WO2023062832A1 - Dispositif d'authentification, système d'authentification, procédé d'authentification et support lisible par ordinateur - Google Patents

Dispositif d'authentification, système d'authentification, procédé d'authentification et support lisible par ordinateur Download PDF

Info

Publication number
WO2023062832A1
WO2023062832A1 PCT/JP2021/038291 JP2021038291W WO2023062832A1 WO 2023062832 A1 WO2023062832 A1 WO 2023062832A1 JP 2021038291 W JP2021038291 W JP 2021038291W WO 2023062832 A1 WO2023062832 A1 WO 2023062832A1
Authority
WO
WIPO (PCT)
Prior art keywords
user
authentication
face
information
captured image
Prior art date
Application number
PCT/JP2021/038291
Other languages
English (en)
Japanese (ja)
Inventor
忠信 中山
Original Assignee
日本電気株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 日本電気株式会社 filed Critical 日本電気株式会社
Priority to PCT/JP2021/038291 priority Critical patent/WO2023062832A1/fr
Publication of WO2023062832A1 publication Critical patent/WO2023062832A1/fr

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints

Definitions

  • the present disclosure relates to authentication devices, authentication systems, authentication methods, and computer-readable media.
  • Patent Document 1 discloses a management device for a guardian to manage the use of services by a protected person.
  • user identification information for identifying a user who requests to use a service is registered in an approval confirmation server. Specifically, personal information including features of a face image is registered for each user. Further, the user identification information is set with information indicating whether or not the protected person requires approval from other users.
  • the driver monitoring camera captures the face image of the operator who requested the service.
  • the authorization verification server identifies the user by features of the operator's facial image. Then, when it is determined that the operator is a protected person who needs approval from another user, the camera captures the face image of the fellow passenger in the vehicle. If the face image of the passenger identifies the passenger as the guardian, the server transmits authentication success.
  • the driver monitoring camera captures the face image of the protected person and the face image of the guardian. Then, the server performs authentication based on the features of each face image. In other words, authentication can be performed by capturing the proxy image of the proxy who is the guardian as the principal image of the minor.
  • the management device disclosed in Patent Document 1 may not be able to properly perform authentication by a person other than the person himself/herself.
  • the purpose of the present disclosure is to provide an authentication device, an authentication system, an authentication method, and a computer-readable medium capable of appropriately performing authentication by a person other than the person themselves.
  • An authentication device includes registration means for associating and registering first registration information based on a face image of a first user and second registration information based on a face image of a second user; Acquisition means for acquiring imaged image information of an imaged image of the second user, and authentication means for comparing the imaged image information with the first registered information and the second registered information and performing authentication based on the comparison result and have.
  • An authentication system is an authentication system including a face authentication terminal and an authentication device that performs authentication in response to a face authentication request from the face authentication terminal, wherein the face authentication terminal is a first user a camera for capturing an image of a second user together with a photograph of the authentication device, and the authentication device includes acquisition means for acquiring captured image information corresponding to the captured image of the camera; and first registration information based on the face image of the first user; Registration means for registering in association with second registration information based on a face image of a second user, and comparing the captured image information with the first registration information and the second registration information, and performing authentication based on the comparison result. and authentication means.
  • a computer associates and registers first registration information based on a face image of a first user and second registration information based on a face image of a second user, and registers a photograph of the first user.
  • captured image information of a captured image of the second user is acquired, the captured image information is compared with the first registered information and the second registered information, and authentication is performed based on the comparison result.
  • a non-temporary computer-readable medium includes a process of associating and registering first registration information based on a face image of a first user and second registration information based on a face image of a second user; A process of acquiring captured image information of a captured image of the second user together with a photograph of one user, comparing the captured image information with the first registered information and the second registered information, and performing authentication based on the comparison result. It contains a program that causes the computer to execute the process to be performed.
  • an authentication device and an authentication system that can appropriately perform authentication by a person other than the person himself/herself.
  • An authentication method and computer readable medium can be provided.
  • FIG. 1 is a block diagram showing the configuration of an authentication device according to Embodiment 1;
  • FIG. 2 is a block diagram showing the configuration of an authentication system according to a second embodiment;
  • FIG. It is a block diagram which shows the structure of an authentication apparatus.
  • FIG. 4 is a diagram schematically showing a registered image;
  • FIG. 2 is a block diagram showing the configuration of a face authentication terminal;
  • FIG. It is a figure which shows a captured image typically.
  • It is a flow chart which shows registration processing. 4 is a flowchart showing authentication processing;
  • FIG. 11 is a block diagram showing the configuration of an authentication device according to a third exemplary embodiment;
  • FIG. FIG. 11 is a schematic diagram showing a photograph of a state image used in Embodiment 3;
  • FIG. 11 is a schematic diagram showing a captured image P2 in Embodiment 3;
  • an authentication device that performs proxy authentication with the first user as the principal and the second user as the proxy will be described.
  • the first user is an elderly person, a sick person, or the like
  • the second user is a family member such as a child, spouse, siblings, or the like.
  • the first user is a minor and the second user is a guardian such as a parent.
  • the first user is a sick person such as a dementia patient, he/she cannot operate the face authentication terminal that performs face authentication.
  • the first user and the second user may be far away.
  • the second user authenticates as a proxy for the first user.
  • the second user authenticates as a proxy of the first user (hereinafter also referred to as proxy authentication or proxy authentication). By doing so, submission of a power of attorney can be omitted.
  • FIG. 1 is a block diagram showing an authentication device 1 according to this embodiment.
