Information processing device, information processing method, and program

The information processing device manages authentication validity periods to reduce misidentification risks in biometric systems by ensuring timely and location-based comparisons of biometric data, improving authentication accuracy.

JP2026095573APending Publication Date: 2026-06-11CANON KK

Patent Information

Authority / Receiving Office
JP · JP
Patent Type
Applications
Current Assignee / Owner
CANON KK
Filing Date
2026-03-31
Publication Date
2026-06-11

Smart Images

  • Figure 2026095573000001_ABST
    Figure 2026095573000001_ABST
Patent Text Reader

Abstract

In situations where user authentication is performed using biometric information, the risk of misauthentication is reduced in a more appropriate manner. [Solution] The authentication start instruction receiving means 110 receives an instruction from the user to be authenticated via the network to start the authentication validity period that activates the authentication of the user. The authentication management means 113 manages the period from when the start instruction is received until a predetermined time limit has elapsed as the authentication validity period. During the authentication validity period, the authentication means 112 authenticates the user by comparing the user's biometric information with one or more biometric information registered in advance.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] The present disclosure relates to an information processing apparatus, an information processing method, and a program.

Background Art

[0002] In recent years, a technology called biometric authentication has been developed to authenticate a user by using the user's biological characteristic information (hereinafter also referred to as "biometric information"). As an example of biometric authentication technology, face authentication is a technology that authenticates whether a person to be authenticated is the same person as a registered user by comparing biometric information extracted from an image of the face of the person to be authenticated with biometric information of a pre-registered user. Patent Document 1 discloses a technology related to user authentication using face authentication.

Prior Art Documents

Patent Documents

[0003]

Patent Document 1

Summary of the Invention

Problems to be Solved by the Invention

[0004] On the other hand, in a situation where so-called biometric authentication such as face authentication is used, as the number of users whose characteristic information is registered increases, it becomes more likely that there are people with similar characteristic information among the registered users. In such a situation, it is conceivable that a situation may occur in which a person to be authenticated is mis-identified as another registered user different from the person to be authenticated, and as a result, the accuracy of biometric authentication may decrease.

[0005] In view of the above problems, an object of the present invention is to reduce the risk of mis-identification in a more suitable manner in a situation where user authentication using biometric information is performed.

Means for Solving the Problems

[0006] The information processing device according to the present invention comprises: a receiving means for receiving an instruction to start an authentication validity period for activating the authentication of a user via a network from a user who is to be authenticated; a management means for managing the period from when the instruction to start is received until a predetermined time limit has elapsed as the authentication validity period; and an authentication means for performing authentication of the user by comparing the user's biometric characteristic information with one or more biometric characteristic information registered in advance during the authentication validity period, wherein the instruction to start includes information indicating the location where the user's authentication is performed, and the management means manages the authentication validity period for activating the user's authentication using one or more biometric characteristic information registered in advance for each location. [Effects of the Invention]

[0007] According to the present invention, in situations where user authentication is performed using biometric characteristic information, the risk of false authentication can be reduced in a more favorable manner. [Brief explanation of the drawing]

[0008] [Figure 1] This diagram shows an example of the configuration of an information processing device. [Figure 2] This is a flowchart illustrating an example of processing performed by an information processing device. [Figure 3] This is a flowchart illustrating an example of processing performed by an information processing device. [Figure 4] This is a flowchart illustrating an example of processing performed by an information processing device. [Figure 5] This is a flowchart illustrating an example of processing performed by an information processing device. [Figure 6] This diagram shows an example of the data structure of a registered user information list. [Figure 7] This diagram shows an example of the data structure of a matching list. [Figure 8] This diagram shows an example of the data structure for the list of users who have entered the site. [Figure 9]This diagram shows an example of a web page related to receiving authentication initiation instructions. [Figure 10] This diagram shows an example of a web page related to receiving authentication initiation instructions. [Figure 11] This diagram shows another example of the configuration of an information processing device. [Figure 12] This flowchart shows another example of processing performed by an information processing device. [Modes for carrying out the invention]

[0009] Preferred embodiments of this disclosure will be described in detail below with reference to the attached drawings. In this specification and the drawings, components having substantially the same functional configuration are denoted by the same reference numerals, and redundant descriptions will be omitted.

[0010] <Introduction> In recent years, various technologies have been developed to authenticate users using their biometric information. One example of authentication using biometric information is facial recognition. In facial recognition, feature information is extracted from an image of the user's face, and a similarity is calculated between this image and one or more feature information entries previously registered for that user. If the calculated similarity exceeds a threshold, the user whose face was captured in the image from which the feature information was extracted is authenticated as the same person as the registered user whose similarity was compared. The results of such authentication are used, for example, to grant the authenticated user access rights to information or to allow the user to enter a facility by opening an entrance door.

[0011] When facial recognition is used as an authentication method, it becomes possible to authenticate a user without complicated procedures by capturing an image of the user's face. For example, by using facial recognition to manage visitor entry at a facility entrance, it becomes possible to control whether or not to allow a visitor to enter based on the facial recognition result, without the visitor having to take out their ticket and present it to an attendant. In this way, visitor entry management can be done without complicated procedures, allowing visitors to enter without congestion, and consequently, it is expected that congestion at the entrance will be less likely to occur.

[0012] On the other hand, with biometric authentication methods such as facial recognition, as the number of users with registered characteristic information increases, the likelihood of users with similar registered characteristic information being included in the set of users being authenticated increases, which can lead to a decrease in authentication accuracy. For example, when calculating the similarity between the characteristic information of a visitor (authenticated user) and the characteristic information of a registered user, it is conceivable that the similarity to the characteristic information registered by another person may be higher than the similarity to the characteristic information registered by the visitor themselves. In such a situation, the authenticated user may be mistakenly authenticated as someone else, allowing that user to enter with the authority of another person, or if that other person tries to enter later, their entry to the venue may be restricted because they are already entered. Another example is that, with a very large number of registered users, it is possible that the facial features of individuals who do not actually have the right to enter may coincidentally resemble those of one of the registered users. In such a situation, it is conceivable that malicious individuals who do not have the right to enter may attempt to enter the venue, and that these individuals may be mistakenly authenticated as users who do have the right to enter. Another example is that if a malicious individual who does not have the right to enter knows some of the registered users, they may try to enter the venue by disguising themselves as one of those users, and as a result, that individual may be mistakenly authenticated as a registered user. Especially in recent years, there are events that are expected to attract tens of thousands of attendees, and when considering attendee entry management at such events, the possibility of the above examples occurring becomes even higher. Furthermore, while the above explanation focused on facial recognition, the situations exemplified above are not limited to facial recognition; they can also occur in authentication using other biometric information (especially biometric information that may be similar to that of other individuals).

[0013] In light of these circumstances, this disclosure describes an example of a technology that can more effectively reduce the risk of misauthentication in situations where user authentication is performed using biometric information. In the following explanations, we will use the example of a case where, upon a user entering a facility, their entry is determined by authentication using a facial image captured from that user's face (i.e., facial recognition). However, this does not limit the application of the technology disclosed. For example, the rights granted to the user through authentication are not limited to whether or not they are allowed to enter the facility; they may also include access to various types of information or the ability to make payments. Furthermore, the authentication method is not limited to authentication using biometric information extracted from facial images; authentication using other biometric information may also be applied. As a specific example, the technology disclosed may also be applied in situations where gait recognition, fingerprint recognition, palm vein recognition, and iris recognition are used.

