JP2018005558A - System, method and program to process right information - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide suppression on forgery of right information, proper circulation of the right information, and an effective authentication mechanism for the right information.SOLUTION: The present invention relates to a right information authentication system such that a portable terminal includes a first string output section; and an authentication device includes a coincidence detection section which outputs a coincidence result indicative of whether an effective string output by a second string output section coincides with an effective string output by the first string output section, an authentication result output section which outputs an authentication result showing that extracted right information is formal right information related to an owner when the coincidence result indicates a coincidence, and a notification section which gives notice of the authentication result, the second string output section outputting a plurality of strings as many as those that the first string output section outputs, and the same string that the second string output section outputs as the string of the first string output section being output substantially in the same timing and effective substantially for the same duration.SELECTED DRAWING: Figure 1

Description

  The present invention relates to a system, method, and program for processing rights information.

  Conventionally, systems for processing tickets (event tickets, air ticket tickets, etc.) using a mobile terminal such as a mobile phone are known.

  In a conventional ticket processing system, for example, ticket data is downloaded to a mobile terminal such as a smartphone by ticket purchase processing by a user.

  Then, the ticket displayed on the screen of the smartphone is presented to the attendant when passing through the entrance of the event or when passing through the gate of the boarding procedure at the airport. This electronic ticket is read by an entrance reader. The computer checks the read information to confirm the validity of the ticket. The result of confirming the validity of the ticket is displayed on a reading machine or by making an electronic sound, and the fact that the validity of the ticket has been confirmed is fed back to the attendant at the entrance. If the ticket is valid, the ticket owner can pass through the entrance (gate) according to the instructions of the staff.

  For example, the music live event market has continued to expand in recent years, and it is important for both event operators and fans to improve the convenience of ticket issuing, distribution, and authentication, which are eligible for participation in live events. Yes. However, the following problems arise in ticket issuance, distribution, and authentication.

(1) Counterfeit Tickets As the value of tickets increases, there are increasing cases of using counterfeit electronic tickets to illegally participate in events or sell them to genuine tickets and fake fans. In recent years, it may be difficult to determine whether the ticket is a counterfeit ticket due to the high performance of screen shot functions for screens of copiers, scanners, cameras, mobile terminals, etc. and the spread to general households. .

(2) Cost of Counterfeit Countermeasures As described above, as a countermeasure against counterfeiting / resale, a so-called electronic ticket that issues a ticket by an electromagnetic method as described above has appeared instead of a paper ticket. Specifically, there are a simple one that displays authentication information such as a QR code (registered trademark) on an electronic terminal, and one that uses an electronic terminal or card in which an IC chip or the like is incorporated. However, the former can be duplicated by an easy method such as copying an image as it is / photographing / taking a screen shot. With respect to the latter, it is necessary to incorporate a mechanism for realizing the security function on both the ticket side and the authentication device side, resulting in the cost of handling these devices.

  (3) Popular live event tickets are bought up by resellers and vendors, and the original fans cannot participate or are forced to purchase at an unreasonably high price from resellers.

  In addition, for event managers, the fact that original fans cannot participate in the event also means that sales opportunities for venue merchandise sales, which are an important source of income for live events, are lost and customer satisfaction of original fans is impaired. There is a profit.

(4) Loss of opportunity for users when resale is prohibited As an example of countermeasures to the problem (1) above, an event operator may prohibit resale of tickets. That is, the ticket acquired by reselling the ticket is invalid and the event of the fan who acquired the ticket by reselling is refused.

  However, even a fan who really wants to participate in an event may unavoidably give up participating because there is another plan after purchasing the ticket. In such a case, taking a measure that the ticket cannot be transferred to a third party at all may cause a hesitation in purchasing the ticket because the purchase price of the ticket is wasted.

  In addition, even for event managers, even if they purchase tickets at an unreasonably high price, they refuse to participate by enthusiastic fans who want to participate in the event, which is disadvantageous.

  As described above, in issuing and distributing tickets, there is a demand for security technology that balances counterfeiting and cost and allows an operator to control ticket distribution as necessary.

  Conventionally, for example, a mobile terminal downloads an electronic ticket from a ticket management server, and the mobile terminal receives a signal from a signal transmission device that unilaterally transmits a predetermined signal to the mobile terminal that has downloaded the electronic ticket. As a condition, the usage status of the electronic ticket is updated from “unused” to “used”. And the updated icon which shows having updated is displayed on a display part. There is a technique in which an electronic ticket owner shows an updated icon to a hall attendant, and the attendant confirms the icon to permit entry (see Patent Document 1).

  Also, a program downloaded to the portable terminal device, the first step of fetching the ticket data downloaded from the server to the portable terminal device, and an image corresponding to the ticket data when the predetermined input operation is detected is displayed on the screen A predetermined input instruction is detected on the condition that a predetermined operation determined in advance on the screen on which the image is displayed in the second step, or a predetermined voice input is detected; Ticket authentication processing is performed even in an environment in which communication with the server cannot be performed by a program having a third step of performing update processing for updating status data indicating the usage history of the ticket data on condition that an input instruction is detected There is a program technology that can be used (see Patent Document 2).

Japanese Patent Laid-Open No. 2006-71544 JP 2014-96137 A

  An object of the disclosed technology is to provide a mechanism for suppressing forgery of rights information, proper distribution of rights information, and an effective authentication mechanism for rights information.

The disclosed technology is a rights information authentication system including a mobile terminal and an authentication device that authenticates rights information associated with the mobile terminal, wherein the mobile terminal sequentially outputs a plurality of strings. A string output unit, wherein each of the plurality of strings is valid for a duration given from an output time, to the first string output unit, the right information, and the owner of the right information. A first storage unit that stores associated owner identification information in association with each other, at least the owner identification information stored in the first storage unit, and the valid output that is output from the first string output unit An authentication information generation unit that generates authentication information by an encryption process using an authentication string, and an authentication information output unit that outputs the authentication information. Are sequentially output, and each of the plurality of strings is valid only for a given duration from the output time, the second string output unit, the right information, In response to acquisition of the authentication information, a second storage unit that stores the owner identification information in association with each other, an authentication information acquisition unit that acquires the authentication information from the authentication information output unit, and the second information A string receiving unit that receives a valid string output from the string output unit, and a decryption process corresponding to the encryption process, so that at least the owner identification information and the first identification information are obtained from the acquired authentication information. A decryption unit for decrypting a valid string output from one string output unit, and the corresponding right information is stored in the second storage using the decrypted owner identification information. The right information extraction unit, the valid string output from the second string output unit, and the valid string output from the first string output unit match to be extracted from A match detection unit that outputs a result, and an authentication result output that outputs an authentication result indicating that the extracted right information is valid right information related to the owner when the match result indicates a match And
A notification unit for reporting the authentication result, wherein the second string output unit sequentially outputs a plurality of strings identical to the first string output unit, and is output by the second string output unit. The string identical to the string in the first string output unit is output at substantially the same timing and has a right information authentication system that is valid for substantially the same duration.

  The disclosed technology can provide forgery of rights information, proper distribution of rights information, and an effective authentication mechanism for rights information.

It is a figure which shows the structure of 1st Embodiment. It is a figure which shows the structure of 2nd Embodiment. It is a figure which shows the structure of 3rd Embodiment. It is a figure which shows the structure of 4th Embodiment. It is a figure which shows the operation | movement sequence of 1st Embodiment shown in FIG. 1, taking the process of the electronic ticket of the event A as an example. It is a figure which shows the operation | movement sequence of 2nd Embodiment shown in FIG. 2 taking the process of the electronic ticket of the event A as an example. It is a figure which shows the operation | movement sequence of 2nd Embodiment shown in FIG. 2 taking the process of the electronic ticket of the event B using a positional information as an example. It is a figure which shows embodiment which concerns on purchase of a ticket. It is a figure which shows embodiment regarding the resale of the ticket in an auction etc. It is a figure which shows the flow for ensuring the consistency of an encryption process and a decoding process. It is a figure which shows the aspect of the concrete specification of a portable terminal, the terminal for reception, and a server apparatus. It is a figure which shows the example of a display of the barcode containing authentication information. It is a figure which shows the example of the information memorize | stored in a 1st memory | storage part and a 2nd memory | storage part. It is a figure which shows the hardware constitutions of a portable terminal, the terminal for reception, and a server apparatus. FIG. 6 shows another embodiment for changing the owner of a ticket.