  • the authentication device 1 includes a registration section 2 , an acquisition section 3 and an authentication section 4 .
  • the registration unit 2 associates and registers the first registration information based on the face image of the first user and the second registration information based on the face image of the second user.
  • the acquisition unit 3 acquires captured image information of a captured image of the second user together with the photograph of the first user.
  • the authentication unit 4 compares the captured image information with the first registration information and the second registration information, and performs authentication based on the comparison result. By doing so, it is possible to appropriately perform authentication by a person other than the person himself/herself.
  • the authentication device 1 includes a processor, memory, and storage device (not shown). Further, the storage device stores a computer program in which processing of the image providing method according to the present embodiment is implemented. Then, the processor loads the computer program from the storage device into the memory and executes the computer program. Thereby, the processor implements the functions of the registration unit 2 , the acquisition unit 3 , and the authentication unit 4 .
  • the registration unit 2, the acquisition unit 3, and the authentication unit 4 may each be realized by dedicated hardware.
  • part or all of each component of each device may be realized by general-purpose or dedicated circuitry, processors, etc., or combinations thereof. These may be composed of a single chip, or may be composed of multiple chips connected via a bus. A part or all of each component of each device may be implemented by a combination of the above-described circuits and the like and programs.
  • CPU Central Processing Unit
  • GPU Graphics Processing Unit
  • FPGA field-programmable gate array
  • each component of the authentication device 1 when a part or all of each component of the authentication device 1 is realized by a plurality of information processing devices, circuits, etc., the plurality of information processing devices, circuits, etc. may be centrally arranged or distributed. may be placed.
  • the information processing device, circuits, and the like may be implemented as a form in which each is connected via a communication network, such as a client-server system, a cloud computing system, or the like.
  • the functions of the authentication device 1 may be provided in a SaaS (Software as a Service) format.
  • FIG. 2 is a block diagram showing the configuration of the authentication system 1000 according to this embodiment.
  • user U1 designates user U2 as a proxy
  • user U2 authenticates as a proxy for user U1
  • user U2 has a photograph P1 in which user U1 is photographed.
  • the authentication system 1000 includes an authentication device 100, a registration terminal 200, and a face authentication terminal 300.
  • the authentication device 100, the registration terminal 200, and the face authentication terminal 300 are connected via a network N. It does not matter whether the network N is wired or wireless, and regardless of the type of communication protocol.
  • the authentication system 1000 is a biometric authentication system that performs authentication using face images.
  • the registration terminal 200 is a device for registering a face image in the authentication device 100.
  • the registration terminal 200 transmits face images of the user U1 and the user U2 to the authentication device 100 .
  • the registration terminal 200 is an information processing device such as a personal computer, a smart phone, or a tablet terminal.
  • the registration terminal 200 may include a camera for capturing face images and a storage device for storing face images.
  • the registration terminal 200 has a communication interface for transmitting face images.
  • the registration terminal 200 may be the same device as the face authentication terminal 300 described later. Also, the registration terminal 200 may be a device having functions equivalent to those of the face authentication terminal 300 .
  • the authentication device 100 is an information processing device that stores facial feature information of multiple users. In addition, in response to a face authentication request received from the outside, the authentication device 100 compares the face image or face feature information included in the request with the face feature information of each user, and requests the matching result (authentication result). Reply to original.
  • FIG. 3 is a block diagram showing the configuration of the authentication device 100 according to the second embodiment.
  • Authentication device 100 includes face information DB (DataBase) 110 , face detection section 120 , feature point extraction section 130 , registration section 140 , authentication section 150 and acquisition section 170 .
  • the acquisition unit 170 acquires captured images, registered images, and the like, which will be described later.
  • the acquisition unit 170 has a communication interface and the like.
  • the face information DB 110 associates and stores the user ID 111 and the face feature information 112 of the user ID.
  • the facial feature information 112 is a set of feature points extracted from the facial image. Note that the authentication device 100 may delete the facial feature information 112 in the facial feature DB 110 at the request of the registered user of the facial feature information 112 . Alternatively, the authentication device 100 may delete the facial feature information 112 after a certain period of time has passed since it was registered.
  • the face detection unit 120 detects a face area included in a registered image for registering facial feature information and outputs it to the feature point extraction unit 130 .
  • Feature point extraction section 130 extracts feature points from the face area detected by face detection section 120 and outputs facial feature information to registration section 140 . Further, feature point extraction section 130 extracts feature points included in the face image received from face authentication terminal 300 and outputs face feature information to authentication section 150 .
  • the registration unit 140 newly issues a user ID 111 when registering facial feature information.
  • the registration unit 140 associates the issued user ID 111 with the facial feature information 112 extracted from the registered image and registers them in the facial information DB 110 .
  • the facial feature information 112 is registered information based on the user's facial image. For example, the facial feature information of the user U1 is set as the first registered information, and the facial feature information of the user U2 is set as the second registered information.
  • the registration unit 140 associates the facial feature information of the user U1 with the facial feature information of the user U2 and registers them in the facial information DB 110. That is, the registration unit 140 registers the facial feature information of the user U1 and the facial feature information of the user U2 as a set.
  • the registration unit 140 issues the user ID 111 of the user U1. Furthermore, user U1 uses registration terminal 200 to transmit the face image of user U2 to authentication device 100 . At this time, user U1 can designate user U2 as a proxy. In this case, the registration unit 140 registers the user U2 as an agent of the user U1.
  • the user U1 uploads to the authentication device 100 not only the face image of the user U1, but also the face images of family members who act as agents.
