JP7548376B2 - Server device, server device control method and computer program - Google Patents

Description

The present invention relates to a server device, a terminal, a system, a method for controlling a server device, and a storage medium.

Patent Document 1 discloses a ticketless boarding system that uses passengers' biometric information (facial images) to carry out various procedures through facial recognition at multiple checkpoints in the airport (check-in lobbies, security checkpoints, boarding gates, etc.).

Patent Document 2 describes a security inspection confirmation system that can strengthen security inspections at airports. The system in Patent Document 2 includes a storage unit, a matching unit, and a notification unit. The storage unit stores first facial image data of a person included in a first captured image acquired by a first imaging unit. The matching unit matches second facial image data of a passenger included in a second captured image acquired by a second imaging unit with the first facial image data. The notification unit notifies the result of the matching by the matching unit.

JP 2007-079656 A JP 2019-125237 A

In the systems disclosed in Patent Documents 1 and 2, user authentication is achieved by comparing biometric information registered in a storage unit (database) with biometric information acquired from a terminal. Here, as the number of users registered in the database increases, the number of users with similar faces also increases, and authentication accuracy deteriorates. In particular, gate devices installed at airports and other locations where passengers board aircraft are the final checkpoint in the boarding process, so high accuracy is required for authentication at these gate devices.

The main objective of the present invention is to provide a server device, a terminal, a system, a method for controlling a server device, and a storage medium that contribute to realizing highly accurate biometric authentication.

According to a first aspect of the present invention, a server device is provided that includes a receiving unit that receives an authentication request from at least one terminal, and a processing unit that processes the authentication request by referring to a database that stores biometric information of each of a plurality of users, and the processing unit processes the authentication request using some of the biometric information when the terminal that transmits the authentication request is a terminal of a predetermined type.

According to a second aspect of the present invention, a terminal is provided that transmits an authentication request including a terminal identifier indicating the type of the terminal to a server device that determines a database to be referenced when performing biometric authentication.

According to a third aspect of the present invention, a system is provided that includes at least one terminal and a server device connected to the at least one terminal, the server device having a receiving unit that receives an authentication request from the at least one terminal, and a processing unit that processes the authentication request by referring to a database that stores biometric information of each of a plurality of users, and the processing unit processes the authentication request using some of the biometric information of the plurality of biometric information when the terminal that transmits the authentication request is a terminal of a predetermined type.

According to a fourth aspect of the present invention, a method for controlling a server device is provided, in which a server device receives an authentication request from at least one terminal, and if the terminal sending the authentication request is a terminal of a predetermined type, processes the authentication request using some of the biometric information stored in a database.

According to a fifth aspect of the present invention, a computer-readable storage medium is provided that stores a program for causing a computer mounted on a server device to execute the following processes: receiving an authentication request from at least one terminal; and, if the terminal sending the authentication request is a terminal of a predetermined type, executing an authentication process using some of the biometric information stored in a database.

According to each aspect of the present invention, a server device, a terminal, a system, a method for controlling a server device, and a storage medium are provided that contribute to realizing highly accurate biometric authentication. Note that the effects of the present invention are not limited to the above. The present invention may achieve other effects instead of or in addition to the effects.

FIG. 1 is a diagram for explaining an overview of an embodiment. 1 is a diagram showing an example of a schematic configuration of a boarding procedure system according to a first embodiment; 4 is a diagram showing an example of table information that associates terminal types with terminal identifiers according to the first embodiment; FIG. FIG. 2 is a diagram illustrating an example of a processing configuration of a check-in terminal according to the first embodiment. FIG. 4 is a diagram for explaining the operation of a system registration unit according to the first embodiment. FIG. 2 is a diagram illustrating an example of a processing configuration of a system registration unit according to the first embodiment. FIG. 2 is a diagram illustrating an example of a processing configuration of a boarding gate apparatus according to the first embodiment. FIG. 11 is a diagram illustrating an example of an authentication request according to the first embodiment. FIG. 2 is a diagram illustrating an example of a processing configuration of a server device according to the first embodiment. FIG. 4 is a diagram illustrating an example of a first authentication information database according to the first embodiment. FIG. 4 is a diagram illustrating an example of a second authentication information database according to the first embodiment. FIG. 11 is a diagram illustrating an example of a third authentication information database according to the first embodiment. FIG. 2 is a diagram illustrating an example of a business information database according to the first embodiment. FIG. 4 is a sequence diagram showing an example of the operation of the boarding procedure system according to the first embodiment. FIG. 2 illustrates an example of a hardware configuration of a server device.

First, an overview of one embodiment will be described. The reference numbers in the drawings are added to each element for convenience as an example to aid in understanding, and the description of this overview is not intended to be limiting in any way. Furthermore, unless otherwise specified, the blocks shown in each drawing represent functional units rather than hardware units. The connection lines between blocks in each drawing include both bidirectional and unidirectional lines. Unidirectional arrows are used to indicate the flow of the main signal (data) and do not exclude bidirectionality. In this specification and drawings, elements that can be described in the same way may be given the same reference numbers to avoid duplicated explanations.

A server device 100 according to one embodiment includes a receiving unit 101 and a processing unit 102 (see FIG. 1). The receiving unit 101 receives an authentication request from at least one terminal. The processing unit 102 processes the authentication request by referring to a database that stores biometric information of each of a plurality of users. If the terminal that transmits the authentication request is a predetermined type of terminal, the processing unit 102 processes the authentication request using some of the biometric information among the plurality of pieces of biometric information.

If the terminal that sent the authentication request is a predetermined type of terminal, the server device 100 processes the authentication request using some of the multiple pieces of biometric information stored in the database. For example, if the terminal is a boarding gate device installed at a boarding gate, the server device 100 sets the biometric information related to passengers on the flight for which the boarding gate device is determining whether the user can pass as the subject of biometric authentication. As a result, the number of entries that are the subject of matching processing is reduced, improving the accuracy of biometric authentication.

Specific embodiments are described in more detail below with reference to the drawings.

[First embodiment]
The first embodiment will be described in more detail with reference to the drawings.

[System Configuration]
Fig. 2 is a diagram showing an example of a schematic configuration of a check-in system according to the first embodiment. The check-in system according to the first embodiment is a system that realizes a series of procedures at an airport (baggage check, security check, etc.) by biometric authentication. The check-in system shown in Fig. 2 is operated, for example, by a public institution such as an immigration control bureau or a contractor entrusted with the business by the public institution.

In this disclosure, "boarding procedures" refers to the series of procedures carried out from check-in to boarding the aircraft.

