JP2022124229A - Face authentication system, face authentication method, information processing terminal and control method thereof - Google Patents

Abstract

The present invention further improves convenience when users belonging to a group use face authentication. A face authentication system includes a first registration unit that registers rights information of a parent user in association with a group, and a first registration unit that registers facial images of one or more child users in association with the group. and identification for identifying the group to which the user corresponding to the face image belongs by performing face authentication based on the information registered in the second registration unit when the face image is received. and a first determination for determining whether a desired process requested by the child user corresponding to the face image is permitted, based on the rights information associated with the group specified by the specifying unit. a processing unit that executes the desired process based on the determination result by the first determination unit; and at least one of the determination result by the first determination unit and the processing result by the processing unit, and a notification section that notifies the user. [Selection diagram] Figure 2

Description

The present disclosure relates to a face authentication system, a face authentication method, an information processing terminal, and a control method thereof.

Conventionally, a method using face authentication is known as a biometric authentication technology. By using face authentication, the user does not need to have a specific terminal or tool at the time of authentication, and authentication can be easily performed simply by having the authentication terminal recognize the face.

In Patent Document 1, a plurality of users are registered as a group at a hotel front desk, etc., and biometric authentication information such as rights and each user's face is associated with the group, and the biometric authentication information is used. Disclosed is a system that performs authentication and, when the authentication succeeds, grants permission to use hotel facilities, etc., based on the rights set for the group.

JP 2018-190274 A

Consider providing various services using face recognition. For example, Patent Literature 1 discloses assigning a right range to one group and setting available rights for each user belonging to the group within the right range. However, in Patent Document 1, since there is no right manager within the group, management of rights within the group is complicated. In particular, sufficient consideration has not been given to the administrator in the group appropriately grasping the usage status of rights by other users and changing the settings according to the situation.

The present disclosure has been devised in view of the above-described conventional circumstances, and a face authentication system, a face authentication method, and information that can further improve convenience when users belonging to a group use various services by face authentication. An object of the present invention is to provide a processing terminal and its control method.

The present disclosure includes a first registration unit that registers rights information of a parent user in association with a group, and a second registration unit that registers facial images of one or more child users in association with the group. a specifying unit that specifies a group to which a user corresponding to the face image belongs by performing face authentication based on information registered in the second registration unit when the face image is received; a first determination unit that determines whether or not a desired process requested by a child user corresponding to the face image is permitted based on rights information associated with the group identified by the unit; Notification for notifying the parent user of at least one of the processing unit that executes the desired processing based on the determination result of the first determination unit and the determination result of the first determination unit and the processing result of the processing unit. and a face authentication system.

Further, the present disclosure includes a first registration step of registering rights information of a parent user in a storage unit in association with a group; and a group to which the user corresponding to the face image belongs is identified by performing face authentication based on the information registered in the storage unit when the face image is received. a determination step of determining whether or not a desired process requested by the child user corresponding to the face image is permitted based on the rights information associated with the group identified in the identification step; a processing step of executing the desired processing based on the determination result of the determination step; and a notification step of notifying the parent user of at least one of the determination result of the determination step and the processing result of the processing step; to provide a face authentication method.

Further, the present disclosure is an information processing terminal, and includes a request unit that requests a face authentication system to register rights information of a parent user who is a user of the information processing terminal in association with a group; If the child user to whom the child belongs determines whether or not the desired processing is permitted based on face authentication using the child user's face and rights information registered in association with the group, the determination and a receiving unit for receiving notification of at least one of the result of the above and the result of the desired processing.

Further, the present disclosure is a control method for an information processing terminal, comprising a request step of requesting a face authentication system to register right information of a parent user who is a user of the information processing terminal in association with a group; When a child user belonging to the group determines whether or not a desired process is permitted based on face authentication using the child user's face and rights information registered in association with the group. and a receiving step of receiving notification of at least one of the determination result and the desired processing result.

It should be noted that any combination of the above-described components and expressions of the present disclosure converted between methods, devices, systems, storage media, computer programs, etc. are also effective as aspects of the present disclosure.

According to the present disclosure, it is possible to further improve convenience when users belonging to a group use various services by face authentication.

1 is a diagram showing an example of the overall configuration of a system according to Embodiment 1; FIG. FIG. 2 is a diagram showing an example of the functional configuration of each device according to Embodiment 1; 1 shows an example of a hardware configuration of a mobile terminal according to Embodiment 1; FIG. 1 is a diagram showing an example of a hardware configuration of an information processing apparatus according to Embodiment 1; FIG. A diagram showing a configuration example of a database according to Embodiment 1 Processing sequence of an example of a registration processing procedure between devices according to the first embodiment A diagram showing an example of a UI screen during registration processing according to the first embodiment A diagram showing an example of a UI screen during registration processing according to the first embodiment Processing sequence of an example of a verification processing procedure between devices according to the first embodiment A diagram showing an example of a UI screen during matching processing according to the first embodiment Processing sequence of another example 1 of verification processing procedure between devices A diagram showing an example of a UI screen in another example 1 of matching processing Processing sequence of another example 2 of verification processing procedure between devices A diagram showing an example of a UI screen in another example 2 of matching processing Processing sequence of another example 3 of verification processing procedure between devices A diagram showing an example of a UI screen in another example 3 of matching processing Processing sequence of another example 4 of verification processing procedure between devices A diagram showing an example of a UI screen in another example 4 of matching processing Processing sequence of another example 5 of verification processing procedure between devices A diagram showing an example of a UI screen in another example 5 of matching processing

Hereinafter, embodiments specifically disclosing a face authentication system, a face authentication method, an information processing terminal, and a control method thereof according to the present disclosure will be described in detail with reference to the accompanying drawings as appropriate. However, more detailed description than necessary may be omitted. For example, detailed descriptions of already well-known matters or redundant descriptions of substantially the same configurations may be omitted. This is to avoid unnecessary verbosity in the following description and to facilitate understanding by those skilled in the art. It should be noted that the accompanying drawings and the following description are provided to allow those skilled in the art to fully understand the present disclosure and are not intended to limit the claimed subject matter.

<Embodiment 1>
[System configuration]
FIG. 1 shows an example of the overall configuration of a system according to the first embodiment. In this embodiment, the parent mobile terminal 10, the child mobile terminal 20, the face authentication system 30, the face matching terminal 40, and the service providing system 50 are included. be done. In addition, in FIG. 1, each of the various devices is shown as one unit, but a plurality of devices may be included. Further, although various devices are shown as one device, the plurality of devices in FIG. may In this specification, the terms "parent" and "child" indicate the relative relationship between users in setting the rights described below. Therefore, one user can be both a parent user and a child user, and one user can be a child user of multiple parent users. In the following description, when it is necessary to clearly indicate the role of each user in the parent-child relationship, the terms "user (parent)" and "user (child)" are used. Details will be described later.

The parent mobile terminal 10 and the child mobile terminal 20 are mobile terminals owned by each user. A mobile terminal possessed by a user having a role will be described as a child mobile terminal 20 .

The face authentication system 30 performs face authentication processing according to the present embodiment, and stores and manages various types of face information. The service providing system 50 is a system for providing various services in cooperation with the face authentication system 30 . Examples of services that can be provided by the service providing system 50 will be described later. The face authentication system 30 and the service providing system 50 may have an on-premise configuration provided within the facility of the administrator of each service, or may have an off-premise configuration using cloud computing or the like.

The face matching terminal 40 is installed in a facility that provides various services, and is used to acquire a user's face image and confirm the user's rights. The network 60 is configured to communicably connect various devices, and is not particularly limited to wired/wireless or its communication standard.

[Function configuration]
FIG. 2 is a diagram showing an example of functional configurations of various devices according to the present embodiment. Each part of various devices may be implemented by reading a program stored in a storage unit by a control unit (eg, processor) of various devices, or may be implemented by providing dedicated hardware. Here, the processor is configured using, for example, a CPU (Central Processing Unit), a DSP (Digital Signal Processor), or an FPGA (Filed Programmable Gate Array). Note that only parts corresponding to the functions according to the present embodiment are shown here, and various devices may further include parts for realizing other functions. Moreover, the configuration shown in FIG. 2 is an example, and the parts shown in FIG. Also, the links and arrows of each part shown in FIG. 2 show an example of data transmission/reception, but the connection configuration is not limited to this, and other linkages and connections may be made.

The parent mobile terminal 10 includes a usage status display unit 11, a parent right information registration unit 12, a child right information registration unit 13, a parent face information acquisition unit 14, a child face information acquisition unit 15, an imaging unit 16, and a child registration link transmission unit. 17. The usage status display unit 11 displays the usage status of rights owned by the user (parent) of the parent mobile terminal 10 based on the content of notification from the face authentication system 30 . The parental rights information registration unit 12 performs a process of registering rights owned by a user (parent) (hereinafter referred to as “parental rights information”) in the face authentication system 30 . The child right information registration unit 13 permits another user (child) within the range of parent right information possessed by the user (parent) of the parent mobile terminal 10 (in other words, on the premise that the parent right information is satisfied). hereinafter referred to as “child right information”) is registered in the face authentication system 30. In other words, child rights information is conceptually or substantively included in parent rights information.

