WO2024095376A1 - Server device, system, server device control method, and storage medium - Google Patents

Server device, system, server device control method, and storage medium Download PDF

Info

Publication number
WO2024095376A1
WO2024095376A1 PCT/JP2022/040919 JP2022040919W WO2024095376A1 WO 2024095376 A1 WO2024095376 A1 WO 2024095376A1 JP 2022040919 W JP2022040919 W JP 2022040919W WO 2024095376 A1 WO2024095376 A1 WO 2024095376A1
Authority
WO
WIPO (PCT)
Prior art keywords
user
information
authentication
service
service provider
Prior art date
Application number
PCT/JP2022/040919
Other languages
French (fr)
Japanese (ja)
Inventor
大助 四分一
由久 新宮
一精 柳澤
知秀 太田
Original Assignee
日本電気株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 日本電気株式会社 filed Critical 日本電気株式会社
Priority to PCT/JP2022/040919 priority Critical patent/WO2024095376A1/en
Publication of WO2024095376A1 publication Critical patent/WO2024095376A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q50/00Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
    • G06Q50/10Services

Definitions

  • the present invention relates to a server device, a system, a method for controlling a server device, and a storage medium.
  • Patent Document 1 describes a method for shortening waiting time for visitors entering an event venue.
  • the mobile terminal of Patent Document 1 includes a first determination unit, a second determination unit, an authentication information acquisition unit, and an authentication processing unit.
  • the first determination unit determines whether the mobile terminal's own location corresponds to the location where the event is being held.
  • the second determination unit determines whether the current time corresponds to the time when the event is being held.
  • the authentication information acquisition unit acquires facial information to be used for authentication when the first determination unit determines that the mobile terminal's own location corresponds to the location where the event is being held and the second determination unit determines that the current time corresponds to the time when the event is being held.
  • the authentication processing unit performs processing related to authentication based on the facial information acquired by the authentication information acquisition unit.
  • Patent Document 2 states that it aims to improve the convenience of customers who use tickets.
  • the authentication system of Patent Document 2 includes a customer terminal, an authentication device, and an information processing device.
  • the information processing device has a control unit and a memory unit.
  • the memory unit stores personal information and biometric information received from the customer terminal.
  • the control unit receives biometric information and performance information from the customer terminal along with a ticket purchase request.
  • the control unit compares the biometric information stored in the memory unit with the biometric information received along with the ticket purchase request, and if biometric authentication is permitted, sends a ticket purchase permission notice corresponding to the ticket purchase request to the customer terminal.
  • the control unit receives a first authentication request or a second authentication request from the authentication device, compares the biometric information stored in the memory unit with the biometric information included in the first authentication request or the second authentication request, and if biometric authentication is permitted, sends an authentication permission notice to the authentication device.
  • biometric authentication Before receiving a service using biometric authentication, a user must register their own biometric information (e.g., a facial image) on a server. In order to receive services from multiple service providers (e.g., retailers, transportation companies), the user must register their biometric information for each service provider.
  • service providers e.g., retailers, transportation companies
  • each service provider differs depending on the type of business they operate, such as whether they have accounts to manage customers, and the type of business information they provide when providing services to customers. For this reason, a method (registration format) for registering biometric information that is suitable for each type of service provider is required.
  • the main objective of the present invention is to provide a server device, a system, a method for controlling a server device, and a storage medium that contribute to realizing the registration of biometric information appropriate to the type of service provider.
  • a server device includes a service selection control means that enables a user to select a service provider from among a plurality of service providers that provide services using biometric authentication, and a user registration control means that controls the acquisition of original biometric information that serves as the original of the authentication information used for biometric authentication by a service provider selected by the user, the service provider having an account for managing customers, and using business information necessary for providing services to the customer during biometric authentication.
  • a system including a terminal possessed by a user and a server device, the server device being equipped with a service selection control means that enables the user to select a service provider from among a plurality of service providers that provide services using biometric authentication, and a user registration control means that controls the service provider selected by the user, who has an account for managing customers, and who uses business information necessary for providing services to the customer when performing biometric authentication, to acquire original biometric information that is the original of authentication information to be used for biometric authentication, the user registration control means transmitting information for logging in to the account of the service provider selected by the user to the user's terminal, and in response to receiving a request for provision of biometric information from a server that manages the user's account, the system obtains the original biometric information from the terminal by requesting the terminal to provide the original biometric information that is the original of authentication information to be used for biometric authentication, and transmits the acquired original biometric information to the server.
  • a method for controlling a server device which allows a user to select a service provider from among a plurality of service providers that provide services using biometric authentication in a server device, and controls the service provider selected by the user, which has an account for managing customers and uses business information required for providing services to the customer during biometric authentication, to acquire original biometric information that is the source of authentication information used for biometric authentication.
  • a computer-readable storage medium stores a program for causing a computer mounted on a server device to execute the following processes: a process for enabling a user to select a service provider from among a plurality of service providers that provide services using biometric authentication, and a process for controlling the service provider selected by the user, who has an account for managing customers and uses business information necessary for providing services to the customer during biometric authentication, to acquire original biometric information that is the source of authentication information used for biometric authentication.
  • a server device a system, a method for controlling a server device, and a storage medium are provided that contribute to realizing the registration of biometric information suitable for the type of service provider.
  • the effects of the present invention are not limited to those described above.
  • the present invention may achieve other effects instead of or in addition to the effects described above.
  • FIG. 1 is a diagram for explaining an overview of an embodiment.
  • FIG. 2 is a flowchart illustrating an example of the operation of one embodiment.
  • FIG. 3 is a diagram illustrating an example of a schematic configuration of an authentication system according to the first embodiment.
  • FIG. 4 is a diagram for explaining the operation of the authentication system according to the first embodiment.
  • FIG. 5 is a diagram for explaining the operation of the authentication system according to the first embodiment.
  • FIG. 6 is a diagram for explaining the operation of the authentication system according to the first embodiment.
  • FIG. 7 is a diagram illustrating an example of a processing configuration of the control server according to the first embodiment.
  • FIG. 8 is a diagram illustrating an example of an account management database according to the first embodiment.
  • FIG. 1 is a diagram for explaining an overview of an embodiment.
  • FIG. 2 is a flowchart illustrating an example of the operation of one embodiment.
  • FIG. 3 is a diagram illustrating an example of a schematic configuration of an authentication system according to the first embodiment.
  • FIG. 9 is a diagram illustrating an example of a display on the terminal according to the first embodiment.
  • FIG. 10 is a diagram illustrating an example of a display on the terminal according to the first embodiment.
  • FIG. 11 is a flowchart illustrating an example of the operation of the control server according to the first embodiment.
  • FIG. 12 is a diagram illustrating an example of a processing configuration of the service server according to the first embodiment.
  • FIG. 13 is a diagram illustrating an example of a user management database according to the first embodiment.
  • FIG. 14 is a diagram illustrating an example of a processing configuration of the authentication terminal according to the first embodiment.
  • FIG. 15 is a diagram illustrating an example of a processing configuration of a terminal according to the first embodiment.
  • FIG. 16 is a diagram illustrating an example of a display on the terminal according to the first embodiment.
  • FIG. 17 is a sequence diagram showing an example of the operation of the authentication system according to the first embodiment.
  • FIG. 18 is a diagram for explaining the operation of the authentication system according to the second embodiment.
  • FIG. 19 is a diagram illustrating an example of a display on a terminal according to the second embodiment.
  • FIG. 20 is a diagram for explaining the operation of the authentication system according to the second embodiment.
  • FIG. 21 is a diagram for explaining the operation of the authentication system according to the third embodiment.
  • FIG. 22 is a diagram for explaining the operation of the authentication system according to the third embodiment.
  • FIG. 23 is a diagram for explaining the operation of the authentication system according to the third embodiment.
  • FIG. 24 is a sequence diagram showing an example of the operation of the authentication system according to the third embodiment.
  • FIG. 25 is a diagram for explaining the operation of the authentication system according to the fourth embodiment.
  • FIG. 26 is a diagram illustrating an example of a display of a terminal according to the fourth embodiment.
  • FIG. 27 is a diagram illustrating an example of a hardware configuration of a control server according to the present disclosure.
  • FIG. 28 is a diagram showing an example of a display of a terminal according to a modification of the present disclosure.
  • FIG. 29 is a diagram showing an example of a schematic configuration of an authentication system according to a modification of the present disclosure.
  • FIG. 30 is a diagram showing an example of a schematic configuration of an authentication system according to a modification of the present disclosure.
  • the server device 100 includes a service selection control means 101 and a user registration control means 102 (see FIG. 1).
  • the service selection control means 101 enables a user to select a service provider from which the user wishes to receive a service from among a plurality of service providers that provide services using biometric authentication (service provider selection control; step S1 in FIG. 2).
  • the user registration control means 102 controls the service provider selected by the user, who has an account for managing customers, and who uses business information necessary for providing services to customers during biometric authentication, to acquire original biometric information that is the original of the authentication information used for biometric authentication (execution of user registration control; step S2).
  • service providers that provide users with services using biometric authentication.
  • service providers can be categorized by the presence or absence of an account (a portal site where customers log in) for managing customers and the way in which business information is used when providing services using biometric authentication.
  • account a portal site where customers log in
  • business information is used when providing services using biometric authentication.
  • authentication systems in which original biometric information (e.g., a face image) that serves as the original authentication information for biometric authentication is stored in a terminal such as a smartphone, and the user himself manages the original biometric information.
  • the server device 100 executes user registration control for the service provider to acquire and register the original biometric information of the user.
  • a redirect URL Uniform Resource Locator
  • the server device 100 When a user logs in to an account (portal site) and is requested to provide original biometric information, the server device 100 acquires the original biometric information from the user's terminal and transmits it to the server. In other words, a server device 100 is provided that realizes the registration of biometric information suitable for the type of service provider.
  • FIG. 3 is a diagram showing an example of a schematic configuration of an authentication system (information processing system) according to the first embodiment.
  • the authentication system includes a plurality of service providers A to C and an authentication center.
  • a service provider is a business entity that uses biometric authentication to provide services to users.
  • the authentication system disclosed in this application is premised on service providers belonging to various business types and industries providing services using biometric authentication. Note that services provided by service providers may be either paid or free of charge.
  • service providers include businesses that provide rental housing services such as condominiums, businesses where employees work (the user's workplace), businesses that provide events such as concerts, and businesses that operate means of transportation such as airplanes.
  • Service providers disclosed in this application also include businesses that provide accommodation services, businesses such as retail stores, businesses that provide financial services, and educational businesses. Service providers are not limited to private businesses. Public institutions such as local governments may also be service providers.
  • the authentication center is the entity that controls and manages the biometric authentication of each of the multiple service providers. Businesses (service providers) that wish to provide services using biometric authentication to users (general consumers) must enter into a contract with the authentication center.
  • the authentication center includes a control server 10.
  • the control server 10 performs the main functions of the authentication center.
  • the control server 10 may be installed in the building of the authentication center, or may be a server installed on a network (cloud).
  • biometric authentication is performed when a user arrives at the office or returns to their apartment, and only users (employees, residents) with the proper credentials can enter the office, etc.
  • biometric authentication is performed when checking tickets at an event venue, checking in at a hotel, going through immigration procedures at an airport, etc.
  • services are provided to users with the proper credentials.
  • payment procedures at retail stores, etc. are performed using biometric authentication.
  • each service provider has a service server 20 and at least one authentication terminal 30.
  • the devices (service server 20, authentication terminal 30) of the service provider are connected so that they can communicate with each other.
  • the service server 20 and the authentication terminal 30 are connected by a wired or wireless communication means.
  • the service server 20 is connected to the control server 10 via a network.
  • the service server 20 may be installed in the building of the service provider, or may be installed on the cloud.
  • the service server 20 stores information required when providing services to users. Specifically, the service server 20 stores business information required when each service provider provides a service using biometric authentication, and information required for biometric authentication.
  • the service server 20 uses a user management database to store business information and information required for biometric authentication. Details of the user management database will be described later.
  • the service server 20 of the company where the user works stores information such as the user's (employee's) name, date of birth, employee number, department, place of work, etc. as business information.
  • the service server 20 of an event company hosting an event stores information regarding tickets purchased by event participants as business information.
  • the service server 20 of a retail store or the like stores credit card information required for payment as business information.
  • the authentication terminal 30 is a device that serves as an interface for users who receive services.
  • the authentication terminal 30 is installed at the service providing location of each service provider. More specifically, the authentication terminal 30 is installed in a store or the like that the user actually visits.
  • the authentication terminal 30 has functions and forms that correspond to the type of business of the service provider.
  • an authentication terminal 30 installed in a workplace or event venue can be a gate device equipped with a gate that restricts the passage of users (persons to be authenticated).
  • an authentication terminal 30 installed in a retail store can be a tablet-type terminal.
  • the authentication center may include two or more control servers 10.
  • at least one or more service providers may participate in the authentication system.
  • each service provider may include at least one or more service servers 20 and at least one or more authentication terminals 30.
  • a user who wishes to receive a service from a service provider needs to create an account in the system. Specifically, the user operates a terminal 40 owned by the user to access the control server 10 (see FIG. 4).
  • the user inputs login information (e.g., login ID, password), name, date of birth, etc., on a WEB page provided by the control server 10.
  • login information e.g., login ID, password
  • name e.g., name
  • date of birth e.g., date
  • the control server 10 acquires the login information, etc., it generates an ID for identifying the user.
  • the ID generated by the control server 10 is referred to as the "system ID.”
  • the control server 10 associates the generated system ID with the login information, etc., and stores them in an account management database. Details of the account management database will be described later.
  • Biometric information registration> A user who wishes to receive services using biometric authentication needs to register his/her own biometric information in the terminal 40 .
  • biometric authentication it is necessary that authentication information generated from biometric information be registered in advance with the service provider.
  • biometric information For example, when a service is provided using face authentication, it is necessary that feature amounts (feature vectors) generated from a face image be registered in advance as authentication information.
  • feature amounts feature vectors
  • fingerprint authentication it is necessary that feature amounts generated from a fingerprint image be registered in advance as authentication information.
  • original (foundation) information used to generate authentication information such as a face image or fingerprint image
  • original biometric information the features generated from the original biometric information and registered in advance
  • registered authentication information the features generated from the original biometric information and registered in advance
  • the user After completing account creation, the user must register the original biometric information (e.g., a facial image) on the terminal 40 that holds the information.
  • the terminal 40 acquires the original biometric information using a GUI (Graphical User Interface) or the like.
  • the terminal 40 stores the acquired original biometric information (e.g., a facial image) internally. In this way, the terminal 40 stores the original biometric information that serves as the original authentication information used for biometric authentication.
  • ⁇ Select a service> After registering in the system (creating an account) and registering their original biometric information, the user selects the service provider from which they would like to receive biometric authentication services. The user selects the service provider from which they would like to receive services from among the multiple service providers participating in the authentication system (service providers under contract with the authentication center).
  • the control server 10 stores information about the service providers participating in the authentication system. For example, the control server 10 stores the name, industry, location, etc. of the service provider. The control server 10 holds information about each of multiple service providers and allows the user to select a service provider.
  • the control server 10 When a user operates the terminal 40 to perform a specified operation on the portal site, the control server 10 displays a GUI or the like on the terminal 40 that enables the user to select a desired service (service provider). The control server 10 uses the GUI to obtain the service (biometric authentication service) desired by the user.
  • service biometric authentication service
  • control server 10 acquires the service provider selected by the user, the control server 10 executes control related to "user registration" that enables the selected service provider to provide the user with a service using biometric authentication.
  • control server 10 controls the above-mentioned selected service provider to acquire the original biometric information stored in the user's terminal 40.
  • the service provider generates registered authentication information from the acquired original biometric information, and associates the generated registered authentication information with business information, thereby becoming ready to provide the service to the user.
  • the service providers participating in the authentication system are classified into four types.
  • the first type of service provider is a business entity that does not have an account (portal site) for managing the users to whom it provides services, and that repeatedly uses the same business information.
  • service providers such as small businesses (companies where users work) and apartment management companies belong to the first type.
  • the second type of service provider is a business that does not have an account (portal site) for managing the users to whom it provides services, and in principle uses the business information required for authentication only once.
  • the third type of service provider is a business that has an account (portal site) for managing the users (customers) to whom it provides services, and that repeatedly uses the same business information.
  • service providers such as retail businesses that sell products belong to the third type.
  • the fourth type of service provider is a business that has an account (portal site) for managing the users to whom it provides services, and in principle uses the business information required for authentication only once. For example, businesses that sell tickets and operate amusement parks and theme parks, and event companies that hold events such as concerts, belong to the fourth type.
  • the control server 10 executes user registration control according to the type of service provider selected by the user.
  • the "user registration" for the first type will be described.
  • a user operates a terminal 40 to access the control server 10 and logs in to the user's portal site.
  • the control server 10 displays a GUI including a list of service providers on the terminal 40.
  • the control server 10 acquires information specifying the service provider to be registered as the user, if necessary. For example, the control server 10 acquires from the user, using a GUI or the like, a "management code" that specifies the company where the user works or the management company of the apartment building where the user lives. That is, the user operates the terminal 40 to input the management code.
  • the control server 10 determines the type of the identified service provider. In the first embodiment, the control server 10 determines that a first type of service provider has been selected.
  • control server 10 requests the user to provide the original biometric information. Specifically, the control server 10 sends an "original provision request" to the user's terminal 40 (see step S01 in FIG. 5).
  • the terminal 40 transmits the user's original biometric information (e.g., a facial image) to the control server 10 (step S02).
  • the user's original biometric information e.g., a facial image
  • the control server 10 notifies the service provider selected by the user (first type service provider) of the user's system ID, the acquired original biometric information, personal identification information, etc.
  • the personal identification information is information for identifying the user. Examples of personal identification information include the user's name, or a combination of the user's name and date of birth. Alternatively, an employee number, apartment room number, etc. may be used as personal identification information.
  • the control server 10 sends a "user registration request" including the system ID, the original biometric information, and the personal identification information to the service server 20 of the service provider selected by the user (step S03).
  • the service server 20 When the service server 20 receives the user registration request, it searches the user management database using the acquired personal identification information to identify the user who wishes to register (to receive services using biometric authentication). The service server 20 stores the system ID and registration authentication information (e.g., features) obtained from the original biometric information in the entry for the identified user.
  • system ID and registration authentication information e.g., features
  • the service server 20 sends a response including the result of the user registration (user registration successful or unsuccessful) to the control server 10 (step S04).
  • the user provides the original biometric information (master data of the biometric information) stored in the terminal 40, such as a smartphone, to the service provider via the control server 10 of the authentication center.
  • the terminal 40 continues to hold the original biometric information (master data) of the user internally.
  • the control server 10 deletes the original biometric information (e.g., face image) acquired from the user when the control server 10 transmits a user registration request to the service server 20 or when the control server 10 receives a response to the request.
  • the service server 20 generates registration authentication information (e.g., feature amount), it deletes the original biometric information acquired from the control server 10.
  • the user visits the service provider to receive the service.
  • the service provider For example, the user visits the facility or store of the service provider, such as an office, an amusement park, an event venue, or a retail store, where the user receives the service selected by the user.
  • the authentication terminal 30 acquires biometric information of the user (person to be authenticated) receiving the service. For example, the authentication terminal 30 photographs the person to be authenticated and acquires biometric information (e.g., a facial image) corresponding to the original biometric information.
  • the authentication terminal 30 transmits an authentication request including the acquired facial image to the service server 20 (see FIG. 6). If necessary, the authentication terminal 30 transmits other information (e.g., payment information such as the price of a purchased item) along with the biometric information to the service server 20.
  • the authentication terminal 30 may transmit information used in the authentication process (e.g., credit card information) along with the biometric information (information for identifying an individual, ID) to the service server 20.
  • the service server 20 generates authentication information for matching from the acquired face image. For example, the service server 20 generates features from the face image for matching.
  • the service server 20 executes a matching process (1:N matching; N is a positive integer, the same below) using the generated authentication information for matching (hereinafter referred to as matching authentication information) and the registered authentication information registered in the user management database.
  • the service server 20 identifies the user (person to be authenticated) registered in the user management database through a matching process.
  • the service server 20 authenticates the identified user using the business information of that user. For example, the service server 20 of the employee's employer will determine that the "authentication was successful” if the person to be authenticated is an employee of that company and is qualified to enter the office. Alternatively, a service server 20 installed at an event venue will determine that the "authentication was successful” if the ticket purchased by the person to be authenticated is valid. Alternatively, a service server 20 installed at a retail store will determine that the "authentication was successful” if the payment for the goods etc. purchased by the person to be authenticated is successful.
  • the service server 20 sends the authentication result (authentication successful, authentication failed) to the authentication terminal 30.
  • the authentication terminal 30 executes processing according to the authentication result. For example, when successful authentication is received, an authentication terminal 30 installed in an office opens the gate and allows the authenticated person to pass through. Alternatively, when successful authentication is received, an authentication terminal 30 installed at an event venue allows the authenticated person to pass through the gate. Alternatively, when successful authentication is received, an authentication terminal 30 installed at a retail store notifies the authenticated person that payment for the product has been completed.
  • FIG. 7 is a diagram showing an example of a processing configuration (processing module) of the control server 10 according to the first embodiment.
  • the control server 10 includes a communication control unit 201, an account management unit 202, a business operator management unit 203, a service selection control unit 204, a user registration control unit 205, and a storage unit 206.
  • the communication control unit 201 is a means for controlling communication with other devices. For example, the communication control unit 201 receives data (packets) from the service server 20. The communication control unit 201 also transmits data to the service server 20. The communication control unit 201 passes data received from other devices to other processing modules. The communication control unit 201 transmits data acquired from other processing modules to other devices. In this way, the other processing modules transmit and receive data to and from other devices via the communication control unit 201.
  • the communication control unit 201 has a function as a receiving unit that receives data from other devices and a function as a transmitting unit that transmits data to other devices.
  • the account management unit 202 is a means for managing a user's account. When a user operates the terminal 40 to access a specific homepage or the like, the account management unit 202 obtains the information necessary to create an account for that user.
  • the account management unit 202 acquires personal information such as login information, name, and date of birth. Upon acquiring the login information, the account management unit 202 generates a system ID for identifying the user.
  • the system ID may be any information that can uniquely identify the user. For example, the account management unit 202 may assign a unique value each time an account is generated, and use this as the system ID.
  • the account management unit 202 associates the generated system ID, login information, name, etc., and stores them in the account management database (see FIG. 8).
  • the account management database shown in FIG. 8 is an example, and is not intended to limit the items to be stored.
  • the account generation date and time, etc. may also be stored in the account management database.
  • the account management unit 202 also acquires login information for logging in to the portal site from the user's terminal 40.
  • the account management unit 202 performs authentication using the login information.
  • the business management unit 203 is a means for managing the service providers (service businesses) participating in the authentication system.
  • the business management unit 203 acquires business information (service provider name, business type, location, management code, address of service server 20, etc.) to be registered in the system from staff of each service provider.
  • the business information may include the type of each service provider (the first to fourth service provider types described above).
  • the business management unit 203 may provide each service provider with an interface for inputting business information, etc.
  • each service provider may send a USB (Universal Serial Bus) memory or the like on which the business information, etc. is stored to the authentication center.
  • the business management unit 203 may obtain the business information, etc. from staff, etc. at the authentication center.
  • the business management unit 203 generates an ID (business ID) for the service provider that has acquired the business information, etc.
  • the business management unit 203 stores the generated business ID in association with the acquired business information, etc.
  • the service selection control unit 204 is a means for controlling the selection of a biometric authentication service (service provider) by the user.
  • the service selection control unit 204 enables the user to select the service provider from which the user wishes to receive services from among multiple service providers that offer services using biometric authentication.
  • the service selection control unit 204 displays, for example, a GUI such as that shown in FIG. 9 on the terminal 40.
  • the service selection control unit 204 displays the service provider in a way that allows the user to distinguish between a service provider that has already been selected and a service provider that has not been selected.
  • a service provider with a check mark in the upper right corner of the icon indicating the service business indicates a service provider that has already been selected, and a service provider with no check mark indicates an unselected service provider.
  • the service selection control unit 204 uses the business information and information registered in the account management database to display a GUI such as that shown in FIG. 9. Specifically, the service selection control unit 204 references the business information and generates a list of service providers that have concluded contracts with the authentication center. The service selection control unit 204 also references the selected service field in the account management database to obtain the service provider (the business ID of the service provider) that has been selected by the user.
  • the service selection control unit 204 may also provide the user with more detailed information about each service provider (e.g., the type of business, services offered, store location, etc.).
  • the service selection control unit 204 may display icons that represent multiple service providers.
  • multiple companies place of work
  • multiple condominium management companies are displayed as "condominiums.”
  • the service selection control unit 204 acquires the management code of the service provider for which the user is to be registered. Specifically, the service selection control unit 204 acquires the management code using a GUI such as that shown in FIG. 10. Note that the user acquires the management code for their company or apartment from their place of employment, a management company, etc.
  • the service selection control unit 204 identifies the service provider selected by the user from the management code. In this way, the service selection control unit 204 identifies the service provider selected (specified) by the user by acquiring, as necessary, from the terminal 40, the management code corresponding to the service provider from which the user wishes to receive a service.
  • the service selection control unit 204 can identify the service provider selected by the user without using the management code.
  • the service selection control unit 204 passes information about the service provider selected by the user (e.g., the business ID of the service provider for which the user wishes to register) to the user registration control unit 205.
  • the service selection control unit 204 also enables the user to cancel a service provider that has already been selected (to end receiving services from that service provider). Specifically, when the user performs a specified operation on the portal site, the service selection control unit 204 displays a GUI such as that shown in FIG. 9.
  • the service selection control unit 204 controls the cancellation of the user registration of the selected service provider. If necessary, the service selection control unit 204 acquires the management code of the service provider whose user registration is to be cancelled.
  • the service selection control unit 204 passes information about the service provider selected by the user (the service provider for which the user wishes to cancel his/her registration) to the user registration control unit 205.
  • the user registration control unit 205 is a means for controlling "user registration" by the control server 10. For example, the user registration control unit 205 performs control so that a service provider selected by a user using a specific code (management code) can acquire original biometric information that serves as the source of authentication information to be used for biometric authentication.
  • a service provider selected by a user using a specific code management code
  • the user registration control unit 205 controls "user registration" that enables a service provider selected by a user to provide the user with a service using biometric authentication. Alternatively, the user registration control unit 205 controls the cancellation of user registration.
  • the user registration control unit 205 executes user registration control according to the type of service provider for which user registration is desired.
  • the user registration control unit 205 acquires the type of selected service provider from the business information.
  • a case where a first type of service provider is selected is described. That is, the user registration control unit 205 performs user registration control so that a service provider selected by a user who does not have an account for managing customers can acquire original biometric information that serves as the source of authentication information used for biometric authentication.
  • the user registration control unit 205 When the user obtains information on the service provider selected by the user from the service selection control unit 204, the user registration control unit 205 sends an "original provision request" to the terminal 40 held by the user.
  • the user registration control unit 205 receives the user's original biometric information (e.g., a facial image) from the terminal 40.
  • the user registration control unit 205 sends a user registration request, including the user's system ID, original biometric information, and personal identification information, to the service server 20 of the service provider that corresponds to the service selected by the user.
  • the user registration control unit 205 also obtains the system ID and personal identification information (e.g., name or a combination of name and date of birth) from the account management database.
  • system ID and personal identification information e.g., name or a combination of name and date of birth
  • the user registration control unit 205 receives a response (positive response, negative response) to the user registration request.
  • the user registration control unit 205 registers the business ID of the service provider selected by the user in the account management database. Also, if a positive response is received, the user registration control unit 205 notifies the user that user registration for the selected service provider was successful.
  • the user registration control unit 205 If a negative response (user registration failed) is received, the user registration control unit 205 notifies the user accordingly.
  • the user registration control unit 205 sends a "registration cancellation request" including the user's system ID to the service server 20 of the service provider for which cancellation is desired.
  • the user registration control unit 205 receives a response (positive response, negative response) to the deregistration request.
  • the user registration control unit 205 notifies the user of the result of the deregistration request.
  • the user registration control unit 205 if a positive response (deregistration successful) is received, the user registration control unit 205 notifies the user accordingly. For example, the user registration control unit 205 notifies the user that the user registration with the service provider selected by the user has been deregistered by unchecking the icon shown in FIG. 9. Alternatively, if deregistration is successful, the user registration control unit 205 may display a message or the like indicating that the registered authentication information (e.g., features) has been deleted from the service provider (service server 20). That is, the terminal 40 may report to the user that the features registered in the service server 20 have been deleted by deregistration. If a negative response (deregistration failed) is received, the user registration control unit 205 notifies the user accordingly.
  • the registered authentication information e.g., features
  • the memory unit 206 is a means for storing information necessary for the operation of the control server 10.
  • control server 10 The operation of the control server 10 described above regarding user registration can be summarized as shown in the flowchart in Figure 11.
  • the control server 10 acquires the biometric authentication service (service provider) desired by the user (acquire selected service; step S101). At that time, the control server 10 acquires the management code of the service provider as necessary.
  • the control server 10 obtains the original biometric information by sending an "original provision request" to the terminal 40 held by the user (step S102).
  • the control server 10 sends a user registration request including the system ID, the acquired original biometric information (e.g., face image) and personal identification information (e.g., name) to the service server 20 (step S103).
  • the service server 20 sends a user registration request including the system ID, the acquired original biometric information (e.g., face image) and personal identification information (e.g., name) to the service server 20 (step S103).
  • the control server 10 receives a response to the user registration request from the service server 20 (step S104).
  • the control server 10 notifies the user whether the user registration was successful or not (step S105).
  • control server 10 acquires the original biometric information by requesting the provision of the original biometric information from the terminal 40 held by the user, and transmits the acquired original biometric information to the service server 20 of the service provider selected by the user. At that time, the control server 10 transmits at least a system ID for managing the user on its own device and the acquired original biometric information to the service server 20.
  • FIG. 12 is a diagram showing an example of a processing configuration (processing module) of the service server 20 according to the first embodiment.
  • the service server 20 includes a communication control unit 301, a business information management unit 302, a user registration control unit 303, an authentication unit 304, and a storage unit 305.
  • the communication control unit 301 is a means for controlling communication with other devices.
  • the communication control unit 301 receives data (packets) from the control server 10.
  • the communication control unit 301 also transmits data to the control server 10.
  • the communication control unit 301 passes data received from other devices to other processing modules.
  • the communication control unit 301 transmits data acquired from other processing modules to other devices. In this way, the other processing modules transmit and receive data to and from other devices via the communication control unit 301.
  • the communication control unit 301 has a function as a receiving unit that receives data from other devices and a function as a transmitting unit that transmits data to other devices.
  • the business information management unit 302 is a means for the service provider to manage and control the business information required to provide services.
  • the business information management unit 302 uses any means to acquire business information necessary for the company to provide its services.
  • the business information management unit 302 of the user's employer company acquires information such as the employee's name, date of birth, employee number, department, and place of work as business information.
  • the business information management unit 302 may obtain the business information from staff of the service provider, etc., or may obtain the business information directly from the user using a website or other means.
  • the business information management unit 302 manages business information using a user management database.
  • business information management unit 302 A more detailed description of the business information management unit 302 will be omitted because the details of the business information for each service and the method of acquiring the information are different from the purpose of this disclosure.
  • the user registration control unit 303 is a means for controlling user registration by the service provider.
  • the user registration control unit 303 processes user registration requests received from the control server 10.
  • the user registration control unit 303 searches the user management database using the personal identification information (e.g., name) included in the user registration request as a key to identify the corresponding user (entry).
  • personal identification information e.g., name
  • the user registration control unit 303 If the corresponding user is registered in the user management database, the user registration control unit 303 generates registration authentication information from the acquired original biometric information (e.g., a facial image). For example, when a facial image is acquired, the user registration control unit 303 generates a feature amount (feature vector) corresponding to the facial recognition algorithm adopted by the company as the registration authentication information.
  • the acquired original biometric information e.g., a facial image
  • feature vector feature vector
  • the user registration control unit 303 extracts the eyes, nose, mouth, etc. from the face image as feature points. The user registration control unit 303 then calculates the position of each feature point and the distance between each feature point as feature amounts, and generates a feature vector (vector information that characterizes the face image) consisting of multiple feature amounts.
  • the user registration control unit 303 associates the system ID, the generated registration authentication information (features), and the business information and stores them in the user management database (see FIG. 13).
  • the user management database shown in FIG. 13 is an example and is not intended to limit the items to be stored.
  • the date and time of user registration may be registered in the user management database.
  • the user registration control unit 303 When user registration is completed normally, the user registration control unit 303 sends an affirmative response to the control server 10 indicating that user registration was successful.
  • the user registration control unit 303 generates registration authentication information (e.g., feature amounts), registers the generated registration authentication information in the user management database, and then deletes the original biometric information obtained from the control server 10.
  • registration authentication information e.g., feature amounts
  • the user registration control unit 303 sends a negative response to the control server 10 indicating that user registration has failed. For example, a negative response is sent to the control server 10 when the personal identification information (e.g., name) received from the control server 10 is not registered in the user management database or when valid registration authentication information cannot be generated from the original biometric information.
  • personal identification information e.g., name
  • the user registration control unit 303 processes deregistration requests received from the control server 10.
  • the user registration control unit 303 searches the user management database using the system ID included in the deregistration request as a key to identify the corresponding user.
  • the user registration control unit 303 deletes at least the system ID and registered authentication information (e.g., features) of the identified user. Alternatively, the user registration control unit 303 deletes the entry of the identified user (entry in the user management database) as necessary.
  • the user registration control unit 303 sends a positive response to the control server 10 indicating that the user registration was successfully cancelled. If the user registration was unsuccessful because the system ID obtained from the control server 10 does not exist in the user management database, for example, the user registration control unit 303 sends a negative response to that effect to the control server 10.
  • the authentication unit 304 is a means for performing biometric authentication of the person to be authenticated.
  • the authentication unit 304 receives an authentication request from the authentication terminal 30.
  • the authentication unit 304 extracts biometric information (e.g., a facial image) from the authentication request.
  • the authentication unit 304 generates matching authentication information from the acquired biometric information. For example, when a facial image is acquired, the authentication unit 304 generates features corresponding to the facial recognition algorithm adopted by the company. The authentication unit 304 executes a matching process using the generated matching authentication information (features) and registered authentication information (features) registered in the user management database.
  • the authentication unit 304 calculates the similarity between the feature amount (feature vector) to be matched and each of the multiple feature amounts on the registration side.
  • the similarity can be calculated using chi-square distance, Euclidean distance, or the like. Note that the greater the distance, the lower the similarity, and the closer the distance, the higher the similarity.
  • the authentication unit 304 sets the authentication result to "authentication failed.”
  • the authentication unit 304 identifies the entry (user) having the most similar feature (registered authentication information) from among the multiple entries registered in the user management database.
  • the authentication unit 304 authenticates the person to be authenticated using the business information of the identified user.
  • the authentication unit 304 of the user's workplace will determine that the authentication is successful if the user identified by the matching process is an employee of the company and has the right to enter the office.
  • the authentication unit 304 will determine that the authentication is unsuccessful if the identified user is an employee of the company but is not qualified to enter the location where the authentication terminal 30 is installed.
  • the authentication unit 304 sends the authentication result (authentication successful, authentication failed) to the authentication terminal 30.
  • the memory unit 305 is a means for storing information necessary for the operation of the service server 20.
  • service providers belonging to the first type will continue to store the business information used to authenticate users.
  • the service server 20 will continue to store the business information until an employee retires or a resident moves out.
  • the service server 20 may delete the business information when an employee retires, etc.
  • FIG. 14 is a diagram showing an example of a processing configuration (processing module) of the authentication terminal 30 according to the first embodiment.
  • the authentication terminal 30 includes a communication control unit 401, a biometric information acquisition unit 402, an authentication request unit 403, a function realization unit 404, and a storage unit 405.
  • the communication control unit 401 is a means for controlling communication with other devices. For example, the communication control unit 401 receives data (packets) from the service server 20. The communication control unit 401 also transmits data to the service server 20. The communication control unit 401 passes data received from other devices to other processing modules. The communication control unit 401 transmits data acquired from other processing modules to other devices. In this way, the other processing modules transmit and receive data to and from other devices via the communication control unit 401.
  • the communication control unit 401 has a function as a receiving unit that receives data from other devices and a function as a transmitting unit that transmits data to other devices.
  • the biometric information acquisition unit 402 is a means for controlling the camera and acquiring biometric information (e.g., a facial image) of the person to be authenticated.
  • the biometric information acquisition unit 402 captures an image of the area in front of the device periodically or at a specified timing.
  • the biometric information acquisition unit 402 determines whether the acquired image contains a human facial image, and if a facial image is included, extracts the facial image from the acquired image data.
  • the biometric information acquisition unit 402 may extract a facial image (face area) from image data using a learning model trained by a CNN (Convolutional Neural Network).
  • the biometric information acquisition unit 402 may extract a facial image using a method such as template matching.
  • the biometric information acquisition unit 402 passes the extracted facial image to the authentication request unit 403.
  • the authentication request unit 403 is a means for requesting authentication of the person to be authenticated from the service server 20. When authentication of the person to be authenticated becomes necessary, the authentication request unit 403 transmits an authentication request including biometric information of the person to be authenticated (the user in front of the authentication terminal 30) to the service server 20.
  • the authentication request unit 403 receives the authentication result (authentication successful, authentication failed) from the service server 20.
  • the authentication request unit 403 passes the received authentication result to the function realization unit 404.
  • the function realization unit 404 is a means for realizing the functions assigned to the authentication terminal 30. For example, when the function realization unit 404 of the authentication terminal 30 installed at the user's workplace receives a successful authentication, it opens the gate and allows the authenticated person to enter.
  • the memory unit 405 is a means for storing information necessary for the operation of the authentication terminal 30.
  • FIG. 15 is a diagram showing an example of a processing configuration (processing module) of the terminal 40 according to the first embodiment.
  • the terminal 40 includes a communication control unit 501, an account creation control unit 502, an original information acquisition unit 503, a service selection unit 504, and a storage unit 505.
  • the communication control unit 501 is a means for controlling communication with other devices. For example, the communication control unit 501 receives data (packets) from the control server 10. The communication control unit 501 also transmits data to the control server 10. The communication control unit 501 passes data received from other devices to other processing modules. The communication control unit 501 transmits data acquired from other processing modules to other devices. In this way, the other processing modules transmit and receive data to and from other devices via the communication control unit 501.
  • the communication control unit 501 has a function as a receiving unit that receives data from other devices and a function as a transmitting unit that transmits data to other devices.
  • the account creation control unit 502 is a means for controlling the creation of an account by a user.
  • the account creation control unit 502 accesses a specific web page or the like provided by the control server 10 in response to a user's operation.
  • the account creation control unit 502 inputs login information, name, date of birth, etc. into the web page in response to user operations.
  • the original information acquisition unit 503 is a means for acquiring the biometric information of the user (original biometric information).
  • the original information acquisition unit 503 displays a GUI or the like for acquiring the original biometric information (e.g., a facial image) in response to the user's operation.
  • the original information acquisition unit 503 acquires the original biometric information using a GUI such as that shown in FIG. 16.
  • the original information acquisition unit 503 stores the acquired original biometric information (e.g., a facial image) in the storage unit 505. At that time, the original information acquisition unit 503 may encrypt, code, etc. the acquired original biometric information and store the encrypted original biometric information in the storage unit 505. That is, the terminal 40 held by the user may hold the encrypted original biometric information.
  • the encrypted original biometric information may be decrypted when the original biometric information is transmitted to the control server 10.
  • information for decrypting the encrypted original biometric information e.g., a common key
  • the control server 10 may decrypt the encrypted original biometric information.
  • the terminal 40 does not delete the original biometric information (e.g., a facial image) of the user. In other words, the terminal 40 does not delete the original biometric information stored in the storage unit 505 unless there is a clear instruction from the user.
  • the original biometric information e.g., a facial image
  • the service selection unit 504 is a means for enabling the user to select a biometric authentication service.
  • the service selection unit 504 logs in to a portal site provided by the control server 10 in response to the user's operation.
  • the service selection unit 504 transmits to the control server 10 information on the service provider selected by the user using a GUI provided by the control server 10.
  • the service selection unit 504 receives a request to provide the original from the control server 10. Upon receiving the request, the service selection unit 504 transmits the original biometric information stored in the storage unit 505 to the control server 10.
  • the memory unit 505 is a means for storing information necessary for the operation of the terminal 40.
  • FIG. 17 is a sequence diagram showing an example of the operation of the authentication system according to the first embodiment.
  • the terminal 40 transmits information about the service selected by the user (information about the service provider from which the user wishes to receive biometric authentication services) to the control server 10 (transmitting service information; step S10).
  • control server 10 sends a request to provide the original to the user's terminal 40 (step S11).
  • the terminal 40 transmits the original biometric information (e.g., a facial image) to the control server 10 (step S12).
  • the original biometric information e.g., a facial image
  • the control server 10 sends a user registration request including the system ID, the acquired original biometric information, and the personal identification information to the service server 20 of the service provider selected by the user (step S13).
  • the service server 20 generates authentication information for registration (registered authentication information) from the acquired original biometric information (step S14).
  • the generated registered authentication information is registered in the user management database.
  • the management code input by the user is used to identify a service provider selected by the user from among a plurality of service providers.
  • the management code may also be used as information on whether or not the user is qualified to select a service provider.
  • the management code may be used as proof that the user is qualified to register a service provider (such as an employer or an apartment management company).
  • control server 10 displays a list of workplaces, etc. that have contracts with the authentication center on the terminal 40.
  • the control server 10 prompts the user to enter the management code of the workplace, etc.
  • the control server 10 determines that the user is eligible to receive services from the service provider. On the other hand, if the management code of the service provider selected by the user does not match the management code entered by the user, the control server 10 determines that the user is not eligible to receive services from the service provider. If the user is eligible to receive services from the service provider, the control server 10 accepts the user registration (selection of a service provider) for that user. In this way, when the user selects a service provider from which he or she wants to receive services, the service selection control unit 204 requests the user to input a first management code. If the first management code entered by the user matches the predetermined second management code corresponding to the service provider selected by the user, the service selection control unit 204 accepts the user's selection of a service provider.
  • control server 10 determines that the user is qualified to register as a user for workplace A. In this way, the control server 10 can also use the management code as a password. By using the management code as a password, the control server 10 can prevent users who are not related to the service provider from registering as users.
  • the control server 10 performs control for a first type service provider to acquire original biometric information that is the original of authentication information used for biometric authentication.
  • a first type service provider is a service provider that does not have an account for managing customers and repeatedly uses business information for providing services to customers.
  • the control server 10 transmits personal identification information (e.g., name) along with the original biometric information of the user to the service server 20 of the service provider.
  • the service server 20 identifies the user using the personal identification information, and stores the registered authentication information and business information of the identified user in association with each other. Completion of the association enables the service provider to provide the user with a service using biometric authentication.
  • the original biometric information (e.g., a facial image) required for biometric authentication is stored in the user's terminal 40.
  • the user selects a service provider, and then the original biometric information stored in the terminal 40 is provided to the selected service provider (the service provider that requires the registered authentication information).
  • the user registers his/her own biometric information (e.g., a facial image) in the terminal 40, the user can enjoy each service without registering biometric information for each service (various service providing locations).
  • the user can use the facial authentication service in various locations (services) using the facial image without registering the face again.
  • the biometric information can be applied to various solutions using biometric authentication.
  • the above configuration solves various problems that arise when a service provider provides a biometric authentication service.
  • the service provider had to have the user register a face image for each service provision location (service).
  • the user only needs to register the face once, and the burden on the service provider in encouraging the user to register the face is significantly reduced.
  • the service provider does not need to hold the original biometric information (face image), which reduces the burden on the service provider against information leakage, etc.
  • face recognition algorithms it is no longer necessary to possess face images corresponding to each face recognition algorithm, which reduces the business risk of the service provider.
  • the authentication center stores the original biometric information, which allows the service provider to change the face recognition engine employed in-house or to newly adopt a face recognition engine suitable for the service provided.
  • the service provider is not limited to a face recognition engine of a specific vendor, but can adopt face recognition engines of various vendors suitable for the application.
  • the service provider can avoid the business risk of being overly dependent on one vendor (one face recognition engine).
  • service providers who participate in the authentication system disclosed in this application can easily support multiple vendors.
  • biometric authentication services with peace of mind.
  • the configuration of the authentication system according to the second embodiment can be the same as that of the first embodiment, and therefore the explanation corresponding to FIG. 3 will be omitted.
  • the processing configuration of the control server 10 and the like according to the second embodiment can also be the same as that of the first embodiment, and therefore the explanation thereof will be omitted.
  • service providers belonging to the second type for example, amusement park management companies, concert and other event companies
  • Event companies store information about tickets purchased by users on ticket sales sites, etc. as business information, and use that business information to authenticate users.
  • the user operates the terminal 40 to access a ticket sales site and purchases the desired ticket on the ticket sales site. Specifically, as shown in FIG. 18, the user operates the terminal 40 to access the ticket management server 50 and purchases a ticket.
  • the terminal 40 obtains information about the purchased ticket. For example, the terminal 40 obtains an ID (ticket ID) for uniquely identifying the purchased ticket from the ticket management server 50.
  • the user selects a service provider belonging to the second type in a GUI such as that shown in FIG. 9.
  • the user selects an event company that operates amusement parks, theme parks, etc. That is, the user operates the terminal 40 to access the control server 10 and selects the service provider for which the user is to be registered.
  • the control server 10 acquires an administration code that specifies the service provider from the user as necessary.
  • the control server 10 determines the type of the selected service provider based on the business ID of the selected service provider. In this case, a service provider belonging to the second type is selected.
  • the business information of a service provider belonging to the second type includes information on the business information required by the service provider. In the above example, the business information includes information that ticket information (ticket ID) is required.
  • the user registration control unit 205 of the control server 10 acquires the business information required by the service provider. For example, the user registration control unit 205 acquires the ticket ID by displaying a GUI such as that shown in FIG. 19 on the terminal 40.
  • the user registration control unit 205 acquires the original biometric information from the user's terminal 40 by sending an original provision request to the terminal 40, as in the first embodiment (steps S21 and S22 in FIG. 18).
  • the user registration control unit 205 After acquiring the original biometric information, the user registration control unit 205 sends a user registration request including the system ID, the acquired ticket ID (business information), and the original biometric information to the service server 20 of the service provider selected by the user (step S23).
  • the user registration control unit 303 of the service server 20 generates registration authentication information from the acquired biometric information.
  • the user registration control unit 303 also adds a new entry to the user management database, and stores the system ID, registration authentication information, and business information (ticket ID) in the added entry.
  • the service server 20 processes the authentication request received from the authentication terminal 30. Specifically, the authentication unit 304 of the service server 20 transmits the ticket ID of the person to be authenticated identified by the matching process to the ticket management server 50 of the ticket sales site (see FIG. 20).
  • the ticket management server 50 determines the validity of the acquired ticket ID. Specifically, the ticket management server 50 determines the validity of the ticket based on the location, date and time of the event, etc., of the ticket specified by the ticket ID. The ticket management server 50 transmits the determination result to the service server 20. The authentication unit 304 determines that the authentication is successful if the ticket is valid. The authentication unit 304 determines that the authentication is unsuccessful if the ticket is invalid.
  • service providers belonging to the second type will delete the business information used to authenticate the user.
  • the business information used by service providers belonging to the second type (business information necessary for the service provider to provide a service to the customer; for example, a ticket ID) is information that is essentially used once during biometric authentication. For example, once a ticket purchaser enters an event venue, the ticket purchaser will not be judged as having been successfully authenticated again, and so the corresponding business information is deleted.
  • the service server 20 may delete the corresponding business information after the event ends (a specified time after the event is scheduled to end).
  • tickets for amusement parks, concerts, etc. can also be processed in the same way.
  • tickets covered by this disclosure include not only tickets that are limited to one-time use, but also tickets that are used multiple times.
  • tickets with a validity period such as round-trip tickets (for example, tickets that allow unlimited use of public transport for a specified period of time) and commuter passes, are also covered by this disclosure.
  • control server 10 of the second embodiment transmits to the service server 20, in addition to the system ID and the original biometric information, business information (such as a ticket ID) required for a service provider selected by a user to provide the user with a service using biometric authentication.
  • business information such as a ticket ID
  • a service provider belonging to the second type can obtain business information (e.g., a ticket ID) required to authenticate the user.
  • the configuration of the authentication system according to the third embodiment can be the same as that of the first embodiment, and therefore the explanation corresponding to FIG. 3 will be omitted.
  • the processing configuration of the control server 10 and the like according to the third embodiment can also be the same as that of the first embodiment, and therefore the explanation thereof will be omitted.
  • the user selects a service provider belonging to the third type in a GUI such as that shown in FIG. 9.
  • a service provider belonging to the third type for example, the user selects a retail store such as a convenience store.
  • a user who wishes to use biometric authentication payment at a convenience store is a member of the convenience store and already has an account.
  • payment information for payment is stored as business information in the convenience store's account.
  • Payment information includes information on any payment method, such as information on credit cards, information on the amount charged to a transportation IC (Integrated Circuit) card, and information for code payment using a two-dimensional barcode.
  • the control server 10 enables users to use biometric authentication payment by executing control over user registration for retail stores such as convenience stores.
  • the control server 10 links the account of the service provider selected by the user with the account of the authentication system.
  • the user operates the terminal 40 to access the control server 10 and select the service provider for which the user is to be registered (account linkage) (step S31 in FIG. 21).
  • the control server 10 determines the type of the selected service provider based on the business ID of the selected service provider. In this example, a service provider belonging to the third type is selected.
  • the user registration control unit 205 of the control server 10 sends a URL (Uniform Resource Locator) for logging in to the account of the selected service provider to the terminal 40 (step S32).
  • a URL Uniform Resource Locator
  • the URL sent to the terminal 40 is a redirect URL for connecting the terminal 40 to the service provider's login page, and the user's system ID is embedded in the redirect URL.
  • the redirect URL is provided to the control server 10 in advance as business information.
  • the user registration control unit 205 embeds the system ID (an ID used by the control server 10 to manage users) in the redirect URL stored as business information, and sends the redirect URL to the terminal 40.
  • the terminal 40 When the terminal 40 receives the redirect URL, it accesses the service provider's login page according to the URL. At that time, since the redirect URL contains the system ID, the user registration control unit 303 of the service server 20 can obtain the user's system ID.
  • the user operates the terminal 40 to input login information (login information for logging in to the service provider's account) on the service provider's login page (step S33).
  • login information login information for logging in to the service provider's account
  • the user registration control unit 303 of the service server 20 searches the user management database using the acquired login information (user ID) as a key to identify the corresponding user.
  • the user registration control unit 303 stores the system ID acquired from the redirect URL in the entry for the identified user.
  • the user registration control unit 303 stores the user ID managed by the company (service provider) in association with the system ID used by the authentication system to manage users.
  • the user registration control unit 303 associates the individual ID of the user who logs in to the portal site according to the redirect URL with the system ID and stores them (links the IDs).
  • the user registration control unit 303 may notify the control server 10 of the user's system ID. For example, the user registration control unit 303 may send a "user registration completion notification" including the system ID to the control server 10 (step S34). Upon receiving the user registration completion notification, the user registration control unit 205 of the control server 10 may notify the user that user registration is complete.
  • control server 10 may notify the completion of user registration by checking the icon of the service provider whose user registration has been completed on a screen such as that shown in FIG. 9.
  • the user registration control unit 303 of the service server 20 sends a "biometric information provision request" including the user's system ID to the control server 10 (step S35 in FIG. 22).
  • the user registration control unit 205 of the control server 10 searches the account management database using the system ID included in the biometric information provision request as a key to identify the corresponding user.
  • the user registration control unit 205 then transmits a "request to provide original" to the terminal 40 of the identified user (step S36).
  • the terminal 40 transmits the user's original biometric information (e.g., a facial image) to the control server 10 (step S37).
  • the user's original biometric information e.g., a facial image
  • the user registration control unit 205 transmits the acquired original biometric information (e.g., a facial image) to the service server 20. Specifically, when the original biometric information is acquired from the terminal 40, the user registration control unit 205 transmits a positive response including the acquired original biometric information to the service server 20 (step S38). Note that when the original biometric information cannot be acquired from the terminal 40, the user registration control unit 205 transmits a negative response to the service server 20 in response to the biometric information provision request.
  • the acquired original biometric information e.g., a facial image
  • the user registration control unit 303 of the service server 20 generates registration authentication information from the acquired original biometric information and stores it in the user management database.
  • the user registration control unit 303 associates the system ID, individual ID (login information), registration authentication information, and business information (e.g., credit card information) and stores them in the user management database.
  • the authentication terminal 30 When a user purchases a product at a retail store, the authentication terminal 30 sends an authentication request including the biometric information of the product purchaser and payment information (purchase price) to the service server 20 (see Figure 23).
  • the service server 20 identifies the person to be authenticated (product purchaser) through a matching process using the acquired biometric information.
  • the service server 20 performs payment processing using the credit card information and payment information of the identified authenticated person. Specifically, the service server 20 requests the payment server 60 of the credit card company to settle the product price by sending the credit card information and payment information to said payment server 60. The payment server 60 notifies the service server 20 of the result of the payment processing. Note that the configuration and operation of the payment server 60 are different from the spirit of the disclosure of this application and are obvious to those skilled in the art, so a detailed explanation will be omitted.
  • the service server 20 If the service server 20 is notified that the payment is successful, it determines that the authentication is successful. If the service server 20 is notified that the payment is unsuccessful, it determines that the authentication is unsuccessful. The service server 20 notifies the authentication terminal 30 of the authentication result.
  • service providers belonging to the third type repeatedly use business information (e.g., credit card information) required to authenticate a user. Therefore, even if the service server 20 successfully authenticates a user, it does not delete the business information but continues to store it.
  • business information e.g., credit card information
  • FIG. 24 is a sequence diagram showing an example of the operation of the authentication system according to the third embodiment. The operation of the authentication system according to the third embodiment will be described with reference to Fig. 24 .
  • the terminal 40 selects a service provider in response to the user's operation (step S41).
  • control server 10 sends a redirect URL to the terminal 40 (step S42).
  • the terminal 40 accesses the login page indicated by the redirect URL and logs in to the portal site (step S43). At that time, the service server 20 obtains the system ID embedded in the redirect URL.
  • the service server 20 identifies the user using the login information (an individual ID used by the service provider to manage the user) and transmits a request for provision of biometric information regarding the identified user to the control server 10 (step S44).
  • the control server 10 sends a request to provide the original to the user's terminal 40 (step S45).
  • the terminal 40 transmits the original biometric information (e.g., a facial image) to the control server 10 (step S46).
  • the original biometric information e.g., a facial image
  • the control server 10 transmits the acquired original biometric information to the service server 20 (step S47).
  • the service server 20 generates registered authentication information (e.g., features) from the acquired original biometric information (e.g., a facial image) and stores the registered authentication information in the user management database (step S48).
  • registered authentication information e.g., features
  • the acquired original biometric information e.g., a facial image
  • the service server 20 may transmit a "user registration completion notification" to the control server 10 after the account linking (association of an individual ID with a system ID) is completed.
  • the service server 20 may transmit the user registration completion notification to the control server 10 after registering the user's registration authentication information in the user management database.
  • the control server 10 performs control for a service provider belonging to the third type to acquire original biometric information that is the original of authentication information used for biometric authentication.
  • a service provider belonging to the third type is a service provider selected by a user, has an account for managing customers, and repeatedly uses business information required for providing services to customers during biometric authentication.
  • the control server 10 transmits information for logging in to the account of the service provider selected by the user to the terminal 40 of the user.
  • the control server 10 requests the terminal 40 to provide original biometric information that is the original of authentication information used for biometric authentication, thereby acquiring original biometric information from the terminal 40.
  • the control server 10 transmits the acquired original biometric information to the service server 20.
  • a service provider belonging to the third type has an account (portal site) for managing users and uses an individual ID to manage the user.
  • account linkage, ID linkage When registering a user (account linkage, ID linkage), the user logs in to the portal site according to a redirect URL in which a system ID is embedded, and the service server 20 can obtain the user's system ID and individual ID at the same time.
  • the service server 20 can identify the user using the individual ID without using personal identification information, so that more reliable user registration can be realized. That is, although the possibility of duplication of personal identification information (e.g., name) cannot be eliminated, the individual ID is an ID issued by the service server 20 to each user, so there is no possibility of duplication (the possibility of duplication is extremely low).
  • the service server 20 can realize reliable account linkage (ID linkage) by identifying the user using the individual ID.
  • ID linkage reliable account linkage
  • the information transmitted to the service server 20 via the control server 10 is limited to the original biometric information, and personal identification information is not transmitted to the service server 20 via the control server 10.
  • information for identifying an individual is transmitted from the terminal 40 that has acquired the redirect URL to the service server 20. In this way, personal information identification information is not transmitted from the control server 10 to the service server 20, improving the security of the system.
  • the configuration of the authentication system according to the fourth embodiment can be the same as that of the first embodiment, and therefore the explanation corresponding to FIG. 3 will be omitted.
  • the processing configuration of the control server 10 and the like according to the fourth embodiment can also be the same as that of the first embodiment, and therefore the explanation thereof will be omitted.
  • the basic operation of the system according to the fourth embodiment can be the same as that of the system according to the third embodiment. Specifically, when a service provider belonging to the fourth type is selected, each device included in the authentication system performs the operation shown in FIG. 21.
  • the user provides the service provider with the business information required to receive the service (step S51 in FIG. 25). For example, the user purchases tickets for movies, concerts, amusement parks, airline tickets, train tickets, etc., on the portal site of the service provider to which the user has logged in.
  • the provision of business information may be performed as part of the process of logging in to the service provider's portal site when registering as a user.
  • the user may log out of the portal site.
  • the user may then log in to the portal site again at a later date to purchase tickets.
  • the user may operate terminal 40 to directly access (log in to) the portal site.
  • the service server 20 stores information about tickets purchased by users.
  • the business information management unit 302 of the service server 20 stores the business information (ticket information) provided by users in a user management database.
  • the user registration control unit 303 of the service server 20 accesses the user management database periodically or at a specified timing, and references the business information (ticket information) of each user.
  • the user registration control unit 303 requests the control server 10 to provide biometric information a specified time before the referenced business information (ticket information) becomes valid (a specified time before the referenced business information is used in authentication processing).
  • the user registration control unit 303 sends a "biometric information provision request" including the system ID of the user (a user who may use the ticket after a specified time) to the control server 10 (step S52).
  • the control server 10 that has received the biometric information provision request transmits an original provision request to the terminal 40 to obtain the original biometric information (e.g., a facial image) (steps S53 and S54).
  • the control server 10 transmits the obtained original biometric information to the service server 20 (step S55).
  • the terminal 40 may notify the user of the fact that the original biometric information has been sent to the control server 10 by using a pop-up notification or the like (see FIG. 26).
  • the authentication unit 304 of the service server 20 determines the authentication result depending on whether the ticket of the user identified by the matching process is valid or not.
  • the authentication terminal 30 allows users who are determined to have been successfully authenticated (users who possess a valid ticket) to pass through the gate.
  • the authentication terminal 30 denies users who are determined to have failed authentication (users who do not possess a valid ticket) from passing through the gate.
  • the service provider belonging to the fourth type will, in principle, delete the business information used to authenticate the user.
  • the service server 20 according to the fourth embodiment will leave the user's account (system ID, individual ID, registered authentication information) instead of deleting it.
  • system ID system ID
  • individual ID registered authentication information
  • the control server 10 performs control for the service provider belonging to the fourth type to acquire original biometric information that is the original of the authentication information used for biometric authentication.
  • the service provider belonging to the fourth type is a service provider selected by a user, has an account for managing customers, and is a service provider that uses business information required to provide a service to a customer substantially once during biometric authentication.
  • the control server 10 transmits information for logging in to the account of the service provider selected by the user to the terminal 40 of the user.
  • the control server 10 In response to receiving a biometric information provision request from the service server 20 that manages the user's account, the control server 10 requests the terminal 40 to provide original biometric information that is the original of the authentication information used for biometric authentication, thereby acquiring the original biometric information from the terminal 40.
  • the control server 10 transmits the acquired original biometric information to the service server 20.
  • reliable user registration (account linkage, ID linkage) is realized even for the service provider belonging to the fourth type. That is, in the fourth embodiment, as in the third embodiment, the information transmitted to the service server 20 via the control server 10 is limited to the original biometric information, and no personal identification information is transmitted to the service server 20 via the control server 10.
  • information for identifying an individual is transmitted to the service server 20 from the terminal 40 that has acquired the redirect URL. In this way, personal information identification information is not transmitted from the control server 10 to the service server 20, improving the security strength of the system.
  • Figure 27 is a diagram showing an example of the hardware configuration of the control server 10.
  • the control server 10 can be configured by an information processing device (so-called a computer), and has the configuration shown in FIG. 27.
  • the control server 10 has a processor 311, a memory 312, an input/output interface 313, and a communication interface 314.
  • the components such as the processor 311 are connected by an internal bus or the like, and are configured to be able to communicate with each other.
  • control server 10 may include hardware not shown, and may not include an input/output interface 313 as necessary.
  • number of processors 311 and the like included in the control server 10 is not intended to be limited to the example shown in FIG. 27, and for example, the control server 10 may include multiple processors 311.
  • the processor 311 is, for example, a programmable device such as a CPU (Central Processing Unit), an MPU (Micro Processing Unit), or a DSP (Digital Signal Processor). Alternatively, the processor 311 may be a device such as an FPGA (Field Programmable Gate Array) or an ASIC (Application Specific Integrated Circuit). The processor 311 executes various programs including an operating system (OS).
  • OS operating system
  • Memory 312 may be a RAM (Random Access Memory), a ROM (Read Only Memory), a HDD (Hard Disk Drive), a SSD (Solid State Drive), etc. Memory 312 stores the OS program, application programs, and various data.
  • RAM Random Access Memory
  • ROM Read Only Memory
  • HDD Hard Disk Drive
  • SSD Solid State Drive
  • the input/output interface 313 is an interface for a display device and an input device (not shown).
  • the display device is, for example, a liquid crystal display.
  • the input device is, for example, a device that accepts user operations such as a keyboard or a mouse.
  • the communication interface 314 is a circuit, module, etc. that communicates with other devices.
  • the communication interface 314 includes a NIC (Network Interface Card), etc.
  • the functions of the control server 10 are realized by various processing modules.
  • the processing modules are realized, for example, by the processor 311 executing a program stored in the memory 312.
  • the program can be recorded on a computer-readable storage medium.
  • the storage medium can be a non-transitory medium such as a semiconductor memory, a hard disk, a magnetic recording medium, or an optical recording medium.
  • the present invention can also be embodied as a computer program product.
  • the program can be downloaded via a network, or updated using a storage medium that stores the program.
  • the processing modules may also be realized by a semiconductor chip.
  • the service server 20, authentication terminal 30, terminal 40, etc. can also be configured using information processing devices, just like the control server 10, and their basic hardware configurations are no different from those of the control server 10, so a description of them will be omitted.
  • the authentication terminal 30 may be equipped with a camera device for photographing the person to be authenticated.
  • the control server 10 which is an information processing device, is equipped with a computer, and the functions of the control server 10 can be realized by having the computer execute a program.
  • the control server 10 also executes the control method of the control server 10 by the program.
  • the terminal 40 which is an information processing device, is equipped with a computer, and the functions of the terminal 40 can be realized by having the computer execute a program.
  • the terminal 40 also executes the control method of the terminal 40 by the program.
  • the operation of the authentication system has been described using a person's "face" as an example of biometric information.
  • the authentication system disclosed in this application can also use other types of biometric information.
  • data comprising physical characteristics unique to an individual, such as a fingerprint, voiceprint, veins, retina, or iris pattern, may be used.
  • the user's biometric information may be anything that includes the user's physical characteristics as information.
  • the user's terminal 40 may obtain consent from the user to send the original biometric information (e.g., a facial image) to the service provider each time it receives a request to provide the original from the control server 10. Specifically, upon receiving a request to provide the original, the service selection unit 504 of the terminal 40 obtains whether or not the original biometric information (e.g., a facial image) can be provided using a GUI such as that shown in FIG. 28. Upon obtaining consent from the user to provide the original biometric information, the service selection unit 504 transmits the original biometric information stored therein to the control server 10.
  • the original biometric information e.g., a facial image
  • the service server 20 generates authentication information (feature amounts) corresponding to the authentication engine employed by the service provider.
  • the generation of the authentication information (feature amounts) may also be performed by the control server 10.
  • the control server 10 stores information on the authentication engine employed by the service provider as part of the business information.
  • the control server 10 may generate registration authentication information (feature amounts) that matches the above authentication engine from the original biometric information acquired from the terminal 40, and transmit a user registration request including the generated registration authentication information to the control server 10.
  • the service server 20 or the control server 10 may transmit the original biometric information to a server (feature generation server 70) specialized in generating features as shown in FIG. 29 or FIG. 30, and obtain the registered authentication information from the server.
  • a server feature generation server 70
  • the control server 10 or the service server 20 transmits the original biometric information (e.g., a face image) to the feature generation server 70
  • information on the authentication engine adopted by the service provider may also be transmitted to the feature generation server 70.
  • the feature generation server 70 may generate registered authentication information (e.g., features) that are compatible with the authentication engine (authentication algorithm) specified by the control server 10 or the service server 20, and return it to the control server 10 or the service server 20.
  • the registered authentication information (feature) may be generated on either the cloud side (control server 10 side) or the edge side (service server 20 side).
  • control server 10 identifies the service provider for user registration using the management code of the user's workplace, etc.
  • control server 10 may identify the service provider for user registration using other methods.
  • the control server 10 may provide an interface for selecting the service provider for user registration from search results using company names, etc., or may display a list of service providers in alphabetical order on the terminal 40.
  • a user may register information about visitors (guests) to the office in the system.
  • the employee operates the terminal 40 to access the control server 10 and performs the guest registration procedure.
  • the control server 10 acquires the guest's name, affiliation, contact information, etc. from the employee.
  • the control server 10 sends a facial image registration request to the acquired contact information (guest's terminal).
  • the control server 10 sends a facial image registration request including a URL.
  • the guest clicks on the URL the guest's terminal accesses the control server 10.
  • the control server 10 acquires the guest's facial image and sends it to the office service server 20.
  • the service server 20 in the office may control the behavior of the guest through biometric authentication. For example, when a guest enters a conference room, the service server 20 may use biometric authentication to determine whether or not the guest may enter. Alternatively, the service server 20 may control the guest's use of drinks, etc. through biometric authentication. For example, the service server 20 may perform control such that a vending machine in the office provides the guest with a free drink only once.
  • the user may create an account on the login page to which the user is redirected using the redirect URL.
  • the service server 20 may display account creation instructions for new customers on the login page.
  • the control server 10 may verify the identity of the user when creating an account. Specifically, the control server 10 acquires the user's login information, etc., as well as an identification document (e.g., a passport, driver's license, etc.) bearing biometric information and the biometric information. The control server 10 performs a one-to-one match using the biometric information on the identification document and the biometric information acquired from the user. If the match is successful, the control server 10 may perform user registration (system registration) of the user whose identity has been successfully verified.
  • system registration system registration
  • the account management database is configured inside the control server 10
  • the database may also be constructed in an external database server or the like.
  • some of the functions of the control server 10 may be implemented in another server.
  • the above-described “service selection control unit (service selection control means)” and the like may be implemented in any of the devices included in the system.
  • control server 10, service server 20, authentication terminal 30 The form of data transmission and reception between each device (control server 10, service server 20, authentication terminal 30) is not particularly limited, but data transmitted and received between these devices may be encrypted. Biometric information and the like is transmitted and received between these devices, and in order to appropriately protect this information, it is desirable to transmit and receive encrypted data.
  • each embodiment may be used alone or in combination.
  • [Appendix 1] a service selection control means for enabling a user to select a service provider from which the user wishes to receive a service from among a plurality of service providers that provide services using biometric authentication; a user registration control means for controlling the service provider selected by the user, the service provider having an account for managing customers and using business information required for providing a service to the customer when performing biometric authentication, to acquire original biometric information that is an original of authentication information used for biometric authentication;
  • a server device comprising: [Appendix 2] The user registration control means Transmitting to the user's terminal information for logging in to an account of a service provider selected by the user; In response to receiving a biometric information provision request from a server that manages an account of the user, request the terminal to provide original biometric information that is an original of authentication information used for biometric authentication, thereby acquiring the original biometric information from the terminal; 2.
  • the server device further comprising: a server device configured to transmit the acquired original biometric information to the server.
  • a server device configured to transmit the acquired original biometric information to the server.
  • the server device described in Appendix 2 wherein the user registration control means sends a redirect Uniform Resource Locator (URL) embedded with a system ID for managing the user on the device to the terminal as information for the user to log in to an account.
  • URL Uniform Resource Locator
  • the user registration control means receives the biometric information provision request from the server after the server acquires the business information from the user.
  • the business information is information related to a ticket.
  • Appendix 6 6.
  • the server device according to claim 5, wherein the ticket is a one-time use ticket or a multiple-use ticket.
  • Appendix 7 The server device according to claim 6, wherein the ticket that can be used multiple times is either a round-trip ticket or a commuter pass.
  • Appendix 8 8. The server device according to claim 1, wherein the original biometric information is a face image.
  • a system that enables a user to select a service provider from among a plurality of service providers that provide services using biometric authentication,
  • a control method for a server device in which a service provider selected by the user, which has an account for managing customers and uses business information necessary for providing services to the customer during biometric authentication, performs control to obtain original biometric information that is the original of authentication information to be used for biometric authentication.
  • Appendix 11 A computer installed in the server device A process for enabling a user to select a service provider from which the user wishes to receive a service from among a plurality of service providers that provide services using biometric authentication; a process of controlling a service provider selected by the user, the service provider having an account for managing customers and using business information required for providing a service to the customer when performing biometric authentication, to acquire original biometric information that is an original of authentication information to be used for biometric authentication; A computer-readable storage medium that stores a program for executing the above.
  • Control server 20 Service server 30 Authentication terminal 40 Terminal 50 Ticket management server 60 Payment server 70 Feature quantity generation server 100 Server device 101 Service selection control means 102 User registration control means 201 Communication control unit 202 Account management unit 203 Business management unit 204 Service selection control unit 205 User registration control unit 206 Storage unit 301 Communication control unit 302 Business information management unit 303 User registration control unit 304 Authentication unit 305 Storage unit 311 Processor 312 Memory 313 Input/output interface 314 Communication interface 401 Communication control unit 402 Biometric information acquisition unit 403 Authentication request unit 404 Function realization unit 405 Storage unit 501 Communication control unit 502 Account generation control unit 503 Original information acquisition unit 504 Service selection unit 505 Storage unit