Referring to FIG. 2, the boarding procedure system includes a check-in terminal 10, a baggage drop machine 11, a passenger passage system 12, a gate device 13, a lounge gate 14, a boarding gate device 15, and a server device 20.

The check-in terminal 10, baggage drop machine 11, passenger passage system 12, gate device 13, lounge gate 14, and boarding gate device 15 are terminals (touch points) installed at the airport. These terminals are connected to the server device 20 via a network. The network shown in FIG. 2 is composed of a LAN (Local Area Network), including the airport's on-site communication network, a WAN (Wide Area Network), a mobile communication network, etc. The connection method is not limited to a wired method, and may be a wireless method.

The server device 20 is installed in a facility of an airport company or the like. Alternatively, the server device 20 may be a server installed in a cloud on a network.

Note that the configuration shown in FIG. 2 is an example and is not intended to limit the configuration of the boarding system. The boarding system may also include terminals not shown.

The boarding procedure for users is carried out at each terminal shown in FIG. 2. Specifically, a series of procedures when a user departs the country is carried out sequentially at terminals installed at five locations excluding lounge gate 14. In the boarding procedure system shown in FIG. 2, the boarding procedure for users is realized by authentication using biometric information (biometric authentication).

Biometric information in this disclosure includes face images, fingerprint images, iris images, finger vein images, palm print images, palm vein images, etc. Biometric information may be one or more pieces of information. Note that the term "biometric information" in this disclosure refers to an image that includes all or part of a living body and features extracted from the image.

When a user (system user) who wishes to check in using biometric authentication arrives at the airport, they operate the check-in terminal 10 to carry out the "check-in procedure." The system user presents the check-in terminal 10 with a paper airline ticket, a two-dimensional barcode containing boarding information, a mobile device displaying a copy of the e-ticket, or the like. Once the check-in procedure is complete, the check-in terminal 10 outputs a boarding pass. The boarding pass includes both paper and electronic boarding passes.

A system user who has completed the check-in procedure and wishes to use biometric authentication for boarding procedures performs system registration using the check-in terminal 10. Specifically, the system user has the check-in terminal 10 read the boarding pass and passport they have acquired. The check-in terminal 10 also acquires the system user's biometric information (e.g., a facial image).

The check-in terminal 10 transmits information related to these (boarding pass, passport, biometric information) to the server device 20.

The server device 20 checks the validity of the information obtained from the check-in terminal 10. Specifically, the server device 20 checks the validity of the presented passport. Upon completing this check, the server device 20 registers the system user. Specifically, the server device 20 issues a token to be used for the boarding procedure of the user registered in the system.

The issued token is identified by a token ID (identifier). Information required for boarding procedures (e.g., biometric information, business information required for boarding procedures, etc.) is associated via the token ID. In other words, a "token" is issued together with the registration of a system user, and is identification information that enables the registered system user to undergo boarding procedures using biometric information. Once a token (token ID) is issued, the system user can use boarding procedures that use biometric authentication.

In response to the generation of the token, the server device 20 adds entries to various databases (DBs). The server device 20 mainly has two types of databases.

The first type of database is an authentication information database that stores authentication information (a combination of a token ID and biometric information). The database stores at least the token ID and the biometric information (facial image, feature amount) in association with each other. The server device 20 executes the authentication process by referring to the authentication information database.

The server device 20 has first to third authentication information databases with different data storage structures. The server device 20 determines (selects) the authentication information database to be referenced depending on the type of terminal that is the sender of the authentication request. Details regarding the determination of the authentication information database will be described later.

The second type of database is a database that stores business information (hereinafter referred to as a business information database). The business information database stores token IDs and business information in association with each other.

When a system user to whom a token has been issued arrives at a terminal (touch point; for example, a baggage drop machine 11, etc.), biometric information (for example, a facial image) is acquired at the terminal. The terminal sends an authentication request to the server device 20, including a terminal identifier indicating the type (category) of the device and a facial image.

The terminal identifier is identification information defined by a system administrator or the like. The server device 20 manages the terminal identifiers and the corresponding terminal types using table information such as that shown in FIG. 3. A corresponding terminal identifier is registered (input) for each terminal. When multiple terminals of the same type are included in the system, the same terminal identifier is assigned. For example, when multiple check-in terminals 10 are included in the system, "T01" is registered for each check-in terminal 10.

The server device 20 refers to one of the multiple authentication information databases based on the terminal identifier extracted from the authentication request. The server device 20 executes a matching process (1:N matching; N is a positive integer, same below) using the biometric information acquired from the terminal and the biometric information stored in the authentication information database. The token ID is identified by the matching process.

The server device 20 transmits the authentication result, including the token ID and business information identified by the authentication process (matching process), to the terminal. The user's boarding procedure is carried out based on the business information.

The check-in terminal 10 is installed in the check-in lobby of the airport. As described above, the user uses the check-in terminal 10 to register with the system in order to carry out the boarding procedure using biometric authentication. The system user also operates the check-in terminal 10 to carry out the check-in procedure. In other words, the check-in terminal 10 is also a self-service terminal that is operated by the user to carry out the check-in procedure. The check-in terminal 10 is also called a CUSS (Common Use Self Service) terminal. After completing the check-in procedure, the user proceeds to the baggage drop-off area or security checkpoint.

The baggage drop machine 11 is installed in an area adjacent to the baggage counter (manned counter) in the airport or in an area near the check-in terminal 10. The baggage drop machine 11 is a self-service terminal that is operated by a user to carry out the procedure for dropping off baggage that will not be carried on board the aircraft (baggage drop procedure). The baggage drop machine 11 is also called a CUBD (Common Use Bag Drop) terminal. After completing the baggage drop procedure, the user proceeds to the security inspection area. Note that if the user does not check in baggage, the baggage drop procedure is omitted.

The passenger passage system 12 is a gate device installed at the entrance to the security checkpoint in the airport. The passenger passage system 12 is also called a PRS (Passenger Reconciliation System), and is a system that determines whether or not a user can pass through the security checkpoint at the entrance. After passing through the passenger passage system 12 and completing the security check procedure, the user moves to the departure inspection area.

Gate device 13 is installed at the immigration area in the airport. Gate device 13 is a device that automatically performs immigration procedures for users. After completing immigration procedures, users move to the departure area where lounges, duty-free shops, and boarding gates are located.

