JP2020095670A - System, method, and program for authentication - Google Patents

Abstract

To provide an authentication system, authentication method, and authentication program, which enable highly reliable identity verification.SOLUTION: An authentication system for identity verification is provided, comprising: a captured image data acquisition unit for acquiring captured image data of an identity verification document; and a determination unit configured to analyze the captured image data acquired by the captured image acquisition unit to determine whether the identity verification document has a thickness or not.SELECTED DRAWING: Figure 1

Description

The present invention relates to an authentication system, an authentication method, and an authentication program, and more particularly, to an authentication system, an authentication method, and an authentication program for personal identification.

As a personal identification method, an authentication device using a face photograph has been known. In order to prevent “spoofing” due to this facial photograph, the conventional authentication device randomly selects one phrase from a plurality of phrases stored in the storage unit when performing personal authentication, and selects the selected phrase. It is output to a display device to cause the user to pronounce, and by using the imaged data obtained by imaging the user, the movement data of the user's mouth and the voice data of the voice uttered by the user are analyzed to determine whether or not the user is uttering a phrase. It has been proposed to perform personal authentication by doing so (for example, refer to Patent Document 1).

JP, 2011-215942, A

In the authentication method disclosed in Patent Document 1, it is possible to prevent impersonation because it is determined whether or not the user is uttering a phrase by analyzing the movement of the user's mouth and the voice data of the voice uttered by the user. There is. However, there is room for further improvement in the reliability of identity verification.

The present invention has been made in view of the above problems, and an object of the present invention is to provide an authentication system, an authentication method, and an authentication program that can perform highly reliable identity verification.

In order to solve the above problems, the authentication system of the present invention is an authentication system for identity verification, and is acquired by an imaging data acquisition unit that acquires imaging data of an identity verification document and the imaging data acquisition unit. A determination unit configured to analyze the imaged data and determine whether or not the personal identification document has a thickness.

According to the present invention, it is possible to provide an authentication system, an authentication method, and an authentication program that can perform highly reliable identity verification.

It is a schematic block diagram of the authentication system 1 which concerns on 1st Embodiment. It is a structure and a functional block diagram of the user terminal 2 which concerns on 1st Embodiment. It is a structure and a functional block diagram of the authentication server 3 which concerns on 1st Embodiment. It is a figure explaining operation|movement of the 1st thru|or 4th determination part of the authentication server 3 which concerns on 1st Embodiment. It is a flowchart figure which shows the process of the authentication system which concerns on 1st Embodiment (imaging process). It is a flowchart figure which shows the process of the authentication system which concerns on 1st Embodiment (authentication process). It is a functional block diagram of the user terminal 2 and the authentication server 3 which concern on 2nd Embodiment. It is a flowchart figure which shows the process of the authentication system which concerns on 2nd Embodiment (imaging process). It is a flowchart figure which shows the process of the authentication system which concerns on 2nd Embodiment (authentication process). It is a flowchart figure which shows the process of the authentication system which concerns on the modification 2 of 2nd Embodiment (authentication process). It is a functional block diagram of user terminal 2 and authentication server 3 concerning a 3rd embodiment. It is a figure which shows an example of the screen displayed on the display device 200D of the user terminal 2 which concerns on 3rd Embodiment. It is a flowchart figure which shows the process of the authentication system which concerns on 3rd Embodiment (imaging process).

Hereinafter, embodiments of the present invention will be described with reference to the drawings. In addition to the driver's license, passports (passports), Basic Resident Register cards (with photos), residence cards, etc. can be used as the identity verification documents with a face photo used for identity verification. You can

[First Embodiment]
First, the configuration of the authentication system 1 will be described with reference to FIG. The authentication system 1 includes a user terminal 2 and an authentication server 3. The user terminal 2 and the authentication server 3 have a configuration in which they are connected via a network 4. The numbers of the user terminals 2 and the authentication servers 3 included in the authentication system 1 are arbitrary. The network 4 may be composed of any communication network as long as the user terminal 2 and the authentication server 3 can communicate with each other.

(User terminal 2)
The user terminal 2 is a terminal (for example, a smartphone, a tablet PC (Personal Computer), a desktop PC, a notebook PC, or the like) used by a user U (for example, a user who wants to perform authentication for identity verification). The user U uses the user terminal 2 to authenticate himself/herself.

2A is a hardware configuration diagram of the user terminal 2, and FIG. 2B is a functional block diagram of the user terminal 2. As shown in FIG. 2A, the user terminal 2 has a configuration in which a communication IF 200A, a storage device 200B, an input device 200C, a display device 200D, an imaging device 200E, an audio output device 200F, and a CPU 200G are connected via a bus 200H. Equipped with.

The communication IF 200A is an interface for communicating with the authentication server 3.

The storage device 200B is, for example, an HDD or a semiconductor storage device. An authentication program (application software) is stored in the storage device 200B. Further, the storage device 200B stores a database in which text data and voice data for instructing a plurality of operations used in an operation instruction unit 208 described later are stored in association with the operation ID.

Text data and voice data of various actions are stored in the database in association with the action ID. For example, "Please close both eyelids for 3 seconds", "Please close your left eyelid for 3 seconds", "Please close your right eyelid for 3 seconds", "Open your mouth wide", "Face to fit the screen". "Please move your voice", "Please nod loudly", "Slowly pronounce "A-O-U-E-O"", "Put your tongue out" and other text and voice data It is stored in association with the ID.

Table 1 below shows an example of the database. As shown in Table 1, text data and voice data of various actions are stored in association with the action ID.

In the first embodiment, the operation instruction is given to the user U by displaying the text data on the display device 200D and outputting the voice data from the voice output device 200F. However, the text data is displayed on the display device 200D. Alternatively, the operation instruction may be given to the user U by either the display of 1 or the output of the audio data from the audio output device 200F.

The input device 200C is, for example, a touch panel, a keyboard, a mouse, or the like, and the user U can operate the input device 200C to authenticate himself/herself.

The display device 200D is, for example, a liquid crystal monitor or an organic EL monitor. The display device 200D displays a screen required for using the authentication system 1 according to the first embodiment.

The image pickup apparatus 200E is, for example, a camera including a solid-state image pickup element such as a CCD (charge coupled device) image sensor or a CMOS (complementary MOS) image sensor. The user U uses the image capturing apparatus 200E to capture a moving image of the identity verification document (hereinafter, also referred to as first imaged data) and a self-taken moving image of the user U (hereinafter, also referred to as second imaged data). By capturing a moving image of the personal identification document, it can be confirmed that the personal identification document is not an image of the personal identification document acquired from the internet or the like, and the reliability of the personal identification can be improved.

The audio output device 200F is a speaker and outputs audio.

The CPU 200G controls the user terminal 2 and includes a ROM (Read Only Memory) and a RAM (Random Access Memory) not shown.

As shown in FIG. 2B, the user terminal 2 has an imaging device control unit 201, an input reception unit 202, a display device control unit 203, a transmission unit 204, a reception unit 205, an operation extraction unit 206, and an instruction timing determination unit 207. , The operation instruction unit 208, the audio output device control unit 209, the storage device control unit 210, and the like. The function shown in FIG. 2B is realized by the CPU 200G executing the management program stored in the ROM (not shown) of the user terminal 2.

The imaging device control unit 201 controls imaging by the imaging device 200E. Specifically, the imaging device control unit 201 controls the imaging device 200E.

The input receiving unit 202 receives an input operation on the input device 200C.

The display device control unit 203 controls the display device 200D. Specifically, the display device control unit 203 displays a screen required for using the authentication system 1 according to the first embodiment. For example, the display device control unit 203 reads the text data corresponding to the motion ID extracted by the motion extraction unit 206 based on the instruction from the motion instruction unit 208, and displays it on the display device 200D. On the display device 200D, the instruction is displayed as text (for example, "please close your eyes for 3 seconds").

The transmission unit 204 may, for example, capture data (first and second capture data), a timing at which an operation is instructed (a timing of an operation instruction determined by the instruction timing determination unit 207 (how many seconds after the start of capturing a self-portrait moving image, )), and information of the motion ID (motion ID extracted by the motion extraction unit 206) is transmitted to the authentication server 3.

