information providing unit 306 receives the notification regarding the consideration from the information server 40, the behavior information providing unit 306 extracts the behavior information ID included in the notification and identifies the corresponding user (service user ID). The behavior information providing unit 306 searches the user information database using the specified service user ID as a key, and identifies the corresponding entry. The action information providing unit 306 refers to the consideration receiving information of the specified entry and acquires the payee of the consideration. The behavior information providing unit 306 pays the payee the consideration notified from the information server 40.
  • the storage unit 307 stores information necessary for the operation of the management server 20.
  • the user information database is built in the storage unit 307.
  • the authentication terminal 30 acquires the user's personal information from the management server 20 by transmitting the biometric information acquired from the user to the management server 20.
  • the authentication terminal 30 provides a service to the user by using the acquired personal information.
  • FIG. 20 is a diagram showing an example of a processing configuration (processing module) of the authentication terminal 30 according to the first embodiment.
  • the authentication terminal 30 includes a communication control unit 401, a biometric information acquisition unit 402, a service providing unit 403, a message output unit 404, and a storage unit 405.
  • the communication control unit 401 is a means for controlling communication with other devices. For example, the communication control unit 401 receives data (packets) from the management server 20. Further, the communication control unit 401 transmits data to the management server 20. The communication control unit 401 passes the data received from the other device to the other processing module. The communication control unit 401 transmits the data acquired from the other processing module to the other device. In this way, the other processing module transmits / receives data to / from other devices via the communication control unit 401.
  • the biometric information acquisition unit 402 is a means for controlling the camera and acquiring the biometric information (face image) of the user.
  • the biological information acquisition unit 402 images the front of the own device at regular intervals or at predetermined timings.
  • the biological information acquisition unit 402 determines whether or not the acquired image includes a human face image, and if the acquired image includes a face image, extracts the face image from the acquired image data.
  • the biological information acquisition unit 402 may extract a face image (face region) from the image data by using a learning model learned by CNN (Convolutional Neural Network).
  • the biological information acquisition unit 402 may extract a face image by using a technique such as template matching.
  • the biometric information acquisition unit 402 delivers the extracted face image to the service provision unit 403.
  • the service providing unit 403 is a means for providing a predetermined service to the user.
  • the service providing unit 403 transmits the face image acquired from the biometric information acquisition unit 402 to the management server 20.
  • the management server 20 returns personal information (for example, name, etc.) corresponding to the face image.
  • the service providing unit 403 provides the service to the user by using the returned personal information.
  • the service providing unit 403 sends a "service provision end notification" to the management server 20.
  • the message output unit 404 is a means for outputting various messages to the user. For example, the message output unit 404 outputs a message regarding the user's authentication result and a message regarding service provision.
  • the message output unit 404 may display a message using a display device such as a liquid crystal monitor, or may reproduce a voice message using an audio device such as a speaker.
  • the storage unit 405 stores information necessary for the operation of the authentication terminal 30.
  • FIG. 21 is a diagram showing an example of a processing configuration (processing module) of the information server 40 according to the first embodiment.
  • the information server 40 includes a communication control unit 501, an action information processing unit 502, and a storage unit 503.
  • the communication control unit 501 is a means for controlling communication with other devices. For example, the communication control unit 501 receives data (packets) from the management server 20. Further, the communication control unit 501 transmits data to the management server 20. The communication control unit 501 passes the data received from the other device to the other processing module. The communication control unit 501 transmits the data acquired from the other processing module to the other device. In this way, the other processing module transmits / receives data to / from the other device via the communication control unit 501.
  • the behavior information processing unit 502 is a means for processing the behavior information acquired from the management server 20.
  • the behavior information processing unit 502 stores the acquired behavior information in the storage unit 503.
  • the behavior information processing unit 502 determines the consideration to be paid to the provider of the behavior information (personal information provider). For example, the behavior information processing unit 502 determines the consideration by referring to the table information that defines the type of the obtained personal information and the consideration (amount, points, etc.) to be paid as shown in FIG. 22. The behavior information processing unit 502 calculates the total amount of consideration corresponding to each type of personal information provided, and uses it as the consideration to be paid to the personal information provider. The information center determines the amount of consideration according to the value of the information provided.
  • personal information provider for example, name, age, etc.
  • the behavior information processing unit 502 notifies the management server 20 of the determined consideration.
  • the storage unit 503 is a means for storing information necessary for the operation of the information server 40.
  • the information server 40 analyzes the accumulated behavior information and generates information for selling to a business operator or the like. However, since the function is different from the purpose of the present application, the description of the function will be omitted.
  • the information server 40 determines the consideration to be paid to the user according to the type of personal information provided by the user (authentication successful person who received the service provision). Further, the information server 40 notifies the management server 20 of the consideration paid to the user. The management server 20 pays the consideration notified based on the consideration receipt information of the user.
