WO2026004925A1 - Terminal device, information processing system, data update method, and program - Google Patents

Abstract

Provided is a terminal device comprising a processor and a camera. The processor acquires first face image data obtained by imaging the face of a user by the camera, acquires preliminarily registered second face image data or third face image data held in identify verification certificate data certifying the identity of the user, checks the first face image data against the second face image data or the third face image data, and updates the third face image data on the basis of the first face image data when the check is successful.

Description

Terminal device, information processing system, data update method and program

This disclosure relates to a terminal device, an information processing system, a data update method, and a program.

In recent years, there has been much research into digital wallets that electronically integrate payment, asset management, and certification functions. Known digital wallet technologies include devices and methods that use biometric technology to ensure secure transactions using blockchain technology. This method uses biometric authentication when a user uses a digital wallet to confirm that the user of the service and the digital wallet holder are the same person (see, for example, Patent Document 1).

Japan Special Table No. 2022-508773

The terminal in Patent Document 1 can sometimes reduce the accuracy of user identity verification using certificate data, leaving room for improvement.

This disclosure provides a terminal device, information processing system, data update method, and program that can improve the accuracy of identity verification using facial image data from identity verification certificate data that electronically verifies a person's identity.

One aspect of the present disclosure is a terminal device comprising a processor and a camera, wherein the processor acquires first facial image data obtained by capturing an image of a user's face with the camera, acquires pre-registered second facial image data, or acquires third facial image data stored in personal identification certificate data that proves the user is the user, compares the first facial image data with the second facial image data or the third facial image data, and, if the comparison is successful, updates the third facial image data based on the first facial image data.

One aspect of the present disclosure is an information processing system comprising a terminal device and a server device, in which the terminal device acquires first facial image data obtained by capturing an image of a user's face with a camera, acquires pre-registered second facial image data, or acquires third facial image data stored in personal identification certificate data that certifies the user's identity, compares the first facial image data with the second facial image data or the third facial image data, and, if the comparison is successful, updates the third facial image data based on the first facial image data.

One aspect of the present disclosure is a data update method that includes acquiring first facial image data obtained by capturing an image of a user's face with a camera, acquiring pre-registered second facial image data or third facial image data stored in identification certificate data that proves the user is the user, comparing the first facial image data with the second facial image data or the third facial image data, and, if the comparison is successful, updating the third facial image data based on the first facial image data.

One aspect of the present disclosure is a program that causes a computer to execute the above data update method.

This disclosure makes it possible to improve the accuracy of identity verification using facial image data from identity verification certificate data that electronically verifies a person's identity.

FIG. 1 is a diagram illustrating a configuration example of a terminal device according to a first embodiment of the present disclosure. An example of the menu screen of a digital wallet application. Figure showing an example of the wallet list screen of a digital wallet application 1 is a flowchart showing a first example of the operation of a terminal device; Flowchart (part 2) showing a first example of the operation of the terminal device 10 is a flowchart showing a second example of the operation of the terminal device (part 1). 10 is a flowchart showing a second example of the operation of the terminal device (part 2). FIG. 10 is a diagram showing a first example of an update reminder display; FIG. 10 is a diagram showing a second example of displaying an update reminder. FIG. 10 is a diagram illustrating a configuration example of an information processing system according to a second embodiment of the present disclosure. A sequence diagram showing an example of the operation of an information processing system when issuing data for an official identification card. A sequence diagram showing an example of the operation of an information processing system when issuing private certificate data. FIG. 1 is a diagram showing an example of the operation of an information processing system when the expiration date of face image data is approaching (part 1); FIG. 2 is a diagram showing an example of the operation of the information processing system when the expiration date of face image data is approaching (part 2); Sequence diagram (part 1) showing an example of the operation of the information processing system when face matching accuracy is reduced when logging in to a wallet app Sequence diagram (part 2) showing an example of the operation of the information processing system when face matching accuracy is reduced when logging in to a wallet app A diagram showing an example of the operation of an information processing system when a certificate expiration alert is issued (part 1) Diagram (part 2) showing an example of the operation of an information processing system when a certificate expiration alert is triggered

Embodiments will be described in detail below, with appropriate reference to the drawings. However, more detailed descriptions than necessary may be omitted. For example, detailed descriptions of well-known matters or redundant descriptions of substantially identical configurations may be omitted. This is to avoid unnecessary redundancy in the following description and to facilitate understanding by those skilled in the art. Note that the accompanying drawings and the following description are provided to enable those skilled in the art to fully understand the present disclosure, and are not intended to limit the subject matter described in the claims.

(How the embodiments of the present disclosure were achieved)
Certificate data stored in a digital wallet may contain a facial image (face photo) of the user who uses the certificate data. In real space, even for the same person (user), facial features may change over time. As a result, the facial image at the time of registering the certificate data may not match the facial photo at the time the certificate data is used. The method of Patent Document 1 does not take into consideration updating the facial image of the certificate data stored in the digital wallet when a facial image is used as facial information for biometric authentication. In this case, it is difficult to perform appropriate face matching using the facial image when using the certificate data in the digital wallet, which may result in insufficient identity verification accuracy.

The following embodiments describe a terminal device, information processing system, data update method, and program that can improve the accuracy of identity verification using facial image data from identity verification certificate data that electronically verifies identity.

(First embodiment)
1 is a diagram illustrating an example of the configuration of a terminal device according to the first embodiment of the present disclosure. The terminal device 10 executes a digital wallet application.

The terminal device 10 includes a processor 11, a memory 12, a communication unit 13, an input unit 14, a display unit 15, and a camera 16.

The processor 11 may be configured using, for example, a Central Processing Unit (CPU), a Digital Signal Processor (DSP), or a Graphical Processing Unit (GPU). The processor 11 may also be configured using various integrated circuits (for example, a Large Scale Integration (LSI) or a Field Programmable Gate Array (FPGA)). The processor 11 realizes various functions by executing programs stored in the memory 12. The processor 11 comprehensively controls each part of the terminal device 10 and performs various processes.

For example, processor 11 executes a digital wallet application. For example, processor 11 works in cooperation with camera 16 to perform processing related to updating facial image data of various certificate data stored in the digital wallet.

Memory 12 includes, for example, Random Access Memory (RAM) or Read Only Memory (ROM). Memory 12 may include volatile memory or non-volatile memory. Memory 12 may include, for example, a Hard Disk Drive (HDD), a Solid State Drive (SSD), an optical disk, an SD card, etc. Memory 12 may also be an external storage medium, and may be detachable from terminal device 10. Memory 12 stores various data, information, programs, etc.

Memory 12, for example, holds a digital wallet (digital ID wallet). The digital wallet can store various certificate data (identity verification certificate data) that electronically certifies the identity of the user. The various certificate data holds facial image data of the user who uses the certificate data. The facial image data of the certificate data can be updated. The certificate data may hold multiple pieces of facial image data acquired at multiple times, or may hold facial image data in which old facial image data has been updated (e.g., overwritten) with new facial image data. Memory 12 may also hold one or more pieces of facial image data acquired at a predetermined time (e.g., registered facial image data, described below).

The communication unit 13 communicates various data or information according to a wired or wireless communication method. The communication method used by the communication unit 13 may include, for example, a local area network (LAN), a wide area network (WAN), a mobile phone network, or power line communication.

The communication unit 13 communicates, for example, with external communication devices and networks.

The input unit 14 may include various buttons, keys, a mouse, a keyboard, a touch panel, a microphone, or other input devices. The input unit 14 accepts input of various data or information. The input unit 14 may be operated by the user of the terminal device 10. The user here is, for example, a user of a digital wallet, who owns and uses the certificate data.

The input unit 14 accepts, for example, general operations for the terminal device 10 and operations related to application execution.

The display unit 15 is, for example, a liquid crystal display or an organic EL display. The display unit 15 displays various data or information. The display on the display unit 15 may be confirmed by, for example, a user.

The display unit 15 displays, for example, screens used in digital wallet applications, certificate data, facial image data, etc.

<Digital wallet application>
Next, the application of the digital wallet will be described.

The digital wallet application performs operations such as displaying, updating, changing, and adding certificate data stored in the digital wallet or certificate data to be stored.

Digital wallets store various types of certificate data. Certificate data includes, for example, certificate data corresponding to official certificates issued by public institutions and certificate data corresponding to private certificates issued by private institutions. Official certificates include, for example, licenses (e.g., driver's licenses), My Number cards, and international driver's licenses. Private certificates include, for example, employee ID cards, qualification certificates, and student ID cards. Some certificates have expiration dates. Furthermore, the certificate data in this embodiment broadly includes data that can be used to verify the identity of a user using facial image data, and may include, for example, electronic tickets with facial image data. Digital wallets may also have credit card functions, electronic money functions, and point functions that can be used for electronic payments.

Figure 2 shows an example of the menu screen G1 of the digital wallet application.

The menu screen G1 has multiple buttons BT (icons). The buttons BT include an add wallet button, an online authentication button, an identity verification button, an age verification button, a facial image update button BT1, a wallet button, and a settings button.

The add wallet button is a button for adding and storing new certificate data in the digital wallet. When the add wallet button is selected (e.g., tapped) via the input unit 14, the processor 11 activates the camera 16 and instructs it to take an image. In accordance with the image capture instruction, the camera 16 captures an image of the identification information (e.g., a two-dimensional code (e.g., a QR code (registered trademark))) of the certificate that the digital wallet user wishes to add. The processor 11 reads the certificate identification information based on the captured information, and adds the certificate data identified by this identification information as one of the digital wallet data. Note that the processor 11 may add new certificate data to the digital wallet using a method other than the above.

The wallet button is a button for checking the various certificate data stored in the digital wallet. When the wallet button is selected (e.g., tapped) via the input unit 14, the processor 11 displays the certificate data stored in the digital wallet. At this time, the processor 11 may display each piece of certificate data individually or as a list.

Figure 3 shows an example of the wallet list screen G2 of the digital wallet application.

