WO2022092266A1 - 情報処理装置 - Google Patents

情報処理装置 Download PDF

Info

Publication number
WO2022092266A1
WO2022092266A1 PCT/JP2021/040032 JP2021040032W WO2022092266A1 WO 2022092266 A1 WO2022092266 A1 WO 2022092266A1 JP 2021040032 W JP2021040032 W JP 2021040032W WO 2022092266 A1 WO2022092266 A1 WO 2022092266A1
Authority
WO
WIPO (PCT)
Prior art keywords
user
authentication
telephone number
server
information processing
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/JP2021/040032
Other languages
English (en)
French (fr)
Japanese (ja)
Inventor
秀典 大西
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Media4u Inc
Original Assignee
Media4u Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Media4u Inc filed Critical Media4u Inc
Priority to JP2022559261A priority Critical patent/JP7791100B2/ja
Publication of WO2022092266A1 publication Critical patent/WO2022092266A1/ja
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints

Definitions

  • the present invention relates to an information processing device.
  • the present invention has been made in view of such a situation, and an object of the present invention is to ensure identity verification while preventing fraudulent acts during personal authentication.
  • the information processing apparatus is A user management means that manages a user and a telephone number of a user terminal operated by the user in association with each other.
  • a biometric authentication result acquisition means for acquiring the authentication result of a predetermined biometric authentication applied to the user, If the authentication result is successful, a short message transmission control means for executing control to transmit a short message to the telephone number as a destination, and To prepare for.
  • identity verification can be reliably performed while preventing fraudulent acts during personal authentication.
  • FIG. 1 shows an example of the system structure of the information processing system including the server which is embodiment of the information processing apparatus of this invention. It is a block diagram which shows an example of the hardware composition of the API server among the information processing system shown in FIG. It is a block diagram which shows an example of the functional configuration of each server of the information processing system of FIG. It is a flowchart which shows the operation of the API server which has the functional configuration of FIG. It is a figure which shows the operation of the information processing system of FIG. It is a sequence diagram which shows the behavior of the information processing system of FIG. It is a figure which shows the operation example by the configuration of the modification example which replaced the IVR server of the information processing system of FIG. 1 with a BA server. It is a figure which shows the operation example by another configuration of the information processing system of FIG. 1 (an example of sending presentation information such as a telephone number to SMS authentication of a second stage).
  • FIG. 1 an example of sending presentation information such as a telephone number to SMS authentication of a second stage.
  • FIG. 1 is a diagram showing an example of a system configuration of an information processing system including a server according to an embodiment of the information processing apparatus of the present invention.
  • the information processing system shown in FIG. 1 is configured to include an A system server 1, an API server 2, an IVR server 3, and a user terminal 4.
  • the A system server 1, the API server 2, the IVR server 3, and the user terminal 4 are connected to each other so as to be able to communicate with each other via a predetermined network N such as the Internet.
  • a system server 1 is a system that requires authentication when logging in or the like.
  • the A system server 1 itself may have another authentication method and request the API server 1 for multi-factor authentication, or the A system server 1 itself may not have an authentication mechanism and may request the first-stage authentication.
  • the API server 2 is an information processing device on the system side managed by a service provider, and has a function of controlling authentication in a plurality of stages (a function of requesting voiceprint authentication, an SMS distribution function, etc.).
  • the API server 2 is a server capable of safely communicating with the A system server 1, the IVR server 3, and the user terminal 4.
  • the IVR server 3 makes a call (outbound call) to the authentication target (for example, the user terminal 4 or the like), guides the other party (user) who picked up the call with a recorded voice or the like, and inputs the passphrase by utterance. It is determined whether the voice is the same as that of the main voice registered in advance. Voiceprint authentication is used for this determination, not just comparison of voice data.
  • the user terminal 4 is an information processing device operated by the user U, and is composed of, for example, a personal computer, a tablet, or the like.
  • the user terminal 4 includes, for example, a monitor and a speaker. If the user terminal 4 is, for example, a smartphone or the like, it is provided with a touch panel.
