JP3926521B2 - Terminal and system - Google Patents

Description

[0001]
BACKGROUND OF THE INVENTION
The present invention relates to an ID card system.
[0002]
[Prior art]
Bank system that handles deposits, payments and transfers of deposits at terminals (automated teller machines) installed at bank offices as an ID card system that makes effective use of ID cards and streamlines user procedures. Ticketing systems that sell tickets and commuter passes are known. As the needs for services provided by these systems increase, the functionality of user operation terminals in these systems is increasing. For example, the automatic transaction apparatus described in Japanese Patent Laid-Open No. 10-255105 realizes diversification of services that can be provided by switching and displaying an input reception screen corresponding to the type of user procedure on the touch panel.
[0003]
In addition, ID cards are becoming more sophisticated, and a single ID card is becoming compatible with a plurality of services. For example, “EMV'96 Integrated Circuit Card Specification for Payment Systems” describes a card specification that can support a plurality of financial services. According to this card specification, a list of processing programs in the card is presented, and the user can select one of the lists.
[0004]
[Problems to be solved by the invention]
However, as the operation terminal becomes highly functional, there is a tendency that the number of operation steps of the user who uses it increases. For example, in the conventional banking system, when cash is withdrawn using a multi-function automatic teller machine, the transaction type is selected, the PIN is entered, the amount is specified, and the exchange is required / unnecessary. Various terminal operations are required, such as selection of necessity / unnecessity of statement slip printing. Such an operation is troublesome for the user.
[0005]
By the way, even though the needs for services provided by these systems have diversified, services required by individual users tend to be limited to specific ones. For example, the usage purpose of one user of an automatic teller machine in a bank system is often a withdrawal of a certain amount of cash, a transfer to a specific account, or the like. For this reason, some bank systems issue a transfer card that stores the operation procedure for complicated transfer processing, and allow the user to use it in subsequent transfer processing. This kind of consideration is not taken into account for transactions.
[0006]
In addition, as a result of being able to receive a variety of services with a single ID card according to the conventional card specifications, the user must search for a processing program for the service he / she wants from the list of processing programs. Don't be. When a frequently used service processing program is located at the back of the list, an operation for displaying the back of the list must be performed, which is troublesome.
[0007]
It is desirable that the operability of this type of operation terminal used in daily life is further simplified in consideration of use by a handicapped user, a user who is not good at terminal operation, and the like.
[0008]
On the other hand, the safety of transactions needs to be sufficiently secured.
[0009]
Then, an object of this invention is to provide the terminal and ID card which can aim at the reduction of the operation burden of each user, ensuring the safety | security of transaction.
[0010]
[Means for Solving the Problems]
In order to solve the above problems, the present invention provides:
A terminal that accepts a procedure in a transaction and executes transaction processing according to the procedure,
History information input / output means for executing acquisition of history information of procedures in the past transaction from a recording medium, and storing the history information of procedures in the executed transaction in a recording medium;
Risk determination means for determining the degree of risk based on the history information acquired by the history information input / output means, and determining whether or not the procedure represented by the history information can be reproduced based on the determination result;
When the risk determination unit determines that the procedure represented by the history information is reproducible, the risk determination unit reproduces the procedure represented by the history information and instructs the history information input / output unit to store the history information regarding the procedure content. Provided is a terminal comprising a procedure execution means.
[0011]
According to the terminal of the present invention, since procedures in past transactions can be automatically reproduced, while providing a wide variety of services as in the past, the user frequently himself It is possible to save the trouble of repeating complicated procedures in the service to be used many times. In addition, since the risk determination is performed prior to the reproduction of the procedure in the past transaction and the authentication process is appropriately executed according to the determination result, the safety of the transaction is ensured.
[0012]
In addition, the present invention provides a recording medium for use in this terminal,
An ID card storing user ID information,
There is provided an ID card characterized by having a storage area for storing one or more pieces of operation history information for the host device of the ID card.
[0013]
For example, when a magnetic card is used as the ID card, a magnetic stripe on which user identification information is recorded may be used as the storage area. When using an IC card, an internal memory in which user identification information is recorded may be used as the storage area.
[0014]
DETAILED DESCRIPTION OF THE INVENTION
Embodiments according to the present invention will be described below with reference to application examples to a bank system.
[0015]
FIG. 1 shows a schematic configuration of a bank system according to the present embodiment.
