Information processing device, control method, and program
The information processing apparatus uses a user behavior-based verification model to enhance payment security by determining authentication needs based on pre-payment actions, balancing user experience and security without re-login disruptions.
Patent Information
- Authority / Receiving Office
- WO · WO
- Patent Type
- Applications
- Current Assignee / Owner
- NTT DOCOMO INC
- Filing Date
- 2024-12-25
- Publication Date
- 2026-07-02
Smart Images

Figure JP2024045894_02072026_PF_FP_ABST
Abstract
Description
Information Processing Apparatus, Control Method, and Program
[0001] The present disclosure relates to an information processing apparatus, a control method, and a program.
[0002] In a payment service using a two-dimensional code, in order to prevent unauthorized payments by a third party while considering convenience, a time-limited login session may be issued. In this case, if the user does not use the session for a certain period after issuance, re-login is required.
[0003] International Publication No. 2019 / 198315
[0004] When re-login is required at the timing of payment by the user, the user cannot perform the payment process smoothly. Therefore, such re-login is one of the factors that deteriorate the user experience. On the other hand, if re-login is completely eliminated, the security risk increases, and there is a risk of frequent unauthorized payments.
[0005] One aspect of the present disclosure provides an information processing apparatus, a control method, and a program that suppress unauthorized payments without deteriorating the user experience.
[0006] An information processing apparatus according to one aspect of the present disclosure inputs aligned behavior data in which behavior data indicating the user's actions before payment is aligned in time series into a person verification model, and obtains a degree of personhood indicating the likelihood that the user is the person, output by the person verification model. The information processing apparatus further includes a determination unit that determines whether to request authentication at the time of payment based on the obtained degree of personhood. The person verification model is trained with training data indicating the actions that the user performed before payment in the past.
[0007] A diagram showing an example of an information processing apparatus. A diagram showing an example of an input to a person verification model. A diagram showing an example of an input / output of a person verification model. A diagram showing an example of actions before payment and determination results. A flowchart showing the processing flow of an information processing apparatus. A diagram showing an example of the hardware configuration of an information processing apparatus.
[0008] Hereinafter, an embodiment relating to one aspect of this disclosure will be described with reference to the drawings. Note that the embodiment described below is merely an example, and the embodiments to which this disclosure applies are not limited to the embodiments described below.
[0009] Figure 1 shows an example of an information processing device 100 according to an embodiment of the present disclosure. At the time of payment, the information processing device 100 determines whether or not to request authentication from the user based on behavioral data indicating the user's actions before payment, and outputs the determination result. The behavioral data in this embodiment is data indicating a predetermined action detected by the user's mobile terminal or a base station that communicated with the user's mobile terminal. Note that the actions in this embodiment may include actions and movements.
[0010] In this embodiment, predetermined actions are described using examples such as operating an application, such as launching or closing a payment application; visiting a facility such as a convenience store; traveling by car or on foot; or staying at or near one's home.
[0011] The behavioral data includes information indicating the above-mentioned actions, as well as the date, time, and time of day when those actions occurred. For example, the date and time of a visit to a convenience store, or the time of day when traveling by car, are included in the behavioral data. Based on this date and time, the behavioral data can be sorted chronologically. With this in mind, the various components of the information processing device 100 will now be explained.
[0012] In Figure 1, the information processing device 100 includes an action data formatting unit 101, a model training unit 102, a self-verification model 103, a self-identity assessment unit 104, and a determination unit 105. First, one timing for inputting action data to the information processing device 100 is when a user launches an application for making payments on their mobile terminal (hereinafter referred to as the "payment application"). At this time, action data indicating at least a series of actions up to the launch of the payment application is input. For example, when the payment application is launched, action data indicating a series of four actions up to the launch of the payment application is input. Alternatively, action data may be input to the information processing device 100 each time a user's actions are detected.
[0013] The behavior data formatting unit 101 arranges the input behavior data in chronological order and outputs the arranged behavior data to the model training unit 102 or the judgment unit 105. When a payment application is launched, if behavior data indicating a series of actions performed up to the launch of the payment application is input, the behavior data formatting unit 101 arranges the payment application launch and the behavior data indicating the series of actions in chronological order and outputs them to the model training unit 102 or the judgment unit 105. In the following description, a series of actions performed up to the launch of the payment application will be referred to as pre-payment actions, and behavior data indicating pre-payment actions will be referred to as pre-payment action data.