Landscapes

  • Business, Economics & Management (AREA)
  • Tourism & Hospitality (AREA)
  • Health & Medical Sciences (AREA)
  • Economics (AREA)
  • General Health & Medical Sciences (AREA)
  • Human Resources & Organizations (AREA)
  • Marketing (AREA)
  • Primary Health Care (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

Provided is a server device that achieves registration of biological information that is appropriate for the type of service provider. This server device comprises a service selection control means and a user registration control means. The service selection control means makes it possible for a user to select a service provider from whom the user wishes to receive the provision of a service, from among a plurality of service providers providing services in which biometric authentication is used. The user registration control means performs a control in order for the service provider that was selected by the user to acquire original biological information that will serve as the original for authentication information to be used in biometric authentication, said service provider having accounts for managing customers, and using, at the time of biometric authentication, business information that is necessary in order to provide a service to a customer.

Description

サーバ装置、システム、サーバ装置の制御方法及び記憶媒体Server device, system, server device control method and storage medium
 本発明は、サーバ装置、システム、サーバ装置の制御方法及び記憶媒体に関する。 The present invention relates to a server device, a system, a method for controlling a server device, and a storage medium.
 生体認証に関する技術が存在する。 Biometric authentication technology exists.
 例えば、特許文献1には、入場者がイベント会場に入場する際の待ち時間を短くする、と記載されている。特許文献1の携帯端末は、第1判定部と、第2判定部と、認証情報取得部と、認証処理部と、を備える。第1判定部は、自身の位置がイベントの開催場所に対応する位置であるかを判定する。第2判定部は、現在時刻がイベントの開催時間に対応する時刻であるかを判定する。認証情報取得部は、第1判定部が、自身の位置が開催場所に対応する位置であると判定するとともに、第2判定部が、現在時刻が開催時間に対応する時刻であると判定すると、認証に用いられる顔情報を取得する。認証処理部は、認証情報取得部が取得した顔情報に基づいて認証に関する処理を行う。 For example, Patent Document 1 describes a method for shortening waiting time for visitors entering an event venue. The mobile terminal of Patent Document 1 includes a first determination unit, a second determination unit, an authentication information acquisition unit, and an authentication processing unit. The first determination unit determines whether the mobile terminal's own location corresponds to the location where the event is being held. The second determination unit determines whether the current time corresponds to the time when the event is being held. The authentication information acquisition unit acquires facial information to be used for authentication when the first determination unit determines that the mobile terminal's own location corresponds to the location where the event is being held and the second determination unit determines that the current time corresponds to the time when the event is being held. The authentication processing unit performs processing related to authentication based on the facial information acquired by the authentication information acquisition unit.
 特許文献2には、チケットを利用する顧客の利便性の向上を図る、と記載されている。特許文献2の認証システムは、顧客端末と、認証装置と、情報処理装置と、を含む。情報処理装置は、制御部と記憶部とを備える。記憶部は、顧客端末から受信した個人情報および生体情報を記憶する。制御部は、顧客端末からチケット購入要求とともに生体情報と興行情報とを受信する。制御部は、記憶部に記憶した生体情報とチケット購入要求とともに受信した生体情報とを比較し生体認証を許可した場合、チケット購入要求に対応するチケット購入許可通知を顧客端末に送信する。制御部は、認証装置から第1の認証要求または第2の認証要求を受信し、記憶部に記憶した生体情報と第1の認証要求または第2の認証要求に含まれる生体情報とを比較し生体認証を許可した場合、認証許可通知を認証装置に送信する。 Patent Document 2 states that it aims to improve the convenience of customers who use tickets. The authentication system of Patent Document 2 includes a customer terminal, an authentication device, and an information processing device. The information processing device has a control unit and a memory unit. The memory unit stores personal information and biometric information received from the customer terminal. The control unit receives biometric information and performance information from the customer terminal along with a ticket purchase request. The control unit compares the biometric information stored in the memory unit with the biometric information received along with the ticket purchase request, and if biometric authentication is permitted, sends a ticket purchase permission notice corresponding to the ticket purchase request to the customer terminal. The control unit receives a first authentication request or a second authentication request from the authentication device, compares the biometric information stored in the memory unit with the biometric information included in the first authentication request or the second authentication request, and if biometric authentication is permitted, sends an authentication permission notice to the authentication device.
特開2018-060354号公報JP 2018-060354 A 特開2019-057004号公報JP 2019-057004 A
 近年、生体認証を用いた様々なサービスの提供が始まっている。利用者は、生体認証を用いたサービスを受ける前に、自身の生体情報(例えば、顔画像)をサーバに登録する必要がある。その際、複数のサービス提供者(例えば、小売業者、交通事業者)それぞれからサービスの提供を受けるためには、利用者は、サービス提供者ごとに生体情報を登録する必要がある。 In recent years, various services using biometric authentication have begun to be offered. Before receiving a service using biometric authentication, a user must register their own biometric information (e.g., a facial image) on a server. In order to receive services from multiple service providers (e.g., retailers, transportation companies), the user must register their biometric information for each service provider.
 ここで、サービス提供者のそれぞれは、その業態により顧客を管理するためのアカウントの有無や顧客にサービスを提供する際の業務情報の種類等が異なる。そのため、各サービス提供者のタイプに適した生体情報の登録方法(登録方式)が求められる。 Here, each service provider differs depending on the type of business they operate, such as whether they have accounts to manage customers, and the type of business information they provide when providing services to customers. For this reason, a method (registration format) for registering biometric information that is suitable for each type of service provider is required.
 本発明は、サービス提供者のタイプに適した生体情報の登録を実現することに寄与する、サーバ装置、システム、サーバ装置の制御方法及び記憶媒体を提供することを主たる目的とする。 The main objective of the present invention is to provide a server device, a system, a method for controlling a server device, and a storage medium that contribute to realizing the registration of biometric information appropriate to the type of service provider.
 本発明の第1の視点によれば、生体認証を用いたサービスを提供する複数のサービス提供者のなかから、利用者がサービスの提供を受けたいサービス提供者を選択することを可能とする、サービス選択制御手段と、前記利用者により選択されたサービス提供者であって、顧客を管理するためのアカウントを有し、且つ、前記顧客にサービスを提供するために必要な業務情報を生体認証の際に使用するサービス提供者が、生体認証に用いる認証情報の原本となる原本生体情報を取得するための制御を行う、利用者登録制御手段と、を備える、サーバ装置が提供される。 According to a first aspect of the present invention, a server device is provided that includes a service selection control means that enables a user to select a service provider from among a plurality of service providers that provide services using biometric authentication, and a user registration control means that controls the acquisition of original biometric information that serves as the original of the authentication information used for biometric authentication by a service provider selected by the user, the service provider having an account for managing customers, and using business information necessary for providing services to the customer during biometric authentication.
 本発明の第2の視点によれば、利用者が所持する端末と、サーバ装置と、を含み、前記サーバ装置は、生体認証を用いたサービスを提供する複数のサービス提供者のなかから、利用者がサービスの提供を受けたいサービス提供者を選択することを可能とする、サービス選択制御手段と、前記利用者により選択されたサービス提供者であって、顧客を管理するためのアカウントを有し、且つ、前記顧客にサービスを提供するために必要な業務情報を生体認証の際に使用するサービス提供者が、生体認証に用いる認証情報の原本となる原本生体情報を取得するための制御を行う、利用者登録制御手段と、を備え、前記利用者登録制御手段は、前記利用者の端末に対し、前記利用者により選択されたサービス提供者のアカウントにログインするための情報を送信し、前記利用者のアカウントを管理するサーバから生体情報提供要求を受信したことに応じて、前記端末に対し、生体認証に用いられる認証情報の原本となる原本生体情報の提供を要求することで前記原本生体情報を前記端末から取得し、前記取得された原本生体情報を前記サーバに送信する、システムが提供される。 According to a second aspect of the present invention, there is provided a system including a terminal possessed by a user and a server device, the server device being equipped with a service selection control means that enables the user to select a service provider from among a plurality of service providers that provide services using biometric authentication, and a user registration control means that controls the service provider selected by the user, who has an account for managing customers, and who uses business information necessary for providing services to the customer when performing biometric authentication, to acquire original biometric information that is the original of authentication information to be used for biometric authentication, the user registration control means transmitting information for logging in to the account of the service provider selected by the user to the user's terminal, and in response to receiving a request for provision of biometric information from a server that manages the user's account, the system obtains the original biometric information from the terminal by requesting the terminal to provide the original biometric information that is the original of authentication information to be used for biometric authentication, and transmits the acquired original biometric information to the server.
 本発明の第3の視点によれば、サーバ装置において、生体認証を用いたサービスを提供する複数のサービス提供者のなかから、利用者がサービスの提供を受けたいサービス提供者を選択することを可能とし、前記利用者により選択されたサービス提供者であって、顧客を管理するためのアカウントを有し、且つ、前記顧客にサービスを提供するために必要な業務情報を生体認証の際に使用するサービス提供者が、生体認証に用いる認証情報の原本となる原本生体情報を取得するための制御を行う、サーバ装置の制御方法が提供される。 According to a third aspect of the present invention, a method for controlling a server device is provided, which allows a user to select a service provider from among a plurality of service providers that provide services using biometric authentication in a server device, and controls the service provider selected by the user, which has an account for managing customers and uses business information required for providing services to the customer during biometric authentication, to acquire original biometric information that is the source of authentication information used for biometric authentication.
 本発明の第4の視点によれば、サーバ装置に搭載されたコンピュータに、生体認証を用いたサービスを提供する複数のサービス提供者のなかから、利用者がサービスの提供を受けたいサービス提供者を選択することを可能とする処理と、前記利用者により選択されたサービス提供者であって、顧客を管理するためのアカウントを有し、且つ、前記顧客にサービスを提供するために必要な業務情報を生体認証の際に使用するサービス提供者が、生体認証に用いる認証情報の原本となる原本生体情報を取得するための制御を行う処理と、を実行させるためのプログラムを記憶する、コンピュータ読取可能な記憶媒体が提供される。 In accordance with a fourth aspect of the present invention, a computer-readable storage medium is provided that stores a program for causing a computer mounted on a server device to execute the following processes: a process for enabling a user to select a service provider from among a plurality of service providers that provide services using biometric authentication, and a process for controlling the service provider selected by the user, who has an account for managing customers and uses business information necessary for providing services to the customer during biometric authentication, to acquire original biometric information that is the source of authentication information used for biometric authentication.
 本発明の各視点によれば、サービス提供者のタイプに適した生体情報の登録を実現することに寄与する、サーバ装置、システム、サーバ装置の制御方法及び記憶媒体が提供される。なお、本発明の効果は上記に限定されない。本発明により、当該効果の代わりに、又は当該効果と共に、他の効果が奏されてもよい。 In accordance with each aspect of the present invention, a server device, a system, a method for controlling a server device, and a storage medium are provided that contribute to realizing the registration of biometric information suitable for the type of service provider. Note that the effects of the present invention are not limited to those described above. The present invention may achieve other effects instead of or in addition to the effects described above.
図1は、一実施形態の概要を説明するための図である。FIG. 1 is a diagram for explaining an overview of an embodiment. 図2は、一実施形態の動作の一例を示すフローチャートである。FIG. 2 is a flowchart illustrating an example of the operation of one embodiment. 図3は、第1の実施形態に係る認証システムの概略構成の一例を示す図である。FIG. 3 is a diagram illustrating an example of a schematic configuration of an authentication system according to the first embodiment. 図4は、第1の実施形態に係る認証システムの動作を説明するための図である。FIG. 4 is a diagram for explaining the operation of the authentication system according to the first embodiment. 図5は、第1の実施形態に係る認証システムの動作を説明するための図である。FIG. 5 is a diagram for explaining the operation of the authentication system according to the first embodiment. 図6は、第1の実施形態に係る認証システムの動作を説明するための図である。FIG. 6 is a diagram for explaining the operation of the authentication system according to the first embodiment. 図7は、第1の実施形態に係る制御サーバの処理構成の一例を示す図である。FIG. 7 is a diagram illustrating an example of a processing configuration of the control server according to the first embodiment. 図8は、第1の実施形態に係るアカウント管理データベースの一例を示す図である。FIG. 8 is a diagram illustrating an example of an account management database according to the first embodiment. 図9は、第1の実施形態に係る端末の表示の一例を示す図である。FIG. 9 is a diagram illustrating an example of a display on the terminal according to the first embodiment. 図10は、第1の実施形態に係る端末の表示の一例を示す図である。FIG. 10 is a diagram illustrating an example of a display on the terminal according to the first embodiment. 図11は、第1の実施形態に係る制御サーバの動作の一例を示すフローチャートである。FIG. 11 is a flowchart illustrating an example of the operation of the control server according to the first embodiment. 図12は、第1の実施形態に係るサービスサーバの処理構成の一例を示す図である。FIG. 12 is a diagram illustrating an example of a processing configuration of the service server according to the first embodiment. 図13は、第1の実施形態に係る利用者管理データベースの一例を示す図である。FIG. 13 is a diagram illustrating an example of a user management database according to the first embodiment. 図14は、第1の実施形態に係る認証端末の処理構成の一例を示す図である。FIG. 14 is a diagram illustrating an example of a processing configuration of the authentication terminal according to the first embodiment. 図15は、第1の実施形態に係る端末の処理構成の一例を示す図である。FIG. 15 is a diagram illustrating an example of a processing configuration of a terminal according to the first embodiment. 図16は、第1の実施形態に係る端末の表示の一例を示す図である。FIG. 16 is a diagram illustrating an example of a display on the terminal according to the first embodiment. 図17は、第1の実施形態に係る認証システムの動作の一例を示すシーケンス図である。FIG. 17 is a sequence diagram showing an example of the operation of the authentication system according to the first embodiment. 図18は、第2の実施形態に係る認証システムの動作を説明するための図である。FIG. 18 is a diagram for explaining the operation of the authentication system according to the second embodiment. 図19は、第2の実施形態に係る端末の表示の一例を示す図である。FIG. 19 is a diagram illustrating an example of a display on a terminal according to the second embodiment. 図20は、第2の実施形態に係る認証システムの動作を説明するための図である。FIG. 20 is a diagram for explaining the operation of the authentication system according to the second embodiment. 図21は、第3の実施形態に係る認証システムの動作を説明するための図である。FIG. 21 is a diagram for explaining the operation of the authentication system according to the third embodiment. 図22は、第3の実施形態に係る認証システムの動作を説明するための図である。FIG. 22 is a diagram for explaining the operation of the authentication system according to the third embodiment. 図23は、第3の実施形態に係る認証システムの動作を説明するための図である。FIG. 23 is a diagram for explaining the operation of the authentication system according to the third embodiment. 図24は、第3の実施形態に係る認証システムの動作の一例を示すシーケンス図である。FIG. 24 is a sequence diagram showing an example of the operation of the authentication system according to the third embodiment. 図25は、第4の実施形態に係る認証システムの動作を説明するための図である。FIG. 25 is a diagram for explaining the operation of the authentication system according to the fourth embodiment. 図26は、第4の実施形態に係る端末の表示の一例を示す図である。FIG. 26 is a diagram illustrating an example of a display of a terminal according to the fourth embodiment. 図27は、本願開示に係る制御サーバのハードウェア構成の一例を示す図である。FIG. 27 is a diagram illustrating an example of a hardware configuration of a control server according to the present disclosure. 図28は、本願開示の変形例に係る端末の表示の一例を示す図である。FIG. 28 is a diagram showing an example of a display of a terminal according to a modification of the present disclosure. 図29は、本願開示の変形例に係る認証システムの概略構成の一例を示す図である。FIG. 29 is a diagram showing an example of a schematic configuration of an authentication system according to a modification of the present disclosure. 図30は、本願開示の変形例に係る認証システムの概略構成の一例を示す図である。FIG. 30 is a diagram showing an example of a schematic configuration of an authentication system according to a modification of the present disclosure.
 はじめに、一実施形態の概要について説明する。なお、この概要に付記した図面参照符号は、理解を助けるための一例として各要素に便宜上付記したものであり、この概要の記載はなんらの限定を意図するものではない。また、特段の釈明がない場合には、各図面に記載されたブロックはハードウェア単位の構成ではなく、機能単位の構成を表す。各図におけるブロック間の接続線は、双方向及び単方向の双方を含む。一方向矢印については、主たる信号(データ)の流れを模式的に示すものであり、双方向性を排除するものではない。なお、本明細書及び図面において、同様に説明されることが可能な要素については、同一の符号を付することにより重複説明が省略され得る。 First, an overview of one embodiment will be described. Note that the reference numerals in the drawings attached to this overview are added to each element for convenience as an example to aid understanding, and the description of this overview is not intended to be limiting in any way. Furthermore, unless otherwise specified, the blocks illustrated in each drawing represent a functional configuration, not a hardware configuration. The connection lines between blocks in each drawing include both bidirectional and unidirectional. Unidirectional arrows are used to diagrammatically indicate the flow of the main signal (data), and do not exclude bidirectionality. Note that in this specification and drawings, elements that can be described in the same way may be labeled with the same numerals to avoid duplicated explanations.
 一実施形態に係るサーバ装置100は、サービス選択制御手段101と、利用者登録制御手段102と、を備える(図1参照)。サービス選択制御手段101は、生体認証を用いたサービスを提供する複数のサービス提供者のなかから、利用者がサービスの提供を受けたいサービス提供者を選択することを可能とする(サービス提供者の選択制御;図2のステップS1)。利用者登録制御手段102は、利用者により選択されたサービス提供者であって、顧客を管理するためのアカウントを有し、且つ、顧客にサービスを提供するために必要な業務情報を生体認証の際に使用するサービス提供者が、生体認証に用いる認証情報の原本となる原本生体情報を取得するための制御を行う(利用者登録制御の実行;ステップS2)。 The server device 100 according to one embodiment includes a service selection control means 101 and a user registration control means 102 (see FIG. 1). The service selection control means 101 enables a user to select a service provider from which the user wishes to receive a service from among a plurality of service providers that provide services using biometric authentication (service provider selection control; step S1 in FIG. 2). The user registration control means 102 controls the service provider selected by the user, who has an account for managing customers, and who uses business information necessary for providing services to customers during biometric authentication, to acquire original biometric information that is the original of the authentication information used for biometric authentication (execution of user registration control; step S2).
 上述のように、利用者に生体認証を用いたサービスを提供するサービス提供者には様々なタイプが存在する。例えば、顧客を関するためのアカウント(顧客がログインするポータルサイト)の有無や、生体認証を用いたサービスを提供する際に使用する業務情報の使われ方によりサービス提供者のタイプを分けることができる。また、個人情報保護に対する利用者の意識の変化から、スマートフォン等の端末に生体認証に認証情報の原本となる原本生体情報(例えば、顔画像)が格納され、利用者自身が原本生体情報を管理する認証システムが存在する。このような認証システムにおいて、顧客を管理するためのアカウントを有し、且つ、顧客にサービスを提供するために必要な業務情報を生体認証の際に使用するサービス提供者が利用者により選択された場合、サーバ装置100は、当該サービス提供者が利用者の原本生体情報を取得し登録するための利用者登録制御を実行する。例えば、上記サービス提供者として、コンサート会場、遊園地等の施設に入場するためのチケット情報を業務情報として使用する、イベント会社等が想定される。例えば、サーバ装置100は、利用者の端末に対し、自身のアカウントにアクセスするためのリダイレクト用のURL(Uniform Resource Locator)を送信する。サーバ装置100は、利用者がアカウント(ポータルサイト)にログインしたサーバから原本生体情報の提供を要求されると、利用者の端末から原本生体情報を取得し、上記サーバに送信する。即ち、サービス提供者のタイプに適した生体情報の登録を実現するサーバ装置100が提供される。 As described above, there are various types of service providers that provide users with services using biometric authentication. For example, service providers can be categorized by the presence or absence of an account (a portal site where customers log in) for managing customers and the way in which business information is used when providing services using biometric authentication. In addition, due to changes in users' awareness of personal information protection, there are authentication systems in which original biometric information (e.g., a face image) that serves as the original authentication information for biometric authentication is stored in a terminal such as a smartphone, and the user himself manages the original biometric information. In such an authentication system, when a user selects a service provider that has an account for managing customers and uses business information required for providing services to customers during biometric authentication, the server device 100 executes user registration control for the service provider to acquire and register the original biometric information of the user. For example, an event company or the like that uses ticket information for entering facilities such as a concert venue or an amusement park as business information is assumed as the above-mentioned service provider. For example, the server device 100 transmits a redirect URL (Uniform Resource Locator) to the user's terminal for accessing the user's account. When a user logs in to an account (portal site) and is requested to provide original biometric information, the server device 100 acquires the original biometric information from the user's terminal and transmits it to the server. In other words, a server device 100 is provided that realizes the registration of biometric information suitable for the type of service provider.
 以下に具体的な実施形態について、図面を参照してさらに詳しく説明する。 Specific embodiments are described in more detail below with reference to the drawings.
[第1の実施形態]
 第1の実施形態について、図面を用いてより詳細に説明する。 [First embodiment]
The first embodiment will be described in more detail with reference to the drawings.
[システムの構成]
 図3は、第1の実施形態に係る認証システム(情報処理システム)の概略構成の一例を示す図である。図3に示すように、認証システムには、複数のサービス提供者A~C、認証センターが含まれる。 [System Configuration]
Fig. 3 is a diagram showing an example of a schematic configuration of an authentication system (information processing system) according to the first embodiment. As shown in Fig. 3, the authentication system includes a plurality of service providers A to C and an authentication center.
 サービス提供者は、生体認証を用いて利用者にサービスを提供する事業者である。本願開示に係る認証システムは、様々な業種、業界に属するサービス提供者が生体認証を用いてサービスを提供することを前提とする。なお、サービス提供者により提供されるサービスは、有償無償を問わない。 A service provider is a business entity that uses biometric authentication to provide services to users. The authentication system disclosed in this application is premised on service providers belonging to various business types and industries providing services using biometric authentication. Note that services provided by service providers may be either paid or free of charge.
 例えば、マンション等の賃貸住宅サービスを提供する事業者、従業員の勤務先である事業者(利用者の勤務先)、コンサート等のイベントを提供する事業者、航空機等の交通手段を運営する事業者等がサービス提供者として例示される。あるいは、宿泊サービスを提供する事業者、小売店等の事業者、金融サービスを提供する事業者、教育事業者等も本願開示のサービス提供者に含まれる。また、サービス提供者は、民間事業者に限らない。自治体等の公的機関がサービス提供者であってもよい。 Examples of service providers include businesses that provide rental housing services such as condominiums, businesses where employees work (the user's workplace), businesses that provide events such as concerts, and businesses that operate means of transportation such as airplanes. Service providers disclosed in this application also include businesses that provide accommodation services, businesses such as retail stores, businesses that provide financial services, and educational businesses. Service providers are not limited to private businesses. Public institutions such as local governments may also be service providers.
 認証センターは、複数のサービス提供者それぞれの生体認証に関する制御、管理等を行う主体である。利用者(一般消費者)に対して生体認証を用いたサービスの提供を希望する事業者(サービス提供者)は、認証センターと契約を締結する必要がある。 The authentication center is the entity that controls and manages the biometric authentication of each of the multiple service providers. Businesses (service providers) that wish to provide services using biometric authentication to users (general consumers) must enter into a contract with the authentication center.
 認証センターは、制御サーバ10を備える。制御サーバ10は、認証センターの主たる機能を実現する。制御サーバ10は、認証センターの建物内に設置されていてもよいし、ネットワーク(クラウド)上に設置されたサーバであってもよい。 The authentication center includes a control server 10. The control server 10 performs the main functions of the authentication center. The control server 10 may be installed in the building of the authentication center, or may be a server installed on a network (cloud).
 上述のように、サービス提供者は、生体認証を用いたサービスを利用者に提供する。例えば、利用者がオフィスに出勤する際やマンションに帰宅する際に生体認証が行われ、正当な資格を有する利用者(社員、住民)がオフィス等に入ることができる。あるいは、イベント会場等におけるチケット確認、ホテルにおけるチェックイン手続き、空港における出入国手続き等において生体認証が行われる。このようなサービス(手続き)においても正当な資格を有する利用者にサービスが提供される。あるいは、小売店等での決済手続きが生体認証を用いて行われる。 As described above, service providers provide users with services that use biometric authentication. For example, biometric authentication is performed when a user arrives at the office or returns to their apartment, and only users (employees, residents) with the proper credentials can enter the office, etc. Alternatively, biometric authentication is performed when checking tickets at an event venue, checking in at a hotel, going through immigration procedures at an airport, etc. In these types of services (procedures), services are provided to users with the proper credentials. Alternatively, payment procedures at retail stores, etc. are performed using biometric authentication.
 図3に示すように、各サービス提供者は、サービスサーバ20と、少なくとも1以上の認証端末30と、を備える。サービス提供者が備える装置(サービスサーバ20、認証端末30)は相互に通信可能に接続される。具体的には、サービスサーバ20と認証端末30は、有線又は無線の通信手段により接続される。 As shown in FIG. 3, each service provider has a service server 20 and at least one authentication terminal 30. The devices (service server 20, authentication terminal 30) of the service provider are connected so that they can communicate with each other. Specifically, the service server 20 and the authentication terminal 30 are connected by a wired or wireless communication means.
 サービスサーバ20は、ネットワークを介して制御サーバ10と接続されている。サービスサーバ20は、サービス提供者の建物に設置されていてもよいし、クラウド上に設置されていてもよい。 The service server 20 is connected to the control server 10 via a network. The service server 20 may be installed in the building of the service provider, or may be installed on the cloud.
 サービスサーバ20は、利用者にサービスを提供する際に必要な情報を記憶する。具体的には、サービスサーバ20は、各サービス提供者が生体認証を用いたサービスを提供する際に必要な業務情報と、生体認証に必要な情報と、を記憶する。サービスサーバ20は、利用者管理データベースを用いて、業務情報と生体認証に必要な情報を記憶する。利用者管理データベースの詳細は後述する。 The service server 20 stores information required when providing services to users. Specifically, the service server 20 stores business information required when each service provider provides a service using biometric authentication, and information required for biometric authentication. The service server 20 uses a user management database to store business information and information required for biometric authentication. Details of the user management database will be described later.
 例えば、利用者が勤務する企業のサービスサーバ20は、利用者(従業員)の氏名、生年月日、社員番号、所属部署、勤務地等の情報を業務情報として記憶する。また、イベントを主催するイベント会社のサービスサーバ20は、イベント参加者が購入したチケットに関する情報を業務情報として記憶する。さらに、小売店等のサービスサーバ20は、代金決済に必要なクレジットカード情報等を業務情報として記憶する。 For example, the service server 20 of the company where the user works stores information such as the user's (employee's) name, date of birth, employee number, department, place of work, etc. as business information. The service server 20 of an event company hosting an event stores information regarding tickets purchased by event participants as business information. Furthermore, the service server 20 of a retail store or the like stores credit card information required for payment as business information.
 サービスサーバ20が記憶する生体認証に必要な情報の詳細は後述する。 Details of the information required for biometric authentication stored by the service server 20 will be provided later.
 認証端末30は、サービスの提供を受ける利用者のインターフェイスとなる装置である。認証端末30は、各サービス提供者それぞれのサービス提供場所に設置される。より具体的には、認証端末30は、利用者が実際に訪れる店舗等に設置される。 The authentication terminal 30 is a device that serves as an interface for users who receive services. The authentication terminal 30 is installed at the service providing location of each service provider. More specifically, the authentication terminal 30 is installed in a store or the like that the user actually visits.
 認証端末30は、サービス提供者の業種等に応じた機能、形態を備える。例えば、職場やイベント会場に設置された認証端末30は、利用者(被認証者)の通行を制限するゲートを備えたゲート装置とすることができる。また、小売店に設置された認証端末30には、タブレット型の端末を用いることができる。 The authentication terminal 30 has functions and forms that correspond to the type of business of the service provider. For example, an authentication terminal 30 installed in a workplace or event venue can be a gate device equipped with a gate that restricts the passage of users (persons to be authenticated). Also, an authentication terminal 30 installed in a retail store can be a tablet-type terminal.
 なお、図3は例示であって、本願開示の認証システムの構成等を限定する趣旨ではない。例えば、認証センターには2台以上の制御サーバ10が含まれていてもよい。また、認証システムには、少なくとも1以上のサービス提供者が参加していればよい。さらに、各サービス提供者は、少なくとも1台以上のサービスサーバ20と、少なくとも1台以上の認証端末30と、を備えていればよい。 Note that FIG. 3 is an example and is not intended to limit the configuration of the authentication system disclosed herein. For example, the authentication center may include two or more control servers 10. Also, at least one or more service providers may participate in the authentication system. Furthermore, each service provider may include at least one or more service servers 20 and at least one or more authentication terminals 30.
[概略動作]
 続いて、第1の実施形態に係る認証システムの概略動作について説明する。 [Outline of operation]
Next, the general operation of the authentication system according to the first embodiment will be described.
<アカウント生成>
 サービス提供者からサービスの提供を希望する利用者は、システムにアカウントを生成する必要がある。具体的には、利用者は、所持する端末40を操作して、制御サーバ10にアクセスする(図4参照)。 <Create an account>
A user who wishes to receive a service from a service provider needs to create an account in the system. Specifically, the user operates a terminal 40 owned by the user to access the control server 10 (see FIG. 4).
 利用者は、制御サーバ10が提供するWEB(ウェブ)ページ等において、ログイン情報(例えば、ログインID、パスワード)、氏名、生年月日等を入力する。制御サーバ10は、ログイン情報等を取得すると、当該利用者を識別するためのIDを生成する。なお、以降の説明において、制御サーバ10が生成したIDを「システムID」と表記する。制御サーバ10は、生成したシステムID、ログイン情報等を対応付けてアカウント管理データベースに記憶する。アカウント管理データベースの詳細は後述する。 The user inputs login information (e.g., login ID, password), name, date of birth, etc., on a WEB page provided by the control server 10. When the control server 10 acquires the login information, etc., it generates an ID for identifying the user. In the following explanation, the ID generated by the control server 10 is referred to as the "system ID." The control server 10 associates the generated system ID with the login information, etc., and stores them in an account management database. Details of the account management database will be described later.
<生体情報登録>
 生体認証を用いてサービスの提供を受けることを希望する利用者は、自身の生体情報を端末40に登録する必要がある。 <Biometric information registration>
A user who wishes to receive services using biometric authentication needs to register his/her own biometric information in the terminal 40 .
 ここで、生体認証を用いたサービスの提供には、生体情報から生成された認証情報が事前にサービス提供者に登録されている必要がある。例えば、顔認証を用いてサービスが提供される際には、顔画像から生成された特徴量(特徴ベクトル)が認証情報として事前に登録されている必要がある。あるいは、指紋認証を用いてサービスが提供される際には、指紋画像から生成された特徴量が認証情報として事前に登録されている必要がある。 Here, to provide a service using biometric authentication, it is necessary that authentication information generated from biometric information be registered in advance with the service provider. For example, when a service is provided using face authentication, it is necessary that feature amounts (feature vectors) generated from a face image be registered in advance as authentication information. Or, when a service is provided using fingerprint authentication, it is necessary that feature amounts generated from a fingerprint image be registered in advance as authentication information.
 以降の説明において、顔画像や指紋画像のように、認証情報を生成する際の原本(基礎)となる情報を「原本生体情報」と表記する。また、原本生体情報から生成され、事前に登録される特徴量を「登録認証情報」と表記する。 In the following explanation, the original (foundation) information used to generate authentication information, such as a face image or fingerprint image, will be referred to as "original biometric information." Additionally, the features generated from the original biometric information and registered in advance will be referred to as "registered authentication information."
 アカウント生成を完了した利用者は、原本生体情報(例えば、顔画像)を所持する端末40に登録する必要がある。端末40は、GUI(Graphical User Interface)等を用いて原本生体情報を取得する。端末40は、取得した原本生体情報(例えば、顔画像)を内部に記憶する。このように、端末40は、生体認証に用いられる認証情報の原本となる原本生体情報を記憶する。 After completing account creation, the user must register the original biometric information (e.g., a facial image) on the terminal 40 that holds the information. The terminal 40 acquires the original biometric information using a GUI (Graphical User Interface) or the like. The terminal 40 stores the acquired original biometric information (e.g., a facial image) internally. In this way, the terminal 40 stores the original biometric information that serves as the original authentication information used for biometric authentication.
<サービスの選択>
 システム登録(アカウント作成)及び原本生体情報の登録を行った利用者は、生体認証サービスの提供を受けたいサービス提供者を選択する。利用者は、認証システムに参加している複数のサービス提供者(認証センターと契約しているサービス提供者)のなかからサービスの提供を受けたいサービス提供者を選択する。 <Select a service>
After registering in the system (creating an account) and registering their original biometric information, the user selects the service provider from which they would like to receive biometric authentication services. The user selects the service provider from which they would like to receive services from among the multiple service providers participating in the authentication system (service providers under contract with the authentication center).
 制御サーバ10は、認証システムに参加しているサービス提供者の情報を記憶する。例えば、制御サーバ10は、サービス提供者の名称、業種、所在地等を記憶する。制御サーバ10は、複数のサービス提供者それぞれの情報を保持すると共に、利用者によるサービス提供者の選択を可能とする。 The control server 10 stores information about the service providers participating in the authentication system. For example, the control server 10 stores the name, industry, location, etc. of the service provider. The control server 10 holds information about each of multiple service providers and allows the user to select a service provider.