The receiving unit 205 receives the information transmitted from the authentication server 3.

The motion extraction unit 206 randomly extracts one or more motion IDs from the motion IDs stored in the storage device 200B.

The instruction timing determination unit 207 randomly determines the timing at which the operation instruction unit 208, which will be described later, instructs the user U to perform an operation (for example, 3 seconds or 5 seconds after the start of capturing a self-shooting moving image).

The operation instruction unit 208 instructs the user U to perform one or more operations at the timing determined by the instruction timing determination unit 207. Specifically, the operation instruction unit 208 instructs the display device control unit 203 to display the text data corresponding to the operation ID extracted by the operation extraction unit 206 at the timing determined by the instruction timing determination unit 207. To do. Further, the operation instruction unit 208 instructs the audio output device control unit 209 to output the audio data corresponding to the operation ID extracted by the operation extraction unit 206 at the timing determined by the instruction timing determination unit 207.

The audio output device control unit 209 reads out audio data corresponding to the operation ID extracted by the operation extraction unit 206 based on the instruction from the operation instruction unit 208, and outputs the audio data from the audio output device 200F. From the voice output device 200F, an operation instruction is output as voice (for example, "please close your eyes for 3 seconds").

The storage device controller 210 controls the storage device 200B. Specifically, the storage device controller 210 controls the storage device 200B to write and read information.

(Authentication server 3)
The authentication server 3 confirms the identity of the user U based on the information transmitted from the user terminal 2 (first and second imaging data transmitted from the user terminal 2, operation instruction timing, operation ID).

FIG. 3A(a) is a hardware configuration diagram of the authentication server 3, and FIG. 3A(b) is a functional block diagram of the authentication server 3. FIG. 3B(a) is a diagram illustrating the operation of the first determination unit 304 included in the authentication server 3, and FIG. 3B(b) is a diagram illustrating the determination content of the second determination unit 305 included in the authentication server 3. 3B(c) is a diagram illustrating the determination content of the third determination unit 306 included in the authentication server 3, and FIG. 3B(d) is a diagram illustrating the determination content of the fourth determination unit 307 included in the authentication server 3. .. The authentication server 3 will be described below with reference to FIGS. 3A and 3B.

As shown in FIG. 3A(a), the authentication server 3 has a configuration in which a communication IF 300A, a storage device 300B, and a CPU 300C are connected via a bus 300D.

The communication IF 300A is an interface for communicating with the user terminal 2.

The storage device 300B is, for example, an HDD or a semiconductor storage device. The storage device 300B stores an authentication program used in the authentication system 1 and the like. Further, the storage device 300B stores a database in which a plurality of operation contents are stored in association with each operation ID for each operation. This corresponds to the database stored in the storage device 200B of the user terminal 2, and the authentication server 3 is transmitted from the user terminal 2 by referring to the database stored in the storage device 300B. Based on the motion ID, it is possible to recognize what motion the user terminal 2 has instructed the user U to do.

The CPU 300C controls the authentication server 3 and includes a ROM (Read Only Memory) and a RAM (Random Access Memory) not shown.

As shown in FIG. 3A(b), the authentication server 3 includes a reception unit 301 (first and second acquisition units), an operation instruction timing recognition unit 302, a still image data extraction unit 303, a first determination unit 304, and a second determination unit 304. It has the functions of the determination unit 305, the third determination unit 306, the fourth determination unit 307, the storage device control unit 308, the transmission unit 309, and the like. The function shown in FIG. 3A(b) is realized by the CPU 300C executing the management program stored in the ROM (not shown) of the authentication server 3.

The receiving unit 301 receives information transmitted from the user terminal 2, for example, image pickup data (first and second image pickup data), operation instruction timing, and operation ID information.

The operation instruction timing recognition unit 302 recognizes, based on the information on the timing of the operation instruction transmitted from the user terminal 2, how many seconds after the start of capturing the self-taken moving image, the operation is instructed.

The still image data extraction unit 303 extracts (cuts out) still image data from the imaged data (first and second imaged data) received by the receiving unit 301. Specifically, the still image data extraction unit 303 extracts still image data (hereinafter, also referred to as first image data) of the personal identification document (face photograph is included) from the first imaged data. Further, the still image data extraction unit 303, based on the timing of the operation instruction recognized by the operation instruction timing recognition unit 302, extracts the still image data before the operation instruction (second image data) from the second imaging data received by the reception unit 301. 2 image data) and still image data (hereinafter also referred to as third image data) after the operation instruction is extracted. For example, if the timing of the operation instruction recognized by the operation instruction timing recognition unit 302 is 3 seconds later, the still image data extraction unit 303 determines from the second image data received by the reception unit 301 that the operation instruction before Still image data (second image data) 3 seconds after the start of capturing the moving image and still image data (third image 3 seconds after the start of capturing the self-portrait moving image) Data) and.

The first determination unit 304, based on the first image data and the second image data extracted by the still image data extraction unit 303 (still image data of the face photograph of the identity verification document and still image data of the user U), It is determined whether the person in the face photograph of the personal identification document and the user U are the same person (see FIG. 3B(a)).

Specifically, the first determination unit 304 cuts out an area including a face (object) from the first and second image data. Next, the first determination unit 304, among a plurality of locations (a plurality of locations where the characteristics of a human face, such as the contour of a face, the contour of an eye, the eyebrows, the nose, and the mouth, appear), places that are particularly important are tilted. (Weighting is performed) to calculate the degree of similarity (point: the higher the degree of similarity, the higher the number of points) of each point given by this sloped point, and the calculated points are added together to calculate the total point. Next, the first determination unit 304 calculates a value obtained by normalizing the total number of points to a maximum of 100 points, and when the value is equal to or larger than a predetermined threshold value, determines that the person is the same person.

The degree of similarity (score) can be calculated, for example, from the following viewpoints. The following viewpoints are merely examples, and the similarity may be calculated from other viewpoints (methods).
(1) Distance relationship (eyes are separated/closer, etc.)
(2) Angle relationship (fishing/sagging, etc.)
(3) Positional relationship in the contour (face with parts centered, etc.)

The second determination unit 305, based on the first image data and the second image data extracted by the still image data extraction unit 303 (still image data of the face photograph of the identity verification document and still image data of the user U), It is determined whether or not the second image data is an image of the user U (whether or not an image of a facial photograph such as a personal identification document is diverted) (see FIG. 3B(b)).

Specifically, the second determination unit 305 cuts out an area including a face (object) from the first and second image data. Next, the second determination unit 305 determines the degree of similarity (the number of points: the more similar the points are, the more similar the points are, the contours of the face, the contours of the eyes, the eyebrows, the nose, the mouth, and the like). (High score) is calculated, and the calculated scores are added together to calculate the total score. Next, the second determination unit 305 calculates a value obtained by normalizing the total number of points to 100 points, and if the value exceeds a predetermined threshold value (for example, 90 points), spoofing, in other words, the identity verification document is stolen. In such a case, it is determined that the face photograph of the personal identification document is processed (eg, the face photograph is cut and used as the user's self-shooting image pickup data) and used as the user's image pickup data. In the first embodiment, the method of calculating the similarity (score) in the second determining unit 305 is the same as that of the first determining unit 304, but the similarity may be calculated by another method. Good.

The determination method of the first determination unit 304 is, for example, to increase the proportion of points (weight of the eyes, nose, mouth, etc.) where face differences (features) are particularly common (weighting), and If the same person has a total score of about 100 points by performing a grading with a lower proportion of points (lighter weighting), the total score will be about 0 points if they are not the same person. Depending on whether or not there is an extreme difference in the total score. Therefore, the characteristic (algorithm) is suitable for determining whether the same person or not. On the other hand, there is an extreme difference in the total score depending on whether the person is the same person, so if the identity verification document is stolen, the face photo of the identity verification document is processed (cut the face photo and take a self-portrait of the user. When the data is used as the image pickup data of the user (for example, as data), the image pickup data of the identity verification document and the image pickup data of the user U are the same person, and thus it is difficult to detect spoofing.