  • user U1 may specify user U2's user ID 111, that is, user U1 selects user U2 as a proxy.
  • the registration unit 140 may associate the user U1 with the user U2.
  • the registration unit 140 may issue a user ID or an agent ID to the user U2.
  • FIG. 4 is a diagram schematically showing a registered image R1 of user U1 and a registered image R2 of user U2.
  • User U 1 transmits registered image R 1 and registered image R 2 from registration terminal 200 to authentication device 100 .
  • the registered image of the user U1 and the registered image of the user U2 are separate images in FIG. 3, they may be a single image.
  • the user U1 may specify the face area of the user U1 and the face area of the user U2 in one registered image.
  • the registration unit 140 associates the user ID 111 of the user U1 with the facial feature information of the user U2 and records it in the facial information DB 110 .
  • the facial feature information 112 of the user U2 is recorded as the facial feature information 112 of the agent of the user U1. Therefore, the registration unit 140 can associate and register the first registration information of the user U1 and the second registration information of the user U2. That is, in the face information DB, the second registration information of user U2 is associated with the first registration information of user U1.
  • the face feature information of the user U1 becomes the face feature information of the principal
  • the face feature information of the user U2 becomes the face feature information of the agent.
  • the authentication unit 150 performs face authentication using the facial feature information 112. Specifically, the authentication unit 150 collates the facial feature information extracted from the captured image with the facial feature information 112 in the facial information DB 110 . The authentication unit 150 returns to the face authentication terminal 300 whether or not the facial feature information matches. Whether the facial feature information matches or not corresponds to the success or failure of the authentication. Note that matching of facial feature information (matching) means a case where the degree of matching is equal to or greater than a predetermined value.
  • User U2 operates face authentication terminal 300 to perform proxy authentication. That is, face authentication terminal 300 accepts proxy authentication from user U2.
  • the face authentication terminal 300 includes a camera for capturing the face image of the user U2. For example, when the user U1 becomes demented, the user U2 performs face authentication as an agent of the user U1. Therefore, user U2 prepares a photograph of user U1 and performs proxy authentication using face authentication terminal 300 .
  • FIG. 5 is a block diagram showing the configuration of the face authentication terminal 300 according to the second embodiment.
  • the face authentication terminal 300 includes a camera 310 , a storage section 320 , a communication section 330 , an input/output section 340 and a control section 350 .
  • the face authentication terminal 300 is an information processing device such as a personal computer, smart phone, or tablet terminal.
  • the face authentication terminal 300 has the function of the registration terminal 200, the face authentication terminal 300 has a registration unit 352 for registering a registration image.
  • the camera 310 is an imaging device that performs imaging under the control of the control unit 350 .
  • Storage unit 320 is a storage device that stores a program for realizing each function of face authentication terminal 300 .
  • a communication unit 330 is a communication interface with the network N.
  • the input/output unit 340 includes a display device (display unit) such as a screen and an input device.
  • the input/output unit 340 may be, for example, a touch panel.
  • the control unit 350 controls hardware included in the face authentication terminal 300 .
  • the control unit 350 includes an imaging control unit 351 , a registration unit 352 , an authentication control unit 353 , a display control unit 354 and a reception unit 355 .
  • the imaging control unit 351 controls the camera 310 to capture an image.
  • the imaging control unit 351 controls the camera 310 to capture a captured image including the user U2.
  • the captured image is an image including at least the face area of each user U2.
  • the imaging control section 351 outputs the captured image to the authentication control section 353 . Also, if the face authentication terminal 300 is the registration terminal 200 that registers the registration images, the imaging control unit 351 captures the registration images R1 and R2.
  • the registration unit 352 transmits a face information registration request including the registered image to the authentication device 100 via the network N.
  • Authentication control unit 353 transmits a face authentication request including the captured image to authentication device 100 via network N.
  • the display control unit 354 receives various screen data from the authentication device 100 via the network N and displays the received screen data on the input/output unit 340 .
  • the accepting unit 355 accepts an operation on the input/output unit 340 by the user U2, and transmits operation information corresponding to the accepted operation to the authentication device 100 via the network N.
  • FIG. 6 is a diagram schematically showing the captured image P2 captured by the face authentication terminal 300.
  • FIG. 2 user U2 brings a photo P1 of user U1.
  • Camera 310 of face authentication terminal 300 captures user U2 holding photograph P1 of user U1.
  • Camera 310 captures user U2 along with photograph P1 of user U1.
  • the acquisition unit 170 acquires the captured image P2 as shown in FIG.
  • the captured image P2 includes the real user U2 and the user U1 in the photo P1.
  • the captured image P2 includes the face of the user U1 and the face of the user U2.
  • the photo P1 of the user U1 may be printed or displayed on a display.
  • the face authentication terminal 300 transmits the captured image P2 to the authentication device 100.
  • the authentication device 100 Upon receiving the captured image P2, the authentication device 100 performs image analysis processing on the captured image P2. Specifically, the face detection unit 120 detects the face areas of the users U1 and U2 included in the captured image P2.
  • the face of the user U2 is the real face
  • the face of the user U1 is the face shown in the photograph P1.
  • the feature point extraction unit 130 extracts feature points of the face image included in the face region.
  • the feature point extraction unit 130 extracts facial feature information of the faces of the users U1 and U2 by image-processing the captured image P2.
  • the facial feature information of the face included in the captured image P2 can be used as the captured image information.
  • the feature point extraction unit 130 may acquire facial feature information of the face included in the captured image P2 as the captured image information.
  • the feature point extraction unit 130 extracts facial feature information of two faces.
  • the authentication unit 150 compares the facial feature information extracted from the captured image P2 and the facial feature information stored in the facial information DB 110, and performs authentication based on the comparison result. Specifically, the authentication unit 150 collates the facial feature information extracted from the captured image P2 with the facial feature information 112 in the facial information DB 110 . Then, the authentication result is transmitted to the face authentication terminal 300 .
