Information processing device, information processing method, information processing program

The information processing device authenticates digital content by using Verifiable Credentials and Decentralized Identifiers to verify each sub-content, addressing the challenge of distinguishing legitimate from fraudulent content in Web services.

JP7891302B1Active Publication Date: 2026-07-16VERICERTS INC

Patent Information

Authority / Receiving Office
JP · JP
Patent Type
Patents
Current Assignee / Owner
VERICERTS INC
Filing Date
2026-02-16
Publication Date
2026-07-16

AI Technical Summary

Technical Problem

There is a challenge in verifying the authenticity of digital content, particularly in the context of Web services, due to sophisticated phishing sites and fraudulent advertisements, which general users cannot easily distinguish from legitimate content.

Method used

An information processing device that includes a receiving unit, an acquisition unit, an identification unit, a verification unit, and an output control unit to authenticate digital content by associating it with Verifiable Credentials (VCs) and Decentralized Identifiers (DIDs), verifying the authenticity of each sub-content, and providing a verification result.

Benefits of technology

The solution enables the verification of digital content authenticity, ensuring safe content is provided to users by identifying and authenticating each sub-content within the digital content, thereby preventing access to fraudulent sites or advertisements.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure 0007891302000001_ABST
    Figure 0007891302000001_ABST
Patent Text Reader

Abstract

The objective is to provide an information processing device capable of verifying the authenticity of digital content. [Solution] The information processing device comprises a receiving unit for receiving digital content, an acquisition unit for acquiring a Verifiable Credential (VC) associated with the digital content, an identification unit for identifying a Decentralized Identifier (DID) that indicates the issuer who issued the VC included in the VC, a verification unit for verifying the VC based on the DID, and an output control unit for outputting information indicating the verification result by the verification unit.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] The present invention relates to an information processing apparatus, an information processing method, and an information processing program capable of authenticating a person.

Background Art

[0002] In recent years, there is a technology for applying using DID as user authentication when receiving Web services or the like. Patent Document 1 discloses a technology in which a service provider uses an electronic certificate to acquire necessary information when acquiring user credentials (user information).

Prior Art Documents

Patent Documents

[0003]

Patent Document 1

Summary of the Invention

Problems to be Solved by the Invention

[0004] By the way, in Web services and the like, there is a problem that false information such as phishing sites and fraudulent advertisements has been distributed in recent years. The methods of recent phishing sites and fraudulent advertisements have become sophisticated, and there is a problem that general users who use Web services and the like cannot confirm whether the accessed information is legitimate.

[0005] Therefore, the present invention has been made in view of the above problems, and an object thereof is to provide an information processing apparatus capable of verifying the authenticity of digital content.

Means for Solving the Problems

[0006] An information processing device according to one aspect of the present invention comprises: a receiving unit for receiving digital content; an acquisition unit for acquiring a Verifiable Credential (VC) associated with the digital content; an identification unit for identifying a Decentralized Identifier (DID) that indicates the issuer who issued the VC included in the VC; a verification unit for verifying the VC based on the DID; and an output control unit for outputting information indicating the verification result by the verification unit.

[0007] In the above-described information processing device, the digital content may include multiple sub-contents, the acquisition unit may acquire the VC associated with each of the multiple sub-contents, the identification unit may identify the DID contained in each VC, and the verification unit may verify the VC corresponding to the DID of each of the multiple sub-contents based on the DID of the sub-content.

[0008] In the above-described information processing device, the verification unit may generate a verification result indicating that the digital content has been verified when the VC is enabled, and generate a verification result indicating that the digital content has not been verified when the VC is disabled or the acquisition unit is unable to acquire the VC.

[0009] In the above-described information processing device, the output control unit may output information indicating the verification result, showing that the digital content may be unsafe, if the digital content is deemed not to have been verified.

[0010] In the above-described information processing device, the sub-content may be image data, and the acquisition unit may acquire the VC as metadata for the image data.

[0011] In the above-described information processing device, the digital content may be web data, and the acquisition unit may obtain the VC from the HTTP header of the web data.

[0012] In the above-mentioned information processing device, the web data may be information from a phishing site.

[0013] In the above-described information processing device, the digital content may be an email, and the acquisition unit may acquire the VC from the email header of the email.

[0014] In the above-mentioned information processing device, the digital content may be fraudulent advertisements.

[0015] In the above-described information processing device, the information processing device may further include an event acquisition unit that acquires event information generated in relation to digital content, and an association unit that associates the event information acquired by the event acquisition unit with the verification results generated by the verification unit based on the digital content.

[0016] In the above-described information processing device, the information processing device may treat event information as a valid event only if the verification result indicates that the digital content has been verified.

[0017] Furthermore, an information processing method according to one aspect of the present invention involves a computer performing the following steps: an acceptance step of receiving digital content; an acquisition step of obtaining a Verifiable Credential (VC) associated with the digital content; an identification step of identifying a Decentralized Identifier (DID) that indicates the issuer who issued the VC included in the VC; a verification step of verifying the VC based on the DID; and an output control step of outputting information indicating the verification result from the verification step.

[0018] Further, an information processing program according to an aspect of the present invention causes a computer to implement a reception function for receiving digital content, an acquisition function for acquiring a VC (Verifiable Credential) associated with the digital content, a specification function for specifying a DID (Decentralized Identifier) indicating an issuer who issued the VC included in the VC, a verification function for verifying the VC based on the DID, and an output control function for outputting information indicating a verification result by the verification function.

