JP7603255B2 - Intercom system, entrance/exit management system, face authentication system, control method and program - Google Patents

Description

The present disclosure generally relates to an intercom system, an entrance/exit management system, a facial authentication system, a control method, and a program, and more specifically, to an intercom system, an entrance/exit management system, a facial authentication system, a control method, and a program that perform entrance control for entry to a specified area.

Patent document 1 describes a security system for an apartment complex equipped with a face recognition device that recognizes people entering and leaving a residential block of the complex, which is a controlled area, by their facial shapes.

JP 2009-206784 A

In security systems for apartment complexes such as that described in Patent Document 1, it is desirable to improve crime prevention.

The present disclosure has been made in consideration of the above-mentioned reasons, and aims to provide an intercom system, an entrance/exit management system, a face authentication system, a control method, and a program that can improve crime prevention.

In order to solve the above problem, a face authentication system according to an aspect of the present disclosure includes a face authentication unit, a first acquisition unit, an impersonation determination unit, a second acquisition unit, and an entrance control unit. The face authentication unit performs face authentication using a face image included in a first captured image captured by a first capture unit, and determines whether or not a visitor is a person permitted to enter a predetermined area. The first acquisition unit acquires first information related to a determination result of the face authentication from the face authentication unit. The impersonation determination unit performs an impersonation determination for determining whether or not a subject of the face image used for the face authentication is a real face based on a second captured image captured by a second capture unit. The second acquisition unit acquires second information related to a determination result of the impersonation determination from the impersonation determination unit. The entrance control unit performs an entrance control for an entrance to the predetermined area based on the first information acquired by the first acquisition unit and the second information acquired by the second acquisition unit. The admission control unit, when the second information is information indicating impersonation, performs a restriction process to restrict the visitor from entering the specified area. When the second information is information indicating impersonation, the admission control unit, when the second information is information indicating impersonation, stores an image captured by the first imaging unit in a storage unit. The admission control unit notifies the visitor that the captured image has been stored in the storage unit.
A face authentication system according to an aspect of the present disclosure includes a face authentication unit, a first acquisition unit, an impersonation determination unit, a second acquisition unit, and an entrance control unit. The face authentication unit performs face authentication using a face image included in a first captured image captured by a first capture unit, and determines whether or not a visitor is a person permitted to enter a predetermined area. The first acquisition unit acquires first information related to a determination result of the face authentication from the face authentication unit. The impersonation determination unit performs an impersonation determination for determining whether or not a subject of the face image used for the face authentication is a real face based on a second captured image captured by a second capture unit. The second acquisition unit acquires second information related to a determination result of the impersonation determination from the impersonation determination unit. The entrance control unit performs an entrance control for an entrance to the predetermined area based on the first information acquired by the first acquisition unit and the second information acquired by the second acquisition unit. The entry control unit, when the second information is information indicating impersonation, performs a restriction process to restrict the visitor from entering the specified area during the entry control. When the second information is information indicating impersonation during the entry control, the entry control unit causes a photographing unit that photographs the visitor to store in a storage unit a photographed image taken after the impersonation determination. The entry control unit notifies the visitor that the photographed image has been stored in the storage unit.

An intercom system according to an aspect of the present disclosure includes the face authentication system and an information terminal, the information terminal being capable of communicating with the face authentication system.

According to an aspect of the present disclosure, there is provided an entrance/exit management system including the face authentication system and an entrance/exit management device, the entrance/exit management device managing opening and closing of a door leading to the predetermined area in response to the entrance control by the face authentication system.

A control method according to an aspect of the present disclosure includes a face authentication step, a first information acquisition step, an impersonation determination step, a second information acquisition step, and an entrance control step. In the face authentication step, face authentication is performed to determine whether or not a visitor is a person permitted to enter a predetermined area based on a face image included in a first photographed image photographed by a first photographing unit. In the first information acquisition step, first information regarding a determination result of the face authentication is acquired. In the impersonation determination step, an impersonation determination is performed to determine whether or not a face used in the face authentication is a human face based on a second photographed image photographed by a second photographing unit. In the second information acquisition step, second information regarding a determination result of the impersonation determination is acquired. In the entrance control step, entrance control regarding entrance to the predetermined area is performed based on the first information acquired in the first information acquisition step and the second information acquired in the second information acquisition step. The entrance control step includes a restriction step. In the restriction step, when the second information is information indicating impersonation, the visitor is restricted from entering the specified area in the entry control. In the entry control step, when the second information is information indicating impersonation, the image captured by the first image capture unit is stored in a storage unit. In the entry control step, the visitor is notified that the image has been stored in the storage unit.

A program according to one aspect of the present disclosure is a program for causing one or more processors to execute the control method.

According to the present disclosure, it is possible to provide an intercom system, an entrance/exit management system, a face authentication system, a control method, and a program that can improve crime prevention.

FIG. 1 is a schematic diagram showing the overall configuration of an intercom system according to a first embodiment. FIG. 2 is a conceptual diagram showing an example of installation of the lobby intercom according to the first embodiment. FIG. 3 is a block diagram showing the configuration of the face authentication system according to the first embodiment. FIG. 4 is a flowchart showing the operation of the control system according to the first embodiment. FIG. 5 is a flowchart showing the operation of the control system. FIG. 6 is a schematic diagram showing the overall configuration of an entrance/exit management system according to the second embodiment.

Below, preferred embodiments of the present disclosure will be described in detail with reference to the drawings. In addition, common elements in each embodiment described below are given the same reference numerals, and duplicated explanations of the common elements will be omitted. Each embodiment described below is merely one of the various embodiments of the present disclosure. Each embodiment can be modified in various ways depending on the design, etc., as long as the object of the present disclosure can be achieved. Each figure described in this disclosure is a schematic diagram, and the respective ratios of size and thickness of each component in each figure do not necessarily reflect the actual dimensional ratios.

(Embodiment 1)
(1) Overview First, an overview of an intercom system 2 according to the present embodiment will be described with reference to FIGS. 1 to 3. FIG.

As shown in FIG. 1, an intercom system 2 according to this embodiment is installed in a facility 1 (apartment building). When a visitor 9 (see FIG. 2) arrives at facility 1, the intercom system 2 photographs the visitor 9 and generates a captured image D3 (see FIG. 3) including a facial image. Using the facial image included in the captured image D3, the intercom system 2 performs face authentication to determine whether or not the visitor 9 is a person authorized to enter the specified area A1 (see FIG. 2), and performs impersonation determination to determine whether or not the subject of the facial image is a real face.

Furthermore, the intercom system 2 of this embodiment performs entry control for entry into the specified area A1 based on the first information D1 (see FIG. 3) regarding the result of the face authentication determination and the second information D2 (see FIG. 3) regarding the result of the impersonation determination. Here, when the second information D2 is information indicating impersonation, a restriction process is performed to restrict the visitor 9 from entering the specified area A1 in the facility 1.

If the second information D2 indicates impersonation, the intercom system 2 performs a restriction process, thereby improving security in the specified area A1 within the facility 1.

(2) Details Hereinafter, the configuration of the intercom system 2 according to this embodiment will be described in detail with reference to FIGS. 1 to 3. FIG.

(2.1) Premise The term "facility" in this disclosure includes residential facilities used for residential purposes, as well as non-residential facilities such as stores (tenants), offices, welfare facilities, educational facilities, hospitals, and factories. Non-residential facilities also include restaurants, amusement parks, hotels, inns, kindergartens, nurseries, and community centers. In other words, the facility 1 may be a residential facility such as an apartment building, or a non-residential facility such as an office building. Furthermore, the facility 1 may also include a facility in which residential facilities and non-residential facilities are mixed, for example, where the lower floors are stores and the upper floors are residences. As shown in FIG. 1, in this embodiment, it is assumed that the facility 1 is an apartment building (such as an apartment) including multiple residences. In an apartment building, each of the multiple residences is a residence 22.

