WO2023229052A1

WO2023229052A1 - Authentication system, control device, and computer program

Info

Publication number: WO2023229052A1
Application number: PCT/JP2023/020731
Authority: WO
Inventors: 誠司渡邉
Original assignee: ノラシステムス合同会社
Priority date: 2022-05-26
Filing date: 2023-05-26
Publication date: 2023-11-30
Also published as: JP2023173879A

Abstract

According to the present invention, first information includes position and orientation change values that are set to at least one piece of data among a plurality of pieces of data that are extracted from pre-acquired biological data pertaining to a portion of the body of a subject to be authenticated. The position and orientation change values that are values obtained by changing, from a first state to a second state, at least one among the position and orientation of the at least one piece of data. Second information includes a coordinate value of each of the plurality of pieces of data. The coordinate value of the at least one piece of data of which the position and orientation change values are set is related to the second state. A control device performs an authentication process on the basis of biological data for biometric authentication and reference data of the plurality of pieces of data created on the basis of the first information and second information.

Description

Authentication systems, control devices and computer programs

This disclosure relates to an authentication system. The present disclosure also relates to a control device used in an authentication system and a computer program executed by the control device. Further, the present disclosure relates to a control device that generates authentication information used for authentication by an authentication system, and a computer program executed by the control device.

Patent Document 1 discloses a face authentication device and a face authentication method. The face recognition device identifies the person by extracting each feature point from the face area of the person to be recognized, and calculating and comparing the degree of similarity with the dictionary image of each registrant's face registered in advance. do. In the face authentication device disclosed in Patent Document 1, face data of each person is stored in a recording medium as a dictionary image.

Japanese Patent Application Publication No. 9-251534

However, in recent years, incidents have occurred in which various types of information have been leaked through various methods, and from the perspective of protecting personal information, there have been various issues in safely storing this data for a long period of time.

This disclosure prevents individuals from being identified even if data stored for use in authentication is leaked.

The authentication system according to the first aspect of the present disclosure includes:
an authentication data acquisition device that acquires biometric data for biometric authentication regarding a part of the body of a person to be authenticated;
acquiring first information related to the biometric authentication of the authenticated person from an information storage medium owned by the authenticated person, acquiring second information related to the biometric authentication of the authenticated person from a storage device, and acquiring the authentication data. Authentication that biometrically authenticates the person to be authenticated based on the biometric data for biometric authentication acquired from the device, the first information acquired from the information storage medium, and the second information acquired from the storage device. It is equipped with a control device that performs processing,
The first information includes a position/orientation change value set for at least one of a plurality of data extracted from biometric data regarding a part of the body of the person to be authenticated that has been obtained in advance;
The position and orientation change value is a value obtained by changing at least one of the position and orientation of the at least one data from a first state to a second state different from the first state,
The second information includes coordinate values of each of the plurality of data,
The coordinate value of the at least one data set with the position/orientation change value is a coordinate value related to the second state,
The position and orientation change value is set to a value that makes it impossible to determine the correlation between the plurality of data in the biological data when the plurality of data are arranged based on the coordinate values included in the second information. Ori,
The control device includes:
creating reference data by arranging the plurality of data in the first state based on the first information and the second information;
Authentication processing is performed based on the reference data and the biometric data for biometric authentication acquired by the authentication data acquisition device.

A control device according to a second aspect of the present disclosure includes:
Accepting biometric data for biometric authentication regarding a part of the body of the person to be authenticated, receiving first information regarding biometric authentication of the person to be authenticated from an information storage medium owned by the person to be authenticated, and receiving first information regarding the biometric authentication of the person to be authenticated from a storage device. an input unit that receives second information regarding biometric authentication of a person;
a processor configured to perform an authentication process for biometrically authenticating the person to be authenticated based on the biometric data for biometric authentication, the first information, and the second information;
The first information includes a position/orientation change value set for at least one of a plurality of data extracted from biometric data regarding a part of the body of the person to be authenticated that has been obtained in advance;
The position and orientation change value is a value obtained by changing at least one of the position and orientation of the at least one data from a first state to a second state different from the first state,
The second information includes coordinate values of each of the plurality of data,
The coordinate value of the at least one data set with the position/orientation change value is a coordinate value related to the second state,
The position and orientation change value is set to a value that makes it impossible to determine the correlation between the plurality of data in the biological data when the plurality of data are arranged based on the coordinate values included in the second information. Ori,
The processor includes:
creating reference data by arranging the plurality of data in the first state based on the first information and the second information;
Authentication processing is performed based on the reference data and the biometric data for biometric authentication.

A computer program executed by a control device according to a third aspect of the present disclosure includes:
The execution causes the control device to:
accept biometric data for biometric authentication regarding a part of the body of the person to be authenticated;
receiving first information regarding the biometric authentication of the person to be authenticated from an information storage medium owned by the person to be authenticated;
receiving second information regarding biometric authentication of the person to be authenticated from a storage device;
The first information includes a position/orientation change value set for at least one of a plurality of data extracted from biometric data regarding a part of the body of the person to be authenticated that has been obtained in advance;
The position and orientation change value is a value obtained by changing at least one of the position and orientation of the at least one data from a first state to a second state different from the first state,
The second information includes coordinate values of each of the plurality of data,
The coordinate value of the at least one data set with the position/orientation change value is a coordinate value related to the second state,
The position and orientation change value is set to a value that makes it impossible to determine the correlation between the plurality of data in the biological data when the plurality of data are arranged based on the coordinate values included in the second information. Ori,
creating reference data by arranging the plurality of data in the first state based on the first information and the second information;
Authentication processing is performed based on the reference data and the biometric data for biometric authentication.

According to the first to third aspects described above, the information storage medium stores, as the first information, a position/orientation change value of at least one of the plurality of data, but the coordinate values of the data are stored. It has not been. Further, although the coordinate values of the data are stored as second information in the storage device, the position and orientation change values are not stored. As a result, the first state of the plurality of data is unknown and the plurality of data cannot be restored to the original biometric data using only the authentication information stored in either the information storage medium or the storage device. Therefore, even if either the first information stored in the information storage medium or the second information stored in the storage device is leaked, it is possible to prevent an individual from being identified.

The position and orientation change value includes a shift value,
The shift value is a value obtained by shifting the position of the at least one data from a first coordinate value to a second coordinate value different from the first coordinate value,
The coordinate values related to the second state include the second coordinate values of the at least one data set with the shift value,
The control device includes:
Reference data may be created by arranging the plurality of pieces of data at the first coordinate values based on the first information and the second information.

According to the above configuration, the information storage medium stores the shift value as the first information, but does not store the coordinate value. Further, the storage device stores coordinate values as second information, but does not store shift values. Therefore, even if the first information or the second information becomes known to another person, it is possible to prevent the plurality of data from being restored by another person.

The position and orientation change value includes a rotation inversion value,
The rotation inversion value changes the orientation of the at least one data from a first orientation to a second orientation different from the first orientation by performing at least one of rotation processing and reversal processing about the origin of the at least one data. This is the value when changing to two postures,
The coordinate values related to the second state include the coordinate values of the origin after changing to the second posture,
The control device includes:
Based on the first information and the second information, at least one of a rotation process and a reversal process is performed on the at least one data, the plurality of data are arranged in the first orientation, and the reference data is may be created.

According to the above configuration, the rotation inversion value is stored as the first information in the information storage medium, but the coordinate value of the origin, which is the base axis of the rotation process and the inversion process, is not saved. Further, as second information, the storage device stores the coordinate values of the origin, which are the base axes of rotation processing and reversal processing, but does not store rotation reversal values. Therefore, even if the first information or the second information becomes known to another person, it is possible to prevent the plurality of data from being restored by another person.

The position and orientation change value includes a shift value and a rotation inversion value,
The shift value is a value obtained by shifting the position of the at least one data from a first coordinate value to a second coordinate value different from the first coordinate value,
The rotation inversion value changes the orientation of the at least one data from a first orientation to a second orientation different from the first orientation by performing at least one of rotation processing and reversal processing about the origin of the at least one data. This is the value when changing to two postures,
The coordinate values related to the second state include the coordinate values of the origin of the at least one data after shifting to the second coordinate values and changing to the second posture,
The control device includes:
Reference data may be created by arranging the plurality of data at the first coordinate values and the first orientation based on the first information and the second information.

According to the above configuration, the information storage medium stores the shift value and the rotation reversal value as the first information, but also the coordinate value of the data and the coordinate of the origin, which is the base axis of the rotation process and the reversal process. Value is not saved. Further, the storage device stores, as second information, the coordinate values of the data and the coordinate values of the origin, which are the basis of rotation processing and reversal processing, but does not store shift values and rotation reversal values. Therefore, even if the first information or the second information becomes known to another person, it is possible to prevent the plurality of data from being restored by another person.

The plurality of data may be data that is extracted from the biometric data regarding a part of the body of the person to be authenticated, which has been obtained in advance, and is divided into a size that does not allow identification of the characteristics of the person to be authenticated. This makes it possible to prevent individuals from being identified even if multiple pieces of data are known to others.

Furthermore, the plurality of data may be data extracted so as not to constitute a continuous area of the person to be authenticated when placed in the first state. As a result, the distance between pieces of data is unknown, making it impossible to restore multiple pieces of data and making it impossible to identify individuals.

The authentication system may further include a first information acquisition device that acquires first information regarding biometric authentication of the person to be authenticated from the information storage medium.