Effect of the Invention

[0019] In an information processing apparatus according to an aspect of the present invention, when digital content is acquired, the authenticity of the entire digital content can be verified, and as a result, for example, safe digital content can be provided to a user.

Brief Description of the Drawings

[0020] [Figure 1] It is a system diagram showing a system configuration example of an information processing apparatus. [Figure 2] It is a block diagram showing a configuration example of a terminal. [Figure 3] It is a block diagram showing a configuration example of a VC verification apparatus. [Figure 4] It is a block diagram showing a configuration example of a VC issuance apparatus. [Figure 5] It is a block diagram showing a configuration example of a DID issuance apparatus. [Figure 6] It is a diagram showing a configuration example of a VC. [Figure 7] It is a flowchart showing an operation example when a terminal acquires digital content. [Figure 8] It is a flowchart showing an operation example of a VC verification apparatus.

Embodiments for Implementing the Invention

[0021] <� Hereinafter, the information processing apparatus 1 according to the present invention will be described in detail with reference to the drawings.

[0022] <Embodiment> <Overview of Information Processing Devices> As shown in Figure 1, in the information processing device, the terminal device 100, the VC verification device 200, the VC (Verifiable Credential) issuing device 300, and the DID issuing device 400 are communicated to each other via the network 500. Although not shown in Figure 1, multiple information processing terminals that hold information related to DID and function as blockchain nodes are connected to the network 500. The system shown in Figure 1 is a system that can verify whether the digital content acquired by the terminal device 100 is fraudulent or not. A detailed explanation of blockchain is omitted as it utilizes existing technology. The VC may be written in JWT format or JSON-LD format.

[0023] In the information processing device according to this embodiment, a user 10 of the terminal device 100 accesses digital content using their terminal device 100. Digital content is electronic data, and is basically data distributed by communication. Examples include, but is not limited to, web data, email, or advertising information. Web data may include phishing sites, fraudulent advertisements, fake news, etc. Digital content may be a single data file or a logical information unit composed of multiple data elements.

[0024] The information processing device according to this embodiment checks whether a VC exists in the digital content, and whether a VC exists in each of the sub-contents contained in the digital content, and further verifies each VC to verify the authenticity of each sub-content and the digital content. If authenticity cannot be verified, the device presents information to the user 10 indicating that the digital content may be fraudulent for some reason. Verifying authenticity means verifying, based on the corresponding VC, whether the DID indicating the issuer or manager of the digital content or the sub-contents contained in the digital content is authentic, and determining whether the content was issued or managed by that entity. Here, the entity may be the creator, distributor, manager of the content, or a person with legitimate authority to use the content.

[0025] Sub-content refers to content contained within digital content, and may include, for example, text data, image data, video data, and audio data. For instance, if the digital content is a web page, sub-content may include the main text, text data indicating contact information, image or video data related to the text, and text or image data such as advertisements unrelated to the main text. Similarly, if the digital content is an email, sub-content may include the text data of the email body, signature data, and image files attached to the email.

[0026] The information processing device determines that digital content is genuine (i.e., not a phishing site, fake news, fraudulent advertisement, or fraudulent email such as a phishing email) if all sub-contents contained within the digital content are associated with a Video Code (VC) and the associated VCs can be verified. In all other cases, the device notifies the user that the digital content is fraudulent to prevent the user from falling for phishing sites or fraudulent advertisements. In addition, one of the objectives of the information processing system is to enable it to track down fraudulent digital content. The VC for sub-content may be, for example, the VC of the person responsible for the text or the person who purchased the document if the sub-content is text data, or the VC of the creator, photographer, or the person who purchased the image if the sub-content is image data.

[0027] The following provides a detailed explanation of each device and its operation.

[0028] <Configuration of terminal device 100> Figure 2 is a block diagram showing an example configuration of the terminal device 100. As shown in Figure 2, the terminal device 100 comprises a communication unit 110, an input unit 120, an output unit 130, a storage unit 140, and a control unit 150. The terminal device 100 is a terminal carried by the user and is a computer system equipped with a processor and memory, which can be realized by a smartphone, tablet device, mobile phone, PC (personal computer), notebook PC, etc.

[0029] The communication unit 110 is a communication interface that has the function of performing communication with external devices via wireless communication. The communication unit 110 may use any communication protocol as long as it can perform communication with external devices. For example, the communication unit 110 can acquire a web page as digital content and transmit it to the control unit 150. Also, for example, the communication unit 110 can receive an email as digital content and transmit it to the control unit 150.

[0030] The input unit 120 is an input interface that receives input from the user of the terminal device 100. The input unit 120 may be implemented by, for example, a touch panel, but is not limited to this, and may also be implemented by input devices such as a keyboard or mouse, or a microphone. The input unit 120 transmits the received input content to the control unit 150. For example, the input unit 120 receives digital content input and transmits it to the control unit 150.

[0031] The output unit 130 is an output interface that outputs information according to instructions from the control unit 150. The output unit 130 may be implemented, for example, by displaying text or images on a monitor or touch panel, or by outputting audio on a speaker. The output unit 130 may output information indicating that the verification of the acquired digital content was successful. For example, if the acquired digital content is a website and it is determined that it may be a phishing site, the output unit 130 will output information indicating that it is a phishing site. Also, for example, if the acquired digital content is an advertisement and it is determined that it is a fraudulent advertisement, the output unit 130 will output information indicating that it is a fraudulent advertisement. Furthermore, the output unit 130 may output information for each sub-content included in the digital content.