On the other hand, in the determination method of the second determination unit 305, since the inclination points (weighting) are not performed, the determination result (total score) is easily affected by a small angle difference such as a face angle. For this reason, it can be considered that the total number of points after standardization will not exceed 90 even for the same person. That is, if the total number of points after standardization exceeds a predetermined threshold value (for example, 90 points), or if the identity verification document is stolen, the face photo of the identity verification document is processed (the face photo is cut and the It may be used as the user's captured image data (for example, if the face of the personal identification document is too similar to the face of the self-portrait, the personal identification document, etc.) Suspected misappropriation of face photo).

As described above, in the first embodiment, the confirmation as to whether or not the person is the original person and the confirmation as to whether or not the image of the person himself/herself are diverted are performed using two determination methods having different characteristics (algorithms). Therefore, spoofing can be prevented very effectively.

Note that the determination method of the first determination unit 304 described above is an example, and if the determination method has a characteristic (algorithm) suitable for determining whether or not the same person is the same person, it is possible to use another inclined point allocation ratio or It does not prevent the use of the judgment method. The determination method of the second determination unit 305 described above is an example, and any other determination method can be used as long as the determination method has a characteristic (algorithm) suitable for determining whether or not a face photograph such as the personal identification document is used. It does not hinder the adoption of the graded point ratio and the use of the judgment method. For example, in the determinations of the first determination unit 304 and the second determination unit 305, if the respective characteristics are maintained, the ratio of the sloped points at a specific location may be changed, or the weighted average determination may be performed. Various methods can be adopted. Further, a known face authentication method may be used, or the first determination unit 304 and the second determination unit 305 may make the determination by changing the ratio of the sloped points at specific locations in the known face authentication. You can In addition, it is optional as to which part is the plurality of parts in which the characteristics of the human face appear.

The third determination unit 306 is based on the still image data before the operation instruction (second image data) and the still image data after the operation instruction (third image data) extracted by the still image data extraction unit 303. , The operation corresponding to the operation ID received by the receiving unit 301, in other words, it is determined whether the user U has performed the instructed operation (see FIG. 3B(c)). A known method can be used for the determination by the third determination unit 306. For example, an image serving as teacher data may be prepared for each motion ID, and the motion corresponding to each motion ID may be machine-learned, and then used for the determination by the third determination unit 306.

The fourth determination unit 307 determines, based on the still image data (second image data) before the operation instruction and the still image data (third image data) after the operation instruction, before the operation instruction and after the operation instruction. It is determined whether or not the user U shown in the still image data is the same person (see FIG. 3B(d)). Note that the determination method performed by the fourth determination unit 307 is the same as that of the first determination unit 304, and thus redundant description will be omitted.

The determination methods in the first determination unit 304 to the fourth determination unit 307 are not limited to those described above, and various methods can be used.

The storage device controller 308 controls the storage device 300B. Specifically, the storage device controller 308 controls the storage device 300B to write and read information.

If the determination result of any of the first determination unit 304, the second determination unit 305, the third determination unit 306, or the fourth determination unit 307 is NO, the transmission unit 309 indicates that the authentication could not be performed (authentication error). Is transmitted to the user terminal 2.

(Processing of Authentication System 1)
Hereinafter, the processing of the authentication system 1 will be described with reference to FIGS. 4A and 4B.

(Imaging process)
First, the image capturing process in the user terminal 2 of the authentication system 1 will be described with reference to FIG. 4A. In FIG. 4A, reference diagrams or sentences (characters) showing the processing contents of steps S101 to S105 are shown on the left side of each step.

(Step S101)
The user U operates the input device 200C of the user terminal 2 to capture a video of the identity verification document (in FIG. 4A, an operation of capturing both sides of the license is illustrated). The input receiving unit 202 receives an input operation on the input device 200C. The imaging device control unit 201 controls the imaging device 200E to capture an image based on the input operation received by the input reception unit 202. The imaging data of the identity verification document imaged by the imaging device 200E is temporarily stored in the storage device 200B by the storage device control unit 210.

(Step S102)
Next, the user U operates the input device 200C of the user terminal 2 to start taking a self-portrait of a moving image (in FIG. 4A, the face of the user U is illustrated). The input receiving unit 202 receives an input operation on the input device 200C. The imaging device control unit 201 controls the imaging device 200E based on the input operation accepted by the input acceptance unit 202 to start capturing a moving image. The imaging data (first imaging data) of the moving image started by the imaging device 200E is temporarily stored in the storage device 200B by the storage device control unit 210.

(Step S103)
The motion extraction unit 206 randomly extracts one or more motion IDs from the motions stored in the storage device 200B (in FIG. 4A, “close the third eye.” is illustrated).

(Step S104)
The instruction timing determination unit 207 randomly determines the timing at which the operation instruction unit 208, which will be described later, instructs the user U to perform an operation (in FIG. 4A, “after 3 seconds” is illustrated).

(Step S105)
The operation instruction unit 208 instructs the user U to perform one or more operations at the timing determined by the instruction timing determination unit 207 (in FIG. 4A, "close the third eye." is illustrated). The display device control unit 203 reads the text data corresponding to the motion ID extracted by the motion extraction unit 206 based on the instruction from the motion instruction unit 208, and displays it on the display device 200D. Further, the audio output device control unit 209 reads out audio data corresponding to the action ID extracted by the action extraction unit 206 based on the instruction from the action instruction unit 208, and outputs it from the audio output device 200F. The user U operates according to the instruction (in FIG. 4A, the face of the user U with his eyes closed is illustrated).

(Step S106)
Next, the user U operates the input device 200C of the user terminal 2 to end the capturing of the moving image. The input receiving unit 202 receives an input operation on the input device 200C. The imaging device control unit 201 controls the imaging device 200E based on the input operation accepted by the input acceptance unit 202, and ends the imaging of the moving image. The storage device controller 210 ends the storage of the imaging data (second imaging data) in the storage device 200B.

(Step S107)
The transmission unit 204 includes the image pickup data (first and second image pickup data) stored in the storage device 200B, the operation instruction timing determined by the instruction timing determination unit 207, and the operation ID information extracted by the operation extraction unit 206. Is transmitted to the authentication server 3.

In the above description, the video of the identity verification document is captured, and then the self-taken video of the user U is captured. However, after the video of the user U's self-captured video is captured, the video of the identity verification document is captured. You may do it. Further, although the first image pickup data and the second image pickup data are collectively sent to the authentication server 3 at the end, the first image pickup data and the second image pickup data are individually sent to the authentication server 3 each time the image is picked up. May be. Further, in step S101, the identity verification document is captured by a moving image, but a still image including a face photograph of the identity verification document may be captured instead of the moving image.

(Authentication process)
Next, the authentication processing in the authentication server 3 of the authentication system 1 will be described with reference to FIG. 4B.

(Step S201)
The receiving unit 301 receives information transmitted from the user terminal 2, for example, image pickup data (first and second image pickup data), operation instruction timing, and operation ID information.

(Step S202)
The operation instruction timing recognition unit 302 recognizes, based on the information on the timing of the operation instruction transmitted from the user terminal 2, how many seconds after the start of capturing the self-taken moving image, the operation is instructed.

(Step S203)
The still image data extraction unit 303 extracts still image data from the image pickup data (first and second image pickup data) received by the receiving unit 301. Specifically, the still image data extraction unit 303 extracts the still image data (first image data) of the personal identification document (a face photograph is included) from the first imaged data. In addition, the still image data extraction unit 303, based on the second image data received by the reception unit 301, still image data before the operation instruction (second image data) and still image data after the operation instruction (third image data). ) Is extracted. Note that the method of extracting the first to third image data from the first and second imaged data by the still image data extraction unit 303 has already been described, and thus redundant description will be omitted.

(Step S204)
The first determination unit 304, based on the first image data and the second image data extracted by the still image data extraction unit 303 (still image data of the face photograph of the identity verification document and still image data of the user U), It is determined whether the person in the face photograph of the identity verification document and the user U are the same person. Note that the determination method by the first determination unit 304 has already been described, so redundant description will be omitted.

