WO2022034668A1 - Information processing device, information processing method, and storage medium - Google Patents

Information processing device, information processing method, and storage medium Download PDF

Info

Publication number
WO2022034668A1
WO2022034668A1 PCT/JP2020/030764 JP2020030764W WO2022034668A1 WO 2022034668 A1 WO2022034668 A1 WO 2022034668A1 JP 2020030764 W JP2020030764 W JP 2020030764W WO 2022034668 A1 WO2022034668 A1 WO 2022034668A1
Authority
WO
WIPO (PCT)
Prior art keywords
information
data
user
biometric authentication
biometric
Prior art date
Application number
PCT/JP2020/030764
Other languages
French (fr)
Japanese (ja)
Inventor
統 坂口
智弘 波多江
洋児 青木
Original Assignee
日本電気株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 日本電気株式会社 filed Critical 日本電気株式会社
Priority to JP2022542549A priority Critical patent/JPWO2022034668A5/en
Priority to PCT/JP2020/030764 priority patent/WO2022034668A1/en
Publication of WO2022034668A1 publication Critical patent/WO2022034668A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q50/00Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
    • G06Q50/10Services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06TIMAGE DATA PROCESSING OR GENERATION, IN GENERAL
    • G06T7/00Image analysis

Definitions

  • the present invention relates to an information processing device, an information processing method, and a recording medium.
  • Patent Document 1 describes ticketless boarding in which various procedures are performed by face recognition at multiple checkpoints (check-in lobby, security checkpoint, boarding gate, etc.) in the airport using passenger biometric information (face image). The system is disclosed.
  • Patent Document 1 discloses a configuration for using face recognition for business in an airport. However, Patent Document 1 does not envision a mechanism for verifying whether or not face authentication (biometric authentication) for passengers is properly executed between each terminal and a server.
  • an object of the present invention to provide an information processing device, an information processing method, and a recording medium that can easily verify whether or not biometric authentication is properly executed.
  • an acquisition unit that acquires the user's biometric information and the biometric authentication verification data from a terminal used for the user's biometric authentication, and the biometric authentication for the acquired biometric information.
  • An information processing apparatus including an authentication unit for executing the above and a control unit for associating the processing result in the biometric authentication with the verification data is provided.
  • the step of acquiring the user's biometric information and the biometric authentication verification data from the terminal used for the user's biometric authentication, and the biometric authentication for the acquired biometric information are performed.
  • An information processing method including a step to be executed and a step of associating the processing result in the biometric authentication with the verification data is provided.
  • a recording medium in which a program for executing the biometric authentication step and a step of associating the processing result in the biometric authentication with the verification data are recorded is provided.
  • an information processing device an information processing method and a recording medium that can easily verify whether or not biometric authentication is properly executed.
  • FIG. 1 is a schematic diagram showing an overall configuration example of the information processing system 1 according to the present embodiment.
  • the information processing system 1 is a computer system that supports operations related to a series of examination procedures performed on a user (traveler) U who uses the airport A.
  • the information processing system 1 is operated by, for example, a public institution such as an immigration control bureau or a trustee entrusted with the business by the institution.
  • the check-in terminal 20, the automatic baggage deposit machine 30, the security inspection device 40, the automated gate device 50, and the boarding gate device 60 are connected to the common management server 10 via the network NW.
  • the network NW is composed of a LAN (Local Area Network) including an airport A premises communication network, a WAN (Wide Area Network), a mobile communication network, and the like.
  • the connection method is not limited to the wired method and may be a wireless method.
  • FIG. 1 illustrates only the terminal device used for the procedure at the time of departure from the airport A for convenience of explanation.
  • the terminals of the check-in terminal 20, the automatic baggage deposit machine 30, the security inspection device 40, the automated gate device 50, and the boarding gate device 60 may be collectively referred to as an edge terminal 200.
  • the management server 10 is an information processing device that manages operations related to examination procedures at the time of entry and departure of user U.
  • the management server 10 is installed in, for example, a facility of an airport company, an airline company, or the like that operates the airport A. Further, the management server 10 may be a cloud server instead of a server installed in a facility where business is actually performed.
  • the management server 10 does not have to be a single server, and may be configured as a server group including a plurality of servers.
  • the examination procedure at the time of departure at Airport A is carried out sequentially at the five touch points TP1 to TP5.
  • the relationship between each device and the touch points TP1 to TP5 will be described.
  • the check-in terminal 20 is installed in the check-in lobby (hereinafter referred to as "touch point TP1") in the airport A.
  • the check-in terminal 20 is a self-terminal for performing a check-in procedure by the user U operating by himself / herself.
  • the check-in terminal 20 is also called a CUSS (Comon Use Self Service) terminal.
  • the automatic baggage deposit machine 30 is installed in an area adjacent to the baggage counter (manned counter) in the airport A or an area near the check-in terminal 20 (hereinafter referred to as "touch point TP2").
  • the automatic baggage deposit machine 30 is a self-terminal for performing a procedure (baggage deposit procedure) for depositing baggage that is not brought into the aircraft by the user U operating by himself / herself.
  • the automatic baggage deposit machine 30 is also called a CUBD (Comon Use Bag Drop) terminal.
  • CUBD Commission Use Bag Drop
  • the security inspection device 40 is installed at the security inspection site (hereinafter referred to as "touch point TP3") in Airport A.
  • the security inspection device 40 is a device for confirming whether or not the user U is wearing metals that can be dangerous substances by using a metal detector.
  • the phrase "security inspection device” in this embodiment is not limited to metal detectors, but also includes X-ray inspection devices that use X-rays to check for dangerous substances in carry-on baggage, etc., and security inspections. It is used in the sense that it also includes a terminal device of a passenger passage confirmation system (PRS: Passenger Recognition System) that determines whether or not the user U can pass at the entrance of the venue.
  • PRS Passenger Recognition System
  • the automated gate device 50 is installed at the immigration checkpoint (hereinafter referred to as "touch point TP4") in Airport A.
  • the automated gate device 50 is a device that automatically performs the departure examination procedure of the user U. After completing the departure examination procedure at Touchpoint TP4, User U moves to the departure area where duty-free shops and boarding gates are provided.
  • the boarding gate device 60 is a traffic control device installed for each boarding gate in the departure area (hereinafter referred to as "touch point TP5").
  • the boarding gate device 60 is also called an ABG (Automated Boarding Gates) terminal.
  • the boarding gate device 60 confirms that the user U is a passenger of an aircraft that can board from the boarding gate. After completing the procedure at Touchpoint TP5, User U boarded the aircraft and left the first country for the second country.
  • the management server 10 has a token ID information DB 11, a passage history information DB 12, a business information DB 13, and an authentication history information DB 14.
  • the database of the management server 10 is not limited to these databases.
  • FIG. 2 is a diagram showing an example of information stored in the token ID information DB 11.
  • the token ID information DB 11 includes a token ID, a group ID, a registered face image, a feature amount, a token issuing time, a token issuing device name, an invalid flag, and an invalidation time as data items.
  • the token ID is an identifier that uniquely identifies the ID information.
  • the token ID in the present embodiment is temporarily issued on condition that the collation result of the face image of the user U holding the passport at the touch point TP1 and the passport face image read from the passport match. .. Then, when the user U completes the procedure at the touch point TP5 (boarding gate), the token ID is invalidated. That is, the token ID is not an identifier that is used permanently, but a one-time ID that has a valid period (life cycle).
  • the group ID is an identifier for grouping the ID information.
  • the registered face image is a face image registered for the user U.
  • the feature amount is a value extracted from biological information (registered face image).
  • the phrase of the biological information in the present embodiment means the facial image and the feature amount extracted from the facial image, but the biological information is not limited to the facial image and the facial feature amount. That is, biometric authentication may be performed using an iris image, a fingerprint image, a palm print image, an auricle image, or the like as the biometric information of the user U.
  • the token issuance time is the time when the management server 10 issues the token ID.
  • the token issuing device name is the device name of the acquisition source of the registered face image that triggered the issuance of the token ID.
  • the invalid flag is flag information indicating whether or not the token ID is currently valid. When the token ID is issued, the invalid flag in the present embodiment becomes, for example, a value of "1" indicating a valid state of the token ID. Further, when a predetermined condition is satisfied, the invalid flag is updated to a value of "0" indicating, for example, the token ID is invalid.
  • the invalidation time is the time stamp when the invalidation flag is invalidated.
  • FIG. 3 is a diagram showing an example of information stored in the passage history information DB 12.
  • the passage history information DB 12 includes a passage history ID, a token ID, a passage time, a device name, a business system type, and a passage touch point as data items.
  • the passage history ID is an identifier that uniquely identifies the passage history information.
  • the transit time is a time stamp when the touch point is passed.
  • the device name is the machine name of the business terminal used for the procedure at the touch point.
  • the business system type is the type of the business system to which the business terminal belongs.
  • FIG. 4 is a diagram showing an example of information stored in the business information DB 13.
  • the business information DB 13 includes a token ID, passenger name, reservation number, departure place, destination, airline code, flight number, operation date, seat number, nationality, passport number, surname, first name, date of birth and gender. Is a data item.
  • the business information DB 13 stores business information related to a predetermined business for each token ID.
  • the "predetermined work” means the procedure work performed at the touch points TP1 to TP5, respectively.
  • the reservation number is an identifier that uniquely identifies the boarding reservation information.
  • An airline code is an identifier that uniquely identifies an airline.
  • the boarding reservation information included in the business information includes passenger name, reservation number, departure place, destination, airline code, flight number, date of operation, seat number, nationality, passport number, surname, first name, year of birth. Date and gender can be mentioned. Boarding reservation information can be obtained from recording media such as passports and boarding passes. The boarding reservation information can also be obtained from the airline reservation system (not shown) using the passport number or reservation number as a key. Then, the acquired boarding reservation information is stored as business information in the business information DB 13.
  • FIG. 5 is a diagram showing an example of information stored in the authentication history information DB 14.
  • the authentication history information DB 14 includes the authentication history ID, the authentication date and time, the authentication result, the verification score, and the verification data (1) to (n) as data items.
  • the authentication result is the success or failure of the authentication process.
  • the collation score is a score indicating the degree of similarity between the target face image acquired from the user U and the registered face image registered in advance for the registrant. When the collation score is equal to or higher than a predetermined threshold value, the management server 10 can authenticate that the collation target person is the same person as the registrant.
  • the verification data (1) to (n) are data for verifying whether or not the biometric authentication for each user U is properly executed. Examples of the verification data (1) to (n) include attribute information of the user U and shooting conditions (biological information acquisition conditions) of the biological image.
  • FIG. 6 is a functional block diagram of the management server 10.
  • the management server 10 has a storage unit 10A, a transmission / reception unit 10B, a data extraction unit 10C, a biometric authentication unit 10D, a token ID issuing unit 10E, a business processing unit 10F, and a verification unit 10G.
  • the function of the management server 10 is not limited to that shown in the figure.
  • the storage unit 10A stores the above-mentioned token ID information, passage history information, business information, authentication history information, and the like.
  • the transmission / reception unit 10B receives the request data D1 from the edge terminal 200 and transmits the processing result in the management server 10 to the edge terminal 200 as the response data D2.
  • the edge terminal 200 in the present embodiment corresponds to each terminal device of the check-in terminal 20, the automatic baggage deposit machine 30, the security inspection device 40, the automated gate device 50, and the boarding gate device 60.
  • the data extraction unit 10C determines the API to be called based on the command included in the received request data D1, extracts the control data, the face recognition data, and the business data included in the request data D1 to each API. Sort. Further, the data extraction unit 10C extracts the verification data included in the request data D1 and stores it in the storage unit 10A.
  • the biometric authentication unit 10D collates the target face image extracted from the request data D1 with the passport face image. Further, when the biometric authentication unit 10D determines in the data extraction unit 10C that the command content indicates a "face authentication execution request", the biometric authentication unit 10D stores the target face image extracted from the request data D1 in the storage unit 10A. Check with the face image (registered face image) of the registered registrant.
  • the token ID issuing unit 10E issues a token ID to the user U when the collation result of the target face image and the passport face image in the biometric authentication unit 10D are collated and matched.
  • the business processing unit 10F is a collection of X (X ⁇ 1) APIs that execute data processing related to business, and is called by the data extraction unit 10C.
  • X X ⁇ 1
  • the data extraction unit 10C first calls the biometric authentication unit 10D to execute the collation process, and the baggage deposit is based on the collation result. Call the business API related to the procedure. Since the biometric authentication unit 10D and any business API can be activated by the data extracted by the data extraction unit 10C, the face authentication technology can be easily applied to various business operations.
  • the verification unit 10G verifies the authentication result based on the verification data. Specifically, the verification unit 10G calculates the average value of the collation score and the authentication rate for each data item included in the verification data by statistical processing. In the statistical processing, the values of mean, standard deviation, variance, and correlation are calculated as appropriate. As a result, the verification unit 10G analyzes the causal relationship between the authentication result and the data item.
  • FIG. 7 is a diagram illustrating a data structure of request data D1 transmitted by the edge terminal 200 to the management server 10.
  • the request data D1 is composed of a header portion H1 and a body portion B1.
  • the header unit H1 is an area for storing control data such as communication protocol, authentication information, request method (POST, GET, etc.), command and resource media type information, and the like.
  • the body portion B1 is an area for storing control data B11, verification data B12, face authentication data B13, and business data B14.
  • the control data B11 is data for controlling the operation of the business API, and is composed of data items that do not depend on the business. It is assumed that the control data B11 has a different control target from the control data stored in the header unit H1.
  • the control data of the header unit H1 includes an execution command relating to at least one of a business data registration process, a business data search process, a token ID issuance process, and biometric authentication.
  • the control data B11 of the body portion B1 includes data items such as a device name, a system type, and a location of the source of the request data D1.
  • the verification data B12 is data for later verifying the authentication result in the management server 10, and includes data items indicating conditions at the time of acquisition of biometric information.
  • the business data B14 is a data group in which n (n ⁇ 1) business data are encapsulated, and one label is given to the business data B14.
  • the individual business data (1) to (n) are stored in a lower layer and are used for processing of the business processing unit 10F. Further, each of the business data (1) to (n) is given a label so that the data item can be identified.
  • FIG. 8 is a diagram illustrating the data structure of the response data D2 transmitted by the management server 10 to the edge terminal 200.
  • the response data D2 is composed of a header portion H2 and a body portion B2. Unlike the case of the request data D1, the response data D2 does not include the verification data and the face authentication data.
  • the body portion B2 is an area for storing the control data B21 and the business data B22.
  • the configurations of the header portion H2 and the body portion B2 are the same as those of the header portion H1 and the body portion B1 shown in FIG. 7, but the types of stored data items do not necessarily have to match.
  • FIGS. 9 to 14 the hardware configuration of each device constituting the information processing system 1 will be described with reference to FIGS. 9 to 14. Note that the devices having the same name but different codes in FIGS. 9 to 14 have the same functions, and therefore detailed description thereof will be omitted in the subsequent drawings.
  • FIG. 9 is a block diagram showing an example of the hardware configuration of the management server 10.
  • the management server 10 has a CPU (Central Processing Unit) 101, a RAM (Random Access Memory) 102, a storage device 103, and a communication I / F 104. Each device is connected to the bus line 105.
  • CPU Central Processing Unit
  • RAM Random Access Memory
  • the CPU 101 is a processor having a function of performing a predetermined operation according to a program stored in the storage device 103 and controlling each part of the management server 10.
  • the CPU 101 functions as the transmission / reception unit 10B, the data extraction unit 10C, the biometric authentication unit 10D, the token ID issuing unit 10E, the business processing unit 10F, and the verification unit 10G described above.
  • the RAM 102 is composed of a volatile storage medium and provides a temporary memory area necessary for the operation of the CPU 101.
  • the storage device 103 is composed of a storage medium such as a non-volatile memory and a hard disk drive, and functions as a storage unit 10A.
  • the storage device 103 stores a program executed by the CPU 101, data referred to by the CPU 101 when the program is executed, and the like.
  • the communication I / F 104 is a communication interface based on standards such as Ethernet (registered trademark), Wi-Fi (registered trademark), and 4G, and is a module for communicating with the check-in terminal 20 and the like.
  • the communication I / F 104 functions as a transmission / reception unit 10B together with the CPU 101.
  • FIG. 10 is a block diagram showing an example of the hardware configuration of the check-in terminal 20.
  • the check-in terminal 20 includes a CPU 201, a RAM 202, a storage device 203, a communication I / F 204, an input device 206, a display device 207, a medium reading device 208, and a biological information acquisition device 209. Each device is connected to bus line 205.
  • the input device 206 is, for example, a pointing device such as a touch panel, a keyboard, or the like.
  • the display device 207 and the input device 206 are integrally formed as a touch panel.
  • the display device 207 is a liquid crystal display device, an OLED (Organic Light Emitting Diode) display device, or the like, and is used for displaying moving images, still images, characters, and the like.
  • the medium reading device 208 is a device that reads a medium such as a passport or an airline ticket of the user U and acquires the information recorded on the medium.
  • the ticket medium include a paper ticket, a mobile terminal for displaying a copy of an e-ticket, and the like.
  • the medium reading device 208 is composed of, for example, a code reader, an image scanner, a non-contact IC (Integrated Circuit) reader, an OCR (Optical Character Reader) device, and the like, and acquires information from various media held over the reading unit.
  • the biometric information acquisition device 209 is a device that acquires the face image of the user U as the biometric information of the user U.
  • the biological information acquisition device 209 is, for example, a digital camera that photographs the face of the user U standing in front of the check-in terminal 20, and photographs the face of the user U to acquire the face image.
  • FIG. 11 is a block diagram showing an example of the hardware configuration of the automatic baggage deposit machine 30.
  • the automatic baggage depositor 30 includes a CPU 301, a RAM 302, a storage device 303, a communication I / F 304, an input device 306, a display device 307, a medium reader 308, a biometric information acquisition device 309, and a baggage transfer device 310. And has an output device 311. Each device is connected to bus line 305.
  • the baggage transport device 310 is a device that transports the baggage to the aircraft on which the user U is boarding.
  • the baggage transfer device 310 transports the baggage attached to the baggage tag placed in the receiving unit by the user U toward the baggage handling place.
  • the output device 311 is a device that outputs a baggage tag attached to checked baggage.
  • the output device 311 outputs a baggage redemption certificate necessary for baggage redemption after arriving at the destination.
  • the baggage tag and the baggage redemption certificate are associated with at least one of the passport number, the reservation number and the token ID.
  • FIG. 12 is a block diagram showing an example of the hardware configuration of the security inspection device 40.
  • the security inspection device 40 includes a CPU 401, a RAM 402, a storage device 403, a communication I / F 404, an input device 406, a display device 407, a medium reading device 408, a biometric information acquisition device 409, and a metal detection gate 410. Have. Each device is connected to a bus line 405.
  • the metal detection gate 410 is a gate type metal detector, and detects metals worn by the user U passing through the metal detection gate 410.
  • FIG. 13 is a block diagram showing an example of the hardware configuration of the automated gate device 50.
  • the automated gate device 50 includes a CPU 501, a RAM 502, a storage device 503, a communication I / F 504, an input device 506, a display device 507, a medium reading device 508, a biometric information acquisition device 509, and a gate 511. Each device is connected to bus line 505.
  • the gate 511 is controlled by the CPU 501 to block the passage of the user U during standby. It shifts to the open state that allows the passage of user U.
  • the method of the gate 511 is not particularly limited, and is, for example, a flapper gate that opens and closes a flapper provided from one side or both sides of the passage, a turnstile gate in which three bars rotate, and the like.
  • FIG. 14 is a block diagram showing an example of the hardware configuration of the boarding gate device 60.
  • the boarding gate device 60 includes a CPU 601, a RAM 602, a storage device 603, a communication I / F 604, an input device 606, a display device 607, a biometric information acquisition device 609, and a gate 611. Each device is connected to a bus line 605.
  • FIG. 15 is a sequence diagram showing an example of processing of the check-in terminal 20 and the management server 10. This process is executed when the user U performs the check-in procedure using the check-in terminal 20.
  • the check-in terminal 20 determines whether or not the ticket medium of the user U is held over the reading unit (not shown) of the medium reading device 208 (step S101), and waits until the ticket medium is held over. (Step S101, NO).
  • the check-in terminal 20 determines that the ticket medium is held over the reading unit of the medium reading device 208 (step S101, YES)
  • the check-in terminal 20 acquires the boarding reservation information of the user U from the held ticket medium.
  • the acquired boarding reservation information includes the family name, first name, airline code, flight number, boarding date, departure place (boarding airport), destination (arrival airport), seat number, boarding time, arrival time and the like.
  • the check-in terminal 20 determines whether or not the passport of the user U is held over the reading unit of the medium reader 208 (step S103), and waits until the passport is held (step S103, NO).
  • the check-in terminal 20 determines that the passport is held over the reading unit of the medium reader 208 (step S103, YES)
  • the check-in terminal 20 acquires the passport information of the user U from the held passport (step S104).
  • the acquired passport information includes the passport face image of the user U, the identity verification information, the passport number, the passport issuing country, and the like.
  • the check-in terminal 20 photographs the face of the user U by the biological information acquisition device 209, and acquires the face image as the target face image (step S105). Before taking the face image, it is preferable to display a guidance message regarding the taking of the face image on the screen and obtain the consent of the user U.
  • the check-in terminal 20 transmits request data requesting face image matching and token ID issuance to the management server 10 (step S106).
  • FIG. 16 is a diagram showing an example of request data D1 transmitted by the check-in terminal 20 to the management server 10.
  • the request data D1 is composed of a header portion H1 and a body portion B1.
  • a command (“Issue-tokenId”) indicating a request for issuing a token ID is described at the end of the URL.
  • the body portion B1 is composed of control data B11, verification data B12, face authentication data B13, and business data B14.
  • the control data B11 includes the location of the terminal (“location”), the terminal (“terminal”), the device name (“deviceName”), the system type (“systemType”), and the system vendor information (“system”) at the airport A.
  • the transmission time of the request data D1 (“reqTimeStamp”), the ID of the camera used for taking the face image (“cameraId”), and the label information and data of each item of the model name of the camera (“cameraModel”) are described. There is.
  • the verification data B12 describes label information and data for each item of gender (“Sex”), age (“Age”), height (“Height”), and shooting angle (“Angle”). These data items and data values are used in the verification process described later. For example, it can be extracted that the authentication rate of a person whose height is considerably shorter (or higher) than the average value is low, or the authentication rate of a person of a specific age group is low.
  • the face authentication data B13 labels for each item of the passport face image file name (“PassportFaceImage”), the shooting time of the photographed face image (“quareryTimeStamp”), and the file name of the photographed face image (“quareryFaceImage”). Information and data are provided.
  • one label (“appdata”) is attached to the business data B14, and the business data is surrounded by a symbol (“ ⁇ ”) indicating a start portion and a symbol (“ ⁇ ”) indicating an end portion.
  • the label information and data of each data item are described hierarchically.
  • the management server 10 collates the target face image taken by the check-in terminal 20 with the passport face image of the user U on a one-to-one basis (step S107). That is, in the example of FIG. 16, the management server 10 collates the photographed face image of the file name (“Q201902250000025.jpg”) with the passport face image of the file name (“P2019225000001.jpg”).
  • the management server 10 associates the verification result (verification score) in step S107, the authentication result (success / failure of authentication), and the verification data acquired from the check-in terminal 20 and registers them in the authentication history information DB 14 ( Step S108).
  • the management server 10 determines that the collation result between the target face image and the passport face image is a collation match (step S109, YES)
  • the management server 10 issues a token ID (step S110).
  • the token ID is set to a unique value based on, for example, the date and time at the time of processing and the sequence number.
  • the management server 10 registers the relationship between the token ID and the registered face image in the token ID information DB 11 with the target face image as the registered face image (step S111).
  • the reason why the face image (target face image) taken in the field is used as the registered face image is that the validity period (life cycle) of the token ID is completed within the day, and the taken image is the subsequent authentication process.
  • the image taken in 1 and the quality (appearance) are closer than the passport face image.
  • the passport face image may be set as the registered face image (registered biometric information). For example, if the life cycle of the token ID is long (for example, in the aviation industry, if the member is valid for the token ID for a certain period of time, etc.), the face image of the passport or driver's license may be used as the registered face image. It is good to set.
  • the management server 10 registers the relationship between the token ID and the business information in the business information DB 13 using the passport information and the boarding reservation information as business information (step S112).
  • the control data required for face authentication and the business information required for business execution are managed in separate databases, but the registered face image and the business information are associated with each other by the token ID.
  • a plurality of data items (passenger name (“PassengerName”), passport number (“PassportNum”), nationality (“Nationality”), and date of birth (“DateofBirth”) stored in the business data B14 are stored. ), Gender (“Sex”), etc.) are registered in the business information DB 13 as business information.
  • the data stored as the business data B14 changes according to the content of the command.
  • the management server 10 transmits the response data including the issued token ID and the collation result information of the collation match to the check-in terminal 20 (step S113).
  • FIG. 17 is a diagram showing an example of response data D2 transmitted by the management server 10 to the check-in terminal 20.
  • the response data D2 is composed of a header portion H2 and a body portion B2. Unlike the case of the request data D1, the response data D2 does not include the verification data and the face authentication data. Further, unlike the case of the control data B11 shown in FIG. 16, label information and data of each data item of the issued token ID (“tokenId”) and the processing code (“StatusCd”) indicating the processing status are described. ing.
  • the issued token ID is "T2019022000000020"
  • the processing code is "000" indicating normal termination.
  • the business data B22 contains label information and data of the same data items as the business data B14 shown in FIG.
  • the management server 10 determines that the collation result of the passport face image and the target face image is a collation mismatch (step S109, NO)
  • the management server 10 transmits the response data including the collation result information of the collation mismatch to the check-in terminal 20. (Step S114).
  • step S115 the management server 10 refers to the collation result included in the response data and determines whether or not the identity verification of the user U has been successful.
  • step S115 when the check-in terminal 20 determines that the identity verification of the user U has been successful (step S115, YES), the check-in procedure such as confirmation of the itinerary and selection of a seat based on the input information of the user U is performed. Is executed (step S116). Then, the check-in terminal 20 transmits the request data D1 requesting the registration of the passage history information of the user U to the management server 10 (step S117).
  • the management server 10 registers the passage history information indicating the relationship between the token ID and the passage information of the touch point TP1 in the passage history information DB 12 (step S118).
  • the management server 10 transmits the response data to the check-in terminal 20 (step S119), and ends the process.
  • the check-in terminal 20 refers to the response data received from the management server 10 and determines that the identity verification of the user U has failed (step S115, NO)
  • the check-in terminal 20 notifies the user U of an error message. (Step S120).
  • the target face image (photographed face image) that matches the passport face image obtained from the passport in the check-in procedure is registered in the token ID information DB 11 as a registered face image, and the registered face image is registered by the issued token ID.
  • FIG. 18 is a sequence diagram showing an example of processing of the automatic baggage deposit machine 30 and the management server 10. This process is executed when the user U who has completed the check-in procedure receives the baggage check-in procedure as necessary.
  • the automatic baggage depository machine 30 constantly or periodically photographs the front of the device, and determines whether or not the face of the user U standing in front of the automatic baggage depository machine 30 is detected in the captured images (step S201). ). The automatic baggage deposit machine 30 waits until the face of the user U is detected in the image by the biological information acquisition device 309 (step S201, NO).
  • the automatic baggage deposit machine 30 determines that the face of the user U is detected by the biometric information acquisition device 309 (step S201, YES)
  • the automatic baggage deposit machine 30 photographs the face of the user U and targets the face image of the user U. Acquired as a face image (step S202).
  • the automatic baggage deposit machine 30 transmits the request data D1 requesting the execution of the collation process between the target face image and the registered face image to the management server 10 (step S203).
  • the management server 10 collates the face image of the user U (step S204). That is, the management server 10 collates the target face image included in the request data D1 received from the automatic baggage deposit machine 30 with the plurality of registered face images registered in the token ID information DB 11 on a one-to-N basis.
  • the registered face image to be collated is limited to the image associated with the token ID whose invalid flag value is "1" (valid).
  • the management server 10 associates the verification result (verification score) in step S204, the authentication result (success / failure of authentication), and the verification data acquired from the check-in terminal 20 and registers them in the authentication history information DB 14 ( Step S205).
  • the management server 10 determines whether or not the collation result is a collation match (step S206).
  • the management server 10 determines that the collation result is a collation mismatch (step S206, NO)
  • the management server 10 transmits response data including the collation result information of the mismatch to the automatic baggage deposit machine 30 (step S209). )
  • the process proceeds to step S210.
  • the management server 10 determines that the collation result is a collation match (step S206, YES)
  • the process proceeds to step S207.
  • step S207 the management server 10 acquires business information from the business information DB 13 using the token ID associated with the registered face image of the collation match in the token ID information DB 11 as a key. Then, the management server 10 transmits the response data to the automatic baggage deposit machine 30 (step S208). After that, the process proceeds to step S210.
  • step S210 the management server 10 refers to the collation result included in the response data and determines whether or not the identity verification of the target person has been successful.
  • the automatic baggage deposit machine 30 refers to the collation result included in the response data, and when it is determined that the identity verification is successful (step S210, YES), the automatic baggage deposit machine 30 executes the baggage deposit procedure of the user U (step S210, YES). Step S211).
  • the automatic baggage deposit machine 30 transmits the request data D1 requesting the registration of the passage history information of the user U to the management server 10 (step S212).
  • the management server 10 When the management server 10 receives the request data from the automatic baggage deposit machine 30, the management server 10 registers the passage history information indicating the relationship between the token ID and the passage information of the touch point TP2 of the user U in the passage history information DB 12 (step S213). ..
  • the management server 10 transmits the response data to the automatic baggage deposit machine 30 (step S214), and ends the process.
  • the automatic baggage deposit machine 30 refers to the response data and determines that the identity verification has failed (step S210, NO)
  • the automatic baggage deposit machine 30 notifies the user U of an error message (step S215).
  • FIG. 19 is a flowchart showing an example of the verification process of the management server 10. This process is executed, for example, when the current time reaches a predetermined start time.
  • the management server 10 determines whether or not the current time is the start time of the verification process (step S301).
  • the process proceeds to step S302.
  • the management server 10 determines that the current time is not the start time of the verification process (step S301, NO)
  • the standby state is maintained.
  • step S302 the management server 10 acquires the authentication history information from the authentication history information DB 14.
  • the management server 10 executes an authentication history information analysis process (statistical process) for each item of verification data (step S303).
  • the management server 10 outputs the verification result (step S304) and ends the process.
  • the verification result output method screen display, file output, database registration, etc. are appropriately selected.
  • the authentication history information (log data) of all biometric authentication executed during the operation of the system is stored in the management server 10. Further, since the authentication history information is associated with the biometric authentication processing result and the verification data, the management server 10 can verify the biometric authentication processing result for each data item of the verification data. As a result, for example, the administrator can identify a factor that lowers the success rate of biometric authentication based on the verification result, and can easily deal with it.
  • FIG. 20 is a block diagram showing an overall configuration example of the information processing system 2 in the present embodiment.
  • the information processing system 2 includes a management server 10, a plurality of biometric authentication terminals 70, and an administrator terminal 80.
  • the management server 10 is connected to a plurality of biometric authentication terminals 70 via a network NW1 such as the Internet. Further, the management server 10 is connected to the administrator terminal 80 via a network NW2 such as a LAN.
  • the biometric authentication terminal 70 is a terminal used by the user for biometric authentication.
  • Examples of the biometric authentication terminal 70 include terminals such as the check-in terminal 20 described in the first embodiment, an automatic ticket vending machine, a gate device installed in various facilities, and the like.
  • the type of the biometric authentication terminal 70 is not limited.
  • the administrator terminal 80 is a terminal used by the administrator for maintenance work of the management server 10. Examples of the administrator terminal 80 include a personal computer, a tablet terminal, and the like.
  • the management server 10 of the present embodiment has the user information DB 15 and the authentication history information DB 14.
  • the database of the management server 10 is not limited to these databases.
  • FIG. 21 is a diagram showing an example of information stored in the user information DB 15.
  • the user information DB 15 has user ID, registered face image, feature amount, name, gender, age and height as data items.
  • the data items stored in the user information DB 15 are not limited to these.
  • FIG. 22 is a block diagram showing an example of the hardware configuration of the biometric authentication terminal 70.
  • the biometric authentication terminal 70 includes a CPU 701, a RAM 702, a storage device 703, a communication I / F 704, an input device 706, a display device 707, a medium reading device 708, and a biometric information acquisition device 709. .. Each device is connected to a bus line 705.
  • FIG. 23 is a block diagram showing an example of the hardware configuration of the administrator terminal 80.
  • the administrator terminal 80 has a CPU 801 and a RAM 802, a storage device 803, a communication I / F 804, an input device 806, and a display device 807. Each device is connected to bus line 805.
  • FIG. 24 is a functional block diagram of the information processing system 2.
  • the management server 10 has a storage unit 10A, a transmission / reception unit 10B, a data extraction unit 10C, a biometric authentication unit 10D, and a verification unit 10G, as in the first embodiment. Unlike the first embodiment, the management server 10 of the present embodiment does not have to have the token ID issuing unit 10E and the business processing unit 10F.
  • the transmission / reception unit 10B receives the verification request from the administrator terminal 80
  • the transmission / reception unit 10B causes the verification unit 10G to execute the verification process.
  • the transmission / reception unit 10B transmits the verification result in the verification unit 10G to the administrator terminal 80.
  • FIG. 25 is a diagram showing an example of data items included in the verification data in the present embodiment.
  • the items of the verification data the subject ID, gender, height, standing position, face position, shooting location, eyeglasses, moving speed, and lighting conditions are listed.
  • FIG. 26 is a sequence diagram showing an example of processing of the biometric authentication terminal 70 and the management server 10. This process is executed, for example, when an inspector of the biometric authentication terminal 70 tests the accuracy of biometric authentication in the terminal.
  • the biometric authentication terminal 70 displays the verification data input screen on the display device 707 based on the input operation from the inspector (step S401).
  • the biometric authentication terminal 70 acquires the verification data input on the input screen (step S402).
  • the biometric authentication terminal 70 photographs the face of the collation target person by the biometric information acquisition device 709 and acquires a face image (step S403).
  • the biometric authentication terminal 70 transmits the request data including the target face image and the verification data to the management server 10 (step S404).
  • the management server 10 collates the target face image included in the request data with the registered face image of the registrant registered in advance in the database (step S405).
  • the management server 10 registers the authentication history information associated with the collation result and the verification data in step S405 in the authentication history information DB 14 (step S406).
  • the management server 10 transmits the response data to the biometric authentication terminal 70 (step S407).
  • the biometric authentication terminal 70 determines whether or not to end the biometric authentication test based on the input operation from the inspector (step S408).
  • the biometric authentication terminal 70 determines that the biometric authentication test is completed (step S408, YES)
  • the biometric authentication terminal 70 ends the process. If the biometric authentication terminal 70 determines that the biometric authentication test is not completed (step S408, NO), the process returns to step S401.
  • FIG. 27 is a diagram showing an example of a verification data input screen displayed on the biometric authentication terminal 70.
  • the subject ID is an identifier that uniquely identifies the subject.
  • the orientation of the face indicates which direction the subject is facing up, down, left, or right with respect to the camera.
  • the standing position indicates whether the subject is standing to the left, in the center, or to the right within the shooting range of the camera.
  • the moving speed is indicated when the subject is stationary, walking, or running.
  • the movement speed and the orientation of the face may be manually input by the administrator, or may be automatically determined on the terminal side based on the measured values of sensors (not shown).
  • FIG. 28 is a flowchart showing an example of the verification process of the management server 10. This process is executed, for example, when the administrator performs verification work of the authentication result.
  • the management server 10 displays a verification condition specification screen in response to an input operation from the administrator (step S501).
  • the management server 10 acquires the verification conditions input by the administrator on the verification condition specification screen (step S502).
  • the management server 10 executes an analysis process for the authentication history information stored in the authentication history information DB 14 based on the verification conditions (step S503).
  • the management server 10 executes the analysis process within the specified range.
  • the management server 10 displays the verification result display screen (step S504).
  • the verification result display screen for example, information obtained by analyzing the authentication result for each data item of the verification data is displayed.
  • the management server 10 determines whether or not to end the verification work based on the presence or absence of an input operation from the administrator (step S505).
  • the management server 10 determines that the verification work is completed (step S505, YES)
  • the management server 10 ends the process.
  • step S505 determines that the verification work is not completed (step S505, NO)
  • the process returns to step S501.
  • FIG. 29 is a diagram showing an example of a verification condition designation screen displayed on the administrator terminal 80.
  • verification conditions terminal-specific VC-1, model-specific VC-2, gender VC-3, face orientation VC-4, standing position VC-5, standing position VC-5, shooting location VC-6, time zone.
  • VC-7 the user's moving speed VC-8, and whether or not the glasses are worn VC-9.
  • FIG. 30 is a diagram showing an example of a verification result display screen displayed on the administrator terminal 80.
  • the verification result when "by terminal" is specified as the verification condition is displayed on the screen.
  • the horizontal axis of the graph showing the verification result is the average authentication rate
  • the vertical axis shows the terminal ID of the biometric authentication terminal 70.
  • the average authentication rate of the terminal whose terminal ID is "# 63" is relatively lower than that of other terminals.
  • the administrator performs re-verification under other verification conditions in order to identify the cause of the low average authentication rate in the terminal.
  • the biometric authentication test result and the verification data can be associated and registered in the database.
  • the manufacturer can efficiently execute the test of the biometric authentication terminal 70 and support the development work of the terminal.
  • FIG. 31 is a block diagram showing the configuration of the information processing apparatus 100 according to the present embodiment.
  • the information processing apparatus 100 includes an acquisition unit 100A, an authentication unit 100B, and a control unit 100C.
  • the acquisition unit 100A acquires the user's biometric information and biometric authentication verification data from the terminal used for the user's biometric authentication.
  • the authentication unit 100B and the biometric authentication for the acquired biometric information are executed.
  • the control unit 100C associates the processing result in biometric authentication with the verification data.
  • an information processing apparatus 100 that can easily verify whether or not biometric authentication is properly executed.
  • the present invention is applied to business at an airport.
  • the configuration of the present invention can be applied to business using biometric authentication in any industry such as railway industry, accommodation industry, service industry, and manufacturing industry.
  • the request data and the response data are described in the JSON format, but may be described in another data format such as the XML format. That is, any data format that can encapsulate business data is sufficient.
  • the management server 10 automatically executes the log data statistics / analysis processing has been described, but a part or all of the statistics / analysis processing is performed by a human being. You may do so. Further, the management server 10 may be configured to automatically identify data items that are the main cause of the decrease in the authentication rate and present them to the administrator.
  • Each embodiment also has a processing method in which a program for operating the configuration of the embodiment is recorded on a recording medium so as to realize the functions of the above-described embodiment, the program recorded on the recording medium is read out as a code, and the program is executed by a computer.
  • a computer-readable recording medium is also included in the scope of each embodiment. Further, not only the recording medium on which the above-mentioned program is recorded but also the program itself is included in each embodiment.
  • the recording medium for example, a floppy (registered trademark) disk, a hard disk, an optical disk, a magneto-optical disk, a CD-ROM, a magnetic tape, a non-volatile memory card, or the like can be used.
  • a floppy (registered trademark) disk for example, a hard disk, an optical disk, a magneto-optical disk, a CD-ROM, a magnetic tape, a non-volatile memory card, or the like
  • the program recorded on the recording medium that executes the process alone, but also the program that operates on the OS and executes the process in cooperation with other software and the function of the expansion board is also an embodiment. Is included in the category of.
  • An acquisition unit that acquires the user's biometric information and the biometric authentication verification data from the terminal used for the user's biometric authentication.
  • An authentication unit that executes the biometric authentication for the acquired biometric information,
  • a control unit that associates the processing result in the biometric authentication with the verification data, Information processing device equipped with.
  • Appendix 2 Verification unit that verifies the processing result based on the verification data, The information processing apparatus according to Appendix 1, further comprising.
  • the verification unit verifies the correlation between the value of the data item included in the verification data and the processing result for each data item.
  • the information processing device according to Appendix 2.
  • the verification unit identifies the terminal whose authentication rate in biometric authentication is less than a predetermined value among the plurality of terminals.
  • the information processing apparatus according to Appendix 2 or 3.
  • the acquisition unit acquires the control data for controlling the execution of the biometric authentication and the business data generated when a predetermined business is executed on the terminal, together with the biometric information and the verification data.
  • a business processing unit that processes the business data when the user is authenticated by the biometric authentication.
  • the verification data includes the attribute information of the user when the biometric information is a biometric image.
  • the information processing apparatus according to any one of Supplementary Provisions 1 to 5.
  • the attribute information includes at least one of gender, age, and height.
  • the information processing apparatus according to Appendix 6.
  • the verification data includes the imaging conditions of the biological image when the biological information is a biological image.
  • the information processing apparatus according to any one of Supplementary Provisions 1 to 5.
  • the shooting conditions further include at least one of a lighting condition, a shooting direction and a shooting location.
  • the information processing apparatus according to Appendix 8.
  • the imaging condition further includes the moving speed of the user at the time of capturing the biological image.
  • the information processing apparatus according to Appendix 8 or 9.
  • the imaging condition includes information on whether or not a predetermined article is included in the region of the acquisition site of the biological image at the time of photographing the biological image.
  • the information processing apparatus according to any one of Supplementary note 8 to 10.