  In this specification and the like, the term “ticket” is used in the description of the embodiments. Tickets are not limited to admission tickets to event venues. It should be noted that “ticket” is used as an example of a right. In the present specification, “electronic ticket (or electronic ticket)” is simply referred to as “ticket”. A ticket is a legitimate owner who has the right, ownership, occupancy, etc. to receive the goods or services purchased, for example, in order to receive goods or services that have been paid in advance General rights information is included. This right information includes tickets, electronic data, images, colors, signals taken from devices such as IC chips, or electronic signals transmitted via a medium such as wire, radio waves, light, magnetism, etc. It goes without saying that the information distributed using is included.

<Configuration of First Embodiment>
FIG. 1 is a diagram illustrating the configuration of the first embodiment. The first embodiment includes a mobile terminal 100 and an authentication device 180, and the authentication device 180 further includes a reception terminal 120 and a server device 130. In the first embodiment, the authentication device 180 includes the reception terminal 120 and the server device 130. However, the separation of the functions of the reception terminal 120 and the server device 130 is convenient. And, it is not limited to this configuration. Therefore, for example, in the authentication device 180, the reception terminal 120 may include all the functions of the server device 130. In this case, the server device 130 may be omitted. It should be noted that the flexibility regarding the arrangement of various functions as described above applies to all other embodiments.

  The portable terminal 100 includes a first storage unit 102, a first string output unit 104, a clock generation unit 106, an authentication information generation unit 108, and an authentication information output unit 110.

  The mobile terminal 100 may be a mobile phone, a music playback device, a tablet terminal, or the like.

  The reception terminal 120 includes an authentication information acquisition unit 122 and a notification unit 124.

  The server device 130 includes a second string output unit 132, a clock generation unit 134, a string reception unit 136, a decryption unit 138, a match detection unit 140, a second storage unit 142, a right information extraction unit 146, and an authentication result output unit 148. Have

  For example, a ticket for an event such as a concert includes right information that allows a user to sit in a predetermined seat at a concert venue. In this embodiment, the authentication device 180 can check the validity of such a concert ticket. The check result is notified by the reception terminal. If the validity of the ticket can be confirmed, the person holding the portable terminal 100 can enter the concert hall and can sit at a predetermined seat and enjoy the concert.

<Operation of First Embodiment>
In FIG. 1, the authentication apparatus 180 authenticates the right information existing in the portable terminal 100, and knows whether the right information existing in the portable terminal 100 is legitimate right information by notifying the authentication result, for example. Can do.

  In the mobile terminal 100, the first string output unit 104 provides the first string to the authentication information generation unit 108 by, for example, acquiring a time signal from the clock generation unit 106. The first string may be, for example, information obtained by discarding information less than a minute from time (year / month / day / hour / minute / second) information. In this case, the first string is a string that is incremented every minute, and each of the plurality of strings that are sequentially generated is a string that is valid for one minute.

  When the current time is October 11, 2020, 18:23:03, for example, “2020101118203” may be output as a currently valid string. Alternatively, a different string may be generated every minute from “2020101118203” using a predetermined algorithm. In this case, the effective time of each string is 1 minute. Another algorithm may be used to generate a different string every 30 seconds. In this case, the effective time of the string is 30 seconds.

  In the first storage unit 102, for example, information (owner identification information) for specifying a person holding the mobile terminal 100 and information on a ticket that the person has purchased are associated and stored. Yes. Alternatively, an airplane passenger and air ticket information may be stored in association with each other. The information specifying the person holding the portable terminal 100 is preferably information that can uniquely specify the person. By using such information, it can be used as information (owner identification information) for identifying the person who owns the ticket. For example, this information may be a telephone number of the mobile terminal 100 or a personal number such as My Number associated with the person. By using information that can uniquely identify the person or information having such a function, it is possible to detect with high accuracy that a large number of tickets for the same event are being purchased. In other words, when the number of pieces of ticket information of the same event is associated with the same owner identification information by a predetermined threshold or more and is to be stored in the first storage unit 102, the purchase of the ticket by a specific person is You can discover in advance what is going to be done. Processing related to ticket purchase and purchase will be described later.

  The authentication information generation unit 108 includes at least the owner identification information (for example, the telephone number of the mobile terminal 100) obtained from the first storage unit 102 and the currently valid information provided from the first string output unit 104. Authentication information is generated using the string. For example, the authentication information generation unit preferably generates authentication information using an encryption algorithm. The authentication information is transmitted to the reception terminal as described later. The reason why the authentication information is encrypted is that it is desirable that the owner identification information or the like is not easily leaked from the authentication information.

  The generated authentication information is provided to the authentication information output unit 110. For example, the authentication information output unit 110 may display the authentication information on the display screen of the portable terminal in the form of image information such as a barcode or a QR code (registered trademark). Alternatively, the authentication information may be transmitted to the reception terminal 120 using wireless communication such as Bluetooth (registered trademark), NFC (Near Field Communication), WIFI (wireless LAN), or infrared communication.

  The reception terminal 120 included in the authentication device 180 and the server device are connected to each other via a network such as the Internet or a wireless or wired LAN, for example.

  The reception terminal 120 may be, for example, a mobile phone or a tablet.

  The authentication information acquisition unit 122 may be a camera installed on the back of a mobile phone or tablet. The authentication information may be acquired by reading a barcode displayed on the screen of the mobile terminal 100 using this camera. The notification unit 124 may be, for example, a mobile phone or tablet display screen and / or a speaker. The notification unit 124 has a function of notifying the authentication result from the authentication result output unit 148 of the server device 130 to the operator of the reception terminal. The method of notification is not limited to these.

  In the server device 130, the decryption unit 138 receives the authentication information acquired by the authentication information acquisition unit 122. In addition, when a plurality of encryption algorithms are used, information specifying the used encryption algorithm may be received together. Alternatively, when the encryption algorithm used in the mobile terminal 100 is upgraded, the version number may be received. In this case, when sending the authentication information, the mobile terminal 100 can also send information specifying the encryption algorithm to the receiving terminal. In this case, the decryption unit 138 decrypts the authentication information using an appropriate decryption algorithm corresponding to the used encryption algorithm. Information included in the decrypted authentication information is used in the server device 130. The decrypted information includes at least owner identification information and a valid first string.

  The string receiving unit 136 acquires the timing at which the decryption unit receives the authentication information, and receives a valid second string from the second string output unit 132 based on the timing. The second string output unit outputs a second string that is valid for a fixed time based on the time information from the clock generation unit 134. The received valid second string is sent to the match detector 140.

  The first string output unit 104 and the second string output unit 132 are preferably designed to output the same string having the same effective period based on the current time. Note that the clock generation unit 106 used by the first string output unit 104 and the clock generation unit 134 used by the second string output unit 132 are different clocks. May have occurred. For example, when 1 minute is set as the valid period, the same valid string can be obtained from both parties during the one minute period with substantially the same valid time. In addition, since the time required from the generation of the authentication information to the decryption unit 138 being decrypted by the decryption unit 138 in the portable terminal 100 is very short, the effective first decrypted by the decryption unit. The string and the received second string are very likely to match. The match detection unit 140 in the server device checks whether or not the first string and the second string match, and outputs a match signal if they match.