 利用者が端末40を操作してポータルサイト上にて所定の動作を行うと、制御サーバ10は、利用者が希望するサービス(サービス提供者)の選択を可能とするGUI等を端末40に表示する。制御サーバ10は、GUIを用いて利用者が希望するサービス(生体認証サービス)を取得する。 When a user operates the terminal 40 to perform a specified operation on the portal site, the control server 10 displays a GUI or the like on the terminal 40 that enables the user to select a desired service (service provider). The control server 10 uses the GUI to obtain the service (biometric authentication service) desired by the user.
<利用者登録>
 利用者が選択したサービス提供者を取得すると、制御サーバ10は、当該選択されたサービス提供者が、生体認証を用いたサービスを利用者に提供可能とする「利用者登録」に関する制御を実行する。 <User registration>
When the control server 10 acquires the service provider selected by the user, the control server 10 executes control related to "user registration" that enables the selected service provider to provide the user with a service using biometric authentication.
 具体的には、制御サーバ10は、利用者の端末40に格納された原本生体情報を上記選択されたサービス提供者が取得するための制御を行う。サービス提供者は、取得した原本生体情報から登録認証情報を生成し、当該生成した登録認証情報と業務情報を対応付けることで、利用者にサービスを提供する準備が整う。 Specifically, the control server 10 controls the above-mentioned selected service provider to acquire the original biometric information stored in the user's terminal 40. The service provider generates registered authentication information from the acquired original biometric information, and associates the generated registered authentication information with business information, thereby becoming ready to provide the service to the user.
 ここで、上述のように、サービス提供者は、その業種、業態により様々なタイプが存在する。本願開示では、認証システムに参加する各サービス提供者を4つのタイプに分類する。 As mentioned above, there are various types of service providers depending on their industry and business model. In this disclosure, the service providers participating in the authentication system are classified into four types.
 第1のタイプに属するサービス提供者は、サービスを提供する利用者を管理するためのアカウント(ポータルサイト)を持たず、且つ、同じ業務情報を繰り返し使用する事業者である。例えば、小規模な企業(利用者の勤務先企業)やマンション管理会社等のサービス提供者が第1のタイプに属する。 The first type of service provider is a business entity that does not have an account (portal site) for managing the users to whom it provides services, and that repeatedly uses the same business information. For example, service providers such as small businesses (companies where users work) and apartment management companies belong to the first type.
 第2のタイプに属するサービス提供者は、サービスを提供する利用者を管理するためのアカウント(ポータルサイト)を持たず、且つ、認証に必要な業務情報を原則として1回に限り使用する事業者である。例えば、他社(チケット販売会社等)にチケットの販売を委託し、遊園地、テーマパーク等を運営する事業者や、コンサート等のイベントを開催するイベント会社等が第2のタイプに属する。 The second type of service provider is a business that does not have an account (portal site) for managing the users to whom it provides services, and in principle uses the business information required for authentication only once. For example, businesses that operate amusement parks and theme parks by outsourcing ticket sales to other companies (such as ticket sales companies), and event companies that hold events such as concerts, belong to the second type.
 第3のタイプに属するサービス提供者は、サービスを提供する利用者(顧客)を管理するためのアカウント(ポータルサイト)を持ち、且つ、同じ業務情報を繰り返し使用する事業者である。例えば、商品を販売する小売事業者等のサービス提供者が第3のタイプに属する。 The third type of service provider is a business that has an account (portal site) for managing the users (customers) to whom it provides services, and that repeatedly uses the same business information. For example, service providers such as retail businesses that sell products belong to the third type.
 第4のタイプに属するサービス提供者は、サービスを提供する利用者を管理するためのアカウント(ポータルサイト)を持ち、且つ、認証に必要な業務情報を原則として1回に限り使用する事業者である。例えば、自社でチケットを販売し、遊園地、テーマパーク等を運営する事業者や、コンサート等のイベントを開催するイベント会社等が第4のタイプに属する。 The fourth type of service provider is a business that has an account (portal site) for managing the users to whom it provides services, and in principle uses the business information required for authentication only once. For example, businesses that sell tickets and operate amusement parks and theme parks, and event companies that hold events such as concerts, belong to the fourth type.
 制御サーバ10は、利用者が選択したサービス提供者のタイプに応じた、利用者登録制御を実行する。第1の実施形態では、上記第1のタイプに関する「利用者登録」について説明する。 The control server 10 executes user registration control according to the type of service provider selected by the user. In the first embodiment, the "user registration" for the first type will be described.
<第1のタイプの利用者登録>
 利用者は、端末40を操作して制御サーバ10にアクセスし、当該利用者のポータルサイトにログインする。利用者がポータルサイト上で所定の操作(例えば、サービス提供者の選択ボタンの押下)を行うと、制御サーバ10は、サービス提供者の一覧を含むGUIを端末40に表示する。 <First type of user registration>
A user operates a terminal 40 to access the control server 10 and logs in to the user's portal site. When the user performs a predetermined operation on the portal site (e.g., pressing a service provider selection button), the control server 10 displays a GUI including a list of service providers on the terminal 40.
 利用者が端末40に一覧表示されたサービス提供者のなかから1つのサービス提供者を選択すると、制御サーバ10は、必要に応じて、利用者登録の対象となるサービス提供者を指定する情報を取得する。例えば、制御サーバ10は、GUI等を用いて、利用者が勤務する企業や居住しているマンションの管理会社を指定する「管理コード」を利用者から取得する。即ち、利用者は、端末40を操作して、管理コードを入力する。 When the user selects one service provider from the list of service providers displayed on the terminal 40, the control server 10 acquires information specifying the service provider to be registered as the user, if necessary. For example, the control server 10 acquires from the user, using a GUI or the like, a "management code" that specifies the company where the user works or the management company of the apartment building where the user lives. That is, the user operates the terminal 40 to input the management code.
 管理コードにより利用者登録の対象となるサービス提供者が特定されると、制御サーバ10は、当該特定されたサービス提供者のタイプを判定する。第1の実施形態では、制御サーバ10は、第1のタイプのサービス提供者が選択されたと判定する。 When the service provider to be registered as a user is identified by the management code, the control server 10 determines the type of the identified service provider. In the first embodiment, the control server 10 determines that a first type of service provider has been selected.
 サービス提供者が特定されると、制御サーバ10は、利用者に対して原本生体情報の提供を要求する。具体的には、制御サーバ10は、「原本提供要求」を利用者の端末40に送信する(図5のステップS01参照)。 Once the service provider is identified, the control server 10 requests the user to provide the original biometric information. Specifically, the control server 10 sends an "original provision request" to the user's terminal 40 (see step S01 in FIG. 5).
 原本提供要求を受信すると、端末40は、利用者の原本生体情報(例えば、顔画像)を制御サーバ10に送信する(ステップS02)。 When the request to provide the original is received, the terminal 40 transmits the user's original biometric information (e.g., a facial image) to the control server 10 (step S02).
 制御サーバ10は、利用者のシステムID、取得した原本生体情報、個人特定情報等を利用者が選択したサービス提供者(第1のタイプのサービス提供者)に通知する。なお、個人特定情報は、利用者を特定するための情報である。個人特定情報として、利用者の氏名、又は、氏名と生年月日の組み合わせが例示される。あるいは、社員番号やマンションの居室番号等が個人特定情報として用いられてもよい。 The control server 10 notifies the service provider selected by the user (first type service provider) of the user's system ID, the acquired original biometric information, personal identification information, etc. The personal identification information is information for identifying the user. Examples of personal identification information include the user's name, or a combination of the user's name and date of birth. Alternatively, an employee number, apartment room number, etc. may be used as personal identification information.
 制御サーバ10は、システムID、原本生体情報及び個人特定情報等を含む「利用者登録要求」を利用者が選択したサービス提供者のサービスサーバ20に送信する(ステップS03)。 The control server 10 sends a "user registration request" including the system ID, the original biometric information, and the personal identification information to the service server 20 of the service provider selected by the user (step S03).
 利用者登録要求を受信したサービスサーバ20は、取得した個人特定情報を用いて利用者管理データベースを検索し、利用者登録(生体認証を用いたサービスの提供)を希望する利用者を特定する。サービスサーバ20は、特定された利用者のエントリにシステムID、原本生体情報から得られる登録認証情報(例えば、特徴量)を記憶する。 When the service server 20 receives the user registration request, it searches the user management database using the acquired personal identification information to identify the user who wishes to register (to receive services using biometric authentication). The service server 20 stores the system ID and registration authentication information (e.g., features) obtained from the original biometric information in the entry for the identified user.
 サービスサーバ20は、利用者登録の結果(利用者登録に成功、失敗)を含む応答を制御サーバ10に送信する(ステップS04)。 The service server 20 sends a response including the result of the user registration (user registration successful or unsuccessful) to the control server 10 (step S04).
 このように、利用者は、スマートフォン等の端末40に格納された原本生体情報(生体情報のマスターデータ)を認証センターの制御サーバ10を介してサービス提供者に提供する。その際、端末40は、利用者の原本生体情報(マスターデータ)を内部に保持し続ける。 In this way, the user provides the original biometric information (master data of the biometric information) stored in the terminal 40, such as a smartphone, to the service provider via the control server 10 of the authentication center. At that time, the terminal 40 continues to hold the original biometric information (master data) of the user internally.
 なお、制御サーバ10は、利用者登録要求をサービスサーバ20に送信したタイミング、又は当該要求に対する応答を受信したタイミングにおいて、利用者から取得した原本生体情報(例えば、顔画像)を削除する。また、サービスサーバ20は、登録認証情報(例えば、特徴量)を生成すると、制御サーバ10から取得した原本生体情報を削除する。 The control server 10 deletes the original biometric information (e.g., face image) acquired from the user when the control server 10 transmits a user registration request to the service server 20 or when the control server 10 receives a response to the request. In addition, when the service server 20 generates registration authentication information (e.g., feature amount), it deletes the original biometric information acquired from the control server 10.
<サービスの提供>
 サービスの選択を完了した利用者は、サービスの提供を受けるためサービス提供者を訪れる。例えば、利用者は、オフィス、遊園地、イベント会場、小売店等自身で選択したサービスの提供を受けるサービス提供者の施設、店舗等を訪れる。 <Provision of services>
After completing the selection of the service, the user visits the service provider to receive the service. For example, the user visits the facility or store of the service provider, such as an office, an amusement park, an event venue, or a retail store, where the user receives the service selected by the user.
 認証端末30は、サービスの提供を受ける利用者(被認証者)の生体情報を取得する。例えば、認証端末30は、被認証者を撮影し、原本生体情報に対応する生体情報(例えば、顔画像)を取得する。認証端末30は、取得した顔画像を含む認証要求をサービスサーバ20に送信する(図6参照)。なお、認証端末30は、必要に応じて、生体情報と共に他の情報(例えば、購入商品に関する代金等の決済情報)をサービスサーバ20に送信する。あるいは、認証端末30は、生体情報(個人を特定するための情報、ID)と共に認証処理に使用される情報(例えば、クレジットカード情報)をサービスサーバ20に送信してもよい。 The authentication terminal 30 acquires biometric information of the user (person to be authenticated) receiving the service. For example, the authentication terminal 30 photographs the person to be authenticated and acquires biometric information (e.g., a facial image) corresponding to the original biometric information. The authentication terminal 30 transmits an authentication request including the acquired facial image to the service server 20 (see FIG. 6). If necessary, the authentication terminal 30 transmits other information (e.g., payment information such as the price of a purchased item) along with the biometric information to the service server 20. Alternatively, the authentication terminal 30 may transmit information used in the authentication process (e.g., credit card information) along with the biometric information (information for identifying an individual, ID) to the service server 20.
 サービスサーバ20は、取得した顔画像から照合用の認証情報を生成する。例えば、サービスサーバ20は、照合用の顔画像から特徴量を生成する。サービスサーバ20は、当該生成された照合用の認証情報(以下、照合認証情報と表記する)と、利用者管理データベースに登録された登録認証情報と、を用いた照合処理(1対N照合;Nは正の整数、以下同じ)を実行する。 The service server 20 generates authentication information for matching from the acquired face image. For example, the service server 20 generates features from the face image for matching. The service server 20 executes a matching process (1:N matching; N is a positive integer, the same below) using the generated authentication information for matching (hereinafter referred to as matching authentication information) and the registered authentication information registered in the user management database.
 サービスサーバ20は、照合処理により利用者管理データベースに登録された利用者(被認証者)を特定する。 The service server 20 identifies the user (person to be authenticated) registered in the user management database through a matching process.
 サービスサーバ20は、特定された利用者の業務情報を用いて当該利用者の認証を行う。例えば、社員の勤務先企業のサービスサーバ20は、被認証者が自社の社員であってオフィスに入場する資格を備えていれば「認証成功」と判定する。あるいは、イベント会場に設置されたサービスサーバ20は、被認証者が購入したチケットが有効であれば「認証成功」と判定する。あるいは、小売店に設置されたサービスサーバ20は、被認証者が購入した商品等の代金決済に成功すると「認証成功」と判定する。 The service server 20 authenticates the identified user using the business information of that user. For example, the service server 20 of the employee's employer will determine that the "authentication was successful" if the person to be authenticated is an employee of that company and is qualified to enter the office. Alternatively, a service server 20 installed at an event venue will determine that the "authentication was successful" if the ticket purchased by the person to be authenticated is valid. Alternatively, a service server 20 installed at a retail store will determine that the "authentication was successful" if the payment for the goods etc. purchased by the person to be authenticated is successful.
 サービスサーバ20は、認証結果(認証成功、認証失敗)を認証端末30に送信する。 The service server 20 sends the authentication result (authentication successful, authentication failed) to the authentication terminal 30.
 認証端末30は、認証結果に応じた処理を実行する。例えば、認証成功を受信すると、オフィスに設置された認証端末30は、ゲートを開き被認証者の通行を許可する。あるいは、ベント会場に設置された認証端末30は、認証成功を受信すると、被認証者のゲート通過を許可する。あるいは、小売店に設置された認証端末30は、認証成功を受信すると、商品の決済が終了した旨を被認証者に通知する。 The authentication terminal 30 executes processing according to the authentication result. For example, when successful authentication is received, an authentication terminal 30 installed in an office opens the gate and allows the authenticated person to pass through. Alternatively, when successful authentication is received, an authentication terminal 30 installed at an event venue allows the authenticated person to pass through the gate. Alternatively, when successful authentication is received, an authentication terminal 30 installed at a retail store notifies the authenticated person that payment for the product has been completed.
 続いて、第1の実施形態に係る認証システムに含まれる各装置の詳細について説明する。 Next, we will explain the details of each device included in the authentication system according to the first embodiment.
[制御サーバ]
 図7は、第1の実施形態に係る制御サーバ10の処理構成(処理モジュール)の一例を示す図である。図7を参照すると、制御サーバ10は、通信制御部201と、アカウント管理部202と、事業者管理部203と、サービス選択制御部204と、利用者登録制御部205と、記憶部206と、を備える。 [Control Server]
Fig. 7 is a diagram showing an example of a processing configuration (processing module) of the control server 10 according to the first embodiment. Referring to Fig. 7, the control server 10 includes a communication control unit 201, an account management unit 202, a business operator management unit 203, a service selection control unit 204, a user registration control unit 205, and a storage unit 206.
 通信制御部201は、他の装置との間の通信を制御する手段である。例えば、通信制御部201は、サービスサーバ20からデータ(パケット)を受信する。また、通信制御部201は、サービスサーバ20に向けてデータを送信する。通信制御部201は、他の装置から受信したデータを他の処理モジュールに引き渡す。通信制御部201は、他の処理モジュールから取得したデータを他の装置に向けて送信する。このように、他の処理モジュールは、通信制御部201を介して他の装置とデータの送受信を行う。通信制御部201は、他の装置からデータを受信する受信部としての機能と、他の装置に向けてデータを送信する送信部としての機能と、を備える。 The communication control unit 201 is a means for controlling communication with other devices. For example, the communication control unit 201 receives data (packets) from the service server 20. The communication control unit 201 also transmits data to the service server 20. The communication control unit 201 passes data received from other devices to other processing modules. The communication control unit 201 transmits data acquired from other processing modules to other devices. In this way, the other processing modules transmit and receive data to and from other devices via the communication control unit 201. The communication control unit 201 has a function as a receiving unit that receives data from other devices and a function as a transmitting unit that transmits data to other devices.
 アカウント管理部202は、利用者のアカウントを管理する手段である。アカウント管理部202は、利用者が端末40を操作して、所定のホームページ等にアクセスすると、当該利用者のアカウントを生成するために必要な情報を取得する。 The account management unit 202 is a means for managing a user's account. When a user operates the terminal 40 to access a specific homepage or the like, the account management unit 202 obtains the information necessary to create an account for that user.
 具体的には、アカウント管理部202は、ログイン情報、氏名、生年月日等の個人情報を取得する。ログイン情報等を取得すると、アカウント管理部202は、当該利用者を識別するためのシステムIDを生成する。システムIDは、利用者を一意に識別できる情報であればどのような情報であってもよい。例えば、アカウント管理部202は、アカウント生成のたびに一意な値を採番しシステムIDとしてもよい。 Specifically, the account management unit 202 acquires personal information such as login information, name, and date of birth. Upon acquiring the login information, the account management unit 202 generates a system ID for identifying the user. The system ID may be any information that can uniquely identify the user. For example, the account management unit 202 may assign a unique value each time an account is generated, and use this as the system ID.
 アカウント管理部202は、生成されたシステムID、ログイン情報、氏名等を対応付けてアカウント管理データベースに記憶する(図8参照)。なお、図8に示すアカウント管理データベースは例示であって、記憶する項目等を限定する趣旨ではない。例えば、アカウント生成日時等がアカウント管理データベースに記憶されていてもよい。 The account management unit 202 associates the generated system ID, login information, name, etc., and stores them in the account management database (see FIG. 8). Note that the account management database shown in FIG. 8 is an example, and is not intended to limit the items to be stored. For example, the account generation date and time, etc., may also be stored in the account management database.
 また、アカウント管理部202は、利用者の端末40からポータルサイトにログインするためのログイン情報を取得する。アカウント管理部202は、ログイン情報を使った認証を行う。 The account management unit 202 also acquires login information for logging in to the portal site from the user's terminal 40. The account management unit 202 performs authentication using the login information.
 事業者管理部203は、認証システムに参加するサービス提供者(サービス事業者)を管理する手段である。事業者管理部203は、各サービス提供者の職員等からシステム登録する事業者情報(サービス提供者の名称、業種、所在地、管理コード、サービスサーバ20のアドレス等)を取得する。事業者情報には、各サービス提供者のタイプ(上述の第1乃至第4のサービス提供者のタイプ)が含まれていてもよい。 The business management unit 203 is a means for managing the service providers (service businesses) participating in the authentication system. The business management unit 203 acquires business information (service provider name, business type, location, management code, address of service server 20, etc.) to be registered in the system from staff of each service provider. The business information may include the type of each service provider (the first to fourth service provider types described above).
 例えば、事業者管理部203は、事業者情報等を入力するためのインターフェイスを各サービス提供者に提供してもよい。あるいは、各サービス提供者は、事業者情報等が格納されたUSB(Universal Serial Bus)メモリ等を認証センターに送付してもよい。事業者管理部203は、認証センターの職員等から事業者情報等を取得してもよい。 For example, the business management unit 203 may provide each service provider with an interface for inputting business information, etc. Alternatively, each service provider may send a USB (Universal Serial Bus) memory or the like on which the business information, etc. is stored to the authentication center. The business management unit 203 may obtain the business information, etc. from staff, etc. at the authentication center.
 事業者管理部203は、事業者情報等を取得したサービス提供者についてのID(事業者ID)を生成する。事業者管理部203は、当該生成された事業者ID、取得した事業者情報等を対応付けて記憶する。 The business management unit 203 generates an ID (business ID) for the service provider that has acquired the business information, etc. The business management unit 203 stores the generated business ID in association with the acquired business information, etc.
 サービス選択制御部204は、利用者による生体認証サービス(サービス提供者)の選択を制御する手段である。サービス選択制御部204は、生体認証を用いたサービスを提供する複数のサービス提供者のなかから、利用者がサービスの提供を受けたいサービス提供者を選択することを可能とする。 The service selection control unit 204 is a means for controlling the selection of a biometric authentication service (service provider) by the user. The service selection control unit 204 enables the user to select the service provider from which the user wishes to receive services from among multiple service providers that offer services using biometric authentication.
 利用者が端末40を操作してポータルサイトにログインし、当該ポータルサイト上で所定の動作を行うと、サービス選択制御部204は、例えば、図9に示すようなGUIを端末40に表示する。 When a user operates the terminal 40 to log in to a portal site and performs a specific operation on the portal site, the service selection control unit 204 displays, for example, a GUI such as that shown in FIG. 9 on the terminal 40.
 上記GUIを表示する際、サービス選択制御部204は、利用者が選択済のサービス提供者と未選択なサービス提供者を区別可能な表示を行う。図9の例では、サービス事業者を示すアイコンの右上にチェックが入ったサービス提供者は既に選択されたサービス提供者を示し、チェックが入っていないサービス提供者は未選択なサービス提供者を示す。 When displaying the above GUI, the service selection control unit 204 displays the service provider in a way that allows the user to distinguish between a service provider that has already been selected and a service provider that has not been selected. In the example of FIG. 9, a service provider with a check mark in the upper right corner of the icon indicating the service business indicates a service provider that has already been selected, and a service provider with no check mark indicates an unselected service provider.
 なお、サービス選択制御部204は、図9に示すようなGUIを表示するために事業者情報及びアカウント管理データベースに登録された情報を用いる。具体的には、サービス選択制御部204は、事業者情報を参照し、認証センターと契約を締結しているサービス提供者の一覧を生成する。また、サービス選択制御部204は、アカウント管理データベースの選択サービスフィールドを参照し、利用者が選択済のサービス提供者(サービス提供者の事業者ID)を取得する。 The service selection control unit 204 uses the business information and information registered in the account management database to display a GUI such as that shown in FIG. 9. Specifically, the service selection control unit 204 references the business information and generates a list of service providers that have concluded contracts with the authentication center. The service selection control unit 204 also references the selected service field in the account management database to obtain the service provider (the business ID of the service provider) that has been selected by the user.
 また、サービス選択制御部204は、サービス提供者の一覧を表示する際、各サービス提供者のより詳細な情報(例えば、業種、提供するサービス、店舗の場所等)も併せて利用者に提供してもよい。 In addition, when displaying the list of service providers, the service selection control unit 204 may also provide the user with more detailed information about each service provider (e.g., the type of business, services offered, store location, etc.).
 ここで、利用者の勤務先となる企業やマンション管理会社は数多く存在し、これらの企業や管理会社を一覧表示するのは現実的ではない。そこで、サービス選択制御部204は、複数のサービス提供者を代表するようなアイコンを表示してもよい。図9の例では、複数の企業(勤務先)は「オフィス」として表示され、複数のマンション管理会社は「マンション」として表示されている。 Here, there are many companies and condominium management companies where users work, and it is not realistic to display a list of these companies and management companies. Therefore, the service selection control unit 204 may display icons that represent multiple service providers. In the example of Figure 9, multiple companies (places of work) are displayed as "offices," and multiple condominium management companies are displayed as "condominiums."
 サービス選択制御部204は、複数のサービス提供者を代表するアイコンが選択された場合(図9の例では「オフィス」又は「マンション」のアイコンが押下された場合)、利用者登録の対象となるサービス提供者の管理コードを取得する。具体的には、サービス選択制御部204は、図10に示すようなGUIを用いて管理コードを取得する。なお、利用者は自社や自宅マンションの管理コードを勤務先又は管理会社等から取得する。 When an icon representing multiple service providers is selected (in the example of FIG. 9, when the "Office" or "Apartment" icon is pressed), the service selection control unit 204 acquires the management code of the service provider for which the user is to be registered. Specifically, the service selection control unit 204 acquires the management code using a GUI such as that shown in FIG. 10. Note that the user acquires the management code for their company or apartment from their place of employment, a management company, etc.
 サービス選択制御部204は、管理コードから利用者が選択したサービス提供者を特定する。このように、サービス選択制御部204は、必要に応じて、利用者がサービスの提供を受けたいサービス提供者に対応する管理コードを端末40から取得することで当該利用者が選択(指定)したサービス提供者を特定する。 The service selection control unit 204 identifies the service provider selected by the user from the management code. In this way, the service selection control unit 204 identifies the service provider selected (specified) by the user by acquiring, as necessary, from the terminal 40, the management code corresponding to the service provider from which the user wishes to receive a service.
 なお、複数のサービス提供者を代表していないアイコン(サービス提供者を直接示すアイコン;図9の例では小売店A~Cのアイコン)が押下された場合、サービス選択制御部204は、管理コードを用いずに利用者が選択したサービス提供者を特定できる。 In addition, if an icon that does not represent multiple service providers (an icon that directly indicates a service provider; in the example of Figure 9, the icons of retailers A to C) is pressed, the service selection control unit 204 can identify the service provider selected by the user without using the management code.
 サービス選択制御部204は、利用者が選択したサービス提供者の情報(例えば、利用者登録が希望されたサービス提供者の事業者ID)を利用者登録制御部205に引き渡す。 The service selection control unit 204 passes information about the service provider selected by the user (e.g., the business ID of the service provider for which the user wishes to register) to the user registration control unit 205.
 また、サービス選択制御部204は、利用者により既に選択されているサービス提供者の解除(当該サービス提供者からサービスを受けることを終了)を可能とする。具体的には、利用者がポータルサイト上で所定の操作を行うと、サービス選択制御部204は、図9に示すようなGUIを表示する。 The service selection control unit 204 also enables the user to cancel a service provider that has already been selected (to end receiving services from that service provider). Specifically, when the user performs a specified operation on the portal site, the service selection control unit 204 displays a GUI such as that shown in FIG. 9.
 図9において既に利用者登録がされているサービス提供者(図9の例では右上にチェックが入っているサービス提供者)が選択されると、サービス選択制御部204は、当該選択されたサービス提供者の利用者登録を解除する制御を行う。なお、サービス選択制御部204は、必要に応じて、利用者登録を解除するサービス提供者の管理コードを取得する。 When a service provider that has already been registered as a user in FIG. 9 (a service provider with a check mark in the upper right corner in the example of FIG. 9) is selected, the service selection control unit 204 controls the cancellation of the user registration of the selected service provider. If necessary, the service selection control unit 204 acquires the management code of the service provider whose user registration is to be cancelled.
 サービス選択制御部204は、利用者が選択したサービス提供者(利用者登録の解除が希望されたサービス提供者)の情報を利用者登録制御部205に引き渡す。 The service selection control unit 204 passes information about the service provider selected by the user (the service provider for which the user wishes to cancel his/her registration) to the user registration control unit 205.
 利用者登録制御部205は、制御サーバ10による「利用者登録」を制御する手段である。例えば、利用者登録制御部205は、所定のコード(管理コード)を用いて利用者が選択したサービス提供者が、生体認証に用いる認証情報の原本となる原本生体情報を取得するための制御を行う。 The user registration control unit 205 is a means for controlling "user registration" by the control server 10. For example, the user registration control unit 205 performs control so that a service provider selected by a user using a specific code (management code) can acquire original biometric information that serves as the source of authentication information to be used for biometric authentication.
 利用者登録制御部205は、利用者により選択されたサービス提供者が生体認証を用いたサービスを当該利用者に提供可能とする「利用者登録」を制御する。あるいは、利用者登録制御部205は、利用者登録の解除を制御する。 The user registration control unit 205 controls "user registration" that enables a service provider selected by a user to provide the user with a service using biometric authentication. Alternatively, the user registration control unit 205 controls the cancellation of user registration.
 利用者登録制御部205は、利用者登録が希望されたサービス提供者のタイプに応じた利用者登録制御を実行する。利用者登録制御部205は、選択されたサービス提供者のタイプを事業者情報から取得する。第1の実施形態では、第1のタイプのサービス提供者が選択された場合について説明する。即ち、利用者登録制御部205は、利用者により選択されたサービス提供者であって、顧客を管理するためのアカウントを有さないサービス提供者が、生体認証に用いる認証情報の原本となる原本生体情報を取得するための利用者登録制御を行う。 The user registration control unit 205 executes user registration control according to the type of service provider for which user registration is desired. The user registration control unit 205 acquires the type of selected service provider from the business information. In the first embodiment, a case where a first type of service provider is selected is described. That is, the user registration control unit 205 performs user registration control so that a service provider selected by a user who does not have an account for managing customers can acquire original biometric information that serves as the source of authentication information used for biometric authentication.
 サービス選択制御部204から利用者が選択したサービス提供者の情報を取得すると、利用者登録制御部205は、利用者が所持する端末40に「原本提供要求」を送信する。利用者登録制御部205は、端末40から利用者の原本生体情報(例えば、顔画像)を受信する。 When the user obtains information on the service provider selected by the user from the service selection control unit 204, the user registration control unit 205 sends an "original provision request" to the terminal 40 held by the user. The user registration control unit 205 receives the user's original biometric information (e.g., a facial image) from the terminal 40.
 利用者登録制御部205は、利用者のシステムID、原本生体情報及び個人特定情報等を含む利用者登録要求を、利用者が選択したサービスに対応するサービス提供者のサービスサーバ20に送信する。 The user registration control unit 205 sends a user registration request, including the user's system ID, original biometric information, and personal identification information, to the service server 20 of the service provider that corresponds to the service selected by the user.
 なお、利用者登録制御部205は、アカウント管理データベースからシステムID及び個人特定情報(例えば、氏名又は氏名と生年月日の組み合わせ)を取得する。 The user registration control unit 205 also obtains the system ID and personal identification information (e.g., name or a combination of name and date of birth) from the account management database.
 利用者登録制御部205は、利用者登録要求に対する応答(肯定応答、否定応答)を受信する。 The user registration control unit 205 receives a response (positive response, negative response) to the user registration request.
 肯定応答(利用者登録に成功)を受信した場合、利用者登録制御部205は、利用者が選択したサービス提供者の事業者IDをアカウント管理データベースに登録する。また、肯定応答を受信した場合、利用者登録制御部205は、選択されたサービス提供者に関する利用者登録に成功した旨を利用者に通知する。 If a positive response (user registration successful) is received, the user registration control unit 205 registers the business ID of the service provider selected by the user in the account management database. Also, if a positive response is received, the user registration control unit 205 notifies the user that user registration for the selected service provider was successful.
 否定応答(利用者登録に失敗)を受信した場合、利用者登録制御部205は、その旨を利用者に通知する。 If a negative response (user registration failed) is received, the user registration control unit 205 notifies the user accordingly.
 利用者登録の解除が希望された場合、利用者登録制御部205は、解除が希望されたサービス提供者のサービスサーバ20に対して、利用者のシステムIDを含む「登録解除要求」を送信する。 If a user wishes to cancel their registration, the user registration control unit 205 sends a "registration cancellation request" including the user's system ID to the service server 20 of the service provider for which cancellation is desired.
 利用者登録制御部205は、登録解除要求に対する応答(肯定応答、否定応答)を受信する。利用者登録制御部205は、登録解除要求に対する結果を利用者に通知する。 The user registration control unit 205 receives a response (positive response, negative response) to the deregistration request. The user registration control unit 205 notifies the user of the result of the deregistration request.
 具体的には、肯定応答(登録解除成功)を受信した場合、利用者登録制御部205は、その旨を利用者に通知する。例えば、利用者登録制御部205は、図9に示すアイコンのチェックを外すことで、利用者が選択したサービス提供者の利用者登録が解除されたことを通知する。あるいは、登録解除が成功した場合、利用者登録制御部205は、サービス提供者(サービスサーバ20)から登録認証情報(例えば、特徴量)が削除された旨のメッセージ等を表示してもよい。即ち、端末40は、登録解除によってサービスサーバ20に登録された特徴量が削除されたことを利用者に報告してもよい。否定応答(登録解除失敗)を受信した場合、利用者登録制御部205は、その旨を利用者に通知する。 Specifically, if a positive response (deregistration successful) is received, the user registration control unit 205 notifies the user accordingly. For example, the user registration control unit 205 notifies the user that the user registration with the service provider selected by the user has been deregistered by unchecking the icon shown in FIG. 9. Alternatively, if deregistration is successful, the user registration control unit 205 may display a message or the like indicating that the registered authentication information (e.g., features) has been deleted from the service provider (service server 20). That is, the terminal 40 may report to the user that the features registered in the service server 20 have been deleted by deregistration. If a negative response (deregistration failed) is received, the user registration control unit 205 notifies the user accordingly.
 記憶部206は、制御サーバ10の動作に必要な情報を記憶する手段である。 The memory unit 206 is a means for storing information necessary for the operation of the control server 10.
 利用者登録に関し、上記説明した制御サーバ10の動作を纏めると図11に示すフローチャートのとおりとなる。 The operation of the control server 10 described above regarding user registration can be summarized as shown in the flowchart in Figure 11.
 制御サーバ10は、利用者が希望する生体認証サービス(サービス提供者)を取得する(選択サービスを取得;ステップS101)。その際、制御サーバ10は、必要に応じて、サービス提供者の管理コードを取得する。 The control server 10 acquires the biometric authentication service (service provider) desired by the user (acquire selected service; step S101). At that time, the control server 10 acquires the management code of the service provider as necessary.
 制御サーバ10は、利用者が所持する端末40に「原本提供要求」を送信することで、原本生体情報を取得する(ステップS102)。 The control server 10 obtains the original biometric information by sending an "original provision request" to the terminal 40 held by the user (step S102).
 制御サーバ10は、システムID、取得した原本生体情報(例えば、顔画像)と個人特定情報(例えば、氏名)を含む利用者登録要求をサービスサーバ20に送信する(ステップS103)。 The control server 10 sends a user registration request including the system ID, the acquired original biometric information (e.g., face image) and personal identification information (e.g., name) to the service server 20 (step S103).
 制御サーバ10は、サービスサーバ20から利用者登録要求に対する応答を受信する(ステップS104)。 The control server 10 receives a response to the user registration request from the service server 20 (step S104).