The authentication system includes the storage device,
The storage device may also store second information regarding biometric authentication of a person to be authenticated who is different from the person to be authenticated. As a result, even if the second information in the storage device becomes known to another person, the second information of the person to be authenticated cannot be identified from the second information of multiple people, and the data of the person to be authenticated cannot be restored by another person. can be prevented from happening.

The first information includes a part of a plurality of segments constituting the plurality of data,
The second information may include the remainder of the plurality of segments. This makes it possible to prevent individuals from being identified even if the first information or second information is leaked.

A control device according to a fourth aspect of the present disclosure includes:
an input unit that accepts biometric data regarding a part of the subject's body;
a processor that generates information used for biometric authentication of the subject based on the biometric data and outputs the information to a storage device;
the processor sets a position/orientation change value for at least one of the plurality of data extracted from the biological data;
The position and orientation change value is a value obtained by changing at least one of the position and orientation of the at least one data from a first state to a second state different from the first state,
The position/orientation change value is configured to adjust the position/orientation change value between the plurality of data based on the coordinate value of each of the plurality of data including the coordinate value related to the second state of the at least one data to which the position/orientation change value is set. is set to a value that makes it impossible to determine the correlation between the plurality of data in the biometric data when
The processor generates the information including coordinate values of each of the plurality of data, and outputs the information as second information to the storage device.

A computer program executed by a control device according to a fifth aspect of the present disclosure includes:
The execution causes the control device to:
Accept biometric data regarding a part of the target person's body,
generating information used for biometric authentication of the subject based on the biometric data and outputting the information to a storage device;
setting a position/orientation change value for at least one of the plurality of data extracted from the biological data;
The position and orientation change value is a value obtained by changing at least one of the position and orientation of the at least one data from a first state to a second state different from the first state,
The position/orientation change value is configured to adjust the position/orientation change value between the plurality of data based on the coordinate value of each of the plurality of data including the coordinate value related to the second state of the at least one data to which the position/orientation change value is set. is set to a value that makes it impossible to determine the correlation between the plurality of data in the biometric data when
The information including the coordinate values of each of the plurality of data is generated, and the information is output to the storage device as second information.

According to the fourth and fifth aspects described above, the storage device stores coordinate values related to the second state of at least one piece of data in which a position/orientation change value is set as authentication information used for biometric authentication. has been done. As a result, multiple pieces of data cannot be restored to the original biometric data using only the authentication information stored in the storage device. Therefore, even if the authentication information stored in the storage device is leaked, it is possible to prevent the individual from being identified.

Further, the processor generates first information including the position/orientation change value set for at least one data of the plurality of data, and stores the first information in an information storage medium owned by the subject. You can also output it.

According to such a configuration, the information storage medium stores at least one position/orientation change value of a plurality of data as the first information, but values indicating the position and orientation state of the data are not stored. Not yet. As a result, multiple pieces of data cannot be restored to the original biometric data using only the authentication information stored in the information storage medium. Therefore, even if the first information stored in the information storage medium is leaked, it is possible to prevent individuals from being identified.

The position and orientation change value includes a shift value,
The shift value is a value obtained by shifting the position of the at least one data from a first coordinate value to a second coordinate value different from the first coordinate value,
The coordinate value of each of the plurality of data may include the second coordinate value of the at least one data set with the shift value.

The position and orientation change value includes a rotation inversion value,
The rotation inversion value changes the orientation of the at least one data from a first orientation to a second orientation different from the first orientation by performing at least one of rotation processing and reversal processing about the origin of the at least one data. This is the value when changing to two postures,
The coordinate value of each of the plurality of data may include the coordinate value of the origin of the at least one data after changing to the second attitude.

The position and orientation change value includes a shift value and a rotation inversion value,
The shift value is a value obtained by shifting the position of the at least one data from a first coordinate value to a second coordinate value different from the first coordinate value,
The rotation inversion value changes the orientation of the at least one data from a first orientation to a second orientation different from the first orientation by performing at least one of rotation processing and reversal processing about the origin of the at least one data. This is the value when changing to two postures,
The coordinate value of each of the plurality of data may include a coordinate value of the origin of the at least one data after shifting to the second coordinate value and changing to the second attitude.

Furthermore, the processor may include a part of the plurality of segments constituting the plurality of data in the first information, and include the remainder of the plurality of segments in the second information. This makes it possible to prevent individuals from being identified even if the first information or second information is leaked.

Additionally, the processor may divide the biometric data into sizes that do not allow identification of characteristics of the subject and extract the plurality of pieces of data. This makes it possible to prevent individuals from being identified even if multiple pieces of data are known to others.

Furthermore, the processor may extract the plurality of data so that when arranged in the first state, they do not constitute a continuous area of the person to be authenticated. As a result, the distance between pieces of data is unknown, making it impossible to restore multiple pieces of data and making it impossible to identify individuals.

According to the present disclosure, even if data stored for use in authentication is leaked, individuals can be prevented from being identified.

The functional configuration of the authentication system according to the present embodiment is illustrated. The configuration of the imaging system is illustrated. The flow of the generation process of first information and second information executed by the processor of the control device is illustrated. An example of an area from which a plurality of pieces of data used for authentication are extracted from a target person's face is illustrated. Data corresponding to an area extracted from imaging data of a subject's face is illustrated. Each data in the XYZ coordinate system is illustrated. A database stored in a storage device is illustrated. Data extracted from two-dimensional image data in the XY coordinate system is illustrated. 8 illustrates a state in which the extracted data of FIG. 8 has been subjected to shift and conversion processing. A diagram for explaining an image data extraction method of three-dimensional image data is illustrated. The flow of the authentication process executed in the processor of the control device is illustrated. An example is shown in which the data in FIG. 6 is shifted so as to be placed at a second coordinate value in the XYZ coordinate system. An example is shown in which the data in FIG. 6 is restored by being arranged at the first coordinate value in the XYZ coordinate system.

Embodiments of the present disclosure will be described in detail below with reference to the accompanying drawings. FIG. 1 illustrates the functional configuration of an authentication system 10 according to this embodiment. The authentication system 10 can be used to authenticate a person 50 (FIG. 2) to be authenticated as a user of a system that performs a predetermined process or operation, and to permit use of the person 50 to be authenticated. An example of a system that performs predetermined processing or operation is a payment system. The authentication performed by the authentication system 10 is biometric authentication using a part of the body of the person 50 to be authenticated. Examples of biometric authentication include face authentication, iris authentication, fingerprint authentication, or vein authentication. In the following description, a case will be described in which the authentication system 10 performs face authentication.

As illustrated in FIG. 1, the authentication system 10 includes an imaging device 11, a reading device 12, and a control device 13. In this example, the imaging device 11 and the reading device 12 are installed in the imaging system 14 and are integrally configured. Note that the imaging device 11 and the reading device 12 may not be configured integrally but may be configured as separate bodies.

As illustrated in FIG. 1, the imaging system 14 can be connected to the communication network 20 wirelessly or by wire, and is connected to the control device 13 via the communication network 20. Note that the imaging system 14 is appropriately placed at a location where the person to be authenticated 50 performs authentication, and a plurality of imaging systems 14 (not shown) are connected to the control device 13.

The imaging device 11 is configured to acquire image data for face authentication of the person to be authenticated 50 by capturing an image of the face of the person to be authenticated. Image data for face authentication is an example of biometric data for biometric authentication. The imaging device 11 is an example of an authentication data acquisition device. The imaging device 11 is configured to acquire two-dimensional image data, three-dimensional image data, or three-dimensional shape data as imaging data. For example, as shown in FIG. 2, the imaging device 11 includes a plurality of light source units 111, a plurality of cameras 112, and a projection device 113.

The light source section 111 is configured to emit light toward the person to be authenticated 50. For example, the light source unit 111 includes one or more light sources that emit light at a predetermined wavelength from visible light to invisible light. The plurality of cameras 112 are infrared cameras or cameras capable of recognizing light of wavelengths other than infrared, and are configured with imaging elements such as CCDs (Charge-Coupled Devices) and CMOSs (Complementary MOS). The projection device 113 is configured to irradiate infrared rays or visible light toward the person 50 to be authenticated in order to obtain three-dimensional shape data of the person 50 to be authenticated. For example, the projection device 113 projects a pattern of infrared or visible light made up of a plurality of dots onto the person to be authenticated 50 .

Two-dimensional image data or three-dimensional image data is acquired by, for example, the light source section 111 and the camera 112. Specifically, two-dimensional image data of the person to be authenticated 50 is acquired by capturing an image of the person to be authenticated 50 irradiated with light by the light source unit 111 using the camera 112 . The three-dimensional image data is generated, for example, by a photogrammetry technique based on a plurality of two-dimensional image data captured by the cameras 112 at different positions. Specifically, the three-dimensional image data is generated by normalizing a plurality of two-dimensional images of the person to be authenticated 50 captured by the cameras 112 at different positions into three-dimensional images. Alternatively, the three-dimensional image data may be generated by projecting and displaying two-dimensional image data, which will be described later, on the three-dimensional shape data.

The three-dimensional shape data is acquired by, for example, the camera 112 and the projection device 113. Specifically, three-dimensional shape data of the person to be authenticated 50 is acquired by capturing an image of the person to be authenticated 50 irradiated with infrared rays or visible light by the projection device 113 using the camera 112 . For example, a collection of points having a plurality of coordinate values is obtained by imaging a pattern of infrared rays or visible light made up of a plurality of dots projected onto the face of the person to be authenticated 50 by the projection device 113 using the camera 112. Three-dimensional shape data is generated. Note that the three-dimensional shape data may be acquired by a sensor other than the camera 112 and the projection device 113.