  In consideration of the difference in valid time due to the use of different clock generators, processing time, transmission time, etc., for example, the authentication information was generated at the timing just before the valid time of the first string ends. In some cases, a match may not be detected. In consideration of this case, the match detection unit 140 compares the first string that was valid one before the decrypted valid first string with the valid second string, When the signal is detected, a coincidence signal may be output. Or comparing the decrypted valid first string with the second string that was valid prior to the received second string, and if a match is detected, a match signal May be output.

  If no match is detected by the match detection unit 140, for example, it is highly likely that a barcode generated based on the output result of authentication information generated in the past has been copied and used. It can be determined that there is a high possibility that the information is not copied information but copied information.

  The output of the match detection unit 140 is provided to the authentication result output unit 148.

  The second storage unit 142 stores ticket information, which is right information belonging to the owner, corresponding to the owner identification information.

  The right information extraction unit 146 extracts right information corresponding to the owner identification information from the second storage unit 142 using the owner identification information decrypted by the decryption unit 138. For example, ticket information including information such as seat numbers of a concert S held at a specific date and time associated with the owner identification information is extracted.

  The authentication result output unit 148 outputs the authentication result of the extracted ticket based on the result of the match detection unit 140. That is, when no match is detected by the match detection unit 140, for example, a case where a barcode obtained by copying the screen of the mobile terminal 100 is displayed on the mobile terminal is assumed. In this case, there is a high possibility that the ticket extracted from the second storage unit 142 is not that of the owner of the mobile terminal 100. Therefore, in this case, it is determined that the person who owns the portable terminal 100 is not the owner of the ticket, and the authentication result output unit 148 outputs a signal denying authentication to the notification unit 124. .

  On the other hand, when a match is detected by the match detection unit 140, the authentication information displayed on the screen of the mobile terminal 100 is highly likely to be valid authentication information. In this case, the extracted ticket is highly likely to belong to the owner of the mobile terminal 100. Therefore, in this case, it is determined that the person who owns the portable terminal 100 is the ticket owner, and the authentication result output unit 148 outputs a signal for affirming the authentication to the notification unit 124. .

  The notification unit 124 notifies the operator of the authentication result based on a positive signal or a negative signal from the authentication result output unit 148. As a method of notification, in the case of affirmative, an “admission OK”, “passable”, or blue screen is displayed on the display unit of the reception terminal 120 to indicate that the authentication is successful. The operator can be notified that the authentication is successful by emitting a predetermined sound from the speaker. If the authentication result is negative, an “admission NO”, “impossible to pass”, or red screen is displayed on the display unit of the reception terminal 120 to indicate that the authentication is unsuccessful. By making a predetermined beep sound from the speaker, it is possible to inform the operator that the authentication was unsuccessful. Alternatively, the gate (not shown) may be automatically opened and closed based on a signal from the authentication result output unit 148.

  When the authentication result output unit 148 outputs a positive authentication, the authentication result output unit 148 adds the right to the right information stored in the second storage unit 142 corresponding to the extracted right information. It is desirable to set a flag indicating that it has been used. It can be seen that the right information on which this flag is set is already used (the right has been exercised, that is, if it is a ticket, it is a used ticket).

  The authentication result output unit 148 can be configured not to output a positive authentication result to the notification unit 124, assuming that the right information with this flag set is already used. By doing so, it is possible to prevent the admission ticket from being used illegally a plurality of times.

  The authentication result output unit 148 preferably outputs an appropriate authentication result based on the right information extracted by the right information extraction unit 146. For example, when the extracted right information is a ticket for admission to a concert, an instruction is given to the notification unit so as to display “entry OK”. For example, when the extracted right information is the right information indicating that the purchase price of a product such as “stuffed toy” has been paid in advance, the notification unit is displayed to display “provide one stuffed toy”. Instructions can be given.

  Since the relationship between the ticket and the ticket owner is centrally managed by the server device 130, the ticket is forged even if an illegal copy of the ticket screen information is taken by taking a quick shot of the ticket. It is not possible. In addition, since a ticket cannot be used even if a portable terminal with a different telephone number is used, it is possible to prevent the ticket from being used illegally.

<Configuration and Operation of Second Embodiment>
FIG. 2 is a diagram illustrating a configuration of the second embodiment. Constituent elements of the same type as in FIG. In the second embodiment, an example in which electronic ticket information is also included in the authentication information from the mobile terminal 100 and sent to the authentication device 180 is shown.

  The main difference from the first embodiment shown in FIG. 1 is that the portable terminal 100 includes a right information instruction unit 216, and the reception terminal 120 includes a right information type instruction unit 226. It is a point.

  For example, assume the following situation. Regarding the product C and the product D that have already been paid on the Internet at the event Z venue, two tickets, the ticket for receiving the product C and the ticket for receiving the product D at the event Z venue, are the portable terminal 100 of the owner K. In the first storage unit 102 in correspondence with the owner identification information of the owner K.

  It is assumed that the owner P has received the product D at the event venue first because the product C is a small item, and the product P is large, and therefore wants to receive the product D just before returning. In this case, first, in response to the fact that the ticket for receiving the product C is selected by the owner K in the portable terminal 100, the authentication information generation unit 108 receives the owner K from the first storage unit 102. The information on the receipt ticket of the product C corresponding to is taken out.

  Then, the authentication information generation unit 108 can generate authentication information by encrypting the owner identification information, the ticket information of the product C, and the valid first string. In this way, the information on the receipt ticket for the product C can be transmitted to the authentication device 180 by adding the information on the receipt ticket for the product C to the authentication information.

  For example, the right information type instruction unit 226 of the reception terminal 120 can specify what event is being held in the place where the reception terminal 120 exists. For example, in response to the event Z being selected by the operator in the right information type instruction unit 226, the right information type instruction unit 226 sends the event information Z to the right information extraction unit 146 from the second storage unit. And the right information related to the owner identification information obtained from the decryption unit is extracted from the second storage unit. The extracted right information is also sent to the match detection unit 140.

  The coincidence detection unit 140 includes the decrypted receipt information of the commodity C and the first string, the right information related to the owner identification information extracted from the second storage unit acquired from the right information extraction unit 146, and Are compared. When there is a matching right, the match detection unit 140 outputs to the authentication result output unit that it matches the matched right information.

  The authentication result output unit 148 is based on the match information obtained from the match detection unit 140 and the right information obtained from the right extraction unit (for example, the right to provide the product C to the owner P at the event Z). Based on the information, the notification unit 124 is instructed to notify that the product C is to be provided, and the notification unit 124 notifies that fact. Then, the authentication result output unit 148 sets a plurality of products C to the second storage unit 142 by setting a delivered flag in the right related to the delivery of the product C related to the owner identification information. To prevent that.

  If the right to provide the product C to the owner P is not stored in the second storage unit 142, the coincidence detection unit 140 receives the decrypted ticket information of the product C and the right Since the right information related to the owner identification information extracted from the second storage unit acquired from the information extraction unit 146 does not match, the authentication result output unit 148 does not provide the product C. The notification unit 124 is instructed to perform notification, and the notification unit 124 performs notification to that effect.

  As described above, in the portable terminal 100, when the owner has a plurality of rights, the right information instruction unit 216 can accept an instruction to select a right from the owner.

  Further, by providing the right information type instruction unit 226 in the reception terminal 120, the operator is prompted to select (select) to instruct what rights the service can be provided in the vicinity of the reception terminal 120. be able to. For example, when the reception terminal 120 is installed at a place where the concert ticket is checked in the entrance area of the concert, an instruction of information such as the concert name, date, time, and location is given from the operator as concert identification information. It is desirable that the right information type instruction unit 226 receives the information. By receiving such an instruction, appropriate right information can be extracted from the second storage unit 142.

  In the second embodiment, since the authentication information is generated using the ticket information, unauthorized use of the ticket can be prevented more firmly.

<Configuration and Operation of Third Embodiment>
FIG. 3 is a diagram illustrating the configuration of the third embodiment.