  • the user U shall register the feature points (voiceprints) of his / her voice in the IVR server 3 in advance.
  • FIG. 2 is a block diagram showing an example of the hardware configuration of the API server in the information processing system shown in FIG.
  • the API server 2 inputs a CPU (Central Processing Unit) 11, a ROM (Read Only Memory) 12, a RAM (Random Access Memory) 13, a bus 14, an input / output interface 15. It includes a unit 16, an output unit 17, a storage unit 18, a communication unit 19, and a drive 20.
  • a CPU Central Processing Unit
  • ROM Read Only Memory
  • RAM Random Access Memory
  • the CPU 11 executes various processes according to the program recorded in the ROM 12 or the program loaded from the storage unit 18 into the RAM 13. Data and the like necessary for the CPU 11 to execute various processes are also appropriately stored in the RAM 13.
  • the CPU 11, ROM 12 and RAM 13 are connected to each other via the bus 14.
  • An input / output interface 15 is also connected to the bus 14.
  • An input unit 16, an output unit 17, a storage unit 18, a communication unit 19, and a drive 20 are connected to the input / output interface 15.
  • the output unit 16 is composed of a display such as a liquid crystal display, a speaker, or the like, and outputs various information as images or sounds.
  • the input unit 17 includes, for example, a keyboard, a mouse, and the like, as well as a touch panel and the like in a smartphone, for example, and various information is input to the input unit 17.
  • the storage unit 18 is composed of a DRAM (Dynamic Random Access Memory) or the like, and stores various data.
  • the communication unit 19 communicates with other information processing devices (for example, the A system server 1, the IVR server 3, the user terminal 4, etc. in FIG. 1) via the network N including the Internet.
  • a removable media 31 made of a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is appropriately mounted on the drive 20.
  • the program read from the removable media 31 by the drive 20 is installed in the storage unit 18 as needed. Further, the removable media 31 can also store various data stored in the storage unit 18 in the same manner as the storage unit 18.
  • the A system server 1, the IVR server 3, the user terminal 4, and the like in FIG. 1 also have basically the same configuration as the hardware configuration shown in FIG.
  • the hardware configuration of the A system server 1 corresponding to the hardware configuration of the API server 2 is the CPU 51, the communication unit 59, etc. in the functional configuration of FIG. 3 to be described later, and the description of other hardware configurations is omitted. do.
  • the hardware configuration of the IVR server 3 corresponding to the hardware configuration of the API server 2 is the CPU 71, the storage unit 78, the communication unit 79, etc. in the functional configuration of FIG. 3 to be described later, and other hardware configurations. The explanation of is omitted.
  • FIG. 3 is a block diagram showing an example of the functional configuration of each server of the information processing system of FIG. 1.
  • the authentication request unit 61 functions during the login process of the user U.
  • the authentication request unit 61 receives the login request from the user U via the user terminal 4, the authentication request unit 61 transmits the authentication request to the API server 2. Then, when the authentication result of the user U received from the API server 2 as a response to the authentication request is successful, the authentication request unit 61 permits the login of the user U who has made the login request.
  • the user management DB_Q is stored in the storage unit 18 of the API server 2.
  • information (user ID, etc.) that uniquely identifies the member user U and the telephone number of the user terminal 4 operated by the user U are stored in association with each other.
  • the user management DB_Q stores information about the member user U in association with the user ID.
  • the information about the member user U is, for example, a user ID which is identification information of the user U as a member, personal information such as a user U's name, date of birth, telephone number, and the like.
  • the authentication request receiving unit 41, the user management unit 42, the call request unit 43, the SMS transmission control unit 44, and the SMS are performed during the multi-step authentication process.
  • the authentication unit 45 functions.
  • the authentication request receiving unit 41 receives the authentication request transmitted by the A system server 1.
  • the user management unit 42 manages the user U in association with the telephone number of the user terminal 4 operated by the user U.
  • the user management unit 42 has a user ID of the user U and a SIM (Subscriber Identity Module) card or an e-SIM telephone assigned by the carrier (mobile carrier) of the mobile phone service to which the user U has subscribed. It is stored and managed in the user management DB_Q in association with the number.
  • the SIM card is assigned and stored contractor information for identifying a subscriber and an ID number (ICCID or the like) or a telephone number unique to the SIM card for specifying a telephone number.