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Physics & Mathematics (AREA)
  • Tourism & Hospitality (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Primary Health Care (AREA)
  • Strategic Management (AREA)
  • Marketing (AREA)
  • General Business, Economics & Management (AREA)
  • Human Resources & Organizations (AREA)
  • Economics (AREA)
  • Health & Medical Sciences (AREA)
  • Computer Vision & Pattern Recognition (AREA)
  • Devices For Checking Fares Or Tickets At Control Points (AREA)

Abstract

An information processing device according to the present invention comprises: an acquisition unit that acquires, from a terminal for use in biological authentication of a user, biological information of the user and verification data for the biological authentication; an authentication unit that executes the biological authentication with respect to the acquired biological information; and a control unit that associates the verification data and a processing result in the biological authentication.

Description

情報処理装置、情報処理方法及び記録媒体Information processing equipment, information processing method and recording medium
 本発明は、情報処理装置、情報処理方法及び記録媒体に関する。 The present invention relates to an information processing device, an information processing method, and a recording medium.
 特許文献1には、旅客の生体情報(顔画像)を用いて、空港内の複数のチェックポイント(チェックインロビー、保安検査場、搭乗ゲート等)において顔認証により各種の手続を行うチケットレス搭乗システムが開示されている。 Patent Document 1 describes ticketless boarding in which various procedures are performed by face recognition at multiple checkpoints (check-in lobby, security checkpoint, boarding gate, etc.) in the airport using passenger biometric information (face image). The system is disclosed.
特開2007-79656号公報Japanese Unexamined Patent Publication No. 2007-79656
 特許文献1に記載されているシステムは、空港内における業務に顔認証を利用するための構成を開示している。しかし、特許文献1においては、各端末とサーバとの間で旅客に対する顔認証(生体認証)が適切に実行されているか否かを検証するための仕組みについては想定されていない。 The system described in Patent Document 1 discloses a configuration for using face recognition for business in an airport. However, Patent Document 1 does not envision a mechanism for verifying whether or not face authentication (biometric authentication) for passengers is properly executed between each terminal and a server.
 そこで、本発明は、上述の問題に鑑み、生体認証が適切に実行されているか否かを容易に検証できる情報処理装置、情報処理方法及び記録媒体を提供することを目的とする。 Therefore, in view of the above problems, it is an object of the present invention to provide an information processing device, an information processing method, and a recording medium that can easily verify whether or not biometric authentication is properly executed.
 本発明の一つの観点によれば、ユーザの生体認証に利用する端末から、前記ユーザの生体情報及び前記生体認証の検証用データを取得する取得部と、取得された前記生体情報に対する前記生体認証を実行する認証部と、前記生体認証における処理結果と前記検証用データとを関連付ける制御部と、を備える情報処理装置が提供される。 According to one aspect of the present invention, an acquisition unit that acquires the user's biometric information and the biometric authentication verification data from a terminal used for the user's biometric authentication, and the biometric authentication for the acquired biometric information. An information processing apparatus including an authentication unit for executing the above and a control unit for associating the processing result in the biometric authentication with the verification data is provided.
 本発明の他の観点によれば、ユーザの生体認証に利用する端末から、前記ユーザの生体情報及び前記生体認証の検証用データを取得するステップと、取得された前記生体情報に対する前記生体認証を実行するステップと、前記生体認証における処理結果と前記検証用データとを関連付けるステップと、を備える情報処理方法が提供される。 According to another aspect of the present invention, the step of acquiring the user's biometric information and the biometric authentication verification data from the terminal used for the user's biometric authentication, and the biometric authentication for the acquired biometric information are performed. An information processing method including a step to be executed and a step of associating the processing result in the biometric authentication with the verification data is provided.
 本発明のさらに他の観点によれば、コンピュータに、ユーザの生体認証に利用する端末から、前記ユーザの生体情報及び前記生体認証の検証用データを取得するステップと、取得された前記生体情報に対する前記生体認証を実行するステップと、前記生体認証における処理結果と前記検証用データとを関連付けるステップと、を実行させるためのプログラムが記録された記録媒体が提供される。 According to still another aspect of the present invention, the step of acquiring the user's biometric information and the biometric authentication verification data from the terminal used for the user's biometric authentication to the computer, and the acquired biometric information. A recording medium in which a program for executing the biometric authentication step and a step of associating the processing result in the biometric authentication with the verification data are recorded is provided.
 本発明によれば、生体認証が適切に実行されているか否かを容易に検証できる情報処理装置、情報処理方法及び記録媒体を提供できる。 According to the present invention, it is possible to provide an information processing device, an information processing method and a recording medium that can easily verify whether or not biometric authentication is properly executed.
第1実施形態における情報処理システムの全体構成例を示す概略図である。It is a schematic diagram which shows the whole structure example of the information processing system in 1st Embodiment. 第1実施形態におけるトークンID情報DBが記憶する情報の一例を示す図である。It is a figure which shows an example of the information stored in the token ID information DB in 1st Embodiment. 第1実施形態における通過履歴情報DBが記憶する情報の一例を示す図である。It is a figure which shows an example of the information stored in the passage history information DB in 1st Embodiment. 第1実施形態における業務情報DBが記憶する情報の一例を示す図である。It is a figure which shows an example of the information stored in the business information DB in 1st Embodiment. 第1実施形態における認証履歴情報DBが記憶する情報の一例を示す図である。It is a figure which shows an example of the information stored in the authentication history information DB in 1st Embodiment. 第1実施形態における管理サーバの機能ブロック図である。It is a functional block diagram of the management server in 1st Embodiment. 第1実施形態における生体認証用端末が管理サーバへ送信するリクエストデータのデータ構造の一例を示す図である。It is a figure which shows an example of the data structure of the request data transmitted to the management server by the biometric authentication terminal in 1st Embodiment. 第1実施形態における管理サーバが生体認証用端末へ送信するレスポンスデータのデータ構造の一例を示す図である。It is a figure which shows an example of the data structure of the response data which the management server in 1st Embodiment sends to a biometric authentication terminal. 第1実施形態における管理サーバのハードウェア構成の一例を示すブロック図である。It is a block diagram which shows an example of the hardware composition of the management server in 1st Embodiment. 第1実施形態におけるチェックイン端末のハードウェア構成の一例を示すブロック図である。It is a block diagram which shows an example of the hardware composition of the check-in terminal in 1st Embodiment. 第1実施形態における自動手荷物預け機のハードウェア構成の一例を示すブロック図である。It is a block diagram which shows an example of the hardware composition of the automatic baggage deposit machine in 1st Embodiment. 第1実施形態における保安検査装置のハードウェア構成の一例を示すブロック図である。It is a block diagram which shows an example of the hardware composition of the security inspection apparatus in 1st Embodiment. 第1実施形態における自動化ゲート装置のハードウェア構成の一例を示すブロック図である。It is a block diagram which shows an example of the hardware composition of the automated gate apparatus in 1st Embodiment. 第1実施形態における搭乗ゲート装置のハードウェア構成の一例を示すブロック図である。It is a block diagram which shows an example of the hardware composition of the boarding gate apparatus in 1st Embodiment. 第1実施形態におけるチェックイン端末及び管理サーバの処理の一例を示すシーケンス図である。It is a sequence diagram which shows an example of the process of the check-in terminal and the management server in 1st Embodiment. 第1実施形態におけるチェックイン端末が管理サーバへ送信するリクエストデータの一例を示す図である。It is a figure which shows an example of the request data which a check-in terminal sends to a management server in 1st Embodiment. 第1実施形態における管理サーバがチェックイン端末へ送信するレスポンスデータの一例を示す図である。It is a figure which shows an example of the response data which the management server in 1st Embodiment sends to a check-in terminal. 第1実施形態における自動手荷物預け機及び管理サーバの処理の一例を示すシーケンス図である。It is a sequence diagram which shows an example of the processing of the automatic baggage deposit machine and the management server in 1st Embodiment. 第1実施形態における管理サーバの検証処理の一例を示すフローチャートである。It is a flowchart which shows an example of the verification process of the management server in 1st Embodiment. 第2実施形態における情報処理システムの全体構成例を示すブロック図である。It is a block diagram which shows the whole structure example of the information processing system in 2nd Embodiment. 第2実施形態における利用者情報DBが記憶する情報の一例を示す図である。It is a figure which shows an example of the information stored in the user information DB in 2nd Embodiment. 第2実施形態における生体認証用端末のハードウェア構成の一例を示すブロック図である。It is a block diagram which shows an example of the hardware composition of the biometric authentication terminal in 2nd Embodiment. 第2実施形態における管理者端末のハードウェア構成の一例を示すブロック図である。It is a block diagram which shows an example of the hardware composition of the administrator terminal in 2nd Embodiment. 第2実施形態における情報処理システムの機能ブロック図である。It is a functional block diagram of the information processing system in 2nd Embodiment. 第2実施形態における検証用データに含まれるデータ項目の一例を示す図である。It is a figure which shows an example of the data item included in the verification data in 2nd Embodiment. 第2実施形態における生体認証用端末及び管理サーバの処理の一例を示すシーケンス図である。It is a sequence diagram which shows an example of the process of the biometric authentication terminal and the management server in 2nd Embodiment. 第2実施形態における生体認証用端末に表示される検証用データ入力画面の一例を示す図である。It is a figure which shows an example of the verification data input screen displayed on the biometric authentication terminal in 2nd Embodiment. 第2実施形態における管理サーバの検証処理の一例を示すフローチャートである。It is a flowchart which shows an example of the verification process of the management server in 2nd Embodiment. 第2実施形態における管理者端末に表示される検証条件指定画面の一例を示す図である。It is a figure which shows an example of the verification condition specification screen displayed on the administrator terminal in 2nd Embodiment. 第2実施形態における管理者端末に表示される検証結果表示画面の一例を示す図である。It is a figure which shows an example of the verification result display screen displayed on the administrator terminal in 2nd Embodiment. 第3実施形態における情報処理装置の構成を示すブロック図である。It is a block diagram which shows the structure of the information processing apparatus in 3rd Embodiment.
 以下、図面を参照して、本発明の例示的な実施形態を説明する。図面において同様の要素又は対応する要素には同一の符号を付し、その説明を省略又は簡略化することがある。 Hereinafter, exemplary embodiments of the present invention will be described with reference to the drawings. Similar elements or corresponding elements may be designated by the same reference numerals in the drawings, and the description thereof may be omitted or simplified.
<第1実施形態>
 図1は、本実施形態における情報処理システム1の全体構成例を示す概略図である。情報処理システム1は、空港Aを利用する利用者(渡航客)Uに対して行われる一連の審査手続に関する業務を支援するコンピュータシステムである。情報処理システム1は、例えば、入出国の管理局等の公的機関又はその機関から業務の委託を受けた受託者により運用される。 <First Embodiment>
FIG. 1 is a schematic diagram showing an overall configuration example of the information processing system 1 according to the present embodiment. The information processing system 1 is a computer system that supports operations related to a series of examination procedures performed on a user (traveler) U who uses the airport A. The information processing system 1 is operated by, for example, a public institution such as an immigration control bureau or a trustee entrusted with the business by the institution.
 本実施形態の情報処理システム1では、共通の管理サーバ10に対して、チェックイン端末20、自動手荷物預け機30、保安検査装置40、自動化ゲート装置50及び搭乗ゲート装置60がネットワークNWを介してそれぞれ接続される。ネットワークNWは、空港Aの構内通信網を含むLAN(Local Area Network)、WAN(Wide Area Network)、移動体通信網等により構成されている。接続方式は、有線方式に限らず、無線方式でもよい。なお、図1では、説明の便宜上、空港Aからの出国時の手続に使用される端末装置のみを図示している。また、本実施形態では、チェックイン端末20、自動手荷物預け機30、保安検査装置40、自動化ゲート装置50及び搭乗ゲート装置60の端末をエッジ端末200と総称する場合もある。 In the information processing system 1 of the present embodiment, the check-in terminal 20, the automatic baggage deposit machine 30, the security inspection device 40, the automated gate device 50, and the boarding gate device 60 are connected to the common management server 10 via the network NW. Each is connected. The network NW is composed of a LAN (Local Area Network) including an airport A premises communication network, a WAN (Wide Area Network), a mobile communication network, and the like. The connection method is not limited to the wired method and may be a wireless method. Note that FIG. 1 illustrates only the terminal device used for the procedure at the time of departure from the airport A for convenience of explanation. Further, in the present embodiment, the terminals of the check-in terminal 20, the automatic baggage deposit machine 30, the security inspection device 40, the automated gate device 50, and the boarding gate device 60 may be collectively referred to as an edge terminal 200.
 管理サーバ10は、利用者Uの入出国時における審査手続に関する業務を管理する情報処理装置である。管理サーバ10は、例えば、空港Aを運営する空港会社、航空会社等の施設内に設置されている。また、管理サーバ10は、実際に業務が行われる施設内に設置されるサーバではなく、クラウドサーバとしてもよい。なお、管理サーバ10は、単一のサーバである必要はなく、複数のサーバを含むサーバ群として構成されたものであってもよい。 The management server 10 is an information processing device that manages operations related to examination procedures at the time of entry and departure of user U. The management server 10 is installed in, for example, a facility of an airport company, an airline company, or the like that operates the airport A. Further, the management server 10 may be a cloud server instead of a server installed in a facility where business is actually performed. The management server 10 does not have to be a single server, and may be configured as a server group including a plurality of servers.
 図1に示すように、空港Aにおける出国時の審査手続は、5箇所のタッチポイントTP1~TP5において順次実施される。以下、各装置とタッチポイントTP1~TP5との関係について説明する。 As shown in FIG. 1, the examination procedure at the time of departure at Airport A is carried out sequentially at the five touch points TP1 to TP5. Hereinafter, the relationship between each device and the touch points TP1 to TP5 will be described.
 チェックイン端末20は、空港A内のチェックインロビー(以下、「タッチポイントTP1」という。)に設置されている。チェックイン端末20は、利用者Uが自身で操作することによって、チェックイン手続を行うためのセルフ端末である。チェックイン端末20は、CUSS(Common Use Self Service)端末とも呼ばれている。利用者Uは、タッチポイントTP1におけるチェックイン手続を完了すると、手荷物の預け場所あるいは保安検査場へ移動する。 The check-in terminal 20 is installed in the check-in lobby (hereinafter referred to as "touch point TP1") in the airport A. The check-in terminal 20 is a self-terminal for performing a check-in procedure by the user U operating by himself / herself. The check-in terminal 20 is also called a CUSS (Comon Use Self Service) terminal. When the user U completes the check-in procedure at the touch point TP1, the user U moves to the baggage deposit place or the security checkpoint.
 自動手荷物預け機30は、空港A内の手荷物カウンタ(有人カウンタ)の隣接領域あるいはチェックイン端末20の近傍領域(以下、「タッチポイントTP2」という。)に設置されている。自動手荷物預け機30は、利用者Uが自身で操作することにより、航空機内に持ち込まない手荷物を預ける手続(手荷物預け手続)を行うためのセルフ端末である。自動手荷物預け機30は、CUBD(Common Use Bag Drop)端末とも呼ばれている。利用者Uは、手荷物預け手続を完了すると、保安検査場へ移動する。なお、利用者Uが、手荷物を預けない場合には、タッチポイントTP2での手続は省略される。 The automatic baggage deposit machine 30 is installed in an area adjacent to the baggage counter (manned counter) in the airport A or an area near the check-in terminal 20 (hereinafter referred to as "touch point TP2"). The automatic baggage deposit machine 30 is a self-terminal for performing a procedure (baggage deposit procedure) for depositing baggage that is not brought into the aircraft by the user U operating by himself / herself. The automatic baggage deposit machine 30 is also called a CUBD (Comon Use Bag Drop) terminal. When the user U completes the baggage check-in procedure, he / she moves to the security checkpoint. If the user U does not check in the baggage, the procedure at the touch point TP2 is omitted.
 保安検査装置40は、空港A内の保安検査場(以下、「タッチポイントTP3」という。)に設置されている。保安検査装置40は、利用者Uについて金属探知機により危険物となりうる金属類を身につけているか否かを確認する装置である。なお、本実施形態における“保安検査装置”の語句は、金属探知機だけでなく、X線を用いて機内持ち込みの手荷物等の中の危険物の有無を確認するX線検査装置や、保安検査場の入口において利用者Uの通過可否を判定する旅客通過確認システム(PRS:Passenger Reconciliation System)の端末装置等も含む意味で使用する。利用者Uは、タッチポイントTP3において保安検査装置40による保安検査手続を完了すると、出国審査場へ移動する。 The security inspection device 40 is installed at the security inspection site (hereinafter referred to as "touch point TP3") in Airport A. The security inspection device 40 is a device for confirming whether or not the user U is wearing metals that can be dangerous substances by using a metal detector. The phrase "security inspection device" in this embodiment is not limited to metal detectors, but also includes X-ray inspection devices that use X-rays to check for dangerous substances in carry-on baggage, etc., and security inspections. It is used in the sense that it also includes a terminal device of a passenger passage confirmation system (PRS: Passenger Recognition System) that determines whether or not the user U can pass at the entrance of the venue. When the user U completes the security inspection procedure by the security inspection device 40 at the touch point TP3, the user U moves to the immigration checkpoint.
 自動化ゲート装置50は、空港A内の出国審査場(以下、「タッチポイントTP4」という。)に設置されている。自動化ゲート装置50は、利用者Uの出国審査手続を自動的に行う装置である。利用者Uは、タッチポイントTP4における出国審査手続を完了すると、免税店や搭乗ゲートが設けられている出国エリアへ移動する。 The automated gate device 50 is installed at the immigration checkpoint (hereinafter referred to as "touch point TP4") in Airport A. The automated gate device 50 is a device that automatically performs the departure examination procedure of the user U. After completing the departure examination procedure at Touchpoint TP4, User U moves to the departure area where duty-free shops and boarding gates are provided.
 搭乗ゲート装置60は、出国エリアの搭乗ゲート(以下、「タッチポイントTP5」という。)ごとに設置された通行制御装置である。搭乗ゲート装置60は、ABG(Automated Boarding Gates)端末とも呼ばれている。搭乗ゲート装置60は、利用者Uが搭乗ゲートから搭乗可能な航空機の搭乗者であることを確認する。利用者Uは、タッチポイントTP5における手続を完了すると、航空機に搭乗し、第2国へ向けて第1国を出国する。 The boarding gate device 60 is a traffic control device installed for each boarding gate in the departure area (hereinafter referred to as "touch point TP5"). The boarding gate device 60 is also called an ABG (Automated Boarding Gates) terminal. The boarding gate device 60 confirms that the user U is a passenger of an aircraft that can board from the boarding gate. After completing the procedure at Touchpoint TP5, User U boarded the aircraft and left the first country for the second country.
 また、図1に示すように、管理サーバ10は、トークンID情報DB11、通過履歴情報DB12、業務情報DB13及び認証履歴情報DB14を有している。なお、管理サーバ10が有するデータベースは、これらのデータベースに限られない。 Further, as shown in FIG. 1, the management server 10 has a token ID information DB 11, a passage history information DB 12, a business information DB 13, and an authentication history information DB 14. The database of the management server 10 is not limited to these databases.