(Step S205)
When the first determination unit 304 determines that the person in the face photograph of the identity verification document and the user U are the same person (YES in S204), the second determination unit 305, the second determination unit 305, the still Based on the first image data and the second image data extracted by the image data extraction unit 303 (still image data of the face photograph of the identity verification document and still image data of the user U), the second image data identifies the user U. It is determined whether or not the image is a captured image (whether or not the image of the facial photograph is diverted). Note that the determination method by the second determination unit 305 has already been described, so redundant description will be omitted.

(Step S206)
When the second determination unit 305 determines that the captured image data is the captured image of the user U (YES in S205), the third determination unit 306 determines that the operation instruction extracted by the still image data extraction unit 303 has not been issued. Based on the still image data (second image data) and the still image data after the operation instruction (third image data), the operation corresponding to the operation ID received by the receiving unit 301, in other words, the user U instructs It is determined whether the specified operation has been performed. Note that the determination method by the third determination unit 306 has already been described, so redundant description will be omitted.

(Step S207)
When the third determination unit 306 determines that the user U has performed the instructed action (YES in step S205), the fourth determination unit 307 determines the still image data (second image data) before the action instruction and the action. It is determined based on the still image data (third image data) after the instruction of (3) whether the user U shown in the still image data before the operation instruction and after the operation instruction is the same person. Note that the determination method by the fourth determination unit 307 has already been described, so redundant description will be omitted.

(Step S208)
If the determination result in any of the first determination processing (S204), the second determination processing (S205), the third determination processing (S206), or the fourth determination processing (S207) is NO, the authentication server 3 performs authentication. Perform error handling. Specifically, the authentication server 3 stops the authentication process, and the transmitting unit 309 transmits to the user terminal 2 the fact that the authentication could not be performed (authentication error). When the fourth determination unit 307 determines that the user U has performed the instructed operation (YES in S207), the authentication server 3 ends the authentication process.

In the description of FIG. 4B, the determinations by the first determination unit 304 to the fourth determination unit 307 are performed in order, but the determination order by the first determination unit 304 to the fourth determination unit 307 is the order shown in FIG. 4B. There is no limit to the order. In other words, the order of determination by the first determination unit 304 to the fourth determination unit 307 illustrated in FIG. 4B may be changed.

[Modification of First Embodiment]
In the first embodiment, the authentication server 3 has the functions of the first determination unit 304, the second determination unit 305, the still image data extraction unit 303, the third determination unit 306, and the fourth determination unit 307. Although the authentication process is performed in the authentication server 3, the user terminal 2 is configured to operate the first determination unit 304, the second determination unit 305, the still image data extraction unit 303, the third determination unit 306, and the fourth determination unit 307. The user terminal 2 having a function may perform the authentication process. In the first embodiment described above, the user terminal 2 has the functions of the motion extraction unit 206, the instruction timing determination unit 207, and the operation instruction unit 208, but the authentication server 3 uses the action extraction unit 206 and the instruction timing determination. The function instructing unit 208 has the functions of the unit 207 and the operation instructing unit 208, and the operation instructing unit 208 controls the operation extracted by the operation extracting unit 206 at the timing determined by the instruction timing determining unit 207 from the transmitting unit 309 of the authentication server 3 to the user terminal 2. May be transmitted to.

In addition, the user terminal 2 has the function of the still image data extraction unit 303, extracts the first to third still image data from the first and second captured image data, and then outputs the first to third still image data to the authentication server. 3, the authentication server 3 may perform the authentication of the identity confirmation described with reference to FIG. 4B based on the first to third still image data transmitted from the user terminal 2. By doing so, the amount of data transmitted from the user terminal 2 can be significantly reduced.

(effect)
As described above, the authentication system 1 according to the first embodiment is the authentication system 1 for personal identification, and includes the receiving unit 301 (first image capturing data of the face photograph of the personal identification document and the image capturing data of the user). 1, second acquisition unit), the imaging data acquired by the first acquisition unit, and the imaging data acquired by the second acquisition unit, based on the imaging data acquired by the second acquisition unit. Based on the first determination unit 304 that determines whether the person is the same, the imaging data acquired by the first acquisition unit, and the imaging data acquired by the second acquisition unit, the acquisition unit acquires the second acquisition unit. The second determination unit 305 that determines whether or not the captured image data is not a diversion of another captured image of the user U.

That is, the authentication system 1 determines whether the person in the face photograph of the personal identification document and the user are the same person, and whether the captured data is a captured image of the user U. Since this is done, spoofing can be effectively prevented. Further, since the moving image of the user U is used as the imaging data, there is no possibility that the face photograph of the identity verification document will be processed and used as the imaging data of the user when the identity verification document is stolen, etc. Can be effectively prevented. As a result, the reliability of identity verification is enhanced.

Further, the first determination unit 304 and the second determination unit 305 determine whether or not the person of the face photograph of the personal identification document and the user are the same person by different determination algorithms, and the reception unit 301 (second acquisition unit). It is determined whether or not the image pickup data acquired by is a picked-up image of the user U. As described above, in the first embodiment, the first determination unit 304 and the second determination unit 305 have different characteristics (algorithms) for confirming whether or not the person is the person and confirming whether or not the image of the person is being diverted. Judgment is made using two judgment methods. Therefore, spoofing can be prevented very effectively. As a result, the reliability of identity verification is further enhanced.

Further, the authentication system 1 extracts the still image data before the instruction and the still image data after the instruction from the operation instruction unit 208 that instructs the user U to perform one or more operations, and the imaged data of the user U. A still image data extraction unit 303 and a third determination unit 306 that determines whether or not the user U has performed the instructed operation based on the still image data before the instruction and the still image data after the instruction. There is. Further, the authentication system 1 determines whether or not the user U of the still image data before the instruction and the user U of the still image data after the instruction is the same person based on the still image data before the instruction and the still image data after the instruction. The determination unit 307 is provided. Therefore, spoofing can be prevented more effectively. For example, it is possible to effectively prevent spoofing without fear that the moving image of the user whose identity verification document has been stolen is used as the imaged data of the user.

The authentication system 1 also includes a motion extraction unit 206 that randomly extracts one or more motions from the storage device 200B by referring to the memory device 200B that stores two or more different motions. The operation extracted by the extraction unit 206 is instructed to the user U. By giving a randomly selected action, it is difficult for a spoofing criminal to prepare imaging data corresponding to the instruction in advance, and the spoofing can be effectively prevented.

The authentication system 1 also includes an instruction timing determination unit 207 that randomly determines the timing to instruct the operation, and the operation instruction unit 208 instructs the user to perform the operation at the timing determined by the instruction timing determination unit 207. .. By making the timing of instructing the operation random, it becomes difficult for the impersonator to prepare the imaging data corresponding to the instruction in advance, and the impersonation can be effectively prevented.

Also, in the authentication system 1, the operation instruction unit 208 instructs the user U to perform two or more different operations. By instructing the user U to perform two or more different operations, it becomes difficult for the impersonator to prepare imaging data corresponding to the instruction in advance, and impersonation can be effectively prevented.

[Second Embodiment]
In the second embodiment, an authentication system that further enhances the reliability of identity verification will be described. Hereinafter, the authentication system according to the second embodiment will be described with reference to the drawings, but a configuration different from the authentication system according to the first embodiment and the modification described with reference to FIGS. 1 to 4B will be described. Overlapping description of the same configurations as those of the authentication system and the modification according to the first embodiment will be omitted.

FIG. 5 is a functional block diagram of the user terminal 2 and the authentication server 3 according to the second embodiment. FIG. 5A is a functional block diagram of the user terminal 2, and FIG. 5B is a functional block diagram of the authentication server 3.

(Functional configuration of the user terminal 2)
As shown in FIG. 5A, the user terminal 2 according to the second embodiment has an imaging device control unit 201, an input reception unit 202, a display device control unit 203, a transmission unit 204, a reception unit 205, and a motion extraction unit 206. , The instruction timing determination unit 207, the operation instruction unit 208, the audio output device control unit 209, the storage device control unit 210, and the imaging method instruction unit 211. The function shown in FIG. 5A is realized by the CPU 200G executing the management program stored in the ROM (not shown) of the user terminal 2. The functions of the user terminal 2 according to the second embodiment will be described below with reference to FIG. 5A, but the functions other than the imaging method instruction unit 211 are the same as those of the user terminal 2 according to the first embodiment. Therefore, duplicate description will be omitted.