 制御サーバ10は、利用者登録の成否を利用者に通知する(ステップS105)。 The control server 10 notifies the user whether the user registration was successful or not (step S105).
 このように、制御サーバ10は、利用者が所持する端末40に対し、原本生体情報の提供を要求することで当該原本生体情報を取得し、取得された原本生体情報を利用者により選択されたサービス提供者のサービスサーバ20に送信する。その際、制御サーバ10は、少なくとも自装置で利用者を管理するためのシステムIDと、取得された原本生体情報と、をサービスサーバ20に送信する。 In this way, the control server 10 acquires the original biometric information by requesting the provision of the original biometric information from the terminal 40 held by the user, and transmits the acquired original biometric information to the service server 20 of the service provider selected by the user. At that time, the control server 10 transmits at least a system ID for managing the user on its own device and the acquired original biometric information to the service server 20.
[サービスサーバ]
 図12は、第1の実施形態に係るサービスサーバ20の処理構成(処理モジュール)の一例を示す図である。図12を参照すると、サービスサーバ20は、通信制御部301と、業務情報管理部302と、利用者登録制御部303と、認証部304と、記憶部305と、を備える。 [Service Server]
Fig. 12 is a diagram showing an example of a processing configuration (processing module) of the service server 20 according to the first embodiment. Referring to Fig. 12, the service server 20 includes a communication control unit 301, a business information management unit 302, a user registration control unit 303, an authentication unit 304, and a storage unit 305.
 通信制御部301は、他の装置との間の通信を制御する手段である。例えば、通信制御部301は、制御サーバ10からデータ(パケット)を受信する。また、通信制御部301は、制御サーバ10に向けてデータを送信する。通信制御部301は、他の装置から受信したデータを他の処理モジュールに引き渡す。通信制御部301は、他の処理モジュールから取得したデータを他の装置に向けて送信する。このように、他の処理モジュールは、通信制御部301を介して他の装置とデータの送受信を行う。通信制御部301は、他の装置からデータを受信する受信部としての機能と、他の装置に向けてデータを送信する送信部としての機能と、を備える。 The communication control unit 301 is a means for controlling communication with other devices. For example, the communication control unit 301 receives data (packets) from the control server 10. The communication control unit 301 also transmits data to the control server 10. The communication control unit 301 passes data received from other devices to other processing modules. The communication control unit 301 transmits data acquired from other processing modules to other devices. In this way, the other processing modules transmit and receive data to and from other devices via the communication control unit 301. The communication control unit 301 has a function as a receiving unit that receives data from other devices and a function as a transmitting unit that transmits data to other devices.
 業務情報管理部302は、サービス提供者が業務の提供に必要な業務情報に関する管理、制御を行う手段である。 The business information management unit 302 is a means for the service provider to manage and control the business information required to provide services.
 業務情報管理部302は、任意の手段を用いて自社のサービス提供に必要な業務情報を取得する。例えば、利用者の勤務先企業の業務情報管理部302は、従業員の氏名、生年月日、社員番号、所属部署、勤務地等の情報を業務情報として取得する。 The business information management unit 302 uses any means to acquire business information necessary for the company to provide its services. For example, the business information management unit 302 of the user's employer company acquires information such as the employee's name, date of birth, employee number, department, and place of work as business information.
 業務情報管理部302は、サービス提供者の職員等から上記業務情報を取得してもよいし、ホームページ等の手段を用いて利用者から直接、業務情報を取得してもよい。 The business information management unit 302 may obtain the business information from staff of the service provider, etc., or may obtain the business information directly from the user using a website or other means.
 業務情報管理部302は、利用者管理データベースを用いて業務情報を管理する。 The business information management unit 302 manages business information using a user management database.
 なお、業務情報管理部302のより詳細な説明は省略する。個別のサービスにおける業務情報の詳細やその取得方法は、本願開示の趣旨とは異なるためである。 A more detailed description of the business information management unit 302 will be omitted because the details of the business information for each service and the method of acquiring the information are different from the purpose of this disclosure.
 利用者登録制御部303は、サービス提供者による利用者登録を制御する手段である。利用者登録制御部303は、制御サーバ10から受信した利用者登録要求を処理する。 The user registration control unit 303 is a means for controlling user registration by the service provider. The user registration control unit 303 processes user registration requests received from the control server 10.
 利用者登録要求を受信すると、利用者登録制御部303は、当該利用者登録要求に含まれる個人特定情報(例えば、氏名)をキーとして利用者管理データベースを検索し、対応する利用者(エントリ)を特定する。 When a user registration request is received, the user registration control unit 303 searches the user management database using the personal identification information (e.g., name) included in the user registration request as a key to identify the corresponding user (entry).
 対応する利用者が利用者管理データベースに登録されていると、利用者登録制御部303は、取得した原本生体情報(例えば、顔画像)から登録認証情報を生成する。例えば、顔画像を取得した場合、利用者登録制御部303は、自社で採用する顔認証アルゴリズムに対応した特徴量(特徴ベクトル)を登録認証情報として生成する。 If the corresponding user is registered in the user management database, the user registration control unit 303 generates registration authentication information from the acquired original biometric information (e.g., a facial image). For example, when a facial image is acquired, the user registration control unit 303 generates a feature amount (feature vector) corresponding to the facial recognition algorithm adopted by the company as the registration authentication information.
 特徴量の生成処理に関しては既存の技術を用いることができるので、その詳細な説明を省略する。例えば、利用者登録制御部303は、顔画像から目、鼻、口等を特徴点として抽出する。その後、利用者登録制御部303は、特徴点それぞれの位置や各特徴点間の距離を特徴量として計算し、複数の特徴量からなる特徴ベクトル(顔画像を特徴づけるベクトル情報)を生成する。 Since existing technology can be used for the process of generating features, a detailed description thereof will be omitted. For example, the user registration control unit 303 extracts the eyes, nose, mouth, etc. from the face image as feature points. The user registration control unit 303 then calculates the position of each feature point and the distance between each feature point as feature amounts, and generates a feature vector (vector information that characterizes the face image) consisting of multiple feature amounts.
 登録認証情報(例えば、特徴量)を生成すると、利用者登録制御部303は、システムID、生成された登録認証情報(特徴量)及び業務情報を対応付けて利用者管理データベースに記憶する(図13参照)。 When the registration authentication information (e.g., features) is generated, the user registration control unit 303 associates the system ID, the generated registration authentication information (features), and the business information and stores them in the user management database (see FIG. 13).
 なお、図13に示す利用者管理データベースは例示であって、記憶する項目等を限定する趣旨ではない。例えば、利用者登録の日時等が利用者管理データベースに登録されていてもよい。 Note that the user management database shown in FIG. 13 is an example and is not intended to limit the items to be stored. For example, the date and time of user registration may be registered in the user management database.
 利用者登録が正常に終了すると、利用者登録制御部303は、利用者登録に成功した旨を示す肯定応答を制御サーバ10に送信する。なお、利用者登録制御部303は、登録認証情報(例えば、特徴量)を生成し、当該生成された登録認証情報を利用者管理データベースに登録すると、制御サーバ10から取得した原本生体情報を削除する。 When user registration is completed normally, the user registration control unit 303 sends an affirmative response to the control server 10 indicating that user registration was successful. The user registration control unit 303 generates registration authentication information (e.g., feature amounts), registers the generated registration authentication information in the user management database, and then deletes the original biometric information obtained from the control server 10.
 利用者登録が正常に終了しなければ、利用者登録制御部303は、利用者登録に失敗した旨を示す否定応答を制御サーバ10に送信する。例えば、制御サーバ10から受信した個人特定情報(例えば、氏名)が利用者管理データベースに登録されていない場合や原本生体情報から有効な登録認証情報が生成できない場合等に、否定応答が制御サーバ10に送信される。 If user registration does not end normally, the user registration control unit 303 sends a negative response to the control server 10 indicating that user registration has failed. For example, a negative response is sent to the control server 10 when the personal identification information (e.g., name) received from the control server 10 is not registered in the user management database or when valid registration authentication information cannot be generated from the original biometric information.
 さらに、利用者登録制御部303は、制御サーバ10から受信した登録解除要求を処理する。 Furthermore, the user registration control unit 303 processes deregistration requests received from the control server 10.
 登録解除要求を受信すると、利用者登録制御部303は、当該登録解除要求に含まれるシステムIDをキーとして利用者管理データベースを検索し、対応する利用者を特定する。利用者登録制御部303は、当該特定された利用者の少なくともシステムIDと登録認証情報(例えば、特徴量)を削除する。あるいは、利用者登録制御部303は、必要に応じて特定された利用者のエントリ(利用者管理データベースのエントリ)を削除する。 When a deregistration request is received, the user registration control unit 303 searches the user management database using the system ID included in the deregistration request as a key to identify the corresponding user. The user registration control unit 303 deletes at least the system ID and registered authentication information (e.g., features) of the identified user. Alternatively, the user registration control unit 303 deletes the entry of the identified user (entry in the user management database) as necessary.
 システムID等の削除に成功すると、利用者登録制御部303は、利用者登録の解除が成功した旨を示す肯定応答を制御サーバ10に送信する。制御サーバ10から取得したシステムIDが利用者管理データベースに存在しない等の理由により利用者登録の解除に失敗した場合、利用者登録制御部303は、その旨を示す否定応答を制御サーバ10に送信する。 If the system ID and other information are successfully deleted, the user registration control unit 303 sends a positive response to the control server 10 indicating that the user registration was successfully cancelled. If the user registration was unsuccessful because the system ID obtained from the control server 10 does not exist in the user management database, for example, the user registration control unit 303 sends a negative response to that effect to the control server 10.
 認証部304は、被認証者の生体認証を行う手段である。認証部304は、認証端末30から認証要求を受信する。認証部304は、認証要求から生体情報(例えば、顔画像)を取り出す。 The authentication unit 304 is a means for performing biometric authentication of the person to be authenticated. The authentication unit 304 receives an authentication request from the authentication terminal 30. The authentication unit 304 extracts biometric information (e.g., a facial image) from the authentication request.
 認証部304は、取得した生体情報から照合認証情報を生成する。例えば、顔画像を取得すると、認証部304は、自社で採用している顔認証アルゴリズムに対応した特徴量を生成する。認証部304は、生成した照合認証情報(特徴量)と、利用者管理データベースに登録された登録認証情報(特徴量)と、を用いた照合処理を実行する。 The authentication unit 304 generates matching authentication information from the acquired biometric information. For example, when a facial image is acquired, the authentication unit 304 generates features corresponding to the facial recognition algorithm adopted by the company. The authentication unit 304 executes a matching process using the generated matching authentication information (features) and registered authentication information (features) registered in the user management database.
 具体的には、認証部304は、照合対象の特徴量(特徴ベクトル)と登録側の複数の特徴量それぞれとの間の類似度を計算する。当該類似度には、カイ二乗距離やユークリッド距離等を用いることができる。なお、距離が離れているほど類似度は低く、距離が近いほど類似度が高い。 Specifically, the authentication unit 304 calculates the similarity between the feature amount (feature vector) to be matched and each of the multiple feature amounts on the registration side. The similarity can be calculated using chi-square distance, Euclidean distance, or the like. Note that the greater the distance, the lower the similarity, and the closer the distance, the higher the similarity.
 類似度が所定の値以上の特徴量が存在しなければ、認証部304は、認証結果を「認証失敗」に設定する。 If there are no features whose similarity is equal to or greater than a predetermined value, the authentication unit 304 sets the authentication result to "authentication failed."
 類似度が所定の値以上の特徴量が存在すれば、認証部304は、利用者管理データベースに登録された複数のエントリのうち最も類似度が高い特徴量(登録認証情報)を持つエントリ(利用者)を特定する。認証部304は、特定された利用者の業務情報を用いて被認証者の認証を行う。 If there is a feature whose similarity is equal to or greater than a predetermined value, the authentication unit 304 identifies the entry (user) having the most similar feature (registered authentication information) from among the multiple entries registered in the user management database. The authentication unit 304 authenticates the person to be authenticated using the business information of the identified user.
 例えば、利用者の勤務先の認証部304は、照合処理により特定された利用者が自社の社員であってオフィスに入場する資格を備えていれば「認証成功」と判定する。あるいは、認証部304は、特定された利用者が自社の社員であっても当該社員が認証端末30の設置場所に入場する資格がなければ「認証失敗」と判定する。 For example, the authentication unit 304 of the user's workplace will determine that the authentication is successful if the user identified by the matching process is an employee of the company and has the right to enter the office. Alternatively, the authentication unit 304 will determine that the authentication is unsuccessful if the identified user is an employee of the company but is not qualified to enter the location where the authentication terminal 30 is installed.
 なお、各サービス提供者における業務情報を用いた認証処理に関するより詳細な説明を省略する。各サービス提供者に特有な処理は本願開示の趣旨とは異なるためである。 Note that we will not provide a detailed explanation of the authentication process using business information at each service provider, as the processes specific to each service provider are outside the scope of the present disclosure.
 認証部304は、認証結果(認証成功、認証失敗)を認証端末30に送信する。 The authentication unit 304 sends the authentication result (authentication successful, authentication failed) to the authentication terminal 30.
 記憶部305は、サービスサーバ20の動作に必要な情報を記憶する手段である。 The memory unit 305 is a means for storing information necessary for the operation of the service server 20.
 なお、第1のタイプに属するサービス提供者は、原則として、利用者の認証に使用した業務情報を記憶し続ける。例えば、サービスサーバ20は、社員が退職するまで、あるいは住民が引っ越しをするまで業務情報を記憶し続ける。換言すれば、サービスサーバ20は、社員の退職等を契機として業務情報を削除してもよい。 In principle, service providers belonging to the first type will continue to store the business information used to authenticate users. For example, the service server 20 will continue to store the business information until an employee retires or a resident moves out. In other words, the service server 20 may delete the business information when an employee retires, etc.
[認証端末]
 図14は、第1の実施形態に係る認証端末30の処理構成(処理モジュール)の一例を示す図である。図14を参照すると、認証端末30は、通信制御部401と、生体情報取得部402と、認証要求部403と、機能実現部404と、記憶部405と、を備える。 [Authentication device]
Fig. 14 is a diagram showing an example of a processing configuration (processing module) of the authentication terminal 30 according to the first embodiment. Referring to Fig. 14, the authentication terminal 30 includes a communication control unit 401, a biometric information acquisition unit 402, an authentication request unit 403, a function realization unit 404, and a storage unit 405.
 通信制御部401は、他の装置との間の通信を制御する手段である。例えば、通信制御部401は、サービスサーバ20からデータ(パケット)を受信する。また、通信制御部401は、サービスサーバ20に向けてデータを送信する。通信制御部401は、他の装置から受信したデータを他の処理モジュールに引き渡す。通信制御部401は、他の処理モジュールから取得したデータを他の装置に向けて送信する。このように、他の処理モジュールは、通信制御部401を介して他の装置とデータの送受信を行う。通信制御部401は、他の装置からデータを受信する受信部としての機能と、他の装置に向けてデータを送信する送信部としての機能と、を備える。 The communication control unit 401 is a means for controlling communication with other devices. For example, the communication control unit 401 receives data (packets) from the service server 20. The communication control unit 401 also transmits data to the service server 20. The communication control unit 401 passes data received from other devices to other processing modules. The communication control unit 401 transmits data acquired from other processing modules to other devices. In this way, the other processing modules transmit and receive data to and from other devices via the communication control unit 401. The communication control unit 401 has a function as a receiving unit that receives data from other devices and a function as a transmitting unit that transmits data to other devices.
 生体情報取得部402は、カメラを制御し、被認証者の生体情報(例えば、顔画像)を取得する手段である。生体情報取得部402は、定期的又は所定のタイミングにおいて自装置の前方を撮像する。生体情報取得部402は、取得した画像に人の顔画像が含まれるか否かを判定し、顔画像が含まれる場合には取得した画像データから顔画像を抽出する。 The biometric information acquisition unit 402 is a means for controlling the camera and acquiring biometric information (e.g., a facial image) of the person to be authenticated. The biometric information acquisition unit 402 captures an image of the area in front of the device periodically or at a specified timing. The biometric information acquisition unit 402 determines whether the acquired image contains a human facial image, and if a facial image is included, extracts the facial image from the acquired image data.
 なお、生体情報取得部402による顔画像の検出処理や顔画像の抽出処理には既存の技術を用いることができるので詳細な説明を省略する。例えば、生体情報取得部402は、CNN(Convolutional Neural Network)により学習された学習モデルを用いて、画像データの中から顔画像(顔領域)を抽出してもよい。あるいは、生体情報取得部402は、テンプレートマッチング等の手法を用いて顔画像を抽出してもよい。 Note that the facial image detection process and facial image extraction process performed by the biometric information acquisition unit 402 can use existing technology, so a detailed description will be omitted. For example, the biometric information acquisition unit 402 may extract a facial image (face area) from image data using a learning model trained by a CNN (Convolutional Neural Network). Alternatively, the biometric information acquisition unit 402 may extract a facial image using a method such as template matching.
 生体情報取得部402は、抽出した顔画像を認証要求部403に引き渡す。 The biometric information acquisition unit 402 passes the extracted facial image to the authentication request unit 403.
 認証要求部403は、サービスサーバ20に対して被認証者の認証を要求する手段である。認証要求部403は、被認証者の認証が必要になると、被認証者(認証端末30の面前の利用者)の生体情報を含む認証要求をサービスサーバ20に送信する。 The authentication request unit 403 is a means for requesting authentication of the person to be authenticated from the service server 20. When authentication of the person to be authenticated becomes necessary, the authentication request unit 403 transmits an authentication request including biometric information of the person to be authenticated (the user in front of the authentication terminal 30) to the service server 20.
 認証要求部403は、サービスサーバ20から認証結果(認証成功、認証失敗)を受信する。認証要求部403は、受信した認証結果を機能実現部404に引き渡す。 The authentication request unit 403 receives the authentication result (authentication successful, authentication failed) from the service server 20. The authentication request unit 403 passes the received authentication result to the function realization unit 404.
 機能実現部404は、認証端末30に割り当てられた機能を実現する手段である。例えば、利用者の勤務先に設置された認証端末30の機能実現部404は、認証成功を受信すると、ゲートを開き被認証者の入場を許可する。 The function realization unit 404 is a means for realizing the functions assigned to the authentication terminal 30. For example, when the function realization unit 404 of the authentication terminal 30 installed at the user's workplace receives a successful authentication, it opens the gate and allows the authenticated person to enter.
 なお、各サービス提供者の認証端末30に含まれる機能実現部404に関するより詳細な説明は省略する。機能実現部404による認証端末30の機能実現は、本願開示の趣旨とは異なるためである。 Note that a detailed description of the function realization unit 404 included in the authentication terminal 30 of each service provider will be omitted. This is because the realization of the functions of the authentication terminal 30 by the function realization unit 404 is different from the purpose of the disclosure of this application.
 記憶部405は、認証端末30の動作に必要な情報を記憶する手段である。 The memory unit 405 is a means for storing information necessary for the operation of the authentication terminal 30.
[端末]
 図15は、第1の実施形態に係る端末40の処理構成(処理モジュール)の一例を示す図である。図15を参照すると、端末40は、通信制御部501と、アカウント生成制御部502と、原本情報取得部503と、サービス選択部504と、記憶部505と、を備える。 [Device]
Fig. 15 is a diagram showing an example of a processing configuration (processing module) of the terminal 40 according to the first embodiment. Referring to Fig. 15, the terminal 40 includes a communication control unit 501, an account creation control unit 502, an original information acquisition unit 503, a service selection unit 504, and a storage unit 505.
 通信制御部501は、他の装置との間の通信を制御する手段である。例えば、通信制御部501は、制御サーバ10からデータ(パケット)を受信する。また、通信制御部501は、制御サーバ10に向けてデータを送信する。通信制御部501は、他の装置から受信したデータを他の処理モジュールに引き渡す。通信制御部501は、他の処理モジュールから取得したデータを他の装置に向けて送信する。このように、他の処理モジュールは、通信制御部501を介して他の装置とデータの送受信を行う。通信制御部501は、他の装置からデータを受信する受信部としての機能と、他の装置に向けてデータを送信する送信部としての機能と、を備える。 The communication control unit 501 is a means for controlling communication with other devices. For example, the communication control unit 501 receives data (packets) from the control server 10. The communication control unit 501 also transmits data to the control server 10. The communication control unit 501 passes data received from other devices to other processing modules. The communication control unit 501 transmits data acquired from other processing modules to other devices. In this way, the other processing modules transmit and receive data to and from other devices via the communication control unit 501. The communication control unit 501 has a function as a receiving unit that receives data from other devices and a function as a transmitting unit that transmits data to other devices.
 アカウント生成制御部502は、利用者によるアカウント生成を制御する手段である。アカウント生成制御部502は、利用者の操作に応じて、制御サーバ10が提供する所定のWEBページ等にアクセスする。 The account creation control unit 502 is a means for controlling the creation of an account by a user. The account creation control unit 502 accesses a specific web page or the like provided by the control server 10 in response to a user's operation.
 アカウント生成制御部502は、利用者の操作に応じて、当該WEBページに、ログイン情報、氏名、生年月日等を入力する。 The account creation control unit 502 inputs login information, name, date of birth, etc. into the web page in response to user operations.
 原本情報取得部503は、利用者の生体情報(原本生体情報)を取得する手段である。原本情報取得部503は、利用者の操作に応じて、原本生体情報(例えば、顔画像)を取得するためのGUI等を表示する。例えば、原本情報取得部503は、図16に示すようなGUIを用いて原本生体情報を取得する。 The original information acquisition unit 503 is a means for acquiring the biometric information of the user (original biometric information). The original information acquisition unit 503 displays a GUI or the like for acquiring the original biometric information (e.g., a facial image) in response to the user's operation. For example, the original information acquisition unit 503 acquires the original biometric information using a GUI such as that shown in FIG. 16.
 原本情報取得部503は、取得した原本生体情報(例えば、顔画像)を記憶部505に格納する。その際、原本情報取得部503は、取得した原本生体情報に暗号化、コード化等を施し、当該暗号化された原本生体情報を記憶部505に記憶してもよい。即ち、利用者が所持する端末40は、暗号化された原本生体情報を保持してもよい。暗号化された原本生体情報は、原本生体情報が制御サーバ10に送信される際に復号されてもよい。あるいは、暗号化された原本生体情報を復号するための情報(例えば、共通鍵)が端末40と制御サーバ10の間で共有され、制御サーバ10が暗号化された原本生体情報を復号してもよい。 The original information acquisition unit 503 stores the acquired original biometric information (e.g., a facial image) in the storage unit 505. At that time, the original information acquisition unit 503 may encrypt, code, etc. the acquired original biometric information and store the encrypted original biometric information in the storage unit 505. That is, the terminal 40 held by the user may hold the encrypted original biometric information. The encrypted original biometric information may be decrypted when the original biometric information is transmitted to the control server 10. Alternatively, information for decrypting the encrypted original biometric information (e.g., a common key) may be shared between the terminal 40 and the control server 10, and the control server 10 may decrypt the encrypted original biometric information.
 なお、端末40は、原則として、利用者の原本生体情報(例えば、顔画像)を削除しない。即ち、端末40は、利用者からの明確な指示がなければ記憶部505に記憶された原本生体情報を削除しない。 In principle, the terminal 40 does not delete the original biometric information (e.g., a facial image) of the user. In other words, the terminal 40 does not delete the original biometric information stored in the storage unit 505 unless there is a clear instruction from the user.
 サービス選択部504は、利用者による生体認証サービスの選択を可能とする手段である。サービス選択部504は、利用者の操作に応じて、制御サーバ10が提供するポータルサイトにログインする。サービス選択部504は、制御サーバ10が提供するGUIを用いて利用者が選択したサービス提供者の情報を制御サーバ10に送信する。 The service selection unit 504 is a means for enabling the user to select a biometric authentication service. The service selection unit 504 logs in to a portal site provided by the control server 10 in response to the user's operation. The service selection unit 504 transmits to the control server 10 information on the service provider selected by the user using a GUI provided by the control server 10.
 サービス選択部504は、制御サーバ10から原本提供要求を受信する。当該要求を受信すると、サービス選択部504は、記憶部505に記憶された原本生体情報を制御サーバ10に送信する。 The service selection unit 504 receives a request to provide the original from the control server 10. Upon receiving the request, the service selection unit 504 transmits the original biometric information stored in the storage unit 505 to the control server 10.
 記憶部505は、端末40の動作に必要な情報を記憶する手段である。 The memory unit 505 is a means for storing information necessary for the operation of the terminal 40.
[システムの動作]
 続いて、第1の実施形態に係る認証システムの動作について説明する。なお、アカウント生成等に関する動作の説明は省略する。図17は、第1の実施形態に係る認証システムの動作の一例を示すシーケンス図である。 [System Operation]
Next, the operation of the authentication system according to the first embodiment will be described. Note that a description of the operation related to account creation, etc. will be omitted. Fig. 17 is a sequence diagram showing an example of the operation of the authentication system according to the first embodiment.
 端末40は、利用者が選択したサービスの情報(利用者が生体認証サービスの提供を受けたいサービス提供者の情報)を制御サーバ10に送信する(サービスの情報を送信;ステップS10)。 The terminal 40 transmits information about the service selected by the user (information about the service provider from which the user wishes to receive biometric authentication services) to the control server 10 (transmitting service information; step S10).
 利用者が提供を受けたいサービスを選択すると、制御サーバ10は、原本提供要求を当該利用者の端末40に送信する(ステップS11)。 When the user selects the service he or she wishes to receive, the control server 10 sends a request to provide the original to the user's terminal 40 (step S11).
 原本提供要求の受信に応じて、端末40は、原本生体情報(例えば、顔画像)を制御サーバ10に送信する(ステップS12)。 In response to receiving the request to provide the original, the terminal 40 transmits the original biometric information (e.g., a facial image) to the control server 10 (step S12).
 制御サーバ10は、システムID、取得した原本生体情報及び個人特定情報等を含む利用者登録要求を、利用者が選択したサービス提供者のサービスサーバ20に送信する(ステップS13)。 The control server 10 sends a user registration request including the system ID, the acquired original biometric information, and the personal identification information to the service server 20 of the service provider selected by the user (step S13).
 サービスサーバ20は、取得した原本生体情報から登録用の認証情報(登録認証情報)を生成する(ステップS14)。生成された登録認証情報は、利用者管理データベースに登録される。 The service server 20 generates authentication information for registration (registered authentication information) from the acquired original biometric information (step S14). The generated registered authentication information is registered in the user management database.
<第1の実施形態に係る変形例>
 上記実施形態では、利用者が入力する管理コードは、複数のサービス提供者のなかから利用者が選択したサービス提供者を特定するために使用される場合について説明を行った。しかし、当該管理コードは、利用者が、サービス提供者を選択する資格を有するか否かの情報として用いられてもよい。具体的には、管理コードは、利用者がサービス提供者(勤務先、マンションの管理会社等)を登録する資格を有することの証明として使用されてもよい。 <Modification of the First Embodiment>
In the above embodiment, the case has been described where the management code input by the user is used to identify a service provider selected by the user from among a plurality of service providers. However, the management code may also be used as information on whether or not the user is qualified to select a service provider. Specifically, the management code may be used as proof that the user is qualified to register a service provider (such as an employer or an apartment management company).
 例えば、制御サーバ10は、利用者が勤務先やマンション管理会社等をサービス提供者として選択すると、認証センターと契約している勤務先等の一覧を端末40に表示する。制御サーバ10は、一覧表示のなかから利用者が勤務先やマンション管理会社等を選択すると、当該勤務先等の管理コードの入力を利用者に求める。 For example, when a user selects a workplace, condominium management company, etc. as a service provider, the control server 10 displays a list of workplaces, etc. that have contracts with the authentication center on the terminal 40. When the user selects a workplace, condominium management company, etc. from the displayed list, the control server 10 prompts the user to enter the management code of the workplace, etc.
 制御サーバ10は、利用者が選択したサービス提供者の管理コードと当該利用者が入力した管理コードが一致する場合、当該利用者はサービス提供者からサービスの提供を受ける資格を有すると判定する。一方、制御サーバ10は、利用者が選択したサービス提供者の管理コードと当該利用者が入力した管理コードが不一致な場合、当該利用者はサービス提供者からサービスの提供を受ける資格を有さないと判定する。制御サーバ10は、利用者がサービス提供者からサービスの提供を受ける資格を備えている場合、当該利用者に関する利用者登録(サービス提供者の選択)を受け入れる。このように、サービス選択制御部204は、利用者がサービスの提供を受けたいサービス提供者を選択すると、第1の管理コードの入力を前記利用者に要求する。サービス選択制御部204は、当該利用者が入力した第1の管理コードと、利用者により選択されたサービス提供者に対応する予め定められた第2の管理コードと、が一致した場合に、利用者によるサービス提供者の選択を受け入れる。 If the management code of the service provider selected by the user matches the management code entered by the user, the control server 10 determines that the user is eligible to receive services from the service provider. On the other hand, if the management code of the service provider selected by the user does not match the management code entered by the user, the control server 10 determines that the user is not eligible to receive services from the service provider. If the user is eligible to receive services from the service provider, the control server 10 accepts the user registration (selection of a service provider) for that user. In this way, when the user selects a service provider from which he or she wants to receive services, the service selection control unit 204 requests the user to input a first management code. If the first management code entered by the user matches the predetermined second management code corresponding to the service provider selected by the user, the service selection control unit 204 accepts the user's selection of a service provider.
 例えば、利用者が勤務先Aを選択し、当該利用者が勤務先Aの正しい管理コードを入力すると、制御サーバ10は、当該利用者は勤務先Aに利用者登録をする資格を備えていると判定する。このように、制御サーバ10は、管理コードをパスワードとして用いることもできる。管理コードをパスワードとして用いることで、制御サーバ10は、サービス提供者とは無関係な利用者の利用者登録を防止できる。 For example, when a user selects workplace A and enters the correct management code for workplace A, the control server 10 determines that the user is qualified to register as a user for workplace A. In this way, the control server 10 can also use the management code as a password. By using the management code as a password, the control server 10 can prevent users who are not related to the service provider from registering as users.
 以上のように、第1の実施形態に係る制御サーバ10は、第1のタイプに属するサービス提供者が生体認証に用いる認証情報の原本となる原本生体情報を取得するための制御を行う。第1のタイプに属するサービス提供者は、顧客を管理するためのアカウントを持たず、且つ、顧客にサービスを提供するための業務情報を繰り返し使用するサービス提供者である。このようなサービス提供者が利用者(顧客)の原本生体情報を取得可能とするため、制御サーバ10は、利用者の原本生体情報と共に個人特定情報(例えば、氏名)をサービス提供者のサービスサーバ20に送信する。サービスサーバ20は、個人特定情報を用いて利用者を特定し、特定された利用者の登録認証情報と業務情報を対応付けて記憶する。当該対応付けが完了することで、サービス提供者は、利用者に対して生体認証を用いたサービスの提供が可能となる。 As described above, the control server 10 according to the first embodiment performs control for a first type service provider to acquire original biometric information that is the original of authentication information used for biometric authentication. A first type service provider is a service provider that does not have an account for managing customers and repeatedly uses business information for providing services to customers. To enable such a service provider to acquire the original biometric information of a user (customer), the control server 10 transmits personal identification information (e.g., name) along with the original biometric information of the user to the service server 20 of the service provider. The service server 20 identifies the user using the personal identification information, and stores the registered authentication information and business information of the identified user in association with each other. Completion of the association enables the service provider to provide the user with a service using biometric authentication.
 また、第1の実施形態に係る認証システムでは、生体認証に必要な原本生体情報(例えば、顔画像)は利用者の端末40に格納されている。利用者が、生体認証サービスの享受を希望すると、当該利用者がサービス提供者を選択した後に、端末40に格納された原本生体情報は、上記選択されたサービス提供者(登録認証情報を必要とするサービス提供者)に提供される。利用者は、一度、自身の生体情報(例えば、顔画像)を端末40に登録することで、各サービス(様々なサービス提供場所)それぞれに生体情報を登録することなく、各サービスを享受できる。即ち、利用者は、一度、自身の顔を撮影すれば、当該顔画像を用いて様々な場所(サービス)において再び顔登録を行わず、顔認証サービスを利用することができる。換言すれば、一度の生体情報の登録で、生体認証を用いた様々なソリューションに当該生体情報を適用可能である。 In addition, in the authentication system according to the first embodiment, the original biometric information (e.g., a facial image) required for biometric authentication is stored in the user's terminal 40. When a user wishes to use a biometric authentication service, the user selects a service provider, and then the original biometric information stored in the terminal 40 is provided to the selected service provider (the service provider that requires the registered authentication information). Once the user registers his/her own biometric information (e.g., a facial image) in the terminal 40, the user can enjoy each service without registering biometric information for each service (various service providing locations). In other words, once the user photographs his/her face, the user can use the facial authentication service in various locations (services) using the facial image without registering the face again. In other words, once the biometric information is registered, the biometric information can be applied to various solutions using biometric authentication.