Lounge gate 14 is located in the departure area at the entrance to the lounge. Users spend time in the lounge operated by an airline or other entity until their aircraft takes off. Normally, use of the lounge is limited to users of the airline that operates the lounge. Lounge gate 14 is a gate device used to verify whether or not a user is eligible to use the lounge, and is not related to boarding procedures.

The boarding gate device 15 is a passage control device installed at each boarding gate in the departure area. The boarding gate device 15 is the final gate device in the series of procedures for departure inspection (inspection using biometric information). The boarding gate device 15 is also called an ABG (Automated Boarding Gates) terminal. The boarding gate device 15 verifies that the user is a passenger of an aircraft that can be boarded from the boarding gate. After passing through the boarding gate device 15, the user boards the aircraft and departs for a second country.

Note that the boarding procedure using biometric authentication by the devices shown in FIG. 2 (check-in terminal 10, baggage drop machine 11, passenger passage system 12, gate device 13, boarding gate device 15) is just one example, and is not intended to limit the devices used in the procedure. For example, devices other than the above devices may be used for the boarding procedure, or some of the above devices may not be used for the procedure. For example, gate device 13 may not be included in the boarding procedure system.

The server device 20 is a server device for supporting and managing the above-mentioned boarding procedures. The server device 20 manages token IDs. Specifically, the server device 20 issues and invalidates token IDs. The server device 20 also processes authentication requests from various terminals in the airport.

Next, we will explain the details of each device included in the boarding procedure system according to the first embodiment. In the following explanation, we will use the user's "face image" as an example of biometric information.

[Check-in terminal]
As described above, the check-in terminal 10 is a device that provides system users with operations related to check-in procedures and system registration.

Fig. 4 is a diagram showing an example of a processing configuration (processing module) of the check-in terminal 10 according to the first embodiment. Referring to Fig. 4, the check-in terminal 10 includes a communication control unit 201, a system registration unit 202, a token issuance request unit 203, a message output unit 204, a check-in execution unit 205, and a memory unit 206.

The communication control unit 201 is a means for controlling communication with other devices. For example, the communication control unit 201 receives data (packets) from the server device 20. The communication control unit 201 also transmits data to the server device 20. The communication control unit 201 passes data received from other devices to other processing modules. The communication control unit 201 transmits data acquired from other processing modules to other devices. In this way, the other processing modules send and receive data to and from other devices via the communication control unit 201.

The system registration unit 202 is a means for performing system registration of a user who wishes to check in using biometric authentication. For example, after the check-in procedure is completed, the system registration unit 202 provides the user with a GUI (Graphical User Interface) for confirming whether or not the user wishes to "check in using a facial image" (see FIG. 5).

When a user requests boarding using a facial image, the system registration unit 202 obtains three pieces of information (information printed on the boarding pass, information printed on the passport, and biometric information) using a GUI for obtaining the three pieces of information.

The system registration unit 202 has three sub-modules. FIG. 6 is a diagram showing an example of the processing configuration (processing module) of the system registration unit 202 according to the first embodiment. As shown in FIG. 6, the system registration unit 202 has a boarding pass information acquisition unit 211, a passport information acquisition unit 212, and a biometric information acquisition unit 213.

The boarding pass information acquisition unit 211 is a means for acquiring information (hereinafter referred to as boarding pass information) printed on a boarding pass held by a system user. The boarding pass information acquisition unit 211 controls a reader such as a scanner (not shown) to acquire the boarding pass information.

Boarding pass information includes name (first name, last name), airline code, flight number, boarding date, departure airport (boarding airport), destination airport (arrival airport), seat number, boarding time, arrival time, etc.

The passport information acquisition unit 212 is a means for acquiring information (hereinafter referred to as passport information) written on a passport held by a system user. The passport information acquisition unit 212 controls a reader such as a scanner to acquire passport information.

Passport information includes a facial image (hereinafter referred to as a passport facial image), name, gender, nationality, passport number, passport issuing country, etc.

The biometric information acquisition unit 213 is a means for acquiring biometric information of a system user. The biometric information acquisition unit 213 controls a camera and acquires a facial image of the system user. For example, when the biometric information acquisition unit 213 detects a face in an image that is constantly or periodically captured, it captures a picture of the user's face and acquires the facial image.

Before capturing a facial image, the biometric information acquisition unit 213 preferably displays a guidance message regarding capturing a facial image via the message output unit 204. For example, the biometric information acquisition unit 213 displays a message such as "We will capture an image of your face and register it in the system. The registered facial image will be deleted from the system after boarding is complete."

The system registration unit 202 passes the three pieces of acquired information (boarding pass information, passport information, and biometric information) to the token issuance request unit 203.

The token issuance request unit 203 shown in FIG. 4 is a means for requesting the server device 20 to issue a token. The token issuance request unit 203 generates a token issuance request including boarding pass information, passport information, and biometric information (facial image). The token issuance request unit 203 transmits the generated token issuance request to the server device 20.

The token issuance request unit 203 passes the response (response to the token issuance request) obtained from the server device 20 to the message output unit 204.

The message output unit 204 is a means for outputting various messages. For example, the message output unit 204 outputs a message in response to a response obtained from the server device 20.

When a response (positive response) indicating that the token has been successfully issued is received, the message output unit 204 outputs that information. For example, the message output unit 204 outputs a message such as "Future procedures can be carried out using facial recognition."

If a response (negative response) is received indicating that the token issuance has failed, the message output unit 204 outputs that information. For example, the message output unit 204 outputs a message such as "Sorry. We cannot process your request using face authentication. Please proceed to a manned booth."

The check-in execution unit 205 is a means for carrying out the check-in procedure for the user. The check-in execution unit 205 executes the check-in procedure, such as seat selection, based on the airline ticket presented by the user. For example, the check-in execution unit 205 transmits the information written on the airline ticket to a DCS (Departure Control System) and obtains the information to be written on the boarding pass from the DCS. Note that the operation of the check-in execution unit 205 can be the same as the operation of existing check-in terminals, so a detailed explanation will be omitted.

The memory unit 206 is a means for storing information necessary for the operation of the check-in terminal 10.

[Boarding gate equipment]
Fig. 7 is a diagram showing an example of a processing configuration (processing module) of the boarding gate device 15 according to the first embodiment. Referring to Fig. 7, the boarding gate device 15 includes a communication control unit 301, a biometric information acquisition unit 302, an authentication request unit 303, a function realization unit 304, and a storage unit 305.