  • the captured image P2 includes the faces of the users U1 and U2.
  • the face information DB 110 also stores face feature information 112 of the face of the user U1 obtained from the registered image R1. Therefore, the face feature information of the user U1 in the captured image P2 matches the face feature information 112 of the user U1 stored in the face information DB 110 .
  • the face information DB 110 stores face feature information 112 of the face of the user U2 obtained from the registered image R2.
  • the face feature information of the user U2 in the captured image P2 and the face feature information 112 of the user U2 stored in the face information DB 110 match.
  • the face feature information of user U1 and user U2 are associated. That is, the facial feature information of the users U1 and U2 that are associated with each other matches the facial feature information obtained from the single captured image P2. Therefore, the authentication for user U1 is successful.
  • the authentication unit 150 transmits to the face authentication terminal 300 that the facial feature information matches, that is, that the proxy authentication for the user U1 has succeeded.
  • user U2 is authenticated as a proxy for user U1.
  • user U2 can access user U1's digital assets.
  • user U2 is authorized to use electronic value such as user U1's electronic points.
  • user U2 is authenticated as a proxy by bringing the photo P1 of user U1.
  • the face authentication terminal 300 does not have to image the real thing of the user U1.
  • the user U2 can be authenticated.
  • convenience can be improved. For example, even if user U1 is a sick person such as a patient with dementia, user U2 who is a family member can easily perform authentication. Even if user U1 is a minor who is far away, user U2 who is a guardian can easily perform authentication. Therefore, since the user U2 is authorized as an agent, the user U2 can perform procedures as an agent of the user U1.
  • FIG. 7 is a flowchart showing registration processing.
  • the authentication device 100 acquires the registration image R1 included in the face information registration request (S21). For example, the authentication device 100 receives a face information registration request from the registration terminal 200 via the network N.
  • FIG. Acquisition unit 170 acquires registration image R1 included in the face information registration request.
  • the face detection section 120 detects a face area included in the registered image R1 (S22). As a result, a face area containing the face of user U1 is extracted.
  • the feature point extraction unit 130 extracts feature points from the face area detected in step S22, and outputs face feature information to the registration unit 140 (S23).
  • the registration unit 140 issues the user ID 111, associates the user ID 111 with the facial characteristic information 112, and registers them in the facial information DB 110 (S24). Thereby, the facial feature information of the user U1 is recorded as the first registration information.
  • the authentication device 100 acquires a registered image R2 in which the user U2 is shown (S25).
  • the face detection unit 120 detects a face area included in the registered image R2 (S26).
  • a face area containing the face of user U2 is extracted.
  • the feature point extraction unit 130 extracts feature points from the face detected in step S26, and outputs facial feature information to the registration unit 140 (S27).
  • the facial feature information of the user U2 is recorded as the second registration information.
  • the registration unit 140 associates the facial feature information of the user U1 and the user U2 and registers them in the facial information DB 110 (S28). That is, the facial feature information of user U1 and the facial feature information of user U2 are linked.
  • the registration terminal 200 may perform at least part of the process of extracting facial feature information. Therefore, the registration terminal 200 may include the face detection section 120 and the feature point extraction section 130 .
  • the acquisition unit 170 may acquire facial feature information transmitted from the registration terminal 200 as registration information.
  • the order of processing is not limited to the order of the flow in FIG.
  • user U1 may transmit registered image R1 and registered image R2 at the same time.
  • user U1 may transmit one registered image including user U1 and user U2.
  • the authentication device 100 can perform face detection processing and facial feature information extraction processing for two faces in parallel. Further, the authentication device 100 may perform the process for the registered image R1 after the process for the registered image R2.
  • the user U1 may or may not specify which of the two face images is the proxy's face image. In other words, it is sufficient that two face images are associated in the face information DB 110 . Additionally, user U1 may register a legal power of attorney during registration. By doing so, user U2 can be designated as a legal representative, and user U2 can manage user U1's assets. Since submission of a power of attorney at the time of procedure can be omitted, convenience can be improved.
  • FIG. 8 is a flowchart showing authentication processing.
  • the face detection section 120 detects a face area (S32).
  • the face detection unit 120 detects face areas of all faces included in the captured image.
  • the face detection unit 120 detects the face of the real user U2 and the face area of the face of the user U1 in the photograph P1.
  • the feature point extraction unit 130 acquires facial feature information of each face (S33).
  • the authentication device 100 may receive facial feature information from the face authentication terminal 300 .
  • the authentication unit 150 collates the acquired facial feature information with the facial feature information 112 of the facial information DB 110 (S34). If there is no matching facial feature information, that is, if the degree of matching of the facial feature information is equal to or less than a predetermined value (No in S35), the authentication unit 150 returns a failure of the face authentication to the face authentication terminal 300 ( S40).
  • the authentication unit 150 identifies the user ID 111 of the user whose facial feature information matches (S36). .
  • the facial feature information of the user U1 matches the facial feature information 112 of the facial information DB 110.
  • FIG. The authentication unit 150 compares the facial feature information obtained from the captured image P2 with the facial feature information associated with the matching user (S37).
  • facial feature information of the face of the user U2 is used for comparison.
  • the authentication unit 150 performs verification using the facial feature information of the face of the matching face other than that of the user U1 in S35.
  • the authentication unit 150 If the degree of matching of one face feature information is equal to or less than a predetermined value (No in S38), the authentication unit 150 returns to the face authentication terminal 300 that face authentication has failed (S40). If the degree of matching of the facial feature information is equal to or higher than the predetermined value (Yes in S38), the authentication unit 150 replies to the face authentication terminal 300 to the effect that the face authentication was successful (S39).
  • step S38 the authentication unit 150 does not need to attempt matching with all the facial feature information 112 in the facial information DB 110.