The "prescribed area" in this disclosure is an area within facility 1, for example, an area that only persons with the right to enter may enter. Here, "persons with the right to enter" refers to persons permitted to enter by a person with the authority to allow others to enter the prescribed area, and persons who have been registered in advance. As shown in FIG. 2, the prescribed area A1 in this embodiment is an area inside door 20 installed in lobby 21 within facility 1 (apartment building). The prescribed area A1 in this embodiment includes the corridors, elevators, stairs, dwelling units 22, etc., inside door 20.

In addition, the term "visitor" in this disclosure includes not only guests of facility 1 and construction workers, but also people approaching the door 20 leading to the specified area A1. In other words, visitor 9 includes residents of facility 1, managers and workers of facility 1, etc.

In this disclosure, "capable of communication" means that information can be exchanged directly or indirectly via a network or a repeater, etc., using an appropriate communication method such as wired or wireless communication.

(2.2) Configuration of the Intercom System First, the configuration of the intercom system 2 will be described with reference to FIG.

As shown in FIG. 1, the intercom system 2 includes a control device 11, a lobby intercom 12 (intercom handset), a dwelling unit master unit 14, a dwelling unit handset 15 (intercom handset), and a management room unit 16. Here, the lobby intercom 12 includes a face authentication system 3 (see FIG. 3). Furthermore, the face authentication system 3 includes a control system 4 (see FIG. 3). In this embodiment, the intercom system 2 further includes a camera 13 (photographing unit), a monitoring server 17, and a door 20. Of these, the control device 11, the lobby intercom 12, the camera 13, and the door 20 are installed in the lobby 21. The monitoring server 17 may be installed in another area within the facility 1, such as the management room 23, or may be installed in an area outside the facility 1, such as the management company 5. The dwelling unit master unit 14 and the dwelling unit handset 15 are installed in each dwelling unit 22. The management room unit 16 is installed in the management room 23.

The door 20 (or an electric lock provided on the door 20) of the lobby 21 leads to a predetermined area A1 (see FIG. 2). The door 20 is communicatively connected to the lobby intercom 12 and can be controlled by the lobby intercom 12, and is therefore included as a component of the intercom system 2. This allows the intercom system 2 to control the opening/closing or locking/unlocking of the door 20 of the lobby 21 by the lobby intercom 12. In other words, if the door 20 is an automatic door, the lobby intercom 12 can control the door 20 to open, even though the door 20 is closed by default.

The control device 11 is communicatively connected to the lobby intercom 12, each dwelling unit master unit 14, and the management room unit 16. The control device 11 relays communication between the lobby intercom 12, each dwelling unit master unit 14, and the management room unit 16.

The control device 11 is also connected to a network N1 external to the facility 1. Therefore, the intercom system 2 can communicate with, for example, a registrant terminal 18 and a management company terminal 19 connected to the network N1.

The lobby intercom 12 is installed in the lobby 21 and is a terminal located outside the specified area A1. The lobby intercom 12 is also connected to the control device 11 so that it can communicate with the device.

The lobby intercom 12 has an operation unit 121 and a photographing unit 122 (camera). The operation unit 121 includes a numeric keypad (including a touch panel) and a key cylinder for accepting operations by the visitor 9 (see FIG. 2). The photographing unit 122 is equipped with an image sensor, such as a CMOS (Complementary Metal Oxide Semiconductor) image sensor or a CCD (Charge-Coupled Device) image sensor. The photographing unit 122 photographs a person who is about to operate the operation unit 121 or a person who is operating the operation unit 121 to generate a photographed image D3. The "photographed image" here refers to an image (image data) obtained by photographing the visitor 9, and includes videos, still images, and frame-by-frame images.

When the visitor 9 performs a specified operation on the operation unit 121, the lobby intercom 12 transmits a call signal to the dwelling unit master unit 14 or the management room unit 16 to call the dwelling unit master unit 14 or the management room unit 16. In addition, the lobby intercom 12 transmits the captured image D3 to the dwelling unit master unit 14 or the management room unit 16. As a result, the image of the visitor 9 captured by the capture unit 122 of the lobby intercom 12 can be displayed on the dwelling unit master unit 14 or the management room unit 16.

In addition, the lobby intercom 12 opens (unlocks) the door 20 when it receives an entry operation on the operation unit 121. In other words, the visitor 9 can open the door 20 by performing an entry operation on the operation unit 121. Here, the "entry operation" refers to an operation performed by the visitor 9 on the operation unit 121 to enter the specified area A1 of the facility 1. The "entry operation" includes at least one of an operation of calling the terminal (home master unit 14) of the visitor 9's destination and an operation of requesting authentication for entry. In addition, the "entry operation" includes, for example, an unlocking operation using a key inserted in a key cylinder and an operation of entering a PIN number to open the door 20. For example, if the visitor 9 calls the home master unit 14 of the destination and the resident of the destination confirms the visitor 9 and performs an operation to allow the home master unit 14 to open the door 20, the door 20 is opened. Details of the lobby intercom 12 in this embodiment will be explained in the "(2.3) Lobby intercom configuration" section.

The dwelling unit master unit 14 is installed in the indoor space of each dwelling unit 22 (dwelling unit). The dwelling unit slave unit 15 is communicatively connected to the dwelling unit master unit 14, and is, for example, a front door slave unit installed outside the front door of each dwelling unit 22. In other words, the dwelling unit master unit 14 and the dwelling unit slave unit 15 are configured to be able to communicate with each other (including making calls). Furthermore, in this embodiment, the dwelling unit slave unit 15 has a photographing unit (camera), and an image of the visitor 9 photographed by the photographing unit of the dwelling unit slave unit 15 can be displayed on the dwelling unit master unit 14. Furthermore, the dwelling unit master unit 14 is communicatively connected to the control device 11.

The management room unit 16 is installed in the indoor space of the management room 23. The management room unit 16 is also connected to the control device 11 so that it can communicate with the control device 11.

As described above, the lobby intercom 12, each dwelling unit master unit 14, and the management room unit 16 are all connected to the control device 11 so as to be able to communicate with each other. Therefore, the lobby intercom 12, each dwelling unit master unit 14, and the management room unit 16 can communicate with each other (including making calls) via the control device 11. In other words, the lobby intercom 12 and each dwelling unit master unit 14 can communicate with each other. Furthermore, the lobby intercom 12 and the management room unit 16 can communicate with each other, and each dwelling unit master unit 14 and the management room unit 16 can communicate with each other.

The camera 13 (imaging unit) is equipped with an image sensor, such as a CMOS (Complementary Metal Oxide Semiconductor) image sensor or a CCD (Charge-Coupled Device) image sensor. In this embodiment, the camera 13 is installed in the lobby 21 and positioned so as to be able to capture an image of a visitor 9 visiting the lobby 21. The camera 13 generates a captured image D4 (see FIG. 3) of the visitor 9. The camera 13 is configured to be able to communicate with the surveillance server 17.

The monitoring server 17 is a device that stores (records) images D4 (see FIG. 3) captured by the camera 13 and controls the operation of the camera 13. As shown in FIG. 3, the monitoring server 17 includes a communication unit 171, a control unit 172, and a storage unit 173.

The communication unit 171 is connected to the camera 13 and the lobby intercom 12 directly or indirectly via another network or a repeater, etc. The communication unit 171 has a communication function with the camera 13 and the lobby intercom 12. As a result, the communication unit 171 is configured to be able to communicate with the camera 13 and the lobby intercom 12.

The storage unit 173 includes a non-transitory storage device such as a hard disk drive (HDD), a solid state drive (SSD), or an optical disk drive. The storage unit 173 stores (records) images D4 captured by the camera 13.

The control unit 172 is realized by one or more processors executing an appropriate program. The control unit 172 controls the operation of the camera 13 and stores the image D4 captured by the camera 13 in the memory unit 173. For example, the control unit 172 can cause the camera 13 to start capturing images by sending an instruction to start capturing images to the camera 13 via the communication unit 171. Furthermore, upon receiving an instruction from the lobby intercom 12, the control unit 172 stores the image D4 captured by the camera 13 in the memory unit 173.

(2.3) Configuration of the Lobby Intercom Next, the configuration of the lobby intercom 12 will be described with reference to FIGS. 2 and 3. FIG.