The wallet list screen G2 displays a list of certificate data stored in the digital wallet. In this embodiment, the various certificate data are certificate data SM with facial image data KG added. Figure 3 shows multiple different types of certificate data SM1, SM2, and SM3 each containing facial image data KG.

When the user selects (an example of designation) the certificate data SM to be displayed on the wallet list screen G2 via the input unit 14, the processor 11 may display the selected certificate data SM in a specified selection screen area. The display of the certificate data on the selection screen display may be enlarged. In FIG. 3, the selected certificate data SM0 is enlarged and displayed in the upper area of the wallet list screen G2. This allows the user to easily check the details of the desired certificate data.

Note that while the wallet list screen G2 in Figure 3 illustrates an example in which all certificate data SM includes facial image data KG, this is not limited to this. There may be certificate data SM that does not include facial image data KG. Since updates to facial image data are performed for certificate data SM that includes facial image data, there may also be certificate data SM for which updates to facial image data are not expected.

Returning to Figure 2, the identity verification button is a button for disclosing specified information about the user's identity contained in the certificate data. As an example, assume that driver's license data is stored in the digital wallet. For example, suppose that the user of terminal device 10 is requested by a police officer or the like to verify their identity (e.g., disclose their driver's license). In this case, when processor 11 selects the identity verification button via input unit 14, it may select license data from the certificate data in the digital wallet and display the license data on display unit 15. Processor 11 may also selectively display specified information from the license data (e.g., information requested by the police officer). In this case, processor 11 may specify and display the requested information via input unit 14.

The age confirmation button is a button for confirming the age of the user of the terminal device 10. When the age confirmation button is selected via the input unit 14, the processor 11 displays the user's age information. In this case, the processor 11 may extract and display age information contained in any certificate data. For example, if a user receives a request to disclose their age (e.g., age information from My Number card data or driver's license data) when purchasing licensed goods (e.g., alcohol or tobacco) at a store, the user taps the age confirmation button via the input unit 14. In response to this tap, the processor 11 may obtain and display the user's age information from the My Number card data or driver's license data.

The online authentication button is a button for authenticating the user online. When the online authentication button is selected via the input unit 14, the processor 11 activates the camera 16 and instructs it to capture an image. In accordance with the image capture instruction, the camera 16 captures an image of the two-dimensional code on the certificate storing the information to be disclosed. The processor 11 may read the identification information of the certificate data based on the captured information, and display the certificate data identified by this identification information from the certificate data stored in the digital wallet.

The face image update button BT1 is a button for updating the face image data of the certificate data stored in the digital wallet. When the face image update button is selected via the input unit 14, the processor 11 activates the camera 16 and instructs it to capture an image. The camera 16 captures an image of a subject including the user's face in accordance with the image capture instruction, and obtains a captured image in which the user's face is reflected. The processor 11 updates the face image data of at least one piece of certificate data, for example, based on the captured image.

The settings button is used to configure various settings related to the digital wallet application.

<Operation of terminal device>
Next, an example of the operation of the terminal device will be described.
4A and 4B are flowcharts showing a first example of the operation of the terminal device 10. FIG.

The terminal device 10 performs processing related to updating the facial image data of the certificate data stored in the digital wallet. At this time, the terminal device 10 performs identity verification processing at least once at a predetermined timing. Identity verification processing is processing for verifying the identity of the user using the terminal device 10. Identity verification processing is processing for verifying (determining) whether the user is the real user by comparing multiple sets of facial image data to be compared. Furthermore, Figures 4A and 4B show identity verification processing A to D as examples of identity verification processing.

First, the processor 11 executes a process to log in to the terminal device 10 (step S11). The processor 11 may perform identity verification process A when logging in at step S11 (e.g., logging in). If identity verification (facial matching) in identity verification process A is successful, login to the terminal device 10 is permitted. In identity verification process A, the camera 16 captures an image of the user's face, and the processor 11 may acquire facial image data including the user's face. This facial image data is one piece of captured facial image data captured for identity verification process.

Processor 11 launches the digital wallet application (wallet app) (step S12). Processor 11 may perform identity verification process B when (e.g., before) launching the wallet app in step S12. If identity verification (facial matching) in identity verification process B is successful, launch of the wallet app is permitted. In identity verification process B, the camera 16 captures an image of the user's face, and processor 11 may acquire facial image data including the user's face. This facial image data is one piece of captured facial image data captured for identity verification process.

The processor 11 detects a tap (an example of selection or designation) on the facial image update button BT1 via the input unit 14 (step S13).

In response to tapping the facial image update button BT1, the processor 11 activates the camera 16 and sends an image capture instruction to the camera 16 (step S14).

The camera 16 receives an image capture instruction from the processor 11, and in accordance with the image capture instruction, captures an image of a subject including the face of the user of the terminal device 10, thereby obtaining facial image data including the user's face (step S15). This facial image data is one type of captured facial image data captured for identity verification processing.

When capturing an image of the user's face, the processor 11 may perform liveness judgment such as "Please look to the left" or "Please close your eyes." The processor 11 may also display guide information for capturing an image of the user's face on the display unit 15. The guide information may include, for example, information such as "Please take the image in a location where the background is a light color such as white," "Are your bangs out of the way?" or "Please fit the image into the face frame." By performing loudness judgment and displaying guide information, the terminal device 10 can reduce the need to re-capture the user's face.

Processor 11 determines whether or not a face has been captured by camera 16 (step S16). For example, processor 11 may obtain facial image data captured by camera 16 and analyze the captured image to determine whether or not a human face is included in the facial image data, thereby determining whether or not a face has been captured. Processor 11 may also determine whether or not a face has been captured by using a method other than this.

If it is determined that the face has been captured (Yes in step S16), the processor 11 selects the certificate data to be updated for updating the facial image data (step S17). In this case, the processor 11 may manually select the certificate data to be updated via, for example, the input unit 14, or may automatically select certificate data that meets predetermined update eligibility conditions (for example, within a predetermined number of days from the expiration date) as the certificate data to be updated. The processor 11 may perform identity verification processing C when selecting the certificate data to be updated in step S17 (for example, before selection), that is, after capturing an image of the user's face in step S15. If identity verification in identity verification processing C is successful, the selection of the certificate data to be updated is permitted, or the selection result becomes valid.

Processor 11 determines whether the captured facial image data meets the specified update conditions for the facial image data required by the certificate data to be updated (step S18). These update conditions may include conditions related to the resolution of the facial image data, the background, the angle and brightness of the face, the presence or absence of accessories (such as a hat), bangs (whether the eyes are covered), the shooting range (whether the face is cut off in the middle), etc. Note that the update conditions may differ depending on the type of certificate data (e.g., passport data, driver's license data). The specified update conditions here may be stored in memory 12, for example.

Note that the facial image data captured in step S18 may be facial image data (captured facial image data) used in the identity verification process performed at each timing. Specifically, for example, the facial image data here may include at least one of the facial image data captured in step S15, facial image data captured at login, and facial image data captured when the wallet app is launched.

If it is determined that the captured facial image data does not meet the update conditions (No in step S18), the processor 11 instructs the camera 16 to re-capture the image (step S19). Then, the process proceeds to step S15.

If it is determined that the captured facial image data meets the update conditions (Yes in step S18), after this determination, the processor 11 may perform identity verification processing D.

After identity verification process D, processor 11 determines whether identity verification has been successful, for example, by at least one of identity verification processes A to D (step S20). In other words, processor 11 determines whether face matching in the identity verification process has succeeded in matching (authentication) the face of the user of terminal device 10 (user of the wallet app).

For example, if the identity of the person cannot be confirmed by any of identity confirmation processes A to D (No in step S20), the processor 11 instructs the camera 16 to re-image (step S19). Then, the process proceeds to step S15.

For example, if identity verification is successful through at least one of identity verification processes A to D (Yes in step S20), the processor 11 processes (edits) the facial image data in accordance with the standard of the selected certificate data (step S21). For example, the standard of the certificate data prescribes information that defines the size of the facial image data and the background color. Processing of the facial image data may involve, for example, cropping the facial image data.

The processor 11 determines whether the processed facial image data conforms to the certificate data standards (step S22).

If it is determined that the processed facial image data does not conform to the certificate data standards (No in step S22), the processor 11 instructs the camera 16 to re-image (step S19). Then, the process proceeds to step S15.

If it is determined that the processed facial image data meets the standards of the certificate data (Yes in step S22), the processor 11 updates the facial image data (stored facial image data) stored in the certificate data to be updated with the processed facial image data as new facial image data for the certificate data to be updated (step S23).

According to the operational examples of Figures 4A and 4B, the terminal device 10 can preferably update the facial image data stored in the certificate data using facial image data captured during each of the identity verification processes A to C, which are performed at predetermined times. Therefore, compared to when the facial image data is not changed from the time the specified certificate data is first stored in the digital wallet, the terminal device 10 can update the facial image data in response to changes in the user's appearance in real space. Therefore, the terminal device 10 can improve the accuracy of identity verification using the facial image data of the certificate data when using the certificate data.

It should be noted that identity verification process D does not have to be performed between step S18 and step S20. In this case, in step S18, processor 11 may simultaneously determine whether the update conditions are met and whether the certificate data meets the standards (step S21). In this case, step S20 may be omitted. In this case, identity verification process D may be performed, for example, after step S22.

<Details of identity verification process>
Next, the details of the identity verification process will be described.
The following personal identification processes A to D correspond to the personal identification processes A to D shown in FIGS. 4A and 4B.

Personal identification process A is a process for identifying the user for logging in to terminal device 10. The target for matching (also referred to as match target A) in personal identification process A includes (A1) facial image data of the user's face captured by camera 16 at the time of login, and may include, for example, feature data from the facial image data. Match target A may include (A2) facial image data registered when setting up login to terminal device 10. Therefore, for example, the facial image data registered at the time of login setup may be stored in memory 12 in advance, or facial image data captured by camera 16 at a predetermined timing may be stored in memory 12. (A3) Match target A may be facial image data of any certificate data stored in the digital wallet.