  • FIG. 23 is a diagram showing an example of a processing configuration (processing module) of the terminal 50 according to the first embodiment.
  • the terminal 50 includes a communication control unit 601, a personal information control unit 602, and a storage unit 603.
  • the communication control unit 601 is a means for controlling communication with other devices. For example, the communication control unit 601 receives data (packets) from the management server 20. Further, the communication control unit 601 transmits data to the management server 20. The communication control unit 601 passes the data received from the other device to the other processing module. The communication control unit 601 transmits the data acquired from the other processing module to the other device. In this way, the other processing module transmits / receives data to / from the other device via the communication control unit 601.
  • the personal information control unit 602 is a means for controlling whether or not to provide the personal information held by the service provider to the information server 40 according to the intention of the user.
  • the personal information control unit 602 When the personal information control unit 602 receives the information provision inquiry from the management server 20, the personal information control unit 602 acquires the user's intention as to whether or not to consent to provide the personal information stored in the management server 20 to the information server 40. Specifically, the personal information control unit 602 displays a GUI as shown in FIG. 7 and acquires a comprehensive (overall) user's intention to provide personal information.
  • the personal information control unit 602 notifies the management server 20 to that effect. Specifically, the personal information control unit 602 sends a negative response to the information provision inquiry to the management server 20.
  • the personal information control unit 602 displays a GUI as shown in FIGS. 8 and 9, and personal information is permitted to be provided to the information center (third party). Get the type of.
  • the personal information control unit 602 determines the types of personal information shown in FIGS. 8 and 9 based on a list of items of personal information acquired from the management server 20. 8 and 9 show an interface for selecting personal information that can be provided to a third party by the user, but an interface for setting provision permission and provision refusal (YES, NO) for each personal information. May be used.
  • the service provider (management server 20)
  • the personal information stored in the management server 20 will also be different. Therefore, by referring to the item list of personal information acquired from the management server 20, the personal information control unit 602 does not request the user to select personal information that cannot be provided to the information server 40.
  • the personal information control unit 602 transmits the type of personal information acquired by the GUI shown in FIGS. 8 and 9 to the management server 20. Specifically, the personal information control unit 602 transmits an acknowledgment including the type of personal information permitted by the user to the management server 20.
  • the storage unit 603 stores information necessary for the operation of the terminal 50.
  • FIG. 24 is a sequence diagram showing an example of the operation related to the service registration phase of the authentication system according to the first embodiment.
  • the management server 20 acquires personal information (information necessary for providing the service), user ID, and password from the user (step S01).
  • the management server 20 transmits a service registration request including the acquired user ID, password, and service provider ID to the authentication server 10 (step S02).
  • the authentication server 10 generates a service user ID using the acquired user ID, password, and service provider ID (step S03).
  • the authentication server 10 stores the service provider ID and the service user ID in the authentication information database (step S04).
  • the authentication server 10 transmits a response including the service user ID (response to the service registration request) to the management server 20 (step S05).
  • the management server 20 associates the personal information acquired in step S01 with the service user ID acquired from the authentication server 10 and stores it in the user information database (step S06).
  • the management server 20 acquires the service user ID by transmitting the authentication request including the user ID, password, and service provider ID to the authentication server 10.
  • the management server 20 stores the acquired service user ID in association with the personal information of the user.
  • FIG. 25 is a sequence diagram showing an example of the operation related to the service provision phase of the authentication system according to the first embodiment.
  • the authentication terminal 30 acquires a user's face image (biological information) and transmits the acquired face image to the management server 20 (step S11).
  • the management server 20 generates a feature amount from the acquired face image (step S12).
  • the management server 20 transmits an authentication request including the generated feature amount and the service provider ID to the authentication server 10 (step S13).
  • the authentication server 10 executes an authentication process using the feature amount included in the authentication request and the service provider ID, and identifies the corresponding service user ID (step S14).
  • the authentication server 10 transmits a response (response to the authentication request) including the specified service user ID to the management server 20 (step S15).
  • the management server 20 searches the user information database using the acquired service user ID, and identifies the corresponding personal information (step S16).
  • the management server 20 transmits the specified personal information to the authentication terminal 30 (step S17).
  • the authentication terminal 30 provides a service using the acquired personal information (step S18).
  • the authentication terminal 30 sends a service provision end notification to the management server 20 (step S19).
  • FIG. 26 is a sequence diagram showing an example of the operation related to the information collection phase of the authentication system according to the first embodiment.
  • the management server 20 Upon receiving the service provision end notification from the authentication terminal 30, the management server 20 sends an information provision inquiry to the terminal 50 (step S21).
  • the terminal 50 Upon receiving the information provision inquiry, the terminal 50 generates a GUI for acquiring the user's intention to provide personal information to a third party (information center, information server 40) (whether or not personal information can be provided). Acquisition; step S22).