As illustrated in FIG. 1, the reading device 12 is configured to acquire first information I1 regarding face authentication of the person to be authenticated 50 from the information storage medium 30 held by the person to be authenticated 50. The reading device 12 is an example of a first information acquisition device. The first information I1 is used when performing face authentication of the person to be authenticated 50, which will be described later. Examples of the information storage medium 30 include a smartphone and an NFC (Near Field Communication) tag, which is a type of RFID (Radio Frequency IDentification) tag. Note that when a smartphone is used as the information storage medium 30, a medium other than the smartphone used as the information storage medium 30 is used as the storage device 40, which will be described later.

Specifically, the reading device 12 is configured to read the first information I1 from the information storage medium 30 in a contact or non-contact manner. In this example, as shown in FIG. 2, the reading device 12 includes a two-dimensional code reader 121 that reads a two-dimensional code. An example of a two-dimensional code is a QR code (Quick Response Code) (registered trademark). For example, the first information I1 is stored as a two-dimensional code in a smartphone owned by the person to be authenticated 50, and the two-dimensional code reader 121 reads the first information I1. Further, the reading device 12 includes an NFC reader 122. For example, the first information I1 is stored in an NFC tag owned by the person to be authenticated 50, and the first information I1 is read by the NFC reader 122. Note that the NFC tag is possessed by the person to be authenticated 50 in various shapes and devices, such as a card, a sticker, and an NFC-compatible smartphone. Alternatively, the NFC tag may be implanted in the authenticated person 50 as an NFC microchip.

In this example, the imaging system 14 further includes a display section 114 and a sensor 115. The display unit 114 is configured to display imaging data of the person to be authenticated 50 acquired by the imaging device 11. The display unit 114 includes, for example, a liquid crystal display, an organic EL display, or the like. The display unit 114 may include a capacitive touch sensor or a resistive touch sensor attached to the entire or a part of the front surface of the display. A guide (frame) G for arranging the face of the person to be authenticated 50 may be displayed on the display unit 114.

The sensor 115 is, for example, a proximity sensor or an ambient light sensor. The proximity sensor detects that the face of the person to be authenticated 50 is located within a predetermined range with respect to the imaging system 14 . For example, the imaging device 11 is configured to image the person to be authenticated 50 when the proximity sensor detects that the face of the person to be authenticated 50 is located within a predetermined range with respect to the imaging system 14. . The ambient light sensor detects the brightness around the imaging system 14. For example, the light source unit 111 may be configured so that the brightness of the light source automatically becomes an optimal value based on the surrounding brightness detected by the environmental light sensor.

Note that the imaging system 14 is not limited to the configuration illustrated in FIG. 2. For example, a smartphone or a personal digital assistant may be used as the imaging system 14. Note that when a smartphone is used as the imaging system 14, the smartphone may also be used as the information storage medium 30. That is, the imaging system 14 and the information storage medium 30 may be integrated and realized as a function of a smartphone.

Returning to FIG. 1, the control device 13 is connected to the storage device 40. The control device 13 and the storage device 40 may be installed in the same server device (not shown) or may be connected via the communication network 20. The storage device 40 stores second information I2 regarding face authentication of the person to be authenticated 50. The second information I2 is used when performing face authentication of the person to be authenticated 50, which will be described later.

The control device 13 includes an input section 131, a processor 132, and an output section 133. The input unit 131 is configured as an interface capable of acquiring the imaging data of the face of the person to be authenticated 50 acquired by the imaging device 11 and the first information I1 regarding the face authentication of the person to be authenticated 50 acquired by the reading device 12. There is. Further, the input unit 131 is configured as an interface capable of acquiring second information I2 related to face authentication of the person to be authenticated 50 from the storage device 40.

The processor 132 performs an authentication process of facially authenticating the person to be authenticated 50 based on the imaging data, the first information I1, and the second information I2. In the authentication process, the processor 132 first constructs reference data for face authentication of the person to be authenticated 50 based on the first information I1 and the second information I2.

Specifically, the first information I1 and the second information I2 respectively correspond to different areas of the face of the person to be authenticated 50 extracted from image data obtained in advance by capturing an image of the face of the person to be authenticated. Generated based on multiple data. The first information I1 includes a position/orientation change value set for at least one of a plurality of extracted data when the imaging data is applied to a predetermined coordinate system (for example, an XYZ coordinate system). There is. The position/orientation change value is a value obtained by changing at least one of the position and orientation of at least one piece of data from a first state to a second state. The second information I2 includes coordinate values of each of the plurality of data. The coordinate value of at least one piece of data set with a position/orientation change value is a coordinate value related to the second state. The coordinate values of data for which no position/orientation change value is set are coordinate values related to the first state. When position and orientation change values are set for all data, the second information I2 includes coordinate values related to the second state of each of the plurality of data. The position/orientation change value is set to a value that makes it impossible to determine the correlation between the plurality of pieces of biometric data when the plurality of pieces of data are arranged based on the coordinate values included in the second information I2.

The position/orientation change value includes, for example, a shift value. The shift value is a value obtained by shifting the position of at least one piece of data from its coordinate value (hereinafter referred to as the first coordinate value) to a coordinate value different from the coordinate value (hereinafter referred to as the second coordinate value). be. In this case, the coordinate values related to the second state of the second information I2 include the second coordinate values of at least one data set with a shift value. Further, the coordinate values related to the first state of the second information I2 include the first coordinate values of data for which no shift value is set.

The first coordinate value is the value of the person to be authenticated 50 (target person 51) when the data of the plurality of second information I2 is arranged in a predetermined coordinate system (for example, XYZ coordinate system) based on the first coordinate value. This is a value that can correctly reproduce the correlation between a plurality of pieces of data as facial imaging data. On the other hand, the second coordinate value (or shift value) is determined when the data of the second information I2 is arranged in a predetermined coordinate system (for example, XYZ coordinate system) based on the second coordinate value. 50 (target person 51)'s face is set to a value that makes it impossible to correctly reproduce the correlation between a plurality of pieces of data as imaged data.

The shift value is set to a value that makes it impossible to determine the correlation between the plural pieces of data in the imaging data when the plural pieces of data of the second information I2 are arranged based on the coordinate values of the second information I2.

Alternatively, the position/orientation change value includes, for example, a rotation inversion value. The rotation reversal value is a value obtained by changing the orientation of at least one data from a first orientation to a second orientation by executing at least one of rotation processing and reversal processing with the origin of at least one data as a base axis. In this case, the coordinate values related to the second state of the second information I2 include the coordinate values of the origin after changing to the second attitude. In addition, when three-dimensional shape data is acquired as imaging data, when the imaging data is divided into areas of various shapes formed by a plurality of formation points and extracted as described later, the coordinates related to the second state The value further includes the coordinate value of the forming point that forms the data after changing to the second attitude. Further, the coordinate values related to the first state of the second information I2 include coordinate values of data that has not changed to the second attitude. In addition, when three-dimensional shape data is acquired as imaging data, when the imaging data is divided into areas of various shapes formed by a plurality of forming points and extracted, as described later, the image data changes to the second posture. The coordinate values of data that are not included include the coordinate values of a plurality of formation points that form the data.

Alternatively, the position/orientation change value may include both a shift value and a rotation inversion value. In this case, the coordinate values related to the second state of the second information I2 include the coordinate values of the origin of at least one data after shifting to the second coordinate values and changing to the second attitude. The coordinate values related to the first state of the second information I2 include the first coordinate values of data in which neither shift nor orientation has changed.

Based on the first information I1 and the second information I2, the processor 132 converts the data of the plurality of second information I2 into a predetermined coordinate system (a coordinate system to which the previously acquired imaging data described above is applied, for example, XYZ coordinates). system). For example, when the position and orientation change value includes a shift value, the first coordinate value of the data set with the shift value is calculated based on the shift value of the first information I1 and the coordinate value of the second information I2, and a predetermined A plurality of pieces of data are each placed at a first coordinate value in the coordinate system. For example, when the position/orientation change value includes a rotational reversal value, rotation reversal processing is performed on at least one piece of data based on the rotational reversal value of the first information I1 and the coordinate value of the second information I2, and a predetermined A plurality of pieces of data including rotationally inverted data in the coordinate system are each arranged in a first orientation. Alternatively, when the position/orientation change value includes a shift value and a rotation inversion value, the first coordinate value of each data is calculated based on the shift value and rotation inversion value of the first information I1 and the coordinate value of the second information I2. , execute a rotation reversal process on at least one data to arrange each of the plurality of data in a first orientation, and arrange each of the plurality of data arranged in the first orientation at a first coordinate value in a predetermined coordinate system. . Alternatively, a plurality of pieces of data may be arranged at first coordinate values, and a rotation/reversal process may be performed on at least one piece of data to arrange each of the plurality of pieces of data at a first orientation. As a result, reference data for face authentication of the person to be authenticated 50 is constructed, which is compared with image data of the face of the person to be authenticated 50 acquired by the imaging device 11 when performing face authentication.

Then, the processor 132 performs authentication processing based on the constructed face authentication data and the imaged data of the face of the person to be authenticated 50. That is, the processor 132 performs the authentication process by comparing the restored plurality of data with the imaged data of the face of the person to be authenticated 50 acquired by the imaging device 11.

The processor 132 outputs the authentication result from the output unit 133 to a system that performs predetermined processing or operation. Thereby, the person to be authenticated 50 can perform a payment procedure using, for example, a settlement (payment) system. Further, the processor 132 outputs the authentication result from the output unit 133 to the imaging system 14. For example, the authentication result is displayed on the display unit 114.

Note that the first information I1 and the second information I2 are generated by, for example, the control device 13 of the authentication system 10 and stored in the information storage medium 30 or the storage device 40.