The facial image data of any of the certificate data in (A3) is preferably facial image data of certificate data for which the timing of identity verification process A is to be performed is close to the expiration date, and it is preferable that a predetermined update reminder has been issued for the certificate data. Furthermore, it is preferable that the facial image data of any of the certificate data is facial image data of certificate data whose most recent update date and time is old.

The capture date and time of facial image data in certificate data that is close to its expiration date, certificate data for which an update reminder has been issued, and certificate data with an old update date and time has a large time difference from the time when identity verification process A was performed, and the user's facial features may have changed significantly. If matching using such facial image data is successful, it can be said that there is a very high possibility that the person is the identity of the person. Conversely, the facial image data of any of the certificate data may be the facial image data of the certificate data with the most recent update date and time, or it may be the facial image data of certificate data with a different update date and time.

The combination of multiple matching targets used in identity verification process A is, for example, a combination of (A1) and (A2), a combination of (A1) and (A3), or a combination of (A1), (A2), and (A3). Note that other data may also be used as a matching target and in the combination of multiple matching targets.

Personal identity verification process B is a process for verifying personal identity when the wallet application is launched. The object of verification in personal identity verification process B (also referred to as verification object B) includes (B1) facial image data of the user's face captured by camera 16 when the wallet application is launched, and may include, for example, feature data from the facial image data. Verification object B may be (B2) facial image data of any of the certificate data stored in the digital wallet. In other words, (B2) is the same as (A2).

The combination of multiple matching targets used in identity verification process B is, for example, (B1) and (B2). Note that other data may also be used as a matching target and in the combination of multiple matching targets.

Personal identification process C is a process for identifying the user when an image of the user's face is captured during facial image data update. The target for matching (also referred to as match target C) in personal identification process C includes (C1) facial image data of the user's face captured by camera 16 in step S15 of Figure 4B, and may include, for example, feature data from the facial image data. Match target C may be (C2) facial image data of any certificate data stored in the digital wallet. In other words, (C2) is the same as (A2) and (B2). Match target C may be (C3) facial image data (registered facial image data) registered as facial image data for facial image update. The registered facial image data may be facial image data stored (registered) in memory 12 at a predetermined timing.

The combination of multiple matching targets used in identity verification process C is, for example, the combination of (C1) and (C2), or the combination of (C2) and (C3). Note that other data may also be used as a matching target and in the combination of multiple matching targets.

Therefore, when the terminal device 10 uses the registered face image data (C3) for face matching, it does not need to use the captured face image data (C1) for face matching, so it is possible to omit capturing images using the camera 16 during matching, and face images can be updated quickly.

Personal identification process D is an identity verification process that is performed when certificate data to be updated is selected during facial image data update. The match target in personal identification process D (also referred to as match target D) includes (D1) facial image data of the user's face captured by camera 16 after the selection of certificate data to be updated, and may include, for example, feature data from the facial image data. Match target D may be (D2) facial image data of the certificate data to be updated stored in the digital wallet. Match target C may be (D3) registered facial image data. In other words, (D3) is the same as (C3).

The combination of multiple matching targets used in identity verification process D is, for example, a combination of (D1) and (D2), or a combination of (D2) and (D3). Note that other data may also be used as a matching target and in the combination of multiple matching targets.

Note that some physical certificates, such as passports, are not updated frequently. Therefore, if a long period of time passes since the certificate was issued, facial features may change (especially for children) from the original facial image data registered in the certificate data, increasing the likelihood that facial matching will fail (an error will occur) when it comes time to update the certificate, even if the user is the actual person. To avoid this situation, it is preferable for processor 11 to periodically perform facial matching using facial image data that is preferred as a matching target, as shown in (A3). For example, if the matching accuracy falls below a predetermined level after matching the features of the facial image data, processor 11 may capture an image of the user's face using camera 16 during this matching process to obtain facial image data, and store this in memory 12 as registered facial image data.

Note that it is not necessary for all four identity verification processes A to D to be performed. For example, it is sufficient if at least one of identity verification processes A to D is performed. Furthermore, if identity verification process C verifies (authenticates) that the user is the real person, identity verification process D may not be necessary.

Note that the identity verification process involves matching using at least the facial image data of multiple matching targets as described above, but other authentications may also be performed in addition. For example, the identity verification process may include authentication by entering a PIN in addition to matching using facial image data, thereby further improving the accuracy of identity authentication.

Furthermore, if the user is verified as the real person in identity verification processes A to D (i.e., verification is successful), the facial image data captured by the camera 16 used for verification may be stored in memory 12 as registered facial image data.

<Identity verification process taking into account matching errors>
Next, the personal identification process taking into consideration the possibility of a matching error will be described.

During identity verification processing, when updating the facial image data of each certificate data, if a long time has passed since the last update, the face cannot be determined to be that of the user in face matching (face authentication) using image data, and matching errors are likely to occur. Taking such matching errors into consideration, the processor 11 of the terminal device 10 may perform the following processing.

For example, processor 11 may repeatedly acquire facial image data by capturing an image of the user's face with camera 16 at a predetermined timing (e.g., periodically) separate from the timing of updating the facial image data in the certificate data. Processor 11 may use this facial image data to check the accuracy of matching the user. Processor 11 may store the acquired facial image data in memory 12 as registered facial image data. The above-mentioned predetermined timing may be, for example, the timing of logging in to terminal device 10 (i.e., the timing of identity verification process A), the timing of launching the wallet app (i.e., the timing of identity verification process B), or some other timing.

For example, if the matching check is successful, that is, if it is determined that the user is a legitimate user, the processor 11 may store the captured face image data that has been successfully matched in the memory 12 as registered face image data. Since logging in to the terminal device 10 and launching the wallet app occur relatively frequently, the processor 11 can store registered face image data that is close to the state of the user in real space by storing the captured face image data as registered face image data when logging in to the terminal device 10 or launching the wallet app.

For example, the identity verification process may include electronic identity verification (eKYC). eKYC stands for electronic Know Your Customer.

For example, the identity verification process may include a process of visual verification by a person. The visual verification process may include a process in which the communication unit 13 transmits facial image data of the user's face, captured by the camera 16 of the terminal device 10, to the administrator device, and a process in which the administrator device receives the facial image data from the terminal device 10 and displays it on a display or the like. The visual verification process may also include a process in which the administrator, who is the user of the administrator device, checks the display of the facial image data and compares it with, for example, the facial image on a certificate on physical media, to determine whether the person appearing in the facial image data is the user (whether matching was successful or not). The visual verification process may also include a process in which the administrator server inputs information on the matching result from the administrator via the input unit and transmits the information on the matching result to the terminal device 10, and a process in which the terminal device 10 obtains information on the matching result from the administrator server via the communication unit 13. As a result, even when the identity verification process is a visual verification process, the processor 11 can obtain the matching result and use it for subsequent processing.

Next, we will explain an example of the operation of the terminal device 10 taking into account registered face image data.

FIGS. 5A and 5B are flowcharts showing a second example of the operation of the terminal device. 5A and 5B show an example of the operation of the terminal device 10 taking into account registered face image data. In FIGS. 5A and 5B, the same steps as those in FIG. 4A or 4B are assigned the same step numbers, and their descriptions are omitted or simplified.

The terminal device 10 updates the facial image data in the certificate data stored in the digital wallet. At this time, the terminal device 10 performs identity verification processing at least once at a predetermined timing. If the identity verification processing results in verification that the person is the actual person, the terminal device 10 stores (registers) the facial image data used for verification in memory 12 so that it can be used for identity verification processing at a later time.

First, processor 11 executes a process to log in to terminal device 10 (step S11). When logging in at step S11, processor 11 may perform identity verification process A. If identity verification in identity verification process A is successful, login to terminal device 10 is permitted. Furthermore, if identity verification in identity verification process A is successful, processor 11 stores the facial image data that was successfully matched in identity verification process A as registered facial image data, for example, in memory 12 (step SH1).

Facial image data may be stored not only in memory 12 within the terminal device 10 but also in memory provided by an external device or system. This also applies to subsequent storage of facial image data.

Processor 11 launches the digital wallet application (wallet app) (step S12). When launching the wallet app in step S12, processor 11 may perform identity verification process B. If identity verification in identity verification process B is successful, launch of the wallet app is permitted. Furthermore, if identity verification in identity verification process A is successful, processor 11 stores the facial image data that was successfully matched in identity verification process B as a registered facial image, for example, in memory 12 (step SH2).

The processor 11 detects a tap on the facial image update button BT1 via the input unit 14 (step S13).

The processor 11 determines, for example, whether or not there is registered face image data stored in the memory 12 (step S31).

If registered face image data does not exist (No in step S31), the processor 11 activates the camera 16 and sends a capture instruction to the camera 16 (step S14).

The camera 16 receives an image capture instruction from the processor 11, and in accordance with the image capture instruction, captures an image of a subject including the face of the user of the terminal device 10, thereby obtaining facial image data including the user's face (step S15).

When capturing an image of a subject including the user's face in step S15 (e.g., after capturing the image), the processor 11 may perform identity verification processing C.

Processor 11 determines whether the identity of the person has been verified through identity verification process C, i.e., whether verification is successful (step S32).

If the identity of the person is verified through identity verification process C (Yes in step S32), that is, if identity verification in identity verification process C is successful, use of the facial image data captured in step S15 is permitted. In this case, processor 11 also determines whether or not to save the facial image data used in identity verification process C (step S33). For example, if an operation to save facial image data is received via input unit 14, it may be determined that this facial image data is to be saved. Furthermore, if the number of pieces of facial image data saved in memory 12 is equal to or less than a predetermined number, it may be determined that this facial image data is to be saved.

If it is determined that the facial image data used in identity verification process C should be saved (Yes in step S33), processor 11 saves (registers) the facial image data used in identity verification process C as registered facial image data, for example, in memory 12 (step SH3). After the processing of step SH3 is completed, the process proceeds to step S13 in FIG. 5A.

If it is determined in step S33 that the data should not be saved, the facial image data captured in step S15 can be used to update the facial image data in the certificate data, but it will not be saved as registered facial image data.