As shown in FIG. 3, the lobby intercom 12 has a face authentication system 3 in addition to the operation unit 121 and the image capturing unit 122 described above. The image capturing unit 122 outputs a captured image D3 of the visitor 9 (see FIG. 2) to the face authentication system 3.

(2.4) Configuration of Face Recognition System Next, the configuration of the face recognition system 3 will be described with reference to FIGS.

As shown in FIG. 3, the face authentication system 3 includes a control system 4, a face authentication unit 36, and an impersonation determination unit 37. The face authentication system 3 of this embodiment further includes a memory unit 34 and a communication unit 35.

The facial recognition system 3 is mainly composed of a computer system having one or more processors and one or more memories. In the facial recognition system 3, the functions of the facial recognition unit 36, the spoofing determination unit 37, and the control system 4 of the facial recognition system 3 are realized by the one or more processors executing a program recorded in the memory. The program may be pre-recorded in the memory, or may be provided via a telecommunications line such as the Internet, or may be recorded on a non-transitory recording medium such as a memory card and provided.

The storage unit 34 includes a non-transitory storage device such as a hard disk drive (HDD), a solid state drive (SSD), or an optical disk drive. The storage unit 34 stores facial image data of registered individuals such as residents and managers of the facility 1 (apartment building). Here, the facial image data of the registered individuals is stored in the storage unit 34 in association with the identification information of the registered individuals. In addition, the identification information of the registered individuals is stored in association with the dwelling unit number of the registered individuals and information related to the registered individual's registered individual terminal 18 such as a mobile phone or smartphone.

The communication unit 35 is connected to the door 20, the monitoring server 17, and the control device 11 (see FIG. 1) directly or indirectly via another network or a repeater, etc. The communication unit 35 has a communication function with the door 20, the monitoring server 17, and the control device 11. As a result, the communication unit 35 is configured to be able to communicate with the door 20, the monitoring server 17, and the control device 11.

The face authentication unit 36 performs face authentication to determine whether the visitor 9 (see FIG. 2) is a person permitted to enter the predetermined area A1 (see FIG. 2) using a face image included in the photographed image D3 input from the photographing unit 122. In face authentication, the face authentication unit 36 first performs face detection processing to detect the human face portion of the photographed image D3 and extracts a face image that is an image of the human face portion. Then, when a face image is extracted from the photographed image D3, the face authentication unit 36 compares (matches) the extracted face image with face images (template data) of multiple registered persons pre-registered in the storage unit 34. When the face authentication unit 36 performs face authentication, it outputs (transmits) first information D1 regarding the judgment result of the face authentication to the control system 4. Specifically, when there is an image among the face images of the multiple registered persons that has a similarity to the extracted face image that is equal to or greater than a threshold value, the face authentication unit 36 outputs first information D1 indicating successful authentication to the control system 4. In this embodiment, the first information D1 indicating successful authentication includes identification information of the face image whose similarity is equal to or greater than the threshold. On the other hand, if there is no image among the face images of multiple registered persons whose similarity with the extracted face image is equal to or greater than the threshold, the face authentication unit 36 outputs the first information D1 indicating unsuccessful authentication to the control system 4.

The spoofing determination unit 37 performs spoofing determination to determine whether the subject of a facial image used for face authentication is a real face. When the captured image D3 is input from the imaging unit 122, the spoofing determination unit 37 executes face detection processing to extract a facial image. When the facial image is extracted, the spoofing determination unit 37 determines whether the subject of the facial image is a real face. For example, if the subject is a face in a photograph, a facial image displayed on a tablet terminal, or a headgear such as a mask or mask, the spoofing determination unit determines that the subject of the facial image is not a real face and determines that it is an spoof.

The spoofing determination unit 37 performs spoofing determination based on, for example, the presence or absence of changes over time in multiple feature points in a face image. After performing spoofing determination, the spoofing determination unit 37 outputs (transmits) second information D2 relating to the result of the spoofing determination to the control system 4. Specifically, if at least one of the positions of each feature point and the positional relationships between the feature points do not change within a certain period of time, the spoofing determination unit 37 outputs second information D2 indicating spoofing to the control system 4. On the other hand, if at least one of the positions of each feature point and the positional relationships between the feature points change within a certain period of time, the spoofing determination unit 37 outputs second information D2 indicating no spoofing to the control system 4.

(2.5) Configuration of Control System Next, the configuration of the control system 4 will be described with reference to FIGS.

The control system 4 of this embodiment can communicate with information terminals such as the dwelling unit master unit 14 (see FIG. 1) and the management room unit 16 (see FIG. 1) via the communication unit 35 and the control device 11 (see FIG. 1). The "information terminal" in this disclosure further includes terminals such as personal computers (PCs), tablets, and smartphones. The control system 4 can also communicate with the registrant terminal 18 and the management company terminal 19 via the communication unit 35 and the control device 11.

As shown in FIG. 3, the control system 4 includes a first acquisition unit 31, a second acquisition unit 32, and a control unit 33. The control system 4 is mainly configured as a computer system having one or more processors and one or more memories. In the control system 4, the one or more processors execute a program recorded in the memory, thereby realizing the functions of the first acquisition unit 31, the second acquisition unit 32, and the control unit 33 (admission control unit 331, operation confirmation unit 332) of the control system 4. The program may be pre-recorded in the memory, may be provided via a telecommunications line such as the Internet, or may be recorded and provided on a non-temporary recording medium such as a memory card.

The first acquisition unit 31 acquires first information D1 related to the judgment result of the face authentication from the face authentication unit 36. When the first acquisition unit 31 acquires the first information D1, it outputs it to the admission control unit 331 of the control unit 33.

The second acquisition unit 32 acquires second information D2 relating to the result of the spoofing judgment from the spoofing judgment unit 37. When the second acquisition unit 32 acquires the second information D2, it outputs it to the admission control unit 331 of the control unit 33.

The control unit 33 includes an entry control unit 331 and an operation confirmation unit 332. In addition, the control unit 33 in this embodiment can control the opening/closing or locking/unlocking of the door 20 (see FIG. 2) to the lobby 21.

The operation confirmation unit 332 confirms whether the operation unit 121 has accepted the admission operation. When the operation confirmation unit 332 confirms that the operation unit 121 has accepted the admission operation, it outputs a confirmation signal to the admission control unit 331.

The entrance control unit 331 performs entrance control for entrance to the predetermined area A1 (see FIG. 2) based on the first information D1 acquired by the first acquisition unit 31 and the second information D2 acquired by the second acquisition unit 32. In particular, when the second information D2 is information indicating impersonation during the entrance control, the entrance control unit 331 performs a restriction process to restrict the visitor 9 (see FIG. 2) from entering the predetermined area A1. The entrance control unit 331 does not open (unlock) the door 20 while performing the restriction process. Even if the first information D1 is information indicating successful authentication, the entrance control unit 331 does not open the door 20 if the second information D2 is information indicating impersonation. In this way, when it is determined that the visitor 9 is impersonated in the impersonation judgment, the entrance control unit 331 performs a restriction process to restrict the visitor 9 from entering the predetermined area A1, thereby improving the crime prevention of the predetermined area A1.

Here, even if the second information D2 is information indicating impersonation, the entry control unit 331 does not perform the restriction process when the operation unit 121 of the lobby intercom 12 accepts an entry operation within a predetermined time after the entry control unit 331 acquires the second information D2. Specifically, the entry control unit 331 does not perform the restriction process when it accepts a confirmation signal input from the operation confirmation unit 332 within a predetermined time after the entry control unit 331 acquires the second information D2. Even if the impersonation judgment determines that impersonation has occurred, the restriction process is not performed if the operation unit 121 of the lobby intercom 12 accepts an entry operation within the predetermined time. Therefore, it is possible to reduce the number of times that the restriction process is performed when the result of the impersonation judgment is an incorrect judgment, etc.