[0016]
A dedicated line or the like between one or more (a plurality in the present embodiment) automatic teller machine 100 installed at a bank sales store and a host computer 130 that manages various information such as customer deposit information. Are connected by a communication line. Although one host computer 130 is shown here, there may be a plurality of host computers.
[0017]
The host computer 130 includes a CPU 131 that executes control processing for the entire host, a storage device 133 that stores user transaction information (user name, contract account number, deposit / withdrawal information, etc.), and each automatic teller payment terminal 100. A communication control device 135 is provided for controlling data transfer therebetween. Furthermore, the host computer 130 also includes a real-time clock (not shown), a power supply device (not shown), a housing (not shown), and the like.
[0018]
On the other hand, each automatic teller payment terminal 100 includes a CPU 101, a memory 103, a touch panel combined display device 105 on which an operation screen described later is displayed, a card reader 109 into which an ID card described later is inserted, and a bill entry / exit for receiving / delivering bills. A device 111, a receipt printing device 113 for printing a statement slip, a passbook printing device 114 for bookkeeping, a communication control device 115 for controlling data transfer with the host computer 130, and a bus 117 for interconnecting them. ing. Among these, those directly related to the user's operation (the touch panel combined display device 105, the card reader 109, the bill input / output device 111, the receipt printing device 113, and the passbook printing device 114), as shown in FIG. It is provided in the front part of the payment terminal 100.
[0019]
The card reader 109 has an ID card take-in / discharge function and a data read / write function for various ID cards. As a data read / write function for various ID cards, for example, with respect to an IC card, a predetermined read / write function with respect to a card built-in microcomputer is required for reading data from the card built-in memory and writing data into the card built-in memory. It has a communication function based on the protocol. In addition, the magnetic card is provided with a read / write magnetic head for reading data from the magnetic stripe and writing data to the magnetic stripe. With such a data read / write function, history information and user identification information, which will be described later, are read from the ID card at the start of the transaction procedure, and new history information regarding the procedure is stored in the ID card after the transaction procedure is completed. Written.
[0020]
The banknote entry / exit device 111 performs banknote acceptance processing and banknote delivery processing, specifically counting banknotes, discharging banknotes, taking in banknotes, and the like.
[0021]
The receipt printing device 113 prints the transaction result on the statement slip and discharges the printed statement slip, and the passbook printing device 114 takes in the passbook, writes in the passbook, the passbook for which the transaction procedure has been canceled, and the written passbook. Drain.
[0022]
The touch-panel display device 105 is provided with a touch sensor on the display screen, and also functions as a touch panel that accepts touch input by a user's finger or the like. Then, operation screens (a) to (g) as shown in FIG. 2 are displayed on the display screen of the display device 105. On the initial screen (a) for selecting a transaction type, a plurality of selection buttons 200a to 200f with transaction names are arranged. On the first guidance screen (b) that is first displayed in the drawer process or the like, a message prompting insertion of a card into the card reader 109 and insertion of a passbook into the passbook printer 114 is displayed. On the password input screen (c) displayed prior to a specific procedure in the transaction, a character set 201 that accepts input of characters from 0 to 9 and a display field 202 for displaying the number of input characters of the password are displayed. A correction button 203 for receiving a correction instruction for the immediately preceding input character and a cancel button 204 for receiving a cancellation instruction for all input characters are arranged. On the amount input screen (d) displayed in the withdrawal process etc., the character set (number from 0 to 9, number of digits (10,000, thousand), amount unit (yen) )) 205, a correction button 206 for accepting an input character correction instruction, a cancel button 207 for accepting an instruction for canceling all input characters, a confirmation button 208 for accepting an instruction for confirming an input amount, a display field 209 for displaying the input amount, the current A storage button 210 that accepts an instruction to save a series of procedures performed up to the display screen, and a message 211 indicating that the procedure up to that point is saved as history information are arranged. On the second and third guidance screens (e) and (f) displayed after the transaction procedure is completed, messages for prompting receipt of ID cards, booked passbooks, printed statement slips, etc., receipt of discharged banknotes A message prompting you to do so is displayed. On the history confirmation screen (g) displayed before the start of the second and subsequent transactions, a display field 212 for displaying the history information of the procedure in the transaction, re-execution of the transaction procedure stored as the history information The same transaction re-execution button 213 for receiving an instruction and another transaction execution button 214 for receiving an instruction to execute a transaction different from the transaction stored as history information are arranged. In addition to these operation screens (a) to (g), a transaction NG display screen or the like on which a message indicating that the procedure cannot be continued due to an erroneous input of a password is displayed.
