System and method for executing remote electronic authentication
20170372320 ยท 2017-12-28
Inventors
Cpc classification
H04L63/0861
ELECTRICITY
G06F21/32
PHYSICS
International classification
G06Q20/40
PHYSICS
Abstract
The method for executing remote electronic authentication uses a user computer/mobile device (20) with an user image acquisition device (21) and uses an authentication related server computer (30) having a server related display (21) and a server input device (22). In a connecting step the user computer (20) is connected with the server computer via a communication line (40), wherein the user computer (20) retrieves images and video sequences taken by the user image acquisition device (21) and transmits this information to the authentication related server computer (30). The server computer (30) identifies image portions of the acquired data stream related to an identity document shown in the image and/or video sequences, identifies image portions related to the head of a user at the user computer (20) in the image and/or video sequences, and compares an image of a head in the image related to the identity document with the image of the head of the user and issues a decision proposal if the image of the head in the identity document is related to the image of the head of a user as retrieved as part of the acquired images and video sequences.
Claims
1. A system for executing remote electronic authentication comprising: a user computer (20), an user image acquisition device (21), and optionally an user input device (22), an authentication related server computer (30), optionally a server related database (31, 32), a server related display (36), a server input device (34), wherein the user computer (20) can be connected with the server computer with a communication line (40), wherein the user computer (20) is adapted to retrieve images and video sequences taken by the user image acquisition device (21) and to transmit them to the authentication related server computer (30), wherein the server computer (30) is adapted to identify image portions related to an identity document in the image and/or video sequences, is adapted to identify image portions related to the head of a user at the user computer (20) in the image and/or video sequences and is further adapted to compare an image of a head in the image related to the identity document with the image of the head of the user and to issue a decision if the image of the head in the identity document is related to the image of the head of a user as retrieved as part of the acquired images and video sequences, being represented on the server related display (36) together with said image portions, supporting an authenticating person at the server input device (34) in its authentication decision.
2. The system according to claim 1, wherein upon an authentication decision the acquired image and video information is stored in the server related database (31, 32).
3. The system according to claim 1, wherein the authentication is the basis for a subsequently allowed or denied remote request from the user.
4. A method for executing remote electronic authentication using a user computer (20) with an user image acquisition device (21) and using an authentication related server computer (30) having a server related display (21) and a server input device (22), wherein in a connecting step the user computer (20) is connected with the server computer via a communication line (40), wherein in an image acquisition step the user computer (20) retrieves images and video sequences taken by the user image acquisition device (21) and transmits this information to the authentication related server computer (30), wherein in an data acquisition step (14, 15) the server computer (30) identifies image portions of the acquired data stream related to an identity document shown in the image and/or video sequences, identifies in a video recognition system step (16) image portions related to the head of a user at the user computer (20) in the image and/or video sequences, and compares an image of a head in the image related to the identity document with the image of the head of the user and issues a decision proposal if the image of the head in the identity document is related to the image of the head of a user as retrieved as part of the acquired images and video sequences.
5. The method according to claim 4, wherein acquired image information of the head of the user is represented beside the acquired image information of the image of the head of the user from the identity document.
6. The method according to claim 4, wherein the data acquisition step (14, 15) comprises the acquisition of image information of the head represented on the document page and comprises acquisition of image information of alphanumerical information represented on the document page.
7. The method according to claim 6, wherein acquired image information of the alphanumerical information is represented beside the derived character-coded alphanumerical information and optionally beside acquired transmitted image alphanumerical information from the user.
Description
BRIEF DESCRIPTION OF THE DRAWINGS
[0025] Preferred embodiments of the invention are described in the following with reference to the drawings, which are for the purpose of illustrating the present preferred embodiments of the invention and not for the purpose of limiting the same. In the drawings,
[0026]
[0027]
DESCRIPTION OF PREFERRED EMBODIMENTS
[0028]
[0029] The opening of an account is performed according to the flow chart of
[0030] The user at the client station is using a client computer/mobile device 20 connected with a camera 21 adapted to take a livestream or a screenshot of the environment around the user. The computer 20 is further connected to a keyboard 22 and/or other pointing devices to enter commands to the processor of the computer 20. Preferably, the computer 20 having a processor 25 is connected with a microphone 23 and a loudspeaker 24 in order to have an acoustic connection with the person sitting at the server computer 30. Information is displayed on a screen 26.
[0031] The user sitting in front the client computer 20 having e.g. a webcam 21 and a keyboard 22 calls the authentication institution, having a server computer 30 with a processor 35 and different additional IT systems as a personal information database 31 for storing the personal information of a user, an image data base 32 storing either screen captures and/or as well as video and optionally also sound during the session. Of course the server computer 30 has human machine interface elements as a keyboard 34 and a screen 36. When audio information is to be retrieved at the server computer 30, then additional elements like microphone 37 and a loudspeaker 38 are provided at the server.