First, the data stored in the storage device 200B of the user terminal 2 according to the second embodiment will be described. In the storage device 200B of the user terminal 2 according to the second embodiment, in addition to the data stored in the storage device 200B of the user terminal 2 according to the first embodiment, text data used by the imaging method instruction unit 211. And voice data are stored in association with the instruction ID.

Table 2 below shows an example of text data and audio data used in the imaging method instruction unit 211. In addition, even if "Please turn over the identity verification document when you have finished shooting the front surface." associated with the instruction ID "B003", please turn over and return the identity verification document when you have finished shooting the front surface." Good.

When the image capturing process (see FIG. 4A) of the authentication system 1 according to the second embodiment is started, the image capturing method instructing unit 211 describes the user U in Table 2 at predetermined intervals (for example, every several seconds). The instructions associated with the instruction ID are presented in ascending order. Specifically, when the imaging process is started, the imaging method instruction unit 211 instructs the display device control unit 203 to display the text data corresponding to the instruction ID in ascending order of the instruction ID at predetermined intervals. Further, when the imaging process is started, the imaging method instruction unit 211 instructs the audio output device control unit 209 to output the audio data corresponding to the instruction ID in ascending order of the instruction ID at predetermined intervals.

The display device control unit 203 reads the text data corresponding to the instruction ID in ascending order at predetermined intervals based on the instruction from the imaging method instruction unit 211, and displays it on the display device 200D.
Further, the audio output device control unit 209 reads the audio data corresponding to the instruction ID in ascending order at predetermined intervals based on the instruction from the imaging method instruction unit 211, and outputs the audio data from the audio output device 200F. The voice data is output as voice from the voice output device 200F.

In the second embodiment, by displaying the text data on the display device 200D and outputting the voice data from the voice output device 200F, the user U is instructed how to capture the identity verification document. The user U may be instructed about the method of capturing the personal identification document by either displaying the text data or outputting the voice data from the voice output device 200F.

(Functional configuration of the authentication server 3)
As shown in FIG. 5B, the authentication server 3 according to the second embodiment includes a reception unit 301 (first and second acquisition units), an operation instruction timing recognition unit 302, a still image data extraction unit 303, and a first image data extraction unit 303. It has functions of the determination unit 304, the second determination unit 305, the third determination unit 306, the fourth determination unit 307, the storage device control unit 308, the transmission unit 309, the fifth determination unit 310, and the like. The function shown in FIG. 5B is realized by the CPU 300C executing the management program stored in the ROM (not shown) of the authentication server 3. Hereinafter, the function of the authentication server 3 according to the second embodiment will be described with reference to FIG. 5B, but functions other than the still image data extraction unit 303 and the fifth determination unit 310 will be described in the first embodiment. Since the authentication server 3 is the same as the related authentication server 3, redundant description will be omitted.

The still image data extraction unit 303 extracts (cuts out) still image data from the imaged data (first and second imaged data) received by the receiving unit 301. Specifically, the still image data extraction unit 303 determines the still image data (hereinafter, also referred to as the first image data) of the personal identification document (the one in which the face photograph is shown) from the first imaged data and one or more persons. Still image data (hereinafter also referred to as fourth image data) when the confirmation document is turned over is extracted.

Further, the still image data extraction unit 303, based on the timing of the operation instruction recognized by the operation instruction timing recognition unit 302, extracts the still image data before the operation instruction (second image data) from the second imaging data received by the reception unit 301. 2 image data) and still image data (hereinafter also referred to as third image data) after the operation instruction is extracted. For example, if the timing of the operation instruction recognized by the operation instruction timing recognition unit 302 is 3 seconds later, the still image data extraction unit 303 determines from the second image data received by the reception unit 301 that the operation instruction before Still image data (second image data) 3 seconds after the start of capturing the moving image and still image data (third image 3 seconds after the start of capturing the self-portrait moving image) Data) and.

The fifth determination unit 310 determines from the one or more fourth image data extracted by the still image data extraction unit 303 whether the personal identification document has a thickness. The determination by the fifth determination unit 310 may be performed by using a known image recognition technique to determine whether or not the personal identification document is thick. For example, the identity verification document may be recognized using a known image recognition technique, and whether or not the identity verification document has a thickness may be determined from the movement of the recognized identity verification document. Normally, the identity verification documents with a face photo used for identity verification (for example, driver's license, passport (passport), Basic Resident Register card (with photo), various identification documents such as residence card) are 0 Since it has a thickness of about 1 to several mm, it is possible to determine that the imaging data has the thickness of the personal identification document by turning over the personal identification document. On the other hand, when the image data of the front and back surfaces of the personal identification document is diverted, the thickness does not appear when the personal identification document is turned over from the front surface to the back surface (or back surface to front surface). Conversely, if the thickness does not appear when turning over from the front side to the back side (or the back side to the front side) of the personal identification document, it is possible that the image data of the front and back sides of the personal identification document were diverted.

In the second embodiment, the fifth determination unit 310 determines whether the personal identification document is thick based on the one or more fourth image data extracted by the still image data extraction unit 303, and thus the personal identification document can be obtained. It is possible to confirm whether or not the user U is at hand and the user U is performing the operation of turning over the identity verification document as instructed. Therefore, it is possible to prevent the diversion of the image data on the front surface and the back surface of the personal identification document.

(Imaging process)
FIG. 6A is a flowchart showing the processing of the authentication system 1 according to the second embodiment (imaging processing). Hereinafter, the imaging process of the authentication system 1 according to the second embodiment will be described with reference to FIG. 6A. The processing after S101E of the image capturing processing of the authentication system 1 according to the second embodiment is the same as the processing after step S102 of the image capturing processing of the authentication system 1 according to the first embodiment described with reference to FIG. 4A. Therefore, redundant description of the processing after step S102 will be omitted. In FIG. 6A, reference diagrams or sentences (characters) showing the processing contents of steps S101A to S101E are shown on the left side of each step.

(Step S101A)
The user U operates the input device 200C of the user terminal 2 to start capturing a moving image of the identity verification document. The input receiving unit 202 receives an input operation on the input device 200C. The imaging device control unit 201 controls the imaging device 200E based on the input operation accepted by the input acceptance unit 202 to start the imaging process. Specifically, the imaging method instruction unit 211 instructs the display device control unit 203 to display the text data corresponding to the instruction ID “B001” when the imaging process is started. Further, when the imaging process is started, the imaging method instruction unit 211 instructs the audio output device control unit 209 to output the audio data corresponding to the instruction ID “B001”.

Based on the instruction from the imaging method instruction unit 211, the display device control unit 203 reads out the text data corresponding to the instruction ID “B001” (for example, “Start photography of the personal identification document.”), and the display device. Display on 200D. Further, based on the instruction from the imaging method instructing unit 211, the audio output device control unit 209 reads out audio data (for example, “to start taking a personal identification document.”) corresponding to the instruction ID “B001”. , From the audio output device 200F. The voice data is output as voice from the voice output device 200F.

(Step S101B)
After a lapse of a predetermined time (for example, several seconds), the imaging method instruction unit 211 instructs the display device control unit 203 to display the text data corresponding to the instruction ID “B002”. Similarly, the imaging method instruction unit 211 instructs the audio output device control unit 209 to output the audio data corresponding to the instruction ID “B002”. Based on the instruction from the imaging method instruction unit 211, the display device control unit 203 reads out and displays the text data corresponding to the instruction ID “B002” (for example, “take a picture of the surface of the personal identification document.”). It is displayed on the device 200D. In addition, based on the instruction from the imaging method instruction unit 211, the audio output device control unit 209 reads out audio data corresponding to the instruction ID “B002” (for example, “take a picture of the front of the personal identification document.”). And outputs from the audio output device 200F. The voice data is output as voice from the voice output device 200F. The user U images the front surface of the personal identification document based on the instruction.