  • the authentication unit 150 may read the facial feature information associated with the facial feature information of the specified user ID and perform verification. As a result, high-speed authentication processing can be performed.
  • the face detection section 120 may determine whether the two faces included in the captured image P2 are the real faces or the faces in the photograph P1.
  • the face detection unit 120 can function as a discrimination unit that discriminates between a real face and a photographic face in a captured image.
  • the authentication unit 150 preferentially compares the face of the photo P1. Then, the authentication unit 150 compares the facial feature information associated with the facial feature information that has been preferentially matched with the facial feature information of the real face. This makes it possible to speed up the authentication process.
  • the facial feature information of the face of the photograph P1 in the captured image P2 matches the facial feature information of the registered image R1 of the user U1 who is the principal, and the facial feature information of the real face in the captured image P2 is the proxy user U2.
  • the authentication unit 150 determines that the face authentication has succeeded. By doing so, it becomes possible to confirm the relationship between the principal and the agent. In other words, when user U1 is the principal and user U2 is registered as user U1's agent, authentication succeeds when the relationships match.
  • the facial feature information of the face of the photograph P1 in the captured image P2 matches the facial feature information of the registered image R2 of the user U2 who is the proxy, and the facial feature information of the real face in the captured image P2 is the person himself/herself.
  • the authentication unit 150 can make the authentication unsuccessful. In this way, by distinguishing between the real face and the photographic face in the captured image P2, it is possible to confirm the relationship between the principal and the agent. Further, the facial feature information of the face of the photograph P1 in the captured image P2 matches the facial feature information of the registered image R2 of the user U2 who is the proxy, and the facial feature information of the real face in the captured image P2 is the person himself/herself. If the facial feature information matches the registered image R1 of the user U1, the authentication device 100 may notify the user U2 to that effect. That is, the authentication device 100 notifies the user U2 that the authentication of the user U1, who is the principal, has been successful.
  • the user U2 who received the notification can decide whether or not to approve the authentication by the user U1.
  • the authentication device 100 determines that the authentication is successful. By doing so, the user U2 can confirm the procedure by the user U1.
  • the face detection unit 120 can determine whether the face is a photo face or a real face based on the size, position, shadow, etc. of the face in the captured image P2. Specifically, the face detection unit 120 can use the face with the larger size of the face region as the real face. Further, when the lighting direction is specified in the face authentication terminal 300, a shadow corresponding to the lighting direction is generated in the real object. Therefore, the face detection section 120 can perform determination based on the shadow of the captured image P2. Alternatively, the face detection section 120 may determine whether the face is a real object or a photograph according to the vertical position of the face in the captured image P2. Specifically, the face information DB 110 can identify the face relatively above as the real face and the face below as the photographed face.
  • the camera 310 of the face authentication terminal 300 may capture a plurality of captured images.
  • the face detection unit 120 can distinguish between a photographed face and a real face by comparing a plurality of captured images. For example, the face detection unit 120 can identify the face of a person with motion as a real face. Similarly, the face detection unit 120 can identify the face of a person who does not move as the face in the photograph.
  • the camera 310 of the face authentication terminal 300 may capture the captured image as a moving image. The face detection unit 120 can identify the face in the photograph by comparing the frame images of the moving image.
  • the face detection unit 120 may have a discrimination sensor.
  • the face detection unit 120 may use a stereo camera or a depth sensor to distinguish between a photographed face and a real face.
  • the face detection unit 120 may determine whether the face is a real face or a photographic face by changing the imaging direction of the camera. That is, in the face authentication terminal 300, two or more captured images are captured by moving the relative position of the camera 310 with respect to the user U2. The face detection unit 120 can reliably perform determination by comparing two or more captured images.
  • the face detection unit 120 may use a temperature sensor such as an infrared camera to determine whether the face is a real face or a photographed face.
  • the position where the photo P1 is to be taken on the face authentication terminal 300 may be specified.
  • the display control unit 354 causes the display to display a frame line for designating the position where the photograph P1 is to be photographed. This allows the face detection unit 120 to easily identify the face in the photograph.
  • At least part of the processing of the face detection unit 120 may be performed by the face authentication terminal 300.
  • the face authentication terminal 300 may transmit the captured image itself or a face image extracted from the captured image as the captured image information. That is, the acquisition unit 170 may acquire the captured image as the captured image information, or may acquire the face image of only the face region.
  • At least part of the processing of the feature point extraction unit 130 may be performed by the face authentication terminal 300.
  • the face authentication terminal 300 may transmit facial feature information as captured image information. That is, the acquisition unit 170 may acquire facial feature information as the captured image information. Furthermore, the captured image information may be information necessary for extracting facial feature information.
  • the user U1 may pass the registered image R1 to the user U2.
  • the photograph P1 included in the registered image R1 and the captured image P2 becomes the same face image.
  • the threshold for the degree of matching in step S35 can be set strictly. Therefore, successful authentication by others can be prevented, and authentication can be performed with higher accuracy.
  • the user U1 may register registered images of a plurality of users U2. That is, one user U2 may be associated with multiple users U2. For example, if user U1 is an elderly person with multiple children, user U1 can register each of the multiple children as a proxy. In this case, user U1 transmits registration images of a plurality of persons from registration terminal 200 to authentication device 100 . The second registration information of a plurality of users U2 is associated with the first registration information of one user U1.
  • the user U1 may transmit one or more registration images from the registration terminal 200 to the authentication device 100.
  • one registered image including the user U1 and a plurality of users U2 may be uploaded to the authentication device 100.
