Application programs, information processing devices, and service delivery systems

The integration of biometric authentication on user terminals addresses security and convenience issues in call centers, ensuring secure and efficient identity verification.

JP7875397B1Active Publication Date: 2026-06-17PAYPAY CO LTD

Patent Information

Authority / Receiving Office
JP · JP
Patent Type
Patents
Current Assignee / Owner
PAYPAY CO LTD
Filing Date
2026-02-13
Publication Date
2026-06-17

Smart Images

  • Figure 0007875397000001
    Figure 0007875397000001
  • Figure 0007875397000002
    Figure 0007875397000002
  • Figure 0007875397000003
    Figure 0007875397000003
Patent Text Reader

Abstract

In telephone interactions at call centers and other service counters, the system ensures that user authentication is performed quickly and reliably without exposing sensitive user information. [Solution] The information processing device acquires incoming call events and first identification information (telephone number, etc.) associated with a call via a telephone line, and identifies the user terminal device of the electronic payment service based on this information. The device requests authentication using the biometric authentication function provided by the identified terminal, and upon receiving successful authentication information, it reflects the authenticated status in real time on the operator terminal's display screen. This ensures that secure identity verification is completed during the call, preventing operator errors and fraud.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] The present invention relates to an application program for controlling personal authentication at a support window such as a call center, an information processing device, and a service providing system.

Background Art

[0002] Conventionally, at a window such as a call center that responds to inquiries from users, personal confirmation via a telephone line has been commonly performed. As a typical personal confirmation method, an operator verbally asks the user for their name, date of birth, registered address, or a preset "password", etc., and the user answers this to confirm the match with the registered information (knowledge-based authentication).

[0003] Also, in order to ensure higher security, separate from the voice call channel, a one-time password (OTP) is transmitted to the user's terminal using a short message service (SMS) or email, and during the call, the user reads out the password and enters it for the operator, or a method of having the user enter a PIN number using an interactive voice response device (IVR) or guiding the user to a website to enter a password has also been proposed.

Prior Art Documents

Patent Documents

[0004]

Patent Document 1

Summary of the Invention

Problems to be Solved by the Invention

[0005] However, traditional verbal identity verification methods had several drawbacks. Firstly, they were vulnerable to security risks. When users were making calls in public places, there was a risk of "shoulder surfing," where personal information and authentication credentials could be overheard by third parties. Furthermore, because the system allowed operators to directly access sensitive user information, it was difficult to completely eliminate concerns about information leaks due to internal fraud.

[0006] Secondly, there is a decrease in convenience for both users and operators. Reading out complex numbers or relying on memorization to answer imposes a time and psychological burden on users. At the same time, the increased time required for identity verification puts pressure on the average handling time (AHT) in call centers, significantly hindering operational efficiency.

[0007] Thirdly, there is the issue of channel fragmentation. In systems where the coordination between telephone (voice) and applications (data) is insufficient, there is no adequate mechanism in place to quickly and reliably identify the user's account and establish a secure data communication path when receiving calls from unknown numbers or unregistered numbers.

[0008] This invention was made in consideration of these circumstances, and one of its objectives is to provide an application program, information processing device, and service provision system that dynamically link voice calls and mobile applications, and utilize biometric authentication on the terminal side to perform identity verification quickly and reliably without exposing sensitive information, thereby dramatically improving convenience and security for both users and service counters. [Means for solving the problem]

[0009] One aspect of the present invention is an application program that operates on a user terminal device, which causes the user terminal device to perform the following processes: receiving an authentication request associated with a call session established between the user terminal device and an external call controller via an information processing device; displaying an authentication execution screen using a biometric authentication function provided by the user terminal device in response to the receipt of the authentication request; and, if authentication by the biometric authentication function is successful, transmitting authentication success information to the information processing device to update the authentication status of the operator terminal corresponding to the call session.