[0014] <Configuration> Referring to FIG. 1, an example of the configuration of an information processing apparatus according to an embodiment of the present disclosure will be described. The information processing apparatus according to this embodiment includes a CPU (Central Processing Unit) 101, a first memory 103, a second memory 104, and a communication unit 107. The information processing apparatus may further include at least one of an input unit 105 and a display unit 106. The CPU 101, the first memory 103, the second memory 104, the communication unit 107, the input unit 105, and the display unit 106 are connected to each other via a bus 102 so as to be able to transmit and receive information.

[0015] The CPU 101 controls the operation of the entire information processing apparatus. The first memory 103 and the second memory 104 schematically show storage areas for storing control programs and various data for the information processing apparatus according to this embodiment to execute various processes (for example, processes described later separately). Each of the first memory 103 and the second memory 104 can be realized by, for example, a memory or an auxiliary storage device. In the example shown in FIG. 1, the control program is mainly stored in the first memory 103, and various data are mainly stored in the second memory 104, but this does not necessarily limit the configuration of the information processing apparatus according to this embodiment. As a specific example, the first memory 103 and the second memory 104 may be realized by one storage area, or at least one of the first memory 103 and the second memory 104 may be realized by a combination of a plurality of storage areas. The input unit 105 is realized by an input device such as a keyboard or a touch panel, and receives input from the user. The display unit 106 is realized by a display device such as a liquid crystal display, and presents various information such as a processing result to the user by displaying the information. The communication unit 107 is a communication interface for transmitting and receiving data to and from other devices via a network. The configuration of the communication unit 107 may be appropriately changed according to the type of network and communication method used for communication.

[0016] The second memory 104 has a registered user information list 122 pre-stored in it. The registered user information list 122 has biometric characteristic information of a series of users to be authenticated pre-registered in it. As a more specific example, the registered user information list 122 stores the biometric characteristic information of all users who are permitted to enter the facility, associated with identification information (e.g., an ID) used to identify each user. In this embodiment, since facial recognition is used for user authentication, the biometric characteristic information used is facial characteristic information extracted from the facial image of the user to be authenticated (i.e., characteristic information derived from the user's face). For example, Figure 6 shows an example of the data structure of the registered user information list 122. The registered user information list 122 records data that associates the registered biometric characteristic information 602 for each user with the user ID 601 registered for that user and the user's contact information 603. The contact information 603 is the information to which various information is sent when notifying the target user, and information such as an email address may be registered. The registered user information list 122 may also be obtained from an external device via the communication unit 107. Furthermore, the second memory 104 can store various types of data in addition to the registered user information list 122, as illustrated in Figure 1. Details regarding this data, along with the processing performed by the information processing device, will be described separately later.

[0017] Furthermore, the first memory 103 stores control programs related to the implementation of each processing means, which are indicated as the authentication start instruction receiving means 110, the authentication start means 111, the authentication means 112, and the authentication management means 113. The series of processes of the information processing device according to this embodiment are started by activating each of the above series of processing means and are executed by each of the said processing means. Specifically, the CPU 101 activates each of these processing means by deploying and executing the control programs corresponding to the authentication start instruction receiving means 110, the authentication start means 111, the authentication means 112, and the authentication management means 113, which are stored in the first memory 103. These processing means are configured to operate in cooperation by sending and receiving information from each other. Details of the processes executed by these processing means will be described separately later. When the processing of each of these processing means is completed, the series of processes of the information processing device is completed.

[0018] An example of the configuration of an information processing device according to one embodiment of the present disclosure has been described above with reference to Figure 1. It should be noted that the configuration shown in Figure 1 is merely an example and does not necessarily limit the configuration of the information processing device according to this embodiment. As a specific example, at least some of the components of the series of components shown in Figure 1 may be realized by the cooperation of multiple devices physically. As another example, at least some of the components of the series of components of the information processing device shown in Figure 1 may be realized as a so-called cloud service. In this case, the cloud service may be realized by the cooperation of multiple server devices.

[0019] <Processing> An example of the processing performed by the information processing device according to this embodiment is described below. First, an example of the processing performed by the authentication start instruction receiving means 110 and the authentication start means 111 will be explained with reference to Figures 2 and 3. The authentication start instruction receiving means 110 receives an instruction from the user seeking authentication to start the validity period for which authentication using biometric characteristic information for that user is enabled. The authentication start means 111, in response to the start instruction received by the authentication start instruction receiving means 110, instructs the authentication means 112 to start authentication using biometric characteristic information for the above user. In other words, a user who has received an instruction to start the validity period for which authentication using biometric characteristic information is enabled (in other words, an instruction to start authentication using biometric characteristic information) corresponds to an example of a user to be authenticated. Figure 2 shows an example of the process for receiving an instruction to initiate authentication using biometric information from the target user (in other words, an instruction to initiate the above-mentioned validity period). Figure 3 shows an example of the process for instructing the authentication means 112 to initiate authentication in response to the instruction to initiate the above-mentioned validity period from the target user. Hereafter, for convenience, the validity period for authentication using biometric information will also be referred to as the authentication validity period.

[0020] First, referring to Figure 2, the process for receiving an instruction to initiate authentication using biometric information will be explained. In the example shown in Figure 2, the authentication initiation instruction receiving means 110 displays a web page on a terminal device connected via the network (a terminal device held by the user) and receives an instruction to initiate the authentication validity period from the user via the web page. The data for the web page 130 for which the authentication initiation instruction receiving means 110 receives an instruction to initiate authentication (i.e., an instruction to initiate the authentication validity period) from the user is stored, for example, in the second memory 104. Furthermore, the web page 130 is assumed to be configured to be accessible via access information such as a URL by using a web server (not shown in the figure). The target user can, for example, access the above URL using a terminal device held by the user, and then issue an instruction to initiate authentication via the web page 130 displayed through that terminal device. For example, Figure 9 shows an example of a web page 130 for receiving instructions from a user to start authentication (i.e., instructions to start the authentication validity period). The web page 130 shown in Figure 9 displays an input area 901 for receiving a user ID and an authentication start button 902.

[0021] When the authentication start button 902 is pressed on the web page shown in Figure 9, the authentication start instruction receiving means 110 detects the pressing of the authentication start button 902 in S201 shown in Figure 2. At this time, the authentication start instruction receiving means 110 recognizes the user ID of the user to be authenticated by obtaining the user ID entered in the input area 901. In S202, the authentication initiation instruction receiving means 110 receives an instruction to initiate authentication using biometric information for the user to whom the user ID obtained in S201 is assigned. The authentication initiation instruction receiving means 110 then notifies the authentication initiation means 111 that it has received an instruction to initiate authentication using biometric information, along with the user ID of the user to be authenticated. In S203, the authentication start instruction receiving means 110 determines whether the termination conditions for the series of processes related to receiving an authentication start instruction using the biometric characteristic information shown in Figure 2 have been met. If the authentication start instruction receiving means 110 determines in S203 that the termination conditions for the series of processes related to receiving an instruction to start authentication using biometric characteristic information have not been met, it proceeds to S201. In this case, the authentication start instruction receiving means 110 continues the process related to receiving an instruction to start authentication using biometric characteristic information. Then, if the authentication start instruction receiving means 110 determines in S203 that the conditions for terminating the series of processes related to receiving an instruction to start authentication using biometric characteristic information have been met, it terminates the series of processes shown in Figure 2.