  • FIG. it is also possible to register a plurality of users U2 with separate registration images.
  • the authority after successful authentication may be changed for each user U2.
  • the number of matching users U2 may be set in the authentication device 100 as a condition for successful authentication. For example, only the case where all the users U2 match may be the condition for authentication success, or the case where some of the users U2 match may be the condition for authentication success.
  • Authentication succeeds when there are a plurality of users U2 or when all users U2 are present. In other words, if only one user U2 is present, or if only some of the users U2 are present, the authentication will be unsuccessful.
  • users U2 1 and U2 2 For convenience.
  • a specific example of the matching number condition when two users U2 are registered as users U2 1 and U2 2 will be described.
  • the authentication device 100 may determine that the authentication is successful. In other words, if only the facial feature information of user U1 and user U21 matches the facial feature information 112 of the face information DB 110, the authentication device 100 fails the authentication. Similarly, when only the facial feature information of the user U1 and the user U22 matches the facial feature information 112 of the face information DB 110, the authentication device 100 fails the authentication.
  • partial matching of the user U2 can be used as a condition for successful authentication.
  • the condition for the number of matches can be set to 1 or more. In this case, if the facial feature information of the user U1 matches that of the user U21 , the authentication device 100 determines that the authentication is successful. Alternatively, if the facial feature information of the user U1 matches that of the user U22 , the authentication device 100 determines that the authentication is successful. By setting authentication conditions in this way, convenience can be improved.
  • a combination of multiple users U2 may be set as an authentication condition.
  • users U2 1 , U2 2 and U2 3 for convenience.
  • a specific example of combination conditions when three users U2 are registered as users U2 1 , U2 2 , and U2 3 will be described.
  • the matching of user U21 is a necessary condition and the number of matching is 2 or more.
  • the authentication device 100 determines that the authentication is successful. If the facial feature information of the user U1 and the users U2 1 and U2 3 match the facial feature information 112 of the facial information DB 110, the authentication device 100 determines that the authentication is successful. If the facial feature information of user U1, user U2 2 , and user U2 3 matches the facial feature information 112 of the face information DB 110, the authentication device 100 fails the authentication. In other words, if the facial feature information of user U1 and user U21 does not match the facial feature information 112 of the face information DB 110, the authentication device 100 fails the authentication. Thus, matching of a specific user U2 can be set as a requirement.
  • the number of matches and combinations can be used as conditions for successful authentication. By doing so, convenience can be further improved. That is, user U1 can set more appropriate authentication conditions for multiple users U2.
  • user U1 may register his spouse and two children as users U2 1 , U2 2 and U2 3 .
  • the requirement is that the user U21 who is the spouse must match, and if the number of matches is 2 or more, the authentication is successful.
  • the face authentication terminal 300 captures the captured image P2 while the spouse and one or more children bring the photograph P1 of the user U1, the authentication succeeds. Even if the face authentication terminal 300 captures the captured image P2 in a state where two children bring the photograph P1 of the user U1, the authentication will be unsuccessful.
  • Embodiment 3 An authentication device according to the third embodiment will be explained using FIG.
  • a state information extraction unit 160 is added to the authentication device 100 of the second embodiment. Since the components other than the state information extraction unit 160 are the same as those in the first embodiment, description thereof will be omitted as appropriate.
  • the state information extraction unit 160 extracts user U1's state information from the image.
  • User U1 state information is information indicating a specific state of user U1. For example, the particular state is the "right eye closed” state, as shown in FIG. Alternatively, the state information may indicate a change in the facial expression of the user U, such as "open mouth”.
  • the status information may also indicate that the user U has worn an article on the face area, such as “wearing a mask” or “wearing glasses”. Also, if the camera that captures the face region is capable of capturing moving images, the movement of the face region such as “blinking” or “turning the neck” may be indicated.
  • the registration unit 140 preliminarily registers state information indicating a specific state of the user U1 in the face information DB 110.
  • state information registered in the face information DB 110 be registered state information.
  • the registered state information can be registered by the user U1 specifying the state using a touch panel or the like. Specifically, the user U1 selects the state information from among the state information candidates recorded in advance. The selected status information becomes the registered status information.
  • the registration unit 140 registers the state of "the right eye is closed" as the registered state information.
  • the registration status information is included in the first registration information of user U1.
  • the registration unit 140 may use the state information extracted from the registered image by the state information extraction unit 160 as the registered state information.
  • the registered state information may be the captured image itself captured in the state indicated by the state information.
  • the user U1 uses the registration terminal 200 or the like to capture a state image of the selected state.
  • the user U1 passes the state image shown in FIG. 10 to the user U2 as the photograph P3.
  • the state image may be image data or a printed image.
  • the user U2 performs proxy authentication while holding the photo P3 shown in FIG. That is, the camera 310 of the face authentication terminal 300 takes an image of the user U2 together with the photo P3. Face authentication terminal 300 transmits the captured image to authentication device 100 .
  • the state information extraction unit 160 extracts state information indicating the state of the user U1 in the captured image.
  • the face detection unit 120 and the feature point extraction unit 130 perform similar processing.
  • the state information extraction unit 160 may extract feature points from facial feature information.
  • State information may be extracted by comparing a registered image in a normal state and a state image in a specific state.
  • Authentication unit 150 then compares the state information extracted from the captured image with the registered state information. Note that the face authentication terminal 300 may capture an image in a normal state and an image in a specific state.
  • the authentication unit 150 determines that the authentication is successful. If the state information extracted from the captured image does not match the registered state information, the authentication unit 150 determines that the authentication has failed. By doing so, the authentication can be performed more strictly. In other words, only the user U2 to whom the photo P3 of the state image is handed over can be successfully authenticated.