The communication control unit 301 is a means for controlling communication with other devices. For example, the communication control unit 301 receives data (packets) from the server device 20. The communication control unit 301 also transmits data to the server device 20. The communication control unit 301 passes data received from other devices to other processing modules. The communication control unit 301 transmits data acquired from other processing modules to other devices. In this way, the other processing modules send and receive data to and from other devices via the communication control unit 301.

The biometric information acquisition unit 302 is a means for controlling a camera (not shown) and acquiring biometric information of a user. The biometric information acquisition unit 302 captures an image in front of the device periodically or at a predetermined timing. The biometric information acquisition unit 302 determines whether the acquired image contains a human face image, and if a face image is included, extracts the face image from the acquired image data.

Note that the facial image detection process and facial image extraction process performed by the biometric information acquisition unit 302 can use existing technology, so detailed explanations will be omitted. For example, the biometric information acquisition unit 302 may extract a facial image (face area) from image data using a learning model trained by a CNN (Convolutional Neural Network). Alternatively, the biometric information acquisition unit 302 may extract a facial image using a method such as template matching.

The biometric information acquisition unit 302 passes the extracted facial image to the authentication request unit 303.

The authentication request unit 303 is a means for requesting authentication of the user in front of the server device 20. The authentication request unit 303 generates an authentication request including a terminal identifier assigned to the device itself, the acquired face image, motion information, etc. (see FIG. 8).

The terminal identifier is as described above. "T06" assigned to the boarding gate device 15 is set as the terminal identifier.

The operation information is information about the operation of the boarding gate device 15 when the authentication request is sent. Specifically, the flight number assigned to the aircraft for which the boarding gate device 15 is determining whether or not to allow boarding is set as the operation information.

The authentication request unit 303 receives a response to the authentication request from the server device 20.

If the authentication result is "authentication failed," the authentication request unit 303 notifies the user accordingly.

If the authentication result is "authentication successful," the authentication request unit 303 notifies the function realization unit 304 of that fact. In addition, the authentication request unit 303 passes the token ID and business information acquired from the server device 20 to the function realization unit 304.

The function realization unit 304 is a means for realizing the functions of the boarding gate device 15. The function realization unit 304 identifies the flight number of the aircraft that the user (the person who has been successfully authenticated) can board from the acquired business information. If the identified flight number matches the flight number assigned to the function realization unit 304, the function realization unit 304 allows the person who has been successfully authenticated to pass through the gate. Note that the operation of the function realization unit 304 can be the same as the operation of existing boarding gate devices, so a detailed explanation will be omitted. Also, an employee working for the airline of the aircraft that the person boards from the boarding gate device 15 can assign (input) the necessary flight number to the boarding gate device 15.

The memory unit 305 is a means for storing information necessary for the operation of the boarding gate device 15.

[Other devices]
The basic processing configuration of the other terminals included in the boarding procedure system (baggage drop machine 11, passenger passage system 12, gate device 13, lounge gate 14) can be the same as the processing configuration of boarding gate device 15 shown in Fig. 7, so detailed explanation will be omitted. Each terminal acquires biometric information (face image) of the system user and requests authentication using the acquired biometric information from server device 20. If authentication is successful, the function assigned to each terminal is executed.

However, the authentication request unit 303 of each terminal generates different authentication requests. Specifically, the authentication request unit 303 of the passenger passage system 12 and the gate device 13 does not need to set a value for the "operation information" because its operation does not change depending on the time of day or installation location, etc. (the operation information can be left blank). Alternatively, the authentication request unit 303 of the passenger passage system 12, etc. may send an authentication request that does not include operation information to the server device 20.

The authentication request unit 303 of the baggage check-in machine 11 sets the airline code of the airline that manages the machine in the operation information. Similarly, the authentication request unit 303 of the lounge gate 14 sets the airline code of the airline that operates the lounge in the operation information.

[Server device]
Fig. 9 is a diagram showing an example of a processing configuration (processing module) of the server device 20 according to the first embodiment. Referring to Fig. 9, the server device 20 includes a communication control unit 401, a token generating unit 402, a database management unit 403, an authentication request processing unit 404, and a storage unit 405.

The communication control unit 401 is a means for controlling communication with other devices. For example, the communication control unit 401 receives data (packets) from the check-in terminal 10. The communication control unit 401 also transmits data to the check-in terminal 10. The communication control unit 401 passes data received from other devices to other processing modules. The communication control unit 401 transmits data acquired from other processing modules to other devices. In this way, the other processing modules transmit and receive data with other devices via the communication control unit 401. The communication control unit 401 functions as a receiving unit for receiving an authentication request from a terminal.

The token generation unit 402 is a means for generating a token in response to a token generation request from the check-in terminal 10. At that time, the token generation unit 402 judges the validity of the passport presented by the user.

Specifically, the token generation unit 402 determines whether the person who presented a passport to the check-in terminal 10 and the person who was issued the passport are the same person. To perform this determination, the token generation unit 402 extracts the facial image included in the token generation request (the facial image of the system user) and the passport facial image included in the passport information. The token generation unit 402 determines whether these two facial images substantially match.

The token generation unit 402 performs matching (one-to-one matching) of the two facial images. The token generation unit 402 calculates feature vectors from each of the two images. The token generation unit 402 calculates the similarity (e.g., Euclidean distance) between the two images, and determines whether the two images are facial images of the same person based on the result of threshold processing on the calculated similarity. For example, if the similarity is greater than a predetermined value (if the distance is shorter than a predetermined value), the token generation unit 402 determines that the two facial images are of the same person.

When the token generation unit 402 successfully determines the validity of the passport using the biometric information, it issues a token. For example, the token generation unit 402 generates a unique value as a token ID based on the date and time of processing, a sequence number, etc.

When the token generating unit 402 generates a token (token ID), it transmits a positive response (token issued) to the check-in terminal 10. When the token generating unit 402 fails to generate a token ID, it transmits a negative response (token not issued) to the check-in terminal 10.

When the token generation unit 402 successfully generates (issues) the token ID, it passes the generated token ID, boarding pass information, passport information, and facial image (facial image of the system user) to the database management unit 403.

The database management unit 403 is a means (management unit) for managing various databases constructed in the server device 20.

As described above, the server device 20 has multiple authentication information databases and business information databases.

The first authentication information database stores biometric information for each of multiple users. The first authentication information database stores authentication information (token ID, biometric information) for users without any particular distinction (see FIG. 10). For example, the first authentication information database stores the authentication information of users in the order of their system registration.

The second authentication information database stores the biometric information of each of multiple users by airline (airline code) (see Figure 11).

The third authentication information database stores the biometric information of each of multiple users for each flight number (see Figure 12).