[0014] When user actions are detected and action data is input to the information processing device 100, the action data formatting unit 101, upon receiving input for the start of a payment application, arranges the action data representing a series of actions input up to the start of the payment application in chronological order and outputs it to the model training unit 102 or the determination unit 105. The pre-payment action data output to the model training unit 102 is used for training. The pre-payment action data output to the determination unit 105 is used for identity verification. In this embodiment, "the person in question" refers to a person authorized to make a payment.
[0015] The model training unit 102 trains the identity verification model 103 using training data that shows the user's past actions, such as sequential behavior data. For example, if user A has a series of actions (e.g., four) in the past, represented by action data w, x, y, and z, arranged in chronological order, the model training unit 102 trains the identity verification model 103 by inputting w, x, y, and z as pre-payment action data into the identity verification model 103.
[0016] The identity verification model 103 is a model trained by the model training unit 102 as described above. As shown in Figure 2, when pre-payment behavior data is input for each user, the identity verification model 103 learns the pre-payment behavior data for each user by understanding the characteristics of the pre-payment behavior data for each user. In Figure 2, a series of four pre-payment behavior data before the launch of the payment application are input, but the number of pre-payment behavior data may be just the most recent pre-payment behavior data. However, since the accuracy of identity verification is thought to decrease as the number of pre-payment behavior data is less than a predetermined number, the number of pre-payment behavior data may be appropriately determined according to the operation and experimental results.
[0017] As shown in Figure 3, when pre-payment behavior data is input from the identity verification model 104, the model outputs an identity degree indicating the likelihood that the user is who they claim to be, based on the features of the input pre-payment behavior data and the user features grasped through learning. The identity degree is expressed as a numerical value, and in this embodiment, a higher numerical value indicates a greater probability that the user is who they claim to be.
[0018] The above identity verification model 103 may use a One-class SVM or AutoEncoder as the model for verifying the user's identity, and may also use an RNN or Transformer structure as the time series model.
[0019] The identity assessment unit 104 receives user pre-payment behavior data, which is arranged in chronological order, from the determination unit 105. The identity assessment unit 104 inputs the pre-payment behavior data received from the determination unit 105 into the identity verification model 103 and obtains the identity assessment score output by the identity verification model 103. The identity assessment unit 104 outputs the obtained identity assessment score to the determination unit 105.
[0020] When the determination unit 105 receives pre-payment behavior data from the behavior data formatting unit 101, it outputs the pre-payment behavior data to the identity level acquisition unit 104 and acquires the identity level. Based on the identity level, the determination unit 105 determines whether or not to request authentication from the user. For example, the determination unit 105 prepares a threshold for determining whether or not to request authentication at the time of payment, and determines whether or not to request authentication from the user by comparing the identity level with the threshold. The determination unit 105 outputs the determination result. The determination result can be either "simple authentication allowed" or "simple authentication not allowed". The output destination of the determination result is, for example, a server that performs the payment. In this embodiment, simple authentication means that authentication is not required at the time of payment, but it is not limited to this. For example, simple authentication can be any authentication that reduces the user burden compared to normal authentication, such as using one-step authentication instead of the usual two-step authentication.
[0021] The above thresholds may be determined as appropriate depending on the user's creditworthiness, the number of times the user has used the payment application, the length of time elapsed since the start of use, and the user's attributes (behavioral attributes, demographic attributes, geographical attributes, psychological attributes, etc.).
[0022] Figure 4 shows an example of the actual output of pre-payment actions and judgment results. Figure 4 shows "actions that result in the maximum degree of authenticity," "actions by the person themselves," "actions due to fraudulent use by another person," "actions by the person themselves while on a business trip," and the judgment results.
[0023] In Figure 4, "the action that results in the maximum degree of authenticity" is the action for which the authenticity verification model 103 outputs the maximum value when pre-payment behavior data representing this "action that results in the maximum degree of authenticity" is input into the authenticity verification model 103. "The person's actions" refer to the person's actions on a given day. "Actions due to unauthorized use by others" refer to the actions of someone who has illegally acquired the person's mobile device. "The person's actions at their business trip destination" refer to the person's actions at a place they are visiting for the first time.
[0024] In Figure 4, "the person's actions" indicate that the person possessing the mobile device walked from their home to store α of convenience store A, launched the convenience store application, and then launched the payment application. In this case, the information processing device 100 output "Simple authentication possible."