  • the terminal 50 If the user agrees to provide personal information, the terminal 50 generates a GUI for selecting the type of personal information that can be provided to a third party (selection of personal information to be provided; step S23).
  • the terminal 50 generates a response (response to an information provision inquiry) including the type of personal information selected by the user and sends it to the management server 20 (step S24).
  • the management server 20 transmits behavior information including personal information and outline information permitted to be provided to the information server 40 (step S25).
  • the information server 40 stores the acquired behavior information (step S26) and determines the consideration to be paid to the personal information provider (step S27).
  • the information server 40 notifies the management server 20 of the determined consideration. (Step S28).
  • the management server 20 refers to the consideration receipt information of the personal information provider, and pays the consideration notified from the management server 20 to the user (step S29).
  • the service when a service is provided to a user, the service is provided in addition to the information generated by the provision of the service (schematic information indicating the outline of the service).
  • the personal information of the received user is sent to the information center.
  • the user since the user can select an item of his / her personal information that is permitted to be provided to a third party, he / she can refuse to provide personal information that he / she does not intend. That is, the user can control the provision or refusal of personal information based on his / her own idea.
  • the information center that collects and utilizes personal information facilitates the collection of such personal information by giving a high price to personal information with high utility value (for example, name, address, etc.). That is, since a large amount of consideration can be obtained, the user consents (convinces) to provide personal information with high utility value to a third party.
  • high utility value for example, name, address, etc.
  • different service providers have different personal information that can be collected by the information center, and the information center can collect more diverse data. For example, the information center can obtain the age of the user as well as the payment amount of the user from the retail business, or can obtain the accommodation period and the age, gender, etc. of the user from the hotel operator.
  • the contact information of the user required in the first embodiment is unnecessary.
  • the authentication terminal 30 acquires whether or not to provide personal information.
  • FIG. 27 is a diagram for explaining the operation of the authentication system according to the second embodiment.
  • the authentication terminal 30 uses the personal information to provide a service.
  • the authentication terminal 30 displays a GUI asking whether or not the personal information can be provided.
  • the authentication terminal 30 generates a GUI as shown in FIG. 7 and acquires whether or not personal information can be provided.
  • the authentication terminal 30 When the user agrees to provide personal information, the authentication terminal 30 generates a GUI (for example, a GUI as shown in FIGS. 8 and 9) for inputting personal information that can be provided to a third party.
  • the authentication terminal 30 transmits the provideable personal information acquired via the GUI to the management server 20.
  • the management server 20 transmits (provides) behavior information (behavior information including personal information and summary information) to the information server 40 based on the received personal information.
  • the authentication terminal 30 may include the "personal information control function" of the terminal 50 according to the first embodiment. That is, as shown in FIG. 28, the authentication terminal 30 according to the second embodiment may include the personal information control unit 406.
  • the authentication successful person when the authentication terminal 30 ends the provision of the service to the authentication successful person, the authentication successful person permits the provision of personal information to a third party. Generate a GUI to enter the type.
  • the management server 20 acquires the user's intention regarding the provision of personal information via the authentication terminal 30.
  • the second embodiment also allows the user to appropriately control and manage personal information regarding the biometric authentication service.
  • FIG. 29 is a diagram showing an example of the hardware configuration of the management server 20.
  • the management server 20 can be configured by an information processing device (so-called computer), and includes the configuration illustrated in FIG. 29.
  • the management server 20 includes a processor 311, a memory 312, an input / output interface 313, a communication interface 314, and the like.
  • the components such as the processor 311 are connected by an internal bus or the like and are configured to be able to communicate with each other.
  • the configuration shown in FIG. 29 does not mean to limit the hardware configuration of the management server 20.
  • the management server 20 may include hardware (not shown).
  • the number of processors 311 and the like included in the management server 20 is not limited to the example of FIG. 29, and for example, a plurality of processors 311 may be included in the management server 20.
  • the processor 311 is a programmable device such as a CPU (Central Processing Unit), an MPU (Micro Processing Unit), and a DSP (Digital Signal Processor). Alternatively, the processor 311 may be a device such as an FPGA (Field Programmable Gate Array) or an ASIC (Application Specific Integrated Circuit). The processor 311 executes various programs including an operating system (OS).
  • OS operating system
  • the memory 312 is a RAM (RandomAccessMemory), a ROM (ReadOnlyMemory), an HDD (HardDiskDrive), an SSD (SolidStateDrive), or the like.
  • the memory 312 stores an OS program, an application program, and various data.
  • the input / output interface 313 is an interface of a display device or an input device (not shown).
  • the display device is, for example, a liquid crystal display or the like.
  • the input device is, for example, a device that accepts user operations such as a keyboard and a mouse.
  • the communication interface 314 is a circuit, module, etc. that communicates with other devices.
  • the communication interface 314 includes a wireless communication circuit, a NIC (Network Interface Card), and the like.
  • the function of the management server 20 is realized by various processing modules.