(Step S101C)
After the elapse of a predetermined time (for example, several seconds), the imaging method instruction unit 211 instructs the display device control unit 203 to display the text data corresponding to the instruction ID “B003”. Similarly, the imaging method instruction unit 211 instructs the audio output device control unit 209 to output the audio data corresponding to the instruction ID “B003”. Based on the instruction from the imaging method instruction unit 211, the display device control unit 203 displays the text data corresponding to the instruction ID “B003” (for example, “Turn the identity verification document over when the front surface is captured.”) Is read out and displayed on the display device 200D. In addition, based on the instruction from the imaging method instruction unit 211, the audio output device control unit 209 causes the audio data corresponding to the instruction ID “B003” (for example, “Turn over the identity verification document when the front surface is captured. .)) is read out and output from the audio output device 200F. The voice data is output as voice from the voice output device 200F. Based on the instruction, the user U turns over the personal identification document from the front surface to the back surface while continuing the image capturing.

(Step S101D)
After a lapse of a predetermined time (for example, several seconds), the imaging method instruction unit 211 instructs the display device control unit 203 to display the text data corresponding to the instruction ID “B004”. Similarly, the imaging method instruction unit 211 instructs the audio output device control unit 209 to output the audio data corresponding to the instruction ID “B004”. Based on the instruction from the imaging method instruction unit 211, the display device control unit 203 captures the text data corresponding to the instruction ID “B004” (for example, “take an image of the back side (uramen) of the identity verification document.”). It is read and displayed on the display device 200D. Further, based on the instruction from the imaging method instruction unit 211, the audio output device control unit 209, the audio data corresponding to the instruction ID “B004” (for example, “Please shoot the back side (uramen) of the identity verification document”). )) is read and output from the audio output device 200F. The voice data is output as voice from the voice output device 200F. Based on the instruction, the user U captures the back surface of the identity verification document while continuing to capture the image.

(Step S101E)
After a predetermined time (for example, several seconds) has elapsed, the imaging method instruction unit 211 instructs the display device control unit 203 to display the text data corresponding to the instruction ID “B005”. Similarly, the imaging method instruction unit 211 instructs the audio output device control unit 209 to output the audio data corresponding to the instruction ID “B005”. Based on the instruction from the imaging method instruction unit 211, the display device control unit 203 reads out the text data corresponding to the instruction ID “B005” (for example, “Then, I will take a video of myself.”), and the display device. Display on 200D. Further, based on the instruction from the imaging method instruction unit 211, the audio output device control unit 209 reads out the audio data corresponding to the instruction ID “B005” (for example, “Then, I will take a video of myself.”). , From the audio output device 200F. The voice data is output as voice from the voice output device 200F.

After that, the process moves to step S102 of FIG. 4A, and the user U starts to capture a moving image of himself (self-shooting moving image) based on the instruction.

(Authentication process)
FIG. 6B is a flowchart showing the process of the authentication system 1 according to the second embodiment (imaging process). Hereinafter, the authentication processing of the authentication system 1 according to the second embodiment will be described with reference to FIG. 6B, and the same processing as the authentication processing of the authentication system 1 according to the first embodiment will be denoted by the same step numbers. Overlapping description will be omitted (step S203 in FIG. 6B is “first extraction processing”, but the processing content is the same as step S203 “extraction processing” in FIG. 4B).

(Step S301)
The still image data extraction unit 303 extracts still image data (hereinafter, also referred to as fourth image data) when turning over one or more identity verification documents.

(Step S302)
The fifth determination unit 310 determines from the one or more fourth image data extracted by the still image data extraction unit 303 whether the personal identification document has a thickness. Note that the determination method by the fifth determination unit 310 has already been described, so redundant description will be omitted.

In the description of FIG. 6B, after the determination by the fifth determination unit 310, the determinations by the first determination unit 304 to the fourth determination unit 307 are performed in order, but the first determination unit 304 to the fourth determination unit 307. The order of determination by the fifth determination unit 310 is not limited to the order shown in FIG. 6B, and the order is random. In other words, the order of determination by the first determination unit 304 to the fourth determination unit 307 and the fifth determination unit 310 shown in FIG. 6B may be changed.

(effect)
As described above, in the second embodiment, the user terminal 2 is provided with the imaging method instructing unit 211 for instructing the imaging of both sides of the identity verification document, and the authentication server 3 flips over one or more identity verification documents from the first imaging data. The still image data extraction unit 303 that extracts still image data (hereinafter, also referred to as fourth image data) at the time, and the one or more fourth image data extracted by the still image data extraction unit 303 has a thickness in the personal identification document. And a fifth determination unit 310 that determines whether or not there is.

Therefore, it is possible to confirm whether or not the identity verification document is at hand of the user U and the user U himself is performing the operation of turning over the identity verification document as instructed, and the image data of the front and back sides of the identity verification document can be confirmed. It is possible to prevent the diversion. As a result, spoofing can be effectively prevented.

[Modification 1 of the second embodiment]
In the second embodiment, the still image data extraction unit 303 uses the first captured image data, in other words, one or more fourth image data, that is, one or more fourth image data captured from a moving image of the identity verification document turned upside down. Still image data when the identity verification document is turned over (for example, image data obtained by inclining the identity verification document diagonally in the thickness direction, which enables confirmation that the identity verification document is thick) is extracted. However, when it is difficult to extract the image data in which the personal identification document is tilted in the thickness direction, the still image data extraction unit 303 may take the following measures.

The storage device 200B of the user terminal 2 stores text data and voice data of “Please shoot the personal identification document in an inclined state so that the thickness of the personal identification document can be understood.” In step S101C of FIG. 6A, the imaging method instruction unit 211 displays the text data corresponding to “Please shoot the personal identification document while tilting it so that the thickness of the personal identification document can be seen.” To the display device control unit 203, and output a voice data corresponding to "Please shoot the personal identification document with the document being tilted so that the thickness of the personal identification document can be seen." Instruct the control unit 209.

The display device control unit 203 displays the text “Please shoot the personal identification document in a tilted state so that the thickness of the personal identification document can be seen.” based on the instruction from the imaging method instruction unit 211. Display on 200D. In addition, the voice output device control unit 209, based on the instruction from the imaging method instruction unit 211, the voice of “Please shoot the personal identification document in a state in which the personal identification document is tilted so that the thickness of the personal identification document can be understood.” The data is read and output from the audio output device 200F. The voice data is output as voice from the voice output device 200F. The user U shoots the personal identification document in a tilted state in accordance with the instruction.

The still image data extraction unit 303 of the authentication server 3 refers to the first image data transmitted from the user terminal 2 and states, “Please shoot the personal identification document in a tilted state so that the thickness of the personal identification document can be understood. For a few seconds after the text data of "." is displayed or after the sound of "Please shoot the identity verification document at an angle so that you can see the thickness of the identity verification document." By extracting one or more fourth image data from the moving image for 2 seconds, the still image data extraction unit 303 can effectively extract the image data in which the identity verification document is inclined in the thickness direction.

In addition, in the second embodiment, the user U is instructed to shoot both sides of the identity verification document, in other words, the operation of flipping over the identity verification document, and by determining whether or not the identity verification document is thick, Although it is determined whether the front and back image data of the confirmation document has not been diverted, another method is used to determine whether the front and back image data of the identity verification document has not been diverted. May be. For example, if the personal identification document is illuminated with light to determine the degree of glossiness and whether the image data of the front and back sides of the personal identification document is diverted, in other words, the personal identification document is in the hand of the user U and the user U May confirm whether or not the person is performing the operation of turning over the personal identification document as instructed. Also, if special printing for anti-counterfeiting is applied, the special printing will be exposed by applying special light (for example, ultraviolet rays). In such a case, it is necessary to instruct the identity verification document to irradiate the ultraviolet LED light. It may be performed for the user U, and it may be determined whether or not the personal identification document is diverted from the image data or is not forged, depending on whether or not the special printing appears.