 図2は、トークンID情報DB11が記憶する情報の一例を示す図である。トークンID情報DB11は、トークンID、グループID、登録顔画像、特徴量、トークン発行時刻、トークン発行デバイス名、無効フラグ及び無効化時刻をデータ項目としている。トークンIDは、ID情報を一意に識別する識別子である。本実施形態におけるトークンIDは、タッチポイントTP1において旅券を所持する利用者Uを撮影した顔画像と旅券から読み取られた旅券顔画像との照合結果が一致することを条件として一時的に発行される。そして、利用者UがタッチポイントTP5(搭乗ゲート)での手続を終えたときに、トークンIDは無効化される。すなわち、トークンIDは、永続的に使用される識別子ではなく、有効期間(ライフサイクル)を有するワンタイムIDである。 FIG. 2 is a diagram showing an example of information stored in the token ID information DB 11. The token ID information DB 11 includes a token ID, a group ID, a registered face image, a feature amount, a token issuing time, a token issuing device name, an invalid flag, and an invalidation time as data items. The token ID is an identifier that uniquely identifies the ID information. The token ID in the present embodiment is temporarily issued on condition that the collation result of the face image of the user U holding the passport at the touch point TP1 and the passport face image read from the passport match. .. Then, when the user U completes the procedure at the touch point TP5 (boarding gate), the token ID is invalidated. That is, the token ID is not an identifier that is used permanently, but a one-time ID that has a valid period (life cycle).
 グループIDは、ID情報をグループ分けするための識別子である。登録顔画像は、利用者Uについて登録された顔画像である。特徴量は、生体情報(登録顔画像)から抽出される値である。なお、本実施形態における生体情報の語句は、顔画像及び顔画像から抽出される特徴量を意味するものとするが、生体情報は顔画像及び顔特徴量に限られない。すなわち、利用者Uの生体情報として、虹彩画像、指紋画像、掌紋画像及び耳介画像等を用いて生体認証を行ってもよい。 The group ID is an identifier for grouping the ID information. The registered face image is a face image registered for the user U. The feature amount is a value extracted from biological information (registered face image). The phrase of the biological information in the present embodiment means the facial image and the feature amount extracted from the facial image, but the biological information is not limited to the facial image and the facial feature amount. That is, biometric authentication may be performed using an iris image, a fingerprint image, a palm print image, an auricle image, or the like as the biometric information of the user U.
 トークン発行時刻は、管理サーバ10がトークンIDを発行した時刻である。トークン発行デバイス名は、トークンIDの発行の契機となった登録顔画像の取得元のデバイス名である。無効フラグは、トークンIDが現時点で有効であるか否かを示すフラグ情報である。本実施形態における無効フラグは、トークンIDが発行されると、例えばトークンIDが有効な状態を示す“1”の値になる。また、無効フラグは、所定の条件を満たすと、例えばトークンIDが無効な状態を示す“0”の値に更新される。無効化時刻は、無効フラグが無効化されたときのタイムスタンプである。 The token issuance time is the time when the management server 10 issues the token ID. The token issuing device name is the device name of the acquisition source of the registered face image that triggered the issuance of the token ID. The invalid flag is flag information indicating whether or not the token ID is currently valid. When the token ID is issued, the invalid flag in the present embodiment becomes, for example, a value of "1" indicating a valid state of the token ID. Further, when a predetermined condition is satisfied, the invalid flag is updated to a value of "0" indicating, for example, the token ID is invalid. The invalidation time is the time stamp when the invalidation flag is invalidated.
 図3は、通過履歴情報DB12が記憶する情報の一例を示す図である。通過履歴情報DB12は、通過履歴ID、トークンID、通過時間、デバイス名、業務システム種別及び通過タッチポイントをデータ項目としている。通過履歴IDは、通過履歴情報を一意に識別する識別子である。通過時間は、タッチポイントを通過したときのタイムスタンプである。デバイス名は、タッチポイントにおける手続に使用した業務端末の機体名称である。業務システム種別は、業務端末が属する業務システムの種別である。なお、管理サーバ10は、通過履歴情報をトークンIDごとに抽出することにより、利用者Uがどのタッチポイントまでの手続を完了しているのかを把握できる。 FIG. 3 is a diagram showing an example of information stored in the passage history information DB 12. The passage history information DB 12 includes a passage history ID, a token ID, a passage time, a device name, a business system type, and a passage touch point as data items. The passage history ID is an identifier that uniquely identifies the passage history information. The transit time is a time stamp when the touch point is passed. The device name is the machine name of the business terminal used for the procedure at the touch point. The business system type is the type of the business system to which the business terminal belongs. By extracting the passage history information for each token ID, the management server 10 can grasp to which touch point the user U has completed the procedure.
 図4は、業務情報DB13が記憶する情報の一例を示す図である。業務情報DB13は、トークンID、搭乗者名、予約番号、出発地、目的地、エアラインコード、便名、運行年月日、シート番号、国籍、旅券番号、姓、名、生年月日及び性別をデータ項目としている。このように、業務情報DB13は、所定の業務に関する業務情報をトークンIDごとに記憶している。本実施形態において、「所定の業務」とはタッチポイントTP1~TP5でそれぞれ行われる手続業務を意味する。 FIG. 4 is a diagram showing an example of information stored in the business information DB 13. The business information DB 13 includes a token ID, passenger name, reservation number, departure place, destination, airline code, flight number, operation date, seat number, nationality, passport number, surname, first name, date of birth and gender. Is a data item. In this way, the business information DB 13 stores business information related to a predetermined business for each token ID. In the present embodiment, the "predetermined work" means the procedure work performed at the touch points TP1 to TP5, respectively.
 予約番号は、搭乗予約情報を一意に識別する識別子である。エアラインコードは、航空会社を一意に識別する識別子である。業務情報に含まれている搭乗予約情報は、搭乗者名、予約番号、出発地、目的地、エアラインコード、便名、運行年月日、シート番号、国籍、旅券番号、姓、名、生年月日及び性別等が挙げられる。搭乗予約情報は、旅券及び搭乗券等の記録媒体から取得できる。また、搭乗予約情報は、航空会社の予約システム(不図示)からも旅券番号又は予約番号等をキーとして取得できる。そして、取得された搭乗予約情報は、業務情報DB13において業務情報として記憶される。 The reservation number is an identifier that uniquely identifies the boarding reservation information. An airline code is an identifier that uniquely identifies an airline. The boarding reservation information included in the business information includes passenger name, reservation number, departure place, destination, airline code, flight number, date of operation, seat number, nationality, passport number, surname, first name, year of birth. Date and gender can be mentioned. Boarding reservation information can be obtained from recording media such as passports and boarding passes. The boarding reservation information can also be obtained from the airline reservation system (not shown) using the passport number or reservation number as a key. Then, the acquired boarding reservation information is stored as business information in the business information DB 13.
 図5は、認証履歴情報DB14が記憶する情報の一例を示す図である。認証履歴情報DB14は、認証履歴ID、認証日時、認証結果、照合スコア、検証用データ(1)~(n)をデータ項目としている。認証結果は、認証処理の成否である。照合スコアは、利用者Uから取得された対象顔画像と登録者について予め登録されている登録顔画像との類似度を示すスコアである。照合スコアが所定の閾値以上の場合には、管理サーバ10は照合対象者が登録者と同一人物であると認証できる。検証用データ(1)~(n)は、各利用者Uに対する生体認証が適切に実行されたか否かを検証するためのデータである。検証用データ(1)~(n)としては、利用者Uの属性情報や生体画像の撮影条件(生体情報の取得条件)が挙げられる。 FIG. 5 is a diagram showing an example of information stored in the authentication history information DB 14. The authentication history information DB 14 includes the authentication history ID, the authentication date and time, the authentication result, the verification score, and the verification data (1) to (n) as data items. The authentication result is the success or failure of the authentication process. The collation score is a score indicating the degree of similarity between the target face image acquired from the user U and the registered face image registered in advance for the registrant. When the collation score is equal to or higher than a predetermined threshold value, the management server 10 can authenticate that the collation target person is the same person as the registrant. The verification data (1) to (n) are data for verifying whether or not the biometric authentication for each user U is properly executed. Examples of the verification data (1) to (n) include attribute information of the user U and shooting conditions (biological information acquisition conditions) of the biological image.
 図6は、管理サーバ10の機能ブロック図である。同図に示されるように、管理サーバ10は、記憶部10A、送受信部10B、データ抽出部10C、生体認証部10D、トークンID発行部10E、業務処理部10F、検証部10Gを有する。なお、管理サーバ10の機能は、図示されたものに限られない。 FIG. 6 is a functional block diagram of the management server 10. As shown in the figure, the management server 10 has a storage unit 10A, a transmission / reception unit 10B, a data extraction unit 10C, a biometric authentication unit 10D, a token ID issuing unit 10E, a business processing unit 10F, and a verification unit 10G. The function of the management server 10 is not limited to that shown in the figure.
 記憶部10Aは、上述したトークンID情報、通過履歴情報、業務情報及び認証履歴情報等を記憶する。 The storage unit 10A stores the above-mentioned token ID information, passage history information, business information, authentication history information, and the like.
 送受信部10Bは、エッジ端末200からリクエストデータD1を受信するとともに、管理サーバ10における処理結果をレスポンスデータD2としてエッジ端末200へ送信する。なお、本実施形態におけるエッジ端末200としては、チェックイン端末20、自動手荷物預け機30、保安検査装置40、自動化ゲート装置50及び搭乗ゲート装置60の各端末装置が該当する。 The transmission / reception unit 10B receives the request data D1 from the edge terminal 200 and transmits the processing result in the management server 10 to the edge terminal 200 as the response data D2. The edge terminal 200 in the present embodiment corresponds to each terminal device of the check-in terminal 20, the automatic baggage deposit machine 30, the security inspection device 40, the automated gate device 50, and the boarding gate device 60.
 データ抽出部10Cは、受信されたリクエストデータD1に含まれるコマンドに基づいて呼び出し対象のAPIを判定し、リクエストデータD1に含まれる制御データ、顔認証用データ及び業務データを抽出して各APIに振り分ける。また、データ抽出部10Cは、リクエストデータD1に含まれる検証用データを抽出して記憶部10Aに格納する。 The data extraction unit 10C determines the API to be called based on the command included in the received request data D1, extracts the control data, the face recognition data, and the business data included in the request data D1 to each API. Sort. Further, the data extraction unit 10C extracts the verification data included in the request data D1 and stores it in the storage unit 10A.
 生体認証部10Dは、データ抽出部10Cにおいてコマンド内容が“トークンIDの発行要求”を示すと判定された場合には、リクエストデータD1から抽出された対象顔画像と旅券顔画像とを照合する。また、生体認証部10Dは、データ抽出部10Cにおいてコマンド内容が“顔認証の実行要求”を示すと判定された場合には、リクエストデータD1から抽出された対象顔画像を記憶部10Aに記憶されている登録者の顔画像(登録顔画像)と照合する。 When the data extraction unit 10C determines that the command content indicates a "token ID issuance request", the biometric authentication unit 10D collates the target face image extracted from the request data D1 with the passport face image. Further, when the biometric authentication unit 10D determines in the data extraction unit 10C that the command content indicates a "face authentication execution request", the biometric authentication unit 10D stores the target face image extracted from the request data D1 in the storage unit 10A. Check with the face image (registered face image) of the registered registrant.
 トークンID発行部10Eは、生体認証部10Dにおける対象顔画像と旅券顔画像との照合結果が照合一致の場合には、利用者Uに対してトークンIDを発行する。 The token ID issuing unit 10E issues a token ID to the user U when the collation result of the target face image and the passport face image in the biometric authentication unit 10D are collated and matched.
 業務処理部10Fは、業務に関するデータ処理を実行するX(X≧1)個のAPIの集合体であり、データ抽出部10Cによって呼び出される。例えば、送受信部10Bが自動手荷物預け機30からリクエストデータD1を受信した場合には、データ抽出部10Cは、まず生体認証部10Dを呼出して照合処理を実行させ、その照合結果に基づいて手荷物預け手続に関する業務APIを呼び出す。データ抽出部10Cによって抽出されたデータによって生体認証部10Dや任意の業務APIを起動できるため、顔認証技術を様々な業務へ容易に適用できる。 The business processing unit 10F is a collection of X (X ≧ 1) APIs that execute data processing related to business, and is called by the data extraction unit 10C. For example, when the transmission / reception unit 10B receives the request data D1 from the automatic baggage deposit machine 30, the data extraction unit 10C first calls the biometric authentication unit 10D to execute the collation process, and the baggage deposit is based on the collation result. Call the business API related to the procedure. Since the biometric authentication unit 10D and any business API can be activated by the data extracted by the data extraction unit 10C, the face authentication technology can be easily applied to various business operations.
 検証部10Gは、検証用データに基づいて認証結果を検証する。具体的には、検証部10Gは、検証用データに含まれるデータ項目ごとに照合スコアの平均値や認証率を統計処理により算出する。統計処理においては、平均、標準偏差、分散、相関の値が適宜算出される。これにより、検証部10Gは、認証結果とデータ項目との因果関係を分析する。 The verification unit 10G verifies the authentication result based on the verification data. Specifically, the verification unit 10G calculates the average value of the collation score and the authentication rate for each data item included in the verification data by statistical processing. In the statistical processing, the values of mean, standard deviation, variance, and correlation are calculated as appropriate. As a result, the verification unit 10G analyzes the causal relationship between the authentication result and the data item.
 図7は、エッジ端末200が管理サーバ10へ送信するリクエストデータD1のデータ構造を説明する図である。リクエストデータD1は、ヘッダー部H1及びボディ部B1から構成されている。ヘッダー部H1は、通信プロトコル、認証情報、リクエストメソッド(POSTやGET等)、コマンド及びリソースのメディアタイプの情報等の制御データを格納する領域である。 FIG. 7 is a diagram illustrating a data structure of request data D1 transmitted by the edge terminal 200 to the management server 10. The request data D1 is composed of a header portion H1 and a body portion B1. The header unit H1 is an area for storing control data such as communication protocol, authentication information, request method (POST, GET, etc.), command and resource media type information, and the like.
 ボディ部B1は、制御データB11、検証用データB12、顔認証用データB13、及び業務データB14を格納する領域である。制御データB11は、業務APIの動作を制御するためのデータであり、業務に依存しないデータ項目からなる。制御データB11は、ヘッダー部H1に格納されている制御データとは制御対象が異なるものとする。ヘッダー部H1の制御データは、業務データの登録処理、業務データの検索処理、トークンIDの発行処理、及び生体認証の少なくとも1つに関する実行コマンドを含む。これに対し、ボディ部B1の制御データB11は、リクエストデータD1の送信元のデバイス名、システム種別及びロケーション等のデータ項目を含む。検証用データB12は、管理サーバ10における認証結果を後から検証するためのデータであり、生体情報の取得時の条件を示すデータ項目からなる。 The body portion B1 is an area for storing control data B11, verification data B12, face authentication data B13, and business data B14. The control data B11 is data for controlling the operation of the business API, and is composed of data items that do not depend on the business. It is assumed that the control data B11 has a different control target from the control data stored in the header unit H1. The control data of the header unit H1 includes an execution command relating to at least one of a business data registration process, a business data search process, a token ID issuance process, and biometric authentication. On the other hand, the control data B11 of the body portion B1 includes data items such as a device name, a system type, and a location of the source of the request data D1. The verification data B12 is data for later verifying the authentication result in the management server 10, and includes data items indicating conditions at the time of acquisition of biometric information.
 また、図7において、顔認証用データB13としては、旅券顔画像データと撮影顔画像データの2つが格納されている。また、業務データB14は、n(n≧1)個の業務データをカプセル化したデータ群であり、業務データB14に対して1つのラベルが付与されている。業務データB14において、個々の業務データ(1)~(n)は下位の階層に格納されており、業務処理部10Fの処理に用いられる。また、業務データ(1)~(n)に対しては、データ項目を識別可能にするために、それぞれラベルが付与されている。 Further, in FIG. 7, two face authentication data B13, a passport face image data and a photographed face image data, are stored. Further, the business data B14 is a data group in which n (n ≧ 1) business data are encapsulated, and one label is given to the business data B14. In the business data B14, the individual business data (1) to (n) are stored in a lower layer and are used for processing of the business processing unit 10F. Further, each of the business data (1) to (n) is given a label so that the data item can be identified.
 図8は、管理サーバ10がエッジ端末200へ送信するレスポンスデータD2のデータ構造を説明する図である。レスポンスデータD2は、ヘッダー部H2及びボディ部B2から構成されている。リクエストデータD1の場合と異なり、レスポンスデータD2は検証用データ及び顔認証用データを含まない。また、ボディ部B2は、制御データB21及び業務データB22を格納する領域である。なお、ヘッダー部H2及びボディ部B2の構成は、図7に示されるヘッダー部H1及びボディ部B1と同様であるが、格納されるデータ項目の種類は必ずしも一致しなくてもよい。 FIG. 8 is a diagram illustrating the data structure of the response data D2 transmitted by the management server 10 to the edge terminal 200. The response data D2 is composed of a header portion H2 and a body portion B2. Unlike the case of the request data D1, the response data D2 does not include the verification data and the face authentication data. Further, the body portion B2 is an area for storing the control data B21 and the business data B22. The configurations of the header portion H2 and the body portion B2 are the same as those of the header portion H1 and the body portion B1 shown in FIG. 7, but the types of stored data items do not necessarily have to match.
 続いて、図9乃至図14を参照しながら、情報処理システム1を構成する各機器のハードウェア構成を説明する。なお、図9乃至図14において同一名称であって符号のみが異なる機器については、同等の機能を備える機器であるため、後続の図面においては詳細な説明を省略するものとする。 Subsequently, the hardware configuration of each device constituting the information processing system 1 will be described with reference to FIGS. 9 to 14. Note that the devices having the same name but different codes in FIGS. 9 to 14 have the same functions, and therefore detailed description thereof will be omitted in the subsequent drawings.
 図9は、管理サーバ10のハードウェア構成の一例を示すブロック図である。同図に示すように、管理サーバ10は、CPU(Central Processing Unit)101、RAM(Random Access Memory)102、記憶装置103及び通信I/F104を有している。各装置は、バスライン105に接続されている。 FIG. 9 is a block diagram showing an example of the hardware configuration of the management server 10. As shown in the figure, the management server 10 has a CPU (Central Processing Unit) 101, a RAM (Random Access Memory) 102, a storage device 103, and a communication I / F 104. Each device is connected to the bus line 105.
 CPU101は、記憶装置103に記憶されたプログラムに従って所定の動作を行うとともに、管理サーバ10の各部を制御する機能を有するプロセッサである。管理サーバ10において、CPU101は、上述した送受信部10B、データ抽出部10C、生体認証部10D、トークンID発行部10E、業務処理部10F及び検証部10Gとして機能する。RAM102は、揮発性記憶媒体から構成され、CPU101の動作に必要な一時的なメモリ領域を提供する。 The CPU 101 is a processor having a function of performing a predetermined operation according to a program stored in the storage device 103 and controlling each part of the management server 10. In the management server 10, the CPU 101 functions as the transmission / reception unit 10B, the data extraction unit 10C, the biometric authentication unit 10D, the token ID issuing unit 10E, the business processing unit 10F, and the verification unit 10G described above. The RAM 102 is composed of a volatile storage medium and provides a temporary memory area necessary for the operation of the CPU 101.
 記憶装置103は、不揮発性メモリ、ハードディスクドライブ等の記憶媒体により構成され、記憶部10Aとして機能する。記憶装置103は、CPU101により実行されるプログラム、そのプログラムの実行の際にCPU101により参照されるデータ等を記憶する。 The storage device 103 is composed of a storage medium such as a non-volatile memory and a hard disk drive, and functions as a storage unit 10A. The storage device 103 stores a program executed by the CPU 101, data referred to by the CPU 101 when the program is executed, and the like.
 通信I/F104は、イーサネット(登録商標)、Wi-Fi(登録商標)、4G等の規格に基づく通信インターフェースであり、チェックイン端末20等との通信を行うためのモジュールである。通信I/F104は、CPU101とともに送受信部10Bとして機能する。 The communication I / F 104 is a communication interface based on standards such as Ethernet (registered trademark), Wi-Fi (registered trademark), and 4G, and is a module for communicating with the check-in terminal 20 and the like. The communication I / F 104 functions as a transmission / reception unit 10B together with the CPU 101.