[0010] Another aspect of the present invention is an information processing device comprising: an acquisition unit that acquires an incoming call event associated with a call over a telephone line and first identification information associated with the call; an identification unit that identifies a user terminal device of an electronic payment service based on the first identification information; an authentication request unit that requests the identified user terminal device to perform authentication using the biometric authentication function provided by the user terminal device; and a control unit that, upon receiving authentication success information from the user terminal device, reflects an authenticated status to the operator terminal corresponding to the call. [Effects of the Invention]

[0011] According to one aspect of the present invention, advanced user authentication can be completed during a call without transmitting the user's biometric information over the network or disclosing it to the operator. This ensures the confidentiality of information, significantly shortens the authentication process, and enables accurate user identification by eliminating input errors, thereby simultaneously improving the efficiency of call center operations and enhancing the customer experience (UX). [Brief explanation of the drawing]

[0012] [Figure 1] This is an overall configuration diagram of the service provision system according to this embodiment. [Figure 2] This is a diagram showing the overall sequence in this embodiment. [Figure 3]This is a block diagram showing the configuration of the information processing device in this embodiment. [Figure 4] This diagram shows variations in the linking process via IVR in this embodiment. [Figure 5] This figure shows an example of the display of the management interface in this embodiment. [Modes for carrying out the invention]

[0013] The embodiments of the present invention will be described in detail below with reference to the drawings. The service provision system 1 according to this embodiment enables quick and secure identity verification while keeping sensitive information confidential by linking the biometric authentication function on the user terminal device side during the telephone response process at a support desk such as a call center.

[0014] [System Configuration (Figure 1)] Figure 1 is an overall configuration diagram of the service provision system 1 according to this embodiment. The service provision system 1 includes a user terminal device 10 held by the user, an operator terminal 30 operated by a counter operator, an incoming call control device 50 that controls incoming calls on the telephone line, and an information processing device 100 that mediates these via a network NW.

[0015] The user terminal device 10 is a communication terminal such as a smartphone or tablet, and has a payment application 20 installed inside for using electronic payment services, etc. The payment application 20 has the function to perform biometric authentication (facial recognition, fingerprint recognition, etc.) locally on the terminal by cooperating with hardware such as the camera and fingerprint sensor of the user terminal device 10, and biometric authentication APIs provided by the operating system (OS).

[0016] The operator terminal 30 is an information processing device such as a personal computer, and displays the management interface 35 via a browser or dedicated client software. The management interface 35 is linked with a customer relationship management (CRM) system or the like, and displays customer attribute information, call status, and the authentication status described later in real time. A constant connection session using a two-way communication protocol (e.g., WebSocket) is established between the operator terminal 30 and the information processing device 100, and the screen can be updated by push-type notifications from the server side.

[0017] The incoming call control device 50 is a CTI (Computer Telephony Integration) server or PBX (private branch exchange) connected to the public switched telephone network (PSTN) or VoIP network. The incoming call control device 50 has an automatic voice response (IVR) function, establishes a call with the user, obtains the caller phone number (ANI: Automatic Number Identification), and accepts push-button input (DTMF signal) by voice guidance.

[0018] The information processing device 100 is an authentication cooperation server that forms the core of this system, and includes a communication unit 110, an acquisition unit 120, a specifying unit 130, an authentication request unit 140, a control unit 150, and a storage unit 170.

[0019] The storage unit 170 stores user information 172 and session management information 174. The user information 172 manages, for each customer, name, phone number, membership number, card number, and a push token for sending notifications to the user terminal device 10 (payment application 20), etc., in association with each other. The session management information 174 dynamically manages, for each currently ongoing call session, a call ID, associated user identification information, an authentication status (unauthenticated / authenticating / success / failure), and a temporary operation token issued upon successful authentication, etc.

[0020] [Overall Sequence (Figure 2)] Figure 2 is a sequence diagram showing the flow of a series of processes from a phone call incoming to the completion of authentication. First, when the user makes a call to the support desk, the incoming call control device 50 detects an incoming call event (step S10). The incoming call control device 50 issues a unique call ID for the call, acquires the caller phone number (ANI), and notifies these to the acquisition unit 120 of the information processing device 100.

[0021] The specifying unit 130 searches for the user information 172 using the acquired caller phone number as a key, and specifies the corresponding user account and the push token of the payment application 20 (account association). If the caller phone number is not notified or if the call is received from an unregistered number, the specifying unit 130 activates the IVR function of the incoming call control device 50. The IVR prompts the user to input a "member number" or a "temporary verification code" by voice, and the user responds to this with a push button operation. By the acquisition unit 120 acquiring this input value, the specifying unit 130 indirectly specifies the user terminal device 10.

[0022] When the user terminal device 10 is specified, the authentication request unit 140 determines the required authentication strength based on the current inquiry content and the importance (risk level) of the transaction. For example, for a simple address confirmation, only biometric authentication is required, and for the cancellation of a credit card or the approval of a high-value payment, multi-factor authentication that requires the input of a passcode on the payment application 20 in addition to biometric authentication is configured to be required.