  • the user management unit 42 receives the authentication request from the user management DB_Q, based on the user ID of the user U included in the authentication request, the user U and the user terminal operated by the user U. Obtain the telephone number of 4 and pass it to the call requesting unit 43.
  • the call requesting unit 43 acquires the authentication result of a predetermined biometric authentication (voiceprint authentication or the like) applied to the user U. Specifically, the call request unit 43 receives the telephone number acquired by the user management unit 42 in response to the authentication request, and transmits the call request including the telephone number and the user ID to the IVR server 3. The call request unit 43 acquires the authentication result of the voiceprint authentication performed on the user U by the voiceprint authentication unit 81 of the IVR server 3 as a response to the call request transmitted to the IVR server 3, and causes the SMS transmission control unit 44 to acquire the authentication result. hand over.
  • a predetermined biometric authentication voiceprint authentication or the like
  • SMS transmission control unit 44 executes control to transmit SMS (Short Massage Service) to the telephone number as the destination.
  • SMS transmission control unit 44 may use text information (for example, a one-time URL (Uniform Resource Locator), a PIN (Personal Identification Number), etc.) necessary for authenticating a user when the authentication result is successful. ) Is included in the SMS and the control for transmitting the telephone number as the destination is executed.
  • SMS is an abbreviation for "Short Message Service”. SMS has been available on mobile phones in Japan since 1997, and is a simple text that allows you to send the "sender's phone number,""text," and “sending date and time” within a preset number of bytes. It is a message service. In recent years, it has become possible to transmit not only text but also characters and the like.
  • the SMS authentication unit 45 attempts to authenticate the user U by a predetermined authentication method using text information such as a one-time URL or a PIN. As a result of the attempted authentication, when the user U accesses the one-time URL or the user U inputs the PIN, the SMS authentication unit 45 reports that the authentication result is successful in the A system server 1 and the user terminal. Return to 4. This makes it possible to log in to the A system server 1 from the user terminal 4.
  • a predetermined authentication method for example, there is a method of authenticating at the transition destination by clicking the link of the one-time URL included in the message (SMS), or inputting a PIN at the transition destination of the screen to authenticate.
  • the one-time URL is for the A system server 1, it is not necessary to send the result that the authentication result is successful to the A system server 1 and the user terminal 4, and the login from the user terminal 4 to the A system server 1 is performed. Will be possible.
  • the voiceprint DB_R is stored in the storage unit 78 of the IVR server 3.
  • the voiceprint of the voice (predetermined passphrase) registered by the user U registered as a member of the smartphone application or the predetermined website is stored in association with the user ID.
  • the voiceprint authentication unit 81 functions during the voiceprint authentication process.
  • the voiceprint authentication unit 81 acquires the voice data of the utterance when the person who makes a call to the telephone number and responds to the utterance speaks, and when the voice indicated by the voice data belongs to the user U, the user U To authenticate.
  • the voiceprint authentication unit 81 receives the call request transmitted from the call request unit 43 of the API server 2, calls to the telephone number included in the call request unit 43, and the person who answers the call. Acquires voice data (predetermined passphrase) when speaking.
  • the voiceprint authentication unit 81 extracts feature points (voiceprints) from the acquired voice data (predetermined passphrase), collates them with the voiceprints of the corresponding user U in the voiceprint DB_R, and when the voiceprints match each other, the said Authenticate user U.
  • the voiceprint authentication unit 81 returns the authentication result of authenticating the user U to the call request unit 43 of the API server 2 as a response to the authentication request.
  • FIG. 4 is a flowchart showing the operation of the API server having the functional configuration of FIG.
  • step S101 the user management unit 42 manages the user in association with the telephone number (number assigned by the mobile carrier) of the user terminal operated by the user.
  • step S102 the call request unit 43 acquires the authentication result of the voiceprint authentication performed on the user by the transmitted call request.
  • step S103 the SMS transmission control unit 44 executes control to transmit the SMS to the telephone number as the destination when the authentication result of the voiceprint authentication is successful.