 図10は、チェックイン端末20のハードウェア構成の一例を示すブロック図である。同図に示すように、チェックイン端末20は、CPU201、RAM202、記憶装置203、通信I/F204、入力装置206、表示装置207、媒体読取装置208及び生体情報取得装置209を有している。各装置は、バスライン205に接続されている。 FIG. 10 is a block diagram showing an example of the hardware configuration of the check-in terminal 20. As shown in the figure, the check-in terminal 20 includes a CPU 201, a RAM 202, a storage device 203, a communication I / F 204, an input device 206, a display device 207, a medium reading device 208, and a biological information acquisition device 209. Each device is connected to bus line 205.
 入力装置206は、例えばタッチパネル等のポインティングデバイスや、キーボード等である。本実施形態のチェックイン端末20では、表示装置207及び入力装置206は、タッチパネルとして一体に形成されているものとする。表示装置207は、液晶表示装置、OLED(Organic Light Emitting Diode)表示装置等であって、動画、静止画、文字等の表示に用いられる。 The input device 206 is, for example, a pointing device such as a touch panel, a keyboard, or the like. In the check-in terminal 20 of the present embodiment, the display device 207 and the input device 206 are integrally formed as a touch panel. The display device 207 is a liquid crystal display device, an OLED (Organic Light Emitting Diode) display device, or the like, and is used for displaying moving images, still images, characters, and the like.
 媒体読取装置208は、利用者Uの旅券や航空券等の媒体を読み取って媒体に記録された情報を取得する装置である。航空券媒体としては、例えば、紙の航空券、eチケットの控えを表示する携帯端末等が挙げられる。媒体読取装置208は、例えば、コードリーダ、イメージスキャナ、非接触IC(Integrated Circuit)リーダ、OCR(Optical Character Reader)装置等により構成され、その読取部にかざされた各種媒体から情報を取得する。 The medium reading device 208 is a device that reads a medium such as a passport or an airline ticket of the user U and acquires the information recorded on the medium. Examples of the ticket medium include a paper ticket, a mobile terminal for displaying a copy of an e-ticket, and the like. The medium reading device 208 is composed of, for example, a code reader, an image scanner, a non-contact IC (Integrated Circuit) reader, an OCR (Optical Character Reader) device, and the like, and acquires information from various media held over the reading unit.
 生体情報取得装置209は、利用者Uの生体情報として利用者Uの顔画像を取得する装置である。生体情報取得装置209は、例えば、チェックイン端末20の前に立つ利用者Uの顔を撮影するデジタルカメラであり、利用者Uの顔を撮影してその顔画像を取得する。 The biometric information acquisition device 209 is a device that acquires the face image of the user U as the biometric information of the user U. The biological information acquisition device 209 is, for example, a digital camera that photographs the face of the user U standing in front of the check-in terminal 20, and photographs the face of the user U to acquire the face image.
 図11は、自動手荷物預け機30のハードウェア構成の一例を示すブロック図である。同図に示すように、自動手荷物預け機30は、CPU301、RAM302、記憶装置303、通信I/F304、入力装置306、表示装置307、媒体読取装置308、生体情報取得装置309、手荷物搬送装置310及び出力装置311を有している。各装置は、バスライン305に接続されている。 FIG. 11 is a block diagram showing an example of the hardware configuration of the automatic baggage deposit machine 30. As shown in the figure, the automatic baggage depositor 30 includes a CPU 301, a RAM 302, a storage device 303, a communication I / F 304, an input device 306, a display device 307, a medium reader 308, a biometric information acquisition device 309, and a baggage transfer device 310. And has an output device 311. Each device is connected to bus line 305.
 手荷物搬送装置310は、利用者Uが搭乗する航空機にその手荷物を積み込むために搬送する装置である。手荷物搬送装置310は、利用者Uにより受け取り部に置かれて手荷物タグが付けられた手荷物を荷捌き場所に向けて搬送する。 The baggage transport device 310 is a device that transports the baggage to the aircraft on which the user U is boarding. The baggage transfer device 310 transports the baggage attached to the baggage tag placed in the receiving unit by the user U toward the baggage handling place.
 出力装置311は、預ける手荷物に付ける手荷物タグを出力する装置である。また、出力装置311は、目的地に到着した後に手荷物の引き換えに必要な手荷物引き換え証を出力する。なお、手荷物タグや手荷物引き換え証は、旅券番号、予約番号及びトークンIDの少なくとも1つに関連付けられる。 The output device 311 is a device that outputs a baggage tag attached to checked baggage. In addition, the output device 311 outputs a baggage redemption certificate necessary for baggage redemption after arriving at the destination. The baggage tag and the baggage redemption certificate are associated with at least one of the passport number, the reservation number and the token ID.
 図12は、保安検査装置40のハードウェア構成の一例を示すブロック図である。同図に示すように、保安検査装置40は、CPU401、RAM402、記憶装置403、通信I/F404、入力装置406、表示装置407、媒体読取装置408、生体情報取得装置409及び金属探知ゲート410を有している。各装置は、バスライン405に接続されている。 FIG. 12 is a block diagram showing an example of the hardware configuration of the security inspection device 40. As shown in the figure, the security inspection device 40 includes a CPU 401, a RAM 402, a storage device 403, a communication I / F 404, an input device 406, a display device 407, a medium reading device 408, a biometric information acquisition device 409, and a metal detection gate 410. Have. Each device is connected to a bus line 405.
 金属探知ゲート410は、ゲート型の金属探知機であり、金属探知ゲート410を通過する利用者Uが身に付けている金属類を探知する。 The metal detection gate 410 is a gate type metal detector, and detects metals worn by the user U passing through the metal detection gate 410.
 図13は、自動化ゲート装置50のハードウェア構成の一例を示すブロック図である。自動化ゲート装置50は、CPU501、RAM502、記憶装置503、通信I/F504、入力装置506、表示装置507、媒体読取装置508、生体情報取得装置509及びゲート511を有している。各装置は、バスライン505に接続されている。 FIG. 13 is a block diagram showing an example of the hardware configuration of the automated gate device 50. The automated gate device 50 includes a CPU 501, a RAM 502, a storage device 503, a communication I / F 504, an input device 506, a display device 507, a medium reading device 508, a biometric information acquisition device 509, and a gate 511. Each device is connected to bus line 505.
 ゲート511は、自動化ゲート装置50における利用者Uの本人確認に成功して出国審査を利用者Uが通過した場合に、CPU501による制御に従って、待機時において利用者Uの通行を遮る閉鎖状態から、利用者Uの通行を許可する開放状態へ移行する。ゲート511の方式は、特に限定されるものではなく、例えば、通路の片側又は両側から設けられたフラッパーが開閉するフラッパーゲート、3本バーが回転するターンスタイルゲート等である。 When the user U succeeds in confirming the identity of the user U in the automated gate device 50 and the user U passes the immigration examination, the gate 511 is controlled by the CPU 501 to block the passage of the user U during standby. It shifts to the open state that allows the passage of user U. The method of the gate 511 is not particularly limited, and is, for example, a flapper gate that opens and closes a flapper provided from one side or both sides of the passage, a turnstile gate in which three bars rotate, and the like.
 図14は、搭乗ゲート装置60のハードウェア構成の一例を示すブロック図である。同図に示すように、搭乗ゲート装置60は、CPU601、RAM602、記憶装置603、通信I/F604、入力装置606、表示装置607、生体情報取得装置609及びゲート611を有している。各装置は、バスライン605に接続されている。 FIG. 14 is a block diagram showing an example of the hardware configuration of the boarding gate device 60. As shown in the figure, the boarding gate device 60 includes a CPU 601, a RAM 602, a storage device 603, a communication I / F 604, an input device 606, a display device 607, a biometric information acquisition device 609, and a gate 611. Each device is connected to a bus line 605.
 続いて、図15乃至図19を参照しながら、本実施形態における管理サーバ10、チェックイン端末20及び自動手荷物預け機30の動作を説明する。なお、保安検査装置40、自動化ゲート装置50及び搭乗ゲート装置60の動作は、図18の説明における“自動手荷物預け機”の語句をそれぞれ“自動化ゲート装置”、“自動化ゲート装置”、“搭乗ゲート装置”と読み替えることで理解できるため、詳細な説明を省略する。 Subsequently, the operation of the management server 10, the check-in terminal 20, and the automatic baggage deposit machine 30 in the present embodiment will be described with reference to FIGS. 15 to 19. In the operation of the security inspection device 40, the automated gate device 50, and the boarding gate device 60, the terms "automatic baggage deposit machine" in the description of FIG. 18 are referred to as "automated gate device", "automated gate device", and "boarding gate", respectively. Since it can be understood by reading "device", detailed explanation is omitted.
[チェックイン手続]
 図15は、チェックイン端末20及び管理サーバ10の処理の一例を示すシーケンス図である。この処理は、利用者Uがチェックイン端末20を用いてチェックイン手続を行うときに実行される。 [Check-in procedure]
FIG. 15 is a sequence diagram showing an example of processing of the check-in terminal 20 and the management server 10. This process is executed when the user U performs the check-in procedure using the check-in terminal 20.
 先ず、チェックイン端末20は、利用者Uの航空券媒体が媒体読取装置208の読取部(不図示)にかざされたか否かを判定し(ステップS101)、航空券媒体がかざされるまで待機する(ステップS101、NO)。 First, the check-in terminal 20 determines whether or not the ticket medium of the user U is held over the reading unit (not shown) of the medium reading device 208 (step S101), and waits until the ticket medium is held over. (Step S101, NO).
 次に、チェックイン端末20は、航空券媒体が媒体読取装置208の読取部にかざされたと判定すると(ステップS101、YES)、かざされた航空券媒体から利用者Uの搭乗予約情報を取得する(ステップS102)。取得された搭乗予約情報には、姓、名、エアラインコード、便名、搭乗日、出発地(搭乗空港)、目的地(到着空港)、シート番号、搭乗時間、到着時間等が含まれる。 Next, when the check-in terminal 20 determines that the ticket medium is held over the reading unit of the medium reading device 208 (step S101, YES), the check-in terminal 20 acquires the boarding reservation information of the user U from the held ticket medium. (Step S102). The acquired boarding reservation information includes the family name, first name, airline code, flight number, boarding date, departure place (boarding airport), destination (arrival airport), seat number, boarding time, arrival time and the like.
 次に、チェックイン端末20は、利用者Uの旅券が媒体読取装置208の読取部にかざされたか否かを判定し(ステップS103)、旅券がかざされるまで待機する(ステップS103、NO)。 Next, the check-in terminal 20 determines whether or not the passport of the user U is held over the reading unit of the medium reader 208 (step S103), and waits until the passport is held (step S103, NO).
 次に、チェックイン端末20は、旅券が媒体読取装置208の読取部にかざされたと判定すると(ステップS103、YES)、かざされた旅券から利用者Uの旅券情報を取得する(ステップS104)。取得された旅券情報には、利用者Uの旅券顔画像、本人確認情報、旅券番号、旅券発行国等が含まれる。 Next, when the check-in terminal 20 determines that the passport is held over the reading unit of the medium reader 208 (step S103, YES), the check-in terminal 20 acquires the passport information of the user U from the held passport (step S104). The acquired passport information includes the passport face image of the user U, the identity verification information, the passport number, the passport issuing country, and the like.
 次に、チェックイン端末20は、生体情報取得装置209により利用者Uの顔を撮影し、顔画像を対象顔画像として取得する(ステップS105)。なお、顔画像を撮影する前に、顔画像の撮影に関する案内メッセージを画面に表示し、利用者Uの同意を得ると好適である。 Next, the check-in terminal 20 photographs the face of the user U by the biological information acquisition device 209, and acquires the face image as the target face image (step S105). Before taking the face image, it is preferable to display a guidance message regarding the taking of the face image on the screen and obtain the consent of the user U.
 次に、チェックイン端末20は、顔画像の照合及びトークンIDの発行を要求するリクエストデータを管理サーバ10に送信する(ステップS106)。 Next, the check-in terminal 20 transmits request data requesting face image matching and token ID issuance to the management server 10 (step S106).
 図16は、チェックイン端末20が管理サーバ10へ送信するリクエストデータD1の一例を示す図である。リクエストデータD1は、ヘッダー部H1及びボディ部B1から構成されている。ヘッダー部H1には、トークンIDの発行要求を示すコマンド(“Issue-tokenId”)がURLの最後に記載されている。 FIG. 16 is a diagram showing an example of request data D1 transmitted by the check-in terminal 20 to the management server 10. The request data D1 is composed of a header portion H1 and a body portion B1. In the header portion H1, a command (“Issue-tokenId”) indicating a request for issuing a token ID is described at the end of the URL.
 また、ボディ部B1は、制御データB11、検証用データB12、顔認証用データB13及び業務データB14から構成されている。制御データB11には、空港Aにおける端末のロケーション(“location”)、ターミナル(“terminal”)、デバイス名(“deviceName”)、システムタイプ(“sysType”)、システムベンダーの情報(“sysVender”)、リクエストデータD1の送信時刻(“reqTimeStamp”)、顔画像の撮影に用いたカメラのID(“cameraId”)及びカメラのモデル名(“cameraModel”)の各項目のラベル情報とデータが記載されている。 Further, the body portion B1 is composed of control data B11, verification data B12, face authentication data B13, and business data B14. The control data B11 includes the location of the terminal (“location”), the terminal (“terminal”), the device name (“deviceName”), the system type (“systemType”), and the system vendor information (“system”) at the airport A. , The transmission time of the request data D1 (“reqTimeStamp”), the ID of the camera used for taking the face image (“cameraId”), and the label information and data of each item of the model name of the camera (“cameraModel”) are described. There is.
 検証用データB12には、性別(“Sex”)、年齢(“Age”)、身長(“Height”)、撮影角度(“Angle”)の各項目のラベル情報とデータが記載されている。これらのデータ項目及びデータ値は、後述する検証処理において利用される。例えば、身長が平均値よりもかなり低い(あるいは高い)人物の認証率が低いことや、特定の年齢層の人物の認証率が低いこと等が抽出され得る。 The verification data B12 describes label information and data for each item of gender (“Sex”), age (“Age”), height (“Height”), and shooting angle (“Angle”). These data items and data values are used in the verification process described later. For example, it can be extracted that the authentication rate of a person whose height is considerably shorter (or higher) than the average value is low, or the authentication rate of a person of a specific age group is low.
 また、顔認証用データB13には、旅券顔画像のファイル名(“PassportFaceImage”)、撮影顔画像の撮影時刻(“queryTimeStamp”)、撮影顔画像のファイル名(“queryFaceImage”)の各項目のラベル情報とデータが記載されている。 Further, in the face authentication data B13, labels for each item of the passport face image file name (“PassportFaceImage”), the shooting time of the photographed face image (“quareryTimeStamp”), and the file name of the photographed face image (“quareryFaceImage”). Information and data are provided.
 そして、業務データB14には、1つのラベル(“appdata”)が付与され、開始部分を示す記号(“{”)と終了部分を示す記号(“}”)に囲まれた部分に業務データの各データ項目のラベル情報とデータが階層的に記載されている。 Then, one label (“appdata”) is attached to the business data B14, and the business data is surrounded by a symbol (“{”) indicating a start portion and a symbol (“}”) indicating an end portion. The label information and data of each data item are described hierarchically.
 管理サーバ10は、チェックイン端末20からリクエストデータD1を受信すると、チェックイン端末20で撮影された対象顔画像と、利用者Uの旅券顔画像とを1対1で照合する(ステップS107)。すなわち、図16の例では、管理サーバ10は、ファイル名(“Q201902250000025.jpg”)の撮影顔画像と、ファイル名(“P20190225000001.jpg”)の旅券顔画像とを照合する。 When the management server 10 receives the request data D1 from the check-in terminal 20, the management server 10 collates the target face image taken by the check-in terminal 20 with the passport face image of the user U on a one-to-one basis (step S107). That is, in the example of FIG. 16, the management server 10 collates the photographed face image of the file name (“Q201902250000025.jpg”) with the passport face image of the file name (“P2019225000001.jpg”).
 次に、管理サーバ10は、ステップS107における照合結果(照合スコア)と、認証結果(認証の成否)と、チェックイン端末20から取得した検証用データとを関連付けて認証履歴情報DB14へ登録する(ステップS108)。 Next, the management server 10 associates the verification result (verification score) in step S107, the authentication result (success / failure of authentication), and the verification data acquired from the check-in terminal 20 and registers them in the authentication history information DB 14 ( Step S108).
 次に、管理サーバ10は、対象顔画像と旅券顔画像との照合結果が照合一致であると判定すると(ステップS109、YES)、トークンIDを発行する(ステップS110)。トークンIDは、例えば処理時の日時やシーケンス番号に基づいて固有な値に設定される。 Next, when the management server 10 determines that the collation result between the target face image and the passport face image is a collation match (step S109, YES), the management server 10 issues a token ID (step S110). The token ID is set to a unique value based on, for example, the date and time at the time of processing and the sequence number.
 次に、管理サーバ10は、対象顔画像を登録顔画像として、トークンIDと登録顔画像との関係をトークンID情報DB11へ登録する(ステップS111)。 Next, the management server 10 registers the relationship between the token ID and the registered face image in the token ID information DB 11 with the target face image as the registered face image (step S111).
 本実施形態において、現地で撮影した顔画像(対象顔画像)を登録顔画像とする理由としては、トークンIDの有効期間(ライフサイクル)が当日内に完結すること、撮影画像はその後の認証プロセスで撮影した画像と品質(容姿)が旅券顔画像よりも近くなること、等が挙げられる。ただし、撮影顔画像の代わりに、旅券顔画像を登録顔画像(登録生体情報)に設定してもよい。例えば、トークンIDのライフサイクルが長期にわたる場合(例えば、航空業において、会員ならば一定の有効期間だけトークンIDを有効にする場合等)には、旅券や免許証の顔画像を登録顔画像に設定するとよい。 In the present embodiment, the reason why the face image (target face image) taken in the field is used as the registered face image is that the validity period (life cycle) of the token ID is completed within the day, and the taken image is the subsequent authentication process. The image taken in 1 and the quality (appearance) are closer than the passport face image. However, instead of the photographed face image, the passport face image may be set as the registered face image (registered biometric information). For example, if the life cycle of the token ID is long (for example, in the aviation industry, if the member is valid for the token ID for a certain period of time, etc.), the face image of the passport or driver's license may be used as the registered face image. It is good to set.
 次に、管理サーバ10は、旅券情報及び搭乗予約情報を業務情報として、トークンIDと業務情報との関係を業務情報DB13へ登録する(ステップS112)。このように、顔認証に必要な制御データと、業務の実行に必要な業務情報とは、別々のデータベースにおいて管理されるが、登録顔画像及び業務情報はトークンIDによって関連付けられる。図16の例では、業務データB14に格納されている複数のデータ項目(旅客の氏名(“PassengerName”)、旅券番号(“PassportNum”)、国籍(“Nationality”)、生年月日(“DateofBirth”)、性別(“Sex”)等)が業務情報として業務情報DB13に登録される。なお、業務データB14として格納されるデータは、コマンドの内容に対応して変動する。 Next, the management server 10 registers the relationship between the token ID and the business information in the business information DB 13 using the passport information and the boarding reservation information as business information (step S112). In this way, the control data required for face authentication and the business information required for business execution are managed in separate databases, but the registered face image and the business information are associated with each other by the token ID. In the example of FIG. 16, a plurality of data items (passenger name (“PassengerName”), passport number (“PassportNum”), nationality (“Nationality”), and date of birth (“DateofBirth”) stored in the business data B14 are stored. ), Gender (“Sex”), etc.) are registered in the business information DB 13 as business information. The data stored as the business data B14 changes according to the content of the command.
 次に、管理サーバ10は、発行したトークンID及び照合一致の照合結果情報を含むレスポンスデータをチェックイン端末20に送信する(ステップS113)。 Next, the management server 10 transmits the response data including the issued token ID and the collation result information of the collation match to the check-in terminal 20 (step S113).
 図17は、管理サーバ10がチェックイン端末20へ送信するレスポンスデータD2の一例を示す図である。レスポンスデータD2は、ヘッダー部H2及びボディ部B2から構成されている。リクエストデータD1の場合と異なり、レスポンスデータD2は検証用データ及び顔認証用データを含まない。また、図16に示した制御データB11の場合と異なり、発行されたトークンID(“tokenId”)及び処理のステータスを示す処理コード(“StatusCd”)の各データ項目のラベル情報とデータが記載されている。ここでは、発行されたトークンIDは“T2019022500000020”であり、処理コードは正常終了を示す“000”である。業務データB22には、図16に示した業務データB14と同様のデータ項目のラベル情報とデータが記載されている。 FIG. 17 is a diagram showing an example of response data D2 transmitted by the management server 10 to the check-in terminal 20. The response data D2 is composed of a header portion H2 and a body portion B2. Unlike the case of the request data D1, the response data D2 does not include the verification data and the face authentication data. Further, unlike the case of the control data B11 shown in FIG. 16, label information and data of each data item of the issued token ID (“tokenId”) and the processing code (“StatusCd”) indicating the processing status are described. ing. Here, the issued token ID is "T2019022000000020", and the processing code is "000" indicating normal termination. The business data B22 contains label information and data of the same data items as the business data B14 shown in FIG.