[0022] The termination determination shown as S203 may be appropriately determined depending on the scope to which the technology relating to this disclosure applies. For example, the termination determination may be made depending on whether the system to which the technology relating to this disclosure is applied is in operation. As a more specific example, if the technology relating to this disclosure is applied to the authentication of visitors at an entrance, information indicating the opening and reception hours of the facility may be stored in memory, and the termination determination may be made depending on whether the current time is within the opening and reception hours. As another example, by storing a termination flag in memory, a control may be applied such that the series of processes shown in Figure 2 continues to be executed as long as the flag indicates non-termination, and the series of processes terminates when the flag indicates termination. The termination flag may be set, for example, by an operator via the input unit 105.

[0023] In addition to specifying a predetermined URL, various other methods can be used to access Web page 130. For example, when a user obtains permission to enter a facility by purchasing a ticket or similar means, and a purchase confirmation email is sent to that user, a control may be applied that includes access information (e.g., a URL) to the web page 130 in the email body. This allows the user to access the web page 130 by clicking the URL in the email body. In this case, parameters may also be specified for the URL in the email body so that the user ID of the target user is automatically entered into the input field 901 when accessing the web page 130. Another example is a control system that prints a QR code (registered trademark) containing the URL for accessing Web page 130 on the ticket itself. This may also be applied. This allows, for example, a user to access web page 130 using their terminal device by scanning a QR code with that device. Furthermore, with respect to web page 130, a known mechanism may be applied to store the history of web form entries in the terminal device, targeting input fields such as 901 where the user ID is entered. By applying such a mechanism, the user will no longer need to enter their user ID each time.

[0024] Furthermore, while the example shown in Figure 2 describes the case where instructions from a user are received via a web page 130, the method is not particularly limited as long as the authentication initiation instruction receiving means 110 can receive such instructions from the user. As a specific example, an instruction to initiate authentication using biometric characteristics may be received by the user who sent the email when an email is sent to a predetermined email address. In this case, for example, as shown in the example in Figure 6, it is advisable to associate the email address as the contact information of the user ID of the target user. This makes it possible for the authentication initiation instruction receiving means 110 to identify the user who is the target of receiving the instruction to initiate authentication using biometric characteristics based on the email address of the sender of the received email.

[0025] Furthermore, when receiving a user's instruction to initiate authentication using biometric information via a web page or similar means, a control may be applied to verify that the instruction is being made by a legitimate user by requiring the user to enter authentication information such as a password. Even with such control applied, it is possible to implement an operation where the acceptance of the instruction to initiate authentication using biometric information (i.e., the instruction to start the authentication validity period) takes place before the user arrives at the entrance. Therefore, for example, even if the user needs to stop to enter the above authentication information, they can perform this input operation before arriving at the entrance, which is expected to prevent congestion and delays at the entrance.

[0026] Next, referring to Figure 3, we will explain the process related to the request to the authentication means 112 to start authentication in response to the receipt of an instruction to start authentication using biometric characteristic information (i.e., an instruction to start the authentication validity period).

[0027] In S301, the authentication initiation means 111 detects that an instruction to initiate authentication using biometric characteristic information (in other words, an instruction to initiate the authentication validity period) has been received, based on the notification from the authentication initiation instruction receiving means 110 in the process of S202 in Figure 2. At this time, the authentication initiation means 111 also recognizes the target user based on the user ID notified by the authentication initiation instruction receiving means 110. In S302, the authentication initiation means 111 sends a request to the authentication management means 113 for the authentication initiation process. At this time, the authentication initiation means 111 includes in the message sent as the request information information (for example, identification information to identify the request information) and the user ID obtained in S301.

[0028] In S303, the authentication initiation means 111 determines whether the target user has already entered the facility based on the response sent back from the authentication management means 113 to the request sent to the authentication management means 113 in S302. If the authentication initiation means 111 determines in S303 that the target user has already entered the facility, it proceeds to S305. On the other hand, if the authentication initiation means 111 determines in S303 that the target user has not yet entered the facility, it proceeds to S304.

[0029] In S305, the authentication initiation means 111 notifies the user who has received an instruction to initiate authentication using biometric characteristic information that their passage through the entrance is restricted because they have already entered. At this time, the authentication initiation means 111 can retrieve the contact information of the target user as information indicating the recipient of the above information by searching the registered user information list 122 in the second memory 104 based on the user ID specified in S301. Furthermore, the method of notifying the above information may be changed as appropriate depending on the operation method of the system, and the information managed as the contact information of the target user may be changed as appropriate depending on the notification method. As a specific example, the notification of the above information may be made by email, in which case it is preferable that the email address is managed as the contact information of the target user.

[0030] In S304, the authentication initiation means 111 notifies the user who has received an instruction to initiate authentication using biometric information of information prompting them to authenticate at the entrance. For example, the authentication initiation means 111 may manage the time limit by storing information indicating the time limit during which authentication using biometric information is enabled as a time limit 128 in the second memory 104. In this case, the period from the time the instruction to initiate authentication using biometric information is received until the time limit managed as time limit 128 has elapsed will be treated as the authentication validity period. Alternatively, in this case, the authentication initiation means 111 may inform the target user of the validity period of authentication using biometric information based on information obtained by adding the time limit managed as time limit 128 to the time the instruction to initiate was received. The method of notifying the user of the information is the same as in the processing of S305. The above time limit, managed as a time limit of 128, may be set in advance as a predetermined value, or it may be changed manually or automatically during system operation. A mechanism for changing the above time limit during system operation will be described separately in detail as a modified example. Furthermore, when the above time limit is set in advance as a predetermined value, it is desirable that this predetermined value be determined by considering the usage scenarios of the target system. As a specific example, the longer the period during which authentication using biometric characteristics is enabled, the higher the likelihood of false authentication tends to be. Therefore, in such cases, it is desirable that the above time limit be set to a period that is not too long (for example, a few minutes) within an acceptable range considering the user's usage scenarios of the system.

[0031] In S306, the authentication initiation means 111 determines whether the termination conditions for the series of processes related to the authentication initiation instruction to the authentication means 112 in response to the authentication initiation instruction using the biometric characteristic information shown in Figure 3 have been met. If the authentication initiation means 111 determines in S306 that the termination conditions for the series of processes related to the authentication initiation instruction to the authentication means 112 in response to the instruction to initiate authentication using biometric characteristic information have not been met, it proceeds to S301. In this case, the authentication initiation means 111 continues to receive the authentication initiation instruction using biometric characteristic information and to process the authentication initiation instruction to the authentication means 112 in response to the said instruction. Then, if the authentication initiation means 111 determines in S306 that the conditions for ending the series of processes related to the authentication initiation instruction to the authentication means 112 in response to the authentication initiation instruction using biometric characteristic information have been met, it terminates the series of processes shown in Figure 3. Regarding the termination determination shown as S306, a detailed explanation is omitted because it is essentially the same as the processing in S203 in the example shown in Figure 2.