The parent face information acquisition unit 14 acquires face information (face image) of the user (parent) via the imaging unit 16 and performs processing of registering it in the face authentication system 30 . The child face information acquisition unit 15 acquires face information (face image) of the user (child) via the imaging unit 16 and performs processing of registering it in the face authentication system 30 . The image pickup unit 16 includes a camera for acquiring a face image, and the face image obtained by photographing the face based on the user's operation is sent to the parent face information acquisition unit 14 and the child face information acquisition unit 15. pass to When registering the face information (face image) of the user (child), the child registration link transmission unit 17 transmits the request to the child mobile terminal 20 when the process of photographing the face image is performed on the child mobile terminal 20 side. process. This request includes access information to the face authentication system 30 used when registering a face image (hereinafter referred to as "child registration link").

The secondary mobile terminal 20 includes a secondary registration link receiving unit 21 , an imaging unit 22 , and a small face information acquisition unit 23 . The child registration link receiving unit 21 receives a request transmitted from the parent mobile terminal 10 and notifies the user of the content of the request. The image pickup unit 22 includes a camera for acquiring a face image, and passes the face image obtained by photographing the face based on the user's operation to the small face information acquisition unit 23 . The child face information acquisition unit 23 acquires face information (face image) of the user (child) via the imaging unit 22 . Then, the child face information acquiring unit 23 performs processing for registering the user's (child's) face information in the face authentication system 30 based on the child registration link included in the request transmitted from the parent mobile terminal 10 .

The face authentication system 30 includes a parent-child relationship determination unit 31, a parent face information management unit 32, a child face information management unit 33, a usage right determination unit 34, a parent rights management unit 35, and a child rights management unit 36. . The face authentication system 30 further includes an external system cooperation section 37 , a usage history management section 38 , a usage result notification section 39 and a result notification section 45 . The parent-child relationship determination unit 31 identifies the user whose face image is included in the matching request from the face matching terminal 40 by performing face authentication based on the registered face image. Further, the parent-child relationship determination unit 31 determines the parent-child relationship set for the specified user. A known method can be used as a face authentication method, and the method is not particularly limited. For example, methods such as template matching, feature point extraction, and three-dimensional face authentication may be used. The parent face information management unit 32 registers and manages the face image transmitted from the parent mobile terminal 10 as the face image of the user (parent). The child face information management unit 33 registers and manages the face image transmitted from the parent mobile terminal 10 or the child mobile terminal 20 as the face image of the user (child). The parent face information management unit 32 and the child face information management unit 33 set the parent-child relationship based on instructions from the user (parent).

The usage right determination unit 34 determines whether or not the usage right specified in the matching request from the face matching terminal 40 is granted to the user specified based on the face information. The usage right determination unit 34 refers to information managed by the parent rights management unit 35 and the child rights management unit 36 when making determinations. The parental rights management unit 35 holds and manages parental rights information designated by the parent portable terminal 10 . The parental right information indicates the content of rights for using various services provided by the service providing system 50 in addition to the user authentication service. Certain rights are granted by applying to use or purchasing various services. The child rights management unit 36 holds and manages child rights information specified by the parent mobile terminal 10 .

Based on a matching request from the face matching terminal 40, the external system linking unit 37 connects an external system (for example, one of various systems included in the service providing system 50) to perform processing according to the rights of each user. Cooperate with The content of the linkage may differ depending on the requested content, but may be, for example, a process of referring to or updating a database (hereinafter referred to as DB) of an external system. Alternatively, the configuration may be such that the external system executes a part of the processing according to the content of the request. Also, when processing that does not require cooperation with an external system is requested, the external system cooperation unit 37 may perform processing using various information held inside the face authentication system 30 .

The usage history management unit 38 retains and manages the processing executed in response to a request from the face matching terminal 40, that is, the right usage history. The usage history may be managed including information on processing performed by the service providing system 50 in addition to the processing inside the face authentication system 30 . The usage result notification unit 39 notifies the parent mobile terminal 10 of the usage history managed by the usage history management unit 38 at a predetermined timing. If the user corresponding to the face image indicated by the request from the face matching terminal 40 is the parent, the parent mobile terminal 10 to be the notification destination is the mobile terminal possessed by the user (parent). . On the other hand, if the user corresponding to the face image is a child, the portable terminal owned by the user (parent) having a parent-child relationship with the user (child) becomes the notification destination. The result notification unit 45 notifies the requesting face matching terminal 40 of the result of the face authentication and the details of the process executed as a result of the process requested by the face matching terminal 40 .

The face matching terminal 40 includes an imaging section 41 , a face information acquisition section 42 , a usage right setting section 43 and a matching result display section 44 . The image pickup unit 41 includes a camera for acquiring a face image, and passes the face image obtained by photographing the face based on the user's operation to the face information acquisition unit 42 . The face information acquisition unit 42 acquires the face information (face image) of the user to be face-authenticated via the imaging unit 41 and transfers it to the usage right setting unit 43 . The use right setting unit 43 sets the right to be used by the user to be face-authenticated, and transmits it to the face-authentication system 30 as a matching request together with the face image. The right to use here differs depending on the content of the service provided.

The service providing system 50 may be configured with various systems according to the content of the service to be provided. Examples include a payment system 51 that provides payment services, an accommodation management system 52 that manages accommodation facilities, a facility management system 53 that manages the use of facilities such as amusement facilities, or a lost child determination that manages lost users. A system 54 and the like may be included. The various systems listed here may be configured by separate servers and devices. In the present embodiment, several examples of scenes to which the present disclosure can be applied will be specifically described.

[Device configuration]
(mobile terminal)
FIG. 3 is a diagram showing an example of a hardware configuration of an information processing terminal that can be applied as the parent mobile terminal 10 and the child mobile terminal 20 according to this embodiment. In this embodiment, the parent mobile terminal 10 and the child mobile terminal 20 are described as having the same hardware configuration, but they may have different configurations. The mobile terminal 300, which is an information processing terminal, may be, for example, a smart phone, a tablet terminal, a mobile PC (Personal Computer), a wearable terminal, or the like. Here, a smart phone is taken as an example.

Portable terminal 300 includes CPU 301 , communication unit 302 , touch panel display 303 , microphone 304 , speaker 305 , memory 306 , storage 307 and camera 309 . The CPU 301 provides various functions by reading and executing various programs (for example, the application 308) stored in the storage 307. FIG.

A communication unit 302 communicates with the outside via a mobile phone communication network, the Internet, short-range wireless communication, or the like, and transmits and receives various data and signals. The communication method by the communication unit 302 is, for example, a 4G/5G communication method using a wide area communication line such as a telephone line, a Wi-Fi (registered trademark) standard of a wireless LAN (Local Area Network) which is a short-range wireless communication, The Bluetooth (registered trademark) standard or the like may be used.

The touch panel display 303 functions as display means for displaying various information to the user, and also receives touch operations from the user. A microphone 304 receives the user's voice and surrounding audio information as input. A speaker 305 outputs audio information. A memory 306 is a volatile storage area, and is used as a work area when the CPU 301 performs various processes, for example. The storage 307 is a non-volatile storage area, and stores applications 308 for various processes according to this embodiment, for example. The application 308 provides various functions by being read and executed by the CPU 301 . A camera 309 captures an image of an object based on a user's operation and acquires the image. In this embodiment, the user's face is photographed and acquired as a face image.

(Information processing device)
FIG. 4 is a diagram showing an example of the hardware configuration of an information processing apparatus that can be applied as the face authentication system 30 and the face matching terminal 40 according to this embodiment. Here, a PC will be described as an example of the information processing apparatus, but the face matching terminal 40 may be configured as a dedicated terminal for face matching, for example.

The information processing apparatus 400 includes a CPU 401 , a communication section 402 , a display section 403 , an external I/F (interface) 404 , a memory 405 and a storage device 406 . Note that the face matching terminal 40 is further equipped with a camera (not shown). The CPU 401 implements various functions by reading various programs and data stored in the memory 405 and the storage device 406 and executing processing. A communication unit 402 communicates with the outside via the Internet, short-range wireless communication, or the like, and transmits and receives various data and signals. For the communication method of the communication unit 302, for example, the Wi-Fi (registered trademark) standard of wireless LAN, which is short-range wireless communication, or the Bluetooth (registered trademark) standard may be used.

The display unit 403 displays various information based on instructions from the CPU 401 . The external I/F 404 is an interface for transmitting and receiving data to and from an external device, and receives input of data via an operation device (not shown) such as a mouse or keyboard. The memory 405 is a storage area for storing and holding various types of information. Configured. A storage device 406 is a storage area for storing and holding various types of information, and is configured by an HDD (Hard Disk Drive) or the like. Various DBs according to this embodiment may be stored in the storage device 406 .