[0023] The authentication request unit 140 uses the specified push token to send an authentication request notification to the user terminal device 10 (step S11). The payment application 20 that receives this notification is launched in the foreground and displays an authentication execution screen that prompts for the execution of biometric authentication. When the user performs authentication using the sensor of the terminal, the biometric information is verified in a secure area (such as a secure enclave) within the terminal.

[0024] The payment application 20 returns authentication success information to the information processing device 100, including whether the authentication result was successful or not, and a digital signature that proves the result was generated on a legitimate terminal (step S12).

[0025] When the control unit 150 of the information processing device 100 receives authentication success information, it updates the authentication status of the call in the session management information 174 to "successful". At the same time, the control unit 150 pushes a status change event via the communication channel (WebSocket) to the operator terminal 30. As a result, the "identity verification" display on the operator's management interface 35 immediately switches from "unverified" to "authenticated (biometric authentication)" (step S13).

[0026] Furthermore, the control unit 150 issues a temporary operation token upon successful authentication and activates (enables) specific operation buttons on the management interface 35 (e.g., "Execute Refund," "Change Contract," etc.). This realizes a technical locking mechanism that prevents the operator from performing write operations to the core system until user authentication is physically completed.

[0027] [Details of the linking process via IVR (Figure 4)] Next, referring to Figure 4, the details of the identification of the user terminal device 10 by the identification unit 130 and the linking process with the call session will be explained. In this embodiment, even if the caller's phone number (ANI) cannot be obtained or if the call is received from a phone number not registered in the user information 172, dynamic linking is possible through the following multiple variations (Cases A to C).

[0028] (Case A: Entering the voice-generated code into the app) When the acquisition unit 120 detects an incoming call, the IVR function of the call controller 50 verbally presents the user with a temporary verification code (for example, a four-digit number) generated by the storage unit 170. The user operates the payment application 20 on the user terminal device 10 while continuing the call and enters the verification code. If the input code transmitted from the payment application 20 to the information processing device 100 matches the verification code assigned to the call session, the identification unit 130 links the payment application 20 (user account) with the call session.

[0029] (Case B: Entering the app display code via phone) In the payment application 20, a temporary verification code is displayed based on user operation or triggered by a push notification. The user enters the code displayed on the application screen using the push buttons (DTMF signals) of the phone during a call. If the input value acquired by the acquisition unit 120 via the incoming call control device 50 matches the code issued to the user's payment application 20, the identification unit 130 links the two. This reliably ensures that the terminal in the user's possession and the sender of the phone call are the same entity.

[0030] (Case C: Identification by card number, etc.) The user follows the IVR voice guidance and enters primary identification information, such as the card number or membership number of their electronic payment card. The acquisition unit 120 compares the entered information with the user information 172 and identifies the corresponding account and push token. This makes it possible to guide new terminals without prior phone number registration, or calls from other people's phones, to the biometric authentication flow.

[0031] [Example of operator screen display and control logic (Figure 5)] Figure 5 shows a specific example of the management interface 35 (CRM screen) displayed on the operator terminal 30. The management interface 35 includes a customer basic information area D1, a call status area D2, and an authentication control area D3.

[0032] In the authentication control area D3, the status "Unauthenticated" is displayed before the authentication request unit 140 sends a request, and certain business operation buttons (e.g., the "Point Return" button B5) are controlled to be grayed out (disabled). When the control unit 150 receives authentication success information from the user terminal device 10, it updates the display in area D3 to "Authenticated (Biometric Authentication: Successful)" in real time and issues a temporary operation token based on the session management information 174.

[0033] This operation token is encrypted data valid only for a specific call session and a specific operator ID. The management interface 35 activates high-risk operations such as button B5 only while it holds a valid operation token. This prevents fraudulent operations by physically making access rights to the core system dependent on the user authentication result, rather than simply displaying "Verified" on the screen.

[0034] [Exception handling and fallback] If there is no response within a predetermined time to the biometric authentication request from the authentication request unit 140, or if biometric authentication fails consecutively (for example, three or more times), the control unit 150 displays an error notification on the management interface 35. In this case, the control unit 150 may automatically perform fallback processing and display a screen prompting the operator to perform conventional knowledge-based authentication (such as answering a security question). Furthermore, if biometric authentication is disabled in the payment application 20, the authentication request unit 140 will request the user to enter a passcode within the application as an alternative.

[0035] [Differentiation] The present invention is not limited to the embodiments described above, and various modifications are possible without departing from the spirit of the invention.