  In the third embodiment, in the first storage unit 102 and the second storage unit 142, there are places (areas) where rights information and rights are used in association with owner identification information such as mobile phone numbers, respectively. It shall be remembered.

  The mobile terminal 100 includes a position detection unit 318 and a communication control unit 319.

  The reception terminal 120 includes a position detection unit 328.

  The server device 130 includes a communication control unit 349.

  The position detection unit 318 of the mobile terminal 100 detects the position information of the mobile terminal and provides the detected position information to the authentication information generation unit 108. The authentication information generation unit 108 extracts right information related to the position from the first storage unit 102 based on the position information, and generates authentication information using the extracted right information.

  For example, it is assumed that the owner presents a concert Y ticket at a place where the concert Y is entered. The position detection unit 318 gives the position information of the mobile terminal 100 to the authentication information generation unit 108. If the concert is also held on a different day, the position information and the right information related to the current time are acquired from the first storage unit using the current date and time from the clock generation unit 106 of the concert. The authentication information is also generated using the obtained right information. By doing so, concert tickets to be held at an appropriate place and date and time can be extracted and included in the authentication information. The authentication information is passed to the decryption unit of the server device 130 via the authentication information acquisition unit 122 of the reception terminal 120. The decryption unit 138 passes the right information (concert ticket information) to the coincidence detection unit 140.

  The position detection unit 328 of the reception terminal 120 detects the position of the reception terminal 120 and passes the detected position information to the right information extraction unit 146. Similarly, the right information extraction unit 146 extracts right information from the second storage unit 142 using the current time and owner identification information as necessary. The extracted right information is transferred to the match detection unit 140.

  The match detection unit 140 checks the right information as well as the string check described in the first embodiment, and checks whether all match. The check result of the coincidence detection unit 140 is given to the authentication result output unit 148.

  As in the second embodiment, the authentication result output unit 148 checks the rights information, and when determining that the rights information is valid, instructs the notification unit 124 to perform positive notification. . For example, if the strings are matched and the rights information is also matched, the notification unit performs positive notification in accordance with the contents of the rights information.

  Specifically, if the owner of the portable terminal 100 has a concert ticket to be held on a predetermined day in the vicinity of the positions of the portable terminal 100 and the reception terminal 120, the owner of the portable terminal 100 must enter the concert venue. The notification unit 124 performs notification of permission.

  In FIG. 3, the first string output unit 104 acquires the second string from the second string output unit 132 via the communication control unit 319 and the communication control unit 349, and acquires the acquired second string. May be used as the first string. By doing so, it is possible to easily synchronize the generation timing of both strings.

  The communication control unit 319 and the communication control unit 319 are connected via an appropriate network such as the Internet. When the network connection is unstable or disconnected, the first string output unit 104 of the mobile terminal 100 may use the clock generation unit 106 as necessary. The process in which the first string output unit 104 acquires a string from the second string output unit 132 may be employed in the other embodiments already described.

<Configuration and Operation of Fourth Embodiment>
FIG. 4 is a diagram illustrating the configuration of the fourth embodiment. Specifically, it is a diagram showing a configuration of an embodiment in the case of purchasing a ticket or buying and selling a ticket at an auction or the like. FIG. 4 shows a configuration related to ticket purchase and ticket transfer.

  The portable terminal 420 includes a first storage unit 102, an SMS communication control unit 424, and a ticket purchase / exhibition control unit 422.

  Further, the sales / auction server apparatus 400 includes a second storage unit 142, an SMS communication control unit 402, a ticket sales control unit 404, and a ticket number check unit 408.

  In order to buy and sell a ticket, it is desirable that a person who purchases a ticket obtains an ID and a password as a member of a ticket buying and selling site operated on the basis of the sales / auction server device 400.

  The SMS communication control unit 424 of the portable terminal 420 performs SMS (Short Message Service) communication with the SMS communication control unit 424 of the sales / auction server device 400. The SMS communication is a service for transferring a message using a text document or the like using a mobile phone number, for example. In SMS communication, since a mobile phone number is used, due to the nature of the mobile phone number, the identity of the person who can use the mobile phone number is determined relatively accurately. In the fourth embodiment, SMS is used, but other communication forms include SNS (Social Networking Service). SNS is easier to confirm the user's identity than SMS. In order to prevent ticket purchases and the like, it is desirable to use communication that cannot easily transfer an account to another person. For this purpose, for example, identification of the above-mentioned SMS or the like is relatively reliable. A communication means capable of confirming the identity can be selected in accordance with a required level for preventing ticket purchases and forgery prevention. By first performing SMS communication, the mobile phone number of the mobile terminal can be specified. By associating the specified mobile phone number with the ticket information, the owner of the mobile phone number can detect an action such as buying up a ticket in advance.

  In addition to the mobile phone number, personal identification information uniquely assigned to an individual such as My Number, Driver's License Number, and Insurance Card Number can also be used. In addition, when there is no means for electronically reading these personal identification information, the operator carries out checks such as visual confirmation when he / she becomes a ticket trading member, and thereafter he / she carries his / her personal information. It can be used in a terminal or the like.

<Purchase ticket>
When purchasing a ticket, the user logs in to a website managed by the sales / auction server device 400. Thereafter, the ticket purchase / exhibition control unit 422 and the ticket sale / purchase control unit 404 communicate to identify the ticket to be purchased based on the instruction of the owner of the mobile phone who is operating the mobile phone. Is called.

  When the ticket is specified, the SMS communication control unit 424 and the SMS communication control unit 402 perform SMS communication, so that the sales / auction server device 400 acquires the mobile phone number of the operated mobile terminal.

  The ticket trading control unit 404 accesses the second storage unit 142 using the telephone number acquired by SMS communication, and checks the type and quantity of the purchased ticket associated with the same telephone number. The ticket number check unit 408 is instructed together with information on the ticket to be purchased.

  Based on this instruction, the ticket number check unit 408 checks the type and quantity of the purchased tickets associated with the same telephone number, and the same type as the ticket to be purchased (such as tickets for the same concert). It is checked whether the number of tickets has reached a predetermined threshold. The ticket number check unit 408 notifies the ticket sales control unit whether or not the number of tickets of the same type has reached a predetermined threshold.

  When the number of tickets has reached the threshold value, the ticket sales control unit 404 returns to the ticket purchase / exhibition control unit 422 that the same type of ticket cannot be sold any more. Then, the purchase procedure ends.

  If the number of tickets has not reached the threshold value, the ticket sales control unit 404 returns to the ticket purchase / exhibition control unit 422 that the desired ticket cannot be sold. When the settlement procedure ends normally, the ticket sale / purchase control unit 404 gives the ticket purchase / exhibition control unit 422 permission to download the ticket.

  The ticket purchase / exhibition control unit 422 downloads the ticket from the sales / auction server device 400 when the download permission is obtained, and stores the ticket information in association with the mobile phone number in the first storage unit. . Normally, since a single telephone number is assigned to the mobile terminal, in this case, the telephone number is stored in the storage unit, and the ticket is stored in the first storage unit without being associated with the telephone number. Information may be stored.

  If the download is successful, the ticket sales / control unit 404 stores the information on the sold ticket in the second storage unit 142 in association with the telephone number.

  In the fourth embodiment, information such as a telephone number and a sold ticket are associated with each other and stored in the second storage unit 142 of the sales / auction server device 400, so that the purchase of tickets can be prevented. Can be prevented.

<Buying and selling tickets at auctions>
In a ticket auction or the like, the ownership of the ticket is not transferred before the auction is established, but the ownership of the ticket is transferred when the auction is established.

  For example, the ownership transfer when the auction is completed is performed as follows.