[0032] Next, with reference to Figure 4, an example of the process related to visitor authentication by the authentication means 112 will be explained. In S401, the authentication means 112 waits for a visitor (a person to be authenticated) to enter the entrance to the facility and detects the visitor who has entered the entrance. The detection method and the configuration for achieving this detection are not particularly limited, as long as it is possible to detect the visitor who has entered the entrance. As a specific example, the entrance may be continuously imaged using an imaging device, and the visitor may be detected by detecting a person's face from the resulting image. Alternatively, the visitor may be detected by using a sensor or the like.

[0033] In S402, the authentication means 112 performs authentication processing using biometric information, such as facial recognition, for the visitor detected in S401. It is assumed that facial recognition is performed in this case, as described above. Specifically, the authentication means 112 captures an image of the face of the person to be authenticated (i.e., a visitor) who enters the entrance gate, and stores the image as visitor image 120 in the second memory 104. The authentication means 112 also extracts the facial feature information of the person to be authenticated by performing image analysis on the visitor image 120, and stores this feature information as visitor feature information 121 in the second memory 104. The second memory 104 also has a series of registered users' biometric feature information pre-stored as a matching list 124. The authentication means 112 compares the visitor feature information 121 with the series of registered users' biometric feature information stored as the matching list 124 to determine the similarity, and stores the information indicating this similarity as similarity 125 in the second memory 104. Note that the processing of so-called biometric authentication (e.g., facial recognition), such as the calculation of the similarity of biometric feature information, can be done using known technologies, so a detailed explanation is omitted. The authentication means 112 compares each of the series of similarity values ​​held as similarity 125 with a pre-set authentication threshold 126 and identifies biometric feature information (biometric feature information of a pre-registered user) whose similarity to the visitor feature information 121 is 126 or higher. If the authentication means 112 identifies biometric feature information whose similarity to the visitor feature information 121 is 126 or higher, it stores the user ID of the registered user corresponding to the biometric feature information with the highest similarity as the authentication determination result 127 in the second memory 104. On the other hand, if there is no biometric feature information whose similarity to the visitor feature information 121 is 126 or higher, the authentication means 112 stores a special ID indicating that authentication was unsuccessful as the authentication determination result 127 in the second memory 104.

[0034] Here, with reference to Figure 7, the matching list 124 will be described. The matching list 124 manages data for each registered user for whom an authentication start instruction has been received, including a matching user ID 701, matching biometric feature information 702, and authentication start time 703. The matching user ID 701 indicates the user ID assigned to the target registered user. The matching biometric feature information 702 indicates the biometric feature information (e.g., facial feature information) that has been registered in advance for the target registered user. The authentication start time 703 indicates the time when an authentication start instruction using biometric information was received. The management of the matching list 124 will be described in detail separately in conjunction with the processing of the authentication management means 113.

[0035] Now, let's refer to Figure 4 again. In S403, the authentication means 112 determines whether the authentication in S402 was successful or not. As a specific example, the authentication means 112 may determine whether the authentication was successful or not based on whether the information stored in the second memory 104 as the authentication determination result 127 is a user ID or a special ID indicating that the authentication was unsuccessful. If the authentication means 112 determines in S403 that authentication was successful (for example, if the user ID is stored as the authentication result 127), it proceeds to S404. On the other hand, if the authentication means 112 determines in S403 that authentication was unsuccessful (for example, if a special ID indicating that authentication was unsuccessful is stored as the authentication determination result 127), it proceeds to S408.

[0036] In S408, the authentication means 112 executes the process for when authentication using biometric information fails. In the example shown in Figure 4, if authentication using biometric information fails, the authentication means 112 repeats the authentication process for the person being authenticated (visitor) shown in S402 to S403 until a predetermined maximum number of repetitions is reached. In this case, the authentication means 112 determines in S408 whether the number of times the authentication of the person being authenticated, shown in S402, has failed has exceeded the maximum number of repetitions. If the authentication means 112 determines in S408 that the number of times the authenticated person has failed to authenticate has not exceeded the repeated limit, it proceeds to S402. In this case, the processes in S402 to S403 will be executed again. Then, if the authentication means 112 determines in S408 that the number of times the authentication of the person to be authenticated has failed has repeatedly exceeded the upper limit, it proceeds to S409.

[0037] In S409, the authentication means 112 notifies the person being authenticated that authentication has failed. As a specific example, the authentication means 112 may present the message to the person being authenticated by displaying a message on a display unit 106, such as a display, which is positioned at the entrance so that the person being authenticated can see it, prompting the person to exit the entrance because authentication has failed.

[0038] Furthermore, in S404, the authentication means 112 executes processing for successful authentication using biometric information. In the example shown in Figure 4, the authentication means 112 has successfully authenticated using biometric information, so it opens the entrance door (gate) at the entrance and allows one visitor (i.e., the authenticated person) to pass through. In this case, for example, a control means (not shown) for controlling the opening and closing of the entrance door can be provided, and the entrance door can be opened and closed according to the authentication result by operating the control means in response to instructions from the authentication means 112. Note that since publicly known technology can be used for controlling the opening and closing of the entrance door, a detailed explanation is omitted. Also, the processing in S404 is just one example of processing that grants some kind of authority to a user who has successfully been authenticated, and does not limit the scope of application of the technology related to this disclosure.

[0039] In S405, the authentication means 112 requests the authentication management means 113, which will be described later, to execute the process for successful authentication. At this time, the authentication means 112 includes in the message it sends to the authentication management means 113 as the above request information (for example, identification information to identify the request information) and information indicating the user ID of the user who has been successfully authenticated. In S406, the authentication means 112 notifies the user who has successfully authenticated that their entry has been confirmed. The method of this notification can be the same as described in the processing of S202 in Figure 2, such as sending an email to the contact information registered in the registered user information list 122.

[0040] In S406, the authentication means 112 determines whether the termination conditions for the series of processes related to visitor authentication shown in Figure 4 have been met. If the authentication means 112 determines in S406 that the conditions for terminating the series of processes related to visitor authentication have not been met, it proceeds to S401. In this case, the authentication means 112 continues the process related to visitor authentication. Then, if the authentication means 112 determines in S406 that the conditions for terminating the series of processes related to visitor authentication have been met, it terminates the series of processes shown in Figure 4. Regarding the termination determination shown as S406, a detailed explanation is omitted because it is essentially the same as the processing in S203 in the example shown in Figure 2.

[0041] In the example shown in Figure 4, the S402 process describes the application of facial recognition using biometric information extracted from a facial image to the authentication of visitors. However, this does not limit the scope of application of the technology disclosed herein. As a specific example, other authentication methods using biometric information, such as gait recognition, fingerprint recognition, palm vein recognition, and iris recognition, may also be applied. Furthermore, even when using biometric information of the face of the person to be authenticated for authentication, the method is not limited to an authentication method that extracts and uses such biometric information from a brightness image. Other methods, such as authentication methods using distance imaging, may also be applied.

[0042] Next, with reference to Figure 5, an example of the process related to the management of authentication of the authenticated person by the authentication management means 113 will be explained. In S501, the authentication management means 113 waits for processing requests from the authentication initiation means 111, shown as the process in S302 in Figure 3, and from the authentication means 112, shown as the process in S405 in Figure 4. When the authentication management means 113 receives a processing request as exemplified above, it proceeds to S502. When the authentication management means 113 receives a processing request as exemplified above, it recognizes the content of the requested processing and the user ID of the authenticated person to be processed, based on the information contained in the request. For convenience, in the following explanation, the user ID of the authenticated person to be processed will also be referred to as the managed ID to distinguish it from other user IDs. Furthermore, the authentication management means 113 also proceeds to S502 if the period during which no processing request as exemplified above is sent exceeds a pre-set timeout period (i.e., the waiting for processing requests times out).