[0032] The storage unit 140 has the function of storing various programs and data necessary for the operation of the terminal device 100. The storage unit 140 may be implemented by, for example, an HDD, SSD, flash memory, etc., but is not limited to these. The storage unit 140 may include ROM and RAM. The storage unit 140 may also be implemented by cloud storage. The storage unit 140 may store a VC verification program 141 that accepts digital content input and verifies the authenticity of said digital content.

[0033] The control unit 150 is a processor that has the function of controlling each part of the terminal device 100. The control unit 150 realizes the functions of the terminal device 100 by executing various programs stored in the memory unit 140. The control unit 150 verifies the authenticity of the acquired digital content by executing the VC verification program 141 stored in the memory unit 140.

[0034] Furthermore, the control unit 150 implements the functions of the reception unit 151, the acquisition unit 152, the identification unit 153, the verification unit 154, the output control unit 155, the event acquisition unit 156, and the association unit 157.

[0035] The reception unit 151 receives digital content. The reception unit 151 receives digital content received by the communication unit 110. Alternatively, the reception unit 151 receives digital content input to the input unit 120. The reception unit 151 transmits the received digital content to the acquisition unit 152.

[0036] The acquisition unit 152 acquires the Verifiable Credential (VC) associated with the digital content. The acquisition unit 152 acquires the VC from the digital content transmitted from the receiving unit 151. If the digital content consists of multiple sub-contents, the acquisition unit 152 acquires the VC from all sub-contents. The acquisition unit 152 acquires the VC of the digital content or sub-content that is set for each type of digital content. The VC is acquired from a predetermined location where the VC is set for each type of digital content or sub-content.

[0037] For example, if the digital content is web data, the acquisition unit 152 acquires the VC from meta tags, script tags, or structured data areas embedded within the HTML source code of the web data. Specifically, it extracts the VC from metadata written in the HTML section or from script data written in application / vc+jwt format. The acquisition unit 152 may also extract the VC from the header within the HTML source code.

[0038] Furthermore, for example, if the digital content is an advertisement, the acquisition unit 152 acquires the VC associated with the advertisement identifier embedded in the advertisement data. If the advertisement data is an image file or a video file, the VC may be acquired from the metadata area of ​​the file or from an external VC file that is referenced separately.

[0039] Furthermore, if the digital content is an email, for example, the VC is obtained from the email header. In this case, the VC is contained in the email's extended header field. Specifically, the VC data stored in a predetermined header name (e.g., X-VC-Signature) is extracted.

[0040] Note that the location where the VC is embedded is just an example, and it may be in other locations. The acquisition unit 152 transmits the acquired VC to the identification unit 153, associating it with the target sub-content (or identification information that can uniquely identify the sub-content).

[0041] Furthermore, the acquisition unit 152 also acquires identification information for associating the content hash included in the acquired VC with the hash value of the digital content.

[0042] The identification unit 153 identifies the Decentralized Identifier (DID) that indicates the issuer who issued the VC included in the VC. The identification unit 153 extracts the DID that indicates the issuer who issued the VC from the issuer information included in the VC acquired by the acquisition unit 152. Based on the extracted DID, the identification unit 153 may determine that the DID document corresponding to the DID is an obtainable identifier. The identification unit 153 identifies the respective issuer DID for each VC associated with the digital content and each sub-content.

[0043] The verification unit 154 verifies the VC based on the DID. The verification unit 154 verifies the VC for each sub-content. Based on the issuer DID identified by the identification unit 153, the verification unit 154 obtains the DID document corresponding to the DID and verifies the cryptographic signature contained in the VC using the public key information contained in the DID document.

[0044] The verification unit 154 determines, based on the verification result of the cryptographic signature, whether the VC is genuine and issued by the issuer. The verification unit 154 may also compare the content hash included in the VC with the hash value calculated from the digital content or sub-content to determine whether or not it has been tampered with.

[0045] The verification unit 154 may perform signature verification based on the proof field included in the VC, and may also determine the consistency between the context to which the VC is applied and the actual context by comparing the content hash, content URL, or domain information included in the credentialSubject field with the digital content actually obtained or information based on the environment in which the digital content was obtained.

[0046] Furthermore, the verification unit 154 transmits the acquired VC and the issuer information of the VC to the VC verification device 200 via the communication unit 110, requesting verification of whether the relationship between the VC and the issuer is legitimate. The VC verification device 200, described later, maintains a whitelist showing the correspondence between legitimate VCs and issuers, and determines whether a pair of VCs and issuers is registered based on this whitelist.

[0047] The verification unit 154 acquires the verification results received from the VC verification device 200 and determines the authenticity of each sub-content based on both the cryptographic signature verification results and the whitelist-based verification results. The verification unit 154 then comprehensively evaluates the verification results for each sub-content to determine the authenticity of the entire digital content. The verification unit 154 may also re-evaluate the verification results in accordance with updates to the DID document or the whitelist in the VC verification device 200.