  • FIG. 5 is a diagram showing the operation of the information processing system of FIG.
  • step S111 the user U transmits a login request to the A system server 1 via the user terminal 4.
  • the A system server 1 transmits the authentication request of the user U to the API server 2 in step S112.
  • the API server 2 Upon receiving the user U authentication request, the API server 2 transmits a call request including the user U's telephone number to the IVR server 3 in step S113.
  • the IVR server 3 executes a voiceprint authentication process by calling (calling) the user U in step S114 in response to the received call request.
  • the IVR server 3 sends a message prompting the speaker who received the call to utter a passphrase in the voiceprint authentication process by calling, and in step S115, the passphrase uttered by the speaker is acquired as voice data. do.
  • the IVR server 3 extracts characteristic data (voiceprint) from the acquired voice data, performs voiceprint authentication by collating it with a voiceprint registered in advance in the voiceprint DB_R, and in step S116, the test result of the voiceprint authentication is output to the API server. Notify 2.
  • the API server 2 transmits an SMS including a one-time URL to the telephone number of the user U in step S117.
  • the user terminal 4 When the user terminal 4 receives the SMS sent from the API server 2, the contents of the SMS are displayed on the screen of the user terminal 4.
  • the content of the SMS includes a one-time URL.
  • the user U clicks the one-time URL included in the SMS contents of the screen of the user terminal 4, the user U can log in to the A system server 1 in step S118.
  • the voiceprint authentication for the first-stage authentication and the SMS authentication for the second-stage authentication in this way, it is possible to reliably perform personal authentication while preventing fraudulent activities.
  • FIG. 6 is a sequence diagram showing the behavior of the information processing system of FIG.
  • step S121 the user terminal 4 transmits some request such as a login request including a user ID to the A system server 1.
  • step S122 the A system server 1 receives a request from the user U (retrieve_phone), and in step S123, the user U's authentication request (outh_request) is transmitted to the API server 2.
  • the API server 2 Upon receiving the user U authentication request, the API server 2 requests the IVR server 3 (test_offer) for a telephone call test of the user U in step S124.
  • the IVR server 3 When the IVR server 3 receives a call test request (request including the telephone number of the user U) by telephone (retrieve_feature), the voiceprint authentication function by calling the user U in step S125 in response to the request (retrieve_feature). (-> Features) is operated. As a result, the voiceprint authentication function calls (outbound-call) to the user terminal 4 of the user U in step S126.
  • the voiceprint authentication function sends a message prompting the speaker who has received the receiving operation to utter a passphrase.
  • the speaker returns a passphrase to the message in step S127, the spoken passphrase is acquired as voice data.
  • the voiceprint authentication function extracts feature points (voiceprints) from the acquired voice data, and in step S128, performs voiceprint authentication (test) by collating with the voiceprint registered in the voiceprint DB_R in advance, and steps S129. , The test result is transmitted to the API server 2 (send).
  • the API server 2 transmits an SMS including a one-time URL to the telephone number of the user U in step S130 (SMS).
  • the user terminal 4 When the user terminal 4 receives the SMS sent from the API server 2, the contents of the SMS are displayed on the screen of the user terminal 4.
  • the content of the SMS includes a one-time URL.
  • the user terminal 4 When the one-time URL included in the SMS content of the screen of the user terminal 4 is clicked by the user U, the user terminal 4 transmits a URL authentication request (request) to the A system server 1 in step S131.
  • the A system server 1 Upon receiving the authentication request from the user terminal 4, the A system server 1 checks the validity of the one-time URL included in the authentication request in step S132, and if the one-time URL is correct, the A system server 1 Allow login to 1.
  • voiceprint authentication is used for the first stage authentication and SMS authentication is used for the second stage authentication to ensure personal authentication while preventing fraudulent activities. It can be carried out.
  • the information processing system of the present embodiment can produce the following effects.
  • voiceprint authentication three authentications are performed in succession by performing an action on the SMS message sent to the registered phone number, so although there is a track record of being broken by SMS authentication alone, such The issue of authentication vulnerability can also be cleared.
  • the incoming call and the arrival of the SMS do not seem to be a necessary condition for authentication to the user U, the user U can easily accept the call without feeling troublesome.
  • the scheme of sending SMS after voice authentication also has the following merits as a by-product.