The "entry operation" may be an operation by the visitor 9 to enter the specified area A1 of the facility 1, and may be an operation that opens the door 20 as a result of the operation. For example, even if the visitor 9 operates the operation unit 121 to call the home unit master unit 14 of the visitor's residence, if the visitor does not operate the home unit master unit 14 to allow the door 20 to be opened, the visitor 9 does not perform an "entry operation." Also, for example, even if the visitor 9 operates the operation unit 121 to request authentication regarding entry, if the authentication fails, the visitor 9 does not perform an "entry operation." In this way, by limiting the entry operation to an operation that opens the door 20 as a result, the crime prevention of the specified area A1 can be further improved.

In addition, in the entrance control, when the first information D1 indicates successful authentication, the entrance control unit 331 of this embodiment performs processing according to the judgment result of the impersonation judgment unit 37. Even if the result of the face authentication is successful authentication, the entrance control unit 331 performs different control according to the result of the impersonation judgment, thereby further improving the crime prevention of the specified area A1.

In addition, in the admission control, when the second information D2 is information indicating impersonation, the admission control unit 331 of this embodiment notifies one or more terminals that there is a visitor 9 determined to be an impersonator. The one or more terminals include, for example, the dwelling unit master unit 14, the management room unit 16, the registrant terminal 18, and the management company terminal 19. As a method of notification, a text indicating that there is a visitor 9 determined to be an impersonator may be displayed (pop-up display) on the display unit of the terminal, or a sound indicating that there is a visitor 9 determined to be an impersonator may be output from the speaker of the terminal. In addition, when the second information D2 is information indicating impersonation, the admission control unit 331 may report it to the police. The process in which the admission control unit 331 notifies one or more terminals that there is a visitor 9 determined to be an impersonator is called the first notification process. When the impersonation assessment determines that an identity has been spoofed, one or more terminals can be notified of the presence of a visitor who has been determined to be an impersonator, thereby further improving the security of the specified area A1.

In addition, in the admission control, when the second information D2 is information indicating impersonation and the first information D1 is information indicating successful authentication, the admission control unit 331 of this embodiment notifies the terminal of the impersonated person that there is a visitor 9 determined to be an impersonator. When the first information D1 is information indicating successful authentication, it is possible to identify the impersonated person based on the identification information of the face image whose similarity is equal to or greater than a threshold. When the first information D1 is information indicating successful authentication, the admission control unit 331 of this embodiment acquires information on the dwelling number of the impersonated person (registered person) and the registrant terminal 18 held by the registrant from the storage unit 34 based on the identification information included in the first information D1. Then, the admission control unit 331 notifies the dwelling unit master unit 14 and the registrant terminal 18 in the dwelling of the impersonated person that there is a visitor 9 determined to be an impersonator. The process in which the admission control unit 331 notifies the residence master unit 14 in the residence of the person who has been impersonated and the registrant terminal 18 of the person who has been impersonated that there is a visitor 9 who has been determined to be an impersonator is called the second notification process. The person who has been impersonated can learn from the notification that there is a visitor who has impersonated him or her, and the crime prevention of the specified area A1 can be further improved.

Furthermore, in the admission control, when the second information D2 is information indicating impersonation, the admission control unit 331 of this embodiment stores the captured image D3 taken by the photographing unit 122 in the memory unit 34. When the impersonation judgment determines that impersonation has occurred, the captured image D3 used in the face authentication or impersonation judgment can be stored in the memory unit 34, thereby preserving an image of the face impersonated by the visitor 9. Note that instead of the captured image D3, a face image extracted in at least one of the face authentication and the impersonation judgment may be stored in the memory unit 34. The captured image D3 taken by the photographing unit 122 may also be stored in the memory unit 173 of the monitoring server 17.

Furthermore, in admission control, when the second information D2 is information indicating impersonation, the admission control unit 331 of this embodiment stores the captured image D4 taken by the camera 13 (imaging unit) in the memory unit 173 of the surveillance server 17. When impersonation is determined in the impersonation determination, the image of the visitor 9 can be saved by storing the captured image D4 taken by the camera 13 in the memory unit 173 of the surveillance server 17. Note that the captured image D4 taken by the camera 13 may also be stored in the memory unit 34 of the face authentication system 3.

In addition, in admission control, when the second information D2 is information indicating impersonation, the admission control unit 331 of this embodiment stores the captured image D3 taken by the photographing unit 122 in the memory unit 34 after the impersonation determination. When the impersonation determination determines that impersonation has occurred, the captured image D3 generated by the photographing unit 122 after the impersonation determination is stored in the memory unit 34, thereby making it possible to preserve the image of the visitor 9 determined to be an impersonator. Note that the captured image D3 taken by the photographing unit 122 after the impersonation determination may be stored in the memory unit 173 of the monitoring server 17.

Furthermore, in the admission control, when the second information D2 is information indicating impersonation, the admission control unit 331 of this embodiment stores the captured image D4 taken by the camera 13 (photographing unit) in the memory unit 173 of the monitoring server 17 after the impersonation determination. When the impersonation determination determines that impersonation has occurred, the captured image D4 generated by the camera 13 after the impersonation determination can be stored in the memory unit 173, thereby preserving the captured image D4 containing the visitor 9. Note that the captured image D4 taken by the camera 13 after the impersonation determination may be stored in the memory unit 34 of the face authentication system 3.

In addition, the entry control unit 331 of this embodiment notifies the visitor 9 that at least one of the captured image D3 and the captured image D4 has been stored in the memory unit 34 or the memory unit 173 during entry control. The entry control unit 331 notifies the visitor 9 that the captured image D3 (captured image D4) has been stored in the memory unit 34 (memory unit 173), for example, using the display unit or speaker of the lobby intercom 12. This notification can also be considered a warning process for the visitor 9. By notifying the visitor 9 that an image of the face of the visitor 9 impersonated or that the captured image D3 (captured image D4) in which the visitor 9 appears has been stored, the visitor 9 who intended to enter the building illegally can be deterred. Furthermore, the admission control unit 331 may notify the visitor 9 that the photographed image D3 (photographed image D4) has been stored in the memory unit 34 (memory unit 173) even if the photographed image D3 (photographed image D4) has not actually been stored in the memory unit 34 (memory unit 173). Even if the photographed image D3 (photographed image D4) has not actually been stored in the memory unit 34 (memory unit 173) due to a small capacity of the memory unit 34 (memory unit 173) or other reasons, by notifying the visitor 9 that the photographed image D3 (photographed image D4) has been stored in the memory unit 34 (memory unit 173), the visitor 9 who intended to enter the building illegally can be deterred.

(3) Operation of the Control System Next, the operation of the control system 4 will be described with reference to Fig. 4 and Fig. 5. Fig. 4 is a flowchart showing an example of the admission control process (control method) performed by the control system 4 according to this embodiment.

First, the control system 4 acquires the first information D1 regarding the judgment result of the face authentication by the first acquisition unit 31 (S1). In addition, the control system 4 acquires the second information D2 regarding the judgment result of the impersonation judgment by the second acquisition unit 32 (S2). Next, the admission control unit 331 of the control system 4 checks whether the first information D1 is information indicating successful authentication (S3). If the first information D1 is information indicating successful authentication (YES in S3), the admission control unit 331 checks whether the second information D2 is information indicating impersonation (S4). If the second information D2 is not information indicating impersonation (NO in S4), the process proceeds to step S7. If the second information D2 is information indicating impersonation (YES in S4), the admission control unit 331 checks whether a predetermined time has elapsed since acquiring the second information D2 (S5). The predetermined time in the process of step S5 is the first predetermined time. If a predetermined time has passed since the second information D2 was acquired (YES in S5), the process proceeds to step S21 in FIG. 5, and the admission control unit 331 performs a restriction process to restrict the visitor 9 from entering the predetermined area A1.

If a predetermined time has not elapsed since acquiring the second information D2 (NO in S5), the entry control unit 331 checks whether an entry operation has been performed on the operation unit 121 of the lobby intercom 12 (S6). Specifically, the entry control unit 331 checks whether a confirmation signal input from the operation confirmation unit 332 has been received. If an entry operation has not been performed on the operation unit 121 (NO in S6), the process returns to step S5. If an entry operation has been performed on the operation unit 121 (YES in S6), the entry control unit 331 unlocks (opens) the door 20 (S7) and ends the entry control process.