If registered face image data exists in step S31 (Yes in step S31), processor 11 acquires the saved registered face image data (step S34). In other words, processor 11 uses the registered face image data saved during one of identity verification processes A to C as the updated face image data.

In step S34, after the saved registered face image data is acquired, or if it is determined that the face image data used in identity verification process C will not be saved (No in step S33), processor 11 selects the certificate data for which the face image data will be updated (step S17).

The processor 11 determines whether the acquired facial image data meets the specified update conditions for facial image data required by the certificate data to be updated (step S18).

The facial image data acquired in step S18 may be registered facial image data or facial image data captured for the identity verification process performed at each timing (captured facial image data). This captured facial image data may include, for example, at least one of the facial image data captured in step S15, facial image data captured at login, and facial image data captured when the wallet app is launched.

If it is determined that the acquired facial image data does not meet the update conditions (No in step S18), the processor 11 instructs the camera 16 to re-image (step S19). Then, the process proceeds to step S15.

If it is determined that the acquired facial image data meets the update conditions (Yes in step S18), the processor 11 processes the facial image data in accordance with the standard of the selected certificate data (step S21).

The processor 11 determines whether the processed facial image data conforms to the certificate data standards (step S22).

If it is determined that the processed facial image data does not conform to the certificate data standards (No in step S22), the processor 11 instructs the camera 16 to re-image (step S19). Then, the process proceeds to step S15.

If it is determined that the processed facial image data meets the standards of the certificate data (Yes in step S22), the processor 11 updates the facial image data (stored facial image data) stored in the certificate data to be updated with the processed facial image data as new facial image data for the certificate data to be updated (step S23).

Furthermore, if the matching by the identity verification process C fails in step S32, that is, if the identity of the person cannot be verified by the identity verification process C (No in step S32), the processor 11 instructs the camera 16 to re-image (step S19). Then, the process proceeds to step S15.

According to the operational examples of Figures 5A and 5B, the terminal device 10 can preferably update the facial image data stored in the certificate data using facial image data captured during each of the identity verification processes A to C, which are performed at predetermined times. Therefore, compared to when the facial image data is not changed from the time the specified certificate data is first stored in the digital wallet, the terminal device 10 can update the facial image data in response to changes in the user's appearance in real space. Therefore, the terminal device 10 can improve the accuracy of identity verification using the facial image data of the certificate data when using the certificate data.

Furthermore, the terminal device 10 stores facial image data that has been successfully matched in the identity verification process as registered facial image data, which can be used when updating the facial image data of any certificate data later. This makes it possible to register facial image data that is close to the user's current state, improving the accuracy of identity verification. Furthermore, because the terminal device 10 performs matching using registered facial image data, it is possible to omit capturing images using the camera 16, and facial image data can be updated quickly.

Note that although the operational examples in Figures 5A and 5B illustrate an example in which identity verification process D is not performed, this is not limiting. Identity verification process D may also be performed at the same timing as in Figures 4A and 4B, i.e., when selecting face image data to be updated.

<Facial image data update reminder>
Next, the function of the face image data update reminder will be described.

Figure 6 shows a first example of an update reminder display.

On the menu screen G1, update reminder information RI regarding the update reminder may be displayed in a pop-up along with various buttons BT. In other words, the processor 11 may issue an update reminder by displaying the update reminder information RI on the display unit 15, or in FIG. 6, by displaying the update reminder information RI on the menu screen G1.

Furthermore, on the menu screen G1, the display mode DM1 of the face image update button BT1 differs from the display mode of the other buttons. The face image update button BT1 may be displayed larger than the other buttons BT, in a different color than the other buttons BT, in a different display pattern than the other buttons BT (e.g., hatched), flashing differently from the other buttons BT, or in a different flashing pattern than the other buttons BT (e.g., fast flashing), to indicate that the face image data needs to be updated. In other words, the processor 11 may issue an update reminder by displaying the face image update button BT1 in a different display mode from the other buttons BT.

Figure 7 shows a second example of an update reminder display.

On the wallet list screen G2, update reminder information RI related to update reminders is displayed as a pop-up along with various certificate data SM. In other words, the processor 11 may issue an update reminder by having the display unit 15 display the update reminder information RI on the wallet list screen G2. In more detail, the processor 11 may display the update reminder information RI for the certificate data SM to be updated (e.g., certificate data SM1). The certificate data SM to be updated may be specified via the input unit 14, or may be automatically specified by the processor 11.

Furthermore, when performing identity verification processing, processor 11 may derive (e.g., calculate) the matching accuracy of the identity verification processing, and if the derived matching accuracy is equal to or lower than a predetermined matching accuracy, may issue a facial image data update reminder as illustrated in Figures 6 and 7. In other words, rather than attempting to uniformly update facial image data based on the expiration date of certificate data, etc., processor 11 may update facial image data at a practical timing when the matching accuracy based on facial image data has decreased.

In this way, the terminal device 10 of this embodiment can preferably update the facial image data stored in the certificate data using facial image data captured during identity verification processing and registered facial image data. Therefore, compared to when the facial image data is not changed from the time the specified certificate data is first stored in the digital wallet, the terminal device 10 can update the facial image data in response to changes in the user's appearance in real space. Therefore, the terminal device 10 can improve the accuracy of identity verification using the facial image data of the certificate data when using the certificate data.

In this embodiment, the terminal device 10 performs the processing related to updating the facial image data by itself, but this is not limited to this. For example, the processing related to updating the facial image data may be distributed by a system including the terminal device 10 and a server device. In other words, part of the processing performed by the terminal device 10 may be performed by the server device. The server device may be configured as an on-premise server device, or may be configured as a cloud server device on a network. The server device may be configured as a single computer, or may be configured as a distributed system of multiple computers.

Second Embodiment
In the second embodiment, an information processing system including a terminal device 10 and a server device will be described, in which processes related to updating face image data and updating personal identification certificate data are performed.

FIG. 8 is a diagram showing an example configuration of an information processing system 5 according to the second embodiment of the present disclosure. The information processing system 5 includes a terminal device 10 and a server device 20. The terminal device 10 and the server device 20 are connected to each other so that they can communicate with each other via wired or wireless communication.

The configuration of the terminal device 10 is the same as that of the terminal device 10 of the first embodiment shown in Figure 1, so a description thereof will be omitted. The terminal device 10 has at least the same components and functions as those of the first embodiment, and performs the same operations as those of the first embodiment. The terminal device 10 also has the functions of this embodiment, which will be described later, and performs the operations of this embodiment, which will be described later.

Server device 20 may be a server device of a public institution, a server device of a private business, or some other server device. Server device 20 performs various authentication, verification, judgment, and other processes, and issues various certificate data (digital certificates).

The server device 20 may be configured as an on-premise server device, or as a cloud-based server device on a network. The server device 20 may be configured as a single computer, or may be configured as a distributed system consisting of multiple computers.

The server device 20 includes a processor 21, a memory 22, and a communication unit 23.

The processor 21 may be configured using, for example, a CPU, DSP, or GPU. The processor 21 may also be configured using various integrated circuits (for example, an LSI or FPGA). The processor 21 realizes various functions by executing programs stored in the memory 22. The processor 21 comprehensively controls each part of the terminal device 10 and performs various processes.

For example, the processor 21 functions as a verification unit 211 and a certificate generation unit 212. The verification unit 211 performs various verification-related processes, such as verifying the validity of various certificate data. The certificate generation unit 212 generates specified certificate data.

Memory 22 includes, for example, RAM or ROM. Memory 22 may include volatile memory or non-volatile memory. Memory 22 may include, for example, an HDD, SSD, optical disk, SD card, etc. Memory 22 may also be an external storage medium, and may be detachable from server device 20. Memory 22 stores various data, information, programs, etc.

The communication unit 23 communicates various data or information according to a wired or wireless communication method. The communication method used by the communication unit 23 may include, for example, a LAN, a WAN, a mobile phone network, or power line communication. The communication unit 23 communicates, for example, with an external communication device (e.g., the terminal device 10) or a network.

Next, we will explain the timing of face matching using facial image data and the target of matching.

The timing of face matching may include when the terminal device 10 logs in. Face matching when the terminal device 10 logs in is used, for example, to determine terminal authority. The terminal authority determination is a determination regarding the authority to use the terminal device 10. Face matching when the terminal device 10 logs in may be performed based on face image data captured by the terminal device 10 and face image data (an example of second face image data) registered on the terminal device 10.

The timing of face matching may include when logging in to the wallet app. Face matching when logging in to the wallet app may be performed based on face image data captured by the terminal device 10 and face image data (an example of second face image data) registered when setting up the wallet app.

The timing of face matching may include the time when the certificate data is actually used. Face matching when the certificate data is used may be performed based on face image data captured by the terminal device 10 and face image data (an example of third face image data) stored in the selected certificate data (e.g., qualification data).

The timing of face matching may include when the face image data contained in various certificate data is updated. Face matching when updating a face image may be performed based on face image data captured by the terminal device 10 or face image data captured at the time of login, and face image data stored in the certificate data to be updated (an example of third face image data).

Next, the operation of the information processing system 5 will be described.

Figure 9 is a sequence diagram showing an example of the operation when the information processing system 5 issues official identification card data.

The data of an official identification card is an example of official certificate data, such as a digital My Number card (electronic My Number card), which is an electronic version of the My Number card. In Figure 9, server device 20 is a server device that performs official verification and issuance.

In this embodiment, the wallet application executed by the processor 11 of the terminal device 10 is also referred to as the wallet application 111 (see Figure 8). The My Number Card is also referred to as the MNC. MNC is an abbreviation for My Number Card.

Furthermore, it is assumed that the server device 20 holds information related to the user's physical My Number card when the processing of Figure 9 begins. The information related to the My Number card here includes, for example, the four pieces of user information described below and facial image data. Specifically, the My Number card (MNVC) includes information such as name, address, date of birth, gender, facial image data, expiration date, and MNC electronic certificate (i.e., My Number card electronic certificate). The digital My Number card may include the same information as the physical My Number card (MNC). Note that the information related to the My Number card here includes at least some of the information included on the My Number card, and may not include facial image data.