 また、上記構成により、サービス提供者が生体認証サービスを提供する際に生じる種々の問題が解決される。既存のシステムでは、サービス提供者は、サービス提供場所(サービス)ごとに利用者に顔画像の登録をして貰う必要があった。しかし、第1の実施形態に係るシステムでは、利用者が1回の顔登録を行えば十分であり、サービス提供者による顔登録誘導の負担が大幅に減少する。また、サービス提供者は、原本生体情報(顔画像)を保持する必要がなく、サービス提供者の情報漏洩等に対する負担が軽減する。とりわけ、同じサービス提供者が、複数の顔認証アルゴリズムを採用している場合、各顔認証アルゴリズムに対応した顔画像を所持する必要がなくなるので、当該サービス提供者の経営リスクが低減する。また、利用者の同意の下、認証センターが原本生体情報を記憶することで、サービス提供者は、自社で採用する顔認証エンジンを変更したり、提供サービスに適した顔認証エンジンを新たに採用したりすることができる。即ち、サービス提供者は、特定ベンダーの顔認証エンジンに限定されず、用途に適した様々なベンダーの顔認証エンジンを採用することができる。その結果、サービス提供者は、1社のベンダー(1つの顔認証エンジン)に過度に依存する事業リスクを回避できる。即ち、本願開示の認証システムに参加するサービス提供者は、容易に、マルチベンダー対応が可能である。 Also, the above configuration solves various problems that arise when a service provider provides a biometric authentication service. In existing systems, the service provider had to have the user register a face image for each service provision location (service). However, in the system according to the first embodiment, the user only needs to register the face once, and the burden on the service provider in encouraging the user to register the face is significantly reduced. In addition, the service provider does not need to hold the original biometric information (face image), which reduces the burden on the service provider against information leakage, etc. In particular, when the same service provider employs multiple face recognition algorithms, it is no longer necessary to possess face images corresponding to each face recognition algorithm, which reduces the business risk of the service provider. In addition, with the consent of the user, the authentication center stores the original biometric information, which allows the service provider to change the face recognition engine employed in-house or to newly adopt a face recognition engine suitable for the service provided. In other words, the service provider is not limited to a face recognition engine of a specific vendor, but can adopt face recognition engines of various vendors suitable for the application. As a result, the service provider can avoid the business risk of being overly dependent on one vendor (one face recognition engine). In other words, service providers who participate in the authentication system disclosed in this application can easily support multiple vendors.
 また、利用者側の観点では、同じサービス(同じサービス提供者)にも関わらず、何度も顔画像を登録する必要がないので、利用者の利便性が向上する。また、原本生体情報(顔画像)は自身の端末40に留め置かれ、外部の会社等に自身の顔画像が保持されることがないので、情報漏洩等に対する不安が低減する。即ち、利用者は、安心して生体認証サービスを享受できる。 Furthermore, from the user's perspective, there is no need to register a facial image multiple times even when using the same service (same service provider), improving convenience for the user. Furthermore, the original biometric information (facial image) is kept on the user's own terminal 40, and the user's facial image is not held by an external company, etc., reducing concerns about information leaks, etc. In other words, users can enjoy biometric authentication services with peace of mind.
[第2の実施形態]
 続いて、第2の実施形態について図面を参照して詳細に説明する。 Second Embodiment
Next, the second embodiment will be described in detail with reference to the drawings.
 第2の実施形態では、第2のタイプのサービス提供者に関する利用者登録について説明する。 In the second embodiment, user registration for a second type of service provider is described.
 なお、第2の実施形態に係る認証システムの構成は第1の実施形態と同一とすることができるので図3に相当する説明を省略する。また、第2の実施形態に係る制御サーバ10等の処理構成も第1の実施形態と同一とすることができるので、その説明を省略する。 Note that the configuration of the authentication system according to the second embodiment can be the same as that of the first embodiment, and therefore the explanation corresponding to FIG. 3 will be omitted. In addition, the processing configuration of the control server 10 and the like according to the second embodiment can also be the same as that of the first embodiment, and therefore the explanation thereof will be omitted.
 以下、第1の実施形態と第2の実施形態の相違点を中心に説明する。 The following will focus on the differences between the first and second embodiments.
 上述のように、第2のタイプに属するサービス提供者(例えば、遊園地等の運営会社、コンサート等のイベント会社)は、利用者に対してポータルサイトを提供しない。イベント会社は、利用者がチケット販売サイト等で購入したチケットの情報を業務情報として記憶し、当該業務情報を用いて利用者を認証する。 As mentioned above, service providers belonging to the second type (for example, amusement park management companies, concert and other event companies) do not provide portal sites to users. Event companies store information about tickets purchased by users on ticket sales sites, etc. as business information, and use that business information to authenticate users.
 利用者は、端末40を操作してチケット販売サイトにアクセスし、当該チケット販売サイトにおいて目的とするチケットを購入する。具体的には、図18に示すように、利用者は、端末40を操作してチケット管理サーバ50にアクセスし、チケットを購入する。端末40は、購入チケットの情報を取得する。例えば、端末40は、購入したチケットを一意に識別するためのID(チケットID)をチケット管理サーバ50から取得する。 The user operates the terminal 40 to access a ticket sales site and purchases the desired ticket on the ticket sales site. Specifically, as shown in FIG. 18, the user operates the terminal 40 to access the ticket management server 50 and purchases a ticket. The terminal 40 obtains information about the purchased ticket. For example, the terminal 40 obtains an ID (ticket ID) for uniquely identifying the purchased ticket from the ticket management server 50.
 なお、チケット管理サーバ50の構成等に関する詳細な説明、チケットの購入やチケットID等の取得に関する詳細な説明は省略する。チケットの購入等は本願開示の趣旨とは異なると共に当業者にとって明らかなためである。 Note that detailed explanations regarding the configuration of the ticket management server 50, purchasing tickets, obtaining ticket IDs, etc. will be omitted. Purchasing tickets, etc. is outside the scope of the present disclosure and would be obvious to a person skilled in the art.
 利用者は、図9に示すようなGUIにおいて、第2のタイプに属するサービス提供者を選択する。例えば、利用者は、遊園地、テーマパーク等を運営するイベント会社を選択する。即ち、利用者は、端末40を操作して、制御サーバ10にアクセスし、利用者登録の対象となるサービス提供者を選択する。なお、制御サーバ10は、必要に応じてサービス提供者を指定する管理コードを利用者から取得する。 The user selects a service provider belonging to the second type in a GUI such as that shown in FIG. 9. For example, the user selects an event company that operates amusement parks, theme parks, etc. That is, the user operates the terminal 40 to access the control server 10 and selects the service provider for which the user is to be registered. The control server 10 acquires an administration code that specifies the service provider from the user as necessary.
 制御サーバ10は、選択されたサービス提供者の事業者IDに基づいて当該選択されたサービス提供者のタイプを判定する。ここでは、第2のタイプに属するサービス提供者が選択される。第2のタイプに属するサービス提供者の事業者情報には、当該サービス提供者が必要とする業務情報に関する情報が記載されている。上記の例では、チケットの情報(チケットID)が必要なことが事業者情報に記載されている。 The control server 10 determines the type of the selected service provider based on the business ID of the selected service provider. In this case, a service provider belonging to the second type is selected. The business information of a service provider belonging to the second type includes information on the business information required by the service provider. In the above example, the business information includes information that ticket information (ticket ID) is required.
 第2のタイプのサービス提供者が選択されると、制御サーバ10の利用者登録制御部205は、サービス提供者が必要とする業務情報を取得する。例えば、利用者登録制御部205は、図19に示すようなGUIを端末40に表示することでチケットIDを取得する。 When a second type of service provider is selected, the user registration control unit 205 of the control server 10 acquires the business information required by the service provider. For example, the user registration control unit 205 acquires the ticket ID by displaying a GUI such as that shown in FIG. 19 on the terminal 40.
 チケットIDを取得すると、利用者登録制御部205は、第1の実施形態と同様に、原本提供要求を端末40に送信することで、利用者の端末40から原本生体情報を取得する(図18のステップS21、S22)。 Once the ticket ID is acquired, the user registration control unit 205 acquires the original biometric information from the user's terminal 40 by sending an original provision request to the terminal 40, as in the first embodiment (steps S21 and S22 in FIG. 18).
 原本生体情報を取得すると、利用者登録制御部205は、システムID、上記取得したチケットID(業務情報)と原本生体情報を含む利用者登録要求を利用者が選択したサービス提供者のサービスサーバ20に送信する(ステップS23)。 After acquiring the original biometric information, the user registration control unit 205 sends a user registration request including the system ID, the acquired ticket ID (business information), and the original biometric information to the service server 20 of the service provider selected by the user (step S23).
 サービスサーバ20の利用者登録制御部303は、取得した生体情報から登録認証情報を生成する。また、利用者登録制御部303は、利用者管理データベースに新規なエントリを追加し、当該追加されたエントリにシステムID、登録認証情報及び業務情報(チケットID)を記憶する。 The user registration control unit 303 of the service server 20 generates registration authentication information from the acquired biometric information. The user registration control unit 303 also adds a new entry to the user management database, and stores the system ID, registration authentication information, and business information (ticket ID) in the added entry.
 サービスサーバ20は、認証端末30から受信する認証要求を処理する。具体的には、サービスサーバ20の認証部304は、照合処理により特定された被認証者のチケットIDをチケット販売サイトのチケット管理サーバ50に送信する(図20参照)。 The service server 20 processes the authentication request received from the authentication terminal 30. Specifically, the authentication unit 304 of the service server 20 transmits the ticket ID of the person to be authenticated identified by the matching process to the ticket management server 50 of the ticket sales site (see FIG. 20).
 チケット管理サーバ50は、取得したチケットIDの有効性を判定する。具体的には、チケット管理サーバ50は、チケットIDにより特定されるチケットのイベント開催場所、開催日時等に基づきチケットの有効性を判定する。チケット管理サーバ50は、判定結果をサービスサーバ20に送信する。認証部304は、チケットが有効であれば認証成功と判定する。認証部304は、チケットが無効であれば認証失敗と判定する。 The ticket management server 50 determines the validity of the acquired ticket ID. Specifically, the ticket management server 50 determines the validity of the ticket based on the location, date and time of the event, etc., of the ticket specified by the ticket ID. The ticket management server 50 transmits the determination result to the service server 20. The authentication unit 304 determines that the authentication is successful if the ticket is valid. The authentication unit 304 determines that the authentication is unsuccessful if the ticket is invalid.
 なお、第2のタイプに属するサービス提供者は、原則として、利用者の認証に使用した業務情報を削除する。第2のタイプに属するサービス提供者が用いる業務情報(サービス提供者が顧客にサービスを提供するために必要な業務情報;例えば、チケットID)は、生体認証の際に実質的に1度使用される情報だからである。例えば、チケット購入者がイベント会場に入場すると、当該チケット購入者を再び認証成功と判定することはないので、対応する業務情報は削除される。あるいは、イベント会場への再入場が許可されている場合には、サービスサーバ20は、イベント終了後(イベント終了予定時刻から所定時間経過後)に、対応する業務情報を削除してもよい。 In principle, service providers belonging to the second type will delete the business information used to authenticate the user. This is because the business information used by service providers belonging to the second type (business information necessary for the service provider to provide a service to the customer; for example, a ticket ID) is information that is essentially used once during biometric authentication. For example, once a ticket purchaser enters an event venue, the ticket purchaser will not be judged as having been successfully authenticated again, and so the corresponding business information is deleted. Alternatively, if re-entry to the event venue is permitted, the service server 20 may delete the corresponding business information after the event ends (a specified time after the event is scheduled to end).
 また、上記説明では、遊園地、コンサート等のチケットを例にとり説明を行ったが、チケットの種類を限定する趣旨ではないことは勿論である。例えば、交通機関の搭乗券、乗車券等のチケットに関しても同様に処理される。さらに、本願開示が対象とするチケットには、一度の使用に限られるチケットだけではなく、複数回利用されるチケットも含まれる。例えば、周遊券(例えば、所定期間の間、交通手段が乗り放題となるチケット)、定期券等の有効期間が存在するチケットも本願開示の対象である。 In addition, the above explanation has been given using tickets for amusement parks, concerts, etc. as examples, but it goes without saying that this is not intended to limit the type of ticket. For example, tickets such as boarding passes and passenger tickets for public transport can also be processed in the same way. Furthermore, the tickets covered by this disclosure include not only tickets that are limited to one-time use, but also tickets that are used multiple times. For example, tickets with a validity period, such as round-trip tickets (for example, tickets that allow unlimited use of public transport for a specified period of time) and commuter passes, are also covered by this disclosure.
 以上のように、第2の実施形態の制御サーバ10は、システムID及び原本生体情報に加え、利用者により選択されたサービス提供者が当該利用者に生体認証を用いたサービスを提供するために必要な業務情報(チケットID等)をサービスサーバ20に送信する。その結果、第2のタイプに属するサービス提供者は、利用者を認証するために必要な業務情報(例えば、チケットID)を取得できる。 As described above, the control server 10 of the second embodiment transmits to the service server 20, in addition to the system ID and the original biometric information, business information (such as a ticket ID) required for a service provider selected by a user to provide the user with a service using biometric authentication. As a result, a service provider belonging to the second type can obtain business information (e.g., a ticket ID) required to authenticate the user.
[第3の実施形態]
 続いて、第3の実施形態について図面を参照して詳細に説明する。 [Third embodiment]
Next, a third embodiment will be described in detail with reference to the drawings.
 第3の実施形態では、第3のタイプのサービス提供者に関する利用者登録について説明する。 In the third embodiment, user registration for a third type of service provider is described.
 なお、第3の実施形態に係る認証システムの構成は第1の実施形態と同一とすることができるので図3に相当する説明を省略する。また、第3の実施形態に係る制御サーバ10等の処理構成も第1の実施形態と同一とすることができるので、その説明を省略する。 Note that the configuration of the authentication system according to the third embodiment can be the same as that of the first embodiment, and therefore the explanation corresponding to FIG. 3 will be omitted. In addition, the processing configuration of the control server 10 and the like according to the third embodiment can also be the same as that of the first embodiment, and therefore the explanation thereof will be omitted.
 以下、第1の実施形態乃至第3の実施形態の相違点を中心に説明する。 The following will focus on the differences between the first to third embodiments.
 利用者は、図9に示すようなGUIにおいて、第3のタイプに属するサービス提供者を選択する。例えば、利用者は、コンビニエンスストアのような小売店を選択する。 The user selects a service provider belonging to the third type in a GUI such as that shown in FIG. 9. For example, the user selects a retail store such as a convenience store.
 なお、第3のタイプに属するサービス提供者を選択する利用者は、当該選択するサービス提供者のアカウントを既に所持している。例えば、コンビニエンスストアにて生体認証決済の利用を希望する利用者は、当該コンビニエンスストアの会員であって既にアカウントを有している。また、当該コンビニエンスストアのアカウントにて代金決済のための決済情報が業務情報として記憶されている。決済情報には、クレジットカードに関する情報や、交通系IC(Integrated Circuit)カードにチャージされた金額に関する情報、2次元バーコードを用いるコード決済のための情報等の任意の決済手段に関する情報が含まれる。 A user who selects a service provider belonging to the third type already has an account with the selected service provider. For example, a user who wishes to use biometric authentication payment at a convenience store is a member of the convenience store and already has an account. In addition, payment information for payment is stored as business information in the convenience store's account. Payment information includes information on any payment method, such as information on credit cards, information on the amount charged to a transportation IC (Integrated Circuit) card, and information for code payment using a two-dimensional barcode.
 制御サーバ10は、コンビニエンスストアのような小売店等を対象として利用者登録に関する制御を実行することで、利用者による生体認証決済を利用可能とする。制御サーバ10は、利用者が選択したサービス提供者のアカウントと認証システムのアカウントを連携する。 The control server 10 enables users to use biometric authentication payment by executing control over user registration for retail stores such as convenience stores. The control server 10 links the account of the service provider selected by the user with the account of the authentication system.
 利用者は、端末40を操作して、制御サーバ10にアクセスし、利用者登録(アカウント連携)の対象となるサービス提供者を選択する(図21のステップS31)。 The user operates the terminal 40 to access the control server 10 and select the service provider for which the user is to be registered (account linkage) (step S31 in FIG. 21).
 制御サーバ10は、選択されたサービス提供者の事業者IDに基づいて当該選択されたサービス提供者のタイプを判定する。ここでは、第3のタイプに属するサービス提供者が選択される。 The control server 10 determines the type of the selected service provider based on the business ID of the selected service provider. In this example, a service provider belonging to the third type is selected.
 第3のタイプのサービス提供者が選択されると、制御サーバ10の利用者登録制御部205は、選択されたサービス提供者のアカウントにログインするためのURL(Uniform Resource Locator)を端末40に送信する(ステップS32)。 When a third type of service provider is selected, the user registration control unit 205 of the control server 10 sends a URL (Uniform Resource Locator) for logging in to the account of the selected service provider to the terminal 40 (step S32).
 当該端末40に送信されるURLは、サービス提供者のログインページに端末40を接続するためのリダイレクト用URLであって、当該リダイレクト用URLには利用者のシステムIDが埋め込まれている。なお、リダイレクト用URLは予め業務情報として制御サーバ10に提供されている。利用者登録制御部205は、業務情報として記憶されているリダイレクト用URLにシステムID(制御サーバ10が利用者を管理するためのID)を埋め込み、当該リダイレクト用URLを端末40に送信する。 The URL sent to the terminal 40 is a redirect URL for connecting the terminal 40 to the service provider's login page, and the user's system ID is embedded in the redirect URL. The redirect URL is provided to the control server 10 in advance as business information. The user registration control unit 205 embeds the system ID (an ID used by the control server 10 to manage users) in the redirect URL stored as business information, and sends the redirect URL to the terminal 40.
 端末40は、リダイレクト用URLを受信すると、当該URLに従ってサービス提供者のログインページにアクセスする。その際、リダイレクト用URLにはシステムIDが含まれているので、サービスサーバ20の利用者登録制御部303は、利用者のシステムIDを取得できる。 When the terminal 40 receives the redirect URL, it accesses the service provider's login page according to the URL. At that time, since the redirect URL contains the system ID, the user registration control unit 303 of the service server 20 can obtain the user's system ID.
 利用者は、端末40を操作して、サービス提供者のログインページにログイン情報(サービス提供者のアカウントにログインするためのログイン情報)を入力する(ステップS33)。 The user operates the terminal 40 to input login information (login information for logging in to the service provider's account) on the service provider's login page (step S33).
 サービスサーバ20の利用者登録制御部303は、取得したログイン情報(利用者のID)をキーとして利用者管理データベースを検索し、対応する利用者を特定する。利用者登録制御部303は、特定された利用者のエントリにリダイレクト用URLから取得したシステムIDを記憶する。即ち、利用者登録制御部303は、自社(サービス提供者)で管理する利用者のIDと認証システムが利用者を管理するためのシステムIDを対応付けて記憶する。 The user registration control unit 303 of the service server 20 searches the user management database using the acquired login information (user ID) as a key to identify the corresponding user. The user registration control unit 303 stores the system ID acquired from the redirect URL in the entry for the identified user. In other words, the user registration control unit 303 stores the user ID managed by the company (service provider) in association with the system ID used by the authentication system to manage users.
 以降の説明において、各サービス提供者が利用者(顧客、会員等)を管理するために発行したIDを「個別ID」と表記する。利用者登録制御部303は、リダイレクト用URLに従ってポータルサイトにログインした利用者の個別IDとシステムIDを対応付けて記憶する(IDを連携する)。 In the following explanation, the ID issued by each service provider to manage users (customers, members, etc.) will be referred to as an "individual ID." The user registration control unit 303 associates the individual ID of the user who logs in to the portal site according to the redirect URL with the system ID and stores them (links the IDs).
 個別IDとシステムIDの対応付けが完了すると、利用者登録制御部303は、利用者のシステムIDを制御サーバ10に通知してもよい。例えば、利用者登録制御部303は、システムIDを含む「利用者登録完了通知」を制御サーバ10に送信してもよい(ステップS34)。当該利用者登録完了通知を受信した制御サーバ10の利用者登録制御部205は、利用者登録が完了した旨を利用者に通知してもよい。 Once the correspondence between the individual ID and the system ID is complete, the user registration control unit 303 may notify the control server 10 of the user's system ID. For example, the user registration control unit 303 may send a "user registration completion notification" including the system ID to the control server 10 (step S34). Upon receiving the user registration completion notification, the user registration control unit 205 of the control server 10 may notify the user that user registration is complete.
 例えば、制御サーバ10は、図9に示すような画面において、利用者登録が完了したサービス提供者のアイコンにチェックを付けることで利用者登録の完了を通知してもよい。 For example, the control server 10 may notify the completion of user registration by checking the icon of the service provider whose user registration has been completed on a screen such as that shown in FIG. 9.
 個別IDとシステムIDの対応付けが完了すると、サービスサーバ20の利用者登録制御部303は、利用者のシステムIDを含む「生体情報提供要求」を制御サーバ10に送信する(図22のステップS35)。 Once the association between the individual ID and the system ID is complete, the user registration control unit 303 of the service server 20 sends a "biometric information provision request" including the user's system ID to the control server 10 (step S35 in FIG. 22).
 生体情報提供要求を受信すると、制御サーバ10の利用者登録制御部205は、当該生体情報提供要求に含まれるシステムIDをキーとしてアカウント管理データベースを検索し、対応する利用者を特定する。利用者登録制御部205は、特定された利用者の端末40に対して「原本提供要求」を送信する(ステップS36)。 When a biometric information provision request is received, the user registration control unit 205 of the control server 10 searches the account management database using the system ID included in the biometric information provision request as a key to identify the corresponding user. The user registration control unit 205 then transmits a "request to provide original" to the terminal 40 of the identified user (step S36).
 原本提供要求の受信に応じて、端末40は、利用者の原本生体情報(例えば、顔画像)を制御サーバ10に送信する(ステップS37)。 In response to receiving the request to provide the original, the terminal 40 transmits the user's original biometric information (e.g., a facial image) to the control server 10 (step S37).
 原本生体情報を取得すると、利用者登録制御部205は、当該取得した原本生体情報(例えば、顔画像)をサービスサーバ20に送信する。具体的には、端末40から原本生体情報を取得した場合、利用者登録制御部205は、取得した原本生体情報を含む肯定応答をサービスサーバ20に送信する(ステップS38)。なお、端末40から原本生体情報を取得できない場合、利用者登録制御部205は、生体情報提供要求に対する応答として否定応答をサービスサーバ20に送信する。 When the original biometric information is acquired, the user registration control unit 205 transmits the acquired original biometric information (e.g., a facial image) to the service server 20. Specifically, when the original biometric information is acquired from the terminal 40, the user registration control unit 205 transmits a positive response including the acquired original biometric information to the service server 20 (step S38). Note that when the original biometric information cannot be acquired from the terminal 40, the user registration control unit 205 transmits a negative response to the service server 20 in response to the biometric information provision request.
 サービスサーバ20の利用者登録制御部303は、取得した原本生体情報から登録認証情報を生成し、利用者管理データベースに記憶する。利用者登録制御部303は、システムID、個別ID(ログイン情報)、登録認証情報及び業務情報(例えば、クレジットカード情報)を対応付けて利用者管理データベースに記憶する。 The user registration control unit 303 of the service server 20 generates registration authentication information from the acquired original biometric information and stores it in the user management database. The user registration control unit 303 associates the system ID, individual ID (login information), registration authentication information, and business information (e.g., credit card information) and stores them in the user management database.
 利用者が小売店において商品を購入すると、認証端末30は、当該商品購入者の生体情報と決済情報(購入代金)を含む認証要求をサービスサーバ20に送信する(図23参照)。サービスサーバ20は、取得した生体情報を用いた照合処理により被認証者(商品購入者)を特定する。 When a user purchases a product at a retail store, the authentication terminal 30 sends an authentication request including the biometric information of the product purchaser and payment information (purchase price) to the service server 20 (see Figure 23). The service server 20 identifies the person to be authenticated (product purchaser) through a matching process using the acquired biometric information.
 サービスサーバ20は、特定した被認証者のクレジットカード情報と決済情報を用いて決済処理を行う。具体的には、サービスサーバ20は、クレジットカード情報と決済情報をクレジットカード会社の決済サーバ60に送信することで、商品代金の決済を当該決済サーバ60に依頼する。決済サーバ60は、決済処理の結果をサービスサーバ20に通知する。なお、決済サーバ60の構成、動作は本願開示の趣旨とは異なると共に当業者にとって明らかであるので詳細な説明を省略する。 The service server 20 performs payment processing using the credit card information and payment information of the identified authenticated person. Specifically, the service server 20 requests the payment server 60 of the credit card company to settle the product price by sending the credit card information and payment information to said payment server 60. The payment server 60 notifies the service server 20 of the result of the payment processing. Note that the configuration and operation of the payment server 60 are different from the spirit of the disclosure of this application and are obvious to those skilled in the art, so a detailed explanation will be omitted.
 決済成功が通知されると、サービスサーバ20は、認証成功と判定する。決済失敗が通知されると、サービスサーバ20は、認証失敗と判定する。サービスサーバ20は、認証結果を認証端末30に通知する。 If the service server 20 is notified that the payment is successful, it determines that the authentication is successful. If the service server 20 is notified that the payment is unsuccessful, it determines that the authentication is unsuccessful. The service server 20 notifies the authentication terminal 30 of the authentication result.
 なお、第3のタイプに属するサービス提供者は、利用者を認証するために必要な業務情報(例えば、クレジットカード情報)を繰り返し使用する。従って、サービスサーバ20は、利用者の認証に成功しても当該業務情報を削除せず記憶し続ける。 Note that service providers belonging to the third type repeatedly use business information (e.g., credit card information) required to authenticate a user. Therefore, even if the service server 20 successfully authenticates a user, it does not delete the business information but continues to store it.
[システム動作]
 図24は、第3の実施形態に係る認証システムの動作の一例を示すシーケンス図である。図24を参照し、第3の実施形態に係る認証システムの動作を説明する。 [System Operation]
Fig. 24 is a sequence diagram showing an example of the operation of the authentication system according to the third embodiment. The operation of the authentication system according to the third embodiment will be described with reference to Fig. 24 .
 端末40は、利用者の操作に応じてサービス提供者を選択する(ステップS41)。 The terminal 40 selects a service provider in response to the user's operation (step S41).
 制御サーバ10は、第3のタイプに属するサービス提供者が選択されると、リダイレクト用URLを端末40に送信する(ステップS42)。 When a service provider belonging to the third type is selected, the control server 10 sends a redirect URL to the terminal 40 (step S42).
 端末40は、利用者の操作に応じて、リダイレクト用URLにより示されるログインページにアクセスしポータルサイトにログインする(ステップS43)。その際、サービスサーバ20は、リダイレクト用URLに埋め込まれたシステムIDを取得する。 In response to the user's operation, the terminal 40 accesses the login page indicated by the redirect URL and logs in to the portal site (step S43). At that time, the service server 20 obtains the system ID embedded in the redirect URL.
 サービスサーバ20は、ログイン情報(サービス提供者が利用者を管理する個別ID)を用いて利用者を特定し、当該特定された利用者に関する生体情報提供要求を制御サーバ10に送信する(ステップS44)。 The service server 20 identifies the user using the login information (an individual ID used by the service provider to manage the user) and transmits a request for provision of biometric information regarding the identified user to the control server 10 (step S44).
 制御サーバ10は、利用者の端末40に対して原本提供要求を送信する(ステップS45)。 The control server 10 sends a request to provide the original to the user's terminal 40 (step S45).
 端末40は、原本生体情報(例えば、顔画像)を制御サーバ10に送信する(ステップS46)。 The terminal 40 transmits the original biometric information (e.g., a facial image) to the control server 10 (step S46).
 制御サーバ10は、取得した原本生体情報をサービスサーバ20に送信する(ステップS47)。 The control server 10 transmits the acquired original biometric information to the service server 20 (step S47).
 サービスサーバ20は、取得した原本生体情報(例えば、顔画像)から登録認証情報(例えば、特徴量)を生成し、当該登録認証情報を利用者管理データベースに記憶する(ステップS48)。 The service server 20 generates registered authentication information (e.g., features) from the acquired original biometric information (e.g., a facial image) and stores the registered authentication information in the user management database (step S48).
<第3の実施形態に係る変形例>
 第3の実施形態において、サービスサーバ20は、アカウント連携(個別IDとシステムIDの対応付け)が完了した後に「利用者登録完了通知」を制御サーバ10に送信してもよいことを説明した。しかし、サービスサーバ20は、利用者の登録認証情報を利用者管理データベースに登録した後に、上記利用者登録完了通知を制御サーバ10に送信してもよい。 <Modification of the third embodiment>
In the third embodiment, it has been described that the service server 20 may transmit a "user registration completion notification" to the control server 10 after the account linking (association of an individual ID with a system ID) is completed. However, the service server 20 may transmit the user registration completion notification to the control server 10 after registering the user's registration authentication information in the user management database.
 以上のように、第3の実施形態に係る制御サーバ10は、第3のタイプに属するサービス提供者が生体認証に用いる認証情報の原本となる原本生体情報を取得するための制御を行う。第3のタイプに属するサービス提供者は、利用者により選択されたサービス提供者であって、顧客を管理するためのアカウントを有し、且つ、顧客にサービスを提供するために必要な業務情報を生体認証の際に繰り返し使用するサービス提供者である。制御サーバ10は、利用者の端末40に対し、当該利用者により選択されたサービス提供者のアカウントにログインするための情報を送信する。制御サーバ10は、利用者のアカウントを管理するサービスサーバ20から生体情報提供要求を受信したことに応じて、端末40に対し、生体認証に用いられる認証情報の原本となる原本生体情報の提供を要求することで原本生体情報を端末40から取得する。制御サーバ10は、取得された原本生体情報をサービスサーバ20に送信する。 As described above, the control server 10 according to the third embodiment performs control for a service provider belonging to the third type to acquire original biometric information that is the original of authentication information used for biometric authentication. A service provider belonging to the third type is a service provider selected by a user, has an account for managing customers, and repeatedly uses business information required for providing services to customers during biometric authentication. The control server 10 transmits information for logging in to the account of the service provider selected by the user to the terminal 40 of the user. In response to receiving a request for providing biometric information from the service server 20 that manages the user's account, the control server 10 requests the terminal 40 to provide original biometric information that is the original of authentication information used for biometric authentication, thereby acquiring original biometric information from the terminal 40. The control server 10 transmits the acquired original biometric information to the service server 20.
 第3のタイプに属するサービス提供者は、利用者を管理するためのアカウント(ポータルサイト)を有し、当該利用者を管理するために個別IDを用いている。利用者登録(アカウント連携、ID連携)の際、利用者が、システムIDが埋め込まれたリダイレクト用URLに従いポータルサイトにログインすることで、サービスサーバ20は、利用者のシステムIDと個別IDを同じタイミングで取得することができる。換言すれば、サービスサーバ20は、第1の実施形態とは異なり、個人特定情報を用いずに個別IDを用いて利用者を特定できるので、より確実な利用者登録を実現できる。即ち、個人特定情報(例えば、氏名)は重複する可能性が排除できないが、個別IDはサービスサーバ20が各利用者に発行するIDであるため重複の可能性はない(重複の可能性は極めて低い)。サービスサーバ20は、個別IDを利用して利用者を特定することで、確実なアカウント連携(ID連携)を実現できる。このように、第3の実施形態に係る情報処理システムでは、制御サーバ10を経由してサービスサーバ20に送信される情報は原本生体情報に限られ、個人特定情報は制御サーバ10を経由してサービスサーバ20に送信されない。第3の実施形態では、個人を特定するための情報(個人特定情報)は、リダイレクト用URLを取得した端末40からサービスサーバ20に送信される。このように、個人情報特定情報が制御サーバ10からサービスサーバ20に送信されないので、システムのセキュリティ強度が向上する。 A service provider belonging to the third type has an account (portal site) for managing users and uses an individual ID to manage the user. When registering a user (account linkage, ID linkage), the user logs in to the portal site according to a redirect URL in which a system ID is embedded, and the service server 20 can obtain the user's system ID and individual ID at the same time. In other words, unlike the first embodiment, the service server 20 can identify the user using the individual ID without using personal identification information, so that more reliable user registration can be realized. That is, although the possibility of duplication of personal identification information (e.g., name) cannot be eliminated, the individual ID is an ID issued by the service server 20 to each user, so there is no possibility of duplication (the possibility of duplication is extremely low). The service server 20 can realize reliable account linkage (ID linkage) by identifying the user using the individual ID. Thus, in the information processing system according to the third embodiment, the information transmitted to the service server 20 via the control server 10 is limited to the original biometric information, and personal identification information is not transmitted to the service server 20 via the control server 10. In the third embodiment, information for identifying an individual (personal identification information) is transmitted from the terminal 40 that has acquired the redirect URL to the service server 20. In this way, personal information identification information is not transmitted from the control server 10 to the service server 20, improving the security of the system.
[第4の実施形態]
 続いて、第4の実施形態について図面を参照して詳細に説明する。 [Fourth embodiment]
Next, a fourth embodiment will be described in detail with reference to the drawings.
 第4の実施形態では、第4のタイプのサービス提供者に関する利用者登録について説明する。 In the fourth embodiment, user registration for a fourth type of service provider is described.
 なお、第4の実施形態に係る認証システムの構成は第1の実施形態と同一とすることができるので図3に相当する説明を省略する。また、第4の実施形態に係る制御サーバ10等の処理構成も第1の実施形態と同一とすることができるので、その説明を省略する。 Note that the configuration of the authentication system according to the fourth embodiment can be the same as that of the first embodiment, and therefore the explanation corresponding to FIG. 3 will be omitted. In addition, the processing configuration of the control server 10 and the like according to the fourth embodiment can also be the same as that of the first embodiment, and therefore the explanation thereof will be omitted.
 以下、第1の実施形態乃至第4の実施形態の相違点を中心に説明する。 The following will focus on the differences between the first to fourth embodiments.
 第4の実施形態に係るシステムの基本的な動作は、第3の実施形態に係るシステムの動作と同一とすることができる。具体的には、第4のタイプに属するサービス提供者が選択されると、認証システムに含まれる各装置は、図21に示される動作を行う。 The basic operation of the system according to the fourth embodiment can be the same as that of the system according to the third embodiment. Specifically, when a service provider belonging to the fourth type is selected, each device included in the authentication system performs the operation shown in FIG. 21.
 サービス提供者のIDと認証システムのシステムIDの連携が完了すると、利用者は、サービスの提供を受けるために必要な業務情報をサービス提供者に提供する(図25のステップS51)。例えば、利用者は、ログインしたサービス提供者のポータルサイト等において映画、コンサート、遊園地、航空券、乗車券等のチケットを購入する。 Once the service provider's ID and the authentication system's system ID have been linked, the user provides the service provider with the business information required to receive the service (step S51 in FIG. 25). For example, the user purchases tickets for movies, concerts, amusement parks, airline tickets, train tickets, etc., on the portal site of the service provider to which the user has logged in.
 なお、業務情報の提供(チケットの購入)は、利用者登録の際にサービス提供者のポータルサイトにログインした手続きのなかで行われてもよい。あるいは、利用者登録の完了後、利用者は当該ポータルサイトからログアウトしてもよい。利用者は、後日、改めてチケット購入のためにポータルサイトにログインしてもよい。この場合、利用者は、端末40を操作して、直接、ポータルサイトにアクセス(ログイン)すればよい。 The provision of business information (purchase of tickets) may be performed as part of the process of logging in to the service provider's portal site when registering as a user. Alternatively, after completing user registration, the user may log out of the portal site. The user may then log in to the portal site again at a later date to purchase tickets. In this case, the user may operate terminal 40 to directly access (log in to) the portal site.