 一方、管理サーバ10は、旅券顔画像と対象顔画像との照合結果が照合不一致であると判定すると(ステップS109、NO)、照合不一致の照合結果情報を含むレスポンスデータをチェックイン端末20に送信する(ステップS114)。 On the other hand, when the management server 10 determines that the collation result of the passport face image and the target face image is a collation mismatch (step S109, NO), the management server 10 transmits the response data including the collation result information of the collation mismatch to the check-in terminal 20. (Step S114).
 ステップS115において、管理サーバ10はレスポンスデータに含まれる照合結果を参照し、利用者Uの本人確認に成功したか否かを判定する。 In step S115, the management server 10 refers to the collation result included in the response data and determines whether or not the identity verification of the user U has been successful.
 ここで、チェックイン端末20は、利用者Uの本人確認に成功したと判定した場合(ステップS115、YES)、利用者Uの入力情報に基づいて旅程の確認や座席の選択等のチェックイン手続を実行する(ステップS116)。そして、チェックイン端末20は、利用者Uの通過履歴情報の登録を要求するリクエストデータD1を管理サーバ10に送信する(ステップS117)。 Here, when the check-in terminal 20 determines that the identity verification of the user U has been successful (step S115, YES), the check-in procedure such as confirmation of the itinerary and selection of a seat based on the input information of the user U is performed. Is executed (step S116). Then, the check-in terminal 20 transmits the request data D1 requesting the registration of the passage history information of the user U to the management server 10 (step S117).
 次に、管理サーバ10は、チェックイン端末20からリクエストデータを受信すると、トークンIDとタッチポイントTP1の通過情報との関係を示す通過履歴情報を通過履歴情報DB12へ登録する(ステップS118)。 Next, when the management server 10 receives the request data from the check-in terminal 20, the management server 10 registers the passage history information indicating the relationship between the token ID and the passage information of the touch point TP1 in the passage history information DB 12 (step S118).
 そして、管理サーバ10は、レスポンスデータをチェックイン端末20へ送信し(ステップS119)、処理を終了する。 Then, the management server 10 transmits the response data to the check-in terminal 20 (step S119), and ends the process.
 一方、チェックイン端末20は、管理サーバ10から受信したレスポンスデータを参照し、利用者Uの本人確認に失敗したと判定した場合(ステップS115、NO)、利用者Uに対してエラーメッセージを通知する(ステップS120)。 On the other hand, when the check-in terminal 20 refers to the response data received from the management server 10 and determines that the identity verification of the user U has failed (step S115, NO), the check-in terminal 20 notifies the user U of an error message. (Step S120).
 このように、チェックイン手続において旅券から取得した旅券顔画像と照合一致である対象顔画像(撮影顔画像)を登録顔画像としてトークンID情報DB11へ登録するとともに、発行したトークンIDによって登録顔画像と業務情報DB13の業務情報とを関連付ける。これにより、後続の各タッチポイントでは撮影した顔画像と登録顔画像との照合処理が可能となる。すなわち、登録顔画像に関連付けられたトークンIDは、すべてのタッチポイントにおいて共通に利用可能な識別情報である。このような共通化されたトークンIDを用いることにより、利用者Uの審査を効率化できる。 In this way, the target face image (photographed face image) that matches the passport face image obtained from the passport in the check-in procedure is registered in the token ID information DB 11 as a registered face image, and the registered face image is registered by the issued token ID. Is associated with the business information of the business information DB 13. This enables collation processing between the captured face image and the registered face image at each subsequent touch point. That is, the token ID associated with the registered face image is identification information that can be commonly used at all touch points. By using such a common token ID, the examination of the user U can be made more efficient.
[手荷物預け手続]
 図18は、自動手荷物預け機30及び管理サーバ10の処理の一例を示すシーケンス図である。この処理は、チェックイン手続を完了した利用者Uが、必要に応じて手荷物預け手続を受けるときに実行される。 [Baggage check-in procedure]
FIG. 18 is a sequence diagram showing an example of processing of the automatic baggage deposit machine 30 and the management server 10. This process is executed when the user U who has completed the check-in procedure receives the baggage check-in procedure as necessary.
 自動手荷物預け機30は、装置の前を常時又は定期的に撮影し、撮影した画像中に自動手荷物預け機30の前に立つ利用者Uの顔が検出されたか否かを判定する(ステップS201)。自動手荷物預け機30は、生体情報取得装置309によって画像中に利用者Uの顔が検出されるまで待機する(ステップS201、NO)。 The automatic baggage depository machine 30 constantly or periodically photographs the front of the device, and determines whether or not the face of the user U standing in front of the automatic baggage depository machine 30 is detected in the captured images (step S201). ). The automatic baggage deposit machine 30 waits until the face of the user U is detected in the image by the biological information acquisition device 309 (step S201, NO).
 自動手荷物預け機30は、生体情報取得装置309によって利用者Uの顔が検出されたと判定すると(ステップS201、YES)、その利用者Uの顔を撮影して、利用者Uの顔画像を対象顔画像として取得する(ステップS202)。 When the automatic baggage deposit machine 30 determines that the face of the user U is detected by the biometric information acquisition device 309 (step S201, YES), the automatic baggage deposit machine 30 photographs the face of the user U and targets the face image of the user U. Acquired as a face image (step S202).
 次に、自動手荷物預け機30は、対象顔画像と登録顔画像との照合処理の実行を要求するリクエストデータD1を管理サーバ10に送信する(ステップS203)。 Next, the automatic baggage deposit machine 30 transmits the request data D1 requesting the execution of the collation process between the target face image and the registered face image to the management server 10 (step S203).
 管理サーバ10は、自動手荷物預け機30からリクエストデータを受信すると、利用者Uの顔画像の照合を行う(ステップS204)。すなわち、管理サーバ10は、自動手荷物預け機30から受信したリクエストデータD1に含まれる対象顔画像と、トークンID情報DB11に登録された複数の登録顔画像とを1対Nで照合する。なお、照合先となる登録顔画像は、無効フラグの値が“1”(有効)であるトークンIDに関連付けられた画像に限るものとする。 When the management server 10 receives the request data from the automatic baggage deposit machine 30, the management server 10 collates the face image of the user U (step S204). That is, the management server 10 collates the target face image included in the request data D1 received from the automatic baggage deposit machine 30 with the plurality of registered face images registered in the token ID information DB 11 on a one-to-N basis. The registered face image to be collated is limited to the image associated with the token ID whose invalid flag value is "1" (valid).
 次に、管理サーバ10は、ステップS204における照合結果(照合スコア)と、認証結果(認証の成否)と、チェックイン端末20から取得した検証用データとを関連付けて認証履歴情報DB14へ登録する(ステップS205)。 Next, the management server 10 associates the verification result (verification score) in step S204, the authentication result (success / failure of authentication), and the verification data acquired from the check-in terminal 20 and registers them in the authentication history information DB 14 ( Step S205).
 次に、管理サーバ10は、照合結果が照合一致であるか否かを判定する(ステップS206)。ここで、管理サーバ10が、照合結果は照合不一致であると判定すると(ステップS206、NO)、管理サーバ10は不一致の照合結果情報を含むレスポンスデータを自動手荷物預け機30に送信し(ステップS209)、処理はステップS210へ移行する。これに対し、管理サーバ10が、照合結果は照合一致であると判定すると(ステップS206、YES)、処理はステップS207へ移行する。 Next, the management server 10 determines whether or not the collation result is a collation match (step S206). Here, when the management server 10 determines that the collation result is a collation mismatch (step S206, NO), the management server 10 transmits response data including the collation result information of the mismatch to the automatic baggage deposit machine 30 (step S209). ), The process proceeds to step S210. On the other hand, when the management server 10 determines that the collation result is a collation match (step S206, YES), the process proceeds to step S207.
 ステップS207において、管理サーバ10は、トークンID情報DB11において照合一致の登録顔画像に関連付けられたトークンIDをキーとして、業務情報DB13から業務情報を取得する。そして、管理サーバ10は、レスポンスデータを自動手荷物預け機30へ送信する(ステップS208)。その後、処理はステップS210へ移行する。 In step S207, the management server 10 acquires business information from the business information DB 13 using the token ID associated with the registered face image of the collation match in the token ID information DB 11 as a key. Then, the management server 10 transmits the response data to the automatic baggage deposit machine 30 (step S208). After that, the process proceeds to step S210.
 ステップS210において、管理サーバ10はレスポンスデータに含まれる照合結果を参照し、対象者の本人確認に成功したか否かを判定する。 In step S210, the management server 10 refers to the collation result included in the response data and determines whether or not the identity verification of the target person has been successful.
 次に、自動手荷物預け機30は、レスポンスデータに含まれる照合結果を参照し、本人確認に成功したと判定した場合(ステップS210、YES)、利用者Uの手荷物預け手続の処理を実行する(ステップS211)。 Next, the automatic baggage deposit machine 30 refers to the collation result included in the response data, and when it is determined that the identity verification is successful (step S210, YES), the automatic baggage deposit machine 30 executes the baggage deposit procedure of the user U (step S210, YES). Step S211).
 次に、自動手荷物預け機30は、利用者Uの通過履歴情報の登録を要求するリクエストデータD1を管理サーバ10に送信する(ステップS212)。 Next, the automatic baggage deposit machine 30 transmits the request data D1 requesting the registration of the passage history information of the user U to the management server 10 (step S212).
 管理サーバ10は、自動手荷物預け機30からリクエストデータを受信すると、トークンIDと利用者UのタッチポイントTP2の通過情報との関係を示す通過履歴情報を通過履歴情報DB12へ登録する(ステップS213)。 When the management server 10 receives the request data from the automatic baggage deposit machine 30, the management server 10 registers the passage history information indicating the relationship between the token ID and the passage information of the touch point TP2 of the user U in the passage history information DB 12 (step S213). ..
 そして、管理サーバ10は、レスポンスデータを自動手荷物預け機30へ送信し(ステップS214)、処理を終了する。 Then, the management server 10 transmits the response data to the automatic baggage deposit machine 30 (step S214), and ends the process.
 一方、自動手荷物預け機30は、レスポンスデータを参照し、本人確認に失敗したと判定した場合(ステップS210、NO)、利用者Uに対してエラーメッセージを通知する(ステップS215)。 On the other hand, when the automatic baggage deposit machine 30 refers to the response data and determines that the identity verification has failed (step S210, NO), the automatic baggage deposit machine 30 notifies the user U of an error message (step S215).
[検証処理]
 図19は、管理サーバ10の検証処理の一例を示すフローチャートである。この処理は、例えば現在時刻が所定の開始時刻になったときに実行される。 [Verification process]
FIG. 19 is a flowchart showing an example of the verification process of the management server 10. This process is executed, for example, when the current time reaches a predetermined start time.
 先ず、管理サーバ10は、現在時刻が検証処理の開始時刻か否かを判定する(ステップS301)。ここで、管理サーバ10は、現在時刻が検証処理の開始時刻であると判定した場合(ステップS301、YES)には、処理はステップS302へ移行する。これに対し、管理サーバ10は、現在時刻が検証処理の開始時刻ではないと判定した場合(ステップS301、NO)には、待機状態が維持される。 First, the management server 10 determines whether or not the current time is the start time of the verification process (step S301). Here, when the management server 10 determines that the current time is the start time of the verification process (step S301, YES), the process proceeds to step S302. On the other hand, when the management server 10 determines that the current time is not the start time of the verification process (step S301, NO), the standby state is maintained.
 ステップS302において、管理サーバ10は、認証履歴情報DB14から認証履歴情報を取得する。 In step S302, the management server 10 acquires the authentication history information from the authentication history information DB 14.
 次に、管理サーバ10は、検証用データの項目ごとに認証履歴情報の解析処理(統計処理)を実行する(ステップS303)。 Next, the management server 10 executes an authentication history information analysis process (statistical process) for each item of verification data (step S303).
 そして、管理サーバ10は、検証結果を出力し(ステップS304)、処理を終了する。検証結果の出力方法としては、画面表示、ファイルへの出力、データベースへの登録等が適宜選択される。 Then, the management server 10 outputs the verification result (step S304) and ends the process. As the verification result output method, screen display, file output, database registration, etc. are appropriately selected.
 本実施形態によれば、システムの運用中に実行された全ての生体認証の認証履歴情報(ログデータ)が管理サーバ10に蓄積される。また、認証履歴情報には生体認証の処理結果と検証用データが関連付けられているため、管理サーバ10は検証用データのデータ項目ごとに生体認証の処理結果を検証することができる。これにより、例えば管理者は検証結果に基づいて生体認証の成功率を下げる要因を特定し、対処が容易になる。 According to this embodiment, the authentication history information (log data) of all biometric authentication executed during the operation of the system is stored in the management server 10. Further, since the authentication history information is associated with the biometric authentication processing result and the verification data, the management server 10 can verify the biometric authentication processing result for each data item of the verification data. As a result, for example, the administrator can identify a factor that lowers the success rate of biometric authentication based on the verification result, and can easily deal with it.
 <第2実施形態>
 以下、本実施形態における情報処理システム2について説明する。なお、第1実施形態の図中において付与した符号と共通する符号は同一の対象を示す。第1実施形態と共通する箇所の説明は省略し、異なる箇所について詳細に説明する。 <Second Embodiment>
Hereinafter, the information processing system 2 in the present embodiment will be described. In addition, the code common to the code given in the figure of the first embodiment indicates the same object. The description of the parts common to the first embodiment will be omitted, and the different parts will be described in detail.
 図20は、本実施形態における情報処理システム2の全体構成例を示すブロック図である。情報処理システム2は、管理サーバ10と、複数の生体認証用端末70と、管理者端末80とを備える。管理サーバ10は、複数の生体認証用端末70とインターネット等のネットワークNW1を介して接続されている。また、管理サーバ10は、管理者端末80とLAN等のネットワークNW2を介して接続されている。 FIG. 20 is a block diagram showing an overall configuration example of the information processing system 2 in the present embodiment. The information processing system 2 includes a management server 10, a plurality of biometric authentication terminals 70, and an administrator terminal 80. The management server 10 is connected to a plurality of biometric authentication terminals 70 via a network NW1 such as the Internet. Further, the management server 10 is connected to the administrator terminal 80 via a network NW2 such as a LAN.
 生体認証用端末70は、利用者が生体認証に利用する端末である。生体認証用端末70としては、第1実施形態で説明したチェックイン端末20等の端末の他、自動券売機、各種の施設に設置されるようなゲート装置等が挙げられる。生体認証用端末70の種類は限定されないものとする。 The biometric authentication terminal 70 is a terminal used by the user for biometric authentication. Examples of the biometric authentication terminal 70 include terminals such as the check-in terminal 20 described in the first embodiment, an automatic ticket vending machine, a gate device installed in various facilities, and the like. The type of the biometric authentication terminal 70 is not limited.
 管理者端末80は、管理者が管理サーバ10の保守作業に利用する端末である。管理者端末80としては、例えばパーソナルコンピュータやタブレット端末等が挙げられる。 The administrator terminal 80 is a terminal used by the administrator for maintenance work of the management server 10. Examples of the administrator terminal 80 include a personal computer, a tablet terminal, and the like.
 また、本実施形態の管理サーバ10は、利用者情報DB15と認証履歴情報DB14を有している。なお、管理サーバ10が有するデータベースは、これらのデータベースに限られない。 Further, the management server 10 of the present embodiment has the user information DB 15 and the authentication history information DB 14. The database of the management server 10 is not limited to these databases.
 図21は、利用者情報DB15が記憶する情報の一例を示す図である。利用者情報DB15は、利用者ID、登録顔画像、特徴量、氏名、性別、年齢及び身長をデータ項目としている。なお、利用者情報DB15が記憶するデータ項目はこれらに限られない。 FIG. 21 is a diagram showing an example of information stored in the user information DB 15. The user information DB 15 has user ID, registered face image, feature amount, name, gender, age and height as data items. The data items stored in the user information DB 15 are not limited to these.
 図22は、生体認証用端末70のハードウェア構成の一例を示すブロック図である。同図に示すように、生体認証用端末70は、CPU701、RAM702、記憶装置703、通信I/F704、入力装置706、表示装置707、媒体読取装置708及び生体情報取得装置709を有している。各装置は、バスライン705に接続されている。 FIG. 22 is a block diagram showing an example of the hardware configuration of the biometric authentication terminal 70. As shown in the figure, the biometric authentication terminal 70 includes a CPU 701, a RAM 702, a storage device 703, a communication I / F 704, an input device 706, a display device 707, a medium reading device 708, and a biometric information acquisition device 709. .. Each device is connected to a bus line 705.
 図23は、管理者端末80のハードウェア構成の一例を示すブロック図である。管理者端末80は、CPU801、RAM802、記憶装置803、通信I/F804、入力装置806及び表示装置807を有している。各装置は、バスライン805に接続されている。 FIG. 23 is a block diagram showing an example of the hardware configuration of the administrator terminal 80. The administrator terminal 80 has a CPU 801 and a RAM 802, a storage device 803, a communication I / F 804, an input device 806, and a display device 807. Each device is connected to bus line 805.
 図24は、情報処理システム2の機能ブロック図である。管理サーバ10は、第1実施形態と同様に、記憶部10A、送受信部10B、データ抽出部10C、生体認証部10D、検証部10Gを有する。本実施形態の管理サーバ10は、第1実施形態と異なり、トークンID発行部10E、業務処理部10Fは有さなくてもよい。送受信部10Bは、管理者端末80から検証要求を受信すると、検証部10Gに検証処理を実行させる。送受信部10Bは、検証部10Gにおける検証結果を管理者端末80へ送信する。 FIG. 24 is a functional block diagram of the information processing system 2. The management server 10 has a storage unit 10A, a transmission / reception unit 10B, a data extraction unit 10C, a biometric authentication unit 10D, and a verification unit 10G, as in the first embodiment. Unlike the first embodiment, the management server 10 of the present embodiment does not have to have the token ID issuing unit 10E and the business processing unit 10F. When the transmission / reception unit 10B receives the verification request from the administrator terminal 80, the transmission / reception unit 10B causes the verification unit 10G to execute the verification process. The transmission / reception unit 10B transmits the verification result in the verification unit 10G to the administrator terminal 80.
 図25は、本実施形態における検証用データに含まれるデータ項目の一例を示す図である。ここでは、検証用データの項目として、被験者ID、性別、身長、立ち位置、顔の位置、撮影場所、眼鏡、移動速度、照明条件が挙げられている。 FIG. 25 is a diagram showing an example of data items included in the verification data in the present embodiment. Here, as the items of the verification data, the subject ID, gender, height, standing position, face position, shooting location, eyeglasses, moving speed, and lighting conditions are listed.
 図26は、生体認証用端末70及び管理サーバ10の処理の一例を示すシーケンス図である。この処理は、例えば生体認証用端末70の検査員が端末における生体認証の精度を試験する際に実行される。 FIG. 26 is a sequence diagram showing an example of processing of the biometric authentication terminal 70 and the management server 10. This process is executed, for example, when an inspector of the biometric authentication terminal 70 tests the accuracy of biometric authentication in the terminal.
 先ず、生体認証用端末70は、検査員からの入力操作に基づいて、検証用データの入力画面を表示装置707に表示する(ステップS401)。 First, the biometric authentication terminal 70 displays the verification data input screen on the display device 707 based on the input operation from the inspector (step S401).
 次に、生体認証用端末70は、入力画面において入力された検証用データを取得する(ステップS402)。 Next, the biometric authentication terminal 70 acquires the verification data input on the input screen (step S402).
 次に、生体認証用端末70は、生体情報取得装置709により照合対象者の顔を撮影し、顔画像を取得する(ステップS403)。 Next, the biometric authentication terminal 70 photographs the face of the collation target person by the biometric information acquisition device 709 and acquires a face image (step S403).