FIG. 3 illustrates the flow of the generation process of the first information I1 and the second information I2 executed by the processor 132 of the control device 13.

First, the processor 132 acquires imaging data obtained by imaging the face of the subject 51 who is registering authentication information (i.e., first information I1, second information I2) used for face authentication (STEP 1). For example, as shown in FIG. 2, the face of a subject 51 is imaged by the imaging device 11. Note that the face of the subject 51 may be imaged by an imaging device different from the imaging device 11. In this case, since the data restored at the time of authentication is compared with the imaged data captured by the imaging device 11 at the time of authentication, it is preferable that the image be captured under the same imaging conditions as the imaging device 11.

Subsequently, the processor 132 extracts a plurality of data used for authentication from the image data of the face of the subject 51 (STEP 2). Specifically, the processor 132 divides the captured image data of the face of the subject 51 into a plurality of pieces of data, and extracts the divided data as data used for authentication. Each piece of data is extracted to a size that makes it impossible to recognize the facial features of the subject 51 (that is, the individual cannot be identified) by itself.

For example, FIG. 4 shows areas A1 to A9 from which a plurality of pieces of data used for authentication are extracted from the face of the target person 51. FIG. 5 shows data B1 to B9 corresponding to areas A1 to A9 extracted from the imaging data of the face of the subject 51. Note that data B1 to B9 illustrated in FIG. 5 are data extracted from three-dimensional shape data as imaging data. In the figure, each of the data B1 to B9 is shown as a predetermined shape surrounded by a line, but in reality, it is composed of a collection of formation points having one or more coordinate values.

For example, as shown in FIGS. 4 and 5, each of the data B1 to B9 is extracted from the imaging data by dividing it into areas A1 to A9 programmed in advance. The size of each area A1 to A9 is appropriately set so that an individual cannot be identified from each data B1 to B9. For example, as shown in FIG. 4, each area may be set to be discontinuous with adjacent areas such as areas A1, A2, A5 to A9, or adjacent areas such as areas A3 and A4. It may be set to be continuous with the area. By reducing the size of areas A3 and A4, even if you look at the data B3 and B4 extracted from areas A3 and A4, you will not be able to identify which position and angle of the face it is, and which data You can make it so that you don't even know if it will be joined with the other one.

In addition, if each area includes an element that can identify facial features of the target person 51, the size of each area is divided into sizes that do not allow identification of the facial features of the subject 51, and each area corresponding to the divided area is Data may also be extracted. Examples of elements that can identify the facial features of the subject 51 include foreign objects such as moles, tattoos, and scars, or the iris of the eyeball (in the case of two-dimensional or three-dimensional image data), and foreign objects such as deep scars on the face (three-dimensional (in the case of shape data), etc. Furthermore, if the data B1 to B9 contain elements that can identify the facial features of the subject 51, they may be subjected to predetermined image processing (such as blacking out), or they may not be extracted as data for authentication. You can. In addition, the shapes of data B1 to B9 are not limited to the shapes shown in FIG. 5, and for example, one forming point is one area, or data is extracted after being divided into areas of various shapes formed by a plurality of forming points. But that's fine.

Next, the processor 132 sets a shift value for at least one of the plurality of extracted data B1 to B9 (STEP 3). Note that in this example, shift values are set for all data B1 to B9. Specifically, in a predetermined coordinate system, a second coordinate value different from the first coordinate value of each data B1 to B9 is set, and a shift value from the first coordinate value to the second coordinate value is calculated. Alternatively, the shift values of each data B1 to B9 may be set without setting the second coordinate values. In this case, the second coordinate value is calculated from the first coordinate value and the shift value. The shift value or the second coordinate value is randomly determined by the program.

For example, FIG. 6 illustrates each data B1 to B9 in the XYZ coordinate system. In the figure, formation points P1 to P9 forming each data B1 to B9 and their first coordinate values PA1 to PA9 are shown. Further, each of the data B1 to B9 has an origin set therein, which serves as a reference axis for rotation processing and reversal processing, which will be described later. The coordinate position of the origin of each data item B1 to B9 is randomly determined by the program. In this example, formation points P1 to P9 are set as the origin set to each data B1 to B9. Data B8 shows a second coordinate value PB8 of the formation point and the origin, and a shift value S8 from the first coordinate value PA8 to the second coordinate value PB8. In this way, the data B1 to B7, B9 are arranged such that each formation point and origin are changed from the first coordinate values PA1 to PA7, PA9 to the second coordinate values PB1 to PB7 based on the set shift values S1 to S7, S9. , PB9 (not shown). Note that when each data B1 to B9 is composed of two or more forming points, each data B1 to B9 also includes forming points (not shown) other than forming points P1 to P9. , each forming point has a first coordinate value, and a second coordinate value is also set.

In this example, an XYZ coordinate system is used as the predetermined coordinate system, but an encrypted coordinate system, a polar coordinate system, etc. may also be adopted. An encrypted coordinate system is a coordinate system in which the coordinate values of the XY axes or the XYZ axes are intentionally arranged irregularly. It is a coordinate system. Polar coordinate systems include circular coordinate systems, cylindrical coordinate systems, spherical coordinate systems, and the like.

Next, the processor 132 performs a predetermined conversion process on the data B1 to B9 (STEP 4). The predetermined conversion process includes, for example, at least one of a rotation process and an inversion process. For example, rotation processing is performed to rotate the orientations of the data B1 to B9 by a predetermined angle to the XYZ plane using the origins P1 to P9 as the base axes. The predetermined angle is randomly set by the program.

Note that the conversion process in STEP 4 may be performed between STEP 2 and STEP 3.

Next, the processor 132 associates the shift values S1 to S9 of each of the data B1 to B9 and the information of the conversion process (for example, the rotation inversion value of the rotation process and/or the inversion process) with the identification information of each of the data B1 to B9. Then, it is output to the information storage medium 30 of the subject 51 as the first information I1 (STEP 5). As a result, the shift values S1 to S9 of each of the data B1 to B9 and conversion processing information are stored in the information storage medium 30 in association with the identification numbers of each of the data B1 to B9. The "identification information" is a unique ID that identifies each piece of saved data, and is randomly generated by a program for each target person 51 so that the identification information of multiple pieces of data to be extracted are not consecutive numbers. .

For example, the first information I1 is output to the information storage medium 30 via the imaging system 14. In this case, as shown in FIG. 1, the imaging system 14 includes a writing device 15. For example, the two-dimensional code reader 121 shown in FIG. 2 may also have a function of reading a two-dimensional code as the writing device 15. Alternatively, the NFC reader 122 may also have an NFC data writing function as the writing device 15. Processor 132 outputs first information I1 to imaging system 14 via communication network 20. The writing device 15 of the imaging system 14 outputs the first information I1 to the information storage medium 30 of the subject 51.

When the information storage medium 30 held by the subject 51 is a smartphone, the first information I1 is transmitted from the two-dimensional code reader 121 having a reading function to a two-dimensional code, for example, by short-range wireless communication (see the broken line in FIG. 1). Load it into your smartphone in the form of a code. Alternatively, if the information storage medium 30 held by the target person 51 is an NFC tag, the first information I1 is transmitted to the target person 51 from the NFC reader 122 having a writing function by short-range wireless communication (see the broken line in FIG. 1). is output to the NFC tag owned by the person 51 or the NFC microchip embedded in the subject 51.

For example, the first information I1 of data B8 stored in the information storage medium 30 is
No. F007_SFT{X-2Y-5Z2}_FLP{YES_YZ}_TRN{YES_XY90YZ0XZ0}_END (1).

The number shown on the far left is No. F007 is an identification number (an example of identification information) assigned to data B8. Further, the value indicated by SFT is the shift value S8 of data B8. In this example, the shift values S8 set in the data B8 are X-2, Y-5, and Z2. This indicates that the shift value from the first coordinate value PA8 to the second coordinate value PB8 is shifted by -2 in the X-axis direction, -5 in the Y-axis direction, and +2 in the Z-axis direction. Furthermore, the values indicated by FLP and TRN are rotation inversion values indicating the conversion process, FLP indicates the presence or absence of inversion and the direction of inversion, and TRN indicates the presence or absence of rotation and the rotation angle. In this example, data B8 indicates that there is YZ plane inversion. That is, it shows that the data B8 is reversed in the YZ plane with respect to the origin P8. Further, in this example, data B8 indicates that the data B8 has been rotated by 90 degrees in the XY plane direction, 0 degree in the YZ plane direction, and 0 degree in the XZ plane direction with respect to the origin P8.

Subsequently, the processor 132 associates the coordinate values of the formation points forming each data B1 to B9 and the coordinate values of origins P1 to P9, which are the base axes of rotation processing, with the identification information of each data B1 to B9, and generates a second The information is output to the storage device 40 as information I2 (STEP 6). In this example, as the coordinate values of the data B1 to B9 and the origins P1 to P9, the second coordinate values PB1 to PB9 of the data B1 to B9 and the second coordinate values PB1 to PB9 of the origins P1 to P9 are used as the second information I2. included. Note that if a shift value is not set for part of the data B1 to B9, the first coordinate value is included in the second information I2. Note that the output processing of the second information I2 in STEP 6 may be performed before the output processing of the first information I1 in STEP 5.