 サービスサーバ20は、利用者が購入したチケットの情報を記憶する。サービスサーバ20の業務情報管理部302は、利用者が提供した業務情報(チケット情報)を利用者管理データベースに記憶する。 The service server 20 stores information about tickets purchased by users. The business information management unit 302 of the service server 20 stores the business information (ticket information) provided by users in a user management database.
 サービスサーバ20の利用者登録制御部303は、定期的又は所定のタイミングで利用者管理データベースにアクセスし、各利用者の業務情報(チケット情報)を参照する。利用者登録制御部303は、参照した業務情報(チケット情報)が有効になる所定時間前(参照した業務情報が認証処理に使われる所定時間前)になると、制御サーバ10に対して生体情報の提供を要求する。 The user registration control unit 303 of the service server 20 accesses the user management database periodically or at a specified timing, and references the business information (ticket information) of each user. The user registration control unit 303 requests the control server 10 to provide biometric information a specified time before the referenced business information (ticket information) becomes valid (a specified time before the referenced business information is used in authentication processing).
 具体的には、利用者登録制御部303は、利用者(所定時間後にチケットを使う可能性のある利用者)のシステムIDを含む「生体情報提供要求」を制御サーバ10に送信する(ステップS52)。 Specifically, the user registration control unit 303 sends a "biometric information provision request" including the system ID of the user (a user who may use the ticket after a specified time) to the control server 10 (step S52).
 生体情報提供要求を受信した制御サーバ10は、原本提供要求を端末40に送信することで、原本生体情報(例えば、顔画像)を取得する(ステップS53、S54)。制御サーバ10は、取得した原本生体情報をサービスサーバ20に送信する(ステップS55)。 The control server 10 that has received the biometric information provision request transmits an original provision request to the terminal 40 to obtain the original biometric information (e.g., a facial image) (steps S53 and S54). The control server 10 transmits the obtained original biometric information to the service server 20 (step S55).
 なお、第4の実施形態では、利用者がサービス提供者を選択したタイミングと原本生体情報(顔画像)がサービス提供者に提供されるタイミングは異なることも多い。そのため、端末40は、原本生体情報を制御サーバ10に送信した事実を、ポップアップ通知等を用いて利用者に通知してもよい(図26参照)。 In the fourth embodiment, the timing when the user selects a service provider and the timing when the original biometric information (face image) is provided to the service provider often differ. Therefore, the terminal 40 may notify the user of the fact that the original biometric information has been sent to the control server 10 by using a pop-up notification or the like (see FIG. 26).
 第4の実施形態に係るサービスサーバ20の認証部304は、イベント会場等に設置された認証端末30から認証要求を受信すると、照合処理により特定された利用者のチケットが有効か否かに応じて認証結果を決定する。認証端末30は、認証成功と判定された利用者(有効なチケットを所持する利用者)のゲート通過を許可する。認証端末30は、認証失敗と判定された利用者(有効なチケットを所持していない利用者)のゲート通過を拒否する。 When the authentication unit 304 of the service server 20 according to the fourth embodiment receives an authentication request from an authentication terminal 30 installed at an event venue or the like, it determines the authentication result depending on whether the ticket of the user identified by the matching process is valid or not. The authentication terminal 30 allows users who are determined to have been successfully authenticated (users who possess a valid ticket) to pass through the gate. The authentication terminal 30 denies users who are determined to have failed authentication (users who do not possess a valid ticket) from passing through the gate.
 なお、第4のタイプに属するサービス提供者は、第2の実施形態と同様に、原則として、利用者の認証に使用した業務情報を削除する。ただし、第4の実施形態に係るサービスサーバ20は、利用者のアカウント(システムID、個別ID、登録認証情報)を削除せずに残す。利用者のアカウントを残すことで、利用者が、同じサービス提供者から別のコンサート等のチケットを購入した場合であっても、当該サービス提供者に関する利用者登録(ID連携、アカウント連携)は不要となる。 As with the second embodiment, the service provider belonging to the fourth type will, in principle, delete the business information used to authenticate the user. However, the service server 20 according to the fourth embodiment will leave the user's account (system ID, individual ID, registered authentication information) instead of deleting it. By leaving the user's account, even if the user purchases tickets for another concert or the like from the same service provider, there will be no need to register the user with that service provider (ID linkage, account linkage).
 以上のように、第4の実施形態に係る制御サーバ10は、第4のタイプに属するサービス提供者が生体認証に用いる認証情報の原本となる原本生体情報を取得するための制御を行う。第4のタイプに属するサービス提供者は、利用者により選択されたサービス提供者であって、顧客を管理するためのアカウントを有し、顧客にサービスを提供するために必要な業務情報を生体認証の際に実質的に1度使用するサービス提供者である。制御サーバ10は、利用者の端末40に対し、当該利用者により選択されたサービス提供者のアカウントにログインするための情報を送信する。制御サーバ10は、利用者のアカウントを管理するサービスサーバ20から生体情報提供要求を受信したことに応じて、端末40に対し、生体認証に用いられる認証情報の原本となる原本生体情報の提供を要求することで、原本生体情報を端末40から取得する。制御サーバ10は、取得された原本生体情報をサービスサーバ20に送信する。その結果、第4のタイプに属するサービス提供者に関しても確実な利用者登録(アカウント連携、ID連携)が実現される。即ち、第4の実施形態においても第3の実施形態と同様に、制御サーバ10を経由してサービスサーバ20に送信される情報は原本生体情報に限られ、個人特定情報は制御サーバ10を経由してサービスサーバ20に送信されない。第4の実施形態では、個人を特定するための情報(個人特定情報)は、リダイレクト用URLを取得した端末40からサービスサーバ20に送信される。このように、個人情報特定情報が制御サーバ10からサービスサーバ20に送信されないので、システムのセキュリティ強度が向上する。 As described above, the control server 10 according to the fourth embodiment performs control for the service provider belonging to the fourth type to acquire original biometric information that is the original of the authentication information used for biometric authentication. The service provider belonging to the fourth type is a service provider selected by a user, has an account for managing customers, and is a service provider that uses business information required to provide a service to a customer substantially once during biometric authentication. The control server 10 transmits information for logging in to the account of the service provider selected by the user to the terminal 40 of the user. In response to receiving a biometric information provision request from the service server 20 that manages the user's account, the control server 10 requests the terminal 40 to provide original biometric information that is the original of the authentication information used for biometric authentication, thereby acquiring the original biometric information from the terminal 40. The control server 10 transmits the acquired original biometric information to the service server 20. As a result, reliable user registration (account linkage, ID linkage) is realized even for the service provider belonging to the fourth type. That is, in the fourth embodiment, as in the third embodiment, the information transmitted to the service server 20 via the control server 10 is limited to the original biometric information, and no personal identification information is transmitted to the service server 20 via the control server 10. In the fourth embodiment, information for identifying an individual (personal identification information) is transmitted to the service server 20 from the terminal 40 that has acquired the redirect URL. In this way, personal information identification information is not transmitted from the control server 10 to the service server 20, improving the security strength of the system.
 続いて、認証システムを構成する各装置のハードウェアについて説明する。図27は、制御サーバ10のハードウェア構成の一例を示す図である。 Next, we will explain the hardware of each device that makes up the authentication system. Figure 27 is a diagram showing an example of the hardware configuration of the control server 10.
 制御サーバ10は、情報処理装置(所謂、コンピュータ)により構成可能であり、図27に例示する構成を備える。例えば、制御サーバ10は、プロセッサ311、メモリ312、入出力インターフェイス313及び通信インターフェイス314等を備える。上記プロセッサ311等の構成要素は内部バス等により接続され、相互に通信可能に構成されている。 The control server 10 can be configured by an information processing device (so-called a computer), and has the configuration shown in FIG. 27. For example, the control server 10 has a processor 311, a memory 312, an input/output interface 313, and a communication interface 314. The components such as the processor 311 are connected by an internal bus or the like, and are configured to be able to communicate with each other.
 但し、図27に示す構成は、制御サーバ10のハードウェア構成を限定する趣旨ではない。制御サーバ10は、図示しないハードウェアを含んでもよいし、必要に応じて入出力インターフェイス313を備えていなくともよい。また、制御サーバ10に含まれるプロセッサ311等の数も図27の例示に限定する趣旨ではなく、例えば、複数のプロセッサ311が制御サーバ10に含まれていてもよい。 However, the configuration shown in FIG. 27 is not intended to limit the hardware configuration of the control server 10. The control server 10 may include hardware not shown, and may not include an input/output interface 313 as necessary. Furthermore, the number of processors 311 and the like included in the control server 10 is not intended to be limited to the example shown in FIG. 27, and for example, the control server 10 may include multiple processors 311.
 プロセッサ311は、例えば、CPU(Central Processing Unit)、MPU(Micro Processing Unit)、DSP(Digital Signal Processor)等のプログラマブルなデバイスである。あるいは、プロセッサ311は、FPGA(Field Programmable Gate Array)、ASIC(Application Specific Integrated Circuit)等のデバイスであってもよい。プロセッサ311は、オペレーティングシステム(OS;Operating System)を含む各種プログラムを実行する。 The processor 311 is, for example, a programmable device such as a CPU (Central Processing Unit), an MPU (Micro Processing Unit), or a DSP (Digital Signal Processor). Alternatively, the processor 311 may be a device such as an FPGA (Field Programmable Gate Array) or an ASIC (Application Specific Integrated Circuit). The processor 311 executes various programs including an operating system (OS).
 メモリ312は、RAM(Random Access Memory)、ROM(Read Only Memory)、HDD(Hard Disk Drive)、SSD(Solid State Drive)等である。メモリ312は、OSプログラム、アプリケーションプログラム、各種データを格納する。 Memory 312 may be a RAM (Random Access Memory), a ROM (Read Only Memory), a HDD (Hard Disk Drive), a SSD (Solid State Drive), etc. Memory 312 stores the OS program, application programs, and various data.
 入出力インターフェイス313は、図示しない表示装置や入力装置のインターフェイスである。表示装置は、例えば、液晶ディスプレイ等である。入力装置は、例えば、キーボードやマウス等のユーザ操作を受け付ける装置である。 The input/output interface 313 is an interface for a display device and an input device (not shown). The display device is, for example, a liquid crystal display. The input device is, for example, a device that accepts user operations such as a keyboard or a mouse.
 通信インターフェイス314は、他の装置と通信を行う回路、モジュール等である。例えば、通信インターフェイス314は、NIC(Network Interface Card)等を備える。 The communication interface 314 is a circuit, module, etc. that communicates with other devices. For example, the communication interface 314 includes a NIC (Network Interface Card), etc.
 制御サーバ10の機能は、各種処理モジュールにより実現される。当該処理モジュールは、例えば、メモリ312に格納されたプログラムをプロセッサ311が実行することで実現される。また、当該プログラムは、コンピュータが読み取り可能な記憶媒体に記録することができる。記憶媒体は、半導体メモリ、ハードディスク、磁気記録媒体、光記録媒体等の非トランジェント(non-transitory)なものとすることができる。即ち、本発明は、コンピュータプログラム製品として具現することも可能である。また、上記プログラムは、ネットワークを介してダウンロードするか、あるいは、プログラムを記憶した記憶媒体を用いて、更新することができる。さらに、上記処理モジュールは、半導体チップにより実現されてもよい。 The functions of the control server 10 are realized by various processing modules. The processing modules are realized, for example, by the processor 311 executing a program stored in the memory 312. The program can be recorded on a computer-readable storage medium. The storage medium can be a non-transitory medium such as a semiconductor memory, a hard disk, a magnetic recording medium, or an optical recording medium. In other words, the present invention can also be embodied as a computer program product. The program can be downloaded via a network, or updated using a storage medium that stores the program. The processing modules may also be realized by a semiconductor chip.
 なお、サービスサーバ20、認証端末30、端末40等も制御サーバ10と同様に情報処理装置により構成可能であり、その基本的なハードウェア構成は制御サーバ10と相違する点はないので説明を省略する。例えば、認証端末30は、被認証者を撮影するためのカメラ装置を備えていればよい。 The service server 20, authentication terminal 30, terminal 40, etc. can also be configured using information processing devices, just like the control server 10, and their basic hardware configurations are no different from those of the control server 10, so a description of them will be omitted. For example, the authentication terminal 30 may be equipped with a camera device for photographing the person to be authenticated.
 情報処理装置である制御サーバ10は、コンピュータを搭載し、当該コンピュータにプログラムを実行させることで制御サーバ10の機能が実現できる。また、制御サーバ10は、当該プログラムにより制御サーバ10の制御方法を実行する。同様に、情報処理装置である端末40は、コンピュータを搭載し、当該コンピュータにプログラムを実行させることで端末40の機能が実現できる。また、端末40は、当該プログラムにより端末40の制御方法を実行する。 The control server 10, which is an information processing device, is equipped with a computer, and the functions of the control server 10 can be realized by having the computer execute a program. The control server 10 also executes the control method of the control server 10 by the program. Similarly, the terminal 40, which is an information processing device, is equipped with a computer, and the functions of the terminal 40 can be realized by having the computer execute a program. The terminal 40 also executes the control method of the terminal 40 by the program.
[変形例]
 なお、上記実施形態にて説明した認証システムの構成、動作等は例示であって、システムの構成等を限定する趣旨ではない。 [Modification]
The configuration, operation, and the like of the authentication system described in the above embodiment are merely examples, and are not intended to limit the system configuration, and the like.
 上記実施形態では、人の「顔」を生体情報の例にとり認証システムの動作を説明した。しかし、本願開示の認証システムは、他の種類の生体情報を用いることもできる。例えば、指紋、声紋、静脈、網膜、瞳の虹彩の模様(パターン)といった個人に固有の身体的特徴を備えるデータが用いられてもよい。即ち、利用者の生体情報は、利用者の身体的特徴を情報として含むものであればよい。 In the above embodiment, the operation of the authentication system has been described using a person's "face" as an example of biometric information. However, the authentication system disclosed in this application can also use other types of biometric information. For example, data comprising physical characteristics unique to an individual, such as a fingerprint, voiceprint, veins, retina, or iris pattern, may be used. In other words, the user's biometric information may be anything that includes the user's physical characteristics as information.
 利用者の端末40は、制御サーバ10から原本提供要求を受信するたびに、原本生体情報(例えば、顔画像)をサービス提供者に送信することについての同意を利用者から取得してもよい。具体的には、原本提供要求を受信すると、端末40のサービス選択部504は、図28に示すようなGUIを用いて原本生体情報(例えば、顔画像)の提供可否を取得する。サービス選択部504は、原本生体情報の提供に関する利用者の同意が得られると、内部に記憶された原本生体情報を制御サーバ10に送信する。 The user's terminal 40 may obtain consent from the user to send the original biometric information (e.g., a facial image) to the service provider each time it receives a request to provide the original from the control server 10. Specifically, upon receiving a request to provide the original, the service selection unit 504 of the terminal 40 obtains whether or not the original biometric information (e.g., a facial image) can be provided using a GUI such as that shown in FIG. 28. Upon obtaining consent from the user to provide the original biometric information, the service selection unit 504 transmits the original biometric information stored therein to the control server 10.
 上記実施形態では、サービスサーバ20が、自社で採用する認証エンジンに対応する認証情報(特徴量)を生成する場合について説明した。しかし、当該認証情報(特徴量)の生成は、制御サーバ10において行われてもよい。具体的には、制御サーバ10は、事業者情報の一部としてサービス提供者が採用している認証エンジンの情報を記憶する。制御サーバ10は、端末40から取得した原本生体情報から上記認証エンジンに適合する登録認証情報(特徴量)を生成し、当該生成された登録認証情報を含む利用者登録要求を制御サーバ10に送信してもよい。 In the above embodiment, a case has been described in which the service server 20 generates authentication information (feature amounts) corresponding to the authentication engine employed by the service provider. However, the generation of the authentication information (feature amounts) may also be performed by the control server 10. Specifically, the control server 10 stores information on the authentication engine employed by the service provider as part of the business information. The control server 10 may generate registration authentication information (feature amounts) that matches the above authentication engine from the original biometric information acquired from the terminal 40, and transmit a user registration request including the generated registration authentication information to the control server 10.
 あるいは、サービスサーバ20や制御サーバ10は、図29や図30に示される、特徴量の生成に特化したサーバ(特徴量生成サーバ70)に原本生体情報を送信し、当該サーバから登録認証情報を取得してもよい。制御サーバ10やサービスサーバ20が特徴量生成サーバ70に原本生体情報(例えば、顔画像)を送信する場合、サービス提供者が採用する認証エンジンの情報を併せて特徴量生成サーバ70に送信してもよい。特徴量生成サーバ70は、制御サーバ10やサービスサーバ20から指定された認証エンジン(認証アルゴリズム)に適合した登録認証情報(例えば、特徴量)を生成し、制御サーバ10やサービスサーバ20に返信してもよい。このように、登録認証情報(特徴量)は、クラウド側(制御サーバ10側)、エッジ側(サービスサーバ20側)のいずれかで生成されればよい。なお、特徴量生成サーバ70の構成、動作は上記説明により明らかであるので詳細な説明を省略する。 Alternatively, the service server 20 or the control server 10 may transmit the original biometric information to a server (feature generation server 70) specialized in generating features as shown in FIG. 29 or FIG. 30, and obtain the registered authentication information from the server. When the control server 10 or the service server 20 transmits the original biometric information (e.g., a face image) to the feature generation server 70, information on the authentication engine adopted by the service provider may also be transmitted to the feature generation server 70. The feature generation server 70 may generate registered authentication information (e.g., features) that are compatible with the authentication engine (authentication algorithm) specified by the control server 10 or the service server 20, and return it to the control server 10 or the service server 20. In this way, the registered authentication information (feature) may be generated on either the cloud side (control server 10 side) or the edge side (service server 20 side). The configuration and operation of the feature generation server 70 are clear from the above description, so a detailed description will be omitted.
 上記実施形態では、制御サーバ10は、利用者の勤務先等の管理コードを用いて利用者登録の対象となるサービス提供者を特定する場合について説明した。しかし、制御サーバ10は、他の方法を用いて利用者登録の対象となるサービス提供者を特定してもよい。例えば、制御サーバ10は、社名等を用いた検索結果から利用者登録の対象となるサービス提供者を選択するようなインターフェイスを用意してもよいし、50音順で並ぶサービス提供者の一覧を端末40に表示してもよい。 In the above embodiment, the control server 10 identifies the service provider for user registration using the management code of the user's workplace, etc. However, the control server 10 may identify the service provider for user registration using other methods. For example, the control server 10 may provide an interface for selecting the service provider for user registration from search results using company names, etc., or may display a list of service providers in alphabetical order on the terminal 40.
 第1の実施形態において、オフィスへの来客者(ゲスト)の情報を利用者(社員)がシステムに登録してもよい。この場合、社員は、端末40を操作して制御サーバ10にアクセスし、ゲストの登録手続きを行う。制御サーバ10は、ゲストの氏名、所属、連絡先等を当該社員から取得する。制御サーバ10は、取得した連絡先(ゲストの端末)に顔画像登録要求を送信する。例えば、制御サーバ10は、URLを含む顔画像登録要求を送信する。ゲストがURLをクリックすると、当該ゲストの端末は、制御サーバ10にアクセスする。制御サーバ10は、ゲストの顔画像を取得し、オフィスのサービスサーバ20に送信する。 In the first embodiment, a user (employee) may register information about visitors (guests) to the office in the system. In this case, the employee operates the terminal 40 to access the control server 10 and performs the guest registration procedure. The control server 10 acquires the guest's name, affiliation, contact information, etc. from the employee. The control server 10 sends a facial image registration request to the acquired contact information (guest's terminal). For example, the control server 10 sends a facial image registration request including a URL. When the guest clicks on the URL, the guest's terminal accesses the control server 10. The control server 10 acquires the guest's facial image and sends it to the office service server 20.
 さらに、オフィスのサービスサーバ20は、ゲストの行動を生体認証により制御してもよい。例えば、サービスサーバ20は、ゲストが会議室に入室する際、生体認証によりその可否を判定してもよい。あるいは、サービスサーバ20は、ゲストのドリンク等の利用を生体認証により制御してもよい。例えば、サービスサーバ20は、オフィスの内の自販機において、1回に限り当該ゲストにフリードリンクを提供するような制御を行ってもよい。 Furthermore, the service server 20 in the office may control the behavior of the guest through biometric authentication. For example, when a guest enters a conference room, the service server 20 may use biometric authentication to determine whether or not the guest may enter. Alternatively, the service server 20 may control the guest's use of drinks, etc. through biometric authentication. For example, the service server 20 may perform control such that a vending machine in the office provides the guest with a free drink only once.
 選択した第3、第4のタイプに属するサービス提供者においてアカウントを有していない場合、利用者は、リダイレクト用URLにより遷移するログインページにてアカウントを生成してもよい。換言すれば、サービスサーバ20は、ログインページにおいて新規顧客のためのアカウント生成案内等を表示してもよい。 If the user does not have an account with the selected service provider belonging to the third or fourth type, the user may create an account on the login page to which the user is redirected using the redirect URL. In other words, the service server 20 may display account creation instructions for new customers on the login page.
 制御サーバ10は、アカウント生成の際、利用者の身元を確認してもよい。具体的には、制御サーバ10は、利用者のログイン情報等と共に、生体情報が記載された身元確認書類(例えば、パスポート、運転免許証等)及び生体情報を取得する。制御サーバ10は、身元確認書類の生体情報と利用者から取得した生体情報を用いた1対1照合を実行する。制御サーバ10は、当該照合に成功した場合に、当該本人確認に成功した利用者の利用者登録(システム登録)を行ってもよい。 The control server 10 may verify the identity of the user when creating an account. Specifically, the control server 10 acquires the user's login information, etc., as well as an identification document (e.g., a passport, driver's license, etc.) bearing biometric information and the biometric information. The control server 10 performs a one-to-one match using the biometric information on the identification document and the biometric information acquired from the user. If the match is successful, the control server 10 may perform user registration (system registration) of the user whose identity has been successfully verified.
 上記実施形態では、制御サーバ10の内部にアカウント管理データベースが構成される場合について説明したが、当該データベースは外部のデータベースサーバ等に構築されてもよい。即ち、制御サーバ10の一部の機能は別のサーバに実装されていてもよい。より具体的には、上記説明した「サービス選択制御部(サービス選択制御手段)」等がシステムに含まれるいずれかの装置に実装されていればよい。 In the above embodiment, the case where the account management database is configured inside the control server 10 has been described, but the database may also be constructed in an external database server or the like. In other words, some of the functions of the control server 10 may be implemented in another server. More specifically, the above-described "service selection control unit (service selection control means)" and the like may be implemented in any of the devices included in the system.
 各装置(制御サーバ10、サービスサーバ20、認証端末30)間のデータ送受信の形態は特に限定されないが、これら装置間で送受信されるデータは暗号化されていてもよい。これらの装置間では、生体情報等が送受信され、これらの情報を適切に保護するためには、暗号化されたデータが送受信されることが望ましい。 The form of data transmission and reception between each device (control server 10, service server 20, authentication terminal 30) is not particularly limited, but data transmitted and received between these devices may be encrypted. Biometric information and the like is transmitted and received between these devices, and in order to appropriately protect this information, it is desirable to transmit and receive encrypted data.
 上記説明で用いた流れ図(フローチャート、シーケンス図)では、複数の工程(処理)が順番に記載されているが、実施形態で実行される工程の実行順序は、その記載の順番に制限されない。実施形態では、例えば各処理を並行して実行する等、図示される工程の順番を内容的に支障のない範囲で変更することができる。 In the flow diagrams (flowcharts, sequence diagrams) used in the above explanation, multiple steps (processes) are listed in order, but the order in which the steps are executed in the embodiments is not limited to the order listed. In the embodiments, the order of the steps shown in the diagrams can be changed to the extent that does not interfere with the content, for example by executing each process in parallel.
 上記の実施形態は本願開示の理解を容易にするために詳細に説明したものであり、上記説明したすべての構成が必要であることを意図したものではない。また、複数の実施形態について説明した場合には、各実施形態は単独で用いてもよいし、組み合わせて用いてもよい。例えば、実施形態の構成の一部を他の実施形態の構成に置き換えることや、実施形態の構成に他の実施形態の構成を加えることも可能である。さらに、実施形態の構成の一部について他の構成の追加、削除、置換が可能である。 The above embodiments have been described in detail to facilitate understanding of the present disclosure, and it is not intended that all of the configurations described above are necessary. Furthermore, when multiple embodiments are described, each embodiment may be used alone or in combination. For example, it is possible to replace part of the configuration of an embodiment with the configuration of another embodiment, or to add the configuration of another embodiment to the configuration of an embodiment. Furthermore, it is possible to add, delete, or replace part of the configuration of an embodiment with other configurations.
 上記の説明により、本発明の産業上の利用可能性は明らかであるが、本発明は、生体認証サービスを提供する情報処理システムなどに好適に適用可能である。 The above explanation makes it clear that the present invention has industrial applicability, and the present invention can be suitably applied to information processing systems that provide biometric authentication services.
 上記の実施形態の一部又は全部は、以下の付記のようにも記載され得るが、以下には限られない。
[付記1]
 生体認証を用いたサービスを提供する複数のサービス提供者のなかから、利用者がサービスの提供を受けたいサービス提供者を選択することを可能とする、サービス選択制御手段と、
 前記利用者により選択されたサービス提供者であって、顧客を管理するためのアカウントを有し、且つ、前記顧客にサービスを提供するために必要な業務情報を生体認証の際に使用するサービス提供者が、生体認証に用いる認証情報の原本となる原本生体情報を取得するための制御を行う、利用者登録制御手段と、
 を備える、サーバ装置。
[付記2]
 前記利用者登録制御手段は、
 前記利用者の端末に対し、前記利用者により選択されたサービス提供者のアカウントにログインするための情報を送信し、
 前記利用者のアカウントを管理するサーバから生体情報提供要求を受信したことに応じて、前記端末に対し、生体認証に用いられる認証情報の原本となる原本生体情報の提供を要求することで前記原本生体情報を前記端末から取得し、
 前記取得された原本生体情報を前記サーバに送信する、付記1に記載のサーバ装置。
[付記3]
 前記利用者登録制御手段は、自装置で前記利用者を管理するためのシステムIDが埋め込まれたリダイレクト用URL(Uniform Resource Locator)を前記利用者がアカウントにログインするための情報として前記端末に送信する、付記2に記載のサーバ装置。
[付記4]
 前記利用者登録制御手段は、前記サーバが前記業務情報を利用者から取得した後に、前記サーバから前記生体情報提供要求を受信する、付記3に記載のサーバ装置。
[付記5]
 前記業務情報は、チケットに関する情報である、付記4に記載のサーバ装置。
[付記6]
 前記チケットは、一度の使用に限られるチケット又は複数回利用されるチケットである、付記5に記載のサーバ装置。
[付記7]
 前記複数回利用されるチケットは、周遊券又は定期券のいずれかである、付記6に記載のサーバ装置。
[付記8]
 前記原本生体情報は、顔画像である付記1乃至7のいずれか一項に記載のサーバ装置。
[付記9]
 利用者が所持する端末と、
 サーバ装置と、
 を含み、
 前記サーバ装置は、
 生体認証を用いたサービスを提供する複数のサービス提供者のなかから、利用者がサービスの提供を受けたいサービス提供者を選択することを可能とする、サービス選択制御手段と、
 前記利用者により選択されたサービス提供者であって、顧客を管理するためのアカウントを有し、且つ、前記顧客にサービスを提供するために必要な業務情報を生体認証の際に使用するサービス提供者が、生体認証に用いる認証情報の原本となる原本生体情報を取得するための制御を行う、利用者登録制御手段と、
 を備え、
 前記利用者登録制御手段は、
 前記利用者の端末に対し、前記利用者により選択されたサービス提供者のアカウントにログインするための情報を送信し、
 前記利用者のアカウントを管理するサーバから生体情報提供要求を受信したことに応じて、前記端末に対し、生体認証に用いられる認証情報の原本となる原本生体情報の提供を要求することで前記原本生体情報を前記端末から取得し、
 前記取得された原本生体情報を前記サーバに送信する、システム。
[付記10]
 サーバ装置において、
 生体認証を用いたサービスを提供する複数のサービス提供者のなかから、利用者がサービスの提供を受けたいサービス提供者を選択することを可能とし、
 前記利用者により選択されたサービス提供者であって、顧客を管理するためのアカウントを有し、且つ、前記顧客にサービスを提供するために必要な業務情報を生体認証の際に使用するサービス提供者が、生体認証に用いる認証情報の原本となる原本生体情報を取得するための制御を行う、サーバ装置の制御方法。
[付記11]
 サーバ装置に搭載されたコンピュータに、
 生体認証を用いたサービスを提供する複数のサービス提供者のなかから、利用者がサービスの提供を受けたいサービス提供者を選択することを可能とする処理と、
 前記利用者により選択されたサービス提供者であって、顧客を管理するためのアカウントを有し、且つ、前記顧客にサービスを提供するために必要な業務情報を生体認証の際に使用するサービス提供者が、生体認証に用いる認証情報の原本となる原本生体情報を取得するための制御を行う処理と、
 を実行させるためのプログラムを記憶する、コンピュータ読取可能な記憶媒体。 A part or all of the above-described embodiments can be described as, but is not limited to, the following supplementary notes.
[Appendix 1]
a service selection control means for enabling a user to select a service provider from which the user wishes to receive a service from among a plurality of service providers that provide services using biometric authentication;
a user registration control means for controlling the service provider selected by the user, the service provider having an account for managing customers and using business information required for providing a service to the customer when performing biometric authentication, to acquire original biometric information that is an original of authentication information used for biometric authentication;
A server device comprising:
[Appendix 2]
The user registration control means
Transmitting to the user's terminal information for logging in to an account of a service provider selected by the user;
In response to receiving a biometric information provision request from a server that manages an account of the user, request the terminal to provide original biometric information that is an original of authentication information used for biometric authentication, thereby acquiring the original biometric information from the terminal;
2. The server device according to claim 1, further comprising: a server device configured to transmit the acquired original biometric information to the server.
[Appendix 3]
The server device described in Appendix 2, wherein the user registration control means sends a redirect Uniform Resource Locator (URL) embedded with a system ID for managing the user on the device to the terminal as information for the user to log in to an account.
[Appendix 4]
4. The server device according to claim 3, wherein the user registration control means receives the biometric information provision request from the server after the server acquires the business information from the user.
[Appendix 5]
The server device according to claim 4, wherein the business information is information related to a ticket.
[Appendix 6]
6. The server device according to claim 5, wherein the ticket is a one-time use ticket or a multiple-use ticket.
[Appendix 7]
The server device according to claim 6, wherein the ticket that can be used multiple times is either a round-trip ticket or a commuter pass.
[Appendix 8]
8. The server device according to claim 1, wherein the original biometric information is a face image.
[Appendix 9]
A terminal owned by the user;
A server device;
Including,
The server device
a service selection control means for enabling a user to select a service provider from which the user wishes to receive a service from among a plurality of service providers that provide services using biometric authentication;
a user registration control means for controlling the service provider selected by the user, the service provider having an account for managing customers and using business information required for providing a service to the customer when performing biometric authentication, to acquire original biometric information that is an original of authentication information used for biometric authentication;
Equipped with
The user registration control means
Transmitting to the user's terminal information for logging in to an account of a service provider selected by the user;
In response to receiving a biometric information provision request from a server that manages an account of the user, request the terminal to provide original biometric information that is an original of authentication information used for biometric authentication, thereby acquiring the original biometric information from the terminal;
The system transmits the acquired original biometric information to the server.
[Appendix 10]
In the server device,
A system is provided that enables a user to select a service provider from among a plurality of service providers that provide services using biometric authentication,
A control method for a server device, in which a service provider selected by the user, which has an account for managing customers and uses business information necessary for providing services to the customer during biometric authentication, performs control to obtain original biometric information that is the original of authentication information to be used for biometric authentication.
[Appendix 11]
A computer installed in the server device
A process for enabling a user to select a service provider from which the user wishes to receive a service from among a plurality of service providers that provide services using biometric authentication;
a process of controlling a service provider selected by the user, the service provider having an account for managing customers and using business information required for providing a service to the customer when performing biometric authentication, to acquire original biometric information that is an original of authentication information to be used for biometric authentication;
A computer-readable storage medium that stores a program for executing the above.
 なお、引用した上記の先行技術文献の各開示は、本書に引用をもって繰り込むものとする。以上、本発明の実施形態を説明したが、本発明はこれらの実施形態に限定されるものではない。これらの実施形態は例示にすぎないということ、及び、本発明のスコープ及び精神から逸脱することなく様々な変形が可能であるということは、当業者に理解されるであろう。即ち、本発明は、請求の範囲を含む全開示、技術的思想にしたがって当業者であればなし得る各種変形、修正を含むことは勿論である。 The disclosures of the above cited prior art documents are incorporated herein by reference. Although the embodiments of the present invention have been described above, the present invention is not limited to these embodiments. Those skilled in the art will understand that these embodiments are merely illustrative and that various modifications are possible without departing from the scope and spirit of the present invention. In other words, the present invention naturally includes various modifications and amendments that a person skilled in the art can make in accordance with the entire disclosure, including the scope of the claims, and the technical ideas.
10 制御サーバ
20 サービスサーバ
30 認証端末
40 端末
50 チケット管理サーバ
60 決済サーバ
70 特徴量生成サーバ
100 サーバ装置
101 サービス選択制御手段
102 利用者登録制御手段
201 通信制御部
202 アカウント管理部
203 事業者管理部
204 サービス選択制御部
205 利用者登録制御部
206 記憶部
301 通信制御部
302 業務情報管理部
303 利用者登録制御部
304 認証部
305 記憶部
311 プロセッサ
312 メモリ
313 入出力インターフェイス
314 通信インターフェイス
401 通信制御部
402 生体情報取得部
403 認証要求部
404 機能実現部
405 記憶部
501 通信制御部
502 アカウント生成制御部
503 原本情報取得部
504 サービス選択部
505 記憶部 10 Control server 20 Service server 30 Authentication terminal 40 Terminal 50 Ticket management server 60 Payment server 70 Feature quantity generation server 100 Server device 101 Service selection control means 102 User registration control means 201 Communication control unit 202 Account management unit 203 Business management unit 204 Service selection control unit 205 User registration control unit 206 Storage unit 301 Communication control unit 302 Business information management unit 303 User registration control unit 304 Authentication unit 305 Storage unit 311 Processor 312 Memory 313 Input/output interface 314 Communication interface 401 Communication control unit 402 Biometric information acquisition unit 403 Authentication request unit 404 Function realization unit 405 Storage unit 501 Communication control unit 502 Account generation control unit 503 Original information acquisition unit 504 Service selection unit 505 Storage unit