[Database configuration]
FIG. 5 is a diagram showing a configuration example of a DB according to this embodiment. The DB configuration shown here is an example, and is not limited to this configuration. Therefore, any one of the DBs shown in FIG. 5 may be collectively configured as one DB, or one DB may be divided into a plurality of DBs. Other items may also be added.

FIG. 5A shows a configuration example of a face information DB according to this embodiment. The face information DB is managed by, for example, the parent face information management unit 32 and the child face information management unit 33 of the face authentication system 30 . The face information DB includes columns of Person ID, face image, name, phone number, and SNS. A Person ID column indicates a Person ID, which is identification information for uniquely identifying a user. A Person ID is assigned, for example, by the face authentication system 30 at the time of user registration. Note that the specifications of IDs (number of digits, characters used, etc.) included in each DB shown below are examples, and are not limited to those shown in FIG. The face image column indicates face images corresponding to registered faces of users. The face image may be stored as registered image data as it is, or may be stored after being converted into a specific data format according to a face authentication algorithm or the like. The facial image column may indicate the storage location of the facial image.

The name column shows the user's name information. The phone number column shows the user's phone number. The SNS column indicates information used on the user's SNS (Social Network Service). For example, an email address, account information, etc. are set in the SNS column. Note that services that can be used as SNS are not particularly limited, and include communication tools such as e-mail. This name information is used as the display name of each user (child) on the parent mobile terminal 10 .

FIG. 5B shows a configuration example of a right information DB according to this embodiment. The rights information DB is managed by, for example, the parental rights management unit 35 of the face authentication system 30 . The rights information DB includes columns of rights ID, Person ID, and details of rights information. A right ID column indicates a right ID, which is identification information for uniquely identifying a right. A right ID is assigned, for example, when a user (parent) acquires a right. The Person ID column indicates Person IDs of users who have rights (that is, users (parents)), and corresponds to Person IDs shown in FIG. 5(a). The rights information details column indicates details of rights. The content of the detailed information here changes according to the content of various services provided by the service providing system 50 . For example, when the service is an accommodation management service, information such as accommodation facility, accommodation date and time, number of guests, and accommodation plan are managed as detailed information of rights.

FIG. 5(c) shows a configuration example of a group DB according to this embodiment. The group DB is managed by, for example, the familiar face information management unit 32 of the face authentication system 30 . The group DB includes columns for group ID, right ID, parent member ID, and child member ID. A group ID column indicates a group ID that is information for uniquely identifying a group. A group ID is assigned, for example, when a user (parent) sets a group. The right ID column indicates the right ID of the right used in the group and corresponds to the right ID shown in FIG. 5(b). The parent member ID column indicates the Person ID of the user (parent) who is the administrator of the group, and corresponds to the Person ID shown in FIG. 5(b). The child member ID column indicates Person IDs of users (children) belonging to the group, and corresponds to Person IDs in FIG. 5(a).

FIG. 5(d) shows another configuration example of the right information DB according to this embodiment. Details of FIG. 5(d) will be described later together with an application example of the present disclosure.

[Operation sequence]
Next, a processing sequence between devices in the system according to this embodiment will be described. The processing according to the present embodiment is divided into two steps of right registration processing and right utilization (collation) processing. In the registration process, a user (parent) registers the rights it owns and one or more users (children) who can use those rights. In the usage process, whether or not the registered right can be used is determined based on the user's face image, and the right is used according to the result of the determination. The flow of each process will be described below with reference to the drawings.

(registration process)
FIG. 6 is a diagram showing a processing sequence of registration processing according to the present embodiment. Each device, which is the subject of processing in the processing sequence, realizes each function by reading and executing a program corresponding to each function shown in FIG. 2 by a control unit such as a CPU.

The parent mobile terminal 10 receives a registration instruction from the user (step S601). The registration instruction here may be made, for example, via a screen (not shown) displayed when accessing the system corresponding to the service to be used. Further, the registration instruction may be configured such that when the right is acquired in step S602 described later, it is possible to select whether or not to register the right.

The parent mobile terminal 10 acquires the desired right through the screen displayed by accessing the system corresponding to the service to be used (step S602). For example, it is assumed that the facility management system 53 reserves the use of the facility. In this case, a reservation for using the facility is made via a reservation screen 700 as shown in FIG. 7(a). The reservation screen 700 includes setting items such as reservation details 701 and reservation person information 704 (customer information). The reservation content 701 includes a facility name 702 indicating the facility to be used and a date and time 703 indicating the date and time of use. The reservation person information 704 includes a name 705 indicating the name of the reservation person and contact information 706 indicating the contact information of the reservation person. The user makes a reservation by pressing a reservation button 707 after inputting the displayed information. That is, in the example of FIG. 7A, the user obtains the right to use the facility by making a reservation. Note that the reservation screen 700 shown in FIG. 7(a) is merely an example, and the displayed items and input items may differ according to the content of the service to be used. After acquiring the rights, the parent mobile terminal 10 notifies the face authentication system 30 of the information on the rights.

The face authentication system 30 stores the right acquired by the user as parental right information based on the data received from the parent portable terminal 10 (step S603). Specifically, the parent right information is registered in the right information DB shown in FIG. 5(b).

The parent portable terminal 10 photographs the face of the parent user and acquires it as a face image (step S604). For example, the parent portable terminal 10 displays a photographing screen 710 for registering the face image of the user (parent) as shown in FIG. 7B, and prompts the user to photograph. An icon 711, a message, or the like may be displayed on the photographing screen 710 in order to acquire an appropriate face image. After acquiring the face image, the parent mobile terminal 10 registers it as the face image of the user (parent) in the face authentication system 30 . It should be noted that the face image may be configured so that the user can select it from images that have already been taken.

The face authentication system 30 registers the face image of the user (parent) obtained from the parent mobile terminal 10 (step S605). Specifically, the face image of the user (parent) is registered in the face information DB shown in FIG. 5(a). At this time, the face authentication system 30 may perform processing for converting the face image into arbitrary data according to a face authentication algorithm or the like.

The parent portable terminal 10 sets a group including one or more users (children) who can use the acquired rights (step S606). For example, the parent portable terminal 10 displays registration screens as shown in FIGS. 7(c) and 7(d) to allow the user (parent) to perform group setting. FIG. 7C shows a configuration example of a group registration screen 720 . A registration screen 720 shows a list 721 of users (children) included in the group. In the case of the example of FIG. 7C, as indicated by an icon 722, two users are designated as "child 1" and "child 2". A user (child) can be added by pressing an add button 723 . When the add button 723 is pressed, a registration screen 730 shown in FIG. 7(d) is displayed. The registration screen 730 is a screen for setting information about the user (child), and shows setting items 731 indicating basic information of the user (child). In the example of FIG. 7D, the basic information includes the user's (child's) name 732, face information 733, phone number 735, and SNS 736. FIG. The registration screen 730 further has a registration button 734 and a send button 737 . When the registration button 734 is pressed, the parent portable terminal 10 takes a face image of the child user. On the other hand, when the send button 737 is pressed, the child portable terminal 20 owned by the child user captures the face image of the user. The parent mobile terminal 10 transmits various setting information of the group to the face authentication system 30 to register the group.

The face authentication system 30 performs group registration using various group setting information received from the parent mobile terminal 10 (step S607). Specifically, the group information is registered in the group DB shown in FIG. 5(c).

The parent mobile terminal 10 determines whether the parent mobile terminal 10 or the child mobile terminal 20 should acquire the face image of the child user (step S608). As described above, when the registration button 734 is pressed on the registration screen 730 of FIG. 7D, it is assumed that the face image of the child user is captured by the parent portable terminal 10 (step S608, YES). ), the process of the parent portable terminal 10 proceeds to step S609. On the other hand, when the send button 737 is pressed on the registration screen 730 of FIG. The processing of the terminal 10 proceeds to step S610.

The parent portable terminal 10 captures the face of the child user and acquires it as a face image (step S609). For example, the parent portable terminal 10 displays a photographing screen 800 for registering the user's (child's) face image as shown in FIG. 8A, and prompts the user to photograph. An icon 801, a message, or the like may be displayed on the photographing screen 800 in order to acquire an appropriate face image. After acquiring the face image, the parent mobile terminal 10 registers it as the face image of the user (child) in the face authentication system 30 . It should be noted that the face image may be configured so that the user can select it from images that have already been taken.

The parent mobile terminal 10 transmits a request for photographing face information (face image) of the child user to the child mobile terminal 20 (step S610). The request here includes access information (child registration link) to the face authentication system 30 used when registering the face image. The request sent here may be sent by e-mail, for example, and the information set in the SNS 736 of the registration screen 730 of FIG. 7D may be used as the destination. When sending a request by e-mail, for example, an e-mail 810 with contents as shown in FIG. 8B may be sent. In the mail 810, a subject 811 indicating the outline of the request is set. Body 812 also includes request details and a registration button 813 for performing face registration. When the registration button 813 is pressed, face image registration processing is performed.