[0023]
The CPU 101 executes control processing for the entire automatic teller payment terminal and also executes user operation support processing described later. The memory 103 stores in advance a program in which various processes executed by the CPU 101 are defined, and various data necessary for the execution of these processes. In addition, the memory 103 temporarily stores the processing execution result of the CPU 101. FIG. 4 shows functional components realized by the stored programs of the CPU 101 and the memory 103.
[0024]
The banknote deposit / withdrawal control unit 467 executes operation control of the banknote deposit / withdrawal apparatus 111. Under the control of the banknote deposit / withdrawal control unit 467, the banknote deposit / withdrawal apparatus 111 executes the above-described banknote acceptance process and banknote delivery process (counting of banknotes, discharging of banknotes, taking in banknotes, etc.). And the deposit / withdrawal management part 419 manages the stock amount of the banknote in the automatic teller machine 100, judges whether the payment of the banknote of the amount which a user requests | requires is possible, etc. according to the judgment result Then, a bill discharge command or the like is given to the bill deposit / withdrawal control unit 467.
[0025]
The communication control unit 473 performs operation control of the communication control device 115. Under the control of the communication control unit 473, the communication control apparatus 115 executes data transfer via the communication line.
[0026]
The print control unit 471 executes operation control of the receipt printing apparatus 113 and operation control of the passbook printing apparatus 114. Under the control of the print control unit 471, the receipt printing device 113 prints the immediately preceding transaction content on the statement slip, and the passbook printing device 114 writes the unbooked transaction content in the passbook.
[0027]
The card control unit 465 executes operation control of the card reader 109. Thereby, the card reader 109 executes ID card acceptance / discharge processing, data reading processing from the ID card, data writing processing to the ID card, and the like.
[0028]
The display control unit 461 executes image display processing on the touch panel combined display device 105, and the touch panel input control unit 463 calculates coordinate information of the user instruction point on the screen based on the output of the touch sensor. Then, the input management unit 431 calculates user input information from the output information of the touch panel input control unit 463, controls the display control unit 461 according to the calculation result, and displays the above-described operation screen on the touch panel combined display device 105. Are displayed, and predetermined information of the user input information is transferred to the overall control unit 401 described later. As specific functional components for that purpose, a plurality of processing units, specifically, a main menu display instruction unit 433 for instructing display of the initial screen (a), a display instruction for the first guidance screen (b), etc. A card insertion display instruction section 435 to be performed, a password input instruction section 437 for performing a display instruction for the password input screen (c), a history confirmation instruction section 439 for performing a display instruction for the history confirmation screen (g), and an amount input screen (d) An amount input instruction unit 441 for performing a display instruction, a card discharge instruction unit 443 for performing a display instruction for the second guidance screen (e), and a withdrawal display instruction unit 445 for performing a display instruction for the third guidance screen (f). , A transaction NG display instruction unit 447 for instructing display of a transaction NG display screen or the like.
[0029]
The risk determination process 417 determines whether or not to cancel the transaction based on the transaction details and history information, determines whether or not the user authentication process is necessary, and further determines the result of the determination. Execute the process.
[0030]
The transaction processing unit 403 appropriately controls the communication control unit 473, the risk determination processing unit 417, and the deposit / withdrawal processing unit 419 in accordance with the output information of the input management unit 431, and performs the user procedure on the operation screen described above. Execute the corresponding transaction process. As specific functional components for executing this transaction processing, a plurality of processing units, specifically, a deposit processing unit 405 for executing deposit deposit processing, a withdrawal processing unit 407 for executing deposit withdrawal processing, A balance inquiry processing unit 409 for executing a deposit balance inquiry process, a transfer processing unit 411 for executing a transfer process to a designated account, a passbook entry processing unit 413 for executing a process for registering unbooked transaction contents, An electronic money load unit 415 that executes a transfer process (electronic money load process) for storing a specified amount of the account deposit balance in the IC card as electronic money is provided.
[0031]
The initial processing unit 475 executes an initial setting process for the automatic teller payment terminal 100 when the power is turned on. As a result, each of the built-in devices 101 to 115 of the automatic teller payment terminal 100 is activated, and the execution of the overall control process by the overall control unit 401 described below is started. The overall control unit 401 controls the main menu display instruction unit 433 of the input management unit 431 at the time of start-up, displays the initial screen (a) on the touch panel combined display device 105, and thereafter, the input management unit 431. Each processing unit of the transaction process 403 is controlled on the basis of the input information delivered from.