  The sale / auction server apparatus 400 manages the location of the ownership of the ticket in association with the mobile phone number. Therefore, the transfer of the ownership of the ticket is performed in the second storage unit 142 of the sales / auction server device 400 in association with the telephone number of the owner of the ticket transfer source. The ticket ownership can be transferred by associating it with the telephone number of the person. At the same time, the ticket purchase / exhibition control unit 422 is instructed to delete the ticket information in the first storage unit 102 of the transfer-source mobile terminal 420 and the ticket transfer destination mobile terminal 420 Sending ticket information to the first storage unit 102 and instructing the ticket purchase / exhibition control unit 422 to store the ticket information in association with the purchase destination telephone number in the first storage unit 102. desirable.

  Since tickets are centrally managed by the sales / auction server device 400, even if information on invalid tickets is exchanged between portable terminals, transfer of the right of the ticket is not established. Therefore, the ticket information possessed by the portable terminal 420 is information for enabling the ticket information to be confirmed even when the portable terminal is in an offline state. What is sold is the sales / auction server device 400. Therefore, when the mobile terminal 420 is in the online state, it is desirable to access the sales / auction server device 400 as necessary so that the ticket (right) owned by the mobile terminal 420 can be confirmed.

<Operation Sequence of First Embodiment>
FIG. 5 is a diagram showing an operation sequence of the first embodiment shown in FIG. 1 by taking the electronic ticket processing of event A as an example. In FIG. 5, the ticket authentication for entering the event A is illustrated as an example, but it goes without saying that the ticket can also be applied to general right authentication.

  In S <b> 502, the mobile terminal 100 generates “authentication information” in which the “phone number” of the mobile terminal and the valid first string “year / month / day / hour / minute” are encrypted.

  By displaying “barcode” on the display of the mobile terminal 100 in step S <b> 504, the barcode image reaches the reception terminal 120. The receiving terminal 120 reads the barcode with the camera unit and acquires “authentication information”.

  In step S <b> 506, the reception terminal 120 transmits “authentication information” to the server device 130.

  In S508, the server device 130 decodes “phone number” and “year / month / day / hour / minute” from “authentication information”.

  In S510, the server device 130 accesses the second storage unit 142, and extracts an “electronic ticket” corresponding to the “telephone number”.

  In step S <b> 512, the server device 130 checks whether the decoded “year / month / day / hour / minute” matches the “year / month / day / hour / minute” generated by the server device 130.

  In S514, when the result in S512 indicates a match (YES), the reception terminal 120 displays “admission permission” on the notification unit (display) of the reception terminal 120 so as to display “admission” permission. .

  In S <b> 516, the reception terminal 120 returns notification completion to the server device 130.

  In S <b> 518, the server device 130 sets a used flag of “electronic ticket” stored in the second storage unit 142.

  In S520, if the result in S512 indicates a mismatch (NO), the receiving terminal 120 displays “not allowed entry” on the notification unit (display) of the receiving terminal 120 so as to display “not allowed entry”. Display.

  The above is the outline of the operation sequence of the first embodiment shown in FIG. 1 when the electronic ticket processing of “entrance permission” is taken as an example. It should be noted that the operation sequence shows the main operation sequence of the first embodiment to help understanding.

  If the electronic ticket cannot be extracted in S510, “No entry” is displayed.

<Operation Sequence of Second Embodiment>
FIG. 6 is a diagram showing an operation sequence of the second embodiment shown in FIG. 2 by taking the electronic ticket processing of event A as an example. In FIG. 6, the authentication of the ticket for entering the event A is illustrated as an example, but it goes without saying that the ticket can also be applied to the authentication of general rights.

  In step S <b> 601, the right information type instruction unit 226 of the reception terminal 120 receives a setting instruction for “event A information”, which is a type of right information, from the operator. In other words, since the reception terminal 120 checks the entrance of the event A, it transmits to the server apparatus 130 that the ticket of “event A information” is handled as the type of right information in a later step S606. Become.

  In step S <b> 602, the mobile terminal 100 encrypts the “phone number” of the mobile terminal, the valid first string “year / month / day / hour / minute”, and the information of “electronic ticket” to generate “authentication information”. .

  By displaying “barcode” on the display of the mobile terminal 100 in step S <b> 604, the barcode image reaches the reception terminal 120. The receiving terminal 120 reads the barcode with the camera unit and acquires “authentication information”.

  In step S <b> 606, the reception terminal 120 transmits “authentication information” and “event A information” to the server device 130.

  In step S <b> 608, the server device 130 decodes “telephone number”, “year / month / day / hour / minute”, and “electronic ticket” from the “authentication information”.

  In S <b> 610, the server device 130 extracts “electronic ticket” from the second storage unit based on “phone number” and “event A information”.

  In S612, the server device 130 extracts the decrypted “electronic ticket” from the second storage unit, where the decrypted “year / month / day / minute” matches the “year / month / date / hour / minute” of the server device. Check if it matches the “electronic ticket”.

  In S614, when the result in S610 indicates a match (YES), the authentication result output unit 148 displays “Event A” on the notification unit (display) of the reception terminal 120 so as to display “event A admission permitted”. Display admission permission.

  In S <b> 616, the reception terminal 120 returns notification completion to the server device 130.

  In S <b> 618, the server device 130 sets a used flag of “electronic ticket” stored in the second storage unit 142.

  In S620, when the result in S612 indicates a mismatch (NO), the server device 130 displays “not allowed entry” on the notification unit (display) of the reception terminal 120 so as to display “not allowed entry to event A”. "Is displayed.

  The above is the outline of the operation sequence of the second embodiment shown in FIG. 2 when the processing of the electronic ticket of event A is taken as an example. It should be noted that the operation sequence is an outline of the operation sequence of the second embodiment in order to help understanding.

<Operation Sequence of Third Embodiment>
FIG. 7 is a diagram illustrating an operation sequence of the second embodiment illustrated in FIG. 2, taking as an example the processing of the electronic ticket for event B using position information. In FIG. 6, although the authentication of the ticket for admission to the event B is illustrated as an example, it goes without saying that the ticket can also be applied to the authentication of general rights.

  In S <b> 700, the mobile terminal 100 extracts “electronic ticket” information from the first storage unit 102 based on the “mobile terminal location information” of the position detection unit 318. For example, by storing position information when using an electronic ticket in an electronic ticket, it is possible to extract an electronic ticket to be used at that position from “portable terminal position information”.

  In step S <b> 701, the reception terminal 120 acquires “position information of the reception terminal” from the position detection unit 328 of the reception terminal 120. That is, since the reception terminal 120 checks the entrance at the position where the event B is held, the “position information of the reception terminal” is transmitted to the server device 130 in the subsequent step S706.

  In step S <b> 702, the mobile terminal 100 encrypts the “phone number” of the mobile terminal, the valid first string “year / month / day / hour / minute”, and the information of “electronic ticket” to generate “authentication information”. .

  In step S <b> 704, “barcode” is displayed on the display of the mobile terminal 100, so that the barcode image reaches the reception terminal 120. The receiving terminal 120 reads the barcode with the camera unit and acquires “authentication information”.

  In step S <b> 706, the server device 130 transmits “authentication information” and “location information of the receiving terminal” to the server device 130.

  In step S <b> 708, the server apparatus 130 decodes the information of “phone number”, “year / month / day / hour / minute”, and “electronic ticket” from the “authentication information”.

  In S710, “electronic ticket” is extracted from the second storage unit by “phone number” and “location information of receiving terminal”.

  In step S712, the server device 130 extracts the decrypted “electronic ticket” from the second storage unit, where the decrypted “year / month / day / hour / minute” matches the “year / month / date / hour / minute” of the server device. Check if it matches the “electronic ticket”.

  If the result in S712 indicates a match in S714 (YES), the server device 130 displays “Event B Admission” on the notification unit (display) of the reception terminal 120 to display “Event B Admission Permission”. “Allow” is displayed.

  In S <b> 716, the reception terminal 120 returns notification completion to the server device 130.

  In S 718, the server device 130 sets a used flag of “electronic ticket” stored in the second storage unit 142.