  • the user U1 may register two or more pieces of registration status information. Then, the authentication device 100 may determine that the authentication is successful when part or all of the registered state information matches. In this case, the user U1 may pass a plurality of photographs P3 corresponding to the registration status information to the user U2. Also, part or all of the processing of the state information extraction unit 160 may be performed by the registration terminal 200 or the face authentication terminal 300 . The registration terminal 200 or the face authentication terminal 300 may extract the state information and transmit it to the authentication device 100 .
  • the captured image information and the registered information acquired by the acquisition unit 3 or the acquisition unit 170 may be the image data itself captured by the camera, or may be the image data itself captured by the camera. It may be data extracted from data.
  • the acquisition unit 3 or the acquisition unit 170 may acquire facial feature information and data necessary for extracting facial feature information as registration information and captured image information.
  • each device is not limited to a single physical device, and may be composed of a plurality of devices.
  • the camera 310 and the controller 350 may be physically different devices.
  • the function of each device can be realized by performing distributed processing by a plurality of processing devices.
  • a program includes instructions (or software code) that, when read into a computer, cause the computer to perform one or more of the functions described in the embodiments.
  • the program may be stored in a non-transitory computer-readable medium or tangible storage medium.
  • computer readable media or tangible storage media may include random-access memory (RAM), read-only memory (ROM), flash memory, solid-state drives (SSD) or other memory technology, CDs -ROM, digital versatile disc (DVD), Blu-ray disc or other optical disc storage, magnetic cassette, magnetic tape, magnetic disc storage or other magnetic storage device;
  • the program may be transmitted on a transitory computer-readable medium or communication medium.
  • transitory computer readable media or communication media include electrical, optical, acoustic, or other forms of propagated signals.
  • the authentication device according to appendix 1 or 2, wherein the second registration information of a plurality of second users is associated with the first registration information of one first user.
  • Appendix 4 The authentication device according to any one of appendices 1 to 3, wherein the second user is registered as an agent of the first user in the first registration information or the second registration information.
  • Appendix 5 The authentication device according to any one of appendices 1 to 4, further comprising means for distinguishing between a real face and a photographic face in the captured image.
  • An authentication system comprising an authentication device that performs authentication in response to a face authentication request from the face authentication terminal,
  • the face authentication terminal includes a camera that captures a second user along with a photograph of the first user,
  • the authentication device includes acquisition means for acquiring captured image information corresponding to the captured image of the camera; registration means for registering first registration information based on the face image of the first user and second registration information based on the face image of the second user in association with each other;
  • An authentication system comprising: authentication means for comparing the captured image information with the first registration information and the second registration information and performing authentication based on the comparison result.
  • (Appendix 7) further comprising state information extraction means for extracting state information indicating the state of the first user in the photograph included in the captured image; 7.
  • Appendix 8 The authentication system according to appendix 6 or 7, wherein the second registration information of a plurality of second users is associated with the first registration information of one first user.
  • Appendix 9 The authentication system according to any one of attachments 6 to 8, wherein the second user is registered as an agent of the first user in the first registration information or the second registration information.
  • Appendix 10 10.
  • (Appendix 11) the computer Registering first registered information based on the face image of the first user and second registered information based on the face image of the second user in association with each other; Acquiring captured image information of a captured image of the second user together with the photograph of the first user; An authentication method for comparing the captured image information with the first registration information and the second registration information and performing authentication based on the comparison result.
  • (Appendix 12) extracting state information indicating the state of the first user in the photograph included in the captured image; 12. The authentication method according to appendix 11, wherein the state information is compared with the first registration information, and authentication is performed based on the comparison result. (Appendix 13) 13.
  • Appendix 14 14.
  • Appendix 15 15.
  • (Appendix 16) a process of associating and registering the first registration information based on the face image of the first user and the second registration information based on the face image of the second user; A process of acquiring captured image information of a captured image of the second user together with the photograph of the first user; A non-temporary computer-readable medium storing a program for causing a computer to execute a process of comparing the captured image information with the first registration information and the second registration information and performing authentication based on the comparison result. (Appendix 17) extracting state information indicating the state of the first user in the photograph included in the captured image; 17. The non-transitory computer-readable medium of Clause 16, wherein the state information is compared with the first registration information and authentication is performed based on the comparison result.
  • (Appendix 18) 18. The non-transitory computer-readable medium according to appendix 16 or 17, wherein the first registration information of one first user is associated with the second registration information of a plurality of second users.
  • (Appendix 19) 19. The non-transitory computer-readable medium according to any one of appendices 16 to 18, wherein in the first registration information or the second registration information, the second user is registered as an agent of the first user.
  • authentication device 2 registration unit 3 acquisition unit 4 authentication unit 100 authentication device 110 face information DB 111 User ID 112 facial feature information 120 face detection unit 130 feature point extraction unit 140 registration unit 150 authentication unit 160 state information extraction unit 170 acquisition unit 200 registration terminal 300 face authentication terminal 310 camera 320 storage unit 330 communication unit 340 input/output unit 350 control unit 351 Shooting control unit 352 Registration unit 353 Authentication control unit 354 Display control unit 355 Acceptance unit