First, the wallet application 111 of the terminal device 10 activates the camera 16 (step S101). The wallet application 111 sends an image capture request to the camera 16 (step S102). The camera 16 captures an image of the face of the user of the terminal device 10 (step S103). The wallet application 111 acquires facial image data captured by the camera 16 (also referred to as captured facial image data) from the camera 16 (step S104).

The wallet application 111 instructs the user to place the physical My Number Card (MNC) in a predetermined position on the terminal device 10, for example, by displaying predetermined information on the display unit 15 (step S105).

The user places their own My Number card in a designated position on the terminal device 10. The input unit 14 also accepts input of PIN (Personal Identification Number) information from the user (step S106).

The wallet application 111 acquires the information stored in the chip of the My Number card (chip information) (step S107). The chip information includes the four pieces of information held by the My Number card (specifically, address, name, date of birth, and gender) and facial image data. Note that the chip information does not have to include facial image data. The wallet application 111 may acquire the chip information from the My Number card, for example, by contactless wireless communication (NFC: Near Field Communication) or contact wireless communication of the communication unit 13.

The wallet application 111 performs face matching based on the captured face image data and the face image data included in the chip information (step S108). This face matching checks whether the two sets of face image data are of the same person. The wallet application 111 determines whether the face matching was successful (face matching OK) (step S109).

The wallet application 111 transmits the acquired chip information to the server device 20 via the communication unit 13 (step S110). The server device 20 receives the chip information from the terminal device 10.

The server device 20 performs a predetermined validity determination based on the information in the chip (step S111). For example, the server device 20 compares information about the My Number card stored in advance as information for each user with the acquired information in the chip. The server device 20 then determines whether there is information about the My Number card that matches the information in the chip. If there is information about the My Number card that matches the information in the chip, it may be determined to be valid. If there is no information about the My Number card that matches the information in the chip, it may be determined to be invalid.

Based on the above determination, the server device 20 determines whether the user's My Number card that holds the information in the chip is valid (step S112). If it is determined to be valid (Yes in step S113), the server device 20 generates an electronic My Number card (electronic MNC) by digitizing the My Number card of the user that was determined to be valid (step S113). The electronic My Number card may contain the same information as a physical My Number card, and may include information such as name, address, date of birth, gender, facial image data, expiration date, MNC electronic certificate, etc. In other words, expiration date information is attached to this electronic My Number card.

The server device 20 issues an electronic My Number card with expiration date information attached, and transmits this electronic My Number card to the terminal device 10 (step S114).

The wallet application 111 of the terminal device 10 receives the electronic My Number card from the server device 20 via the communication unit 13 and stores it within the wallet application 111 (step S115). The wallet application 111 also references the expiration date information attached to the electronic My Number card and manages the expiration date of the electronic My Number card (step S115).

According to the operational example shown in Figure 9, the information processing system 5 acquires information such as the four information and facial image data from the My Number card, generates and issues an electronic My Number card whose validity is guaranteed by the server device 20, and stores it in the wallet application 111 of the terminal device 10.

Note that if the information in the chip of the My Number Card does not include facial image data, steps S108 and S109 may be omitted, i.e., the processing related to facial matching may be omitted. In this case, when the wallet application 111 recognizes in step S107 that facial image data has not been acquired, it proceeds to step S110. Then, if the server device 20 determines that the information in the chip other than the facial image data is valid, the wallet application 111 of the terminal device 10 stores the electronic My Number Card in the wallet application.

FIG. 10 is a sequence diagram showing an example of the operation when the information processing system 5 issues private certificate data. In FIG. 10, the explanation of the same processes as those in the example of operation shown in FIG. 9 will be omitted or simplified.

Private certificate data is an example of private certificate data, such as a digital employee ID card (electronic employee ID card) that is an electronic version of an employee ID card. In Figure 10, server device 20 is a server device that performs private verification and issuance.

Furthermore, it is assumed that when the processing of Figure 10 begins, the server device 20 is managing and registering (retaining) information related to the user's physical employee ID card, i.e., employee information related to employees of a specified company. Employee information here includes, for example, the employee's name, address, date of birth, gender, facial image data, expiration date, employee number, etc. Note that the employee information here may not include facial image data. Employee information here also includes information on the expiration date of the employee ID card, etc.

First, the wallet application 111 of the terminal device 10 activates the camera 16 (step S201). The wallet application 111 sends an image capture request to the camera 16 (step S202). The camera 16 captures an image of the face of the user of the terminal device 10 (step S203). The wallet application 111 acquires the face image data captured by the camera 16 (captured face image data) from the camera 16 (step S204).

The wallet application 111 instructs the user to enter the required information, for example, by displaying specified information via the display unit 15. The input unit 14 accepts the required information from the user (step S205). The required information here is, for example, information required for employee verification, and includes the user's name and employee number. The wallet application 111 acquires the required information entered via the input unit 14 (step S206).

The wallet application 111 transmits the captured facial image data, the acquired necessary information, and issuance request information requesting the issuance of a digital employee ID card to the server device 20 via the communication unit 13 (step S207). The server device 20 receives the captured facial image data, the necessary information, and the issuance request information.

The server device 20 collates employee information about the user of the terminal device 10 based on the captured facial image data and required information in accordance with the acquired issuance request information (step S208). For example, the server device 20 compares employee information for each employee with the acquired captured facial image data and required information. The server device 20 then determines whether facial image data and required information (name, employee number, and other information) that match the employee information are present.

Based on the above determination, the server device 20 determines whether the user corresponding to the facial image data and necessary information is a legitimate employee (matching OK) (step S209). If it is determined that the user is a legitimate employee (Yes in step S209), the server device 20 generates a digital employee ID card by digitizing the employee ID card of the user determined to be valid (step S210). The digital employee ID card may contain the same information as a physical employee ID card, such as the employee's name, address, date of birth, gender, facial image data, expiration date, employee number, etc. In other words, the digital employee ID card is provided with expiration date information.

The server device 20 issues a digital employee ID card with expiration date information attached, and sends this digital employee ID card to the terminal device 10 (step S211).

The wallet application 111 of the terminal device 10 receives the digital employee ID card from the server device 20 via the communication unit 13 and stores it within the wallet application 111 (step S212). The wallet application 111 also references the expiration date information attached to the digital employee ID card and manages the expiration date of the digital employee ID card (step S212).

According to the operational example shown in Figure 10, the information processing system 5 obtains the necessary information required to issue a digital employee ID card from the employee user's input, generates and issues a digital employee ID card whose validity is guaranteed by the server device 20, and stores it in the wallet application 111 of the terminal device 10.

FIGS. 11A and 11B are diagrams showing an example of the operation of the information processing system 5 when the expiration date of facial image data is approaching. In FIGS. 11A and 11B, explanations of processes similar to those in the example of operation shown in FIG. 9 or FIG. 10 will be omitted or simplified.

In Figures 11A and 11B, it is assumed that facial image data held by various certificate data has an expiration date. Expiration date information is included, for example, in the certificate data. In Figures 11A and 11B, server device 20 is a server device that performs public or private verification and issuance.

First, the wallet application 111 of the terminal device 10 references the expiration date information for each stored credential data (an example of certificate data), measures the current time, and determines whether the expiration date of the facial image data for any of the credential data has arrived (step S301). In other words, the wallet application 111 determines whether the predetermined period from the current time to the expiration date of the facial image data is less than or equal to threshold value th1 (for example, within six months). This determination of whether the expiration date has arrived may be made continuously or discontinuously. It may also be made, for example, at a set time each day.

If the expiration date is approaching (Yes in step S301), the wallet application 111 issues an alert indicating that the expiration date is approaching, for example by displaying predetermined information on the display unit 15 (step S302). Note that at the time the expiration date arrives or the time the alert is issued, the expiration date of the credential data has not yet arrived or the credential data is still valid.

The user checks the alert regarding the expiration date. The input unit 14 accepts input from the user to update the facial image data. In this case, for example, when the expiration date alert is issued, the display unit 15 displays the menu screen G1 of the wallet application 111 illustrated in FIG. 2. The input unit 14 accepts pressing of the facial image update button BT1 on this menu screen G1 (step S303).

The wallet application 111 activates the camera 16 (step S304). The wallet application 111 sends an image capture request to the camera 16 (step S305). The camera 16 captures an image of the face of the user of the terminal device 10 (step S306). The wallet application 111 acquires the face image data captured by the camera 16 (captured face image data) from the camera 16 (step S307).

The wallet application 111 performs face matching of the user's face. In this case, the wallet application 111 performs face matching, for example, based on captured face image data and registered face image data (step S308). The registered face image data may be obtained from memory 12. The wallet application 111 may also perform face matching based on captured face image data and face image data included in the certificate data.

In addition, the wallet application 111 may send captured facial image data via the communication unit 13, and the server device 20 may acquire the captured facial image data, perform facial matching, and send the facial matching results to the terminal device 10. In this case, the server device 20 may perform facial matching based on the captured facial image and facial image data included in information related to the My Number card or employee information stored in the server device 20.

The wallet application 111 determines whether the face matching was successful (face matching OK) (step S309). If the face matching failed (No in step S309), the wallet application 111 proceeds to step S304 and controls the camera 16 to re-image the user's face.

The wallet application 111 acquires information on the processing conditions for the facial image data (step S310). The information on the processing conditions may be stored in advance in, for example, memory 12, and may be acquired from memory 12. The information on the processing conditions may include, for example, information specifying the size and background color of the facial image data according to the certificate data standard. The processing conditions for the facial image data here correspond to the update conditions for the facial image data described in the first embodiment.

The wallet application 111 processes the facial image data based on the acquired processing conditions (step S311). In this case, the wallet application 111 performs, for example, trimming of the facial image data.

Note that the information regarding processing in this embodiment may be the same as the processing described in the first embodiment.

After step S311, the wallet application 111 associates the captured face image data (processed captured face image data) with the certificate data (also referred to as stored certificate data) stored in the wallet application 111 (step S312). The certificate data here is, for example, an electronic My Number card or a digital employee ID card. The certificate data here is the existing old certificate data. The stored certificate data in step S312 is the stored certificate data for the certificate data whose face image data is about to expire.