Referring to Figures 10 to 12, each authentication information database has fields for storing the token ID, feature amount, invalidation flag, invalidation time, etc.

As described above, the token ID is a temporarily issued identifier. When the user completes the procedures at the boarding gate device 15, the token ID is invalidated. In other words, the token ID is not a permanently used identifier, but a one-time ID with a validity period (life cycle).

The invalid flag is flag information that indicates whether the token ID is currently valid or not. The invalid flag is cleared to "0" if the token ID is valid, and is set to "1" if the token ID is invalid. The invalid time is the timestamp when the token ID was invalidated.

Note that the authentication information databases shown in Figures 10 to 12 are examples and are not intended to limit the items to be stored. For example, the facial image of the system user, the token issuance time, and the token issuing device may be stored in the authentication information database. Alternatively, the invalid flag field and the invalidation time field may not exist in the authentication information database.

The business information database is a database that manages information (business information) required when a user performs boarding procedures. FIG. 13 is a diagram showing an example of a business information database. Referring to FIG. 13, the business information database has fields for storing a token ID, passenger name, departure point, destination, airline code, flight number, operation date, etc. In addition to the above fields, the business information database may have fields for storing a seat number, nationality, passport number, surname, first name, date of birth, gender, etc. The business information database stores business information related to a specified business (procedures performed at each touch point) for each token ID.

The above information stored in the business information database is obtained from boarding pass information and passport information.

When the database management unit 403 obtains a token ID from the token generation unit 402 (when a token ID is issued), it adds a new entry to each database. When adding an entry to the second and third authentication information databases, the database management unit 403 obtains the airline code and flight number from the boarding pass information and adds the entry to the corresponding area.

When a new entry is added, the database management unit 403 sets a setting value in the field of each database. For example, the database management unit 403 generates a feature amount from a registered face image and registers the generated feature amount in each authentication information database. Note that for fields for which a setting value cannot be set, the database management unit 403 may set an initial value (default value).

The authentication request processing unit 404 is a means (processing unit) for processing an authentication request acquired from a terminal. The authentication request processing unit 404 processes an authentication request acquired from a terminal by referring to a database that stores biometric information of each of a plurality of users. More specifically, the authentication request processing unit 404 processes an authentication request from at least one terminal by referring to any one of the first to third authentication information databases.

The authentication request processing unit 404 determines which authentication information database to refer to based on the terminal identifier included in the authentication request. Specifically, when an authentication request is received from either the passenger passage system 12 or the gate device 13, the authentication request processing unit 404 refers to the first authentication information database. In other words, when the terminal identifier is either "T03" or "T04", the first authentication information database is selected and the matching process is performed.

When an authentication request is received from the baggage drop machine 11 or the lounge gate 14 (terminal identifier is T02 or T05), the authentication request processing unit 404 refers to the second authentication information database.

When an authentication request is received from the boarding gate device 15 (terminal identifier is T06), the authentication request processing unit 404 refers to the third authentication information database.

The authentication request processing unit 404 may determine the authentication information database to be referenced by using table information that stores the relationship between the terminal identifier and the authentication information database to be referenced. The authentication request processing unit 404 narrows down the biometric information to be used when processing the authentication request depending on the type of terminal that sent the authentication request.

The authentication request includes biometric information of the person to be authenticated. The authentication request processing unit 404 performs a matching process (1:N matching) using the biometric information included in the authentication request and the biometric information included in the authentication information database.

At that time, the authentication request processing unit 404 determines the search range of the authentication information database based on the operation information included in the authentication request.

Specifically, when referring to the first authentication information database, the authentication request processing unit 404 subjects the entire area (all entries) to matching processing. When referring to the second authentication information database, the authentication request processing unit 404 subjects the entries in the area (range) corresponding to the airline code obtained as the operation information to matching processing. When referring to the third authentication information database, the authentication request processing unit 404 subjects the entries in the area (range) corresponding to the flight number obtained as the operation information to matching processing.

When performing matching processing for entries registered in the authentication information database, the authentication request processing unit 404 generates features from a facial image acquired from the terminal. The authentication request processing unit 404 extracts feature points from the facial image. Note that existing technology can be used for the feature point extraction process, so a detailed description thereof will be omitted. For example, the authentication request processing unit 404 extracts the eyes, nose, mouth, etc. as feature points from the facial image. The authentication request processing unit 404 then calculates the position of each feature point and the distance between each feature point as feature amounts, and generates a feature vector consisting of multiple feature amounts.

The authentication request processing unit 404 sets the generated feature (feature vector) as the feature on the matching side, and sets the feature registered in the authentication information database that is valid (the feature of an entry that is not invalidated) as the feature on the registration side.

The authentication request processing unit 404 calculates the similarity between the feature on the matching side and each of the multiple feature on the registration side. The similarity can be calculated using chi-square distance, Euclidean distance, or the like. Note that the greater the distance, the lower the similarity, and the closer the distance, the higher the similarity.

The authentication request processing unit 404 determines that authentication has been successful if, among the multiple features (valid features) registered in the authentication information database, there is a feature whose similarity with the feature to be compared is equal to or greater than a predetermined value.

If authentication is successful, the authentication request processing unit 404 identifies the token ID that corresponds to the feature with the highest similarity. The authentication request processing unit 404 searches the business information database using the identified token ID as a key to identify the corresponding entry.

The authentication request processing unit 404 transmits the authentication result to the terminal (responds to the authentication request). If the authentication is successful, the authentication request processing unit 404 transmits a response to the terminal including a message indicating that the authentication is successful (authentication successful) and the business information and token ID identified from the business information database. If the authentication is unsuccessful, the authentication request processing unit 404 transmits a response to the terminal including a message indicating that the authentication is unsuccessful (authentication unsuccessful).

The storage unit 405 stores various information necessary for the operation of the server device 20. An authentication information database and a business information database are constructed in the storage unit 405.

[System Operation]
Next, the operation of the boarding procedure system according to the first embodiment will be described. Fig. 14 is a sequence diagram showing an example of the operation of the boarding procedure system according to the first embodiment. The operation when performing authentication processing from the boarding gate device 15 will be described with reference to Fig. 14. The explanation of the operation related to system registration will be omitted.

The boarding gate device 15 acquires a facial image of the user (person to be authenticated) and sends an authentication request to the server device 20 (step S01).

The server device 20 extracts a terminal identifier from the authentication request, and determines which of the multiple authentication information databases to use for the matching process based on the extracted terminal identifier (step S02). In this case, since the authentication request was received from the boarding gate device 15, the server device 20 selects the third authentication information database.