[0048] The output control unit 155 outputs information indicating the verification results from the verification unit 154. Based on the verification results from the verification unit 154, the output control unit 155 outputs information indicating the possibility that the digital content is fraudulent as the verification result. The output control unit 155 causes the output unit 130 of the terminal device 100 to output the verification result. Alternatively, the output control unit 155 may output the verification result by transmitting the information indicating the verification result to an external device via the communication unit 110. The output control unit 155 may control the display mode of the digital content or sub-content based on the verification results from the verification unit 154. The output control unit 155 may display digital content that has been confirmed to be authentic in the normal manner, and may display a warning, change the color, display an icon, display a pop-up, or restrict the display of digital content whose authenticity cannot be confirmed. As an example, if the digital content is web data, the output control unit 155 may output information about the authenticity of the digital content in the form of a pull-down menu to the web browser. Such indications may be made for each sub-content. For example, a trust mark may be displayed if authenticity is confirmed, a warning mark may be displayed if context consistency cannot be confirmed, and a caution may be displayed if a VC does not exist or if the authenticity of the VC cannot be verified.

[0049] The event acquisition unit 156 acquires event information that occurs in relation to digital content. Event information is information that indicates a user's operation or reaction to the digital content or sub-content contained in the digital content, and may include, but is not limited to, views (impressions), clicks, conversions, sharing (sharing on social media, reposting, liking), saving, downloads, etc. The event acquisition unit 156 acquires event information in association with identification information that identifies the digital content or sub-content (e.g., content ID or content hash). The event acquisition unit 156 may also acquire information on the date and time the event occurred, and identification information that identifies the terminal or user that caused the event. The event acquisition unit 156 outputs the event information to the association unit 157 in order to associate it with the verification status of the VC by the verification unit 154.

[0050] The association unit 157 associates the event information acquired by the event acquisition unit 156 with the verification result generated by the verification unit 154 based on the digital content. The association unit 157 associates the event information acquired by the event acquisition unit 156 with the verification result generated by the verification unit 154 based on the identification information that identifies the digital content or the sub-content. The association unit 157 manages the verified events and the unverified events in a distinguishable manner by assigning corresponding verification statuses to each event information. Specifically, the association unit 157 generates traceability information including a content ID, an issuer DID, a verification status, an event type, an event occurrence date and time, and user identification information. The association unit 157 may record the traceability information in the storage unit 140 and retain it as a log capable of detecting tampering. The association unit 157 may also retain the chronological change of the verification status as a log. The association unit 157 may aggregate only the events with a valid verification status as valid events and distinguish the events with a non-existent or invalid verification status as invalid events. This makes it possible to extract and evaluate only the user interactions with the authentic digital content.

[0051] The above is a configuration example of the terminal device 100.

[0052] <Configuration of VC Verification Device 200> FIG. 3 is a block diagram showing a configuration example of the VC verification device 200. As shown in FIG. 3, the VC verification device 200 includes a communication unit 210, an input unit 220, an output unit 230, a storage unit 240, and a control unit 250. The VC verification device 200 is a computer system including a processor and a memory realized by a server device, and has a function of verifying VC.

[0053] The communication unit 210 is a communication interface that has the function of performing communication with external devices via wireless communication. The communication unit 210 may use any communication protocol as long as it can perform communication with external devices. For example, the communication unit 210 receives a VC verification request from the terminal device 100 and transmits it to the control unit 250. The communication unit 210 also transmits the VC verification result to the terminal device 100 as information specified by the control unit 250.

[0054] The input unit 220 is an input interface that receives input from the user of the VC verification device 200. The input unit 220 may be implemented by, for example, a touch panel, but is not limited to this, and may also be implemented by input devices such as a keyboard or mouse, or a microphone. The input unit 220 transmits the received input content to the control unit 250.

[0055] The output unit 230 is an output interface that outputs information according to instructions from the control unit 250. The output unit 230 may be implemented, for example, by displaying text or images on a monitor or touch panel, or by outputting audio on a speaker or the like. The output unit 230 may also output information indicating the verification results of the VC.

[0056] The storage unit 240 has the function of storing various programs and data necessary for the operation of the VC verification device 200. The storage unit 240 may be implemented by, for example, an HDD, SSD, flash memory, etc., but is not limited to these. The storage unit 240 may store programs for verifying VCs by computer processing in response to VC verification requests from the terminal device 100. The storage unit 240 may include ROM and RAM. The storage unit 240 may also be implemented by cloud storage. The storage unit 240 stores a whitelist in which information indicating the issuer that issued the VC is associated with the VC. This whitelist is information that guarantees the issuer of the VC. The whitelist may include expiration date information or revocation information.

[0057] The control unit 250 is a processor having a function of controlling each part of the VC verification device 200. The control unit 250 realizes the functions of the VC verification device 200 by executing various programs stored in the storage unit 240.

[0058] The control unit 250 functions as a VC verification unit 251.

[0059] The VC verification unit 251 verifies the VC based on whether the pair of the VC and the issuer indicated in the VC verification request is registered in the white list of the storage unit 240. When it is registered in the white list, the VC verification unit 251 verifies that the relationship between the VC and the issuer is normal, and when it is not registered, the VC verification unit 251 verifies that the relationship between the VC and the issuer is not normal (illegal). At this time, the VC verification unit 251 may determine that the VC is invalid when the VC indicated in the VC verification request is a VC whose expiration date has passed. The VC verification unit 251 transmits the verification result to the terminal device 100 via the communication unit 210. Also, the VC verification unit 251 may cause the output unit 230 to output the verification result. The above is the configuration of the VC verification device 200.