  In S720, when the result in S712 indicates inconsistency (NO), the server device 130 displays “Event B of event B” on the notification unit (display) of the reception terminal 120 so as to display “not permitted to enter Event B”. Display “No admission”.

  The above is the outline of the operation sequence of the second embodiment shown in FIG. 2 when the processing of the electronic ticket of event B is taken as an example. It should be noted that the operation sequence is an outline of the operation sequence of the second embodiment in order to help understanding. In addition, with respect to position information, a predetermined allowable range is set, and in determining whether the position information matches, even if there is an error in the position information within the predetermined allowable range, the position can be determined to match. desirable.

  Note that the mobile terminal 100 may use the second embodiment, and the authentication device 180 may use the third embodiment. The mobile terminal 100 may use the third embodiment, and the authentication device 180 may use the second embodiment.

  Each of the embodiments herein is not exclusive. Accordingly, it goes without saying that a part of the embodiment can be combined with a part of the other embodiments flexibly as long as there is no contradiction.

<Embodiment related to ticket purchase>
FIG. 8 is a diagram showing an embodiment relating to ticket purchase.

  In step S802, it is checked whether the user has an account. If the user has an account (“Yes”), the process proceeds to step S806. If the user does not have an account (“No”), the process proceeds to step S804.

  In step S804, account registration is performed. That is, settings such as a user ID and a password are performed.

  In step S806, the mobile terminal uses the telephone number to succeed in SMS authentication. If the SMS authentication is not successful (not shown), the subsequent processing (ticket sale) is not performed. Note that the telephone numbers used by ticket purchasers and the like may be stored in the black list. In order to prevent the ticket from being bought up, the black list is checked, and when SMS authentication is performed with a telephone number registered in the black list, control is performed so that subsequent processing (ticket sales) is not performed. May be. User authentication other than SMS may be used.

  In step S808, an electronic ticket purchase procedure is performed. The user designates a desired concert ticket and purchases the ticket. Multiple tickets may be purchased. In this case, as described below, it is desirable to perform processing for preventing ticket purchases.

  In step S810, it is checked whether the number of purchased tickets for the same event associated with the same telephone number exceeds a threshold value. If the check result is “Yes”, there is a high possibility that the ticket has been bought up, and the process is terminated. If the check result is “No”, the process proceeds to step S812.

  In step S812, electronic ticket purchase processing is performed using the mobile terminal. Processing such as credit card settlement is performed. If payment is not completed (not shown), subsequent processing (ticket sales) is not performed.

  In step S814, the portable terminal is made to download an electronic ticket. The download may be started at an appropriate time based on a user instruction or may be automatically started. When the ticket is downloaded, the ticket information can be confirmed from the portable terminal.

  In step S816, the telephone number and ticket information are stored in association with the server apparatus account. By performing this process, the ownership of the ticket belongs to the user corresponding to the telephone number.

  Note that the ticket downloaded to the user's mobile terminal 100 is not treated as electronic information to be sold or sold, and may have a position for selecting a ticket used by the user or confirming the ticket information. desirable.

  In addition, when it is necessary to change the association between the ticket and the mobile number, such as when the user loses the mobile terminal or changes the mobile phone number, for example, after the user logs in, a new This may be dealt with by performing a simple SMS authentication and having a ticket reacquisition procedure. By this procedure, the new mobile number and the ticket are associated with each other.

  It is also possible to resell tickets using the above procedure for ticket reacquisition, so for accounts or mobile numbers where ticket reacquisition procedures are frequently performed, a predetermined threshold or more is required. The ticket reacquisition procedure may be prohibited.

  In addition, by coordinating with an account of an artist's fan club or the like, the fan club member may be given an incentive such as permitting advance sales of tickets.

  In addition, for a user belonging to a fan club, settings such as different thresholds related to ticket purchase may be performed.

<Embodiment related to resale of ticket at auction etc.>
FIG. 9 is a diagram illustrating an embodiment relating to ticket resale at an auction or the like.

  In step S902, login is performed. If the login is successful, the process proceeds to step S904.

  In step S904, SMS authentication is successfully performed using the telephone number using the mobile terminal. If the SMS authentication is successful, the process proceeds to step S906. If the SMS authentication is not successful (not shown), the subsequent processing is not performed.

  In step S906, selection of an electronic ticket in the portable terminal and an instruction to click an exhibition button on the auction site are received. The instruction may be an operation such as a tap other than the click. Since the SMS authentication is successful, the electronic ticket associated with the mobile phone number stored in the server device may be displayed on the mobile terminal to prompt the user to select the electronic ticket.

  In step S908, electronic ticket information registered in the account of the server device and a telephone number associated with the electronic ticket information are extracted.

  In step S910, it is determined whether or not the electronic ticket information to be listed in the auction exists in the account. In step S906, when the electronic ticket stored in the server device and associated with the mobile phone number is displayed on the mobile terminal and the user is prompted to select the electronic ticket, this check is not performed. Also good. If the check result is “Yes”, the process proceeds to step S912. If the check result is “No”, the process ends.

In step S912, it is checked whether or not the telephone number corresponding to the electronic ticket information to be submitted for auction matches the SMS authentication telephone number. In step S906, when the electronic ticket stored in the server device and associated with the mobile phone number is displayed on the mobile terminal and the user is prompted to select the electronic ticket, this check is not performed. Also good. If the check result is “Yes”, the process proceeds to step S914. If the check result is “No”, the process ends.

  In step S914, the electronic ticket information to be exhibited in the auction is deleted from the server device account. As a result of this processing, the ticket that is on sale at the auction cannot be used by the user. Note that it is desirable to store the account information, telephone number, and ticket relations in the server device so that the ticket information can be restored if the auction is not successful.

  In step S916, electronic ticket information to be exhibited in the auction is exhibited on the auction site. The exhibited tickets are determined by a predetermined period according to the auction procedure, and the successful bidder is determined. If the winning bidder is determined, a process of assigning the ticket right to the winning bidder is performed. For this process, the same process as the ticket purchase process shown in FIG. 8 may be used.

  FIG. 10 is a diagram illustrating a flow for ensuring consistency between the encryption process and the decryption process.

  For example, when the encryption algorithm is leaked and the encryption algorithm is changed, or when the encryption algorithm is upgraded, the encryption and decryption can be performed by changing the decryption algorithm of the server device. It is necessary to ensure consistency.

  In step S1002, the server apparatus receives the encryption method of the authentication information generation unit.

In step S1004, the server device decrypts the authentication information using a decryption method corresponding to the encryption method of the authentication information generation unit.

  By performing the above processing, the server device properly decodes the authentication information. The encryption algorithm may be changed randomly. In this case, it is possible to perform appropriate decryption by sending the identification information of the used encryption algorithm to the server device.

  FIG. 11 is a diagram illustrating a specific mode of use of the mobile terminal, the reception terminal, and the server device.

  The portable terminal 100 stores an S concert ticket. The content of the S concert ticket is displayed on the portable terminal 100 (1102). The authentication information is displayed on the screen of the mobile terminal 100 by the QR code 1104 (registered trademark).

  The reception terminal 120 is communicably connected to the server apparatus 130 via a network 1108 such as the Internet.

  The reception terminal 120 images the mobile terminal 100 using the rear camera, and the captured image is displayed on the screen of the mobile terminal 100 (1100). The reception terminal 120 reads the captured QR code (registered trademark) of the mobile terminal 100 and transmits it to the server device 130.

  The server device 130 decrypts the authentication information sent from the mobile terminal via the QR code (registered trademark) using the decryption algorithm according to the various embodiments described above. The server device 130 checks the decrypted authentication information and returns an authentication result to the reception terminal 120. When the ticket is authenticated by the authentication information, for example, “entry OK” (1106) is displayed on the display screen of the reception terminal 120. Based on this display, the operator of the reception terminal permits the owner of the portable terminal 100 to enter the concert venue.