In step S3, if the first information D1 is information indicating authentication failure (NO in S3), the admission control unit 331 checks whether the second information D2 is information indicating impersonation (S8). If the second information D2 is information indicating impersonation (YES in S8), the admission control unit 331 checks whether a predetermined time has passed since the second information D2 was acquired (S9). The predetermined time in the process of step S9 is the second predetermined time. The second predetermined time may be the same as or different from the first predetermined time in step S5. In this embodiment, the first predetermined time and the second predetermined time are the same. If the predetermined time has passed since the second information D2 was acquired (YES in S9), the process proceeds to step S22 in FIG. 5, and the admission control unit 331 performs a restriction process to restrict the visitor 9 from entering the predetermined area A1.

If a predetermined time has not elapsed since acquiring the second information D2 (NO in S9), the entry control unit 331 checks whether an entry operation has been performed on the operation unit 121 of the lobby intercom 12 (S10). If an entry operation has not been performed on the operation unit 121 (NO in S10), the process returns to step S9. If an entry operation has been performed on the operation unit 121 (YES in S10), the entry control unit 331 unlocks (opens) the door 20 (S7) and ends the entry control process.

In step S8, if the second information is not information indicating impersonation (NO in S8), the entrance control unit 331 checks whether a predetermined time has passed since the second information D2 was acquired (S11). The predetermined time in the process of step S11 is the third predetermined time. The third predetermined time may be the same as the first predetermined time and the second predetermined time, or may be different. In this embodiment, the third predetermined time is the same as the first predetermined time and the second predetermined time. If a predetermined time has passed since the second information D2 was acquired (YES in S11), the entrance control unit 331 ends the entrance control process. On the other hand, if a predetermined time has not passed since the second information D2 was acquired (NO in S11), the entrance control unit 331 checks whether an entrance operation has been performed on the operation unit 121 of the lobby intercom 12 (S12). If an entrance operation has not been performed on the operation unit 121 (NO in S12), the process returns to step S11. On the other hand, if an entry operation is being performed on the operation unit 121 (YES in S12), the entry control unit 331 unlocks (opens) the door 20 (S7) and ends the entry control process.

Next, referring to FIG. 5, an example of the restriction process performed by the control system 4 will be described. If the first information D1 indicates successful authentication (YES in S3 in FIG. 4), it is possible to know who the person (registered person) who has impersonated the visitor 9 is. The entrance control unit 331 then performs a second notification process to notify the terminal of the person who has been impersonated that there is a visitor 9 who has been determined to be an impersonator (S21). Here, the terminal of the person who has been impersonated is the residence master unit 14 in the residence 22 of the registrant or the registrant terminal 18. Next, the entrance control unit 331 performs a first notification process to notify the management terminal that there is a visitor 9 who has been determined to be an impersonator (S22). Here, the management terminal is the management room unit 16 in the management room 23 or the management company terminal 19 of the management company 5. Note that, when the entrance control unit 331 is performing the second notification process, the entrance control unit 331 may not notify the terminal that has been notified in the second notification process again. Next, the admission control unit 331 stores the captured image D3 (captured image D4) captured by the camera 13 before and after the impersonation determination in the memory unit 34 (memory unit 173) (S23). Then, the admission control unit 331 performs a warning process (S24) to notify the visitor 9 that the captured image D3 (captured image D4) has been stored in the memory unit 34 (memory unit 173), and ends the admission control process.

The flowcharts shown in Figures 4 and 5 are merely examples, and the order of the processes may be changed as appropriate, and processes may be added or deleted as appropriate. For example, the first information acquisition step (S1) and the second information acquisition step (S2) may be in the reverse order. Also, the second notification process (S21) and the first notification process (S22) may be in the reverse order.

(Modification)
The first embodiment is merely one of various embodiments of the present disclosure. The above embodiment can be modified in various ways depending on the design and the like as long as the object of the present disclosure can be achieved.

Furthermore, the function equivalent to the control system 4 according to the above embodiment may be embodied in a control method, a (computer) program, or a non-transitory recording medium on which a program is recorded. The control method according to one embodiment has a first information acquisition step, a second information acquisition step, and an entrance control step. In the first information acquisition step, first information D1 is acquired regarding the judgment result of face authentication that judges whether or not the visitor 9 is a person permitted to enter the predetermined area A1 based on a face image. In the second information acquisition step, second information D2 is acquired regarding the judgment result of impersonation judgment that judges whether or not the face used for face authentication is a human face. In the entrance control step, entrance control regarding entrance to the predetermined area A1 is performed based on the first information D1 acquired in the first information acquisition step and the second information D2 acquired in the second information acquisition step. The entrance control step has a restriction step. In the restriction step, in the entrance control, when the second information D2 is information indicating impersonation, the entrance of the visitor 9 to the predetermined area A1 is restricted. The program according to one embodiment is a program for causing one or more processors to execute the above control method.

The intercom system 2 in the present disclosure includes, for example, a computer system. The computer system is mainly composed of a processor and a memory as hardware. The function of the intercom system 2 in the present disclosure is realized by the processor executing a program recorded in the memory of the computer system. The program may be pre-recorded in the memory of the computer system, may be provided through an electric communication line, or may be recorded and provided in a non-transitory recording medium such as a memory card, an optical disk, or a hard disk drive that can be read by the computer system. The processor of the computer system is composed of one or more electronic circuits including a semiconductor integrated circuit (IC) or a large-scale integrated circuit (LSI). The integrated circuits such as IC or LSI referred to here are called differently depending on the degree of integration, and include integrated circuits called system LSI, VLSI (Very Large Scale Integration), or ULSI (Ultra Large Scale Integration). Furthermore, a field-programmable gate array (FPGA) that is programmed after the manufacture of the LSI, or a logic device that can reconfigure the connection relationship inside the LSI or reconfigure the circuit partition inside the LSI, can also be adopted as a processor. The multiple electronic circuits may be integrated into one chip, or may be distributed across multiple chips. The multiple chips may be integrated into one device, or may be distributed across multiple devices. The computer system referred to here includes a microcontroller having one or more processors and one or more memories. Therefore, the microcontroller is also composed of one or more electronic circuits including a semiconductor integrated circuit or a large-scale integrated circuit.

Below, we list some variations of the first embodiment. The variations described below can be combined as appropriate.

It is not essential for control system 4 that at least some of the functions of control system 4 are concentrated in one device (lobby intercom 12), and the components of control system 4 may be distributed across multiple devices (housings).

For example, some of the functions of the control system 4 may be provided in a device (housing) separate from the lobby intercom 12, such as the control device 11. Furthermore, the control system 4 does not have to be provided within the facility 1 (apartment building). Furthermore, at least some of the functions of the control system 4 may be realized, for example, by a server or the cloud (cloud computing), etc.

The control system 4 may include at least a first acquisition unit 31, a second acquisition unit 32, and an admission control unit 331. Furthermore, the functions of the control unit 33 and the admission control unit 331 may be separate.

It is not essential for the facial authentication system 3 that the facial authentication unit 36 and the spoofing determination unit 37 of the facial authentication system 3 are integrated into one device (lobby intercom 12). The facial authentication unit 36 and the spoofing determination unit 37 of the facial authentication system 3 may be distributed across multiple devices (housings).

For example, some functions of the face authentication system 3 may be provided in a device (housing) separate from the lobby intercom 12, such as the face authentication unit 36 or the spoofing determination unit 37 of the face authentication system 3 being provided in the control device 11. Furthermore, the face authentication system 3 does not have to be provided within the facility 1 (apartment building). Furthermore, the face authentication unit 36 or the spoofing determination unit 37 of the face authentication system 3 may be realized, for example, by a server or a cloud (cloud computing), etc.

The face authentication unit 36 may perform face authentication based on the captured image D4 captured by the camera 13. The spoofing determination unit 37 may perform spoofing determination based on the captured image D4 captured by the camera 13.

The face authentication unit 36 and the masquerade determination unit 37 may perform face authentication or masquerade determination based on images captured by different imaging units (cameras).