Claims (11)

  1.  生体認証を用いたサービスを提供する複数のサービス提供者のなかから、利用者がサービスの提供を受けたいサービス提供者を選択することを可能とする、サービス選択制御手段と、
     前記利用者により選択されたサービス提供者であって、顧客を管理するためのアカウントを有し、且つ、前記顧客にサービスを提供するために必要な業務情報を生体認証の際に使用するサービス提供者が、生体認証に用いる認証情報の原本となる原本生体情報を取得するための制御を行う、利用者登録制御手段と、
     を備える、サーバ装置。     a service selection control means for enabling a user to select a service provider from which the user wishes to receive a service from among a plurality of service providers that provide services using biometric authentication;
    a user registration control means for controlling the service provider selected by the user, the service provider having an account for managing customers and using business information required for providing a service to the customer when performing biometric authentication, to acquire original biometric information that is an original of authentication information used for biometric authentication;
    A server device comprising:
  2.  前記利用者登録制御手段は、
     前記利用者の端末に対し、前記利用者により選択されたサービス提供者のアカウントにログインするための情報を送信し、
     前記利用者のアカウントを管理するサーバから生体情報提供要求を受信したことに応じて、前記端末に対し、生体認証に用いられる認証情報の原本となる原本生体情報の提供を要求することで前記原本生体情報を前記端末から取得し、
     前記取得された原本生体情報を前記サーバに送信する、請求項1に記載のサーバ装置。     The user registration control means
    Transmitting to the user's terminal information for logging in to an account of a service provider selected by the user;
    In response to receiving a biometric information provision request from a server that manages an account of the user, the device is requested to provide original biometric information that is an original of authentication information used for biometric authentication, thereby acquiring the original biometric information from the device;
    The server device according to claim 1 , further comprising: a server device configured to transmit the acquired original biometric information to the server.
  3.  前記利用者登録制御手段は、自装置で前記利用者を管理するためのシステムIDが埋め込まれたリダイレクト用URL(Uniform Resource Locator)を前記利用者がアカウントにログインするための情報として前記端末に送信する、請求項2に記載のサーバ装置。 The server device according to claim 2, wherein the user registration control means transmits to the terminal a redirect URL (Uniform Resource Locator) in which a system ID for managing the user on the device is embedded as information for the user to log in to an account.
  4.  前記利用者登録制御手段は、前記サーバが前記業務情報を利用者から取得した後に、前記サーバから前記生体情報提供要求を受信する、請求項3に記載のサーバ装置。 The server device according to claim 3, wherein the user registration control means receives the biometric information provision request from the server after the server acquires the business information from the user.
  5.  前記業務情報は、チケットに関する情報である、請求項4に記載のサーバ装置。 The server device according to claim 4, wherein the business information is information related to tickets.
  6.  前記チケットは、一度の使用に限られるチケット又は複数回利用されるチケットである、請求項5に記載のサーバ装置。 The server device according to claim 5, wherein the ticket is a ticket that can be used only once or a ticket that can be used multiple times.
  7.  前記複数回利用されるチケットは、周遊券又は定期券のいずれかである、請求項6に記載のサーバ装置。 The server device according to claim 6, wherein the ticket that is used multiple times is either a round trip ticket or a commuter pass.
  8.  前記原本生体情報は、顔画像である請求項1乃至7のいずれか一項に記載のサーバ装置。 The server device according to any one of claims 1 to 7, wherein the original biometric information is a facial image.
  9.  利用者が所持する端末と、
     サーバ装置と、
     を含み、
     前記サーバ装置は、
     生体認証を用いたサービスを提供する複数のサービス提供者のなかから、利用者がサービスの提供を受けたいサービス提供者を選択することを可能とする、サービス選択制御手段と、
     前記利用者により選択されたサービス提供者であって、顧客を管理するためのアカウントを有し、且つ、前記顧客にサービスを提供するために必要な業務情報を生体認証の際に使用するサービス提供者が、生体認証に用いる認証情報の原本となる原本生体情報を取得するための制御を行う、利用者登録制御手段と、
     を備え、
     前記利用者登録制御手段は、
     前記利用者の端末に対し、前記利用者により選択されたサービス提供者のアカウントにログインするための情報を送信し、
     前記利用者のアカウントを管理するサーバから生体情報提供要求を受信したことに応じて、前記端末に対し、生体認証に用いられる認証情報の原本となる原本生体情報の提供を要求することで前記原本生体情報を前記端末から取得し、
     前記取得された原本生体情報を前記サーバに送信する、システム。     A terminal owned by the user;
    A server device;
    Including,
    The server device includes:
    a service selection control means for enabling a user to select a service provider from which the user wishes to receive a service from among a plurality of service providers that provide services using biometric authentication;
    a user registration control means for controlling the service provider selected by the user, the service provider having an account for managing customers and using business information required for providing a service to the customer when performing biometric authentication, to acquire original biometric information that is an original of authentication information used for biometric authentication;
    Equipped with
    The user registration control means
    Transmitting information to the user's terminal for logging in to an account of a service provider selected by the user;
    In response to receiving a biometric information provision request from a server that manages an account of the user, request the terminal to provide original biometric information that is an original of authentication information used for biometric authentication, thereby acquiring the original biometric information from the terminal;
    The system transmits the acquired original biometric information to the server.
  10.  サーバ装置において、
     生体認証を用いたサービスを提供する複数のサービス提供者のなかから、利用者がサービスの提供を受けたいサービス提供者を選択することを可能とし、
     前記利用者により選択されたサービス提供者であって、顧客を管理するためのアカウントを有し、且つ、前記顧客にサービスを提供するために必要な業務情報を生体認証の際に使用するサービス提供者が、生体認証に用いる認証情報の原本となる原本生体情報を取得するための制御を行う、サーバ装置の制御方法。     In the server device,
    A system is provided that enables a user to select a service provider from among a plurality of service providers that provide services using biometric authentication,
    A control method for a server device, in which a service provider selected by the user, which has an account for managing customers and uses business information necessary for providing services to the customer during biometric authentication, performs control to obtain original biometric information that is the original of authentication information to be used for biometric authentication.
  11.  サーバ装置に搭載されたコンピュータに、
     生体認証を用いたサービスを提供する複数のサービス提供者のなかから、利用者がサービスの提供を受けたいサービス提供者を選択することを可能とする処理と、
     前記利用者により選択されたサービス提供者であって、顧客を管理するためのアカウントを有し、且つ、前記顧客にサービスを提供するために必要な業務情報を生体認証の際に使用するサービス提供者が、生体認証に用いる認証情報の原本となる原本生体情報を取得するための制御を行う処理と、
     を実行させるためのプログラムを記憶する、コンピュータ読取可能な記憶媒体。     A computer installed in the server device
    A process for enabling a user to select a service provider from which the user wishes to receive a service from among a plurality of service providers that provide services using biometric authentication;
    a process in which a service provider selected by the user, which has an account for managing customers and uses business information required for providing a service to the customer when performing biometric authentication, performs control to acquire original biometric information that is an original of authentication information used for biometric authentication;
    A computer-readable storage medium that stores a program for executing the above.
PCT/JP2022/040919 2022-11-01 2022-11-01 Server device, system, server device control method, and storage medium WO2024095376A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/JP2022/040919 WO2024095376A1 (en) 2022-11-01 2022-11-01 Server device, system, server device control method, and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2022/040919 WO2024095376A1 (en) 2022-11-01 2022-11-01 Server device, system, server device control method, and storage medium