  FIG. 12 is a diagram illustrating an example of displaying a barcode including authentication information.

  The horizontal axis indicates the time axis, the origin is time 0, and a scale is added every minute. A QR code (registered trademark) is shown as an example of the barcode. QR code 1202 (registered trademark) is displayed only for one minute from time 0. When 1 minute elapses, a different QR code 1204 (registered trademark) is displayed for 1 minute from 1 minute to 2 minutes. Thereafter, similarly, different QR codes 1206, 1208, and 1210 (registered trademark) are sequentially displayed for one minute.

  As described above, the display of a valid QR code (registered trademark) changes every minute, so that the ticket cannot be forged by copying and using the screen of the portable terminal 100 as a screen shot. This is because the copied QR code (registered trademark) is valid for only one minute, and thereafter becomes an invalid QR code (registered trademark).

  In this way, by sequentially changing the valid QR code (registered trademark), it is possible to effectively prevent forgery of the ticket by copying the screen of the mobile terminal 100.

  FIG. 13 is a diagram illustrating an example of information stored in the first storage unit 102 and the second storage unit 142.

  FIG. 13A illustrates an example of information stored in the first storage unit 102. The first storage unit 102 stores a telephone number 1302, a ticket 1 (1304), and a ticket 2 (1306). The telephone number is the telephone number of the mobile terminal 100. Normally, since one telephone number is assigned to the mobile terminal, only one telephone number is stored in FIG. In the case of the portable terminal 100 that can use a plurality of telephone numbers, the telephone numbers used in the SMS authentication at the time of ticket purchase are stored in association with the tickets in association with the tickets 1 and 2 respectively. Good. Other information is stored in the first storage unit 102.

  FIG. 13B illustrates an example of information stored in the second storage unit 142.

  A telephone number 1314 and an electronic ticket 1316 are stored in association with the user ID (1312). In addition, there is an area for storing the association between the ID and the password in order to accept the login process (not shown).

  The information stored in the first storage unit 102 and the second storage unit 142 described above is an example, and it is needless to say that various information can be stored in association with each other.

  FIG. 15 is a diagram illustrating another embodiment for changing the owner of a ticket.

  For example, if a ticket that allows multiple people to enter the same event is stored in one mobile terminal, a part of the tickets (for example, an entrance ticket for one person) is moved to another mobile terminal. Then, there is a need for the one person to enter the same event using the other portable terminal. Or, for example, if a person who purchased one ticket cannot attend the event due to illness, etc., suddenly move the ticket to another person's mobile terminal and use the other person's terminal There is a need for the other person to enter the event. In such a case, there is a case where it is desired to move a ticket from one portable terminal to the other portable terminal by a simple method without performing money transfer.

  The embodiment shown in FIG. 15 shows an example for addressing such needs.

  In step S1502, one portable terminal receives an instruction for ticket selection by the operator.

  In step S1504, one portable terminal receives an instruction of the telephone number of the other party to whom the designated ticket is sent.

  In step S1506, one portable terminal sends the telephone number of the one portable terminal, the other party's telephone number, and ticket information to the server device.

  In step S1508, it is determined whether the number of changes of the owner of the selected ticket exceeds a threshold value. In this determination, when the number of changes of the owner of the selected ticket is the number of times exceeding a predetermined threshold, it can be determined that there is a high possibility that the ticket is resold, for example. Therefore, in such a case, the change of the owner of the selected ticket can be prohibited. If this determination is “Yes”, the process ends, and the owner of the selected ticket cannot be changed. If this determination is “No”, the process proceeds to step S1510.

  In step S1508, it is determined whether the number of changes of the owner of the selected ticket exceeds the threshold value. However, this is an example, and the determination is not limited to this. For example, when a plurality of tickets exist in one terminal, the process of moving the ticket may be prohibited in the process of moving all the tickets to the other terminal. That is, the movement of the ticket may be restricted so that at least one ticket cannot be moved. In other words, when all purchased tickets are moved, it is expected that the ticket is likely to be for resale purposes, and thus such processing may be limited. In addition, when there is a high possibility of ticket movement for the purpose of reselling tickets, restrictions may be added as appropriate.

  In step S1510, it is determined whether the other party's telephone number is registered in the server device. The fact that the telephone number is registered in the server device means that the user registration by the ID and password is made for the server device. As described above, when a telephone number is already registered, information such as whether the owner of the telephone number is a trader for resale can be taken into consideration. If the determination result in step S1510 is “No”, the process may be terminated because it is an unknown telephone number and the telephone number of a person who has not been registered as a user. If the determination result is “Yes”, the process proceeds to step S1512. In the case of the embodiment of FIG. 15, if the telephone number is registered in the server device, the process proceeds uniformly to step S1512. However, it is found that the telephone number is the telephone number of the reseller. If so, the process may be terminated.

  In step S1512, the server device performs SMS communication with the other party's telephone number, and sends, for example, a URL to the other portable terminal.

  In step S1514, the other portable terminal accesses the URL and acquires a ticket based on the instruction of the other party.

  In step S1516, the server device associates the telephone number of the other party with the selected ticket. This process transfers the ownership of the ticket.

  In step S1518, the server device invalidates the ticket of one portable terminal. Note that the ticket is centrally managed by the server device. For this reason, the ticket that exists in the portable terminal is positioned as information for enabling the user to grasp the contents of the ticket even when the portable terminal is offline or for the user to select the ticket that the user wants to use. be able to. Therefore, in an environment where the mobile terminal can access the server device, the ticket associated with the mobile terminal can be accurately confirmed by accessing the server device. For this reason, invalidation of the ticket in one terminal is not necessarily performed.

  As described above, in the embodiment shown in FIG. 15, it is possible to exchange tickets between terminals without passing money. In this case as well, the transfer of ticket ownership appropriate for the user can be realized by providing a check function for preventing acts such as ticket resale as described above.

  FIG. 14 is a diagram illustrating a hardware configuration of the mobile terminal 100, the reception terminal 120, and the server device 130. In FIG. 14, the hardware configurations of the mobile terminal 100, the reception terminal 120, and the server device 130 are collectively described.

  The hardware configuration includes a display control unit 1402, a display unit 1403, a CPU 1404, a memory 1406, a communication control unit 1408, an external memory control unit 1410, a storage medium 1411, an input interface 1420, various sensors 1422, a camera 1424, a microphone 1426, and an output. An interface 1430, a speaker 1432, a display 1434, a vibrator 1436, a touch panel control unit 1440, a touch panel 1442 and the like are included.

  The mobile terminal 100, the reception terminal 120, and the server device 130 may not have some of these hardware, and may have other hardware.

Note that all or part of the present embodiment can be implemented by a program. This program can be stored in the storage medium 1411. The storage medium 1411 refers to one or more non-transitory storage media having a structure. Examples of the storage medium 1411 include a magnetic recording medium, an optical disk, a magneto-optical recording medium, and a nonvolatile memory. Magnetic recording media include HDDs, flexible disks (FD), magnetic tapes (MT) and the like. Optical disks include DVD (Digital Versatile Disc), DVD-RAM, CD-ROM (Compact Disc-Read Only Memory), CD-R (Recordable) / RW (ReWritable), and the like. Magneto-optical recording media include MO (Magneto-Optical disk). All or a part of each embodiment can be implemented by reading a program stored in a recording medium and executing it by a CPU.
It should be noted that each embodiment is for the purpose of understanding the invention and is not intended to limit the scope of the invention. Further, the plurality of embodiments described above are not mutually exclusive. Therefore, it should be noted that the elements of different embodiments are also intended to be combined unless a contradiction arises. Further, in the invention according to the method and the program described in the claims, the order of the processes may be changed as long as there is no contradiction, or a plurality of processes may be performed simultaneously. It goes without saying that these embodiments are also included in the technical scope of the invention described in the claims.