  • the processing module is realized, for example, by the processor 311 executing a program stored in the memory 312.
  • the program can also be recorded on a computer-readable storage medium.
  • the storage medium may be a non-transient such as a semiconductor memory, a hard disk, a magnetic recording medium, or an optical recording medium. That is, the present invention can also be embodied as a computer program product. Further, the above program can be downloaded via a network or updated by using a storage medium in which the program is stored. Further, the processing module may be realized by a semiconductor chip.
  • the authentication server 10, the authentication terminal 30, the information server 40, the terminal 50, and the like can also be configured by the information processing device in the same manner as the management server 20, and the basic hardware configuration thereof is not different from that of the management server 20. Therefore, the explanation is omitted.
  • the authentication terminal 30 may be provided with a camera for photographing the user.
  • the management server 20 is equipped with a computer, and the function of the management server 20 can be realized by causing the computer to execute a program. Further, the management server 20 executes the personal information providing method by the program.
  • the authentication system may determine an ID (identifier) that uniquely identifies the system user.
  • the authentication server 10 acquires the user's biometric information (face image, feature amount).
  • the authentication server 10 may generate the above ID based on the biometric information.
  • the authentication server 10 may calculate a hash value from the feature amount of the face image and use the calculated hash value as a substitute for the user ID and password. Since the feature amount of the face image differs for each user and the hash value generated from the feature amount also differs for each user, it can be used as an ID of the system user.
  • the user registration phase and the service registration phase are executed at different timings, but these phases may be executed at substantially the same timing.
  • the authentication terminal 30 installed in the service provider that the user wishes to provide the service may be used, and the above two registration phases may be executed.
  • the user may perform user registration using the authentication terminal 30, and then continuously perform service registration.
  • the authentication terminal 30 may be provided with a user registration function (user registration unit 202) of the authentication server 10 and a personal information acquisition function (personal information acquisition unit 302) of the management server 20.
  • the plurality of authentication terminals 30 owned by the service provider do not have to be installed on the same site, building, or the like. If the service providers are common, each authentication terminal 30 may be installed in a spatially separated place.
  • one service provider ID is assigned to one service provider, but one service provider ID may be assigned to a plurality of service providers.
  • a plurality of service providers may be grouped together and a service provider ID may be issued for each group. For example, when the service providers S1 and S2 cooperate to provide the same service, a common service provider ID may be issued to the service providers S1 and S2.
  • the biometric information related to the "feature amount generated from the face image” is transmitted from the management server 20 to the authentication server 10 has been described.
  • the biometric information related to the "face image” may be transmitted from the management server 20 to the authentication server 10.
  • the authentication server 10 may generate a feature amount from the acquired face image and execute the authentication process (verification process).
  • the authentication terminal 30 acquires the face image and the management server 20 generates the feature amount from the face image has been described.
  • the authentication terminal 30 may generate a feature amount from the face image and transmit the generated feature amount to the management server 20. That is, the management server 20 does not have to generate the feature amount.
  • the management server 20 transmits a service registration request including the feature amount generated from the face image and the service provider ID to the authentication server 10.
  • the authentication server 10 executes a collation process using the feature amount included in the request and the feature amount registered in the authentication information database, and identifies the corresponding user.
  • the authentication server 10 issues a service user ID when the user is successfully identified (authentication).
  • the service provider may acquire the biometric information (face image) of the user in addition to the user ID and password.
  • the authentication server 10 may issue the service user ID when the user ID, password, and biometric information match (two-factor authentication using the biometric information and password may be executed).
  • the service provider may cache (temporarily hold) the information acquired from the authentication server 10 and the information acquired from the authentication terminal 30.
  • the management server 20 caches the biometric information acquired from the authentication terminal 30 and the authentication result (service user ID) based on the biometric information for a predetermined period.
  • the management server 20 confirms the cached data first, and if there is cache data that hits the acquired biometric information, the management server 20 does not send the authentication request to the authentication server 10.
  • the management server 20 identifies personal information using the service user ID included in the cache data.
  • the management server 20 may cache a combination of biometric information and personal information.
  • the conditions for deleting the cached data may be changed according to the type of service. For example, when the accommodation service is provided by the hotel operator, the management server 20 may delete the cache data at the timing when the guest's stay period ends.
  • each device authentication server 10, management server 20, authentication terminal 30
  • the form of data transmission / reception between each device is not particularly limited, but the data transmitted / received between these devices may be encrypted.
  • Biometric information is transmitted and received between these devices, and it is desirable that encrypted data be transmitted and received in order to appropriately protect the biometric information.
  • the terminal 50 may prepare a GUI for inputting whether or not to provide personal information for the entire authentication system.