Further, in the second embodiment, the authentication server 3 includes the first determination unit 304, the second determination unit 305, the still image data extraction unit 303, the third determination unit 306, the fourth determination unit 307, and the fifth determination unit. The authentication server 3 has the function of 310, and the authentication process is performed by the authentication server 3, but the user terminal 2 uses the first determination unit 304, the second determination unit 305, the still image data extraction unit 303, and the third determination unit 306. The user terminal 2 may have the functions of the fourth determination unit 307 and the fifth determination unit 310, and may perform the authentication process. In the second embodiment, the user terminal 2 has the functions of the motion extraction unit 206, the instruction timing determination unit 207, the motion instruction unit 208, and the imaging method instruction unit 211, but the authentication server 3 extracts the motion. The function extraction unit 206 has the functions of the unit 206, the instruction timing determination unit 207, the operation instruction unit 208, and the imaging method instruction unit 211, and is extracted by the operation extraction unit 206 at the timing determined by the instruction by the imaging method instruction unit 211 and the instruction timing determination unit 207. The operation instruction unit 208 may transmit the performed operation from the transmission unit 309 of the authentication server 3 to the user terminal 2.

In addition, the user terminal 2 has the function of the still image data extraction unit 303, extracts the first to third still image data from the first and second captured image data, and then outputs the first to fourth still image data to the authentication server. 3 and the authentication server 3 may perform the authentication of the identity verification described with reference to FIGS. 6B and 4B based on the first to fourth still image data transmitted from the user terminal 2. .. By doing so, the amount of data transmitted from the user terminal 2 can be significantly reduced.

[Modification 2 of the second embodiment]
In addition, in the second embodiment and the first modification thereof, a still image that extracts still image data (hereinafter, also referred to as fourth image data) when the one or more identity verification documents are turned over from the first imaged data to the authentication server 3. By providing the functions of the data extraction unit 303 and the fifth determination unit 310 that determines whether or not the identity verification document has thickness from the one or more fourth image data extracted by the still image data extraction unit 303, It is determined whether or not the confirmation document is in the hand of the user U himself and the user U himself is performing the operation of turning over the person confirmation document as instructed.

However, the authentication server 3 does not have the function of the fifth determination unit 510, and, for example, the system administrator or the like of the authentication system 1 flips over the identity verification document in the first imaging data transmitted from the user terminal 2. It may be configured to view the portion of and confirm that the identity verification document is thick. In this case, the system administrator or the like of the authentication system 1 can confirm that the personal identification document is thick by checking the part of the operation of flipping the personal identification document in the first image data transmitted from the user terminal 2. Alternatively, a signal to that effect (hereinafter, also referred to as a confirmation OK signal) may be input or transmitted to the authentication server 3.

FIG. 6C is a flowchart showing a process of the authentication system according to the second modification of the second embodiment (authentication process). Hereinafter, the imaging process of the authentication system 1 according to the modified example 2 of the second embodiment will be described with reference to FIG. 6C. The steps other than step S303 are the imaging process of the authentication system 1 according to the first embodiment. Since they are the same, the same step numbers are assigned and duplicate explanations are omitted.

(Step S303)
Whether or not the reception unit 301 of the authentication server 3 has received a signal (a confirmation OK signal) from the system administrator of the authentication system 1 that the personal identification document has been confirmed to be thick in step S303. To judge. When the reception unit 301 receives the confirmation OK signal (YES), the first determination unit 304 performs the first determination process of step S204. If the receiving unit 301 has not received the confirmation OK signal (NO), the authentication server 3 performs the authentication error process of step S208.

Note that the authentication server 3 is provided with a display device and an input device, and among the first imaging data transmitted from the user terminal 2 using the display device, the part of the operation of flipping over the identity verification document is viewed and the identity verification is performed. It may be possible to confirm that the document is thick and input the confirmation OK signal using the input device. Also, using another computer communicably connected to the authentication server 3, of the first image data transmitted from the user terminal 2, the part of the operation of flipping over the personal identification document is viewed and used as the personal identification document. It is also possible to confirm that there is a thickness and send a confirmation OK signal to the authentication server 3.

Further, in the modified example 1 of the second embodiment, the personal identification document is exposed to light or special light (for example, ultraviolet light) to determine the gloss condition and the presence or absence of special printing to determine the image data of the front and back surfaces of the personal identification document. Is diverted, in other words, it is determined whether the identity verification document is in the hand of the user U, and the user U is performing the operation of turning over the identity verification document as instructed. The system administrator, etc., of the first imaging data transmitted from the user terminal 2 checks the portion of the operation of applying light or special light (for example, ultraviolet light) to check the glossiness and the presence or absence of special printing. Alternatively, a signal to that effect (a confirmation OK signal) may be input or transmitted to the authentication server 3.

[Third Embodiment]
In the third embodiment, an authentication system in which the reliability of identity verification is further enhanced will be described. Hereinafter, an authentication system according to a third embodiment will be described with reference to the drawings, but a configuration different from the authentication system according to the second embodiment and its modification examples 1 and 2 will be described, and the second embodiment and its modification will be described. Overlapping description of the same configurations as Examples 1 and 2 will be omitted.

(Functional configuration of the user terminal 2)
FIG. 7 is a functional block diagram of the user terminal 2 according to the third embodiment. The user terminal 2 according to the third embodiment includes an imaging device control unit 201, an input reception unit 202, a display device control unit 203, a transmission unit 204, a reception unit 205, an operation extraction unit 206, an instruction timing determination unit 207, and an operation instruction unit. The audio output device control unit 209, the storage device control unit 210, the imaging method instruction unit 211, the imaging position lottery unit 212, and the like have functions.

The functions shown in FIG. 7 are realized by the CPU 200G executing the management program stored in the ROM (not shown) of the user terminal 2. Hereinafter, functions of the user terminal 2 according to the third embodiment will be described with reference to FIG. 7, but functions other than the display device control unit 203, the transmission unit 204, and the imaging position lottery unit 212 will be described in the second embodiment. Also, since it is the same as the user terminal 2 according to Modifications 1 and 2, duplicated description will be omitted.

First, the data stored in the storage device 200B of the user terminal 2 according to the third embodiment will be described. In the storage device 200B of the user terminal 2 according to the third embodiment, in addition to the data stored in the storage device 200B of the user terminal 2 according to the second embodiment and its modifications 1 and 2, the imaging position lottery unit. The image data used in 212 is stored in association with the position ID.

FIG. 8 is a diagram showing an example of a screen 100 displayed on the display device 200D of the user terminal 2 according to the third embodiment. As shown in FIG. 8, data (hereinafter, also referred to as screen data) of four screens 100 for personal identification document imaging at different imaging positions are stored in association with position IDs. FIG. 8A is a screen 100 associated with the position ID “C001”, and the position of the image pickup frame F1 for picking up the personal identification document is located in the lower right direction toward the paper surface. FIG. 8B is a screen 100 associated with the position ID “C002”, and the position of the image pickup frame F1 for picking up an identity verification document is located at the lower left of the sheet. FIG. 8C is a screen 100 associated with the position ID “C003”, and the position of the image pickup frame F1 for picking up the personal identification document is located on the upper right side of the drawing. FIG. 8D shows the screen 100 associated with the position ID “C004”, and the position of the image pickup frame F1 for picking up the personal identification document is located on the upper left side of the drawing. Areas of the screen 100 other than the imaging frame F1 are masked (painted).

Note that, as shown in FIG. 8, text data corresponding to the instruction ID is displayed on the screen 100 for capturing the personal identification document based on the instruction from the imaging method instruction unit 211. Further, the position of the image pickup frame F1 for picking up the personal identification document on the screen 100 shown in FIG. 8 is merely an example, and the position is not limited to the position shown in FIG. It is only necessary to be able to prepare a plurality of screens in which the positions of the image pickup frames F1 for picking up the personal identification document are different from each other.

The imaging position lottery section 212 randomly selects which of the screens shown in FIG. 8 the user U should image the personal identification document with. In other words, the imaging position lottery section 212 randomly selects position IDs.

The display device control unit 203 causes the display device 200D to display the screen 100 corresponding to the position ID randomly selected by the imaging position lottery unit 212 during the imaging of the personal identification document. The user U images the personal identification document while adjusting the position of the imaging device 200E of the user terminal 2 so that the personal identification document is shown in the imaging frame F1. The other functions of the display device control unit 203 are the same as those of the display device control unit 203 according to the second embodiment and the modifications 1 and 2 thereof.