  • voice authentication is often performed on a different channel (for example, an interactive format using a telephone line) from a system (smartphone application or website) that requires authentication.
  • a system for example, a system that requires authentication.
  • voice authentication it is necessary to route the status that the user is currently authenticating, receive the completion of voice authentication (HOOK, etc.) in some way, and change the status.
  • HOOK completion of voice authentication
  • the method of sending a URL that also serves as SMS authentication immediately after the voiceprint authentication is completed allows the user U to tap the URL and return the channel to a form that is easy for the system to handle, such as an application or a website. So it is rational.
  • the A system server 1 that requires authentication only needs to be preset with parameters such as accessing this URL after authentication is completed. Therefore, since it is not necessary to interact with the authentication mechanism such as API server 2 or IVR server 3 after authentication, it can be operated separately on the system, and it can be used for various service forms via the network regardless of the system form. It will be possible to use it.
  • FIG. 7 is a diagram showing an operation example according to the configuration of a modified example in which the IVR server of the information processing system of FIG. 1 is replaced with a BA server.
  • the BA server is an information processing device for face recognition, and feature data (information for face recognition) of each face of one or more students is stored in advance in correspondence with the user ID of the user terminal 4. It includes a database and a CPU that functions as a face recognition unit during face recognition.
  • step S141 the user U is, for example, a student taking a lesson, and sends an attendance confirmation request to the A system server 1 via the user terminal 4.
  • the A system server 1 receives a login request including a user ID from the user U
  • the system server 1 transmits the authentication request of the user U to the API server 2 in step S142.
  • the API server 2 reads out the user U telephone number corresponding to the user ID included in the authentication request, and in step S143, the BA server 5 issues a shooting start request including the user U telephone number. Send to.
  • the face recognition unit responds to the received shooting start request by using a camera provided in the terminal, a Web camera connected to the terminal, or the like with respect to the user terminal 4 in step S144. Sends a shooting start control command to control the start of shooting.
  • the user terminal 4 When the user terminal 4 receives the shooting start control command transmitted from the BA server 5, the user terminal 4 activates the camera to start shooting, and in step S145, the user terminal 4 transmits the image shot by the camera to the BA server 5. ..
  • the face recognition unit extracts the feature data of the face part from the image data sent from the user terminal 4 and collates it with the feature data of the face part of the student registered in the database in advance. Then, the face of the user U captured by the user terminal 4 of the image transmission source is authenticated (whether or not the person with the face of the captured image is a student who manages the user terminal 4), and in step S146, Notify the API server 2 of the face recognition test result.
  • the API server 2 transmits the SMS including the one-time URL to the telephone number of the user U in step S147.
  • the user terminal 4 When the user terminal 4 receives the SMS sent from the API server 2, the contents of the SMS are displayed on the screen of the user terminal 4.
  • the content of the SMS includes a one-time URL.
  • the system server 1 A attends the attendance book assuming that the student as the user U has "attended” in step S148. Store in (log).
  • the user U accesses and logs in to the web page of the class that the A system server 1 discloses to the members, and then designates the camera of the user terminal 4 operated by the user U on the web page. Then request the API server 2 for authentication.
  • the API server 2 requests the BA server 5 for face authentication based on the request, and the BA server 5 receives the request for face authentication and includes the user U as a subject by the Web camera provided in the user terminal 4. An image is taken, and the face recognition of the user U is performed based on the obtained image.
  • the BA server 5 sends an SMS to the user terminal 4, and the user U clicks the link included in the content of the SMS displayed on the user terminal 4, and the attendance is confirmed. do. That is, by using face authentication for the first stage authentication and SMS authentication for the second stage authentication, it is possible to surely confirm the attendance of the student himself / herself while preventing fraudulent acts such as impersonation.
  • FIG. 8 is a diagram showing an operation example (an example of sending presentation information such as a telephone number to the second stage SMS authentication) according to another configuration of the information processing system of FIG.