The server device 20 determines the search range in the selected authentication information database based on the operation information included in the authentication request (step S03). In this case, the server device 20 selects, from among the entries stored in the third authentication information database, the entries stored according to the flight number included in the authentication request as the search range. In the example of FIG. 12, if the flight number set in the operation information is "FL01", the entries in the first to third rows are selected as the entries in the search range.

The server device 20 generates features from the facial image included in the authentication request (step S04).

The server device 20 executes authentication processing using the biometric information (authentication information) included in the search range of the selected authentication information database (step S05).

If the authentication is successful (step S06, Yes branch), the server device 20 searches the business information database using the token ID obtained by the matching process as a key (step S07).

If authentication fails (step S06, No branch), the server device 20 executes the process of step S08.

The server device 20 transmits the authentication result (authentication successful, authentication failed) to the boarding gate device 15 (step S08). If the authentication is successful, the server device 20 transmits a response to the boarding gate device 15 that includes the business information identified in the search in step S07.

The boarding gate device 15 that receives the authentication result performs business processing according to the contents of the result (step S09). If successful authentication is received, the boarding gate device 15 judges whether or not the user (the person who was successfully authenticated) is qualified to board the aircraft. Specifically, the boarding gate device 15 judges whether or not the flight number assigned to the device matches the flight number included in the business information.

If it is determined that the user is able to board the aircraft, the boarding gate device 15 allows the successfully authenticated person to pass through the gate. If it is determined that the user is not able to board the aircraft, the boarding gate device 15 does not allow the successfully authenticated person to pass through the gate.

When a person who has been successfully authenticated passes through the gate, the boarding gate device 15 notifies the server device 20 of this fact. Specifically, the boarding gate device 15 notifies the server device 20 of the token ID of the person who has been successfully authenticated. The database management unit 403 of the server device 20 invalidates the entry corresponding to the person who has been successfully authenticated and passed through the gate. Specifically, the database management unit 403 sets "1" to the invalid flag field of the corresponding entry. At that time, the database management unit 403 invalidates the corresponding entries in each of the first to third authentication information databases. In other words, when a person who has been successfully authenticated passes through the boarding gate device 15, the database management unit 403 invalidates the entries of the user who has passed through the boarding gate device 15 from among the entries stored in each of the first to third authentication information databases.

The server device 20 sets the biometric information stored in the valid entries of the first to third authentication information databases as the biometric information on the registration side, so the amount of data in each database is reduced as the user boards the aircraft. Therefore, in the authentication process using the second and third authentication information databases, it is possible to obtain the benefits of a reduction in the amount of data as the user completes the boarding procedure, and a reduction in the amount of data by narrowing the search range by airline code or flight number.

As described above, in the first embodiment, the authentication information database to be referenced is determined according to the type of the sender of the authentication request, and the search range of each database is determined according to the operating status of the sender. As a result, when the search range of entries can be narrowed down to, for example, the lounge gate 14 or the boarding gate device 15, the amount of data stored in the database is substantially reduced, and the authentication accuracy is improved. That is, when the terminal that is the sender of the authentication request is a terminal of a predetermined type, the authentication request processing unit 404 of the server device 20 processes the authentication request using some of the biometric information among the multiple biometric information. For example, if the sender of the authentication request is the boarding gate device 15, the server device 20 processes the authentication request using the biometric information of the flight for which the boarding gate device 15 is determining whether the user can pass (the flight for which the boarding gate device 15 is determining whether the user can pass). In the third authentication information database that classifies and stores the biometric information of users for each flight, the number of users of each flight (aircraft, flight number) is small compared to the total number of system users. Therefore, the number of entries to be subject to matching processing is reduced, and the accuracy of biometric authentication is improved.

Next, we will explain the hardware of each device that makes up the boarding system. Figure 15 is a diagram showing an example of the hardware configuration of server device 20.

The server device 20 can be configured by an information processing device (so-called a computer), and has the configuration shown in FIG. 15. For example, the server device 20 has a processor 311, a memory 312, an input/output interface 313, a communication interface 314, etc. The components such as the processor 311 are connected by an internal bus or the like, and are configured to be able to communicate with each other.

However, the configuration shown in FIG. 15 is not intended to limit the hardware configuration of the server device 20. The server device 20 may include hardware not shown, and may not include an input/output interface 313 as necessary. In addition, the number of processors 311 and the like included in the server device 20 is not intended to be limited to the example shown in FIG. 15, and for example, the server device 20 may include multiple processors 311.

The processor 311 is, for example, a programmable device such as a CPU (Central Processing Unit), an MPU (Micro Processing Unit), or a DSP (Digital Signal Processor). Alternatively, the processor 311 may be a device such as an FPGA (Field Programmable Gate Array) or an ASIC (Application Specific Integrated Circuit). The processor 311 executes various programs including an operating system (OS).

Memory 312 is a RAM (Random Access Memory), a ROM (Read Only Memory), a HDD (Hard Disk Drive), a SSD (Solid State Drive), etc. Memory 312 stores the OS program, application programs, and various data.

The input/output interface 313 is an interface for a display device and an input device (not shown). The display device is, for example, a liquid crystal display. The input device is, for example, a device that accepts user operations such as a keyboard or a mouse.

The communication interface 314 is a circuit, module, etc. that communicates with other devices. For example, the communication interface 314 includes a NIC (Network Interface Card), etc.

The functions of the server device 20 are realized by various processing modules. The processing modules are realized, for example, by the processor 311 executing a program stored in the memory 312. The program can be recorded on a computer-readable storage medium. The storage medium can be a non-transitory medium such as a semiconductor memory, a hard disk, a magnetic recording medium, or an optical recording medium. That is, the present invention can also be embodied as a computer program product. The program can be downloaded via a network, or updated using a storage medium that stores the program. The processing modules may also be realized by a semiconductor chip.

The check-in terminal 10, boarding gate device 15, etc. can also be configured using information processing devices, just like the server device 20, and their basic hardware configuration is no different from that of the server device 20, so a description of them will be omitted. The check-in terminal 10, etc. only needs to be equipped with a camera, etc.

The server device 20 is equipped with a computer, and the functions of the server device 20 can be realized by having the computer execute a program. The server device 20 also executes a control method for the server device by the program.

[Modification]
The configuration, operation, etc. of the boarding system described in the above embodiment are merely examples and are not intended to limit the system configuration, etc.

