Search

EP-4738158-A1 - BIOMETRIC AUTHENTICATION APPARATUS, BIOMETRIC AUTHENTICATION SYSTEM, AND COMPUTER PROGRAM

EP4738158A1EP 4738158 A1EP4738158 A1EP 4738158A1EP-4738158-A1

Abstract

A biometric authentication apparatus (101, 203A, 203B) comprises an acquiring means (303) configured to acquire a condition for consent regarding acquisition and use of biometric information of a person; and a biometric authentication means (308) configured to perform biometric authentication on the person based on the condition for consent.

Inventors

  • SATO, TAKU

Assignees

  • Canon Kabushiki Kaisha

Dates

Publication Date
20260506
Application Date
20251029

Claims (16)

  1. A biometric authentication apparatus (101, 203A, 203B) comprising: an acquiring means (303) configured to acquire a condition for consent regarding acquisition and use of biometric information of a person; and a biometric authentication means (308) configured to perform biometric authentication on the person based on the condition for consent.
  2. The biometric authentication apparatus according to claim 1 further comprising a consent condition determination means (307) configured to determine based on the condition for consent whether acquisition and use of the biometric information of the person is permitted, wherein the biometric authentication means performs the biometric authentication on the person in a case where acquisition and use of the biometric information of the person was determined to be permitted.
  3. The biometric authentication apparatus according to claim 2, wherein the consent condition determination means determines whether acquisition and use of the biometric information of the person is permitted, based on whether a contradicting item is included in the condition for consent.
  4. The biometric authentication apparatus according to claim 1, wherein the condition for consent indicates that the person permits acquisition and use of the biometric information of the person.
  5. The biometric authentication apparatus according to claim 1, wherein the condition for consent includes at least any of a purpose of use, a period of use, a period of storage, a biometric information type, a handler, a manager, a department in charge, and an acquisition method regarding acquisition and use of the biometric information of the person.
  6. The biometric authentication apparatus according to claim 1, wherein the condition for consent includes at least any of a condition for consent registered by the person in advance and a condition for consent predicted based on non-personally identifiable information obtained from the biometric information of the person.
  7. The biometric authentication apparatus according to claim 1, wherein the acquiring means acquires the condition for consent regarding acquisition and use of the biometric information of the person from a server device capable of performing communication with the biometric authentication apparatus.
  8. The biometric authentication apparatus according to claim 1, wherein the biometric authentication apparatus is for entry/exit management or for monitoring.
  9. The biometric authentication apparatus according to claim 1, wherein the biometric information includes at least any of a face image of the person and a face feature amount of the person, and the biometric authentication is face authentication.
  10. The biometric authentication apparatus according to claim 1, wherein the condition for consent is associated with a person ID unique for each person.
  11. A biometric authentication system (20) comprising: a mobile terminal device (201) including consent condition registering means (301) configured to register a condition for consent regarding acquisition and use of biometric information of a person; a server device (202) including consent condition managing means (302) configured to manage the condition for consent registered by the consent condition registering means; and a biometric authentication apparatus (203A, 203B), wherein the biometric authentication apparatus includes acquiring means (303) configured to acquire the condition for consent from the server device, and biometric authenticating means (308) configured to perform biometric authentication on the person based on the condition for consent.
  12. The biometric authentication system according to claim 11, wherein the consent condition registering means registers the condition for consent in the consent condition managing means based on a result set in a user interface via which the person sets the condition for consent.
  13. The biometric authentication system according to claim 11, wherein the biometric information includes at least any of a face image of the person and a face feature amount of the person, and the biometric authentication is face authentication.
  14. The biometric authentication system according to claim 11, wherein the condition for consent is associated with a person ID unique for each person.
  15. A method to be executed by a biometric authentication apparatus, comprising: acquiring a condition for consent regarding consent to acquisition and use of biometric information of a person; and performing biometric authentication on the person based on the condition for consent.
  16. A computer program comprising instructions which, when the program is executed by a computer, cause the computer to carry out the method of claim 15.

Description

TECHNICAL FIELD The present disclosure relates to a biometric authentication apparatus, a biometric authentication system, a method, and a computer program. BACKGROUND In recent years, the importance of protection of personal information has increased. In face authentication systems, strict limitations are imposed on the acquisition and use of large numbers of face images and face feature amounts. Here, face feature amounts are obtained by converting external patterns of a face into multidimensional vectors. Since an individual can be identified using a face feature amount, face feature amounts are considered to be a type of biometric identifier. For example, the state of Illinois in the United States requires written consent from an individual when acquiring face feature amounts. The EU is also considering a law that prohibits the use of face authentication in public spaces. Due to national and state legislation, the acquisition and use of face feature amounts may be restricted more than the acquisition and use of face images. Therefore, methods have been proposed to restrict the acquisition and use of face images or face feature amounts. Japanese Patent No. 6150019 proposes a system in which, when a person to be a subject of face authentication performs a specific gesture, personal information that has been acquired for that person is deleted. Also, Japanese Patent No. 7126138 proposes a face authentication system in which consent for the acquisition and use of personal information such as a face image is obtained in advance from a person to be a subject of face authentication. Here, the acquisition and use of large numbers of face images and face feature amounts may be legally restricted in terms of application and/or location. Note that if a person who is a subject individually consents to the use of personal information under such legal restrictions, it is necessary for the personal information of the consenting person to made available. In this way, with respect to the acquisition and use of face images and face feature amounts, it is necessary to able to limit the use of large numbers of pieces of personal information while also being able to adjust limitations on the use of personal information for each individual. SUMMARY However, in Japanese Patent No. 6150019, if a person does not perform a gesture to express their intent to prohibit the acquisition and use of their face image or face feature amount, a third party can acquire and use the person's face image or face feature amount even though the person does not consent to the acquisition and use of personal information. Furthermore, in Japanese Patent No. 7126138, with respect to the acquisition and use of a face image or a face feature amount for each individual, the application and terms of use associated with a face image or a face feature amount cannot be changed for each individual. In view of this, the present disclosure provides a technology for securely and easily using biometric information for individuals. The present disclosure in its first aspect provides a biometric authentication apparatus as specified in claim 1. Optional features are specified in claims 2 to 10. The present disclosure in its second aspect provides a biometric authentication system as specified in claim 11. Optional features are specified in claims 13 to 14. The present disclosure in its third aspect provides a method as specified in claim 15. The present disclosure in its fourth aspect provides a computer program as specified in claim 16. According to the present disclosure, it is possible to securely and easily use biometric information for individuals. Features of the present disclosure will become apparent from the following description of embodiments with reference to the attached drawings. The following description of embodiments is described by way of example. BRIEF DESCRIPTION OF THE DRAWINGS The accompanying drawings, which are incorporated in and constitute a part of the specification, illustrate embodiments of the present disclosure, and together with the description, serve to explain the principles of the embodiments. FIG. 1 is a diagram illustrating an example of a hardware configuration of an information processing apparatus according to first and second embodiments.FIG. 2 is a diagram illustrating an overview of a configuration of a system according to the first embodiment.FIG. 3A is a diagram illustrating a functional configuration of an entry/exit management device according to the first embodiment.FIG. 3B is a diagram illustrating a functional configuration of a monitoring system according to the first embodiment.FIG. 4 is a diagram showing an example of a UI screen via which a person sets a consent condition according to the first embodiment.FIG. 5A is a diagram illustrating data 501 managed by a server device according to the first embodiment.FIG. 5B is a diagram illustrating data 502 stored in the entry/exit management device according to the f