FIG. 7 illustrates a database stored in the storage device 40. As the second information I2, each data item B1 to B9 having a second coordinate value is assigned an identification number, and the second coordinate values of one or more forming points and the origin are stored together. For example, for data B8, the identification number is No. F007 is assigned and saved together with the second coordinate value PB8 of the formation point P8 and the origin P8. In FIG. 7, only the second coordinate value PB8 of the formation point P8 and the origin P8 of the data B8 is shown, but the other data B1 to B7 and B9 are similarly formed to the formation points P1 to P7 and P9 and the origin P1 to P7. , P9's second coordinate values PB1 to PB7 and PB9 are stored. In addition, in FIG. 7, each data B1 to B9 is shown having a predetermined shape, but in reality, each data B1 to B9 is formed by one or more forming points and a second point of the origin. Coordinate values are expressed using alphanumeric symbols.

For example, the second information I2 of data B8 is
No. F007_{X9.0Y5.0Z2X7.0Y2.0Z4.0X9.0Y0Z2X11.0Y-1.0Z0.5}_ORG{X7.0Y2.0Z4.0} It can be expressed as in (2).

Identification number No. The numerical values written following F007 indicate the second coordinate values of a plurality of formation points (four formation points in this example) that constitute data B8. Further, the value indicated by ORG is the origin of the data B8, and indicates the second coordinate value of the origin P8, which is the base axis of the conversion process (rotation process and inversion process in this example). Although there are actually more formation points in the data B8, for the sake of simplicity, only the second coordinate values of four formation points including the origin will be shown and explained.

In this example, as shown in FIG. 7, data B1 to B9 of the subject 51 are further stored in the database as the region where the imaging data was acquired (for example, JPN: Japan) and the data B1 to B9. stored in association with the version of the control device's computer program used at the time of acquisition. Further, in FIG. 7, the storage device 40 stores only data B1 to B9 of the subject 51, but data of other subjects may be stored in the same manner. Further, the storage device 40 can be configured to store dummy data (artificially created fake data) that is not associated with any target person, thereby preventing data from being stored only for the target person 51. can.

Note that in the embodiment described above, the processor 132 sets shift values for the data B1 to B9 extracted from the imaging data in STEP 3 of FIG. However, a shift value may be set for at least one of the data B1 to B9. Alternatively, the configuration may be such that only the rotation process or the inversion process in STEP 4 is executed without setting shift values for all data. If the shift value is not set, for example, in the first information I1 stored in the information storage medium 30 expressed in (1) above, the shift value of the SFT item is zero, and the shift value is indicated by FLP and TRN. The value of the item is set. Regarding the second information I2 stored in the storage device 40 represented by (2) above, the identification number No. The numerical values written following F007 indicate the second coordinate values of the plurality of formation points and the origin that constitute the data B8.

Note that in the embodiment described above, the processor 132 performs a predetermined conversion process on the data B1 to B9 extracted from the imaging data in STEP 4 of FIG. However, a predetermined conversion process may be performed on at least one of the data B1 to B9. Alternatively, the configuration may be such that only the shift value setting in STEP 3 is performed without converting all data. If the conversion process is not executed, for example, the first information I1 expressed in (1) above stored in the information storage medium 30 will be shown as NO in the FLP and TRN items, and will be shown as NO in the SFT item. Shift value is set.

Further, in the above-described embodiment, predetermined image processing (blacking, etc.) may be performed between STEP 2 and STEP 3 or in STEP 4, or processing that will not be extracted as authentication data may be performed as appropriate. good.

Furthermore, in the embodiment described above, the case where authentication information is generated from imaging data of three-dimensional shape data has been described. However, when performing authentication based on two-dimensional image data or three-dimensional image data, the first information I1 and the second information I2 may be generated based on the two-dimensional image data or three-dimensional image data.

For example, in the multiple data extraction process in STEP 2 of FIG. 3, the processor 132 uses two-dimensional image data, three-dimensional image data, or three-dimensional shape data and two-dimensional image data From the image data of the generated three-dimensional image data, each area is defined as a block with a minimum coding unit of 8 pixels on a side on the XY coordinate axes, or a block with a multiple of 8 pixels on a side as one area. Data is extracted. In FIG. 8, an area surrounded by one square indicates one data area.

The coordinate value of the first pixel PX of each data is set as the coordinate value where each data is arranged. Further, the first pixel PX of each data is set as the origin, which is the base axis of rotation processing and inversion processing. That is, the coordinate values of the first pixel PX are the coordinate values of data, and are the coordinate values of the origin. Note that in FIG. 8, data B17 and the first pixel PX, which is its origin, are shown enlarged as an example of extracted data. Note that when iris and other information is included as in data B17 and iris recognition is not used, the program may be configured to automatically fill out the iris and other information.

Subsequently, in the shift value setting process of STEP 3, the processor 132 sets a shift value for at least one of the plurality of extracted data. That is, a shift value of the coordinate value of the first pixel PX is set for at least one of the plurality of data. The shift value, like the three-dimensional shape data, is randomly determined by the program.

Subsequently, in the data conversion process of STEP 4, the processor 132 performs a predetermined conversion process (rotation process or inversion process) on at least one of the data. That is, at least one of the plurality of data is subjected to rotation processing or inversion processing using the first pixel PX as the origin. In the case of image data, when rotation or inversion processing is performed, the coordinate values of the origin (data coordinate values) remain the same, but the state of the image displayed within the image data changes (rotation or inversion). . In other words, the coordinate values of the origin after the rotation or reversal processing (data coordinate values) are the coordinate values of the first pixel PX, the same as the coordinate values of the origin before the rotation or reversal processing (data coordinate values). .

Subsequently, in the first information output process of STEP 5, the processor 132 associates the shift value and rotation inversion value of each data with the identification information of each data, and outputs it to the information storage medium 30 of the subject 51 as the first information I1. Output.

Subsequently, in the second information output process of STEP 6, the processor 132 outputs the coordinate values of each data (that is, the coordinate values of the origin) to the storage device 40 as the second information I2. The coordinate value of data for which a shift value is set is the second coordinate value (i.e., the second coordinate value of the origin), and the coordinate value of data for which no shift value is set is the first coordinate value (i.e., the second coordinate value of the origin). The first coordinate value) is included in the second information I2 as the data coordinate value.

Note that in STEP 3, the shift value may not be set for the data, and only the rotation process or the inversion process in STEP 4 may be executed. Alternatively, the configuration may be such that in STEP 4, only the shift value setting in STEP 3 is performed without performing a predetermined conversion process on the data.

FIG. 9 shows data B17 that has been subjected to shift processing, rotation processing, and inversion processing. For example, data B17 is Y-axis inverted with respect to the first pixel PX, which is the origin, and rotated clockwise by 90 degrees in the XY plane, and then the coordinate values of the first pixel PX are -20 for X and -20 for Y. It is placed on the coordinate value shifted by 10. Then, the XY coordinate values of the first pixel PX are output to the storage device 40 as second information I2. Note that in the case of image data, the coordinate values of the origin after rotation processing and inversion processing are performed are the coordinate values of the first pixel PX.

Specifically, for example, the information regarding the data B17 of the second information I2 is
No. F017_{X-20Y-10}_IMG{FFDA 000C 0301...7517}_END (3). Note that in the information shown in (3) above, some information on the IMG is omitted.

The number shown on the far left is No. F017 is an identification number (an example of identification information) assigned to data B17. Further, following the identification number, the second coordinate value of the first pixel PX, which is the second coordinate value of the data B17 and the second coordinate value of the origin which is the base axis of the conversion process (rotation process or inversion process), is shown. has been done. Further, the value indicated by IMG indicates a segment that includes color information, etc. of each pixel constituting the block of data B17 (in this example, a block of 80 pixels vertically by 80 pixels horizontally).

For example, the first information I1 of data B17 is
No. F017_SFT{X-10Y-12}_FLP{YES_Y}_TRN{YES_90}_IMG{FFD8 FFE0 0010...FFDB...FFC0...FFC4...FFC4...FFC4...FFD9}_END (4) . Note that in the information shown in (4) above, some information on the IMG is omitted.

Identification number No. Following F017, the shift value of data B17, presence or absence of inversion, inversion direction, presence or absence of rotation processing (plane rotation), and rotation angle are shown. Specifically, the shift values set for data B17 are X-10, Y-12, and the shift value from the first coordinate value to the second coordinate value of the first pixel PX of data B17 is This indicates a shift of -10 in the direction and -12 in the Y-axis direction. Further, data B17 indicates that there is a Y-axis inversion around the first pixel PX, which is the origin, and a clockwise rotation of 90 degrees in the XY plane around the first pixel PX, which is the origin.

In this example, two-dimensional image data will be explained as a JFIF file, but a JFIF file is composed of data units called segments, and the first information I1 includes information on some segments that make up the JFIF file. May include. For example, as expressed in (4) above, in the first information I1, the value indicated by IMG includes a segment that includes information such as the compression method and the number of vertical and horizontal pixels regarding the data B17.

In this way, by separately saving the coordinate values of the image data, the compression method in the image data, and a portion of the color information (RGB values) segments as the first information I1 or the second information I2, the Image data cannot be restored with only one piece of information I1 because the data is incomplete. Moreover, since the coordinate position where the first pixel, which is the origin of the image data, is to be placed is also unknown using only the first information I1, the image data cannot be accurately restored. Therefore, even if either the first information I1 or the second information I2 is leaked, it is possible to prevent an individual from being identified.

Further, the first information I1 of the data B8 extracted for three-dimensional image data is, for example, No. F007_SFT{X-2Y-5Z2}_FLP{YES_YZ}_TRN{YES_XY90YZ0XZ0}_IMG{FFD8 FFE0 0010...FFDB...FFC0...FFC4...FFC4...FFC4...FFD9 }..._END...It is expressed as (5). Note that in the information shown in (5) above, some information on the IMG is omitted.