  • the A system server 1 shall provide a telephone number display service, and the API server 2 previously obtains the user ID of the user U and information that the user U wants to view, such as a telephone number. It shall be associated and stored in the user management DB_Q.
  • step S151 the user U transmits a request for viewing the telephone number registered in advance in the A system server 1 to the A system server 1 via the user terminal 4.
  • the A system server 1 receives a request from the user U, the A system server 1 transmits the authentication request of the user U to the API server 2 in step S152.
  • the API server 2 Upon receiving the user U authentication request, the API server 2 transmits a call request including the user U's telephone number to the IVR server 3 in step S153.
  • step S154 the IVR server 3 executes a voiceprint authentication process by calling (calling) the user U in response to the received call request.
  • the IVR server 3 sends a voice message urging the speaker who received the call to utter a passphrase, and in step S155, the passphrase uttered by the speaker is used as voice data. get.
  • the IVR server 3 extracts feature points (voiceprints) from the acquired voice data, performs voiceprint authentication by collating with the voiceprint registered in the voiceprint DB_R in advance, and in step S156, the test result of the voiceprint authentication is output to the API server. Notify 2.
  • the API server 2 transmits an SMS addressed to the telephone number of the user U in step S157.
  • the user terminal 4 When the user terminal 4 receives the SMS sent from the API server 2, the contents of the SMS are displayed on the screen of the user terminal 4.
  • the content of the SMS includes a telephone number registered in advance by the user U.
  • the telephone number of the destination to which the SMS is sent and the telephone number included in the content of the SMS may be the same or different. Further, in this example, the information that the user U wants to view is used as the telephone number, but other information may be used. Specifically, the information to be inserted in the SMS message is, for example, the information that the service provider wants to inform only to the user U (in the case of an inquiry to a financial institution, the telephone number of the contact person specializing in inquiries, the deadline of the transfer date and time, etc. The information to be inserted into the SMS message is information that the user U registered in the API server 2 (system side) in advance does not want others to know (password or other confidential information). Etc.) etc.
  • the telephone number desired by the user U can be confirmed, and this telephone number may be used by the A system server 1.
  • the user U wants to browse while surely performing the authentication as the user U himself / herself.
  • Information can be viewed.
  • the telephone number of the telephone of another specialized contact person is put on the SMS. Therefore, it is possible to guide the customer smoothly and to inform the customer of the deadline of the transfer date and time and the transfer amount.
  • the present invention is not limited to the above-described embodiment, and modifications, improvements, etc. within the range in which the object of the present invention can be achieved are included in the present invention.
  • biometric authentication an example of performing voiceprint authentication and face authentication (image authentication) is exemplified, but other than this, voice authentication, fingerprint authentication, retinal authentication, vein authentication, etc., which are not limited to voiceprints, are used.
  • biometric authentication is sufficient.
  • the SMS includes the one-time URL and is transmitted to the user terminal 4 and the user U is made to click the one-time URL or the like is illustrated. By transitioning the screen of No.
  • the user U inputs the PIN to the displayed screen (input box or the like).
  • the SMS includes the predetermined telephone number and is transmitted to the user terminal 4, the link of the predetermined telephone number is displayed on the screen displayed on the user terminal 4, and the link is clicked by the user U.
  • the user terminal 4 may be controlled to make a call to a predetermined telephone number, or any control may be performed after the SMS is received by the user terminal 4.
  • the two information processing devices API server and IVR server 3 connected to the network N cooperate to perform the authentication process in response to the authentication request from the A system server 1.
  • the authentication procedure may be separated and the authentication function may be realized by three or more information processing devices.
  • the SMS message is sent by including the one-time URL and PIN as text information, but in addition, the message may be sent by including the telephone number of a specialized contact person, and the message is notified only to the user. It suffices to include the information you want or the information you do not want others to know.
  • the series of processes described above can be executed by hardware or software.