For example, the lobby intercom 12 may be equipped with multiple image capture units (a first image capture unit and a second image capture unit) as the image capture unit 122. For example, a first image capture unit of the multiple image capture units 122 captures an image for face authentication, and a second image capture unit of the multiple image capture units 122 captures an image for spoofing determination. In this case, the face authentication unit 36 performs face authentication based on the image captured by the first image capture unit, and the spoofing determination unit 37 performs spoofing determination based on the image captured by the second image capture unit.

As another example, the face authentication unit 36 may perform face authentication based on the captured image D3 taken by the image capture unit 122 of the lobby intercom 12, and the impersonation determination unit 37 may perform impersonation determination based on the captured image D4 taken by the camera 13.

The spoofing determination unit 37 may perform spoofing determination based on a photographed image (distance image) taken by a depth camera capable of measuring the depth of a subject. A face in a photograph or a facial image displayed on a tablet terminal or the like is flat and does not have depth like an actual face. Therefore, by measuring the depth of the subject (face) with a depth camera, the accuracy of spoofing determination by the spoofing determination unit 37 can be improved. The depth camera is, for example, a camera using a distance measurement technique such as a TOF (Time Of Flight) method that measures the distance to the subject by emitting infrared rays to the subject and measuring the time it takes to receive the infrared rays reflected by the subject. When a depth camera is used for spoofing determination, the photographing unit 122 of the lobby intercom 12 may be a depth camera, or the camera 13 may be a depth camera. The intercom system 2 may also be provided with a depth camera in addition to the photographing unit 122 and the camera 13. In this case, the lobby intercom 12 may be provided with a depth camera in addition to the photographing unit 122. The depth camera may be a stereo camera having two or more imaging units (cameras) capable of measuring the depth of a subject based on parallax information of a plurality of images captured by each imaging unit. The imaging unit (camera) used for spoofing authentication may be an infrared camera capable of visualizing infrared radiation emitted from an object. The temperature of a face in a photograph or a face image displayed on a tablet terminal or the like is usually uniform and differs from the temperature of an actual face. Therefore, in an image captured by an infrared camera, it is easy to distinguish between a face in a photograph or a face image displayed on a tablet terminal or the like and an actual face. Therefore, by using an infrared camera, the accuracy of spoofing judgment by the spoofing judgment unit 37 can be improved. The infrared camera may be, for example, a near-infrared camera.

The face authentication system 3 must include at least a control system 4, a face authentication unit 36, and an impersonation determination unit 37.

In the first embodiment, the intercom system 2 is installed in an apartment building, but the intercom system 2 can also be installed in various facilities 1, such as detached houses and offices.

The intercom system 2 may include information terminals such as a registrant terminal 18 and a management company terminal 19.

The intercom system 2 may include a lobby intercom 12 and a control system separate from the lobby intercom 12.

The intercom system 2 must include at least a control system 4 and an intercom device such as a lobby intercom 12.

Instead of the first acquisition unit 31 and the second acquisition unit 32, the control system 4 may be provided with an acquisition unit having the functions of the first acquisition unit 31 and the second acquisition unit 32.

The intercom system 2 may be connected to the network N1 via the control device 11.

The computer system that is the main component of the face recognition system 3 and the computer system that is the main component of the control system 4 may be the same computer system or different computer systems. In addition, the program for causing one or more processors to function as the control system 4 may be a program separate from the program for causing one or more processors to function as the face recognition system 3 (face recognition unit 36, spoofing determination unit 37).

(Embodiment 2)
(1) Overview As shown in Fig. 6, the control system 4 of this embodiment differs from the control system 4 of the first embodiment in that the control system 4 of this embodiment is provided in an entrance/exit management system 6 introduced in a facility 1 (office). Hereinafter, components similar to those of the first embodiment will be denoted by the same reference numerals and descriptions thereof will be omitted as appropriate.

(2) Details As shown in FIG. 6, the facility 1 (office) is provided with a predetermined area A1, an area 21a, and a guard room 63.

Area 21a is an area adjacent to the specified area A1 via a door 20, such as a lobby or a hallway. A camera 13, a door 20, and a card reader 62 are provided in area 21a.

Door 20 connects a specific area A1, such as a laboratory or research lab, to area 21a.

The camera 13 is positioned in area 21a at a position that allows it to capture an image of a visitor 9 approaching the door 20.

The card reader 62 reads identification information from an IC (Integrated Circuit) card held by a registered user and outputs the read identification information to the entrance/exit management system 6. In other words, the card reader 62 is a terminal installed outside the specified area A1. The card reader 62 is also an operation unit that accepts operations requesting authentication regarding entry.

(2.1) Configuration of the Entrance/Exit Control System Next, the configuration of the entrance/exit control system 6 will be described with reference to FIG.

As shown in FIG. 6, the entrance/exit management system 6 includes a monitoring server 17, a face authentication system 3, and an entrance/exit management device 61. The face authentication system 3 includes a control system 4.

The entrance/exit management device 61 is configured to be able to communicate with the control system 4, and manages the opening/closing (locking/unlocking) of the door 20 leading to the specified area A1 in accordance with the entrance control by the control system 4. The entrance/exit management device 61 includes a communication unit 611 and an opening/closing management unit 612.

The communication unit 611 is connected to the door 20, the card reader 62, and the facial authentication system 3 directly or indirectly via another network or a repeater, etc. The communication unit 611 has a communication function with the door 20, the card reader 62, and the facial authentication system 3. As a result, the communication unit 611 is configured to be able to communicate with the door 20, the card reader 62, and the facial authentication system 3.

The opening/closing management unit 612 manages the opening/closing (locking/unlocking) of the door 20. Specifically, when the opening/closing management unit 612 receives an opening instruction (unlocking instruction) input from the control system 4 included in the face authentication system 3, it opens (unlocks) the door 20. In addition, when the opening/closing management unit 612 receives identification information read from an IC card held by the visitor 9 via the card reader 62, it outputs the identification information to the face authentication system 3.

The face authentication system 3 of this embodiment performs face authentication and impersonation determination based on a captured image D4 of the visitor 9 captured by the camera 13. The face authentication system 3 outputs to the control system 4 first information D1 (see FIG. 3) related to the result of the face authentication determination and second information D2 (see FIG. 3) related to the result of the impersonation determination.

The control system 4 performs entry control for entry to the specified area A1 based on the first information D1 and second information D2 acquired from the face authentication system 3. Furthermore, during the entry control, when the second information D2 is information indicating impersonation, the control system 4 performs a restriction process to restrict entry of the visitor 9 into the specified area A1. The control system 4 does not open (unlock) the door 20 while the restriction process is being performed. In this way, when the impersonation judgment determines that the visitor 9 is impersonating, the control system 4 performs the restriction process to restrict entry of the visitor 9 into the specified area A1, thereby improving the crime prevention of the specified area A1.

When the second information D2 is information indicating impersonation, the control system 4 of this embodiment does not perform restriction processing when the card reader 62 (operation unit) accepts an entry operation to enter the specified area A1 within a specified time after acquiring the second information D2.

Here, the "entry operation" in this embodiment refers to an operation that requests authentication for entry, and is an operation in which the visitor 9 has the card reader 62 read the identification information on the IC card he or she possesses. The control system 4 compares the identification information acquired via the entrance/exit management device 61 with the identification information previously stored in the memory unit 34 (see FIG. 3), and if there is matching identification information, it determines that an entrance operation has been performed on the operation unit. At this time, the control system 4 outputs an instruction to open the door 20 (an instruction to unlock) to the entrance/exit management device 61. Note that the control system 4 compares the identification information acquired via the entrance/exit management device 61 with the identification information previously stored in the memory unit 34, and if there is no matching identification information, it does not determine that an entrance operation has been performed on the operation unit.

When the second information D2 indicates impersonation during entrance control, the control system 4 performs a first notification process to notify one or more terminals of the presence of a visitor 9 determined to be an impersonator. Here, the one or more terminals are the guard terminal 64 in the guard room 63, the management company terminal 19 of the management company 5 (see FIG. 1), etc.