  • the service provider it is determined whether or not personal information can be provided after the service is provided by the service provider. However, whether or not personal information is provided may be determined before the service is provided. That is, if the authentication is performed by the authentication server 10, it may be determined at any time before the service is provided or after the service is provided whether or not the personal information can be provided.
  • the terminal 50 may be used for a purpose different from that used.
  • the user may use the terminal 50 to update other information registered in the authentication server 10.
  • the user may access the authentication server 10 using the terminal 50 and select a service provider who receives the service by biometric authentication. That is, the user may register the service via the authentication server 10.
  • the user may apply for withdrawal from the system or service by using the terminal 50.
  • the management server 20 acquires in advance information about the consideration given to each personal information provided by the information server 40, and transfers the information about the consideration returned to the user based on the acquired information to the terminal 50 and the authentication terminal 30. You may notify. For example, the management server 20 may notify the terminal 50 of the item list of personal information included in the information provision notification and the consideration given when each item is provided. In this case, the terminal 50 can display the GUI as shown in FIG. As shown in FIG. 30, the terminal 50 may specify that the consideration (money, virtual currency, points that can be used for online shopping, etc.) obtained differs depending on the type of personal information provided. Further, as shown in FIG. 30, the terminal 50 may display the total consideration obtained by providing the selected personal information to a third party.
  • the consideration money, virtual currency, points that can be used for online shopping, etc.
  • the terminal 50 or the authentication terminal 30 may display a GUI for inputting the provision period of the provided data for each of the personal information permitted to be provided to a third party (see FIG. 31).
  • the terminal 50 and the authentication terminal 30 display a GUI that allows the provision period (for example, 1 month, 1 year, 10 years, indefinite period) to be selected.
  • the terminal 50 or the authentication terminal 30 may display a GUI for inputting the start and end of the provision period (the user may display the provision period in a format such as 20XX / YY / ZZ to 20ZZ / YY / XX. May be entered).
  • the terminal 50 and the authentication terminal 30 notify the management server 20 of the provision period together with the personal information permitted to be provided.
  • the management server 20 transmits behavior information including these information to the information server 40.
  • the information server 40 determines the consideration according to the type of personal information provided and the length of the data provision period for each type of personal information provided.
  • the information server 40 discards the stored personal information when the designated provision period has passed.
  • one information center is exemplified as a destination for providing personal information.
  • personal information may be provided to a plurality of information centers (information banks).
  • the user may select an information center that permits the provision of personal information from a plurality of information centers.
  • the management server 20 transmits the status provision inquiry, the management server 20 also transmits information about the affiliated information center (information server 40) to the terminal 50 or the like.
  • the management server 20 transmits the name of the information center or the like to the terminal 50 or the like.
  • the terminal 50 or the authentication terminal 30 may display a GUI as shown in FIG. 32 using the acquired information, and individually acquire whether or not to provide personal information for each information center. That is, the terminal 50 and the authentication terminal 30 may generate a GUI for inputting whether or not to permit the provision of personal information for each of the plurality of information centers.
  • the terminal 50 and the authentication terminal 30 display a GUI (GUI as shown in FIGS. 8, 9, 30, and 31) for selecting personal information to be provided for each information center permitted to provide information. You may.
  • the terminal 50 and the authentication terminal 30 may also display the consideration obtained from each information center (the consideration obtained may differ depending on the destination to which the personal information is provided).
  • the terminal 50 and the authentication terminal 30 may display the personal information of the user (successful authentication person) as it is, instead of displaying the type of personal information (see FIG. 33). ..
  • the identity confirmation of the user is not mentioned, but the identity confirmation of the user may be performed by any of the authentication systems.
  • the authentication server 10 may confirm the identity of the user.
  • the user registration unit 202 of the authentication server 10 acquires the user's identity verification document (for example, a passport, etc.) from the terminal 50, and uses the user's face image and the face image described in the identity verification document. The one-to-one collation may be performed.
  • the authentication server 10 may perform user registration for a user who has succeeded in the verification. Alternatively, the same identity verification may be performed at the time of service registration. By confirming the identity of the user in any of the authentication systems, the reliability of the personal information provided to the information center is guaranteed.
  • the management server 20 sends an information provision inquiry to the terminal 50 to notify the user of the fact that biometric authentication has been executed.
  • the authentication server 10 may notify the terminal 50 of the fact.
  • the terminal 50 may display a GUI or the like regarding whether or not information can be provided, triggered by a notification from the authentication server 10.
  • each embodiment may be used alone or in combination. For example, it is possible to replace a part of the configuration of the embodiment with the configuration of another embodiment, or to add the configuration of another embodiment to the configuration of the embodiment. Further, it is possible to add, delete, or replace a part of the configuration of the embodiment with another configuration.
  • the present invention is suitably applicable to an authentication system for authenticating customers such as retail stores and hotel operators.
  • the personal information for providing the service to the successful authentication person by biometric authentication is stored, and among the personal information of the successful authentication person to which the service is provided, the individual who the successful authentication person permits to provide to a third party.