It should be noted that the transmission unit 204 transmits only the imaged data within the area of the image pickup frame F1 to the authentication server 3 as the first imaged data in the video imaged by the image pickup apparatus 200E in the image pickup of the personal identification document. Alternatively, the image pickup data in which the area other than the image pickup frame F1 is masked may be transmitted to the authentication server 3 as the first image pickup data.

The still image data extraction unit 303 of the authentication server 3 extracts still image data (hereinafter, also referred to as first image data) of the identity verification document from the first imaged data transmitted from the user terminal 2, but the user U takes an image. When the identity verification document is not imaged while adjusting the position of the imaging device 200E of the user terminal 2 so that the identity verification document is shown in the frame F1, the identity determination is performed by the first determination unit 304 and the second determination unit 305. The face image of the document cannot be recognized, resulting in an authentication error.

(Imaging process)
FIG. 9 is a flowchart showing the processing of the authentication system according to the third embodiment (imaging processing). The imaging process of the authentication system 1 according to the third embodiment will be described below with reference to FIG. 9. The processing after S100B of the image capturing processing of the authentication system 1 according to the third embodiment is the same as the processing after step S101A of the image capturing processing of the authentication system 1 according to the second embodiment described with reference to FIG. 6A. Therefore, duplicated description of the processes after step S101A will be omitted.

(Step S100A)
The imaging position lottery section 212 randomly selects which of the screens shown in FIG. 8 the user U should image the personal identification document with. In other words, the imaging position lottery section 212 randomly selects position IDs.

(Step S100B)
The display device control unit 203 causes the display device 200D to display the screen 100 corresponding to the position ID randomly selected by the imaging position lottery unit 212 during the imaging of the personal identification document.

After that, the process proceeds to step S101A in FIG. 6A, and the user U starts capturing a moving image of the identity verification document based on the instruction.

(effect)
As described above, the authentication system 1 according to the third embodiment includes the imaging position lottery section 212 that randomly selects which screen of the screens shown in FIG. 8 allows the user U to image the identity verification document. In the image pickup of the personal identification document, the screen 100 corresponding to the position ID randomly selected by the imaging position lottery section 212 is displayed on the display device 200D. Then, in the image pickup of the personal identification document, the transmission unit 204 outputs only the image pickup data in the area of the image pickup frame F1 or the image pickup data in which the area other than the image pickup frame F1 is masked in the image picked up by the image pickup apparatus 200E. It is transmitted to the authentication server 3 as the first imaging data.

When the user U is not capturing the personal identification document while adjusting the position of the imaging device 200E of the user terminal 2 so that the personal identification document is captured in the imaging frame F1, the first determination unit 304 and the second determination The face image of the personal identification document cannot be recognized by the unit 305, resulting in an authentication error. Therefore, it is possible to confirm whether or not the identity verification document is in the hand of the user U and the user U himself is performing the operation of imaging the identity verification document as instructed, and images of the front and back of the identity verification document Data diversion can be prevented. As a result, spoofing can be prevented more effectively.

[Modification of Third Embodiment]
In the third embodiment, the transmission unit 204 of the user terminal 2 only captures image data within the region of the image capturing frame F1 or the image capturing frame F1 in the image captured by the image capturing apparatus 200E when capturing the personal identification document. The imaged data in which the area other than is masked is transmitted to the authentication server 3 as the first imaged data. However, in the image pickup of the personal identification document, the imaged image taken by the image pickup device 200E is randomly selected by the image pickup position lottery section 212. You may make it transmit with a position ID. Then, the still image data extraction unit 303 of the authentication server 3 may change the position where the still image data is extracted (cut out) from the first imaged data according to the position ID transmitted from the user terminal 2. ..

Specifically, when the position ID “C001” is received, the still image data extraction unit 303 determines the still image data from the lower right area (for example, about half to about ¼ of the entire area) of the first captured image data. When the position ID “C002” is received, the still image data is extracted (cut out) from the lower left area of the first imaging data (for example, an area of about half to about ¼ of the whole), When the position ID “C003” is received, the still image data is extracted (cut out) from the upper right area (for example, the area of about half to about ¼ of the whole) of the first imaging data, and the position IDC “004” is received. In this case, still image data may be extracted (cut out) from the upper left area of the first imaged data (for example, a half to about ¼ area of the whole).

Even in this case, if the user U is not capturing the personal identification document while adjusting the position of the imaging device 200E of the user terminal 2 so that the personal identification document is captured in the imaging frame F1, the first determination unit 304. Also, the second determination unit 305 cannot recognize the face image of the identity verification document, resulting in an authentication error. Therefore, it is possible to confirm whether or not the identity verification document is in the hand of the user U and the user U himself is performing the operation of imaging the identity verification document as instructed, and images of the front and back of the identity verification document Data diversion can be prevented. As a result, spoofing can be prevented more effectively.

Further, in the third embodiment, the user terminal 2 has the function of the imaging position lottery section 212, but the authentication server 3 has the function of the imaging position lottery section 212 and the imaging position lottery section 212 randomly selects. The displayed position ID may be transmitted to the user terminal 2, and the display device control unit 203 of the user terminal 2 may cause the display device 200D to display the screen 100 corresponding to the position ID received by the reception unit 205.

As described above, according to the present invention, it is possible to provide an authentication system, an authentication method, and an authentication program that can perform highly reliable identity verification.

1 Authentication System 2 User Terminal 200A Communication IF
200B Storage device 200C Input device 200D Display device 200E Imaging device (camera)
200F audio output device (speaker)
200G CPU
200H bus (BUS)
201 image pickup device control unit 202 input reception unit 203 display device control unit 204 transmission unit 205 reception unit 206 operation extraction unit 207 instruction timing determination unit 208 operation instruction unit 209 audio output device control unit 210 storage device control unit 211 imaging method instruction unit 212 Imaging position lottery section 3 Authentication server 300A Communication IF
300B storage device 300C CPU
300D Bus (BUS)
301 Reception unit (first and second acquisition unit)
302 operation instruction timing recognition unit 303 still image data extraction unit 304 first determination unit 305 second determination unit 306 third determination unit 307 fourth determination unit 308 storage device control unit 309 transmission unit 310 fifth determination unit 4 network

Claims (8)

An authentication system for identity verification,
An imaging data acquisition unit that acquires the imaging data of the identity verification document,
A determination unit that analyzes the imaged data acquired by the imaged data acquisition unit and determines whether the identity verification document has a thickness,
An authentication system comprising: An imaging method instructing unit for instructing the user how to image the identity verification document,
The imaging method instruction unit,
The authentication system according to claim 1, wherein an instruction is given to image the front and back surfaces of the personal identification document. The imaging method instruction unit,
The authentication system according to claim 2, wherein when the front surface and the back surface of the personal identification document are imaged, an instruction is made to turn over the personal identification document. The imaging method instruction unit,
The authentication system according to claim 2 or 3, wherein an instruction is given to image the personal identification document in an inclined state so that the thickness of the personal identification document can be seen. The imaging method instruction unit,
The authentication system according to any one of claims 2 to 4, wherein an instruction is given to capture an image of the personal identification document by a moving image. An image pickup position lottery unit that refers to a storage unit in which a plurality of screen data for identity verification document image capture at different image capture positions is stored, and selects which of the screen data at different image capture positions is used to image the personal identification document. Prepare,
The imaging method instruction unit,
The authentication system according to any one of claims 2 to 5, wherein an instruction is given to take an image of the personal identification document at a position selected by the imaging position drawing section. An authentication method for personal identification,
A step in which the imaging data acquisition unit acquires imaging data of the personal identification document,
A step of determining whether or not the determination section analyzes the imaged data acquired by the imaged data acquisition section to determine whether the personal identification document has a thickness;
An authentication method comprising: An authentication program to verify your identity,
Computer,
An imaging data acquisition unit that acquires the imaging data of the identity verification document,
A determination unit that analyzes the imaged data acquired by the imaged data acquisition unit and determines whether the identity verification document has a thickness,
An authentication program characterized by functioning as.

Images