[0060] <Configuration of VC Issuing Device 300> FIG. 4 is a block diagram showing a configuration example of the VC issuing device 300. As shown in FIG. 4, the VC issuing device 300 includes a communication unit 310, an input unit 320, an output unit 330, a storage unit 340, and a control unit 350. The VC issuing device 300 is a computer system including a processor and a memory realized by a server device, and has a function of issuing a VC.

[0061] The communication unit 310 is a communication interface that has the function of performing communication with an external device via wireless communication. The communication unit 310 may use any communication protocol as long as it can perform communication with an external device. For example, the communication unit 310 receives a VC issuance request from the terminal device 100 and transmits it to the control unit 350. The communication unit 310 also transmits a VC to the terminal device 100 as information specified by the control unit 350.

[0062] The input unit 320 is an input interface that receives input from the user of the VC issuing device 300. The input unit 320 may be implemented by, for example, a touch panel, but is not limited to this, and may also be implemented by input devices such as a keyboard or mouse, or a microphone. The input unit 320 transmits the received input content to the control unit 350.

[0063] The output unit 330 is an output interface that outputs information according to instructions from the control unit 350. The output unit 330 may be implemented, for example, by displaying text or images on a monitor or touch panel, or by outputting audio on a speaker or the like. The output unit 330 may also output information about the issued VC.

[0064] The storage unit 340 has the function of storing various programs and data necessary for the operation of the VC issuing device 300. The storage unit 340 may be implemented by, for example, an HDD, SSD, flash memory, etc., but is not limited to these. The storage unit 340 may store programs, etc., for issuing VCs by computer processing in response to VC issuance requests from the terminal device 100. The storage unit 340 may include ROM and RAM. Furthermore, the storage unit 340 may be implemented by cloud storage.

[0065] The control unit 350 is a processor that has the function of controlling each part of the VC issuing device 300. The control unit 350 realizes the functions of the VC issuing device 300 by executing various programs stored in the storage unit 340.

[0066] The control unit 350 functions as a VC issuing unit 351.

[0067] The VC issuing unit 351 has a function of issuing a VC in response to a VC issuance request received by the communication unit 310. The VC issued by the VC issuing unit 351 is information indicating that the target of the DID related to the device that made the VC issuance request is indeed true (the person is the real person, the thing is the genuine item). When receiving a VC issuance request, the VC issuing unit 351 may, when issuing a VC, make a determination as to whether the DID making the VC issuance request is indeed the person himself / herself, and then issue the VC. The determination may be made, for example, based on whether there is a predetermined relevance between the DID that made the VC issuance request and the device that made the VC issuance request, or the determination may be made by confirming with another server device or the like that holds information related to the DID as to whether the DID making the VC issuance request is indeed the person (the genuine item) himself / herself, but is not limited to these determination methods. The VC issuing unit 351 may issue a VC when it is determined to be true in the said determination. The VC issuing unit 351 transmits the issued VC to the device that made the VC issuance request via the communication unit 310.

[0068] The above is the configuration of the VC issuing device 300.

[0069] <Configuration of the DID issuing device 400> FIG. 5 is a block diagram showing a configuration example of the DID issuing device 400. As shown in FIG. 5, the DID issuing device 400 includes a communication unit 410, an input unit 420, an output unit 430, a storage unit 440, and a control unit 450. As described above, the DID issuing device 400 is a computer system including a processor and a memory realized by a server device.

[0070] The communication unit 410 is a communication interface that has the function of performing communication with an external device via wireless communication. The communication unit 410 may use any communication protocol as long as it can perform communication with an external device. The communication unit 410 transmits the information received from the terminal device 100 to the control unit 450. The communication unit 410 also transmits information specified by the control unit 450, for example, information related to the issued DID, to the terminal device 100.

[0071] The input unit 420 is an input interface that receives input from the user of the terminal device 100. The input unit 420 may be implemented by, for example, a touch panel, but is not limited to this, and may also be implemented by input devices such as a keyboard or mouse, or a microphone. The input unit 420 transmits the received input content to the control unit 450.

[0072] The output unit 430 is an output interface that outputs information according to instructions from the control unit 450. The output unit 430 may be implemented, for example, by displaying text or images on a monitor or touch panel, or by outputting audio on a speaker or the like. The output unit 430 outputs, for example, information related to the issued DID.

[0073] The storage unit 440 has the function of storing various programs and data necessary for the operation of the DID issuing device 400. The storage unit 440 may be implemented by, for example, an HDD, SSD, flash memory, etc., but is not limited to these. The storage unit 440 may store a program that receives a DID issuance request and issues a DID to the target of the issuance request. The storage unit 440 may also store the issued DID and the public key information used with that DID in association. The storage unit 440 may include ROM and RAM. Furthermore, the storage unit 440 may be implemented by cloud storage.

[0074] The control unit 450 is a processor that has the function of controlling each part of the DID issuing device 400. The control unit 450 realizes the functions of the DID issuing device 400 by executing various programs stored in the storage unit 440.

[0075] The control unit 450 may function as a DID issuing unit 451.

[0076] The DID issuing unit 451 issues a DID in accordance with the DID issuance request received via the communication unit 410. When a DID issuance request is received, the DID issuing unit 451 issues a unique DID that does not overlap with any previously issued DIDs. The DID issuance target may be a user, a user's pet, or some object, but is not limited to these.

[0077] The DID issuing unit 451 issues a unique DID in accordance with the DID issuance request and transmits the information of the issued DID to the device that made the DID issuance request via the communication unit 410. The issued DID is also associated with the information of the device to be issued included in the DID issuance request and stored on the network 500 using blockchain technology.