  • [Appendix 2] Including the terminal owned by the successful authentication person, When the provision of the service to the successful authentication person is completed, the management server makes an inquiry to the terminal regarding whether or not the personal information can be provided, and includes an inquiry including a list of personal information stored in the own device. Send and The authentication system according to Appendix 1, wherein the terminal uses the list of personal information to generate a GUI for the successful authentication person to input the type of personal information permitted to be provided to the third party. [Appendix 3] The authentication system according to Appendix 2, wherein when the management server receives an acknowledgment to an inquiry regarding whether or not the personal information can be provided from the terminal, the management server transmits the action information to the information server.
  • the management server uses the information server to provide the behavioral information including personal information that the successful authentication person has authorized to provide to a third party and outline information about the outline of the service provided to the successful authentication person.
  • the authentication system according to any one of Supplementary note 1 to 3 to be transmitted to [Appendix 5].
  • the authentication system according to any one of Supplementary note 1 to 4, wherein the information server determines the consideration to be paid to the successful authentication person according to the type of personal information provided by the successful authentication person.
  • the management server stores the consideration receipt information for receiving the consideration, and the management server stores the consideration receipt information.
  • the information server notifies the management server of the consideration to be paid to the successful authentication person, and the information server notifies the management server.
  • the authentication system according to Appendix 5 wherein the management server pays the notified consideration based on the consideration receipt information of the authentication successful person.
  • Appendix 7 The authentication system according to Appendix 2 or 3, wherein the terminal generates a GUI displaying the consideration obtained by providing personal information to the third party.
  • Appendix 8 The authentication according to any one of Supplementary note 2, 3 or 7, wherein the terminal generates a GUI for inputting the provision period of the provided data for each type of personal information permitted to be provided to the third party. system.
  • the information server determines the type of personal information provided, the length of the data provision period for each type of personal information provided, and the consideration paid to the successful authentication person, Appendix 5. Authentication system described in.
  • [Appendix 10] The authentication system according to any one of Supplementary Provisions 2, 3, 7, and 8, wherein the terminal generates a GUI for inputting whether or not to permit the provision of personal information to each of the plurality of third parties.
  • Appendix 11 It further includes an authentication terminal that is connected to the management server, acquires biometric information of the authenticated person, and provides a service to the authenticated successful person. When the authentication terminal ends the provision of the service to the authentication successful person, the authentication terminal generates a GUI for inputting the type of personal information that the authentication successful person permits to provide to the third party. The authentication system described.
  • [Appendix 12] The authentication system according to any one of Supplementary note 1 to 11, wherein the biometric information is a face image or a feature amount generated from the face image.
  • [Appendix 13] Connected to a management server that stores personal information for providing services to successful biometric authentication
  • a terminal that generates a GUI for inputting personal information of a successful authentication person to whom the service is provided, which is permitted to be provided to a third party by the successful authentication person.
  • Information server and It is connected to an authentication server that stores biometric information of each of a plurality of users and performs biometric authentication using the stored biometric information.
  • the personal information for providing the service to the successful authentication person by the biometric authentication is stored, and among the personal information of the successful authentication person to which the service is provided, the individual who the successful authentication person permits to provide to a third party.
  • a management server that sends behavioral information including information to the information server.
  • Appendix 15 Information server and In a management server connected to an authentication server that stores biometric information of each of a plurality of users and performs biometric authentication using the stored biometric information. Store personal information for providing services to those who have succeeded in biometric authentication. A method for providing personal information, in which behavioral information including personal information of a successful authentication person to whom the service is provided is permitted to be provided to a third party is transmitted to the information server.
  • Appendix 16 Information server and A computer installed in a management server connected to an authentication server that stores biometric information of each of a plurality of users and performs biometric authentication using the stored biometric information.
  • the process of storing personal information for providing services to those who have succeeded in biometric authentication A process of transmitting behavioral information including personal information of a successful authentication person to whom the service is provided, including personal information that the successful authentication person has permitted to be provided to a third party, to the information server.
  • a computer-readable storage medium that stores programs for executing.
  • Authentication terminal 40 101 Information server 50 Terminal 201, 301, 401, 501, 601 Communication control unit 202 User registration unit 203, 304 Database (DB; Data Base) management unit 204 Service registration unit 205 Authentication unit 206, 307, 405, 503, 603 Storage unit 302 Personal information acquisition unit 303 Service registration request Unit 305 Authentication request unit 306 Behavior information provision unit 311 Processor 312 Memory 313 Input / output interface 314 Communication interface 402 Biometric information acquisition unit 403 Service provision unit 404 Message output unit 406, 602 Personal information control unit 502 Behavior information processing unit