Further, the second information I2 of the data B8 extracted for three-dimensional image data is, for example, No. F007_{X9.0Y5.0Z2X7.0Y2.0Z4.0X9.0Y0Z2X11.0Y-1.0Z0.5}_ORG{X7.0Y2.0Z4.0} _IMG{X4.5Y7.0_FFDA 001A 0101...55 26}..._END...・It is expressed as (6). Note that in the information shown in (6) above, some information on the IMG is omitted.

Three-dimensional image data is data in which two-dimensional image data is projected and displayed on the XY coordinate axes of three-dimensional shape data. For example, as expressed in (5) above, the first information I1 includes information such as the shift value and rotation inversion value of the three-dimensional shape data, as well as the compression method and number of vertical and horizontal pixels regarding the two-dimensional image data. It may also include segment information indicating. In addition, as expressed in (6) above, the second information I2 includes three-dimensional shape data of the XYZ coordinate axes in addition to information on the second coordinate values of the origin and the plurality of forming points that constitute the three-dimensional shape data. It may also include segment information indicating the XY coordinate value position of the first pixel, which is the origin of the two-dimensional image data to be projected and displayed, and color information of each pixel.

For example, as illustrated in FIG. 10, identification information No. From the XY coordinate values of the three-dimensional shape data of data B8 of F007, the position of each block of the two-dimensional image data to be projected and displayed on the three-dimensional shape data can be calculated. Specifically, the image data of data B8 corresponds to, for example, a rectangular block indicated by a thick frame.

The XY position (origin) of the thick frame block and the information in the image data are identified as identification information No. The first information I1 and the second information I2 of F007 are separated and stored in the information storage medium 30 and the storage device 40, respectively.

Specifically, first, the block position and size of the image data are calculated based on the XY coordinate values of the three-dimensional shape data. Then, pixels located on the XY coordinates of the three-dimensional shape data within the block of image data are specified. For example, as shown by the circled numbers in FIG. 10, 30 pixels (an example simplified for purposes of explanation) are identified.

Subsequently, the XY coordinate values (X4.5, Y7.0) with the first pixel of the block as the origin are stored in the storage device 40 as second information I2. Further, shift values, conversion processing information (rotation processing and inversion processing), and various parameters of image information are stored in the information storage medium 30 as first information I1.

In this example, the case where one block of image data is composed of 8 x 8 pixels has been explained, but the size of one block may be changed according to the size of the three-dimensional shape data to be extracted (for example, , 1 block = 80 x 80 pixels).

Further, the second information I2 may include segment information indicating color information of each pixel forming the image data. For example, as expressed in (6) above, in the second information I2, the value indicated by IMG includes color information of each pixel. Note that color information of other pixels that are not located on the XY coordinates of the three-dimensional shape data within the block of image data is extracted as zero (black with R zero G zero B zero). R zero G zero B zero is just an example, and other colors may be extracted.

Next, an authentication process using the authentication information (first information I1, second information I2) generated as described above will be explained using FIGS. 11 to 13. FIG. 11 illustrates the flow of authentication processing executed by the processor 132 of the control device 13.

First, the processor 132 acquires image data of the person to be authenticated 50 captured by the imaging device 11 (STEP 11). For example, when a person to be authenticated 50 using a payment system or the like is located within a predetermined range with respect to the imaging system 14, the face of the person to be authenticated 50 is captured by the imaging device 11. Note that acquisition of the imaging data in STEP 11 may be performed after STEP 12 or STEP 13, which will be described later.

Subsequently, the processor 132 acquires the first information I1 read by the reading device 12 and stored in the information storage medium 30 owned by the person to be authenticated 50 (STEP 12). For example, when the person to be authenticated 50 brings a smartphone displaying a two-dimensional code close to the two-dimensional code reader 121, the two-dimensional code reader 121 reads the first information I1.

Subsequently, the processor 132 acquires second information I2 regarding the authentication of the person to be authenticated 50 from the storage device 40 (STEP 13). Specifically, the processor 132 acquires data corresponding to the identification information of the authentication data included in the first information I1 from the storage device 40.

Subsequently, the processor 132 restores the authentication data of the person to be authenticated 50 on a predetermined coordinate system based on the first information I1 and the second information I2 (STEP 14). As the predetermined coordinate system, the coordinate system used when generating the first information I1 and the second information I2 is used. Information on the coordinate system may be included in the first information I1.

12 and 13 show an example of restoring the data B8 in FIG. 6 in the XYZ coordinate system. First, as illustrated in FIG. 12, the processor 132 arranges the data B8 in a predetermined coordinate system based on the information on the second coordinate value of the data B8 included in the second information I2. Specifically, the data B8 is arranged based on all the second coordinate values of the plurality of forming points that constitute the data B8 included in the second information I2. Then, based on the information of the shift value S8 corresponding to the data B8 included in the first information I1, the position of the data B8 arranged in the coordinate system is moved to the first coordinate value. Specifically, all of the plurality of formation points forming the data B8 are moved to the first coordinate value. In addition, in FIGS. 12 and 13, only data B8 is shown, and the first coordinate value PA8, second coordinate value PB8, and Only shift value S8 is shown.

Subsequently, as illustrated in FIG. 13, the origin P8 included in the second information I2 is used as a reference axis, and the conversion processing information included in the first information I1 (for example, the rotation inversion value of the rotation processing or inversion processing) is used. Then, adjust the rotation and inversion of data B8. Thereby, as illustrated in FIG. 13, data B8 is placed (restored) at the correct position and correct angle on the coordinate system (same position and same angle as in FIG. 6). Note that the two-dimensional image data is similarly arranged (restored) at the position and angle before the shift and conversion processing (not shown).

The processor 132 repeats the process in STEP 14 until the restoration of all data B1 to B9 is completed (YES in STEP 15). As a result, all data B1 to B9 are rearranged (restored) on the coordinate system (see FIG. 6). This generates reference data.

Subsequently, the processor 132 performs authentication processing based on the restored data and the imaging data acquired in STEP 1 (STEP 16). Specifically, the processor 132 compares the restored reference data and the imaged data. The processor 132 establishes authentication when the degree of matching between the two exceeds a threshold value. In other words, the processor 132 authenticates the person to be authenticated 50 who caused the imaging device 11 to acquire imaged data of his or her face as a registered user when the degree of matching between the two exceeds the threshold value.

As described above, according to the authentication system 10 according to the present embodiment, the control device 13 acquires the first information I1 from the information storage medium 30 and acquires the second information I2 from the storage device 40. Then, the control device 13 restores the plurality of data B1 to B9 on a predetermined coordinate system based on the first information I1 and the second information I2.

In the information storage medium 30, the shift values S1 to S9 of the plurality of data B1 to B9 are stored as the first information I1, and on the other hand, the coordinate values of the plurality of data B1 to B9 are not stored. Further, the storage device 40 stores coordinate values of a plurality of data B1 to B9 as second information I2, but does not store shift values. As a result, it is not possible to restore a plurality of pieces of data to the original captured data using only the authentication information stored in either the information storage medium 30 or the storage device 40. Therefore, even if either the first information I1 stored in the information storage medium 30 or the second information I2 stored in the storage device 40 is leaked, it is possible to prevent an individual from being identified.

Furthermore, in this embodiment, rotation processing and inversion processing are performed on the plurality of data B1 to B9. The information storage medium 30 stores, as first information I1, the rotation reversal values of the rotation processing and reversal processing, but the coordinate values of the origins P1 to P9, which are the base axes of the rotation processing and reversal processing, are not stored. . Further, the storage device 40 stores, as second information I2, the coordinate values of the origins P1 to P9, which are the base axes of rotation processing and reversal processing, but does not store rotation reversal values. Therefore, even if the first information I1 or the second information I2 is known to another person, it is possible to prevent the other person from restoring the plurality of data.

Further, the plurality of data B1 to B9 are data extracted from the imaging data of the subject 51 (person 50 to be authenticated) after being divided into a size that does not allow the characteristics of the subject 51 (person 50 to be authenticated) to be specified. Similarly, the two-dimensional image data is extracted data that is divided into sizes (blocks) in which the characteristics of the subject 51 (authenticated person 50) cannot be specified. Thereby, even if the plurality of data B1 to B9 are known to others, it is possible to prevent the individual from being identified.

Furthermore, the plurality of data B1, B2, B5 to B9 are data extracted so as not to constitute a continuous area of the person to be authenticated 50 when combined. Similarly, the two-dimensional image data is data extracted so that the image data does not constitute a continuous area. As a result, the distance between the pieces of data to be combined is unknown, making it impossible to restore multiple pieces of data and making it impossible to identify individuals.

Furthermore, the storage device 40 may also store second information I2 regarding biometric authentication of a person to be authenticated who is different from the person to be authenticated 50. As a result, even if the second information I2 in the storage device 40 is known to another person, the second information I2 of the person to be authenticated 50 cannot be specified from the second information I2 of multiple people, and It is possible to prevent the data of the person 50 from being restored.

The processor 132 of the control device 13 having the various functions described above can be realized by a general-purpose microprocessor that operates in cooperation with a general-purpose memory. Examples of general-purpose microprocessors include CPUs, MPUs, and GPUs. Examples of general-purpose memory include ROM and RAM. In this case, the ROM may store a computer program that executes the above-described processing. The computer program may include an artificial intelligence (AI) program. An AI program is a program (trained model) constructed by supervised or unsupervised machine learning (particularly deep learning) using a multilayer neural network. ROM is an example of a non-transitory computer-readable medium. The general-purpose microprocessor specifies at least a part of the computer program stored on the ROM, loads it on the RAM, and executes the above-described processing in cooperation with the RAM. The computer program described above may be preinstalled in the general-purpose memory, or may be downloaded from an external server device via a wireless communication network and then installed in the general-purpose memory.