[0078] The above is an example of the configuration of the DID issuing device 400.

[0079] <Data> The data related to this embodiment will be explained using Figure 6. Figure 6 is a diagram showing an example of the structure of a VC.

[0080] Figure 6 is a schematic diagram showing an example of the basic data structure of the VC according to this embodiment.

[0081] As shown in Figure 6, VC600 may include at least a CONTEXT field indicating context information, a type field indicating the type of VC, an issuer field indicating the issuer, a validFrom field indicating the effective start time, a credentialSubject field containing information about the target content, and a proof field containing signature information.

[0082] The credentialSubject field may contain information about the digital content or sub-content to which the VC applies, such as a hash value calculated from the content (contentHash), a URL indicating the location of the content (contentURL), or domain information to which the content belongs (domain).

[0083] The proof field may contain signature information to prove that the issuer indicated in the issuer field issued the VC, and may include, for example, a type indicating the signature scheme, a verificationMethod indicating the identification information of the public key used for verification, and an electronic signature value.

[0084] The verification unit 154 may identify the issuer's DID based on the issuer field, obtain the DID document corresponding to that DID, resolve the public key, and verify the authenticity of the VC using the signature information contained in the proof field.

[0085] Furthermore, the verification unit 154 may determine whether or not the digital content has been tampered with by comparing the content hash contained in the credentialSubject field with the hash value calculated from the digital content actually obtained.

[0086] In the basic structure of the VC shown in Figure 6, the credentialSubject field may be extended according to the purpose of the VC. For example, if the digital content is advertising information, the credentialSubject field may include, in addition to the content hash (contentHash) corresponding to the advertisement, campaign identifiers (campaignID) to identify the advertising campaign, identifiers (advertiserID) to identify the advertiser, and the URL to which the advertisement is redirected (landingURL).

[0087] The verification unit 154 may verify the authenticity of the advertiser based on the issuer field and confirm that the advertisement has not been tampered with by comparing the contentHash contained in the credentialSubject field with the hash value calculated from the actual displayed advertisement content.

[0088] Furthermore, the association unit 157 may aggregate only the event information for advertising content for which the verification results are valid as an advertising effectiveness indicator.

[0089] Furthermore, if the digital content is a news article, the credentialSubject field of the VC shown in Figure 6 may include a hash value calculated from the article text (articleHash), the date and time the article was published (publishedAt), and information identifying the news organization that published the article (publisherDID), etc.

[0090] The verification unit 154 may identify the DID of the news organization based on the issuer field and verify the signature information contained in the proof field using the public key corresponding to the DID.

[0091] Furthermore, the verification unit 154 may determine whether or not the article content has been tampered with by comparing the articleHash with the hash value calculated from the actual retrieved article text. This allows, according to this embodiment, to determine whether or not a news article was published by a legitimate news organization. The information contained in the credentialSubject field may be defined variably depending on the type of digital content.

[0092] <Operation> Figure 7 illustrates an example of the operation when digital content is acquired from the terminal device 100. Figure 7 is a flowchart showing an example of the VC verification process performed in the terminal device 100 according to this embodiment.

[0093] As shown in Figure 7, first, the receiving unit 151 of the terminal device 100 receives digital content (step S701). This digital content may be a web page, email, advertising information, etc. The receiving unit 151 transmits the received digital content to the acquisition unit 152.

[0094] Next, the acquisition unit 152 identifies one or more sub-contents included in the digital content (step S702). The sub-contents may be text data, image data, video data, etc.

[0095] The acquisition unit 152 determines whether a VC is associated with each sub-content (step S703). The acquisition unit 152 may determine that a VC is associated if it has acquired the VC from each sub-content and has been able to acquire the corresponding VC from all sub-contents.

[0096] If a VC exists for each sub-content (YES in step S703), the terminal device 100 acquires the VC from each sub-content (step S704). The acquisition unit 152 transmits the acquired VC to the identification unit 153.

[0097] Subsequently, the identification unit 153 obtains the DID from the acquired VC and identifies the issuer of the VC (step S705). The verification unit 154 obtains the public key corresponding to the DID (step S706).

[0098] Next, the verification unit 154 uses the acquired public key to verify the signature contained in the VC (step S707). If the signature verification is successful (YES in step S707), the verification unit 154 sends a request for VC verification to the VC verification device 200 (step S708).

[0099] Upon receiving verification result information from the VC verification device 200 (step S709), the verification unit 154 generates information based on the verification result information. It then transmits the verification result information to the output control unit 155. The output control unit 155 outputs the verification result information from the output unit 130 (step S710). The information output here may be display information indicating the authenticity of the digital content or each sub-content.

[0100] On the other hand, if signature verification fails in step S707 (NO in step S707), the terminal device 100 outputs an output indicating that the signature verification of the sub-content failed (step S711). This information may be information indicating that the digital content may be fraudulent.

[0101] Furthermore, in step S703, if no VC exists in any of the sub-contents (NO in step S703), the output control unit 155 outputs based on the fact that there is sub-content in the digital content that does not have a VC (step S712). This output may also be information indicating that the digital content may contain invalid information.

[0102] This allows the terminal device 100 to present the user with information demonstrating the authenticity of the digital content. Therefore, even if the digital content is a phishing site or fraudulent advertisement, it is possible to prevent the user from accessing that information in advance.