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Collating Specific Patterns (AREA)

Abstract

L'invention concerne un système d'authentification, au moyen duquel un utilisateur commande et gère des informations personnelles se rapportant à une fourniture de service au moyen d'une authentification biométrique. Le système d'authentification comprend un serveur d'informations, un serveur d'authentification et un serveur de gestion. Le serveur d'authentification stocke des informations biologiques concernant chaque utilisateur d'une pluralité d'utilisateurs et effectue une authentification biométrique en utilisant les informations biologiques stockées. Le serveur de gestion stocke des informations personnelles pour fournir un service à une personne qui est authentifiée avec succès au moyen d'une authentification biométrique. Le serveur de gestion transmet, à un serveur d'informations, des informations de comportement comportant des informations personnelles, qui sont autorisées à être fournies à un tiers par la personne authentifiée avec succès, parmi les informations personnelles concernant la personne authentifiée avec succès à laquelle le service a été fourni.
PCT/JP2020/032371 2020-08-27 2020-08-27 Système d'authentification, terminal, serveur de gestion, procédé de fourniture d'informations personnelles et support de stockage WO2022044205A1 (fr)

Priority Applications (2)

Application Number Priority Date Filing Date Title
PCT/JP2020/032371 WO2022044205A1 (fr) 2020-08-27 2020-08-27 Système d'authentification, terminal, serveur de gestion, procédé de fourniture d'informations personnelles et support de stockage
JP2022545002A JPWO2022044205A5 (ja) 2020-08-27 認証システム、端末、管理サーバ、個人情報提供方法及びプログラム

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2020/032371 WO2022044205A1 (fr) 2020-08-27 2020-08-27 Système d'authentification, terminal, serveur de gestion, procédé de fourniture d'informations personnelles et support de stockage

Publications (1)

Publication Number Publication Date
WO2022044205A1 true WO2022044205A1 (fr) 2022-03-03