 次に、生体認証用端末70は、対象顔画像と検証用データを含むリクエストデータを管理サーバ10へ送信する(ステップS404)。 Next, the biometric authentication terminal 70 transmits the request data including the target face image and the verification data to the management server 10 (step S404).
 次に、管理サーバ10は、リクエストデータに含まれる対象顔画像と、データベースに予め登録されている登録者の登録顔画像との照合を行う(ステップS405)。 Next, the management server 10 collates the target face image included in the request data with the registered face image of the registrant registered in advance in the database (step S405).
 次に、管理サーバ10は、ステップS405における照合結果及び検証用データを関連付けた認証履歴情報を認証履歴情報DB14に登録する(ステップS406)。次に、管理サーバ10は、レスポンスデータを生体認証用端末70へ送信する(ステップS407)。 Next, the management server 10 registers the authentication history information associated with the collation result and the verification data in step S405 in the authentication history information DB 14 (step S406). Next, the management server 10 transmits the response data to the biometric authentication terminal 70 (step S407).
 そして、生体認証用端末70は、検査員からの入力操作に基づいて、生体認証の試験を終了するか否かを判定する(ステップS408)。ここで、生体認証用端末70は、生体認証の試験を終了すると判定した場合(ステップS408、YES)には、処理を終了する。生体認証用端末70は、生体認証の試験を終了しないと判定した場合(ステップS408、NO)には、処理はステップS401へ戻る。 Then, the biometric authentication terminal 70 determines whether or not to end the biometric authentication test based on the input operation from the inspector (step S408). Here, when the biometric authentication terminal 70 determines that the biometric authentication test is completed (step S408, YES), the biometric authentication terminal 70 ends the process. If the biometric authentication terminal 70 determines that the biometric authentication test is not completed (step S408, NO), the process returns to step S401.
 図27は、生体認証用端末70に表示される検証用データ入力画面の一例を示す図である。ここでは、検証用データのデータ項目として、被験者ID、性別、機種、顔の向き、立ち位置、撮影場所、移動速度、眼鏡の装着有無が例示されている。被験者IDは、被験者を一意に特定する識別子である。顔の向きは、カメラに対して被験者が上下左右のいずれの方向を向いているのかを示す。立ち位置は、カメラの撮影範囲の中で被験者が左寄り、中央、右寄りのいずれの位置に立っているのかを示す。移動速度は、被験者が静止中、歩行中、走行中のいずれかに示す。移動速度や顔の向きは、管理者が手動で入力してもよいし、図示しないセンサの測定値に基づいて端末側で自動的に判定してもよい。 FIG. 27 is a diagram showing an example of a verification data input screen displayed on the biometric authentication terminal 70. Here, as the data items of the verification data, the subject ID, gender, model, face orientation, standing position, shooting location, moving speed, and whether or not the glasses are worn are exemplified. The subject ID is an identifier that uniquely identifies the subject. The orientation of the face indicates which direction the subject is facing up, down, left, or right with respect to the camera. The standing position indicates whether the subject is standing to the left, in the center, or to the right within the shooting range of the camera. The moving speed is indicated when the subject is stationary, walking, or running. The movement speed and the orientation of the face may be manually input by the administrator, or may be automatically determined on the terminal side based on the measured values of sensors (not shown).
 図28は、管理サーバ10の検証処理の一例を示すフローチャートである。この処理は、例えば管理者が認証結果の検証作業を行う場合に実行される。 FIG. 28 is a flowchart showing an example of the verification process of the management server 10. This process is executed, for example, when the administrator performs verification work of the authentication result.
 先ず、管理サーバ10は、管理者からの入力操作に応じて、検証条件指定画面を表示する(ステップS501)。 First, the management server 10 displays a verification condition specification screen in response to an input operation from the administrator (step S501).
 次に、管理サーバ10は、管理者が検証条件指定画面において入力した検証条件を取得する(ステップS502)。 Next, the management server 10 acquires the verification conditions input by the administrator on the verification condition specification screen (step S502).
 次に、管理サーバ10は、検証条件に基づいて認証履歴情報DB14に記憶されている認証履歴情報を対象として解析処理を実行する(ステップS503)。なお、検証条件指定画面で検証対象の認証履歴情報の範囲が指定される場合には、管理サーバ10は、指定された範囲内で解析処理を実行する。 Next, the management server 10 executes an analysis process for the authentication history information stored in the authentication history information DB 14 based on the verification conditions (step S503). When the range of the authentication history information to be verified is specified on the verification condition specification screen, the management server 10 executes the analysis process within the specified range.
 次に、管理サーバ10は、検証結果表示画面を表示する(ステップS504)。検証結果表示画面には、例えば検証用データのデータ項目ごとに認証結果を解析した情報が表示される。 Next, the management server 10 displays the verification result display screen (step S504). On the verification result display screen, for example, information obtained by analyzing the authentication result for each data item of the verification data is displayed.
 次に、管理サーバ10は、管理者からの入力操作の有無に基づいて、検証作業を終了するか否かを判定する(ステップS505)。ここで、管理サーバ10は、検証作業を終了すると判定した場合(ステップS505、YES)には、処理を終了する。 Next, the management server 10 determines whether or not to end the verification work based on the presence or absence of an input operation from the administrator (step S505). Here, when the management server 10 determines that the verification work is completed (step S505, YES), the management server 10 ends the process.
 これに対し、管理サーバ10は、検証作業を終了しないと判定した場合(ステップS505、NO)には、処理はステップS501へ戻る。 On the other hand, when the management server 10 determines that the verification work is not completed (step S505, NO), the process returns to step S501.
 図29は、管理者端末80に表示される検証条件指定画面の一例を示す図である。ここでは、検証条件として端末別VC-1、機種別VC-2、性別VC-3、顔の向きVC-4、立ち位置VC-5、立ち位置VC-5、撮影場所VC-6、時間帯別VC-7、ユーザの移動速度VC-8、眼鏡の装着有無VC-9が例示されている。管理者がいずれかの検証条件を指定すると、検証処理が開始される。 FIG. 29 is a diagram showing an example of a verification condition designation screen displayed on the administrator terminal 80. Here, as verification conditions, terminal-specific VC-1, model-specific VC-2, gender VC-3, face orientation VC-4, standing position VC-5, standing position VC-5, shooting location VC-6, time zone. Another example is VC-7, the user's moving speed VC-8, and whether or not the glasses are worn VC-9. When the administrator specifies one of the verification conditions, the verification process starts.
 図30は、管理者端末80に表示される検証結果表示画面の一例を示す図である。ここでは、検証条件として“端末別”が指定された場合の検証結果が画面に表示されている。検証結果を表すグラフの横軸は、平均認証率であり、縦軸は生体認証用端末70の端末IDを示している。例えば、端末IDが“#63”の端末の平均認証率は、他の端末よりも相対的に低いことが分かる。この場合、管理者は当該端末において平均認証率が低くなる原因を特定するために、他の検証条件での再検証を行う。 FIG. 30 is a diagram showing an example of a verification result display screen displayed on the administrator terminal 80. Here, the verification result when "by terminal" is specified as the verification condition is displayed on the screen. The horizontal axis of the graph showing the verification result is the average authentication rate, and the vertical axis shows the terminal ID of the biometric authentication terminal 70. For example, it can be seen that the average authentication rate of the terminal whose terminal ID is "# 63" is relatively lower than that of other terminals. In this case, the administrator performs re-verification under other verification conditions in order to identify the cause of the low average authentication rate in the terminal.
 本実施形態によれば、生体認証用端末70の製造者が端末の性能を試験する際に、生体認証のテスト結果と検証用データとを関連付けてデータベースに登録できる。これにより、製造者が生体認証用端末70の試験を効率的に実行し、端末の開発作業を支援することができる。 According to this embodiment, when the manufacturer of the biometric authentication terminal 70 tests the performance of the terminal, the biometric authentication test result and the verification data can be associated and registered in the database. As a result, the manufacturer can efficiently execute the test of the biometric authentication terminal 70 and support the development work of the terminal.
<第3実施形態>
 図31は、本実施形態における情報処理装置100の構成を示すブロック図である。情報処理装置100は、取得部100Aと、認証部100Bと、制御部100Cとを備える。取得部100Aは、ユーザの生体認証に利用する端末から、ユーザの生体情報及び生体認証の検証用データを取得する。認証部100Bと、取得された生体情報に対する生体認証を実行する。制御部100Cは、生体認証における処理結果と検証用データとを関連付ける。 <Third Embodiment>
FIG. 31 is a block diagram showing the configuration of the information processing apparatus 100 according to the present embodiment. The information processing apparatus 100 includes an acquisition unit 100A, an authentication unit 100B, and a control unit 100C. The acquisition unit 100A acquires the user's biometric information and biometric authentication verification data from the terminal used for the user's biometric authentication. The authentication unit 100B and the biometric authentication for the acquired biometric information are executed. The control unit 100C associates the processing result in biometric authentication with the verification data.
 本実施形態によれば、生体認証が適切に実行されているか否かを容易に検証できる情報処理装置100が提供される。 According to the present embodiment, there is provided an information processing apparatus 100 that can easily verify whether or not biometric authentication is properly executed.
<変形実施形態>
 以上、実施形態を参照して本発明を説明したが、本発明は上述の実施形態に限定されるものではない。本発明の構成及び詳細には本発明の要旨を逸脱しない範囲で、当業者が理解し得る様々な変形ができる。例えば、いずれかの実施形態の一部の構成を、他の実施形態に追加した実施形態、あるいは他の実施形態の一部の構成と置換した実施形態も本発明を適用し得る実施形態であると理解されるべきである。 <Modification Embodiment>
Although the present invention has been described above with reference to the embodiments, the present invention is not limited to the above-described embodiments. Various modifications that can be understood by those skilled in the art can be made in the configuration and details of the present invention without departing from the gist of the present invention. For example, an embodiment in which a partial configuration of any of the embodiments is added to another embodiment or replaced with a partial configuration of another embodiment is also an embodiment to which the present invention can be applied. Should be understood.
 上述の第1実施形態においては、本発明を空港における業務に適用した場合について説明した。しかし、本発明の構成は、鉄道業、宿泊業、サービス業、製造業等の任意の業種における生体認証を利用した業務に適用できる。 In the above-mentioned first embodiment, a case where the present invention is applied to business at an airport has been described. However, the configuration of the present invention can be applied to business using biometric authentication in any industry such as railway industry, accommodation industry, service industry, and manufacturing industry.
 上述の第1実施形態においては、リクエストデータ及びレスポンスデータは、JSON形式で記述されていたが、XML形式等の他のデータフォーマットにより記述されてもよい。すなわち、業務データをカプセル化できるデータフォーマットであればよい。 In the above-mentioned first embodiment, the request data and the response data are described in the JSON format, but may be described in another data format such as the XML format. That is, any data format that can encapsulate business data is sufficient.
 上述の第1実施形態及び第2実施形態においては、管理サーバ10が自動的にログデータの統計・解析処理を実行する場合について説明したが、統計・解析処理の一部又は全部を人間により行うようにしてもよい。また、管理サーバ10は、認証率の低下の主要因となるデータ項目を自動的に特定し、管理者に提示するように構成してもよい。 In the above-mentioned first embodiment and the second embodiment, the case where the management server 10 automatically executes the log data statistics / analysis processing has been described, but a part or all of the statistics / analysis processing is performed by a human being. You may do so. Further, the management server 10 may be configured to automatically identify data items that are the main cause of the decrease in the authentication rate and present them to the administrator.
 上述の実施形態の機能を実現するように該実施形態の構成を動作させるプログラムを記録媒体に記録させ、該記録媒体に記録されたプログラムをコードとして読み出し、コンピュータにおいて実行する処理方法も各実施形態の範疇に含まれる。すなわち、コンピュータ読取可能な記録媒体も各実施形態の範囲に含まれる。また、上述のプログラムが記録された記録媒体はもちろん、そのプログラム自体も各実施形態に含まれる。 Each embodiment also has a processing method in which a program for operating the configuration of the embodiment is recorded on a recording medium so as to realize the functions of the above-described embodiment, the program recorded on the recording medium is read out as a code, and the program is executed by a computer. Is included in the category of. That is, a computer-readable recording medium is also included in the scope of each embodiment. Further, not only the recording medium on which the above-mentioned program is recorded but also the program itself is included in each embodiment.
 該記録媒体としては例えばフロッピー(登録商標)ディスク、ハードディスク、光ディスク、光磁気ディスク、CD-ROM、磁気テープ、不揮発性メモリカード等を用いることができる。また該記録媒体に記録されたプログラム単体で処理を実行しているものに限らず、他のソフトウェア、拡張ボードの機能と共同して、OS上で動作して処理を実行するものも各実施形態の範疇に含まれる。 As the recording medium, for example, a floppy (registered trademark) disk, a hard disk, an optical disk, a magneto-optical disk, a CD-ROM, a magnetic tape, a non-volatile memory card, or the like can be used. Further, not only the program recorded on the recording medium that executes the process alone, but also the program that operates on the OS and executes the process in cooperation with other software and the function of the expansion board is also an embodiment. Is included in the category of.
 上述の実施形態の一部又は全部は、以下の付記のようにも記載されうるが、以下には限られない。 A part or all of the above-described embodiment may be described as in the following appendix, but is not limited to the following.
(付記1)
 ユーザの生体認証に利用する端末から、前記ユーザの生体情報及び前記生体認証の検証用データを取得する取得部と、
 取得された前記生体情報に対する前記生体認証を実行する認証部と、
 前記生体認証における処理結果と前記検証用データとを関連付ける制御部と、
 を備える情報処理装置。 (Appendix 1)
An acquisition unit that acquires the user's biometric information and the biometric authentication verification data from the terminal used for the user's biometric authentication.
An authentication unit that executes the biometric authentication for the acquired biometric information,
A control unit that associates the processing result in the biometric authentication with the verification data,
Information processing device equipped with.
(付記2)
 前記検証用データに基づいて前記処理結果を検証する検証部、
 を更に備える付記1に記載の情報処理装置。 (Appendix 2)
Verification unit that verifies the processing result based on the verification data,
The information processing apparatus according to Appendix 1, further comprising.
(付記3)
 前記検証部は、前記検証用データに含まれるデータ項目の値と前記処理結果との相関を前記データ項目ごとに検証する、
 付記2に記載の情報処理装置。 (Appendix 3)
The verification unit verifies the correlation between the value of the data item included in the verification data and the processing result for each data item.
The information processing device according to Appendix 2.
(付記4)
 前記検証部は、複数の前記端末のうち、前記生体認証における認証率が所定値に満たない前記端末を特定する、
 付記2又は3に記載の情報処理装置。 (Appendix 4)
The verification unit identifies the terminal whose authentication rate in biometric authentication is less than a predetermined value among the plurality of terminals.
The information processing apparatus according to Appendix 2 or 3.
(付記5)
 前記取得部は、前記生体情報及び前記検証用データとともに、前記生体認証の実行を制御する制御データと前記端末において所定の業務を実行した際に生成された業務データとを取得し、
 前記生体認証によって前記ユーザが認証された場合に、前記業務データを処理する業務処理部、
 を更に備える付記1乃至4のいずれかに記載の情報処理装置。 (Appendix 5)
The acquisition unit acquires the control data for controlling the execution of the biometric authentication and the business data generated when a predetermined business is executed on the terminal, together with the biometric information and the verification data.
A business processing unit that processes the business data when the user is authenticated by the biometric authentication.
The information processing apparatus according to any one of Supplementary Provisions 1 to 4, further comprising.
(付記6)
 前記検証用データは、前記生体情報が生体画像の場合に、前記ユーザの属性情報を含む、
 付記1乃至5のいずれかに記載の情報処理装置。 (Appendix 6)
The verification data includes the attribute information of the user when the biometric information is a biometric image.
The information processing apparatus according to any one of Supplementary Provisions 1 to 5.
(付記7)
 前記属性情報は、性別、年齢、身長の少なくとも1つを含む、
 付記6に記載の情報処理装置。 (Appendix 7)
The attribute information includes at least one of gender, age, and height.
The information processing apparatus according to Appendix 6.
(付記8)
 前記検証用データは、前記生体情報が生体画像の場合に、前記生体画像の撮影条件を含む、
 付記1乃至5のいずれかに記載の情報処理装置。 (Appendix 8)
The verification data includes the imaging conditions of the biological image when the biological information is a biological image.
The information processing apparatus according to any one of Supplementary Provisions 1 to 5.
(付記9)
 前記撮影条件は、照明条件、撮影方向及び撮影場所の少なくとも1つを更に含む、
 付記8に記載の情報処理装置。 (Appendix 9)
The shooting conditions further include at least one of a lighting condition, a shooting direction and a shooting location.
The information processing apparatus according to Appendix 8.
(付記10)
 前記撮影条件は、前記生体画像の撮影時における前記ユーザの移動速度を更に含む、
 付記8又は9に記載の情報処理装置。 (Appendix 10)
The imaging condition further includes the moving speed of the user at the time of capturing the biological image.
The information processing apparatus according to Appendix 8 or 9.
(付記11)
 前記撮影条件は、前記生体画像の撮影時において前記生体画像の取得部位の領域に所定の物品が含まれているか否かの情報を含む、
 付記8乃至10のいずれかに記載の情報処理装置。 (Appendix 11)
The imaging condition includes information on whether or not a predetermined article is included in the region of the acquisition site of the biological image at the time of photographing the biological image.
The information processing apparatus according to any one of Supplementary note 8 to 10.
(付記12)
 ユーザの生体認証に利用する端末から、前記ユーザの生体情報及び前記生体認証の検証用データを取得するステップと、
 取得された前記生体情報に対する前記生体認証を実行するステップと、
 前記生体認証における処理結果と前記検証用データとを関連付けるステップと、
 を備える情報処理方法。 (Appendix 12)
A step of acquiring the user's biometric information and the biometric authentication verification data from a terminal used for the user's biometric authentication, and
The step of executing the biometric authentication for the acquired biometric information, and
The step of associating the processing result in the biometric authentication with the verification data,
Information processing method.
(付記13)
 コンピュータに、
 ユーザの生体認証に利用する端末から、前記ユーザの生体情報及び前記生体認証の検証用データを取得するステップと、
 取得された前記生体情報に対する前記生体認証を実行するステップと、
 前記生体認証における処理結果と前記検証用データとを関連付けるステップと、
 を実行させるためのプログラムが記録された記録媒体。 (Appendix 13)
On the computer
A step of acquiring the user's biometric information and the biometric authentication verification data from a terminal used for the user's biometric authentication, and
The step of executing the biometric authentication for the acquired biometric information, and
The step of associating the processing result in the biometric authentication with the verification data,
A recording medium on which a program for executing a program is recorded.
NW・・・ネットワーク
1,2・・・情報処理システム
10・・・管理サーバ
11・・・トークンID情報DB
12・・・通過履歴情報DB
13・・・業務情報DB
14・・・認証履歴情報DB
15・・・利用者情報DB
20・・・チェックイン端末
30・・・自動手荷物預け機
40・・・保安検査装置
50・・・自動化ゲート装置
60・・・搭乗ゲート装置
70・・・生体認証用端末
80・・・管理者端末
100・・・情報処理装置
100A・・・取得部
100B・・・認証部
100C・・・制御部
200・・・エッジ端末 NW ... Network 1, 2 ... Information processing system 10 ... Management server 11 ... Token ID information DB
12 ... Passage history information DB
13 ... Business information DB
14 ... Authentication history information DB
15 ... User information DB
20 ... Check-in terminal 30 ... Automatic baggage deposit machine 40 ... Security inspection device 50 ... Automated gate device 60 ... Boarding gate device 70 ... Biometric authentication terminal 80 ... Administrator Terminal 100 ... Information processing device 100A ... Acquisition unit 100B ... Authentication unit 100C ... Control unit 200 ... Edge terminal