[0103] Figure 8 is a flowchart showing an example of the operation of the VC verification device 200.

[0104] Figure 8 is a flowchart showing an example of the verification process performed in the VC verification device 200 according to this embodiment.

[0105] As shown in Figure 8, first, the communication unit 210 of the VC verification device 200 receives a VC verification request transmitted from the terminal device 100 (step S801). The verification request may include information about the VC, or information that can identify the VC and its issuer.

[0106] Next, the VC verification unit 251 of the VC verification device 200 extracts the DID from the VC (step S802). The DID may be an identifier indicating the issuer who issued the VC.

[0107] Next, the VC verification unit 251 verifies whether the combination of the extracted DID and the received VC is registered in the whitelist 241 stored in the storage unit 240 (step S803). The whitelist 241 may include information indicating the correspondence between legitimate VCs and issuer DIDs.

[0108] The VC verification device 200 then generates verification result information indicating the verification result and transmits it to the terminal device 100 (step S804).

[0109] <Summary> In this way, when the terminal device 100 (information processing device) accesses various digital content, it can determine whether the digital content is fraudulent by verifying whether a VC (Video Content) is associated with each of the sub-contents contained within that digital content, and if so, by verifying the authenticity of the VC, and can provide information to the user. Therefore, the user of the terminal device 100 can recognize that the digital content they are trying to access may be fraudulent, and can decide whether or not to access that content.

[0110] <Supplement> The information processing apparatus according to the above embodiment is not limited to the above embodiment, and the various configurations described above may be realized by other methods. Various modifications will be described below. (1) In the above embodiment, the digital content is deemed safe if the authenticity of the corresponding VC can be verified for all sub-content, and notified that it may be fraudulent otherwise. However, this is not limited to this. The system may be configured to determine authenticity only for predetermined sub-content if verification is successful. Alternatively, the system may be configured to determine that the digital content is not fraudulent if the authenticity rate of multiple sub-contents is above a predetermined percentage.

[0111] (2) The VC verification program 141 of the terminal device 100 in the above embodiment may be implemented as a dedicated application, or, for example, as an extension, plugin, or patch program embedded in a web browser. The VC verification program 141 may be distributed from a predetermined application distribution server and installed on the terminal device 100, or it may be pre-installed. At least a part of the VC verification program 141 may be executed on a cloud server, and the terminal device 100 may be configured to perform the verification process by communicating with the cloud server.

[0112] Furthermore, the designated application distribution server may also distribute a dedicated application that associates VCs with digital content. For example, the dedicated application may be a web page creation tool (blog creation tool), and the tool may be equipped with a button for embedding VCs and configured to automatically embed the creator's (or rights holder's) VC into the digital content (in this case, a web page or sub-content contained in a web page).

[0113] (3) In the above embodiment, the terminal device 100 (information processing device) automatically verifies the authenticity of the digital content when it is accessed, but the VC verification program 141 may also ask the user 10 whether or not to perform the verification. Furthermore, the VC verification program 141 may be configured to prohibit access to digital content that has been verified to be potentially fraudulent, or it may be configured to present the user with a document explaining the risks before accessing the content and then ask whether or not to access the content.

[0114] (4) In the above embodiment, the verification process of the authenticity of digital content in the terminal device 100 is performed by the processor of the terminal device 100 executing a VC verification program, etc., to verify the VC. However, this may be implemented in the device by logic circuits (hardware) or dedicated circuits formed on an integrated circuit (IC (Integrated Circuit) chip, LSI (Large Scale Integration), etc. Furthermore, these circuits may be implemented by one or more integrated circuits, and the functions of the multiple functional units shown in the above embodiment may be implemented by a single integrated circuit. Depending on the degree of integration, LSIs may also be called VLSI, Super LSI, Ultra LSI, etc.

[0115] The above information processing program may be recorded on a recording medium readable by the processor, and the recording medium can be a "non-temporary tangible medium," such as tape, disk, card, semiconductor memory, or programmable logic circuit. Furthermore, the above information processing program may be supplied to the processor via any transmission medium capable of transmitting the information processing program (such as a communication network or broadcast wave). In other words, for example, the information processing program may be downloaded and executed from a network using an information processing device such as a smartphone. The present invention can also be realized in the form of a data signal embedded in a carrier wave, where the above information processing program is embodied by electronic transmission.

[0116] The above information processing program can be implemented using, for example, scripting languages ​​such as ActionScript and JavaScript®, or object-oriented programming languages ​​such as Objective-C, Java®, C++, Python®, and R. Furthermore, the same applies not only to the terminal device 100, but also to the VC verification device 200, the VC issuing device 300, and the DID issuing device 400.

[0117] (5) The various configurations shown in the above embodiments and supplements may be combined as appropriate.