The wallet application 111 sends a verification request to the server device 20 via the communication unit 13 to verify the stored credential data (step S313). This verification request may include, for example, all data included in the stored credential data and the processed captured face image data. Furthermore, this verification request may include the electronic certificate included in the stored credential data and the processed captured face image data, but may not include other data. The electronic certificate may include an electronic signature.

The server device 20 receives a verification request from the terminal device 10. The server device 20 verifies the validity of the stored credential data in accordance with the verification request (step S314). For example, the server device 20 stores in advance information about the My Number card and employee information shown in Figures 9 and 10 for each user and employee.

If the verification request includes all data included in the stored credential data and the processed captured facial image data, the server device 20 may perform verification based on all data in the stored credential data and the processed captured facial image data, and information previously stored by the server device 20 (for example, information related to the My Number card and employee information). For example, the server device 20 determines whether the information previously stored in the server device 20 contains data that matches all data in the stored credential data and the processed captured facial image data included in the verification request. For example, the server device 20 determines that the verification was successful if the matching data is included in the information previously stored in the server device 20. For example, the server device 20 determines that the verification failed if the matching data is not included in the information previously stored in the server device 20.

If the verification request includes an electronic certificate and processed captured facial image data included in the stored credential data, the server device 20 may perform verification based on this electronic certificate and captured facial image data, and information previously stored by the server device 20 (e.g., information related to the My Number card and employee information). For example, the server device 20 determines whether the information previously stored in the server device 20 contains data that matches the electronic certificate and processed captured facial image data of the stored credential data included in the verification request. For example, the server device 20 determines that verification was successful if the matching data is included in the information previously stored in the server device 20. For example, the server device 20 determines that verification failed if the matching data is not included in the information previously stored in the server device 20.

Furthermore, the electronic certificate acquired by the server device 20 from the terminal device 10 includes information in the stored credential data that has been encrypted using a hash value or key. Therefore, the server device 20 can acquire all of the stored credential data by decrypting the information in the electronic certificate.

The server device 20 determines whether the stored credential data was successfully verified (step S315).

If it is determined that the verification in step S314 has failed (No in step S315), the information processing system 5 proceeds to step S304 or step S311. In other words, if the verification has failed, the server device 20 transmits verification failure information indicating that the verification has failed to the terminal device 10. In the terminal device 10, the wallet application 111 acquires the verification failure information via the communication unit 13. The wallet application 111 may then proceed to step S304 and re-image the user's face. Alternatively, the wallet application 111 may proceed to step S311 and re-process the captured face image data. The terminal device 10 aims to succeed in the verification by performing such re-imaging or re-processing.

On the other hand, if it is determined that the verification in step S314 was successful (Yes in step S315), the server device 20 generates updated credential data (updated credential data, new credential data) by updating the facial image data of the stored credential data (old credential data) with the processed captured facial image data (step S316). In other words, the server device 20 generates updated credential data in which the processed captured facial image data and the credential data are associated (bound). Expiration date information is attached to the updated credential data. Expiration date information is also attached to the updated, processed captured facial image data.

The server device 20 updates the retained credential data with the generated updated credential data and stores the updated credential data in the memory of the server device 20 (step S317).

The server device 20 issues updated credential data with expiration date information attached, and transmits this updated credential data to the terminal device 10 (step S318).

The wallet application 111 of the terminal device 10 receives the updated credential data from the server device 20 via the communication unit 13 and stores it within the wallet application 111 (step S319). The wallet application 111 also references the expiration date information attached to the updated credential data and manages the expiration date of the updated credential data (step S319).

The wallet application 111 stores the processed captured face image data as processed face image data within the wallet application 111 or in memory 12 (step S320). The wallet application 111 may refer to the expiration date information in the update credential data, and if the current time measured by the wallet application 111 has passed the expiration date, delete the stored processed face image data.

Furthermore, in step S301, if the expiration date of the facial image data has not arrived for any of the credential data (No in step S301), in other words, if the expiration date of the facial image data is longer than a predetermined period, the input unit 14 accepts input from the user to select the desired wallet (step S321). In this case, the wallet application 111 may display the wallet list screen G2 on the display unit 15 and accept input from the user via the input unit 14.

According to the operational example of Figures 11A and 11B, when the expiration date of the facial image data of each credential data is approaching, the information processing system 5 can generate and issue updated credential data in which the facial image data has been updated using captured facial image data (e.g., the latest facial image data) obtained at this time, and store the updated credential data in the wallet application 111 of the terminal device 10. Note that in this case, the facial image data is updated and a new expiration date is set, but the credential data itself is not updated, and the expiration date of the credential data will remain the same as it was previously.

Note that in steps S310 and S311, the standard for the certificate data may change, and the processing conditions for the facial image data may also change. Therefore, the verifying party (e.g., server device 20) that verifies the certificate data may process the captured facial image data in accordance with changeable processing conditions.

FIGS. 12A and 12B are sequence diagrams showing an example of the operation of the information processing system 5 when face matching accuracy is reduced when logging in to the wallet app. In FIGS. 12A and 12B, explanations of processes similar to those in the operation examples shown in FIGS. 9, 10, 11A, or 11B are omitted or simplified. In FIGS. 12A and 12B, the server device 20 is a server device that performs public or private verification and issuance.

First, the input unit 14 of the terminal device 10 accepts input from the user to select the wallet application 111, and sends the selection information for the wallet application 111 to the processor 11 (step S401). The processor 11 acquires the selection information for the wallet application 111, and launches the wallet application 111 in accordance with this selection information (step S402). The wallet application 111 displays the wallet list screen G2 on the display unit 15 (step S403).

The user of the terminal device 10 checks the display of the wallet list screen G2. The input unit 14 accepts input from the user to select the desired credential data (step S404). Based on the accepted input information, the input unit 14 sends a credential usage request to the wallet application 111 requesting the use of the selected credential data (step S405).

In accordance with the credential usage request, the wallet application 111 displays a screen (face matching guidance screen) on the display unit 15 that prompts the user to perform face matching (step S406). The wallet application 111 activates the camera 16 (S407). The wallet application 111 sends an image capture request to the camera 16 (step S408).

The camera 16 captures an image of the face of the user of the terminal device 10 (step S409). The wallet application 111 acquires the facial image data captured by the camera 16 (captured facial image data) from the camera 16 (step S410). The wallet application 111 temporarily stores the captured facial image data within the wallet application 111 (step S411).

The wallet application 111 calls and obtains the facial image data included in the selected certificate data (also referred to as facial image data within the certificate) (step S412).

The wallet application 111 performs face matching based on the captured face image data and the face image data in the certificate (step S413). As a result of the face matching, the wallet application 111 determines whether the matching accuracy is equal to or greater than threshold th2 (step S414). The matching accuracy corresponds to, for example, the similarity in the features between the captured face image data to be compared and the face image data in the certificate, and indicates the likelihood that the person shown in the two face image data is the same person.

If the matching accuracy is equal to or greater than threshold th2 (Yes in step S414), the wallet application 111 determines that face matching was successful (face matching OK). The wallet application 111 then logs in to the wallet application 111 (step S415). The wallet application 111 then ends the processing of FIGS. 12A and 12B.

On the other hand, if the matching accuracy is less than threshold th2 (No in step S414), the wallet application 111 determines that the face matching has failed (face matching NG). Then, the wallet application 111 displays information regarding the update timing of the face image data on the display unit 15 (step S416). In addition, the wallet application 111 displays the wallet application 111 menu screen G1 on the display unit 15.

The user checks the information regarding the update timing. The input unit 14 accepts input (e.g., pressing) to select the facial image update button BT1 using the menu screen G1 of the wallet application 111 (step S417).

The wallet application 111 acquires selection information indicating that the facial image update button BT1 has been selected from the input unit 14. The wallet application 111 then retrieves and acquires the temporarily stored captured facial image data (step S418).

The wallet application 111 determines whether the acquired captured facial image data is usable (step S419). For example, if the captured facial image data meets the specified conditions required for the captured facial image data of the certificate data, such as size, orientation, and brightness, the wallet application 111 may determine that the captured facial image data is usable, and if the captured facial image data does not meet the above conditions, the wallet application 111 may determine that the captured facial image data is unusable.

If the captured facial image data is unavailable (No in step S419), the wallet application 111 activates the camera 16 (step S420). The wallet application 111 sends an image capture request to the camera 16 (step S421).

The camera 16 captures an image of the face of the user of the terminal device 10 (step S422). The wallet application 111 acquires the facial image data captured by the camera 16 (captured facial image data) from the camera 16 (step S423).

The wallet application 111 calls and obtains the facial image data from the selected certificate data (step S424).

After step S424, or if the captured facial image data is available (Yes in step S419), the wallet application 111 acquires information on the processing conditions for the captured facial image data. The wallet application 111 processes the captured facial image data based on the acquired processing conditions (step S425).

The wallet application 111 associates the processed captured face image data with the credential data stored in the wallet application 111 (stored credential data) (step S426). The stored credential data in step S412 is the stored credential data for the selected credential data.

The wallet application 111 sends a verification request to verify the stored credential data to the server device 20 via the communication unit 13 (step S427). This verification request may be the same as the verification request shown in Figure 11B.

The server device 20 receives a verification request from the terminal device 10. The server device 20 verifies the validity of the stored credential data in accordance with the verification request (step S428). The verification here may be the same as the verification shown in FIG. 11B. The server device 20 determines whether the verification of the stored credential data was successful (step S429).

If it is determined that the verification in step S428 failed (No in step S429), the information processing system 5 proceeds to step S420 or step S425.

On the other hand, if it is determined that the verification in step S428 was successful (Yes in step S429), the server device 20 generates updated credential data (updated credential data, new credential data) by updating the facial image data of the stored credential data to the processed captured facial image data (step S430). Expiration date information is attached to the updated credential data. In addition, expiration date information is also attached to the updated, processed captured facial image data.