[0032]
Next, ID cards used in this bank system will be described by taking the above-described two types of cards (magnetic card, IC card) as an example.
[0033]
A magnetic stripe 503 as shown in FIG. 5A is formed on the surface of a plastic magnetic card used as an ID card for an automated teller terminal of this bank system.
[0034]
The magnetic stripe 503 is provided with the following three tracks. The first track is a read-only area, in which name information 505 of the cardholder is recorded, as shown in FIG. The second track is a read-only area. As shown in FIG. 5 (b), the identification information 507 of the financial institution, the account identification information 509 of the cardholder, and the transaction history recorded in the third track. Expiration date information 511 indicating the data validity period is recorded. The third track is a readable / writable area. As shown in FIG. 5B, there are a plurality of types (here, two types) of transaction history data 513a and 513b, transaction history total information 515, magnetic stripes. A checksum 516 created from information on the entire data recording area 503 is stored.
[0035]
In each transaction history data 513a and 513b, as shown in FIG. 7A, transaction date and time 751, transaction location information 753 indicating the installation location of the automatic teller machine where the transaction was performed, Transaction type information 755 representing a type name (in this embodiment, any of withdrawal, transfer, and electronic money load), transaction content information representing the contents of the transaction (withdrawal amount, transfer amount, exchange amount with electronic money, etc.) 757 is included.
[0036]
Here, the information included in the transaction content information 757 differs depending on the type of transaction. For example, if the transaction is a withdrawal, the transaction content information 757 includes transaction amount information 771 as shown in FIG. 7C, and if the transaction is a transfer, the transaction content information 757 includes a figure. As shown in FIG. 7D, transaction amount information 781, identification information 783 such as a transfer account number, and transfer destination information 785 such as a transfer destination name are included. If the transaction is an electronic money load, the transaction content information 757 includes transaction amount information 791 as shown in FIG.
[0037]
Further, as shown in FIG. 7 (b), the transaction history total information 315 includes authentication non-transaction count information 361 indicating the number of transactions re-executed based on the transaction history data without performing the cardholder authentication process. , Authentication non-transaction total amount information 363 representing the total amount of money traded without authentication is included.
[0038]
On the other hand, an IC chip is built in a plastic IC card used as an ID card for an automatic teller machine of this bank system. As shown in FIG. 6B, the IC chip is equipped with a card interface 603 for controlling data input / output with the outside, a memory 620, and a CPU 610 for controlling them. In the memory 630, in addition to the card PIN 517, information similar to the magnetic strap 503 of the magnetic card (except for the checksum), specifically, the name information 505 of the card holder, the financial institution Stored are identification information 507, card owner account identification information 509, transaction history data expiration date information 511, two types of transaction history data 513, and transaction history total information 515.
[0039]
For communication with the card reader 109 of the automated teller terminal 100, the contact of the card interface 403 is provided on the surface of the card as shown in FIG.
[0040]
Next, the flow of user operation support processing executed by the automatic teller machine 100 of the bank system will be described with reference to FIG. Details of the processing of each step will be described later.
[0041]
When the automatic teller terminal 100 is turned on, the initial processing unit 475 first executes an initialization process, and then the overall control unit 401 controls the other processing units shown in FIG. Then, the following user support process is started.
[0042]
First, the main menu display processing unit 433 controls the display control unit 461 according to an instruction from the overall control unit 401 and displays the initial screen shown in FIG. Touch panel combined display device 105 It is displayed on the top (S801).
[0043]
If any of the selection buttons on the initial screen is touched, the main menu display processing 433 executes transaction type acquisition processing (see FIG. 9), and the name of the transaction corresponding to the selection button (Deposit, withdrawal, balance inquiry, transfer, bankbook entry, electronic money load) is transferred to the overall control unit 401 as a return value. On the other hand, when an ID card is inserted into the card reader 109 without touching any selection button, the main menu display processing 433 passes “card insertion” to the overall control unit 401 as a return value.
[0044]
When receiving a return value from the main menu display process 433, the overall control unit 401 determines whether or not this return value is “card insertion” (S703).