  Further, by executing the program code read by the computer, not only the functions of the above-described embodiments are realized, but also other programs such as an OS running on the computer based on an instruction of the program code. Needless to say, the present invention includes a case where the functions of the embodiment are realized by performing part or all of the actual processing.

  In addition, each component of the various embodiments may be realized by a plurality of physically separated hardware. In addition, each component of the various embodiments of the present invention may be realized by being distributed among a plurality of virtual machines operating on one computer.

  By providing a ticket service using this technology, the following effects can be expected.

  By realizing the discovery / authentication function of a ticket with a forgery prevention function that tends to be expensive, it is possible to provide a service at a low cost by realizing it by a widely used portable terminal such as a smartphone.

  In the ticket authentication, the authentication information is always automatically and easily updated by generating the authentication information based on the constantly changing information such as time. In addition, even if authentication information is generated by unauthorized means, such as authentication information generation logic leaking out, measures should be taken immediately and without cost by updating the application and changing the generation logic Is possible.

  Since the authentication information is managed in a state where the system operator is associated with the user information, the ticket can be transferred under the control of the system operator. Ticket transfer can be performed simply by changing user information associated with the authentication information of the ticket. Therefore, it does not take time for issuance and delivery as in the case of tickets, and can be transferred just before or on the day of the event, and may be transferred to a third party. Can be increased.

  The system operator manages the authentication information in a centralized manner, allowing the system operator to freely determine whether or not the ticket can be transferred and the conditions for permitting the transfer (for example, the range of transfer price, qualifications / attributes of the transferee) Can be controlled. For this reason, tickets can be distributed only within the range allowed by the system operator or event operator.

  For example, only a transfer of an artist who appears in an event to a fan club member is allowed, or a ticket is approved to be transferred to a third party with a premium within the range approved by the event operator. Can be collected as a fee.

  QR code (registered trademark) is an example of a two-dimensional barcode.

DESCRIPTION OF SYMBOLS 100 Mobile terminal 102 1st memory | storage part 104 1st string output part 106 Clock generation part 108 Authentication information generation part 110 Authentication information output part 120 Reception terminal 122 Authentication information acquisition part 124 Notification part 130 Server apparatus 132 2nd string Output unit 134 Clock generation unit 136 String reception unit 138 Decoding unit 140 Match detection unit 142 Second storage unit 146 Rights information extraction unit 148 Authentication result output unit 180 Authentication device 216 Rights information instruction unit 226 Rights information type instruction unit 318 Position detection Unit 319 communication control unit 328 position detection unit 349 communication control unit 400 sale / auction server device 402 communication control unit 404 ticket sales control unit 408 ticket number check unit 420 portable terminal 422 ticket purchase / exhibition control unit 424 communication control unit

Claims (16)

A mobile device,
An authentication device for authenticating rights information associated with the mobile terminal;
A right information authentication system comprising:
The portable terminal is
A first string output unit for sequentially outputting a plurality of strings, wherein each of the plurality of strings is valid for a given duration from an output time;
A first storage unit that stores the rights information in association with owner identification information related to the owner of the rights information;
An authentication information generation unit that generates authentication information by an encryption process using at least the owner identification information stored in the first storage unit and a valid string output from the first string output unit When,
An authentication information output unit for outputting the authentication information;
Including
The authentication device
A second string output unit that sequentially outputs a plurality of strings, each of the plurality of strings being valid for a given duration from the output time;
A second storage unit that stores the right information and the owner identification information in association with each other;
An authentication information acquisition unit for acquiring the authentication information from the authentication information output unit;
A string receiving unit that receives a valid string output from the second string output unit in response to the acquisition of the authentication information;
A decryption that decrypts at least the owner identification information and the valid string output from the first string output unit from the acquired authentication information by executing a decryption process corresponding to the encryption process. And
Using the decrypted owner identification information, the corresponding right information is extracted from the second storage unit;
A match detection unit that outputs a match result indicating whether or not the valid string output from the second string output unit matches the valid string output from the first string output unit;
If the match result indicates a match, an authentication result output unit that outputs an authentication result indicating that the extracted right information is valid right information related to the owner;
An informing unit for informing the authentication result;
Including
The second string output unit sequentially outputs a plurality of strings identical to the first string output unit, and is output from the second string output unit, and is the same as the string of the first string output unit Are output at approximately the same timing and are valid for approximately the same duration.
Rights information authentication system. The authentication information is an image,
The authentication result output unit displays the image,
The authentication information acquisition unit captures the image,
The notification unit displays the authentication result;
The right information authentication system according to claim 1.   Each of the plurality of strings sequentially output by the second string output unit uses information on a part of the time obtained from the clock generation unit included in the authentication device, so that a certain period of time, The right information authentication system according to claim 1 or 2, wherein the same value is maintained. The first string output unit outputs the plurality of strings using information on a time obtained by rounding off less than a minute of a time obtained from a clock generation unit included in the mobile terminal, or via a network Receiving the strings from the second string output unit to sequentially output the plurality of strings;
The right information authentication system according to claim 3. The authentication apparatus further includes a right information type instruction unit that instructs a type of right information that the right information extraction unit extracts from the second storage unit.
The right information authentication system according to any one of claims 1 to 4. The portable terminal further includes a right information instruction unit that instructs the authentication information generation unit to generate the authentication information using the right information selected by an operator.
The decryption unit decrypts the selected right information,
The match detection unit outputs a match result by further detecting a match between the selected right information and the right information extracted from the right information extraction unit;
The right information authentication system according to claim 5. The authentication device further includes a position detection unit,
The right information stored in the second storage unit includes position information where the right is used,
The position detection unit provides the right information extraction unit with the position information of the mobile terminal, so that the right information extraction unit extracts the right information related to the position information from the second storage unit. The right information authentication system according to any one of claims 1 to 4, wherein: The right information stored in the first storage unit includes position information where a right is used,
The portable terminal further includes a portable terminal position detection unit that instructs the authentication information generation unit to generate the authentication information by further using right information corresponding to the position information of the portable terminal,
The decryption unit decrypts the right information,
The match detection unit outputs a match result by further detecting a match between the decrypted right information and the right information extracted from the right information extraction unit.
The right information authentication system according to claim 5 or 7. The second storage unit stores a flag indicating that the rights information has been used in association with the rights information;
When the authentication result output unit outputs an authentication result indicating that it is legitimate right information, the flag corresponding to the legitimate right information is set to used,
9. The authentication result output unit outputs an authentication result indicating that the right information is not legitimate right information when the right information extraction unit extracts right information in which a used flag is set. The right information authentication system according to any one of the above. The authentication information acquisition unit and the notification unit exist in a reception terminal.
The right information authentication system according to any one of claims 1 to 9.   The coincidence detection unit includes: a valid string output from the second string output unit; a string output one time before the valid string output from the first string output unit; , Or a string output one time before a valid string output from the second string output unit, and a valid string output from the first string output unit, The rights information authentication system according to any one of claims 1 to 10, wherein a matching result indicating matching is output even if they match. The authentication information output unit further outputs information specifying the encryption process,
The decryption unit performs a decryption process using the output specified information.
The right information authentication system according to any one of claims 1 to 11.   The rights information authentication system according to any one of claims 1 to 12, wherein the right information is ticket information for entering an event venue, and the image is a one-dimensional or two-dimensional barcode. Computer
Sequentially outputting a plurality of strings, each of the plurality of strings being valid for a given duration from the output time; and
Using at least the owner identification information and a valid string from the storage unit that stores the right information associated with the computer and the owner identification information indicating the owner of the right information in association with each other. An authentication information generation step for generating authentication information by the activation process;
A display step of displaying a barcode including the authentication information on a display screen so that an authentication device that authenticates the authentication information reads;
A method for displaying authentication information.   The authentication information display method according to claim 14, wherein in the step of sequentially outputting the plurality of strings, the plurality of strings are output using information provided from the authentication device.   A program that causes the computer to execute the authentication information display method according to claim 14 or 15.

Images