Based on the registration request (for example, the mail 810) received from the parent mobile terminal 10, the child mobile terminal 20 captures the face of the child user and acquires it as a face image (step S611). For example, when the registration button 813 shown in the mail 810 is pressed, the child portable terminal 20 displays a shooting screen 820 for registering the face image of the user (child) as shown in FIG. 8(c). , to prompt the user to take a picture. An icon 821, a message, or the like may be displayed on the shooting screen 820 in order to obtain an appropriate face image. After obtaining the face image, the child portable terminal 20 registers it as the face image of the user (child) in the face authentication system 30 . The processing here may be performed using a predetermined SNS application, or may be performed via a web browser (not shown) or the like in response to the registration request received from the parent mobile terminal 10 .

The face authentication system 30 registers the face image of the user (child) received from the parent mobile terminal 10 or the child mobile terminal 20 (step S612). Specifically, the face image of the user (child) is registered in the face information DB shown in FIG. 5(a). At this time, the face authentication system 30 may perform processing for converting the face image into arbitrary data according to a face authentication algorithm or the like.

The face authentication system 30 sets the parent-child relationship based on the registered user (parent) and user (child) information (step S613). Specifically, each user is associated by updating the contents of the group DB shown in FIG. 5(c) based on the designated information. In this embodiment, a registrant of a group is set as a user (parent), and other users belonging to the group are set as users (children).

The parent portable terminal 10 accepts right setting for the user (child) (step S614). For example, right setting for the user (child) is performed by displaying a setting screen 830 as shown in FIG. 8(d). A setting screen 830 displays basic information 831 of a user (child) that has already been set and right information 832 that the user (child) is permitted to use. As items of the rights information 832, assuming a payment service, the availability of payment 833, the maximum amount of payment 834, the availability of coupons 835, and the like are included. When the set button 836 is pressed, the content of the entered right information 832 is passed to the face authentication system 30 to instruct registration. The setting screen 830 shown in FIG. 8(d) is an example, and items to be displayed and input may differ according to the content of the service to be used.

The face authentication system 30 determines whether or not the rights information of the user (child) received from the parent portable terminal 10 is within the rights of the user (parent) (step S615). At this time, if the rights of the user (parent) are exceeded, the parent mobile terminal 10 may be notified to that effect and re-input may be prompted. Alternatively, the setting screen 830 shown in FIG. 8D may be configured such that settings that exceed the rights of the user (parent) cannot be designated.

The face authentication system 30 stores right information for the user (child) based on the confirmation result of step S615 (step S616). Then, the processing sequence of FIG. 6 ends.

In the above example, after each face image is registered, child rights information is set (step S614), but the flow is not limited to this. For example, the setting of user (child) rights information may be performed together with the process of group setting (step S606). Note that when the face image of the child user is not registered, even if the right information is set for the child, the right cannot be used.

Moreover, addition or deletion of a user (child) to a group may be performed at any timing, and the timing is not limited to setting the group. Also, the parent-child relationship is not limited to the one set when the group is registered. For example, the configuration may be such that the user (parent) can be changed at any timing.

Moreover, the addition or deletion of user (parent) rights may be performed at any timing. The configuration may be such that a user (parent) can add or delete rights to an already created group to update it. In this case, instead of the processing of steps S604 to S607, even if there is a configuration in which a group to be associated with the newly acquired right can be selected from groups already created in association with the user (parent). good.

Also, when setting a group, the configuration may be such that a group that has already been created by the user (parent) can be copied and created. As a result, it is possible to reduce the trouble of group setting.

(matching process: basic pattern)
Next, a matching process according to this embodiment will be described. FIG. 9 is a diagram showing a processing sequence of matching processing according to the present embodiment. Each device, which is the subject of processing in the processing sequence, realizes each function by reading and executing a program corresponding to each function shown in FIG. 2 by a control unit such as a CPU. It is assumed that various types of information have been registered by the registration process described with reference to FIG. 6 prior to the collation process described below. Also, the basic processing flow is the same regardless of whether the user who performs face matching is a parent or a child. A user (hereinafter referred to as "target user") is assumed to be a user (child).

First, the face matching terminal 40, the face authentication system 30, and the service providing system 50 cooperate to perform face matching common processing (step S900). The face matching common process is composed of steps S901 to S907. This process is a process commonly performed in other cases described below. Although the screens displayed and the contents of data exchanged between various devices may be changed depending on the case of application, the general flow is common.

The face matching terminal 40 accepts a face matching instruction (step S901). This instruction may be given by, for example, an operator at the facility where the face matching terminal 40 is installed, performing an instruction operation when performing face matching.

The face matching terminal 40 takes a picture of the target user's face using a camera (not shown) and acquires it as a face image (step S902). For example, the face matching terminal 40 displays a photographing screen 1000 for face matching as shown in FIG. 9A, and prompts the target user to take a photograph. An icon 1001, a message, or the like may be displayed on the photographing screen 1000 in order to acquire an appropriate face image.

The face matching terminal 40 sets the right to be used by the target user (step S903). The setting here may be defined in advance on the face matching terminal 40 side according to the content of the service to be used, or the operator of the facility where the face matching terminal 40 is installed may choose from several options. It may be done by selection. For example, if the service to be used is admission to a facility, "admission" is set as the right to use.

The face matching terminal 40 transmits an authentication request (matching request) including the face image acquired in step S902 and the rights set in step S903 to the face authentication system 30 (step S904).

The face authentication system 30 checks the registration status of the face information based on the authentication request received from the face matching terminal 40 (step S905). Here, the face authentication system 30 performs face authentication processing with reference to the face information DB shown in FIG. 5(a). As described above, a known method can be used as a face authentication method, and the method is not particularly limited. For example, methods such as template matching, feature point extraction, and three-dimensional face authentication may be used. Thereby, the target user indicated by the face image can be specified.

The face authentication system 30 identifies the parent-child relationship of the target user (here, the user (child)), and identifies the user (parent) and its right information (step S906). For example, the face authentication system 30 performs processing by referring to the right information DB and group DB shown in FIGS. 5(b) and 5(c). In addition, if necessary, the face authentication system 30 requests confirmation of rights owned by the user to any system included in the service providing system 50, which is an external system. Whether or not this confirmation request is transmitted/received differs according to the configuration of various DBs, the content of the service to be used, and the like.

When receiving a right confirmation request from the face authentication system 30, the service providing system 50 performs right confirmation processing for each user in response to the request, and returns the result to the face authentication system 30 (step S907). As described above, the confirmation process on the service providing system 50 side may be omitted depending on the DB configuration, system configuration, and the like. The process up to this point is the face matching common process included in step S900.

The face authentication system 30 notifies the face matching terminal 40 of the result of the face matching common process (step S908). Here, as an example, it is assumed that the face authentication of the user is set in step S903. In this case, the face authentication system 30 notifies the face matching terminal 40 of the authentication result based on the user's face image.

The face matching terminal 40 displays the processing result received from the face authentication system 30 (step S909). For example, the face matching terminal 40 displays an authentication result screen 1010 as shown in FIG. 10(b). The authentication result screen 1010 includes an icon 1011 indicating the authentication result, a face image 1012 used for face authentication, user information 1013 of the target user, and a message 1014 regarding the authentication result.

The face authentication system 30 saves the processing result of the face matching common processing in step S900 as history information (step S910). For example, when face authentication is performed, the fact that the face authentication has been performed and the information of the authentication result are stored. In other words, the content of the rights that the user has used or attempted to use is preserved.

The face authentication system 30 identifies the parent mobile terminal 10 possessed by the user (parent) based on the parent-child relationship identified in step S906, and sends the history information saved in step S910 to the parent mobile terminal 10. Notify (step S911). Here, the notification may be sent by e-mail, for example.

Parent mobile terminal 10 displays the notification received from face authentication system 30 . When the notification is made by e-mail, for example, an e-mail 1020 with contents as shown in FIG. 10(c) may be sent. In the mail 1020, a subject 1021 indicating an overview of history information is set. The text 1022 also includes details of the history information (contents of rights used, etc.). Then, the processing sequence of FIG. 9 ends.

Note that the above processing sequence shows an example of notifying the content of use for each use of the right. However, the present invention is not limited to this. For example, the usage history for a predetermined period may be notified in chronological order or as a cumulative result. Also, the timing of notification to the user (parent) is not limited to the timing when the right is used, and may be configured so that the user (parent) can set desired timing. For such notification setting, for example, notification setting may be performed in the step of group setting (step S606) in FIG. 6, and notification may be performed according to the setting content.

(Verification processing: case of facility use)
9 and 10, the basic processing sequence of the matching processing according to this embodiment has been described. Next, a case where this basic processing sequence is applied to the case of using a facility will be described.

In this case, based on the registration process shown in FIG. 6, the user (parent) has purchased and registered in advance the right to use the facility multiple times (or multiple people) (for example, the right to enter). and At this time, if a user belongs to a group, the user may use the rights associated with the group without identifying the rights, or the rights assigned to each user (child) may be specified. The configuration may be such that it is used. In the former case, for example, implementation is possible with the configuration of the right information DB as shown in FIG. 5(b). In the latter case, for example, implementation is possible with the configuration of the right information DB as shown in FIG. 5(d). In the configuration of the rights information DB shown in FIG. are assigned to available users (children). In this configuration, the user (child) uses the assigned usage right among the multiple usage rights associated with the group.