In addition, when the first information D1 indicates successful authentication during entrance control, the control system 4 performs a second notification process to notify the terminal of the person who has been impersonated that there is a visitor 9 who has been determined to be an impersonator. Here, the terminal of the person who has been impersonated is the registered user terminal 18 or the like in the specified area A1.

(Modification)
The second embodiment is merely one of various embodiments of the present disclosure. The above embodiment can be modified in various ways depending on the design and the like as long as the object of the present disclosure can be achieved.

Below, we list some variations of the second embodiment. The variations described below can be combined as appropriate.

The entrance/exit management system 6 in the present disclosure includes, for example, a computer system. The computer system is mainly composed of a processor and a memory as hardware. The function of the entrance/exit management system 6 in the present disclosure is realized by the processor executing a program recorded in the memory of the computer system. The program may be pre-recorded in the memory of the computer system, may be provided through an electric communication line, or may be recorded and provided in a non-transitory recording medium such as a memory card, an optical disk, or a hard disk drive that can be read by the computer system. The processor of the computer system is composed of one or more electronic circuits including a semiconductor integrated circuit (IC) or a large-scale integrated circuit (LSI). The integrated circuits such as IC or LSI referred to here are called differently depending on the degree of integration, and include integrated circuits called system LSI, VLSI (Very Large Scale Integration), or ULSI (Ultra Large Scale Integration). Furthermore, a field-programmable gate array (FPGA) that is programmed after the manufacture of the LSI, or a logic device that can reconfigure the connection relationship inside the LSI or reconfigure the circuit partition inside the LSI, can also be adopted as a processor. The multiple electronic circuits may be integrated into one chip, or may be distributed across multiple chips. The multiple chips may be integrated into one device, or may be distributed across multiple devices. The computer system referred to here includes a microcontroller having one or more processors and one or more memories. Therefore, the microcontroller is also composed of one or more electronic circuits including a semiconductor integrated circuit or a large-scale integrated circuit.

The captured image used by the facial recognition system 3 for facial recognition and spoofing determination may be, for example, an image captured by a capture unit provided in the card reader 62.

The card reader 62 may also be a PIN input device or a biometric information acquisition device. The card reader 62 may also be a key cylinder into which a key capable of opening (unlocking) the door 20 is inserted. The card reader 62 is not a required component of the entrance/exit management device 61.

In the second embodiment, the entrance/exit management system 6 is introduced in an office, but the entrance/exit management system 6 can also be introduced in various facilities 1 such as apartment buildings and schools.

The entrance/exit management system 6 must include at least the control system 4 and the entrance/exit management device 61.

The various configurations described in embodiment 2 (including modified examples) can be applied in appropriate combination with the various configurations described in embodiment 1 (including modified examples).

(summary)
As described above, the control system (4) according to the first aspect includes a first acquisition unit (31), a second acquisition unit (32), and an admission control unit (331). The first acquisition unit (31) acquires first information (D1) on the judgment result of face authentication that judges whether or not the visitor (9) is a person permitted to enter the predetermined area (A1) using a face image. The second acquisition unit (32) acquires second information (D2) on the judgment result of impersonation judgment that judges whether or not the subject of the face image used for face authentication is a real face. The admission control unit (331) performs admission control regarding admission to the predetermined area (A1) based on the first information (D1) acquired by the first acquisition unit (31) and the second information (D2) acquired by the second acquisition unit (32). In the entrance control, when the second information (D2) is information indicating impersonation, the entrance control unit (331) performs a restriction process for restricting the visitor (9) from entering the predetermined area (A1).

According to this aspect, when the impersonation judgment determines that impersonation has occurred, the entrance control unit (331) performs a restriction process to restrict the visitor (9) from entering the specified area (A1), thereby improving the security of the specified area (A1).

In the control system (4) according to the second aspect, in the first aspect, when the second information (D2) is information indicating impersonation, the entry control unit (331) does not perform a restriction process when the operation unit (121; card reader 62) accepts an entry operation for entering a specified area (A1) within a specified time after the second acquisition unit (32) acquires the second information (D2).

According to this aspect, even if the spoofing judgment determines that spoofing has occurred, if the operation unit (121; card reader 62) accepts an entry operation within a predetermined time, the restriction process is not performed. Therefore, it is possible to reduce the number of times that the restriction process is performed when the spoofing judgment result is an incorrect judgment, etc.

In the control system (4) according to the third aspect, in the second aspect, the operation unit (121; card reader 62) is provided in a terminal (lobby intercom 12) provided outside the specified area (A1). The entry operation includes at least one of an operation to call the terminal (home master unit 14) of the visitor's (9) destination and an operation to request authentication for entry.

According to this aspect, a visitor (9) who performs at least one of the operations of calling the terminal (home base unit 14) of the visitor's destination and the operation of requesting authentication for entry is likely not an individual attempting unauthorized entry, and is likely to have had an incorrect impersonation judgment result. Therefore, by not performing the restriction process when the visitor (9) performs the entry operation, it is possible to reduce the need to perform the restriction process when the impersonation judgment result is an incorrect judgment.

In the control system (4) according to the fourth aspect, in any of the first to third aspects, the admission control unit (331) performs processing according to the result of the impersonation judgment during admission control when the first information (D1) is information indicating successful authentication.

According to this aspect, even if the facial authentication result is a successful authentication, the entrance control unit (331) performs different control depending on the result of the impersonation determination, thereby further improving the security of the specified area (A1).

In the control system (4) according to the fifth aspect, in any of the first to fourth aspects, when the second information (D2) is information indicating impersonation during entry control, the entry control unit (331) notifies one or more terminals (home base unit 14; management room unit 16; registrant terminal 18; management company terminal 19; guard terminal 64) of the presence of a visitor (9) determined to be an impersonator.

According to this embodiment, when the impersonation judgment determines that an impersonation has occurred, the presence of a visitor (9) determined to be an impersonator is notified to one or more terminals (home base unit 14; management room unit 16; registrant terminal 18; management company terminal 19; security guard terminal 64), thereby further improving the security of the specified area (A1).

In the control system (4) according to the sixth aspect, in the fifth aspect, when the first information (D1) indicates successful authentication during entry control, the entry control unit (331) notifies the terminal of the person who has been impersonated (the residence master unit 14; the registrant terminal 18) that there is a visitor (9) who has been determined to be an impersonator.

According to this embodiment, when the impersonation judgment determines that an impersonation has occurred, the terminal of the person who has been impersonated (the residence master unit 14; the registrant terminal 18) is notified of the presence of a visitor (9) who has been determined to be an impersonator. The person who has been impersonated can learn from the notification that there is a visitor (9) who has impersonated him/her, thereby further improving the security of the specified area (A1).

In the control system (4) according to the seventh aspect, in any of the first to sixth aspects, the admission control unit (331) stores in the memory unit (34; 173) the captured image (D3; D4) taken by the photographing unit (122; camera 13) that photographs the visitor (9) when the second information (D2) is information indicating impersonation during admission control.

According to this aspect, when the impersonation judgment determines that the visitor (9) has impersonated another person, the image (D3; D4) captured by the photographing unit (122; camera 13) that photographs the visitor (9) during at least one of the face authentication and the impersonation judgment is stored in the memory unit (34; 173), thereby making it possible to save an image of the impersonated face of the visitor (9).

In the control system (4) according to the eighth aspect, in any one of the first to seventh aspects,
In admission control, when the second information (D2) is information indicating impersonation, the admission control unit (331) stores in the memory unit (34; 173) the captured image (D3; D4) taken by the photographing unit (122; camera 13) after determining that the image is impersonated.

According to this aspect, when the impersonation determination determines that impersonation has occurred, the photographing unit (122; camera 13) photographs the visitor (9) after the impersonation determination and generates a photographed image (D3; D4), which is then stored in the memory unit (34; 173), thereby making it possible to preserve the photographed image (D3; D4) showing the visitor (9).

In the control system (4) according to the ninth aspect, in the seventh or eighth aspect, the admission control unit (331) notifies the visitor (9) that the captured image (D3; D4) has been stored in the memory unit (34; 173).