[0025] In Figure 4, "Actions due to unauthorized use by another person" indicates that the person possessing the mobile device traveled by car from near their home, visited convenience store A's α store, and launched the payment application without launching the convenience store application. In this case, the information processing device 100 output "Simple authentication failed."
[0026] In Figure 4, "The person's actions at their business trip destination" indicates that the person carrying the mobile device traveled by car from Station X, made their first visit to Convenience Store A (Store β), launched the convenience store application, and then launched the payment application. In this case, the information processing device 100 output "Simple authentication not possible."
[0027] Figure 5 is a flowchart showing the processing flow of the information processing device 100. In Figure 5, when the determination unit 105 receives pre-payment behavior data from the behavior data formatting unit 101 (step S101), it inputs the pre-payment behavior data to the identity verification model 103 via the identity degree acquisition unit 104 (step S102). The determination unit 105 acquires the identity degree via the identity degree acquisition unit 104 (step S103).
[0028] Next, the determination unit 105 determines whether the degree of authenticity is above or below the threshold (step S104). If the degree of authenticity is above or below the threshold (step S104: YES), the determination unit 105 outputs the determination result (simple authentication possible) (step S105) and terminates the process. If the degree of authenticity is below the threshold (step S104: NO), the determination unit 105 outputs the determination result (simple authentication impossible) (step S106) and terminates the process.
[0029] <Effects> According to the embodiments described above, fraudulent payments can be suppressed without degrading the user experience. For example, even if users visit the same convenience store, their pre-visit behavior will generally differ if they are different users. In this embodiment, fraudulent payments can be suppressed by using such behavior as an authentication factor to authenticate the user. On the other hand, when a user visits a convenience store they always use, their pre-visit behavior is generally the same, and in such cases, simple authentication is performed, so the user experience is not degraded.
[0030] In the embodiments described above, the determination unit 105 may output a determination result that includes, for example, payment history (time, payment store, product name, point usage) and application usage log (related to applications on the mobile terminal, including not only the start time but also the end time and the applications used) as determination elements. By doing so, a more accurate determination result can be output.
[0031] In the embodiment described above, the information processing device 100 included a model training unit 102 and an identity verification model 103. However, the model training unit 102 and the identity verification model 103 may be provided on other devices outside the information processing device 100 or on the cloud.
[0032] In the embodiments described above, authentication was explained using authentication in payment, but the scope to which this embodiment can be applied is not limited to authentication in payment. In this embodiment, the determination was made based on the user's actions before performing a specific action, such as payment, but the actions before performing a specific action are often the same, not limited to payment. Therefore, other cases to which this embodiment can be applied include authentication when using online banking, authentication when using social media, authentication when using cloud services such as cloud storage services, authentication when using a company's internal systems, authentication when using email services, authentication when using online games, authentication when using government services, authentication when using medical systems such as accessing patient information at medical institutions, authentication when performing electronic signatures, authentication when using academic institutional services such as university portals, authentication when using online shopping, and authentication when connecting to a VPN (Virtual Private Network).
[0033] <Example Hardware Configuration> The information processing device 100 in one embodiment of the present disclosure may function as a computer that performs the processing of the present disclosure. Figure 5 is a diagram showing an example of the hardware configuration of the information processing device 100 according to one embodiment of the present disclosure. The above-described information processing device 100 may be physically configured as a computer device including a processor 1001, memory 1002, storage 1003, communication device 1004, input device 1005, output device 1006, bus 1007, etc.
[0034] In the following explanation, the term "device" can be replaced with "circuit," "device," "unit," etc. The hardware configuration of the information processing device 100, the knowledge server 200, and the generation device 300 may include one or more of the devices shown in the figure, or it may be configured to omit some of the devices.
[0035] Each function in the information processing device 100 is realized by loading predetermined software (programs) onto hardware such as the processor 1001 and memory 1002, which allows the processor 1001 to perform calculations, control communication by the communication device 1004, and control at least one of data reading and writing in the memory 1002 and storage 1003.
[0036] The processor 1001 controls the entire computer, for example, by running an operating system. The processor 1001 may consist of a central processing unit (CPU) that includes interfaces with peripheral devices, control units, arithmetic units, registers, and so on.