The processor 132 may be realized by a dedicated integrated circuit such as a microcontroller, ASIC, or FPGA that is capable of executing the computer program described above. In this case, the above-mentioned computer program is preinstalled in the memory element included in the dedicated integrated circuit. Each processor may also be implemented by a combination of a general purpose microprocessor and a special purpose integrated circuit.

Each of the above embodiments is merely an illustration to facilitate understanding of the present invention. The configurations according to each of the embodiments described above may be modified and improved as appropriate without departing from the spirit of the present invention.

In the above embodiment, one formation point among the plurality of formation points forming the data is described as the origin, but the origin does not have to be the formation point forming the data.

In the above embodiment, an example was described in which the authentication system 10 performs face authentication based on image data of the face of the person to be authenticated 50 acquired using the imaging device 11. However, the authentication system 10 may be configured to perform biometric authentication other than face authentication. For example, authentication system 10 may be configured to perform fingerprint authentication. Specifically, fingerprint authentication may be performed based on image data of the fingerprint of the person to be authenticated 50 acquired by the imaging device 11. Alternatively, the imaging system 14 is equipped with a fingerprint sensor instead of the imaging device 11, emits a laser or sound wave toward the finger of the person to be authenticated 50, receives the laser or sound wave reflected from the finger, and receives the received signal. Image data, shape data, etc. of the fingerprint of the person to be authenticated 50 may be obtained by analyzing the information. Furthermore, instead of face authentication or fingerprint authentication, the authentication system 10 may be configured to perform vein authentication. Specifically, the imaging device 11 may be used to irradiate the finger of the person to be authenticated 50 with near-infrared rays, the vein pattern may be imaged by a camera, and vein authentication may be performed based on the imaging data of the vein pattern. Furthermore, instead of face authentication, fingerprint authentication, or vein authentication, the authentication system 10 may be configured to perform iris authentication.

In the above embodiment, it is determined that the authentication of the person to be authenticated 50 is successful when one authentication method, which is face authentication, is successful. However, it may be determined that the authentication of the person to be authenticated 50 is successful based on not only one authentication method but also a plurality of authentication methods. For example, in addition to face authentication, authentication processing based on the account information of the person to be authenticated 50 may be performed. That is, the processor 132 determines whether the account information (including a password, etc.) input by the person to be authenticated 50 matches the pre-registered account information stored in the storage device 40. Then, the processor 132 may determine that the authentication of the person to be authenticated 50 is successful when the authentication based on the account information is successful and the face authentication is successful.

Alternatively, in addition to face authentication, fingerprint authentication or vein authentication may be performed. For example, the processor 132 may determine that the authentication of the person to be authenticated 50 is successful when both face authentication and fingerprint authentication or vein recognition are successful. Alternatively, instead of face authentication, it may be determined that the authentication of the person to be authenticated 50 is successful when both fingerprint authentication and vein authentication are successful.

In the above embodiment, the imaging system 14 is connected to the control device 13 via the communication network 20. However, the imaging system 14 and the control device 13 may be configured integrally. The integrated configuration of the imaging system 14 and the control device 13 may be realized by, for example, a smartphone, and data restoration and authentication processing may be performed in the smartphone. According to such a configuration, only the second information I2 is received from the storage device 40 via the communication network 20 without transmitting the first information I1 held by the authenticated person 50 to the communication network 20 at the time of authentication. data can be restored and authenticated within the smartphone. Thereby, it is possible to prevent the first information I1 from leaking to the outside. Further, the information storage medium 30, the imaging system 14, and the control device 13 may be integrally configured.

In the above embodiment, when the first information I1 and the second information I2 are outputted from the control device 13 to the imaging system 14 and the storage device 40 via the communication network 20, the known public key system, common key The data may be configured to maintain data confidentiality by using various encryption and decryption methods.

In the above embodiment, shift values are set for all data extracted from biometric data. However, for example, a shift value may be set for at least one piece of data. The data to which the shift value is set is randomly determined by the program. Furthermore, if a shift value is not set for data B8, for example, the first information I1 expressed in (1) above and stored in the information storage medium 30 is such that each value of XYZ of SFT{X0Y0Z0} is It becomes zero. In the second information I2 stored in the storage device 40 expressed in (2) above, the origin and coordinate values are also stored as the first coordinate values at the time of extraction. Furthermore, for the two-dimensional data represented by (4) above, if no shift value is set, the shift value SFT{X0Y0} of the first information I1 becomes zero, and the storage device 40 represented by (3) above becomes zero. The origin and coordinate values of the second information I2 stored in are also stored as the first coordinate values at the time of extraction.

However, even with this configuration, it is not possible to determine which data among the data stored in the storage device 40 has a shift value set, so even if the first information I1 is leaked, it cannot be determined whether the can be prevented from being identified. Furthermore, compared to the case where shift values are set for all data stored in the storage device 40, the amount of data processed during the authentication process is reduced, so faster authentication processing can be expected.

Furthermore, even with this configuration, it is not possible to determine whether the data stored in the storage device 40 has been subjected to rotation processing or reversal processing, so even if the second information I2 is leaked, an individual cannot be identified. This can be prevented. Additionally, the amount of data processed during authentication processing is reduced compared to the case where shift values are set, rotation processing, and reversal processing are performed on data stored in the storage device 40, which speeds up the authentication processing. can be expected.

This application is based on Japanese Patent Application No. 2022-086406 filed on May 26, 2022, the contents of which are incorporated herein by reference.