Publications (1)

Publication Number Publication Date
WO2024095376A1 true WO2024095376A1 (en) 2024-05-10

Family

ID=90930067

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2022/040919 WO2024095376A1 (en) 2022-11-01 2022-11-01 Server device, system, server device control method, and storage medium

Country Status (1)

Country Link
WO (1) WO2024095376A1 (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2020052574A (en) * 2018-09-25 2020-04-02 株式会社リコー Management device, data distribution system and program
JP2021135901A (en) * 2020-02-28 2021-09-13 ジー・プラン株式会社 Service setting system, service setting device, and method and program for service setting
JP2022001988A (en) * 2020-06-19 2022-01-06 株式会社アルメックス Face recognition management system and face recognition management server
JP2022145793A (en) * 2020-04-10 2022-10-04 日本電気株式会社 Authentication server, control method thereof, and program

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2020052574A (en) * 2018-09-25 2020-04-02 株式会社リコー Management device, data distribution system and program
JP2021135901A (en) * 2020-02-28 2021-09-13 ジー・プラン株式会社 Service setting system, service setting device, and method and program for service setting
JP2022145793A (en) * 2020-04-10 2022-10-04 日本電気株式会社 Authentication server, control method thereof, and program
JP2022001988A (en) * 2020-06-19 2022-01-06 株式会社アルメックス Face recognition management system and face recognition management server

Similar Documents

Publication Publication Date Title
US9299203B2 (en) Access level management techniques
JP6897953B2 (en) Admission terminal, admission method, admission program, and admission system
JP2019057004A (en) Authentication system, authentication method and information processor
US9769171B2 (en) Management apparatus, membership managing method, service providing apparatus, and membership managing system
JP7364057B2 (en) Information processing device, system, face image update method and program
WO2024095376A1 (en) Server device, system, server device control method, and storage medium
WO2024095373A1 (en) Server device, system, server device control method, and storage medium
WO2024095377A1 (en) Server device, system, server device control method, and storage medium
WO2024122001A1 (en) Server device, system, server device control method, and storage medium
WO2021240749A1 (en) Server device, system, subsidy application method, and non-transitory computer-readable medium
WO2022174354A1 (en) Identity-based enablement of event access control
WO2024122002A1 (en) Terminal, system, method for controlling terminal, and storage medium
TW202207061A (en) Terminal device, information processing system, and program
WO2024122003A1 (en) Server device, system, server device control method, and storage medium
JP7332079B1 (en) Terminal, system, terminal control method and program
WO2023248445A1 (en) System, terminal, method for controlling terminal, and storage medium
KR20210091983A (en) System and method for providing integration service of smart ticket
WO2024003985A1 (en) Server device, system, server device control method, and storage medium
JP7409411B2 (en) Servers, systems, server control methods, programs, terminals, and terminal control methods
WO2023053268A1 (en) System, authentication terminal, authentication terminal control method, and storage medium
JP7363982B2 (en) Authentication terminal, authentication terminal control method and program
CN106030645A (en) Check-in systems and methods
WO2024057457A1 (en) Authentication terminal, system, control method of authentication terminal, and recording medium
JP7276523B2 (en) MANAGEMENT SERVER, SYSTEM, TOKEN ISSUING METHOD AND COMPUTER PROGRAM
WO2022190344A1 (en) System and proxy payment method