According to this embodiment, by notifying the visitor (9) that a face impersonated by the visitor (9) or a photographed image (D3; D4) showing the visitor (9) has been stored, the visitor (9) who intended to enter the building illegally can be deterred.

Configurations other than the first aspect are not essential to the control system (4) and may be omitted as appropriate.

The intercom system (2) according to the tenth aspect includes a control system (4) according to any one of the first to ninth aspects and an information terminal (home base unit 14; management room unit 16). The information terminal (home base unit 14; management room unit 16) is capable of communicating with the control system (4).

According to this aspect, when the impersonation determination determines that an impersonation has occurred, the control system (4) performs a restriction process to restrict the visitor (9) from entering the specified area (A1), thereby improving the security of the specified area (A1) of an apartment building or the like in which the intercom system (2) is installed.

The entrance/exit management system (6) according to the eleventh aspect includes a control system (4) according to any one of the first to ninth aspects and an entrance/exit management device (61). The entrance/exit management device (61) manages the opening and closing of a door (20) leading to a specified area (A1) in response to the entrance control by the control system (4).

According to this aspect, when the impersonation determination determines that the visitor (9) has impersonated another person, the control system (4) performs a restriction process to restrict the visitor (9) from entering the specified area (A1), thereby improving the security of the specified area (A1) of an office or the like in which the entrance/exit management system (6) is installed.

A face authentication system (3) according to a twelfth aspect includes a control system (4) according to any one of the first to ninth aspects, a face authentication unit (36), and an impersonation determination unit (37). The face authentication unit (36) performs face authentication. The impersonation determination unit (37) performs impersonation determination.

According to this aspect, when the impersonation determination unit (37) determines that impersonation has occurred, the entrance control unit (331) performs a restriction process to restrict the visitor (9) from entering the specified area (A1), thereby improving the security of the specified area (A1).

The control method according to the thirteenth aspect includes a first information acquisition step, a second information acquisition step, and an entrance control step. In the first information acquisition step, first information (D1) is acquired regarding a result of face authentication that determines whether or not a visitor (9) is a person permitted to enter a predetermined area (A1) based on a face image (captured image D3). In the second information acquisition step, second information (D2) is acquired regarding a result of impersonation judgment that determines whether or not a face used in face authentication is a human face. In the entrance control step, entrance control regarding entry to the predetermined area (A1) is performed based on the first information (D1) acquired in the first information acquisition step and the second information (D2) acquired in the second information acquisition step. The entrance control step includes a restriction step. In the restriction step, in the entrance control, when the second information (D2) is information indicating impersonation, the entrance of the visitor (9) to the predetermined area (A1) is restricted.

According to this aspect, when the impersonation judgment determines that impersonation has occurred, the visitor (9) is restricted from entering the specified area (A1), thereby improving the crime prevention of the specified area (A1).

The program according to the fourteenth aspect is a program for causing one or more processors to execute the control method according to the thirteenth aspect.

12. Lobby intercom (terminal installed outside)
121 Operation unit 122 Photography unit 13 Camera (photography unit)
14. Residential base station (terminal of the person who has been impersonated) (information terminal)
16. Control room device (one or more terminals) (information terminal)
17 Monitoring server 173 Storage unit 18 Registered user terminal (terminal of person who has been impersonated) (information terminal)
19 Management company terminal (one or more terminals) (information terminal)
2 Intercom system 3 Face authentication system 31 First acquisition unit 32 Second acquisition unit 331 Entrance control unit 34 Memory unit 36 Face authentication unit 37 Spoofing determination unit 4 Control system 6 Entrance/exit management system 61 Entrance/exit management device 62 Card reader 64 Guard terminal (one or more terminals)
9 Visitor A1 Predetermined area D1 First information D2 Second information D3 Photographed image D4 Photographed image

Claims (11)

a face authentication unit that performs face authentication using a face image included in a first captured image captured by the first imaging unit and determines whether or not a visitor is a person authorized to enter a predetermined area;
a first acquisition unit that acquires first information related to a determination result of face authentication from the face authentication unit;
an imitation determination unit that performs imitation determination to determine whether or not a subject of the face image used for the face authentication is a real face based on a second captured image captured by a second imaging unit;
a second acquisition unit that acquires second information related to a result of the spoofing determination from the spoofing determination unit;
an admission control unit that performs admission control regarding admission to the predetermined area based on the first information acquired by the first acquisition unit and the second information acquired by the second acquisition unit;
Equipped with
The admission control unit:
In the entrance control, when the second information is information indicating impersonation, a restriction process is performed to restrict the visitor from entering the predetermined area;
In the admission control, when the second information is information indicating impersonation, an image captured by the first photographing unit is stored in a storage unit;
notifying the visitor that the photographed image has been stored in the storage unit;
Facial recognition system. a face authentication unit that performs face authentication using a face image included in a first captured image captured by the first imaging unit and determines whether or not a visitor is a person authorized to enter a predetermined area;
a first acquisition unit that acquires first information related to a determination result of face authentication from the face authentication unit;
an imitation determination unit that performs imitation determination to determine whether or not a subject of the face image used for the face authentication is a real face based on a second captured image captured by a second imaging unit;
a second acquisition unit that acquires second information related to a result of the spoofing determination from the spoofing determination unit;
an admission control unit that performs admission control regarding admission to the predetermined area based on the first information acquired by the first acquisition unit and the second information acquired by the second acquisition unit;
Equipped with
The admission control unit:
In the entrance control, when the second information is information indicating impersonation, a restriction process is performed to restrict the visitor from entering the predetermined area;
In the entrance control, when the second information is information indicating impersonation, an image capturing unit that captures an image of the visitor is caused to store an image captured by the image capturing unit after the impersonation determination is made in a storage unit;
notifying the visitor that the photographed image has been stored in the storage unit;
Facial recognition system. the entry control unit, when the second information is information indicating spoofing, does not perform the restriction process when an entry operation for entering the predetermined area is received by an operation unit within a predetermined time after the second acquisition unit acquires the second information.
The face authentication system according to claim 1 or 2. the operation unit is provided in a terminal provided outside the predetermined area,
The entrance operation includes at least one of an operation of calling a terminal of the visitor's destination and an operation of requesting authentication for entrance.
The face authentication system according to claim 3 . the admission control unit, when the first information is information indicating successful authentication, performs a process according to the determination result of the spoofing determination during the admission control.
The face authentication system according to claim 1 . When the second information is information indicating impersonation during the entrance control, the entrance control unit notifies one or more terminals of the presence of the visitor determined to be an impersonator.
The face authentication system according to any one of claims 1 to 5. When the first information is information indicating successful authentication during the entrance control, the entrance control unit notifies a terminal of the person who has been impersonated that there is a visitor who has been determined to be an impersonator.
The face authentication system according to claim 6. A face authentication system according to any one of claims 1 to 7,
An information terminal capable of communicating with the face authentication system;
Equipped with
Intercom system. A face authentication system according to any one of claims 1 to 7,
an entrance/exit management device that manages opening and closing of a door leading to the predetermined area in response to the entrance control by the face authentication system;
Equipped with
Entrance/exit control system. a face authentication step of performing face authentication to determine whether or not a visitor is a person permitted to enter a predetermined area based on a face image included in a first photographed image photographed by the first photographing unit;
a first information acquisition step of acquiring first information related to a determination result of the face authentication;
an spoofing determination step of performing an spoofing determination for determining whether or not the face used in the face authentication is a human face based on a second captured image captured by a second imaging unit;
a second information acquisition step of acquiring second information related to a result of the spoofing determination;
an admission control step of performing admission control regarding admission to the predetermined area based on the first information acquired in the first information acquisition step and the second information acquired in the second information acquisition step;
having
The entrance control step includes a restriction step of restricting the visitor from entering the predetermined area when the second information is information indicating impersonation,
In the admission control step,
In the admission control, when the second information is information indicating impersonation, an image captured by the first photographing unit is stored in a storage unit;
notifying the visitor that the photographed image has been stored in the storage unit;
Control methods. A program for causing one or more processors to execute the control method according to claim 10.

Images