[0118] (6) The processes described in the above embodiments and supplements may be modified in terms of the content of the processes or the order of the processes, as long as the same results can be obtained. [Explanation of Symbols]

[0119] 100 Terminal devices (information processing devices) 110 Communications Department 120 Input section 130 Output section 140 Storage section 150 Control Unit 151 Reception Department 152 Acquisition Department 153 Specific section 154 Verification Department 155 Output Control Unit 156 Event Acquisition Section 157 Association section 200 VC Verification Device 210 Communications Department 220 Input section 230 Output section 240 Storage section 250 Control Unit 251 Verification Department 300 VC issuing device 310 Communications Department 320 Input section 330 Output section 340 Storage section 350 Control Unit 351 VC Publishing Department 400 DID issuing devices 410 Communications Department 420 Input section 430 Output section 440 Storage section 450 Control Unit 451 DID Issuance Department

Claims

1. A reception desk for receiving digital content, An acquisition unit that acquires a VC (Verifiable Credential) associated with the aforementioned digital content, An identification unit that identifies the DID (Decentralized Identifier) ​​that indicates the issuer who issued the VC included in the VC, A verification unit that verifies the VC based on the DID, An output control unit that outputs information indicating the verification results by the verification unit, Equipped with, The aforementioned digital content includes multiple sub-contents, The acquisition unit acquires the VC associated with each of the plurality of sub-contents, The aforementioned identification unit identifies the DID contained in each VC, The verification unit verifies the VC corresponding to the DID of each of the multiple sub-contents based on the DID of the sub-content, The aforementioned sub-content is image data, The acquisition unit acquires the VC as metadata for the image data. An information processing device characterized by the following:

2. A reception desk for receiving digital content, An acquisition unit that acquires a VC (Verifiable Credential) associated with the aforementioned digital content, An identification unit that identifies the DID (Decentralized Identifier) ​​that indicates the issuer who issued the VC included in the VC, A verification unit that verifies the VC based on the DID, An output control unit that outputs information indicating the verification results by the verification unit, Equipped with, The aforementioned digital content is web data, The acquisition unit acquires the VC from the HTTP header of the web data. An information processing device characterized by the following:

3. The aforementioned digital content includes multiple sub-contents, The acquisition unit acquires the VC associated with each of the plurality of sub-contents, The aforementioned identification unit identifies the DID contained in each VC, The verification unit verifies the VC corresponding to the DID of each of the multiple sub-contents based on the DID of the sub-content. The information processing apparatus according to feature 2.

4. The verification unit generates a verification result indicating that the digital content has been verified when VC is enabled, and generates a verification result indicating that the digital content has not been verified when VC is disabled or the acquisition unit is unable to acquire VC. The information processing apparatus according to claim 1 or 2.

5. If the output control unit determines that the digital content has not been verified, it outputs information indicating the verification result that the digital content may be unsafe. The information processing apparatus according to feature 4.

6. The aforementioned web data is information from a phishing site. The information processing apparatus according to feature 2.

7. The aforementioned digital content is an email, The acquisition unit acquires the VC from the email header of the email. The information processing apparatus according to feature 1.

8. The aforementioned digital content is a fraudulent advertisement. The information processing apparatus according to claim 1 or 2.

9. The aforementioned information processing device further, An event acquisition unit that acquires event information related to the aforementioned digital content, An association unit that associates the event information acquired by the event acquisition unit and the verification results generated by the verification unit based on the digital content, The information processing apparatus according to claim 4, characterized by comprising:

10. The information processing device will treat the event information as a valid event only if the verification result indicates that the digital content has been verified. The information processing apparatus according to feature 9.

11. Computers The steps for accepting digital content, An acquisition step to obtain a VC (Verifiable Credential) associated with the aforementioned digital content, A determination step to identify the DID (Decentralized Identifier) ​​that indicates the issuer who issued the VC included in the VC, A verification step to verify the VC based on the DID, An output control step that outputs information indicating the verification results from the verification step, Execute, The aforementioned digital content includes multiple sub-contents, The acquisition step acquires the VC associated with each of the plurality of sub-contents, The aforementioned specific step involves identifying the DID included in each VC, The verification step verifies the VC corresponding to the DID of each of the multiple sub-contents based on the DID of the sub-content, The aforementioned sub-content is image data, The acquisition step involves acquiring the VC as metadata, which is the image data. An information processing method characterized by the following:

12. On the computer, A reception function for accepting digital content, A function to acquire a VC (Verifiable Credential) associated with the aforementioned digital content, A function to identify the DID (Decentralized Identifier) ​​that indicates the issuer who issued the VC included in the VC, A verification function that verifies the VC based on the DID, An output control function that outputs information indicating the verification results obtained by the aforementioned verification function, To make it happen, The aforementioned digital content includes multiple sub-contents, The acquisition function acquires the VC associated with each of the multiple sub-contents, The aforementioned identification function identifies the DID included in each VC, The verification function verifies the VC corresponding to the DID of each of the multiple sub-contents based on the DID of the sub-content, The aforementioned sub-content is image data, The acquisition function acquires the VC as metadata for the image data. An information processing program characterized by the following features.

13. Computers The steps for accepting digital content, An acquisition step to obtain a VC (Verifiable Credential) associated with the aforementioned digital content, A determination step to identify the DID (Decentralized Identifier) ​​that indicates the issuer who issued the VC included in the VC, A verification step to verify the VC based on the DID, An output control step that outputs information indicating the verification results from the verification step, Execute, The aforementioned digital content is web data, The acquisition step involves obtaining the VC from the HTTP header of the web data. An information processing method characterized by the following:

14. On the computer, A reception function for accepting digital content, A function to acquire a VC (Verifiable Credential) associated with the aforementioned digital content, A function to identify the DID (Decentralized Identifier) ​​that indicates the issuer who issued the VC included in the VC, A verification function that verifies the VC based on the DID, An output control function that outputs information indicating the verification results obtained by the aforementioned verification function, To make it happen, The aforementioned digital content is web data, The acquisition function acquires the VC from the HTTP header of the web data. An information processing program characterized by the following features.