Claims

an authentication data acquisition device that acquires biometric data for biometric authentication regarding a part of the body of a person to be authenticated;
acquiring first information related to the biometric authentication of the authenticated person from an information storage medium owned by the authenticated person, acquiring second information related to the biometric authentication of the authenticated person from a storage device, and acquiring the authentication data. Authentication that biometrically authenticates the person to be authenticated based on the biometric data for biometric authentication acquired from the device, the first information acquired from the information storage medium, and the second information acquired from the storage device. It is equipped with a control device that performs processing,
The first information includes a position/orientation change value set for at least one of a plurality of data extracted from biometric data regarding a part of the body of the person to be authenticated that has been obtained in advance;
The position and orientation change value is a value obtained by changing at least one of the position and orientation of the at least one data from a first state to a second state different from the first state,
The second information includes coordinate values of each of the plurality of data,
The coordinate value of the at least one data set with the position/orientation change value is a coordinate value related to the second state,
The position and orientation change value is set to a value that makes it impossible to determine the correlation between the plurality of data in the biological data when the plurality of data are arranged based on the coordinate values included in the second information. Ori,
The control device includes:
creating reference data by arranging the plurality of data in the first state based on the first information and the second information;
An authentication system that performs authentication processing based on the reference data and the biometric data for biometric authentication acquired by the authentication data acquisition device.
The position and orientation change value includes a shift value,
The shift value is a value obtained by shifting the position of the at least one data from a first coordinate value to a second coordinate value different from the first coordinate value,
The coordinate values related to the second state include the second coordinate values of the at least one data set with the shift value,
The control device includes:
The authentication system according to claim 1, wherein reference data is created by arranging the plurality of data at the first coordinate values based on the first information and the second information.
The position and orientation change value includes a rotation inversion value,
The rotation inversion value changes the orientation of the at least one data from a first orientation to a second orientation different from the first orientation by performing at least one of rotation processing and reversal processing about the origin of the at least one data. This is the value when changing to two postures,
The coordinate values related to the second state include the coordinate values of the origin after changing to the second posture,
The control device includes:
Based on the first information and the second information, at least one of a rotation process and a reversal process is performed on the at least one data, the plurality of data are arranged in the first orientation, and the reference data is The authentication system according to claim 1, which creates an authentication system.
The position and orientation change value includes a shift value and a rotation inversion value,
The shift value is a value obtained by shifting the position of the at least one data from a first coordinate value to a second coordinate value different from the first coordinate value,
The rotation inversion value changes the orientation of the at least one data from a first orientation to a second orientation different from the first orientation by performing at least one of rotation processing and reversal processing about the origin of the at least one data. This is the value when changing to two postures,
The coordinate values related to the second state include the coordinate values of the origin of the at least one data after shifting to the second coordinate values and changing to the second posture,
The control device includes:
The authentication system according to claim 1, wherein reference data is created by arranging the plurality of data at the first coordinate values and the first orientation based on the first information and the second information.
The plurality of pieces of data are data extracted from the biometric data regarding a part of the body of the person to be authenticated that has been obtained in advance and divided into a size that does not allow identification of the characteristics of the person to be authenticated. The authentication system according to any one of Item 4.
5. The plurality of pieces of data are data extracted so as not to constitute a continuous area of the person to be authenticated when placed in the first state. Authentication system.
The authentication system according to any one of claims 1 to 4, further comprising a first information acquisition device that acquires first information regarding biometric authentication of the person to be authenticated from the information storage medium.
comprising the storage device,
The authentication system according to any one of claims 1 to 4, wherein the storage device also stores second information regarding biometric authentication of a person to be authenticated who is different from the person to be authenticated.
The first information includes a part of a plurality of segments constituting the plurality of data,
The authentication system according to any one of claims 1 to 4, wherein the second information includes the remainder of the plurality of segments.
Accepting biometric data for biometric authentication regarding a part of the body of the person to be authenticated, receiving first information regarding biometric authentication of the person to be authenticated from an information storage medium owned by the person to be authenticated, and receiving first information regarding the biometric authentication of the person to be authenticated from a storage device. an input unit that receives second information regarding biometric authentication of a person;
a processor configured to perform an authentication process for biometrically authenticating the person to be authenticated based on the biometric data for biometric authentication, the first information, and the second information;
The first information includes a position/orientation change value set for at least one of a plurality of data extracted from biometric data regarding a part of the body of the person to be authenticated that has been obtained in advance;
The position and orientation change value is a value obtained by changing at least one of the position and orientation of the at least one data from a first state to a second state different from the first state,
The second information includes coordinate values of each of the plurality of data,
The coordinate value of the at least one data set with the position/orientation change value is a coordinate value related to the second state,
The position and orientation change value is set to a value that makes it impossible to determine the correlation between the plurality of data in the biological data when the plurality of data are arranged based on the coordinate values included in the second information. Ori,
The processor includes:
creating reference data by arranging the plurality of data in the first state based on the first information and the second information;
A control device that performs authentication processing based on the reference data and the biometric data for biometric authentication.
The position and orientation change value includes a shift value,
The shift value is a value obtained by shifting the position of the at least one data from a first coordinate value to a second coordinate value different from the first coordinate value,
The coordinate values related to the second state include the second coordinate values of the at least one data set with the shift value,
The processor includes:
The control device according to claim 10, wherein reference data is created by arranging the plurality of data at the first coordinate values based on the first information and the second information.
The position and orientation change value includes a rotation inversion value,
The rotation inversion value changes the orientation of the at least one data from a first orientation to a second orientation different from the first orientation by performing at least one of rotation processing and reversal processing about the origin of the at least one data. This is the value when changing to two postures,
The coordinate values related to the second state include the coordinate values of the origin after changing to the second posture,
The processor includes:
Based on the first information and the second information, at least one of a rotation process and a reversal process is performed on the at least one data, the plurality of data are arranged in the first orientation, and the reference data is 11. The control device according to claim 10.
The position and orientation change value includes a shift value and a rotation inversion value,
The shift value is a value obtained by shifting the position of the at least one data from a first coordinate value to a second coordinate value different from the first coordinate value,
The rotation inversion value changes the orientation of the at least one data from a first orientation to a second orientation different from the first orientation by performing at least one of rotation processing and reversal processing about the origin of the at least one data. This is the value when changing to two postures,
The coordinate values related to the second state include the coordinate values of the origin of the at least one data after shifting to the second coordinate values and changing to the second posture,
The processor includes:
The control device according to claim 10, wherein reference data is created by arranging the plurality of data at the first coordinate values and the first orientation based on the first information and the second information.
The plurality of pieces of data are data that is extracted from the biometric data regarding a part of the body of the person to be authenticated, which has been obtained in advance, and is divided into a size that does not allow identification of the characteristics of the person to be authenticated. The control device according to any one of Item 13.
14. The plurality of pieces of data are data extracted so as not to constitute a continuous area of the person to be authenticated when placed in the first state. Control device.
The first information includes a part of a plurality of segments constituting the plurality of data,
The control device according to any one of claims 10 to 13, wherein the second information includes the remainder of the plurality of segments.
A computer program executed by a control device, the computer program comprising:
The execution causes the control device to:
accept biometric data for biometric authentication regarding a part of the body of the person to be authenticated;
receiving first information regarding the biometric authentication of the person to be authenticated from an information storage medium owned by the person to be authenticated;
receiving second information regarding biometric authentication of the person to be authenticated from a storage device;
The first information includes a position/orientation change value set for at least one of a plurality of data extracted from biometric data regarding a part of the body of the person to be authenticated that has been obtained in advance;
The position and orientation change value is a value obtained by changing at least one of the position and orientation of the at least one data from a first state to a second state different from the first state,
The second information includes coordinate values of each of the plurality of data,
The coordinate value of the at least one data set with the position/orientation change value is a coordinate value related to the second state,
The position and orientation change value is set to a value that makes it impossible to determine the correlation between the plurality of data in the biological data when the plurality of data are arranged based on the coordinate values included in the second information. Ori,
creating reference data by arranging the plurality of data in the first state based on the first information and the second information;
A computer program that causes an authentication process to be performed based on the reference data and the biometric data for biometric authentication.
an input unit that accepts biometric data regarding a part of the subject's body;
a processor that generates information used for biometric authentication of the subject based on the biometric data and outputs the information to a storage device;
the processor sets a position/orientation change value for at least one of the plurality of data extracted from the biological data;
The position and orientation change value is a value obtained by changing at least one of the position and orientation of the at least one data from a first state to a second state different from the first state,
The position/orientation change value is configured to adjust the position/orientation change value between the plurality of data based on the coordinate value of each of the plurality of data including the coordinate value related to the second state of the at least one data to which the position/orientation change value is set. is set to a value that makes it impossible to determine the correlation between the plurality of data in the biometric data when
The processor generates the information including coordinate values of each of the plurality of data, and outputs the information to the storage device as second information.
The processor generates first information including the position/orientation change value set for at least one of the plurality of data, and outputs the first information to an information storage medium owned by the subject. 19. The control device according to claim 18.
The position and orientation change value includes a shift value,
The shift value is a value obtained by shifting the position of the at least one data from a first coordinate value to a second coordinate value different from the first coordinate value,
The control device according to claim 18 or 19, wherein the coordinate value of each of the plurality of data includes the second coordinate value of the at least one data set with the shift value.
The position and orientation change value includes a rotation inversion value,
The rotation inversion value changes the orientation of the at least one data from a first orientation to a second orientation different from the first orientation by performing at least one of rotation processing and reversal processing about the origin of the at least one data. This is the value when changing to two postures,
The control device according to claim 18 or 19, wherein the coordinate value of each of the plurality of data includes the coordinate value of the origin of the at least one data after changing to the second attitude.
The position and orientation change value includes a shift value and a rotation inversion value,
The shift value is a value obtained by shifting the position of the at least one data from a first coordinate value to a second coordinate value different from the first coordinate value,
The rotation inversion value changes the orientation of the at least one data from a first orientation to a second orientation different from the first orientation by performing at least one of rotation processing and reversal processing about the origin of the at least one data. This is the value when changing to two postures,
19. The coordinate value of each of the plurality of data includes the coordinate value of the origin of the at least one data after shifting to the second coordinate value and changing to the second attitude. 20. The control device according to item 19.
The control device according to claim 19, wherein the processor includes a part of the plurality of segments constituting the plurality of data in the first information, and includes the remainder of the plurality of segments in the second information.
20. The control device according to claim 18 or 19, wherein the processor divides the biometric data into sizes in which characteristics of the subject cannot be identified and extracts the plurality of data.
The control device according to claim 18 or 19, wherein the processor extracts the plurality of data so that they do not constitute a continuous region of the subject when arranged in the first state.
A computer program executed by a control device, the computer program comprising:
The execution causes the control device to:
Accept biometric data regarding a part of the target person's body,
generating information used for biometric authentication of the subject based on the biometric data and outputting the information to a storage device;
setting a position/orientation change value for at least one of the plurality of data extracted from the biological data;
The position and orientation change value is a value obtained by changing at least one of the position and orientation of the at least one data from a first state to a second state different from the first state,
The position/orientation change value is configured to adjust the position/orientation change value between the plurality of data based on the coordinate value of each of the plurality of data including the coordinate value related to the second state of the at least one data to which the position/orientation change value is set. is set to a value that makes it impossible to determine the correlation between the plurality of data in the biometric data when
A computer program that generates the information including coordinate values of each of the plurality of data, and causes the information to be output to the storage device as second information.
The execution causes the control device to:
26. Generating first information including the position/orientation change value set for at least one of the plurality of data, and outputting the first information to an information storage medium owned by the subject. The computer program described in .
The position and orientation change value includes a shift value,
The shift value is a value obtained by shifting the position of the at least one data from a first coordinate value to a second coordinate value different from the first coordinate value,
28. The computer program according to claim 26, wherein the coordinate value of each of the plurality of data includes the second coordinate value of the at least one data set with the shift value.
The position and orientation change value includes a rotation inversion value,
The rotation inversion value changes the orientation of the at least one data from a first orientation to a second orientation different from the first orientation by performing at least one of rotation processing and reversal processing about the origin of the at least one data. This is the value when changing to two postures,
28. The computer program according to claim 26, wherein the coordinate values of each of the plurality of data include coordinate values of the origin of the at least one data after changing to the second attitude.
The position and orientation change value includes a shift value and a rotation inversion value,
The shift value is a value obtained by shifting the position of the at least one data from a first coordinate value to a second coordinate value different from the first coordinate value,
The rotation inversion value changes the orientation of the at least one data from a first orientation to a second orientation different from the first orientation by performing at least one of rotation processing and reversal processing about the origin of the at least one data. This is the value when changing to two postures,
26. The coordinate value of each of the plurality of data includes the coordinate value of the origin of the at least one data after shifting to the second coordinate value and changing to the second attitude. 28. Computer program according to item 27.
The execution causes the control device to:
28. The computer program according to claim 27, wherein a part of the plurality of segments constituting the plurality of data is included in the first information, and the remainder of the plurality of segments is included in the second information.
The execution causes the control device to:
28. The computer program according to claim 26 or 27, wherein the biometric data is divided into a size in which characteristics of the subject cannot be identified and extracted as the plurality of data.
The execution causes the control device to:
28. The computer program according to claim 26 or 27, wherein when the plurality of data are arranged in the first state, the data are extracted so as not to constitute a continuous region of the subject.