Claims (13)

  1.  ユーザの生体認証に利用する端末から、前記ユーザの生体情報及び前記生体認証の検証用データを取得する取得部と、
     取得された前記生体情報に対する前記生体認証を実行する認証部と、
     前記生体認証における処理結果と前記検証用データとを関連付ける制御部と、
     を備える情報処理装置。     An acquisition unit that acquires the user's biometric information and the biometric authentication verification data from the terminal used for the user's biometric authentication.
    An authentication unit that executes the biometric authentication for the acquired biometric information,
    A control unit that associates the processing result in the biometric authentication with the verification data,
    Information processing device equipped with.
  2.  前記検証用データに基づいて前記処理結果を検証する検証部、
     を更に備える請求項1に記載の情報処理装置。     Verification unit that verifies the processing result based on the verification data,
    The information processing apparatus according to claim 1.
  3.  前記検証部は、前記検証用データに含まれるデータ項目の値と前記処理結果との相関を前記データ項目ごとに検証する、
     請求項2に記載の情報処理装置。     The verification unit verifies the correlation between the value of the data item included in the verification data and the processing result for each data item.
    The information processing apparatus according to claim 2.
  4.  前記検証部は、複数の前記端末のうち、前記生体認証における認証率が所定値に満たない前記端末を特定する、
     請求項2又は3に記載の情報処理装置。     The verification unit identifies the terminal whose authentication rate in biometric authentication is less than a predetermined value among the plurality of terminals.
    The information processing apparatus according to claim 2 or 3.
  5.  前記取得部は、前記生体情報及び前記検証用データとともに、前記生体認証の実行を制御する制御データと前記端末において所定の業務を実行した際に生成された業務データとを取得し、
     前記生体認証によって前記ユーザが認証された場合に、前記業務データを処理する業務処理部、
     を更に備える請求項1乃至4のいずれか1項に記載の情報処理装置。     The acquisition unit acquires the control data for controlling the execution of the biometric authentication and the business data generated when a predetermined business is executed on the terminal, together with the biometric information and the verification data.
    A business processing unit that processes the business data when the user is authenticated by the biometric authentication.
    The information processing apparatus according to any one of claims 1 to 4.
  6.  前記検証用データは、前記生体情報が生体画像の場合に、前記ユーザの属性情報を含む、
     請求項1乃至5のいずれか1項に記載の情報処理装置。     The verification data includes the attribute information of the user when the biometric information is a biometric image.
    The information processing apparatus according to any one of claims 1 to 5.
  7.  前記属性情報は、性別、年齢、身長の少なくとも1つを含む、
     請求項6に記載の情報処理装置。     The attribute information includes at least one of gender, age, and height.
    The information processing apparatus according to claim 6.
  8.  前記検証用データは、前記生体情報が生体画像の場合に、前記生体画像の撮影条件を含む、
     請求項1乃至5のいずれか1項に記載の情報処理装置。     The verification data includes the imaging conditions of the biological image when the biological information is a biological image.
    The information processing apparatus according to any one of claims 1 to 5.
  9.  前記撮影条件は、照明条件、撮影方向及び撮影場所の少なくとも1つを更に含む、
     請求項8に記載の情報処理装置。     The shooting conditions further include at least one of a lighting condition, a shooting direction and a shooting location.
    The information processing apparatus according to claim 8.
  10.  前記撮影条件は、前記生体画像の撮影時における前記ユーザの移動速度を更に含む、
     請求項8又は9に記載の情報処理装置。     The imaging condition further includes the moving speed of the user at the time of capturing the biological image.
    The information processing apparatus according to claim 8 or 9.
  11.  前記撮影条件は、前記生体画像の撮影時において前記生体画像の取得部位の領域に所定の物品が含まれているか否かの情報を含む、
     請求項8乃至10のいずれか1項に記載の情報処理装置。     The imaging condition includes information on whether or not a predetermined article is included in the region of the acquisition site of the biological image at the time of photographing the biological image.
    The information processing apparatus according to any one of claims 8 to 10.
  12.  ユーザの生体認証に利用する端末から、前記ユーザの生体情報及び前記生体認証の検証用データを取得するステップと、
     取得された前記生体情報に対する前記生体認証を実行するステップと、
     前記生体認証における処理結果と前記検証用データとを関連付けるステップと、
     を備える情報処理方法。     A step of acquiring the user's biometric information and the biometric authentication verification data from a terminal used for the user's biometric authentication, and
    The step of executing the biometric authentication for the acquired biometric information, and
    The step of associating the processing result in the biometric authentication with the verification data,
    Information processing method.
  13.  コンピュータに、
     ユーザの生体認証に利用する端末から、前記ユーザの生体情報及び前記生体認証の検証用データを取得するステップと、
     取得された前記生体情報に対する前記生体認証を実行するステップと、
     前記生体認証における処理結果と前記検証用データとを関連付けるステップと、
     を実行させるためのプログラムが記録された記録媒体。     On the computer
    A step of acquiring the user's biometric information and the biometric authentication verification data from a terminal used for the user's biometric authentication, and
    The step of executing the biometric authentication for the acquired biometric information, and
    The step of associating the processing result in the biometric authentication with the verification data,
    A recording medium on which a program for executing a program is recorded.
PCT/JP2020/030764 2020-08-13 2020-08-13 Information processing device, information processing method, and storage medium WO2022034668A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
JP2022542549A JPWO2022034668A5 (en) 2020-08-13 Information processing device, information processing method and program
PCT/JP2020/030764 WO2022034668A1 (en) 2020-08-13 2020-08-13 Information processing device, information processing method, and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2020/030764 WO2022034668A1 (en) 2020-08-13 2020-08-13 Information processing device, information processing method, and storage medium