FIG. 11 is a diagram showing a processing sequence when the collation processing according to the present embodiment is applied to facility use. Each device, which is the subject of processing in the processing sequence, realizes each function by reading and executing a program corresponding to each function shown in FIG. 2 by a control unit such as a CPU.

The face matching terminal 40, the face authentication system 30, and the service providing system 50 cooperate to perform face matching common processing (step S900). This process is the face matching common process described with reference to FIG. In this process, for example, the face matching terminal 40 displays a photographing screen 1200 for face matching as shown in FIG. 12(a), and prompts the target user to take a picture. An icon 1201, a message, or the like may be displayed on the photographing screen 1200 in order to acquire an appropriate face image.

The face authentication system 30 confirms the rights information that can be used by the target user (here, the user (child)), and updates the rights information to be used according to the matching result of the face matching common process (step S1101). . For example, the face authentication system 30 performs confirmation processing by referring to the right information DB and group DB shown in FIGS. 5(b) and 5(c). In addition, if necessary, the face authentication system 30 requests an arbitrary system included in the service providing system 50, which is an external system, to update the rights that the user (parent) has. Whether or not to execute transmission/reception of this update request differs according to the configuration of various DBs, the contents of services to be used, and the like. For example, in the case of the right to enter a facility, the DB is updated to indicate that the right has been used (disappeared) upon entering.

When the service providing system 50 receives from the face authentication system 30 an update request associated with the use of rights, the service providing system 50 updates the rights of each user in response to the request, and returns the result to the face authentication system 30 (step S1102). As described above, the update processing on the service providing system 50 side may be omitted depending on the DB configuration, system configuration, and the like.

The face authentication system 30 notifies the face matching terminal 40 of usage permission/prohibition information indicating whether or not the target user is permitted to use the right based on the details of the processing up to this point (step S1103). Specifically, it is notified whether or not the face authentication of the user (child) is successful and the facility can be used.

The face matching terminal 40 displays the availability information received from the face authentication system 30 (step S1104). For example, the face matching terminal 40 displays an authentication result screen 1210 as shown in FIG. 12(b). The authentication result screen 1210 includes an icon 1211 indicating availability, a face image 1212 used for face authentication, user information 1213 of the target user, and a message 1214 regarding the authentication result.

The face authentication system 30 stores the usage result received from the service providing system 50 as history information (step S1105). Specifically, when a facility is used, information such as success or failure of face authentication, whether or not the facility can be used, and date and time of use is stored. In other words, the content of rights used or intended to be used by the target user is preserved.

The face authentication system 30 identifies the parent mobile terminal 10 possessed by the user (parent) based on the parent-child relationship identified in the face matching common process of step S900, and sends the parent mobile terminal 10 a The saved history information is notified (step S1106). Here, the notification may be sent by e-mail, for example.

Parent mobile terminal 10 displays the notification received from face authentication system 30 . When the notification is made by e-mail, for example, an e-mail 1220 with contents as shown in FIG. 12(c) may be sent. In the mail 1220, a subject 1221 indicating an overview of history information is set. The text 1222 also includes details of usage information (date and time of use, user, facility name, etc.). Then, the processing sequence of FIG. 11 ends.

(Verification processing: case of payment use)
Next, a case where the basic processing sequence described with reference to FIGS. 9 and 10 is applied to the use of the payment service will be described.

In this case, based on the registration process shown in FIG. 6, the user (parent) can make a payment in cooperation with the payment system 51, which is one of the service providing systems 50, as the right to use the payment service in advance. account information is registered. More specifically, on the setting screen 830 shown in FIG. 8(d), the availability of payment 833 and the upper limit amount 834 of payment are set.

FIG. 13 is a diagram showing a processing sequence when the collation processing according to the present embodiment is applied to the use of settlement services. Each device, which is the subject of processing in the processing sequence, realizes each function by reading and executing a program corresponding to each function shown in FIG. 2 by a control unit such as a CPU.

The face matching terminal 40, the face authentication system 30, and the service providing system 50 cooperate to perform face matching common processing (step S900). This process is the face matching common process described with reference to FIG. During this process, for example, the face matching terminal 40 displays a payment screen 1400 as shown in FIG. 14B and accepts the setting of the right to use (step S903). The payment screen 1400 includes payment information 1401 indicating the amount of payment, a cancel button 1402 for canceling the execution of payment, and an enter button 1403 for instructing the execution of payment. Furthermore, in the face matching common process, the face matching terminal 40 displays a photographing screen 1410 for face matching as shown in FIG. 14B to prompt the target user to take a picture. An icon 1411, a message, or the like may be displayed on the photographing screen 1410 in order to acquire an appropriate face image.

The face authentication system 30 confirms the right information that can be used by the target user (here, the user (child)), and confirms the right information to be used according to the matching result of the face matching common process (step S1301). . For example, the face authentication system 30 performs confirmation processing by referring to the right information DB and group DB shown in FIGS. 5(b) and 5(c). Furthermore, the face authentication system 30 identifies a service providing system 50 (here, a payment system 51) that provides services to be used based on rights.

The face authentication system 30 requests the service providing system 50 (here, the payment system 51) that provides the service used by the user to use the service based on the specified right (step S1302). This request includes the usage amount, user information, and the like.

The service providing system 50 provides the service based on the request from the face authentication system 30 (step S1303). Specifically, the settlement system 51 performs settlement processing based on the designated amount. The service providing system 50 then returns the result of using the right-based service to the face authentication system 30 .

The face authentication system 30 notifies the face matching terminal 40 of the usage result received from the service providing system 50 (step S1304).

The face matching terminal 40 displays the usage result received from the face authentication system 30 (step S1305). For example, the face matching terminal 40 displays a usage result screen 1420 as shown in FIG. 14(c). The usage result screen 1420 includes an icon 1421 indicating the settlement result, a settlement amount 1422 , and an end button 1423 for ending the usage result screen 1420 .

The face authentication system 30 stores the usage result received from the service providing system 50 as history information (step S1306). Specifically, when a payment service is used, information such as the success or failure of face authentication, the payment amount, and the date and time of use is saved. In other words, the content of the rights that the user has used or attempted to use is preserved.

The face authentication system 30 identifies the parent mobile terminal 10 possessed by the user (parent) based on the parent-child relationship identified in the face matching common process of step S900, and sends the parent mobile terminal 10 a The saved history information is notified (step S1307). Here, the notification may be sent by e-mail, for example.

Parent mobile terminal 10 displays the notification received from face authentication system 30 . When the notification is made by e-mail, for example, an e-mail 1430 with contents as shown in FIG. 14(d) may be sent. In the mail 1430, a subject 1431 indicating an overview of history information is set. The text 1432 also includes details of usage information (date and time of usage, user, payment amount, etc.). Then, the processing sequence of FIG. 13 ends.

(Verification process: Modified example 1 of payment use)
In FIGS. 13 and 14, the case of application to settlement services has been described. Here, a modification of the case applied to settlement services will be further described. More specifically, based on the processing sequence of FIG. 13, a case of updating user (child) right settings will be described. It should be noted that the same reference numerals are assigned to processes that overlap with the processes shown in FIG. 13, and descriptions thereof will be omitted.

The parent mobile terminal 10 accepts right setting for the user (child) (step S1501). For example, right setting for the user (child) is performed by displaying a setting screen 1600 as shown in FIG. A setting screen 1600 displays basic information 1601 of a user (child) that has already been set and right information 1602 that the user (child) is permitted to use. Items of the rights information 1602 include whether or not payment can be used 1603, maximum payment amount 1604, necessity of notification to the user (parent) 1605, and conditions 1606 for notification. The maximum settlement amount 1604 is set to the accumulated amount that can be used. As the condition 1606, for example, the case where the remaining available amount becomes a predetermined amount (for example, less than 1,000 yen) as a result of using the amount set in the maximum settlement amount 1604 is specified. good. When the setting button 1607 is pressed, the parent portable terminal 10 passes the content of the input right information 1602 to the face authentication system 30 and instructs registration.

The face authentication system 30 determines whether or not the rights information of the user (child) received from the parent portable terminal 10 is within the rights of the user (parent) (step S1502). At this time, if the rights of the user (parent) are exceeded, the parent mobile terminal 10 may be notified to that effect and re-input may be prompted. Alternatively, the setting screen 1600 shown in FIG. 16A may be configured such that settings that exceed the rights of the user (parent) cannot be designated.

The face authentication system 30 stores right information for the user (child) based on the confirmation result of step S1502 (step S1503).

Next, the face matching terminal 40, the face authentication system 30, and the service providing system 50 cooperate to perform face matching common processing (step S900). This process is the face matching common process described with reference to FIG. In this process, for example, the face matching terminal 40 displays a payment screen 1610 as shown in FIG. 16B, and accepts setting of usage rights (step S903). The settlement screen 1610 includes settlement information 1611 indicating the amount of settlement, a cancel button 1612 for canceling the execution of settlement, and an enter button 1613 for instructing the execution of settlement. Furthermore, in the face matching common processing, the face matching terminal 40 displays a photographing screen 1620 for face matching as shown in FIG. 16(c) to prompt the target user to take a photo. An icon 1621, a message, or the like may be displayed on the shooting screen 1620 in order to acquire an appropriate face image.