[0043] In S502, the authentication management means 113 switches the processing to be executed thereafter according to the status of receiving the processing request in S501. If the authentication management means 113 receives a processing request from the authentication initiation means 111 in S501 (i.e., the processing request shown as processing S302 in Figure 3), it proceeds to S503. In this case, the management processing for when an instruction to start authentication using biometric information from the user (i.e., an instruction to start the authentication validity period) is received will be executed in S503 to S506, which will be described later. In response to this, if the authentication management means 113 receives a processing request from the authentication means 112 in S501 (i.e., the processing request shown as processing S405 in Figure 4), it proceeds to S507. In this case, the management processing for when the authentication of the authenticated user (in other words, visitor) is successful will be executed in S507-S508, which will be described later. Furthermore, as mentioned above, the authentication management means 113 periodically times out the waiting for processing requests, as indicated in S501. Therefore, if the waiting for processing requests times out in S501, the authentication management means 113 proceeds to S509.

[0044] First, let's explain the processes in S503 to S506. Processes S503 to S506 are management processes that enable authentication using biometric information for users corresponding to managed IDs, in response to receiving a user's instruction to start authentication using biometric information.

[0045] In S503, the authentication management means 113 compares the managed ID obtained from the processing request received in S501 with the list of admitted users 123 in the second memory 104 to determine whether the user corresponding to the managed ID has already entered. For example, Figure 8 shows an example of the data structure of the List of Entered Users 123. The List of Entered Users 123 manages data for users whose entry has been confirmed, including User ID 801, entry image 802, entry confirmation time 803, entry biometric information 804, and authentication start time 805. User ID 801 indicates the User ID assigned to the target user (i.e., a registered user). Entry image 802 indicates the image of the target user taken when they entered (i.e., the image used for authentication). Entry confirmation time 803 indicates the time when the target user's entry was confirmed. Entry biometric information 804 indicates the biometric information used for authentication when the target user entered. Authentication start time 805 indicates the time when the instruction to start authentication using biometric information was received from the target user. Now, let's refer to Figure 5 again. The authentication management means 113 determines that a user corresponding to a managed ID has already entered if there is data in the series of data registered in the list of entered users 123 in which user ID 801 matches the managed ID. If the authentication management means 113 determines in S503 that the user corresponding to the managed ID has already entered, it proceeds to S506. On the other hand, if the authentication management means 113 determines in S503 that the user corresponding to the managed ID has not yet entered, it proceeds to S504.

[0046] In S504, the authentication management means 113 adds the user information of the user corresponding to the managed ID to the matching list 124. Specifically, the authentication management means 113 extracts and copies the biometric characteristic information of the user corresponding to the managed ID from the registered user information list 122 in the second memory 104, and generates data that associates the managed ID with the biometric characteristic information. At this time, the authentication management means 113 also includes information indicating the time at this time (in other words, the time when the instruction to start authentication using the biometric characteristic information was received) as the authentication start time in the data. Then, the authentication management means 113 stores the generated data in the matching list 124 as the user information of the user corresponding to the managed ID. If user information for the user corresponding to the managed ID already exists, the authentication management means 113 overwrites it with the newly generated user information. In this case, the authentication validity period for the target user is extended. In S505, the authentication management means 113 returns information to the authentication initiation means 111 indicating that the user information of the target user (i.e., the user corresponding to the managed ID) has been added to the matching list 124.

[0047] In S506, the authentication management means 113 returns information to the authentication initiation means 111 indicating that the target user (i.e., the user corresponding to the managed ID) has already entered.

[0048] Next, we will explain the processes in S507-S508. Processes S507-S508 are administrative processes that are executed when the authentication of the authenticated user (in other words, the visitor) is successful.

[0049] In S507, the authentication management means 113 stores data in the second memory 104's list of admitted users 123 that associates the user ID 801, the image at the time of entry 802, the entry confirmation time 803, the biometric information at the time of entry 804, and the authentication start time 805. The user ID 801 is the managed ID. The image at the time of entry 802 is the entrant image 120 in the second memory 104. The entry confirmation time 803 is the time when the process in S507 was executed. The biometric information at the time of entry 804 is the entrant characteristic information 121 in the second memory 104 (i.e., the biometric information extracted from the entrant image 120). For the authentication start time 805, the authentication start time registered in association with the managed ID in the matching list 124 is copied and applied. The data stored in the list of admitted users 123 may include other information besides the information exemplified above. As a specific example, if there are multiple entrances, information indicating which entrance a user entered through may be managed by data stored in the list of entered users 123. In S508, the authentication management means 113 deletes the information corresponding to the managed ID from the matching list 124 in the second memory 104.

[0050] Next, the processes S509 to S512 will be explained. The processes S509 to S512 are management processes that restrict authentication to users whose authentication validity period has expired, preventing them from succeeding. Even if the processes S503 to S506 or S507 to S508 are executed, the processes S509 to S512 will be executed after those processes have been completed. Also, as mentioned above, if the process S501 times out, the authentication management means 113 proceeds to process S509 as the result of the determination in S502.

[0051] In S509, the authentication management means 113 checks whether there are any users whose authentication validity period using biometric information has expired, based on the authentication start time in the data registered in the matching list 124, the current time, and the time limit 128 in the second memory 104. Specifically, if the time obtained by adding the time limit 128 to the authentication start time has passed the current time, it is possible to determine that the user corresponding to the user ID associated with that authentication start time has had their authentication validity period expire. If there are any users whose authentication validity period (i.e., the expiration date of authentication using biometric information) has expired, the authentication management means 113 deletes the information about those users from the matching list 124. In S510, the authentication management means 113 notifies the user whose information was removed from the matching list 124 in S509 that the authentication using biometric characteristics has expired. The method of this notification can be the same as described in the processing of S202 in Figure 2, such as sending an email to the contact information registered in the registered user information list 122. In S511, the authentication management means 113 records the number of IDs whose information was removed from the matching list 124 in S509, along with the current time, as an expired record 129 in the second memory 104. The information recorded as the expired record 129 is used to understand the activities of users whose authentication using biometric information has expired. An example of processing using the information recorded as the expired record 129 will be described in detail separately as Modification 2.

[0052] In S512, the authentication management means 113 determines whether the termination conditions for the series of processes related to the authentication management of the authenticated person shown in Figure 5 have been met. If the authentication management means 113 determines in S512 that the conditions for terminating the series of processes related to the authentication management of the authenticated person have not been met, it proceeds to S501. In this case, the authentication management means 113 continues the processes related to the authentication management of the authenticated person. Then, if the authentication management means 113 determines in S512 that the conditions for terminating the series of processes related to the authentication management of the authenticated person have been met, it terminates the series of processes shown in Figure 5. Regarding the termination determination shown as S512, a detailed explanation is omitted because it is essentially the same as the process in S203 in the example shown in Figure 2.