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Collating Specific Patterns (AREA)

Abstract

Un dispositif d'authentification (1) selon ce mode de réalisation comprend : un moyen d'enregistrement qui enregistre des premières informations d'enregistrement sur la base d'une image de visage d'un premier utilisateur et des secondes informations d'enregistrement sur la base d'une image de visage d'un second utilisateur en association les unes avec les autres ; un moyen d'acquisition qui acquiert des informations d'image photographiées se rapportant à une image photographiée, obtenues par photographie d'un second utilisateur, et à une photographie du premier utilisateur ; et un moyen d'authentification qui compare les informations d'image photographiées aux premières informations d'enregistrement et aux secondes informations d'enregistrement pour effectuer une authentification sur la base du résultat de la comparaison.
PCT/JP2021/038291 2021-10-15 2021-10-15 Dispositif d'authentification, système d'authentification, procédé d'authentification et support lisible par ordinateur WO2023062832A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/JP2021/038291 WO2023062832A1 (fr) 2021-10-15 2021-10-15 Dispositif d'authentification, système d'authentification, procédé d'authentification et support lisible par ordinateur

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2021/038291 WO2023062832A1 (fr) 2021-10-15 2021-10-15 Dispositif d'authentification, système d'authentification, procédé d'authentification et support lisible par ordinateur

Publications (1)

Publication Number Publication Date
WO2023062832A1 true WO2023062832A1 (fr) 2023-04-20

Family

ID=85988223

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2021/038291 WO2023062832A1 (fr) 2021-10-15 2021-10-15 Dispositif d'authentification, système d'authentification, procédé d'authentification et support lisible par ordinateur

Country Status (1)

Country Link
WO (1) WO2023062832A1 (fr)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2005301539A (ja) * 2004-04-09 2005-10-27 Oki Electric Ind Co Ltd 顔認証による本人確認システム
JP2009199217A (ja) * 2008-02-20 2009-09-03 Yamatake Corp 複数人同時顔認証装置および入室管理システム
JP2010027035A (ja) * 2008-06-16 2010-02-04 Canon Inc 個人認証装置及び個人認証方法
JP2015026316A (ja) * 2013-07-29 2015-02-05 オムロン株式会社 プログラマブル表示器、表示制御方法、およびプログラム
US20170280100A1 (en) * 2016-03-23 2017-09-28 Global Tel *Link Corporation Secure nonscheduled video visitation system
JP2021124912A (ja) * 2020-02-04 2021-08-30 Fcnt株式会社 認証処理装置、認証処理方法及び認証処理プログラム

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2005301539A (ja) * 2004-04-09 2005-10-27 Oki Electric Ind Co Ltd 顔認証による本人確認システム
JP2009199217A (ja) * 2008-02-20 2009-09-03 Yamatake Corp 複数人同時顔認証装置および入室管理システム
JP2010027035A (ja) * 2008-06-16 2010-02-04 Canon Inc 個人認証装置及び個人認証方法
JP2015026316A (ja) * 2013-07-29 2015-02-05 オムロン株式会社 プログラマブル表示器、表示制御方法、およびプログラム
US20170280100A1 (en) * 2016-03-23 2017-09-28 Global Tel *Link Corporation Secure nonscheduled video visitation system
JP2021124912A (ja) * 2020-02-04 2021-08-30 Fcnt株式会社 認証処理装置、認証処理方法及び認証処理プログラム

Similar Documents

Publication Publication Date Title
US11163981B2 (en) Periocular facial recognition switching
CN110555359B (zh) 面部识别的自动重试
US20220046012A1 (en) Method and System for Verifying the Identity of a User
KR102345825B1 (ko) 안면 인식을 사용하여 인증을 수행하는 방법, 장치 및 시스템
EP3807794B1 (fr) Vérification de l'âge
JP2006235718A (ja) 顔認証装置、その顔認証方法、その顔認証装置を組み込んだ電子機器およびその顔認証プログラムを記録した記録媒体
JP6015592B2 (ja) 情報処理装置及び情報処理プログラム
US11729501B2 (en) Imaging control system, imaging control method, control device, control method, and storage medium
JP4747894B2 (ja) 認証装置、認証方法、認証プログラムおよびコンピュータ読み取り可能な記録媒体
JP2019102024A (ja) イベント会場顔登録システム
JP2007199860A (ja) 個人認証システム
JP2019118021A (ja) 撮影制御システム、撮影制御方法、プログラムおよび記録媒体
JP6578080B1 (ja) 証明書認定システム、証明書認定方法及びプログラム
WO2023062832A1 (fr) Dispositif d'authentification, système d'authentification, procédé d'authentification et support lisible par ordinateur
US11176617B1 (en) Mobile submission of pharmacy insurance information
JP2022032529A (ja) 顔認証サーバ、情報処理方法及び情報処理システム
US20240184871A1 (en) Image capturing apparatus that guarantees authenticity of image data, management system, control method, and storage medium
JP7468626B2 (ja) 認証装置、認証方法、プログラム
JP7033228B1 (ja) 認証システム、認証方法および認証プログラム
KR102567798B1 (ko) 비대면 출입통제 장치
JP7494899B2 (ja) 撮影制御装置、システム、方法及びプログラム
JP2024044153A (ja) 認証システム、認証方法及びプログラム
KR20220008621A (ko) 인증 장치
WO2023095068A1 (fr) Système d'enregistrement fiable et procédés associés
JP2023184013A (ja) 年齢推定システムおよび年齢推定方法

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 21960685

Country of ref document: EP

Kind code of ref document: A1