The face authentication system 30 performs steps S1301 to S1306 in the same manner as the processing sequence shown in FIG. In this series of flows, the face matching terminal 40 displays a usage result screen 1630 as shown in FIG. 16(d) as the usage result of the settlement service. The usage result screen 1630 includes an icon 1631 indicating the settlement result, a settlement amount 1632, and an end button 1633 for ending the usage result screen 1630. FIG.

After the process of step S1306, the face authentication system 30 determines whether or not the notification conditions set on the setting screen 1600 are satisfied as a result of using the service (step S1504). In this example, on the setting screen 1600, the maximum payment amount 1604 is set to "10,000 yen," the necessity of notification 1605 is set to "ON," and the notification condition 1606 is set to "less than 1,000 yen." In this case, as shown in FIG. 16D, if the payment amount is "9980 yen", the condition 1606 is satisfied. If the reset notification condition is satisfied (step S1504, YES), the processing of the face authentication system 30 proceeds to step S1505. On the other hand, if the reset notification condition is not satisfied (step S1504, NO), the processing of the face authentication system 30 proceeds to step S1307.

The face authentication system 30 identifies the parent mobile terminal 10 possessed by the user (parent) based on the parent-child relationship identified in the face matching common process of step S900, and sends the parent mobile terminal 10 a The saved history information is notified (step S1505). Here, the notification may be sent by e-mail, for example. In addition, here, the notification of the contents including the words prompting the resetting of the rights of the user (child) is performed.

The parent mobile terminal 10 displays the notification received from the face authentication system 30 (step S1308). If the notification is sent by e-mail, and if the notification includes a message prompting resetting in step S1505, for example, an e-mail 1640 having the contents shown in FIG. 16E is sent. good. In the mail 1640, a subject 1641 indicating an overview of history information is set. The text 1642 also includes details of usage information (date and time of use, user, payment amount, etc.) and text prompting the user (child) to reset rights. Further, the mail 1640 includes a change button 1643 for changing the setting of user (child) rights. Note that when the process of step S1307 is performed, the mail as shown in FIG. 14D is displayed on the parent portable terminal 10. FIG.

The parent mobile terminal 10 determines whether or not an instruction to reset rights for the user (child) has been issued (step S1506). For example, when the change button 1643 of the mail 1640 shown in FIG. 16E is pressed, it is assumed that a resetting instruction has been given (step S1506, YES), and the processing of the parent mobile terminal 10 proceeds to step S1506. to reconfigure the user (child). At this time, the parent portable terminal 10 displays a setting screen 1650 such as that shown in FIG. The configuration of the setting screen 1650 is basically the same as the setting screen 1600 shown in FIG. 16(a). Here, as shown in the settlement upper limit 1651, the configuration may be such that the values before and after the change are displayed. If the resetting instruction is not issued (step S1506, NO), the process returns to step S900 and repeats the process as appropriate.

(Verification process: Modified example 2 of payment use)
In FIGS. 13 and 14, the case of application to settlement services has been described. Here, a second modification of the case applied to settlement services will be further described. More specifically, based on the processing sequence of FIG. 13, a case of updating user (child) right settings will be described. It should be noted that the same reference numerals are assigned to processes that overlap with the processes shown in FIG. 13, and descriptions thereof will be omitted. Here, an example will be described assuming a case in which the balance is insufficient, that is, a case in which a settlement is attempted that exceeds the upper limit of the amount of money that can be used.

The face matching terminal 40, the face authentication system 30, and the service providing system 50 cooperate to perform face matching common processing (step S900). This process is the face matching common process described with reference to FIG. In this process, for example, the face matching terminal 40 displays a payment screen 1800 as shown in FIG. 18(a), and accepts setting of usage rights (step S903). The settlement screen 1800 includes settlement information 1801 indicating the amount of settlement, a cancel button 1802 for canceling the execution of settlement, and an enter button 1803 for instructing the execution of settlement. Furthermore, in the face matching common process, the face matching terminal 40 displays a photographing screen 1810 for face matching as shown in FIG. 18B to prompt the target user to take a picture. An icon 1811, a message, or the like may be displayed on the shooting screen 1810 in order to acquire an appropriate face image.

The face authentication system 30 performs steps S1301 to S1306 in the same manner as the processing sequence shown in FIG. In this series of flows, the face matching terminal 40 displays a usage result screen 1820 as shown in FIG. 18(c) as the usage result of the payment service. The usage result screen 1820 includes an icon 1821 indicating the result of payment, a payment amount 1822, and an end button 1823 for ending the usage result screen 1820. FIG. Here, a case where settlement fails due to insufficient balance is shown.

After the process of step S1306, the face authentication system 30 determines whether or not the settlement failed due to insufficient balance as a result of using the service (step S1701). If settlement fails due to insufficient balance (step S1701, YES), the processing of the face authentication system 30 proceeds to step S1702. Otherwise (step S1701, NO), the processing of the face authentication system 30 proceeds to step S1307.

The face authentication system 30 identifies the parent mobile terminal 10 possessed by the parent user based on the parent-child relationship identified in the common face matching process in step S900, and sends the parent mobile terminal 10 the parent mobile terminal 10 in step S1306. The saved history information is notified (step S1702). Here, the notification may be sent by e-mail, for example. In addition, here, the notification of the contents including the words prompting the resetting of the rights of the user (child) is performed.

The parent mobile terminal 10 displays the notification received from the face authentication system 30 (step S1308). If the notification is sent by e-mail, and if the notification includes a message urging resetting in step S1505, for example, an e-mail 1830 having the contents shown in FIG. 18(d) is sent. good. In the mail 1830, a subject 1831 indicating an overview of history information is set. The text 1832 also includes details of usage information (date and time of use, user, payment amount, etc.) and text prompting the user (child) to reset rights. Further, the mail 1830 includes a change button 1833 for changing the setting of user (child) rights. It should be noted that when the process of step S1307 is performed, the main mobile terminal 10 displays an email 1430 as shown in FIG. 14(d).

The parent mobile terminal 10 determines whether or not an instruction to reset rights for the user (child) has been issued (step S1703). For example, when the change button 1833 of the mail 183 shown in FIG. 18D is pressed, it is assumed that a resetting instruction has been given (step S1703, YES), and the processing of the parent mobile terminal 10 proceeds to step S1704. proceed to If the resetting instruction is not issued (step S1703, NO), the process returns to step S900 and repeats the process as appropriate.

The parent portable terminal 10 accepts right setting for the user (child) (step S1704). For example, by displaying a setting screen 1840 as shown in FIG. 18(e), the user (child) is allowed to set rights. A setting screen 1840 displays basic information 1841 of a user (child) that has already been set and right information 1842 that the user (child) is permitted to use. The items of the rights information 1842 include a settlement availability 1843, a settlement upper limit 1844, and the like. The settlement upper limit 1844 is set to the accumulated amount that can be used. As shown in the settlement upper limit 1844, the configuration may be such that the values before and after the change are displayed. When the set button 1845 is pressed, the parent portable terminal 10 passes the content of the input right information 1842 to the face authentication system 30 and instructs registration.

The face authentication system 30 determines whether or not the rights information of the user (child) received from the parent mobile terminal 10 is within the rights of the user (parent) (step S1705). At this time, if the rights of the user (parent) are exceeded, the parent mobile terminal 10 may be notified to that effect and re-input may be prompted. Alternatively, the setting screen 1840 shown in FIG. 18E may be configured such that settings exceeding the rights of the user (parent) cannot be specified.

The face authentication system 30 stores right information for the user (child) based on the confirmation result of step S1705 (step S1706). Then, the processing sequence of FIG. 17 ends.

In the above example, the usable amount and remaining amount are common to the entire group, but the upper limit or remaining amount may be set for each user (child). In this case, a setting screen may be provided on which setting information for each user (child) is identifiably displayed. For example, even if the balance is 10,000 yen, it is conceivable that a certain user (child) can only use up to 500 yen unless rights are reset by the parent portable terminal 10 . In this way, it is possible to prevent users (children) from excessively using rights of the entire group.

(Verification processing: case of using accommodation management service)
Next, a case where the basic processing sequence described with reference to FIGS. 9 and 10 is applied to use of the accommodation management service will be described. The lodging management service here is a service provided in cooperation with the lodging management system 52 of the service providing system 50, and will be described as a service for presenting user information regarding lodging by face authentication.

FIG. 19 is a diagram showing a processing sequence when the collation processing according to this embodiment is applied to facility use. Each device, which is the subject of processing in the processing sequence, realizes each function by reading and executing a program corresponding to each function shown in FIG. 2 by a control unit such as a CPU.