  • the functional configuration of FIG. 3 is merely an example and is not particularly limited. That is, it suffices if the system is provided with a function capable of executing the above-mentioned series of processes as a whole, and what kind of functional block is used to realize this function is not particularly limited to the example of FIG.
  • the location of the functional block and the database is not particularly limited to FIG. 3, and may be arbitrary.
  • at least a part of the functional block and the database necessary for executing various processes may be transferred to a user terminal or the like.
  • the functional block of the user terminal and the database may be transferred to a server or the like.
  • one functional block may be configured by a single hardware, a single software, or a combination thereof.
  • a program constituting the software is installed in a computer or the like from a network or a recording medium.
  • the computer may be a computer embedded in dedicated hardware. Further, the computer may be a computer capable of executing various functions by installing various programs, for example, a general-purpose smartphone or a personal computer in addition to a server.
  • the recording medium including such a program is not only composed of removable media (not shown) distributed separately from the main body of the device in order to provide the program to the user or the like, but also is preliminarily incorporated in the main body of the device of the user. It is composed of a recording medium or the like provided to the above.
  • the steps for describing a program to be recorded on a recording medium are not only processed in chronological order but also in parallel or individually, even if they are not necessarily processed in chronological order. It also includes the processing to be executed.
  • the term of the system means an overall device composed of a plurality of devices, a plurality of means, and the like.
  • the information processing system to which the present invention is applied suffices to have the following configuration, and can take various embodiments.
  • the information processing apparatus to which the present invention is applied is A user management means (for example, the user management unit 42 in FIG. 3) that manages the user (identification information for specifying) in association with the telephone number (number assigned by the mobile carrier) of the user terminal operated by the user.
  • a user management means for example, the user management unit 42 in FIG. 3 that manages the user (identification information for specifying) in association with the telephone number (number assigned by the mobile carrier) of the user terminal operated by the user.
  • Biometric authentication result acquisition means for example, call requesting unit 43 in FIG. 3
  • a message transmission control means for example, the SMS transmission control unit 44 in FIG. 3 that executes control to transmit a message addressed to the telephone number (for example, a message of SMS: Short Massage Service) is executed. Etc.) and To prepare for.
  • biometric authentication for example, voiceprint authentication
  • authentication by a message addressed to the telephone number is performed in the second stage after the biometric authentication.
  • a voice authentication means that acquires the voice data of the utterance when a person who makes a call to the telephone number and responds to the utterance, and authenticates the user when the voice indicated by the voice data belongs to the user.
  • the biometric authentication result means (for example, the call request unit 43 or the like in FIG. 3) acquires the authentication result by the voice authentication means (voiceprint authentication unit 81 or the like).
  • the voice authentication means for authenticating the user for example, the sound pattern in FIG. 3
  • the bio-authentication result means for example, the call request unit 43 etc. in FIG. 3
  • the voice authentication means for example, the voiceprint authentication unit 82 etc.
  • the message transmission control means (for example, the SMS transmission control unit 44 in FIG. 3) is If the authentication result is successful, the control is executed to include the text information (for example, one-time URL, PIN, etc.) necessary for authenticating the user in the message and send the telephone number as the destination.
  • the information processing device (for example, API server 2 in FIG. 3) is A message authentication means (for example, SMS authentication unit 45 in FIG. 3) that attempts to authenticate the user by a predetermined authentication method using the text information (for example, one-time URL or PIN). Further prepare.
  • the text information for example, one-time URL, PIN, etc.
  • the information processing device executes the control of transmitting the telephone number as the destination, and tries to authenticate the user U with the text information, so that the text information can be, for example, a one-time URL or PIN.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Telephonic Communication Services (AREA)
PCT/JP2021/040032 2020-11-02 2021-10-29 情報処理装置 Ceased WO2022092266A1 (ja)