[0037] Furthermore, the processor 1001 reads programs (program code), software modules, data, etc., from at least one of the storage 1003 and the communication device 1004 into the memory 1002 and executes various processes accordingly. The program used is one that causes the computer to execute at least a part of the operations described in the above embodiment. For example, each part of the information processing device 100 may be implemented by a control program stored in the memory 1002 and running on the processor 1001, and other functional blocks may be implemented similarly. The above-described various processes have been explained as being executed by one processor 1001, but they may be executed simultaneously or sequentially by two or more processors 1001. The processor 1001 may be implemented by one or more chips. The program may also be transmitted from a network via a telecommunications line.
[0038] The memory 1002 is a computer-readable recording medium and may consist of at least one of the following: ROM (Read Only Memory), EPROM (Erasable Programmable ROM), EEPROM (Electrically Erasable Programmable ROM), RAM (Random Access Memory), etc. The memory 1002 may also be called a register, cache, main memory, etc. The memory 1002 can store executable programs (program code), software modules, etc., for carrying out a wireless communication method according to one embodiment of the present disclosure.
[0039] The storage 1003 is a computer-readable recording medium and may consist of at least one of the following: an optical disc such as a CD-ROM (Compact Disc ROM), a hard disk drive, a flexible disk, a magneto-optical disk (e.g., Compact Disc, Digital Multipurpose Disc, Blu-ray® Disc), a smart card, flash memory (e.g., a card, stick, key drive), a floppy® disk, a magnetic strip, etc. The storage 1003 may also be called an auxiliary storage device. The above-mentioned storage medium may be, for example, a database, server, or other suitable medium including at least one of memory 1002 and storage 1003.
[0040] The communication device 1004 is hardware (transceiver / receiver device) for communicating between computers via at least one of a wired network and a wireless network, and is also referred to as a network device, network controller, network card, communication module, etc.
[0041] The input device 1005 is an input device (e.g., keyboard, mouse, microphone, switch, button, sensor, etc.) that receives input from the outside. The output device 1006 is an output device (e.g., display, speaker, LED lamp, etc.) that performs output to the outside. Note that the input device 1005 and the output device 1006 may have an integrated configuration (e.g., touch panel).
[0042] Also, each device such as the processor 1001 and the memory 1002 is connected by a bus 1007 for communicating information. The bus 1007 may be configured using a single bus or may be configured using different buses for each device.
[0043] Further, the information processing device 100 may be configured to include hardware such as a microprocessor, a digital signal processor (DSP: Digital Signal Processor), an ASIC (Application Specific Integrated Circuit), a PLD (Programmable Logic Device), an FPGA (Field Programmable Gate Array), etc., and some or all of each functional block may be realized by such hardware. For example, the processor 1001 may be implemented using at least one of these hardware.
[0044] Furthermore, each functional unit included in each of the information processing devices 100 may be implemented in a distributed manner on the cloud. Also, each functional unit may be implemented in a plurality of information processing devices. Further, the same functional unit may be realized by a plurality of information processing devices.
[0045] One aspect of the present disclosure is useful for user authentication.
[0046] 100 Information processing device 101 Action data shaping unit 102 Model training unit 103 Genuine verification model 104 Degree of genuineness acquisition unit 105 Determination unit 1001 Processor 1002 Memory 1003 Storage 1004 Communication device 1005 Input device 1006 Output device 1007 Bus
Claims
1. An information processing device comprising: an identity verification unit that inputs sorted behavioral data, which is arranged in chronological order, showing the user's actions before payment, into an identity verification model, and acquires an identity degree that indicates the likelihood that the user is who they claim to be, output by the identity verification model; and a determination unit that determines whether or not to require authentication at the time of payment based on the acquired identity degree, wherein the identity verification model is trained with training data showing the user's actions in the past before payment.
2. The information processing apparatus according to claim 1, wherein the user's action is an operation on, visit, move to, or stay on an application.
3. A control method for an information processing device, comprising: inputting sorted behavioral data, which is obtained by arranging behavioral data showing a user's actions before payment in chronological order, into an identity verification model; obtaining an identity degree, which indicates the likelihood that the user is the person in question, output by the identity verification model; determining whether or not to require authentication at the time of payment based on the obtained identity degree; and training the identity verification model with training data showing actions the user has performed in the past before payment.
4. A program that inputs sorted behavioral data, which is a time-series arrangement of behavioral data showing a user's actions before payment, into a computer identity verification model, obtains an identity degree that indicates the likelihood that the user is who they claim to be, and determines whether or not to require authentication at the time of payment based on the obtained identity degree, and the identity verification model is trained with training data showing the actions the user has taken in the past before payment.