In the above embodiment, it has been described that system registration is performed after the user's check-in procedure, but system registration may also be performed before the check-in procedure. In this case, since a boarding pass is not issued before the check-in procedure, the server device 20 may perform system registration using airline ticket information instead of a boarding pass.

In the above embodiment, a case has been described in which system registration (registration for implementing boarding procedures using biometric authentication) is performed at the check-in terminal 10. However, system registration may be performed at a device or terminal other than the check-in terminal 10. For example, a device dedicated to system registration may be installed at the airport, or system registration may be performed at a terminal (touch point) such as the baggage drop machine 11 or the passenger passage system 12.

In the above embodiment, a case has been described in which a series of boarding procedures are performed using biometric authentication, but some of the procedures may also be performed using biometric authentication. For example, in FIG. 2, system registration may be performed at the baggage drop-off machine 11, and procedures after baggage check-in (such as security check) may be performed using biometric authentication. In other words, some of the series of boarding procedures may be performed at manned booths, etc.

In the above embodiment, the case where the server device 20 has multiple databases has been described. However, the authentication information database and the business information database constructed in the server device 20 may be constructed in a database server different from the server device 20. In other words, the boarding procedure system only needs to include the various means (e.g., token generation means) etc. described in the above embodiment.

In the above embodiment, a case has been described in which the authentication request includes a facial image, but the authentication request may also include features generated from the facial image. In this case, the server device 20 processes the authentication request using the features extracted from the authentication request and the features registered in the authentication information database.

The server device 20 may delete an invalidated entry a predetermined period of time after the entry is invalidated. More specifically, the database management unit 403 may periodically refer to the invalidation time field of the authentication information database and delete an entry that has been invalidated for a predetermined period of time (e.g., 24 hours).

In the above embodiment, the case where three authentication information databases are prepared has been described, but one authentication information database may be prepared to achieve substantially the same as the above description. Specifically, an airline code field and a flight number field may be provided in the first authentication information database, and the server device 20 may process the authentication request by referring to these fields. For example, when an authentication request is acquired from the lounge gate 14, the server device 20 may set an entry in which the same value as the airline code included in the authentication request is set in the airline code field as the target of the matching process. That is, the server device 10 has a database including an airline code field that stores an airline code and a flight number field that stores a flight number for each of a plurality of users. The authentication request processing unit 404 determines whether to refer to the value of the airline code field or the flight number field when processing the authentication request based on the type of the terminal that is the source of the authentication request. For example, if the terminal is a boarding gate device 15, the authentication request processing unit 404 refers to the value of the flight number field in the database, and sets passengers of the flight for which the boarding gate device 15 is determining whether the user can pass as targets of the matching process. In this way, the authentication request processing unit 404 narrows down the biometric information to be used when processing an authentication request depending on at least one or more types of terminal.

Alternatively, the second and third authentication information databases may be further divided. Specifically, one authentication information database may store entries corresponding to one airline code or flight number. That is, the server device 20 may be provided with a second authentication information database group and a third authentication information database group.

When users of multiple airlines can use the same lounge, lounge gate 14 may set the airline code corresponding to each airline in the operation information. For example, when users (passengers) of airline A and airline B can use the same lounge, the airline codes of airline A and airline B may be set as the operation information. In this case, the authentication request processing unit 404 may subject the entries in the second authentication information database that correspond to each of the multiple airline codes set in the operation information to the matching process.

The form of data transmission and reception between the check-in terminal 10 and the server device 20 is not particularly limited, but the data transmitted and received between these devices may be encrypted. Boarding pass information and passport information contain personal information, and in order to appropriately protect the personal information, it is desirable to transmit and receive encrypted data.

In the flow diagrams (flowcharts, sequence diagrams) used in the above explanation, multiple steps (processes) are described in order, but the order in which the steps are executed in the embodiment is not limited to the order described. In the embodiment, the order of the steps shown in the diagrams can be changed to the extent that does not interfere with the content, such as executing each process in parallel.

The above embodiments have been described in detail to facilitate understanding of the present disclosure, and it is not intended that all of the configurations described above are necessary. Furthermore, when multiple embodiments are described, each embodiment may be used alone or in combination. For example, it is possible to replace part of the configuration of an embodiment with the configuration of another embodiment, or to add the configuration of another embodiment to the configuration of an embodiment. Furthermore, it is possible to add, delete, or replace part of the configuration of an embodiment with other configurations.

The above explanation makes it clear that the present invention has industrial applicability, and the present invention is particularly applicable to boarding procedures at airports and the like. However, the application of the present disclosure is not limited to airport procedures, and the present disclosure can be applied to systems that require multiple procedures.