[0036] (1) Application to video calls Although the embodiments described above primarily focused on voice-only telephone lines, the present invention is also applicable to video calls (such as web conferencing systems) via web browsers or dedicated applications. In this case, the acquisition unit 120 detects the session establishment event of a video call and acquires participant information (such as email address and account name) of the session as first identification information. The identification unit 130 identifies the payment application 20 based on the participant information and requests authentication on the screen during the call. This makes it possible to complete rigorous biometric authentication via a data channel in parallel with confirming the other party's face during remote contract signing or negotiations for high-value goods.

[0037] (2) Application to face-to-face environments (stores, etc.) The present invention can also be applied to face-to-face interactions at physical store counters. For example, when a customer enters their membership number or other information into a store terminal (corresponding to the operator terminal 30) installed at the counter, the information processing device 100 sends an authentication request to the user terminal device 10. When the user performs biometric authentication on the spot, the status of successful authentication is reflected in real time on the operator's screen, and input authority (operation token) to the core system is granted. This enables paperless and highly secure face-to-face authentication, eliminating the need to fill out paper documents or verify seals.

[0038] (3) Variations in implementation form Each functional unit of the information processing device 100 may be implemented by a single server device, or it may be implemented in a distributed manner by multiple computer resources connected via a network (so-called cloud computing). Furthermore, the payment application 20 does not need to be an independent application; it may be a module embedded in other service applications (banking applications, e-commerce applications, etc.) or a program that runs on a web browser.

[0039] [Hardware configuration] The functional units of the information processing device 100, user terminal device 10, and operator terminal 30 described above are implemented using a typical computer hardware configuration. Specifically, each device includes a processor such as a CPU, main memory such as RAM, auxiliary storage devices such as HDDs, SSDs, and flash memory, a communication interface for communication over a network, and a bus to connect these.

[0040] The auxiliary storage device stores programs that enable the computer to function as each functional unit. The processor loads these programs from the auxiliary storage device into main memory and executes them, thereby performing the aforementioned series of processes (incoming call detection, terminal identification, authentication request, status reflection, operation token issuance, etc.). Note that some or all of the programs may be implemented by dedicated hardware circuits such as ASICs or FPGAs.

[0041] As described above, according to the present invention, by dynamically combining the advanced authentication functions of mobile terminals with existing voice call infrastructure, it is possible to provide a next-generation identity authentication platform that makes impersonation and insider fraud extremely difficult without compromising user convenience. [Explanation of symbols]

[0042] 1. Service Delivery System 10. User terminal device 20 Payment Applications 30 Operator terminals 35 Management Interface 50. Call control device 100 Information Processing Devices 110 Communications Department 120 Acquisition Department 130 Specific section 140 Authentication Request Section 150 Control Unit 170 Storage section 172 User information 174 Session Management Information NW Network

Claims

1. An acquisition unit that acquires an incoming call event associated with a call via a telephone line and first identification information associated with the call, Based on the aforementioned first identification information, an identification unit identifies the user terminal device of a user of the electronic payment service, An authentication request unit requests the identified user terminal device to perform authentication using the biometric authentication function provided by the user terminal device, A control unit that, upon receiving authentication success information from the user terminal device, reflects the authenticated status to the operator terminal corresponding to the call, An information processing device equipped with the following features.

2. The acquisition unit acquires, as the first identification information, at least one of the following: the caller's telephone number, the code information entered via IVR (Interactive Voice Response) related to the call, and the user's card number. The information processing apparatus according to claim 1.

3. The identifying unit links the call with the user terminal device by detecting that a temporary verification code voice-presented to the user via the IVR has been entered into the application on the user terminal device, or that a verification code displayed on the application has been entered via the IVR. The information processing apparatus according to claim 1.

4. The authentication request unit determines a level of authentication strength according to the content of the transaction related to the call, and if the level exceeds a predetermined standard, it requests additional authentication by entering a passcode or a one-time password in addition to the authentication by the biometric authentication function. The information processing apparatus according to claim 1.

5. Upon receiving the authentication success information, the control unit issues a temporary operation token valid for the call session and grants operation rights to the core system via the operator terminal. The information processing apparatus according to claim 1.

6. The control unit reflects the authenticated status on the display screen of the operator terminal in real time via a bidirectional communication path established with the operator terminal. The information processing apparatus according to claim 1.

7. A program for causing a computer to function as an information processing device according to any one of claims 1 to 6.