Family

ID=80354874

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2020/032371 WO2022044205A1 (fr) 2020-08-27 2020-08-27 Système d'authentification, terminal, serveur de gestion, procédé de fourniture d'informations personnelles et support de stockage

Country Status (1)

Country Link
WO (1) WO2022044205A1 (fr)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2016091067A (ja) * 2014-10-29 2016-05-23 ソフトバンク株式会社 個人情報流通方法、個人情報流通システム及び個人情報流通事業者装置
JP2018155570A (ja) * 2017-03-17 2018-10-04 本田技研工業株式会社 情報提供車載装置、情報提供システム、及び情報提供プログラム

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2016091067A (ja) * 2014-10-29 2016-05-23 ソフトバンク株式会社 個人情報流通方法、個人情報流通システム及び個人情報流通事業者装置
JP2018155570A (ja) * 2017-03-17 2018-10-04 本田技研工業株式会社 情報提供車載装置、情報提供システム、及び情報提供プログラム

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
AKIYAMA, HIROKOET ET AL.: "Design and implementation of personal activity information storing feature in information bank system", IPSJ SYMPOSIUM SERIES, vol. 2013, no. 2, 3 July 2013 (2013-07-03), pages 1953 - 1957, XP55909344, ISSN: 1882-0840 *

Also Published As

Publication number Publication date
JPWO2022044205A1 (fr) 2022-03-03

Similar Documents

Publication Publication Date Title
US20210224795A1 (en) Escrow non-face-to-face cryptocurrency transaction device and method using phone number
CN107735999A (zh) 基于设备功能和用户请求通过多个途径的认证
WO2020246403A1 (fr) Dispositif et procédé de traitement d'informations
JP4413575B2 (ja) アカウントサービス情報の統合管理を支援する情報処理装置、アカウントサービス情報の統合管理方法、プログラム、および記録媒体
JP7171504B2 (ja) 個人情報管理サーバ、個人情報管理方法及び個人情報管理システム
WO2021214970A1 (fr) Dispositif de traitement d'informations, système, procédé de mise à jour d'image faciale et support de stockage
JP2016181171A (ja) 情報処理装置、システム、方法およびプログラム
WO2022137954A1 (fr) Serveur d'authentification, système d'authentification, ainsi que procédé de commande de serveur d'authentification et support de stockage
JP6871296B2 (ja) 仲介サーバ、プログラム、及び情報処理方法
WO2022044205A1 (fr) Système d'authentification, terminal, serveur de gestion, procédé de fourniture d'informations personnelles et support de stockage
WO2021260856A1 (fr) Système d'authentification, serveur d'authentification, procédé d'enregistrement et support de stockage
WO2022118639A1 (fr) Serveur d'authentification, système, procédé de commande de serveur d'authentification et support d'enregistrement
JP7036300B1 (ja) システム、認証方法、認証端末、認証端末の制御方法及びプログラム
WO2021255821A1 (fr) Serveur d'authentification, procédé de recommandation de mise à jour d'image faciale et support de stockage
WO2022024281A1 (fr) Serveur d'authentification, système d'authentification, procédé de traitement de demande d'authentification et support de stockage
JP7124979B2 (ja) サーバ装置、認証システム、認証方法、プログラム及び方法
WO2021240749A1 (fr) Dispositif serveur, système, procédé de demande de subvention et support non transitoire lisible par ordinateur
WO2021214969A1 (fr) Système d'authentification, terminal, procédé de commande pour un terminal, et support de stockage
JP2002229956A (ja) バイオメトリクス認証システム,バイオメトリクス認証局,サービス提供サーバ,バイオメトリクス認証方法及びプログラム並びにサービス提供方法及びプログラム
WO2022190344A1 (fr) Système et procédé de paiement par mandataire
JP6828311B2 (ja) 情報処理システム、情報処理装置及びプログラム
WO2022190345A1 (fr) Système et procédé
WO2022185542A1 (fr) Dispositif serveur, terminal, système, procédé de commande de serveur et support de stockage
JP7458270B2 (ja) ユーザ認証支援装置
WO2024095373A1 (fr) Dispositif de serveur, système, procédé de commande de dispositif de serveur et support de stockage

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20951458

Country of ref document: EP

Kind code of ref document: A1

ENP Entry into the national phase

Ref document number: 2022545002

Country of ref document: JP

Kind code of ref document: A

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 20951458

Country of ref document: EP

Kind code of ref document: A1