The face matching terminal 40, the face authentication system 30, and the service providing system 50 cooperate to perform face matching common processing (step S900). This process is the face matching common process described with reference to FIG. In this process, for example, the face matching terminal 40 displays a photographing screen 2000 for face matching as shown in FIG. 20(a) to prompt the target user to take a picture. An icon 2001, a message, or the like may be displayed on the photographing screen 2000 in order to obtain an appropriate face image.

The face authentication system 30 requests information registered for the specified user from the service providing system 50 (accommodation management system 52 in this case) that provides services used by the user (step S1901). This request includes user information (parent-child relationship, etc.) managed by the face authentication system 30 side.

The service providing system 50 provides the service based on the request from the face authentication system 30 (step S1902). Specifically, the lodging management system 52 identifies the registration information based on the designated user information. The service providing system 50 then returns the identified registration information to the face authentication system 30 .

The face authentication system 30 notifies the face matching terminal 40 of the registration information received from the service providing system 50 (step S1903).

The face matching terminal 40 displays the registration information received from the face authentication system 30 (step S904). For example, the face matching terminal 40 displays an information providing screen 2010 as shown in FIG. 20(b). The information provision screen 2010 includes an icon 2011 indicating the result of face authentication, a face image 2012 used for face authentication, and information 2013 registered corresponding to the user (child). In this example, the information 2013 indicates the room number of the accommodation facility.

The face authentication system 30 saves the service usage result including the registration information received from the service providing system 50 as history information (step S1905). Specifically, when the accommodation management service is used, information such as the success or failure of face authentication, the provided registration information, and the date and time when the service was used is stored.

The face authentication system 30 identifies the parent mobile terminal 10 possessed by the user (parent) based on the parent-child relationship identified in the face matching common process of step S900, and sends the parent mobile terminal 10 a The saved history information is notified (step S1906). The notification here may be sent by e-mail, for example.

Parent mobile terminal 10 displays the notification received from face authentication system 30 . When the notification is made by e-mail, for example, an e-mail 2020 with contents as shown in FIG. 20(c) may be sent. In the mail 2020, a subject 2021 indicating an overview of history information is set. The text 2022 also includes details of the history information (date and time of use, user, registered information referred to, etc.). Then, the processing sequence of FIG. 19 ends.

(Specific application examples)
The cooperation with the payment service described with reference to FIGS. 11 to 14 can be applied to a situation in which it is assumed that the user will act empty-handed at accommodation facilities (hotels, inns, etc.) and amusement facilities. For example, when a child belonging to a group (that is, a user (child)) moves around a facility empty-handed, purchases of things or use of paid facilities (such as lounges, hot spring facilities, swimming pools, gyms, etc.) can be done only by face recognition. , entrance management, and boarding of transportation (for example, shuttle buses and vehicles limited to guests). In addition, the user (parent) can manage the behavior of the user (child) by restricting use, and furthermore, can check the information at the time of use.

It can also be applied to services such as rental cars, car sharing, and bus tours. For example, in a car rental service, it is possible to use the service by using face authentication, assuming that the person making the reservation is different from the person receiving the vehicle. Also, in services such as bus tours, it is possible to use services using face recognition, assuming that the boarding location of the bus differs for each participant.

In addition, even when the user (parent) is not with the user (child), the user (child) can freely act within the preset rights range without requiring a specific tool. For example, the user (child) can check in to an accommodation facility reserved by the user (parent) using only face recognition, or enter a reserved room without a key (room key). In addition, users who are not registered in the group are restricted from checking in, so a security effect can be expected.

Also, the lost child determination service provided by the lost child determination system 54 can be implemented by applying it in the same manner as the accommodation management service shown in FIG. For example, by photographing and authenticating a child's face image, it is possible to acquire information about which group (for example, family) the child belongs to. Accordingly, it is possible to determine whether or not the child is lost, and notify the relevant person (that is, the user (parent)). In addition, when some kind of trouble (injury, illness, etc.) occurs to a user (child) belonging to a group, it is possible to notify the user (parent) by performing face recognition of the user (child). Become.

Note that the lost child detection service may take a picture of the child's face using the terminal used for using the right. In the embodiment, since the terminals used for using rights are arranged in various places in the facility, it is possible to accurately notify the lost child without preparing a special terminal.

Further, the lost child determination service may notify information of the terminal on which face authentication was performed last, according to an instruction from the user (parent) or a user (child) other than the lost child. In the present embodiment, when a child (an example of a user (child)) uses the right, face authentication is performed. Alternatively, the information of the terminal you tried to use is recorded in the system. Therefore, by adopting such a configuration, even if a child (an example of a user (child)) does not understand the operation of a terminal, the parent (an example of a user (parent)) or a family member can operate the terminal. A rough current position of a child (an example of a user (child)) can be known.

In addition, since the user can easily check the registered information by having his or her face authenticated, for example, it is possible to suppress actions based on incorrect information (such as the room number of the accommodation). can. For example, by installing a face authentication terminal in an elevator, etc., it can be controlled to automatically stop at the floor where the room of the accommodation is located, or a terminal installed in the elevator hall of each floor, etc., can be used to reach the accommodation. It is possible to present information (maps, arrows, etc.) to guide the route.

In addition, by registering coupons, preferential rights, points, etc. issued by the facility as rights to register in the group, users (parents) and users (children) belonging to the group can use them. The convenience of using the service can be improved.

Further, it becomes possible for another user to take over and use a service used by a user belonging to the group. Specifically, when a certain user uses a luggage storage service, it is assumed that the user receives luggage that has been deposited by another user belonging to the same group. It is also possible to share rights granted to users (parents). For example, it is assumed that the points given to the user (parent) are shared and used by other users (children) belonging to the group.

As described above, the face authentication system 30 according to the first embodiment includes the parent face information management unit 32 and the parent right management unit 35 that register parent user right information in association with a group, and one or more child user A small face information management unit 33 for registering a face image in association with the group, and performing face authentication based on the information registered in the small face information management unit 33 when a face image is received. The child user corresponding to the facial image makes a request based on the parent-child relationship determining unit 31 that identifies the group to which the user corresponding to the facial image belongs and the rights information associated with the group specified by the parent-child relationship determining unit 31. A usage right determination unit 34 that determines whether a desired process is permitted, an external system cooperation unit 37 that executes the desired process based on the determination result of the usage right determination unit 34, and a usage right determination unit and a usage result notification unit 39 for notifying the parent user of at least one of the determination result by 34 and the processing result by the external system cooperation unit 37 .

As a result, the face authentication system 30 can further improve convenience when users belonging to the group use various services by face authentication.

Further, the child rights management unit 36 receives and registers the setting of rights to be granted to each child user belonging to the group within the range indicated by the rights information of the parent user.

As a result, the face authentication system 30 can grant arbitrary rights within the scope of rights of the parent user to each child user belonging to the group.

Also, the parental rights management unit 35 updates rights information of the parent user associated with the group in response to a request from the parent user.

This allows the parent user to appropriately set rights to be shared by the group.

In addition, the face authentication system 30 is communicably connected to a face matching terminal 40, and the face matching terminal 40 sets a face information acquisition unit 42 for acquiring a user's face image, and information for desired processing by the user, A usage right setting unit 43 for transmitting a request including the user's face image acquired by the face information acquisition unit 42 and the information of the set desired processing to the face authentication system 30 . Further, the face authentication system 30 further includes a result notification unit 45 that transmits the determination result by the use right determination unit 34 and the processing result by the external system cooperation unit 37 to the face matching terminal 40 as a response to the request from the face matching terminal 40. have.

Thereby, the face authentication system 30 can easily perform arbitrary processing by acquiring a face image using the face matching terminal 40 .

Further, the face authentication system 30 is communicably connected to the parent mobile terminal 10, and the parent mobile terminal 10 acquires the face image, and associates the right information of the parent user who is the user of the parent mobile terminal 10 with the group. The parent face information acquisition unit 14 requests the face authentication system 30 to register the child user's face image, and the parent mobile terminal 10 determines whether or not the face image of the child user belonging to the group is to be acquired. is not acquired by the parent mobile terminal 10, a request including information for registering the child user's face image in the face authentication system 30 is transmitted to the child mobile terminal 20 that acquires the child user's face image. and a child registration link transmission unit 17 .

As a result, the face authentication system 30 can easily register the face image of the child user on a terminal other than the parent mobile terminal 10 .

Further, when it is determined that the child user's face image is to be acquired by the parent mobile terminal 10, the child face information acquiring unit 15 acquires the child user's face image, and then associates the child user's face image with the group. The face authentication system 30 is requested to register with

Thereby, the face authentication system 30 can easily register the child user's face image even in the parent mobile terminal 10 .

In addition, the face authentication system 30 is communicably connected to a service providing system 50 that executes at least part of desired processing, and the external system cooperation unit 37 provides services based on the determination result of the usage right determination unit 34. A desired process is executed in cooperation with the system 50 .

As a result, the face authentication system 30 can perform processing in cooperation with systems that provide various services provided outside the face authentication system 30 .

Also, the desired processing is any one of a payment service, an accommodation management service, an entrance management service to a facility, or a registration information providing service.