A part or all of the above-described embodiments can be described as, but is not limited to, the following supplementary notes.
[Appendix 1]
A receiving unit that receives an authentication request from at least one terminal;
a processing unit that refers to a database that stores biometric information of each of a plurality of users and processes the authentication request;
Equipped with
The processing unit processes the authentication request using some of the plurality of pieces of biometric information when the terminal transmitting the authentication request is a terminal of a predetermined type.
[Appendix 2]
a first authentication information database that stores biometric information of each of the plurality of users;
a second authentication information database that stores the biometric information of each of the plurality of users for each airline;
a third authentication information database that stores the biometric information of each of the plurality of users for each flight number;
Further equipped with
The server device described in Appendix 1, wherein the processing unit determines a database to refer to from among the first to third databases depending on the type of the at least one terminal, and processes the authentication request by referring to the determined database.
[Appendix 3]
the at least one terminal transmits the authentication request including a terminal identifier indicating a type of the terminal;
The server device according to claim 2, wherein the processing unit determines the authentication information database to be referenced based on the terminal identifier.
[Appendix 4]
the at least one or more terminals transmit the authentication request including operation information regarding an operation of the terminal itself at the time of transmitting the authentication request;
The server device according to claim 3, wherein the processing unit determines a search range of the determined authentication information database based on the operation information.
[Appendix 5]
The server device described in Appendix 4, wherein, in the case where the at least one terminal is a passenger passage system or a gate device that performs immigration procedures installed at an airport, the processing unit performs a matching process by referring to the first authentication information database.
[Appendix 6]
In a case where the at least one terminal is a baggage check-in machine installed at an airport, the baggage check-in machine sets an airline code of an airline that manages the baggage check-in machine in the operation information,
The server device according to claim 4 or 5, wherein the processing unit subjects entries in a field of the second authentication information database corresponding to an airline code set as the operation information to a matching process.
[Appendix 7]
When the at least one terminal is a lounge gate installed in a lounge, the lounge gate sets an airline code of an airline that operates the lounge in the operation information,
The server device according to any one of appendix 4 to 6, wherein the processing unit subjects entries of the second authentication information database in a matching process to entries in a field corresponding to an airline code set as the operation information.
[Appendix 8]
When the at least one or more terminals are boarding gate devices that determine whether or not boarding is permitted for an aircraft, the boarding gate device sets a flight number for which boarding is being determined to be permitted for the aircraft in the operation information,
A server device described in any one of Appendices 4 to 7, wherein the processing unit subjects entries in the third authentication information database in an area corresponding to the flight number set as the operation information to matching processing.
[Appendix 9]
The lounge gate sets airline codes of a plurality of airlines as the operation information,
The server device according to claim 7, wherein the processing unit subjects entries of the second authentication information database corresponding to each of a plurality of airline codes set in the operation information to a matching process.
[Appendix 10]
A management unit that manages the first to third authentication information databases,
The server device described in Appendix 8, wherein the management unit invalidates the entries of the user who has passed through the boarding gate device among the entries stored in each of the first to third authentication information databases when a successfully authenticated person passes through the boarding gate device.
[Appendix 11]
11. The server device according to any one of appendices 1 to 10, wherein the biometric information is a face image or a feature generated from a face image.
[Appendix 12]
the database includes, for each of the plurality of users, an airline code field for storing an airline code and a flight number field for storing a flight number;
The server device according to claim 1, wherein the processing unit determines whether to refer to a value in the airline code field or the flight number field when processing the authentication request based on the type of the at least one terminal.
[Appendix 13]
A terminal transmits an authentication request to a server device that determines a database to be referred to when performing biometric authentication, the authentication request including a terminal identifier indicating a type of the terminal.
[Appendix 14]
14. The terminal according to claim 13, wherein the terminal transmits to the server device the authentication request including operation information regarding an operation of the terminal itself at the time of transmitting the authentication request.
[Appendix 15]
At least one terminal;
A server device connected to the at least one terminal;
Including,
The server device includes:
A receiving unit that receives an authentication request from the at least one terminal;
a processing unit that refers to a database that stores biometric information of each of a plurality of users and processes the authentication request;
Equipped with
The processing unit processes the authentication request using some of the plurality of pieces of biometric information when the terminal sending the authentication request is a terminal of a predetermined type.
[Appendix 16]
In the server device,
receiving an authentication request from at least one terminal;
A method for controlling a server device, comprising: if a terminal transmitting the authentication request is a terminal of a predetermined type, processing the authentication request using some of a plurality of pieces of biometric information stored in a database.
[Appendix 17]
A computer installed in the server device
receiving an authentication request from at least one terminal;
a process of performing an authentication process using a part of a plurality of pieces of biometric information stored in a database when the terminal transmitting the authentication request is a terminal of a predetermined type;
A computer-readable storage medium that stores a program for executing the above.

The disclosures of the above cited prior art documents are incorporated herein by reference. Although the embodiments of the present invention have been described above, the present invention is not limited to these embodiments. Those skilled in the art will understand that these embodiments are merely illustrative and that various modifications are possible without departing from the scope and spirit of the present invention. In other words, the present invention naturally includes various modifications and amendments that a person skilled in the art can make in accordance with the entire disclosure, including the scope of the claims, and the technical ideas.

10 Check-in terminal 11 Baggage drop machine 12 Passenger passage system 13 Gate device 14 Lounge gate 15 Boarding gate device 20, 100 Server device 101 Receiving unit 102 Processing unit 201, 301, 401 Communication control unit 202 System registration unit 203 Token issuance request unit 204 Message output unit 205 Check-in execution unit 206, 305, 405 Storage unit 211 Boarding pass information acquisition unit 212 Passport information acquisition unit 213, 302 Biometric information acquisition unit 303 Authentication request unit 304 Function realization unit 311 Processor 312 Memory 313 Input/output interface 314 Communication interface 402 Token generation unit 403 Database management unit 404 Authentication request processing unit

Claims (3)

a processing unit that processes an authentication request from the boarding gate device by referring to a database that stores biometric information of each of a plurality of users;
a management unit that invalidates an entry of the user who has passed through the boarding gate device and is stored in the database when the user who has been successfully authenticated passes through the boarding gate device,
the processing unit processes the authentication request using biometric information associated with the boarding gate device that transmitted the authentication request, among the biometric information stored in the database ;
the biometric information associated with the boarding gate device is biometric information associated with a flight number assigned to an aircraft that the user is scheduled to board;
the authentication request from the boarding gate device includes a flight number assigned to an aircraft on which the user is to board through the boarding gate device,
The processing unit is a server device that determines a search range of the database based on a flight number included in the authentication request, and processes the authentication request using a plurality of pieces of biometric information stored in the database within the determined search range . A server device,
Processing an authentication request from a boarding gate device by referring to a database that stores biometric information of each of a plurality of users;
When a user who has been successfully authenticated passes through the boarding gate device, the entry of the user who has passed through the boarding gate device stored in the database is invalidated;
With regard to the processing of the authentication request, the authentication request is processed using biometric information associated with the boarding gate device that transmitted the authentication request, among the biometric information stored in the database ;
the biometric information associated with the boarding gate device is biometric information associated with a flight number assigned to an aircraft that the user is scheduled to board;
the authentication request from the boarding gate device includes a flight number assigned to an aircraft on which the user is to board through the boarding gate device,
A server device,
A method for controlling a server device , which determines a search range of the database based on a flight number included in the authentication request, and processes the authentication request using a plurality of pieces of biometric information stored in the database within the determined search range . A computer installed in the server device
A process of processing an authentication request from a boarding gate device by referring to a database that stores biometric information of each of a plurality of users;
When the authenticated user passes through the boarding gate device, a process of invalidating the entry of the user who has passed through the boarding gate device stored in the database is executed;
a computer program for executing a process for processing the authentication request by using biometric information associated with the boarding gate device that transmitted the authentication request, among the biometric information stored in the database ,
the biometric information associated with the boarding gate device is biometric information associated with a flight number assigned to an aircraft that the user is scheduled to board;
the authentication request from the boarding gate device includes a flight number assigned to an aircraft on which the user is to board through the boarding gate device,
The computer installed in the server device further includes:
A process of determining a search range of the database based on a flight number included in the authentication request, and processing the authentication request using a plurality of pieces of biometric information stored in the database within the determined search range.
A computer program for executing the above .

Images