[0053] The above describes an example of the processing performed by the information processing device according to this embodiment. In this embodiment, the authentication management means 113 has been described as managing the validity period of authentication using biometric information (i.e., the authentication validity period) for a given user by adding or deleting user information from the matching list 124. However, the method of managing the authentication validity period for each user is not particularly limited, as long as it is possible to do so. As a specific example, the authentication management means 113 may manage a flag indicating whether authentication using biometric information is valid or invalid by adding a flag to the data registered in the registered user information list 122, based on the authentication start time and the time limit. In this case, the authentication means 112 can perform user ID matching and authentication based on the result of matching for registered users for whom this flag is valid. Furthermore, the authentication start time 703 (i.e., the time when the start of authentication using biometric information was accepted), which is managed by the data registered in the matching list 124, may also be managed by the data registered in the registered user information list 122.

[0054] By applying the configuration and processing described above, users can set their own authentication validity period for using their biometric information. This prevents situations where a user is mistaken for another person with similar biometric information, even if such a person is registered, outside of the authentication validity period set according to the user's instructions.

[0055] More specifically, in this embodiment, the matching list 124, which includes data only for users for whom authentication using biometric characteristics is enabled, is a smaller list than the registered user information list 122, which includes data for all registered users. Therefore, even if the registered user information list 122 contains data for other individuals whose biometric characteristics are similar to those of the user being authenticated, the possibility of such other individuals' data being included in the matching list 124 is reduced. In this way, the occurrence of misauthentication, such as misidentifying the user being authenticated with another individual whose biometric characteristics are similar to those of the user being authenticated, can be reduced, and thus the accuracy of authentication using biometric characteristics (e.g., facial recognition) can be expected to be improved. This is because the user themselves sets the period during which they are seeking authentication (i.e., the authentication validity period), so if authentication is successful within that period, there is a very high probability that the person being authenticated is indeed the user themselves. In addition, under these circumstances, it is unlikely that another person with similar biometric characteristics to the user mentioned above would attempt to enter and succeed without initiating authentication using biometric characteristics. As a result, even if the accuracy of authentication using biometric characteristics itself is not necessarily sufficient, it is expected that the risk of misauthentication can be further reduced without the need for cumbersome operations such as combining it with other authentication methods.

[0056] Furthermore, due to the characteristics described above, even in situations where it is difficult to detect someone's disguise, such as when another person attempts to gain unauthorized access by impersonating a registered user, this system is expected to be effective in preventing such unauthorized access. This is because, in order for someone in disguise to gain access, they must enter between the time the real user initiates authentication using biometric information and the completion of the access verification process, but it is difficult for the disguised person to know the exact time the real user gives this instruction.

[0057] Furthermore, in situations where the number of visitors is relatively large, and a malicious person attempts to gain unauthorized entry expecting that a registered user similar to themselves exists, this method is expected to be effective in preventing such unauthorized entry. This is because the authentication method 112 performs matching processing for authentication using biometric information on a matching list 124 that contains only a small portion of the data registered in the registered user information list 122. Therefore, even if a registered user with biometric information similar to that of a malicious person exists, under limited conditions such as the timing when the malicious person attempts to enter, the possibility that the data of that registered user is included in the matching list 124 is low. Due to these characteristics, this method is expected to be effective in preventing unauthorized entry by malicious individuals as described above.

[0058] Furthermore, as mentioned above, the list length of the matching list 124 (i.e., the number of entries in the registered data) can be made smaller than the list length of the registered user information list 122. Therefore, when authenticating a person, the processing load related to matching biometric characteristic information is reduced compared to performing a matching process against the registered user information list 122, making it possible to speed up the matching process.

[0059] <Variation> Modified examples of the information processing device according to this embodiment are described below.

[0060] (Variation 1) First, as Modification 1, we will describe an example of how the technology related to this disclosure can be applied in a situation where authentication devices utilizing biometric information are installed at multiple entrances. As a specific example, large stadiums and the like may have multiple entrances, and in such cases, it is conceivable that authentication devices are installed at each entrance to authenticate entrants. In this modified example, as in the embodiment described above, processing is performed by the authentication start instruction receiving means 110, the authentication start means 111, the authentication means 112, and the authentication management means 113. However, among the processing performed by these processing means, processing that requires management for each entrance is performed individually by processing means provided for each entrance (in other words, for each location where user authentication is performed). Specifically, the process of presenting a web page 130 for receiving an authentication initiation instruction using biometric characteristic information by the authentication initiation instruction receiving means 110, as explained with reference to Figure 2, can be implemented as a common process across multiple entrances. On the other hand, the process of requesting authentication initiation processing from the authentication means 112 in response to receiving an authentication initiation instruction using biometric characteristic information by the authentication initiation means 111, as explained with reference to Figure 3, is executed individually for each place where authentication is performed (for example, each entrance). Furthermore, the processing of the authentication means 112 and the authentication management means 113 are also executed individually for each place where authentication is performed (for example, each entrance). Therefore, in this modified example, the authentication initiation instruction receiving means 110 may be provided as a common processing means across multiple entrances, while the authentication initiation means 111, the authentication means 112, and the authentication management means 113 may be provided individually for each place where authentication is performed.

[0061] In Modification 1, the message exchange between the authentication initiation means 111 and the authentication means 112 and the authentication management means 113 is performed between processing means associated with the same entrance, which is different from the embodiment described above. Furthermore, the areas in the second memory 104 accessed by these processing means are also managed individually for each entrance. However, the areas for managing the registered user information list 122 and the list of users who have entered 123 are reserved as a common area in the second memory 104 across multiple entrances, and access to this common area is performed from the processing corresponding to each entrance.

[0062] Here, we will explain the process by which the authentication initiation instruction receiving means 110 receives an instruction from the user to initiate authentication using biometric characteristic information (i.e., an instruction to start the authentication validity period), focusing on the parts that differ from the embodiments described above. For example, Figure 10 shows an example of a web page 130 for the authentication start instruction receiving means 110 according to this modified example to receive an instruction from a user to start authentication. In the example shown in Figure 10, the web page 130 displays an input area 1001 for receiving the user ID, an input area 1002 for receiving the specification of the entrance gate to be used for entry, and an authentication start button 1003. The input area 1001 and the authentication start button 1003 correspond to the input area 901 and the authentication start button 902 in the example shown in Figure 9. On the other hand, as can be seen by comparing Figure 9 and Figure 10, the example shown in Figure 10 differs from the example shown in Figure 9 in that an input area 1002 for receiving the specification of the entrance gate is provided.

[0063] Next, with reference to Figure 2, an example of the processing related to receiving an authentication initiation instruction using biometric characteristic information by the authentication initiation instruction receiving means 110 according to this modified example will be described, with particular attention paid to the parts that differ from the embodiment described above.

[0064] In this modified example, when the authentication start button 1003 is pressed on the web page shown in Figure 10, the authentication start button 1003 is detected in S201 shown in Figure 2. At this time, the authentication start button 110 acquires the user ID entered in input area 1001 and the entrance information entered in input area 1002, thereby recognizing the user ID of the target user and the entrance used for entry (i.e., the place where entry takes place). In S202, the authentication start instruction receiving means 110 receives an authentication start instruction using biometric characteristic information for the user to whom the user ID is assigned, based on the user ID and entrance gate information acquired in S201, targeting the entrance gate indicated by the entrance gate information. At this time, if each processing means that executes the processing based on the start instruction is individually provided for each entrance gate, the authentication start instruction receiving means 110 sends a message indicating the received start instruction to the authentication start means 111 corresponding to the entrance gate. The message includes the user ID, which enables the processing means (e.g., the authentication start means 111) individually provided for each entrance gate to recognize the target user. The message may also include the entrance gate information. In this case, the authentication management means 113 in this modified example may add the entrance gate information to the data when registering the data to the entered user list 123 in the processing corresponding to S507 in Figure 5. Furthermore, as mentioned above, subsequent processing involves message exchange between the authentication initiation means 111 and the authentication means 112, and the authentication management means 113, which are all handled by processing means associated with a common entrance. This makes it possible to individually manage the authentication validity period for each user at each entrance.