As a result, the face authentication system 30 can apply face authentication processing to settlement services, accommodation management services, facility entrance management services, or registration information provision services.

<Other embodiments>
In each of the above-described embodiments, the notification of use of the right is sent to the parent mobile terminal 10, but it may be sent to the child mobile terminal 20 as well. For example, the user (parent) can notify by specifying the child portable terminal 20 possessed by the user (child) to be notified. As a result, the user (child) can also check the result of using the rights via the child mobile terminal 20 . Further, the user (child) who has used the right may notify the child portable terminal 20 owned by himself or herself of the use of the right. In this way, the user (child) can later check the information on the rights and services that he or she has used through the child portable terminal 20 . In particular, when the user (child) uses the right away from the user (parent), it is difficult for the user (child) to know whether the use of the right has really succeeded, and the user (child) may feel uneasy. Therefore, if a notification is sent to the child mobile terminal 20 owned by the user (child) who has used the right, the user (child) himself or herself can confirm the success or failure of the use of the right. , can reduce such anxiety. Further, as long as the user (child) has successfully used the right, the parent portable terminal 10 may not be notified of the use of the right. This eliminates the need to check the notification on the parent mobile terminal 10 when no particular problem has occurred, so it is possible to suppress excessive notification to the user (parent). Further, by requesting from the parent mobile terminal 10 or the child mobile terminal 20 to the face authentication system 30 or the like, the history of right use may be confirmed.

Furthermore, in each of the embodiments described above, the face matching terminal 40 is installed in a facility that provides various services, but it may be installed in a mobile object. One example is a shuttle bus that runs between a station and a hotel. In this case, the desired processing is a mobile service using a mobile body or a service provided within the mobile body (in-vehicle sales, sightseeing guide, etc.). Also, the face matching terminal 40 may not be associated with a specific facility or the like. For example, the face matching terminal 40 may have a form in which software for providing various services is installed in a mobile terminal owned by a user (specifically, the parent mobile terminal 10 or the child mobile terminal 20). be done. In this case, the software provides the service on the condition that the facial recognition is successful and the rights are used.

Further, in each of the embodiments described above, face information of the user (parent) is registered in the face authentication system, but registration of the face of the user (parent) may be omitted. It is highly likely that the user (parent) carries the parent mobile terminal 10 in order to grasp the usage status of the rights of the user (parent). This is because the terminal 10 can be used. Similarly, if the user (parent) does not plan to use the rights and only manages the rights for the user (child), the registration of the user (parent) face information can be omitted. good. In these cases, the information that identifies the representative of the group may be other biometric information (fingerprints, etc.) of the user (parent) instead of face information of the user (parent), or an ID uniquely assigned to the user (parent). etc. may be used.

Further, in each of the above-described embodiments, each piece of user information is registered by the parent mobile terminal 10 or the child mobile terminal 20, but the present invention is not limited to this. For example, registration may be performed using a device installed at a facility, such as a terminal installed at the front desk of a hotel.

Also, in each of the above-described embodiments, the explanation was given on the assumption that there is only one user (parent) in the group, but a plurality of users (parents) may be settable. In this case, the notification to the parent mobile terminal 10 may be sent to the terminals owned by each of the multiple users (parents). Also, different users (parents) may receive different notifications and changeable rights. For example, rights related to money can be changed by only one user (parent), but rights not related to money (such as the right to use facilities for free) can be changed by other users (parents).

Further, in each of the above-described embodiments, the information to be notified to the parent mobile terminal 10 may be only the result of face authentication of the user (child) or only the result of using the service. In particular, when the face authentication of the user (child) fails, the result of determination as to whether or not the service can be used is unsuccessful, so the usage result need not be notified.

In addition, the program and application for realizing the functions of one or more embodiments described above are supplied to a system or device using a network or a storage medium, and one or more processors in the computer of the system or device It can also be realized by a process of reading and executing a program.

Alternatively, it may be implemented by a circuit that implements one or more functions (for example, ASIC (Application Specific Integrated Circuit) or FPGA (Field Programmable Gate Array)).

Various embodiments have been described above with reference to the drawings, but it goes without saying that the present disclosure is not limited to such examples. It is clear that a person skilled in the art can correspond to various modifications, modifications, substitutions, additions, deletions, and equivalents within the scope of the claims. Naturally, it is understood that it belongs to the technical scope of the present disclosure. In addition, the constituent elements of the various embodiments described above may be arbitrarily combined without departing from the gist of the invention.

INDUSTRIAL APPLICABILITY The present disclosure is useful as a face authentication system, a face authentication method, an information processing terminal, and a control method thereof that can improve the convenience of actions according to rights for a plurality of users.

10 Parent mobile terminal 20 Child mobile terminal 30 Face authentication system 40 Face matching terminal 50 Service providing system 60 Network 300 Mobile terminal 400 Information processing device

Claims (12)

a first registration unit that registers rights information of a parent user in association with a group;
a second registration unit that registers face images of one or more child users in association with the group;
an identification unit that identifies a group to which a user corresponding to the face image belongs by performing face authentication based on information registered in the second registration unit when the face image is received;
a first determination unit that determines whether desired processing requested by a child user corresponding to the face image is permitted based on rights information associated with the group identified by the identification unit;
a processing unit that executes the desired process based on the determination result of the first determination unit;
a notification unit that notifies the parent user of at least one of the result of determination by the first determination unit and the result of processing by the processing unit;
having
face recognition system. The second registration unit receives and registers the setting of rights to be granted to each child user belonging to the group within the range indicated by the rights information of the parent user.
The face authentication system according to claim 1. The first registration unit updates rights information of the parent user associated with the group in response to a request from the parent user.
The face authentication system according to claim 1 or 2. The face authentication system is communicably connected to a face matching terminal,
The face matching terminal
a first acquisition unit that acquires a face image of a user;
a first setting unit for setting information of the desired processing;
a first request unit configured to transmit a request including the user's face image acquired by the first acquisition unit and desired processing information set by the first setting unit to the face authentication system;
has
The face authentication system further includes:
further comprising a first transmission unit configured to transmit a result of determination by the first determination unit and a result of processing by the processing unit to the face matching terminal as a response to the request;
The face authentication system according to any one of claims 1-3. The face authentication system is communicably connected to an information processing terminal,
The information processing terminal
a second acquisition unit that acquires a face image;
a second request unit that requests the face authentication system to register rights information of a parent user who is a user of the information processing terminal in association with a group;
a second determination unit that determines whether or not to acquire a face image of a child user belonging to the group at the information processing terminal;
When it is determined that the information processing terminal does not acquire the face image of the child user, registering the face image of the child user in the face authentication system in another information processing terminal that acquires the face image of the child user. a second transmitter that transmits a request including information for
having
The face authentication system according to any one of claims 1-4. When it is determined that the face image of the child user is acquired by the information processing terminal, after the face image of the child user is acquired by the second acquisition unit, the second request unit acquires the child user's requesting the face authentication system to register face images in association with groups;
The face authentication system according to claim 5. the face authentication system is communicably connected to a service providing system that performs at least part of the desired processing;
The processing unit executes the desired process in cooperation with the service providing system based on the determination result by the first determination unit.
The face authentication system according to any one of claims 1-6. The desired process is any of a payment service, an accommodation management service, an entrance management service to a facility, or a registration information provision service.
The face authentication system according to any one of claims 1-7. a first registration step of registering parent user right information in a storage unit in association with a group;
a second registration step of registering face images of one or more child users in the storage unit in association with the group;
an identification step of identifying a group to which a user corresponding to the face image belongs by performing face authentication based on information registered in the storage unit when the face image is received;
a determination step of determining whether or not a desired process requested by a child user corresponding to the face image is permitted based on the rights information associated with the group identified in the identification step;
a processing step of executing the desired processing based on the determination result of the determination step;
a notification step of notifying the parent user of at least one of the determination result of the determination step and the processing result of the processing step;
having
face recognition method. An information processing terminal,
a request unit for requesting a face authentication system to register rights information of a parent user who is a user of the information processing terminal in association with a group;
When a child user belonging to the group determines whether or not a desired process is permitted based on face authentication using the child user's face and rights information registered in association with the group. , a receiving unit that receives notification of at least one of the result of the determination and the result of the desired process;
having
Information processing terminal. The information processing terminal further includes an acquisition unit that acquires a face image;
a determination unit that determines whether or not to acquire a face image of a child user belonging to the group at the information processing terminal;
including information for registering the face image of the child user in another information processing terminal that acquires the face image of the child user when it is determined that the information processing terminal does not acquire the face image of the child user; a transmitter that transmits the request;
having
The information processing terminal according to claim 10. A control method for an information processing terminal,
a requesting step of requesting the face authentication system to register rights information of a parent user who is a user of the information processing terminal in association with a group;
When a child user belonging to the group determines whether or not a desired process is permitted based on face authentication using the child user's face and rights information registered in association with the group. , a receiving step of receiving notification of at least one of a result of said determination and a result of said desired process;
having
A control method for an information processing terminal.

Images