The server device 20 updates the retained credential data with the generated updated credential data and stores the updated credential data in the memory of the server device 20 (step S431).

The server device 20 issues updated credential data with expiration date information attached, and transmits this updated credential data to the terminal device 10 (step S432).

The wallet application 111 of the terminal device 10 receives the updated credential data from the server device 20 via the communication unit 13 and stores it within the wallet application 111 (step S433). The wallet application 111 also references the expiration date information attached to the updated credential data and manages the expiration date of the updated credential data (step S433).

The wallet application 111 stores the processed facial image data within the wallet application 111 or in memory 12 as processed captured facial image data (step S434). The wallet application 111 may refer to the expiration date information in the update credential data, and if the current time measured by the wallet application 111 has passed the expiration date, delete the stored processed facial image data.

In other words, the processing from step S425 to step S434 in Figure 12B is the same as the processing from step S311 to step S320 in Figures 11A and 11B.

According to the operational example of Figures 12A and 12B, if the matching accuracy of the face matching performed when logging in to the wallet application 111 has decreased, the information processing system 5 can generate and issue updated credential data in which the face image data has been updated using the captured face image data obtained when the login attempt failed, and store the updated credential data in the wallet application 111 of the terminal device 10. Note that in this case, the face image data is updated and a new expiration date is set, but the credential data itself is not updated, and the expiration date of the credential data will remain the same as it was previously.

Note that although Figures 12A and 12B illustrate an example in which the determination of whether the face matching accuracy has decreased is made when logging in to the wallet application 111, this is not limited to this and may be made at other times.

FIGS. 13A and 13B are diagrams showing an example of the operation of the information processing system 5 when an expiration date alert for credential data is issued. In FIGS. 13A and 13B, explanations of processes similar to those in the operation examples shown in FIGS. 9, 10, 11A, 11B, 12A, and 12B will be omitted or simplified.

FIGS. 13A and 13B assume that the expiration date of the certificate data arrives after the facial image data of the certificate data has been updated in FIGS. 12A and 12B. It is assumed that, at the start of the processing in FIGS. 13A and 13B, the wallet application 111 of the terminal device 10 has already stored processed facial image data. This facial image data is, for example, the processed facial image data stored in step S434 of FIG. 12B, and is based on facial image data captured within a predetermined period (for example, within six months). In FIGS. 13A and 13B, the server device 20 is a server device that performs public or private verification and issuance.

First, the input unit 14 of the terminal device 10 accepts input from the user to select the wallet application 111, and sends the selection information for the wallet application 111 to the processor 11 (step S501). The processor 11 acquires the selection information for the wallet application 111, and launches the wallet application 111 in accordance with this selection information (step S502).

The wallet application 111 displays the wallet list screen G2 on the display unit 15 (step S503). The wallet application 111 receives user input via the input unit 14 and specifies the desired credential. The wallet application 111 displays at least a portion of the information contained in the stored credential data (also referred to as target credential data) for the specified credential on the display unit 15 (step S504).

Wallet application 111 references the expiration date information of the credential data included in the target credential data, measures the current time, and determines whether the expiration date will arrive. In other words, wallet application 111 determines whether the period from the current time to the expiration date of the target credential data is less than or equal to threshold value th3 (for example, within six months). If the expiration date will arrive, that is, if the period is less than or equal to threshold value th3, wallet application 111 displays alert information indicating the expiration date is approaching on display unit 15 (step S504).

The user checks the displayed target credential data and expiration date alert information. The display unit 15 displays the menu screen G1 of the wallet application 111. The input unit 14 accepts the user pressing the facial image update button BT1 (step S505). For example, if the data contained in the target credential data (e.g., name, address, employee number) has not changed, the user presses the facial image update button BT1 using the input unit 14.

The wallet application 111 retrieves and acquires the processed captured facial image data stored and associated with the target credential data (step S506).

The wallet application 111 determines whether the acquired processed facial image data is within the expiration date of the facial image data (step S507). In this case, for example, the wallet application 111 determines whether the current time has passed the expiration date of the facial image data, that is, whether the current time is before the expiration date.

If the facial image data is not within the expiration date (No in step S507), that is, if the current time has passed the expiration date of the facial image data, the wallet application 111 causes the camera 16 to re-capture the facial image and associates the re-captured, processed facial image data for the target credential with the target stored credential data (step S508). Specifically, the wallet application 111 deletes the stored facial image data whose expiration date has passed. The wallet application 111 activates the camera 16 and sends an image capture request to the camera 16. The camera 16 captures (re-captures) the face of the user of the terminal device 10 in accordance with the image capture request. The wallet application 111 acquires the facial image data (captured facial image data) captured (re-captured) by the camera 16 from the camera 16. In other words, the terminal device 10 performs processing similar to steps S420 to S423 described above. The wallet application 111 then compares the acquired captured facial image data with the facial image data contained in the target credential data. If the match is successful, the wallet application 111 processes the captured face image data based on the processing conditions, and associates the processed face image data (i.e., processed face image data for the target certificate) with the target stored certificate data.

On the other hand, if the facial image data is within its expiration date (Yes in step S507), the wallet application 111 associates the acquired processed facial image data (i.e., processed facial image data for the target certificate) with the target stored certificate data (step S509).

The wallet application 111 sends a verification request to the server device 20 via the communication unit 13 to verify the target stored credential data (step S510). This verification request may be similar to the verification requests shown in Figures 11B and 12B.

The server device 20 receives a verification request from the terminal device 10. The server device 20 verifies the validity of the stored credential data in accordance with the verification request (step S511). The server device 20 determines whether the verification was successful (step S512). The verification here may be similar to the verification shown in Figures 11B and 12B.

For example, the stored credential data related to steps S427 and S428 in FIG. 12B is the stored credential data of the target related to steps S510 and S511 in FIG. 13B. For example, the processed captured face image data related to steps S427 and S428 in FIG. 12B is the processed face image data for the target credential related to steps S510 and S511 in FIG. 13B.

If it is determined that the verification in step S511 has failed (No in step S512), the server device 20 terminates the processing in Figures 13A and 13B.

On the other hand, if it is determined that the verification in step S511 was successful (Yes in step S512), the server device 20 generates updated credential data (updated credential data, new credential data) by updating the facial image data of the target stored credential data to processed facial image data for the target credential (step S513). The updated credential data is accompanied by expiration date information.

The server device 20 updates the retained target credential data to the generated target updated credential data, and stores the target updated credential data in the memory of the server device 20 (step S514).

The server device 20 issues the target update credential data with expiration date information attached, and transmits this target update credential data to the terminal device 10 (step S515).

The wallet application 111 of the terminal device 10 receives the target update credential data from the server device 20 via the communication unit 13 and stores it within the wallet application 111 (step S516). The wallet application 111 also references the expiration date information attached to the target update credential data and manages the expiration date of the target update credential data (step S516).

Furthermore, after the facial image update button BT1 is pressed in step S505, the input unit 14 accepts input from the user to select the desired wallet (step S517). In this case, the wallet application 111 may display the wallet list screen G2 on the display unit 15 and accept input from the user via the input unit 14. In other words, the information processing system 5 can update the credential data to include facial image data as necessary based on the expiration date of the credential data and issue updated credential data, and also allow the user to select the wallet they want to use.

Note that this is the same as the processing in steps S510 to S517 in Figure 13B, the processing in steps S427 to S434 in Figure 12B, and the processing in steps S313 to S320 in Figures 11A and 11B.

According to the operational example of Figures 13A and 13B, when the expiration date of the credential data is approaching, the information processing system 5 generates and issues updated credential data including processed facial image data that was registered (stored) before the expiration date, and stores this data in the wallet application 111 of the terminal device 10. In this case, the facial image data will have the most recently updated and set expiration date, and the credential data itself will be updated and a new expiration date will be set.

Therefore, if the information processing system 5 updates the facial image data of the qualification data (e.g., an electronic My Number card) and the content of the qualification data itself consecutively within a specified period, the updated facial image data can be used as the facial image data of the qualification data after the content itself has been updated.

In this way, like the first embodiment, the information processing system 5 of this embodiment can improve the accuracy of identity verification using facial image data of identity verification certificate data that electronically certifies the identity of a person. Furthermore, the information processing system 5 can issue updated certificate data whose authenticity is verified by the server device 20 and in which the facial image data has been updated, and can store this updated certificate data in the terminal device 10. Therefore, using the terminal device 10, users can easily use updated certificate data that contains facial image data with high facial matching accuracy.

In this embodiment, each operation example illustrates processing of captured facial image data, but this is not limited to this. For example, if facial image data in a desired state is obtained as captured facial image data from the beginning, the captured facial image data can be used as facial image data for renewal certificate data without being processed.

(Outline of the embodiment)
As a result, the present disclosure describes at least the following: Note that, in parentheses, examples of components corresponding to those in the above-described embodiments are given, but the present disclosure is not limited to these.

(Item 1)
A terminal device (terminal device 10) including a processor (processor 11) and a camera (camera 16),
The processor:
Acquire first face image data (captured face image data) obtained by capturing an image of the user's face with the camera;
Acquire second face image data (registered face image data) that has been registered in advance, or third face image data (stored certificate face image data) that has been stored in personal identification certificate data that certifies that the user is the person in question,
comparing the first facial image data with the second facial image data or the third facial image data;
If the matching is successful, updating the third face image data based on the first face image data.
Terminal device.

This allows the terminal device to change the facial image used to match the face of the user of the certificate data in real space at a specified timing. The updated facial image data is used to match the face when using the certificate data that stores this updated facial image data. Therefore, even if the characteristics of the person certified by the certificate data have changed, appropriate facial matching using the facial image can be achieved when using the certificate data, improving the accuracy of identity verification.

(Item 2)
a memory,
the memory holds a digital wallet;
The digital wallet stores at least one identity verification certificate data.
Item 1. The terminal device according to item 1.

This allows the terminal device to store various identity verification certificate data in the digital wallet, while improving the accuracy of identity verification using facial image data from each identity verification certificate data.

(Item 3)
The processor performs the verification when logging in to the terminal device or launching the digital wallet application.
Item 2. The terminal device according to item 2.