Priority Applications (1)

Application Number Priority Date Filing Date Title
JP2022559261A JP7791100B2 (ja) 2020-11-02 2021-10-29 情報処理装置

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2020-183732 2020-11-02
JP2020183732 2020-11-02

Publications (1)

Publication Number Publication Date
WO2022092266A1 true WO2022092266A1 (ja) 2022-05-05

Family

ID=81384020

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2021/040032 Ceased WO2022092266A1 (ja) 2020-11-02 2021-10-29 情報処理装置

Country Status (2)

Country Link
JP (1) JP7791100B2 (https=)
WO (1) WO2022092266A1 (https=)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2024149810A (ja) * 2022-12-07 2024-10-18 日本電気株式会社 プログラム、サービスサーバ、端末の制御方法及びサービスサーバの制御方法

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2003044445A (ja) * 2001-08-02 2003-02-14 Matsushita Graphic Communication Systems Inc 認証システム、サービス提供サーバ装置および音声認証装置並びに認証方法

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2003044445A (ja) * 2001-08-02 2003-02-14 Matsushita Graphic Communication Systems Inc 認証システム、サービス提供サーバ装置および音声認証装置並びに認証方法

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2024149810A (ja) * 2022-12-07 2024-10-18 日本電気株式会社 プログラム、サービスサーバ、端末の制御方法及びサービスサーバの制御方法
JP7711820B2 (ja) 2022-12-07 2025-07-23 日本電気株式会社 プログラム、サービスサーバ、端末の制御方法及びサービスサーバの制御方法

Also Published As

Publication number Publication date
JP7791100B2 (ja) 2025-12-23
JPWO2022092266A1 (https=) 2022-05-05

Similar Documents

Publication Publication Date Title
JP6920703B2 (ja) アクセスデバイス
US20200210988A1 (en) System and method for authentication of a mobile device
US9967747B2 (en) Determining identity of individuals using authenticators
US8516562B2 (en) Multi-channel multi-factor authentication
US8006291B2 (en) Multi-channel multi-factor authentication
US8572701B2 (en) Authenticating via mobile device
US20150082390A1 (en) Method and a system for secure login to a computer, computer network, and computer website using biometrics and a mobile computing wireless electronic communication device
EP1847941A2 (en) Method and system afor resetting passwords
US12174991B2 (en) Systems and methods for data access control of personal user data using a short-range transceiver
US20170339136A1 (en) Multiple user authentications on a communications device
CN113273133A (zh) 用于通信通道交互期间的自动认证的令牌管理层
JP2021174528A (ja) 短距離トランシーバを使用したデータアクセス制御のためのシステムおよび方法
JP7834716B2 (ja) 短距離トランシーバを介した検証済みメッセージングのためのシステムおよび方法
KR101762615B1 (ko) 사용자의 이용패턴 분석을 활용한 본인 인증 시스템 및 사용자 단말
AU2018101656A4 (en) A System and Method for Facilitating the Delivery of Secure Hyperlinked Content via Mobile Messaging
US20080301788A1 (en) Identity assertion
EP2560122B1 (en) Multi-Channel Multi-Factor Authentication
US10841306B2 (en) System for authentication center
WO2022092266A1 (ja) 情報処理装置
JP4552797B2 (ja) 電話番号の登録・認証システム,方法,認証サーバおよびプログラム
CN110138712A (zh) 身份认证方法、装置、介质、机器人及系统
US10855666B2 (en) Alternate user communication handling based on user identification
GB2547885A (en) Establishing a communication session
US10387641B2 (en) Secure multiple-party communication and data orchestration
Lupu Securing web accounts by graphical password and voice notification

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 21886383

Country of ref document: EP

Kind code of ref document: A1

ENP Entry into the national phase

Ref document number: 2022559261

Country of ref document: JP

Kind code of ref document: A

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 21886383

Country of ref document: EP

Kind code of ref document: A1