Publications (1)

Publication Number Publication Date
WO2022034668A1 true WO2022034668A1 (en) 2022-02-17

Family

ID=80247081

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2020/030764 WO2022034668A1 (en) 2020-08-13 2020-08-13 Information processing device, information processing method, and storage medium

Country Status (1)

Country Link
WO (1) WO2022034668A1 (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2008065651A (en) * 2006-09-08 2008-03-21 Ntt Data Corp Face image authentication method, face image authentication apparatus and program
JP2013167986A (en) * 2012-02-15 2013-08-29 Hitachi Ltd Image recognition system and image recognition method

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2008065651A (en) * 2006-09-08 2008-03-21 Ntt Data Corp Face image authentication method, face image authentication apparatus and program
JP2013167986A (en) * 2012-02-15 2013-08-29 Hitachi Ltd Image recognition system and image recognition method

Also Published As

Publication number Publication date
JPWO2022034668A1 (en) 2022-02-17

Similar Documents

Publication Publication Date Title
JP7482381B2 (en) Information processing device, information processing method, and recording medium
JP7380723B2 (en) Information processing device, information processing method and program
US11113912B2 (en) Information processing apparatus, information processing method, and storage medium
US20240127132A1 (en) Information processing apparatus, information processing method, and storage medium
US20220058760A1 (en) Information processing apparatus, information processing method, and storage medium
US20220343673A1 (en) Information processing apparatus, information processing method and storage medium
US20240028682A1 (en) Information processing apparatus, information processing method, and storage medium
JP7298733B2 (en) SERVER DEVICE, SYSTEM, CONTROL METHOD FOR SERVER DEVICE, AND COMPUTER PROGRAM
JP2024023992A (en) Information processing device, information processing method, and program
WO2022034668A1 (en) Information processing device, information processing method, and storage medium
JP7298737B2 (en) SERVER DEVICE, SYSTEM, CONTROL METHOD FOR SERVER DEVICE, AND COMPUTER PROGRAM
US20230377398A1 (en) Information processing apparatus, information processing method, and storage medium
CN114586054A (en) Management server, system, token issuing method, and storage medium
JP7031798B2 (en) Programs, information processing equipment and information processing methods
JP7040690B1 (en) Server equipment, system, control method of server equipment and computer program
US20230360805A1 (en) Information processing apparatus, information processing method, and storage medium
JP7507390B2 (en) Behavioral observation system and behavioral observation method
US20220414195A1 (en) Information processing apparatus, information processing method, and storage medium
US20220060851A1 (en) Information processing apparatus, information processing method, and storage medium
JP2023115090A (en) Server device, method for controlling server device, and computer program
JP2023115091A (en) Server device, system, method for controlling server device, and computer program

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20949530

Country of ref document: EP

Kind code of ref document: A1

ENP Entry into the national phase

Ref document number: 2022542549

Country of ref document: JP

Kind code of ref document: A

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 20949530

Country of ref document: EP

Kind code of ref document: A1