As a result, since terminal devices frequently log in to their devices and launch digital wallet applications, face matching is also performed frequently, and the frequency of updating face image data can be increased. Therefore, the terminal device can perform face matching using updated face image data that more closely reflects facial features in real space.

(Item 4)
The camera captures an image of the user's face when logging in to the terminal device or when launching the digital wallet application,
The processor:
acquires the first face image data in which the face of the user is captured from the camera;
storing the first facial image data in the memory as the second facial image data;
Item 2 or 3. The terminal device according to item 2 or 3.

As a result, the terminal device can frequently register the second facial image data because logins to the terminal device and launching of digital wallet applications are frequently performed. Therefore, the terminal device can quickly update the third facial image data using the second facial image data that more closely reflects facial features in real space.

(Item 5)
the processor processes the first facial image data based on an update condition of the personal identification certificate data to be updated;
updating the third face image data with the processed first face image data;
5. The terminal device according to any one of items 1 to 4.

This allows the terminal device to store the facial image data (first facial image data) that is updated and stored in the certificate data in a state that matches the update conditions, such as the format and imaging conditions, of each certificate data. This makes it easier for the terminal device to use the certificate data that stores the updated facial image data.

(Item 6)
An information processing system (information processing system 5) including a terminal device and a server device (server device 20),
The terminal device
acquiring first face image data obtained by capturing an image of the user's face with a camera;
Acquire second facial image data that has been registered in advance, or third facial image data that is stored in personal identification certificate data that certifies that the user is the person in question,
comparing the first facial image data with the second facial image data or the third facial image data;
If the matching is successful, updating the third face image data based on the first face image data.
Information processing system.

This allows the information processing system to achieve the same effect as item 1.

(Item 7)
The terminal device
Acquire the identity verification certificate data (credentials data),
transmitting the first facial image data and the personal identification certificate data to the server device in association with each other;
The server device
receiving the associated first facial image data and the associated personal identification certificate data;
Verifying the authenticity of the identity certificate data;
If the verification of the authenticity of the personal identification certificate data is successful, updating the third face image data held in the personal identification certificate data with the first face image data to generate updated certificate data (updated credential data) in which the personal identification certificate data is updated;
transmitting the renewal certificate data to the terminal device;
The terminal device
receiving and retaining the renewal certificate data;
Item 7. The information processing system according to item 6.

As a result, the information processing system can issue updated certificate data whose authenticity is verified by the server device and whose facial image data has been updated, and store this updated certificate data in the terminal device. This allows users to easily use updated certificate data containing facial image data with high facial matching accuracy using their terminal device.

(Item 8)
The terminal device
Acquire information on processing conditions for the face image data;
processing the first facial image data based on the processing conditions;
transmitting the processed first face image data and the personal identification certificate data to the server device in association with each other;
storing the processed first face image data;
Item 8. The information processing system according to item 7.

As a result, the information processing system can issue updated certificate data using the first facial image data that has been processed in a specific manner. The information processing system can also store the processed facial image data used at this time, making it possible to use the processed facial image data at a later time.

(Item 9)
The terminal device
Measure the current time,
If the period from the current time to the expiration date of the third facial image data is equal to or less than a first threshold (threshold th1), the first facial image data and the personal identification certificate data are associated with each other and transmitted to the server device.
Item 9. The information processing system according to item 7 or 8.

As a result, when the expiration date of the facial image data in the personal identification certificate data is approaching, the information processing system can generate and issue personal identification certificate data in which the third facial image data has been updated with the first facial image data (e.g., the latest facial image data) obtained at this time, and store the data in the terminal device.

(Item 10)
The terminal device
performing the matching between the first facial image data and the second facial image data;
If the matching accuracy obtained as a result of the matching is equal to or less than a second threshold (threshold th2), the first face image data and the personal identification certificate data are associated with each other and transmitted to the server device.
Item 9. The information processing system according to item 7 or 8.

As a result, if the accuracy of facial matching decreases when logging in to a specific application, for example, the information processing system can generate and issue personal identification certificate data in which the third facial image data is updated using the first facial image data obtained when the login attempt fails, and store the data in the wallet application 111 of the terminal device 10.

(Item 11)
The terminal device
If the period from the current time to the expiration date of the personal identification certificate data is equal to or less than a third threshold, the stored processed first face image data is acquired;
If the current time is before the expiration date of the processed first facial image data, the processed first facial image data and the personal identification certificate data are transmitted to the server device in association with each other.
Item 10. The information processing system according to item 9.

As a result, when the expiration date of the identification certificate data is approaching, the information processing system can generate and issue updated identification certificate data using the registered (stored) processed facial image data, and store it in the terminal device. This allows the information processing system to reduce the effort required to capture a new image of the user's face.

(Item 12)
acquiring first face image data obtained by capturing an image of the user's face with a camera;
Acquiring second facial image data that has been registered in advance or third facial image data that is stored in personal identification certificate data that certifies that the user is the person in question;
comparing the first facial image data with the second facial image data or the third facial image data;
If the matching is successful, updating the third facial image data based on the first facial image data;
A data update method comprising:

This allows the data update method to achieve the same effect as item 1.

(Item 13)
Item 13. A program that causes a computer to execute the data updating method according to Item 12.

This allows the program to achieve the same effect as item 1.

Although various embodiments have been described above with reference to the drawings, it goes without saying that the present disclosure is not limited to such examples. It is clear that a person skilled in the art could conceive of various modifications or alterations within the scope of the claims, and it is understood that these naturally fall within the technical scope of the present disclosure. Furthermore, the components of the above embodiments may be combined in any manner as long as they do not deviate from the spirit of the invention.

The above embodiment may also be applicable to a program that implements the functions of the data update method, which is supplied to a computer (e.g., terminal device 10) via a network or various storage media, and is read and executed by the processor of this computer, as well as to the storage media on which this program is stored.

This disclosure is based on a Japanese patent application filed on June 28, 2024 (application number: Patent application 2024-105297) and a Japanese patent application filed on February 21, 2025 (application number: Patent application 2025-027303), the contents of which are incorporated herein by reference.

This disclosure is useful for terminal devices, information processing systems, data update methods, programs, etc. that can improve the accuracy of identity verification using facial image data from identity verification certificate data that electronically verifies identity.

5 Information processing system 10 Terminal device 11 Processor 12 Memory 13 Communication unit 14 Input unit 15 Display unit 16 Camera 20 Server device 21 Processor 21
22 Memory 23 Communication unit 111 Wallet application 211 Verification unit 212 Certificate generation unit KG Facial image data G1 Menu screen G2 Wallet list screen SM Certificate data RI Update reminder information

Claims (13)

A terminal device comprising a processor and a camera,
The processor:
acquiring first face image data obtained by capturing an image of the user's face with the camera;
Acquire second facial image data that has been registered in advance, or third facial image data that is stored in personal identification certificate data that certifies that the user is the person in question,
comparing the first facial image data with the second facial image data or the third facial image data;
If the matching is successful, updating the third face image data based on the first face image data.
Terminal device. a memory,
the memory holds a digital wallet;
The digital wallet stores at least one identity verification certificate data.
The terminal device according to claim 1 . The processor performs the verification when logging in to the terminal device or launching the digital wallet application.
The terminal device according to claim 2 . The camera captures an image of the user's face when logging in to the terminal device or when launching the digital wallet application,
The processor:
acquires the first face image data in which the face of the user is captured from the camera;
storing the first facial image data in the memory as the second facial image data;
The terminal device according to claim 2 . the processor processes the first facial image data based on an update condition of the personal identification certificate data to be updated;
updating the third face image data with the processed first face image data;
The terminal device according to claim 1 or 2. An information processing system including a terminal device and a server device,
The terminal device
acquiring first face image data obtained by capturing an image of the user's face with a camera;
Acquire second facial image data that has been registered in advance, or third facial image data that is stored in personal identification certificate data that certifies that the user is the person in question,
comparing the first facial image data with the second facial image data or the third facial image data;
If the matching is successful, updating the third face image data based on the first face image data.
Information processing system. The terminal device
Acquire the identity verification certificate data;
transmitting the first facial image data and the personal identification certificate data to the server device in association with each other;
The server device
receiving the associated first facial image data and the associated personal identification certificate data;
Verifying the authenticity of the identity certificate data;
If the authenticity of the personal identification certificate data is successfully verified, updating the third face image data stored in the personal identification certificate data with the first face image data to generate updated certificate data in which the personal identification certificate data is updated;
transmitting the renewal certificate data to the terminal device;
The terminal device
receiving and retaining the renewal certificate data;
The information processing system according to claim 6. The terminal device
Acquire information on processing conditions for the face image data;
processing the first facial image data based on the processing conditions;
transmitting the processed first face image data and the personal identification certificate data to the server device in association with each other;
storing the processed first face image data;
The information processing system according to claim 7 . The terminal device
Measure the current time,
if the period from the current time to the expiration date of the third facial image data is equal to or less than a first threshold, the first facial image data and the personal identification certificate data are associated with each other and transmitted to the server device;
The information processing system according to claim 7 . The terminal device
performing the matching between the first facial image data and the second facial image data;
If the matching accuracy obtained as a result of the matching is equal to or less than a second threshold, the first face image data and the personal identification certificate data are associated with each other and transmitted to the server device.
The information processing system according to claim 7 . The terminal device
If the period from the current time to the expiration date of the personal identification certificate data is equal to or less than a third threshold, the stored processed first face image data is acquired;
If the current time is before the expiration date of the processed first facial image data, the processed first facial image data and the personal identification certificate data are transmitted to the server device in association with each other.
The information processing system according to claim 9 . acquiring first face image data obtained by capturing an image of the user's face with a camera;
Acquiring second facial image data that has been registered in advance or third facial image data that is stored in personal identification certificate data that certifies that the user is the person in question;
comparing the first facial image data with the second facial image data or the third facial image data;
If the matching is successful, updating the third facial image data based on the first facial image data;
A data update method comprising: A program that causes a computer to execute the data update method described in claim 12.