[0065] By applying the configuration and processing described above, it becomes possible to further limit the number of users who attempt authentication using biometric information within the validity period of authentication at a given entrance compared to the previously described embodiment. In other words, the matching list 124 managed individually for each entrance can be made even smaller in size compared to the matching list 124 in the previously described embodiment. This further reduces the possibility that data of other individuals with similar biometric characteristics to the user being authenticated is included in the matching list 124, even if the registered user information list 122 contains data of other individuals with similar biometric characteristics. In other words, unless the authentication validity periods of multiple users with similar biometric characteristics overlap and the same entry point is specified, the occurrence of users being mistaken for each other is prevented. In this way, the occurrence of misauthentication, such as misidentifying the authenticated user with another individual with similar biometric characteristics, can be further reduced, and is expected to further improve the accuracy of authentication using biometric characteristics. Furthermore, as mentioned above, the size of the matching list 124 can be further reduced, thereby reducing the processing load related to matching biometric feature information and, consequently, enabling faster matching. Given these characteristics, in situations where multiple entrances are provided, such as at a large-scale event venue where a large number of attendees are expected, applying the technology related to this modified version makes it possible to more effectively reap the benefits of the effects described above.

[0066] (Modification 2) Next, as a modification example 2, we will describe an example in which the time limit managed as time limit 128 in the second memory 104 is adjusted according to the circumstances at the time. As mentioned above, in a system to which the technology related to this disclosure is applied, the risk of misauthentication, such as misidentification with another person whose biometric characteristics are similar, is reduced by having the user being authenticated limit the period during which authentication using biometric characteristics is enabled. On the other hand, it is conceivable that situations may arise in which it becomes difficult for a user to perform authentication for entry within the time limit due to sudden congestion at the entrance or some kind of trouble. In such circumstances, for example, having each of the users in a series of users attempting to perform authentication for entry issue a new instruction to start authentication using biometric characteristics would be inconvenient for each user and could even exacerbate congestion. Assuming such a situation, this modification describes an example of a mechanism that allows the time limit managed as time limit 128 in the second memory 104 to be flexibly adjusted according to the circumstances at the time. From this point forward, users who are determined not to have entered the system within the authentication validity period despite being instructed to initiate authentication using biometric characteristics will, for convenience, be referred to as expired users.

[0067] First, referring to Figure 11, an example of the configuration of the information processing device according to this modified example will be described, focusing on the differences from the previously described embodiment. As can be seen by comparing Figure 11 and Figure 2, the information processing device according to this modified example differs from the previously described embodiment in that a time limit adjustment means 114 is added to the first memory 103. In addition, the second memory 104 can store an initial time limit 131 and a maximum time limit 132. The initial time limit 131 is the time limit used when the number of expired users is within the initially expected range, and is applied as the default value of the time limit managed as time limit 128. The maximum time limit 132 is the upper limit value of the time limit when the time limit managed as time limit 128 is adjusted. Both the initial time limit 131 and the maximum time limit 132 are set in advance. In the previously described embodiment, the time limit was a fixed value set in advance, but in this modified example, the time limit managed as time limit 128 can be adjusted as needed according to the situation at the time by a method described later.

[0068] Next, the processing of the information processing device according to this modified example will be described. The overall processing of the information processing device according to this modified example is started by activating the authentication start instruction receiving means 110, the authentication start means 111, the authentication means 112, and the authentication management means 113, similar to the embodiment described above. In this modified example, the time limit adjustment means 114 is also activated in the same manner.

[0069] Here, with reference to Figure 12, an example of the process related to adjusting the time limit by the time limit adjustment means 114 will be described. In the example shown in Figure 12, the time limit is adjusted based on the expiration record 129 in the second memory 104. As mentioned above, the expiration record 129 records the number of users who have been determined to be expired users for each time the determination was made.

[0070] In S1201, the time limit adjustment means 114 aggregates the hourly average of the number of users previously determined to be expired users from the expiration record 129. Here, the time limit adjustment means 114 aggregates the hourly average of the number of users determined to be expired users within the most recent predetermined time. As a more specific example, if the predetermined time is set to 10 minutes, the time limit adjustment means 114 will aggregate the hourly average of the number of users determined to be expired users within the most recent 10 minutes. In other words, in this case, the time limit adjustment means 114 will calculate the moving average of the number of expired users with a 10-minute interval. The hourly average of the number of users determined to be expired users within the most recent predetermined time, calculated in S1201, will hereafter be referred to as the average value R for convenience.

[0071] In S1202, the time limit adjustment means 114 adjusts the time limit based on the average value R calculated in S1201. As a specific example, if the average value R is below a predetermined threshold, the time limit adjustment means 114 sets the time limit to a predetermined time. On the other hand, if the average value R exceeds the threshold, the time limit adjustment means 114 adjusts the time limit so that it becomes longer, but not exceeding the maximum time limit 132. For example, if the adjusted time limit is T, the time limit T is calculated based on the calculation formula shown as equation (1) below.

[0072]

number

[0073] In the above (Equation 1), Tmax represents the maximum time limit 132 held in the second memory 104. T0 represents the initial time limit 131 held in the second memory 104. A value smaller than Tmax is set for T0. r0 is a threshold for determining whether or not to adjust the average value R. That is, as long as the average value R does not exceed the threshold r0, the time limit will not be adjusted. a is the increase rate for the adjustment when the time limit is adjusted. That is, if the average value R is greater than the threshold r0, the adjusted time limit T will be calculated as a time corresponding to the average value R and the increase rate a. The time limit adjustment means 114 stores the adjusted time limit T calculated based on equation (1) as the time limit 128 in the second memory 104. The values ​​applied as the average value R, threshold r0, and increase rate a are not shown in the figure, but they can be stored in the second memory 104 as appropriate.

[0074] In S1203, the time limit adjustment means 114 determines whether or not the termination conditions for the series of processes related to adjusting the time limit shown in Figure 12 have been met. If the time limit adjustment means 114 determines in S1203 that the termination conditions for the series of processes related to adjusting the time limit have not been met, it proceeds to S1204. In this case, in S1204, the time limit adjustment means 114 sleeps for a predetermined amount of time and then continues the process related to adjusting the time limit. Note that the series of processes shown in Figure 12 only need to be executed periodically at certain time intervals, so the sleep time in S1204 can be set appropriately according to the expected use case. Then, if the time limit adjustment means 114 determines in S1203 that the conditions for ending the series of processes related to adjusting the time limit have been met, it terminates the series of processes shown in Figure 12. Regarding the termination determination shown as S1203, a detailed explanation is omitted because it is essentially the same as the processing in S203 in the example shown in Figure 2.