[0032] The client computer 20 can be a desktop with the mentioned additional components or it can be a smartphone or tablet where all these functions are usually incorporated in the client computer.
[0033] User computer 20 and sever computer 30 are usually connected to the internet via communication line 40. Of course, communication line 40 is usually e.g. an internet based communication where the communication interfaces are integrated within the devices 20 and 30.
[0034] The user starts the session using his computer 20 with a session start 11. A connection with the server computer 30 is initialized and the user is optionally requested to enter or transmit personal data, which data acquisition step 12 can be done in a web application by personal input or through an upload of predefined data sheets, which can be a spreadsheet of a known application or an XML structured file. The server system 30 checks the data for completeness in all fields, which comprises name, christian name, date of birth, number and type of identity documents as well as validity of same.
[0035] After uploading the documents the user is filmed in the image acquisition step 13 with said webcam 21 and this information is preferably stored. It is also possible to use the transmitted data to extract image date of the user in a facial data acquisition step 14. The user is either in parallel or later on or earlier requested to hold one or more pages of his identity document in front of the webcam 21 in a document image acquisition step 15. This includes at least the page with the image of the head of the user, but can also include further pages of information. It is possible that a picture in picture approach is used so that the image of the head of the user together with the document to be taken by the webcam 21 is shown on a part of the screen 26 with the user.
[0036] The server system 30 acquires this data transmitted via the communication line 40 and the video recognition system 16 scans the images for data, which are included in the previously provided data for consistency. The facial data acquisition step 14 is done during part or the entire acquisition of data and/or in parallel to the document image acquisition step 15.
[0037] In a different embodiment, the data acquisition step 12 is skipped, when the recognition system 16 acquires these personal data on the knowledge of their position on the security document, through checking the acquired image of the document page.
[0038] It is preferred that the server computer 30 has already started the comparison when the images are taken during the steps 13, 14 and 15, since the acquisition relates to video signals. These previous steps can be used over time to improve the resulting image of the head of the user and/or of the information retrieved from the document which is shown in the webcam 21 with the usual jitter. Such image stabilization programs are known from prior art. Then, in the comparison step 17 its internal face recognition program the server computer 30 is comparing the image of the user's head from the webcam 21 image with the image printed on the identity card from the same webcam 21 image sequence.
[0039] The program server computer 30 then releases an opinion of identity or non-identity between the two items on the screen 36 in an image representation step 18, preferably together with a still image or an improved still image of the document as shown by the user and the head of the user.
[0040] This allows an authenticating person on the side of the server computer 30 to look at the screen 26, either online or time-shifted, and to have said information on said screen 26 or part of the screen. Part of the screen can also mean that the authenticating person has two or more screens, e.g. one screen with the live image of the web cam 21 of the user, one screen with the still image as acquired and processed by the recognition system 16 together with the comparison information flag (identity/non-identity) and the further information of the user necessary for authentication or relating to the intent of the user performing the authentication e.g. opening a bank account, requesting official services from a public administration etc.
[0041] The solution can be implanted in JAVA, but other software can be used. The streaming technology over communication line 40 can be encoded based on e.g. the H264 standard, but other coding can be used. The image transformation is preferably accompanied by a checking and texting application.
[0042] In other words, the live data acquired throughout the session or a still photograph at a specific point in time during the session of the user head and of the data page with a user head image of the identification document of the user are taken together or one after the other and pre-compared in comparison step 17 to provide in the image representation step 18 to the representation of the image of the user head, the image from the identity card together with an indication of identity provided by the software program. Additionally further personal information from the datapage of the document can be retrieved by optical character recognition and presented as well, either as is or in combination with manually entered data via keyboard 22 or uploaded from the client computer 20.
[0043] Then the authenticating person at the server computer 30 makes the decision in decision step 19, if the documents show the necessary identity to perform the requested act as opening a bank account or an official service for which a personal or a remote controlled presence is required according to the law or subsequent regulations.
[0044] The advantage is also based on the possibility for the authenticating person to receive live video images and is supported by a facial recognition program to indicate possible differences between the user person in question and the alleged identity document shown. The relevant data can be stored and retrieved later on for a further check, if considered necessary.
LIST OF REFERENCE SIGNS
[0045]
TABLE-US-00001 10 flowchart 11 session start 12 data acquisition step 13 image acquisition step 14 facial data acquisition step 15 document image acquisition step 16 video recognition system 17 comparison step 18 image representation step 19 decision step 20 client computer 21 webcam 22 keyboard 23 microphone 24 loudspeaker 25 processor 26 screen/display 30 server computer 31 personal information database 32 image data base 34 keyboard 35 processor 36 screen/display 37 microphone 38 loudspeaker 40 communication line