[0075] It should be noted that the processing of the time limit adjustment means 114 described above is merely an example and does not necessarily limit the method of adjusting the time limit using the time limit adjustment means 114. For example, a sensor may be installed at the entrance to detect the number of visitors, and if the sensor detects an increase in the number of visitors, a process may be applied to adjust the time limit, which is managed as a time limit of 128, to be longer. As another example, users whose entry was confirmed within a predetermined time period from the entry confirmation time 803 recorded in the entered user list 123 may be extracted, and the above time limit may be adjusted according to the average period from when the user gives the authentication start command until they actually enter. The period from when the user gives the authentication start command until they actually enter can be calculated as the time from the authentication start time 805 to the entry confirmation time 803 recorded in the entered user list 123. In this case, the time limit adjustment means 114 should adjust the above time limit to be longer if the period from when the user gives the authentication start command until they actually enter is longer than the period initially expected. Furthermore, the time limit adjustment means 114 may adjust the time limit managed as the time limit 128 in response to instructions from the operator. In this case, the operator will manually adjust the time limit 128 according to the situation at the time. In this case, the time limit adjustment means 114 can receive input from the operator via an input interface such as the input unit 105 shown in Figure 11, and store the time limit specified in response to the input as the time limit 128 in the second memory 104. In this case, the time limit adjustment means 114 may also present information to the operator via the display unit 106 or the like that can be used by the operator to judge the situation at the time. As a specific example, the time limit adjustment means 114 may assist the operator in judging the situation at the time by displaying the number of expired users or images (e.g., moving images) corresponding to the image capture results of the entrance on the display unit 106 configured as a display.

[0076] Furthermore, the technology relating to this modified example can also be applied to a configuration in which the authentication management means 113 is provided individually for each entrance, as described in Modified Example 1 above. In this case, the time limit adjustment means 114 may also be provided individually for each entrance.

[0077] Furthermore, the time limit adjustment means 114 may, when the time limit is extended from the initial time limit 131, notify users whose data is stored in the matching list 124 that the time limit has been extended. By applying such control, for example, in situations where a user is queuing to authenticate at the entrance due to congestion, it becomes possible to notify the user that the time limit has been extended. This is expected to prevent situations where users who have not yet completed authentication despite their authentication expiration date being approaching may become confused due to the misunderstanding that they cannot authenticate due to congestion or other reasons.

[0078] Thus, this modified version makes it possible to appropriately adjust the time limit according to the situation at the time, even if the impact of congestion at the entrance becomes greater than anticipated. This makes it possible to extend the time limit without having to resend the authentication start notification using biometric information to users who have not been able to authenticate within the time limit due to congestion, etc. This is expected to have the effect of suppressing situations such as a large number of users unintentionally exceeding the time limit due to force majeure, and further congestion at the entrance caused by such situations.

[0079] <Other Embodiments> The present invention can also be realized by supplying a program that implements one or more of the functions of the above-described embodiments to a system or device via a network or storage medium, and by having one or more processors in the computer of that system or device read and execute the program. It can also be realized by a circuit (e.g., an ASIC) that implements one or more functions. [Explanation of Symbols]

[0080] 110 Authentication Initiation Instruction Reception Method 111 Authentication Initiation Method 112 Authentication methods 113 Authentication Management Methods

Claims

1. A receiving means that receives an instruction from a user to be authenticated via the network to start the authentication validity period that activates the authentication of the said user, A management means for managing the period from the time the aforementioned start instruction is received until a predetermined time limit has elapsed as the authentication validity period, During the authentication validity period, an authentication means performs authentication of the user by comparing the user's biometric information with one or more biometric information registered in advance. Equipped with, The aforementioned start instruction includes information indicating the location where the user authentication takes place. The management means manages the authentication validity period for each location, which enables authentication of the user using one or more pre-registered biometric characteristics. An information processing device characterized by the following:

2. A receiving means that receives an instruction from a user to be authenticated via the network to start the authentication validity period that activates the authentication of the said user, A management means for managing the period from the time the aforementioned start instruction is received until a predetermined time limit has elapsed as the authentication validity period, During the authentication validity period, an authentication means performs authentication of the user by comparing the user's biometric information with one or more biometric information registered in advance. An adjustment means for adjusting the time limit based on at least one of the following conditions: information corresponding to the number of users whose authentication validity period has expired in the past, information corresponding to the number of users subject to authentication, and information corresponding to the number of users who have been authenticated per hour; Equipped with, The management means manages the authentication validity period based on the time limit adjusted by the adjustment means. An information processing device characterized by the following:

3. A receiving means that receives an instruction from a user to be authenticated via the network to start the authentication validity period that activates the authentication of the said user, A management means for managing the period from the time the aforementioned start instruction is received until a predetermined time limit has elapsed as the authentication validity period, During the authentication validity period, an authentication means performs authentication of the user by comparing the user's biometric information with one or more biometric information registered in advance. Equipped with, The reception means presents a web page to the user via a terminal device connected via the network, and receives an instruction from the user to start the authentication validity period via the web page. An information processing device characterized by the following:

4. The information processing apparatus according to any one of claims 1 to 3, characterized in that the authentication means restricts the authentication of the user using one or more pre-registered biometric characteristics during periods other than the authentication validity period.

5. The information processing apparatus according to any one of claims 1 to 4, characterized in that the biometric information is biometric information derived from the user's face.

6. The information processing apparatus according to claim 3, characterized in that the receiving means transmits access information for accessing the web page to the terminal device.

7. An information processing method performed by an information processing device, A reception step that receives a notification from a user to be authenticated via the network to start the authentication validity period that enables the authentication of that user, A management step that manages the period from when the aforementioned start instruction is received until a predetermined time limit has elapsed as the authentication validity period, During the authentication validity period, an authentication step is performed to authenticate the user by comparing the user's biometric information with one or more biometric information registered in advance. Includes, The aforementioned start instruction includes information indicating the location where the user authentication takes place. The management step manages the authentication validity period for each location, which enables authentication of the user using one or more pre-registered biometric characteristics. An information processing method characterized by the following:

8. An information processing method performed by an information processing device, A reception step that receives a notification from a user to be authenticated via the network to start the authentication validity period that enables the authentication of that user, A management step that manages the period from when the aforementioned start instruction is received until a predetermined time limit has elapsed as the authentication validity period, During the authentication validity period, an authentication step is performed to authenticate the user by comparing the user's biometric information with one or more biometric information registered in advance. An adjustment step to adjust the time limit based on at least one of the following conditions: information corresponding to the number of users whose authentication validity period has expired in the past, information corresponding to the number of users subject to authentication, and information corresponding to the number of users who have been authenticated per hour; Includes, The management step manages the authentication validity period based on the time limit adjusted in the adjustment step. An information processing method characterized by the following:

9. An information processing method performed by an information processing device, A reception step that receives a notification from a user to be authenticated via the network to start the authentication validity period that enables the authentication of that user, A management step that manages the period from when the aforementioned start instruction is received until a predetermined time limit has elapsed as the authentication validity period, During the authentication validity period, an authentication step is performed to authenticate the user by comparing the user's biometric information with one or more biometric information registered in advance. Includes, The reception step involves presenting a web page to the user via a terminal device connected through the network, and receiving an instruction from the user to start the authentication validity period via the web page. An information processing method characterized by the following:

10. A program for causing a computer to function as one of the means of an information processing device according to any one of claims 1 to 6.