[0045]
Then, only when the return value is “card insertion”, the overall control unit 401 executes card data acquisition processing (see FIG. 10), acquires transaction history data 513 from the ID card (S803), Further, a default transaction determination process (see FIG. 11) based on the transaction history data is executed (S804). Thereby, the type of the re-executable transaction is determined or it is determined that there is no re-executable transaction.
[0046]
At this time, when it is determined that there is no re-executable transaction type, the main menu display process 433 executes a transaction type acquisition process. As a result, the name of the transaction (deposit, withdrawal, balance inquiry, transfer, bankbook entry, electronic money load) corresponding to the selection button touch-selected on the initial screen is passed to the overall control unit 401 as a return value. .
[0047]
On the other hand, when the type of re-executable transaction is determined, the history confirmation display instruction unit 439 controls the display control unit 461 according to an instruction from the overall control unit 401, and the history confirmation shown in FIG. Screen Touch panel combined display device 105 At the same time, the display field 212 on the history confirmation screen displays predetermined information (transaction date / time, transaction type, transaction content) of the acquired information from the ID card. On the history confirmation screen, when another transaction execution button 214 is touch-selected, the main menu display process 433 executes a transaction type acquisition process, and when the same transaction execution button 213 is touch-selected, Move on to processing.
[0048]
In the above, when the same transaction execution button 213 on the history confirmation screen is touch-selected, or when the return value from the main menu display process 433 is not “card insertion”, the default transaction determination process result (When the same transaction execution button 213 on the history confirmation screen is touch-selected), or a return value from the main menu display process 433 (when the return value from the main menu display process 433 is not “card insertion”) For each transaction type name until it is possible to determine whether it is "Deposit", "Drawer", "Balance inquiry", "Transfer", "Passbook entry", or "Electronic money load" A determination process is performed (S805, S807, S809, S811, S813, S815). The transaction processing unit 403 executes transaction processing according to the determination result. Specifically, if the determination result is “deposit”, the deposit processing unit 405 executes the deposit process (S806), and if the determination result is “draw”, the drawer processing unit 407 executes the withdrawal process ( If the determination result is “balance inquiry”, the balance inquiry processing unit 409 executes balance inquiry processing (S809), and if the determination result is “transfer”, the transfer processing unit 411 executes the transfer processing. (S812) If the determination result is “passbook entry”, the passbook entry processing unit 413 executes the passbook entry process (S814), and if the determination result is “electronic money load”, the electronic money load processing unit 415 An electronic money load process is executed (S816).
[0049]
Then, when the specific transaction process is completed, the transaction processing unit 403 returns the process to the overall control unit 401, and the overall control unit 401 that has returned the process repeatedly executes the processes after S801.
[0050]
Next, a transaction type acquisition process executed by the main menu display processing unit 433 will be described with reference to FIG.
[0051]
As described above, when receiving an instruction from the overall control unit 401, the main menu display process 433 controls the display control unit 461 to display an initial screen on the touch-panel display device 105 (S901). However, when it is determined that there is no re-executable transaction in the default transaction determination process, the initial screen display process is not performed because the initial screen has already been displayed on the touch panel combined display device 105.
[0052]
Then, the card control unit 465 is put in a state waiting for ID card reception, and the touch panel input control unit 463 is put in a state waiting for touch panel input (S902). Then, the presence / absence of a card insertion into the card reader 109 and the presence / absence of a touch operation on the initial screen are monitored, and when an event with the card insertion into the card reader 109 is raised (S903), the return value is “card” "Insert" is passed to the overall control unit 401, and the overall control unit 401 returns processing (S904). On the other hand, if only an event with a touch operation on the initial screen is raised (S905), the name of the transaction corresponding to the touched selection button (deposit, withdrawal, balance inquiry, transfer, bankbook entry, electronic money load Any) is returned to the overall control unit 401 as a return value, and the overall control unit 401 returns processing (S906).
[0053]
Next, a card data acquisition process executed by the overall control unit 401 will be described with reference to FIG.
[0054]
When the return value from the main menu display processing 433 is “card insertion”, the overall control unit 401 instructs the card control unit 465 to acquire the card type, and based on a response to this instruction, the ID card is an IC card. Whether it is a magnetic card or not is determined (S1002).
[0055]
If it is determined that the ID card is an IC card, the card control unit 465 is controlled to record data (transaction history data 513a, 513b, transaction history total information 515, (Expiration date information 511, etc.) are acquired, and are temporarily stored in the memory 103 as transaction re-execution history information (S1003).
[0056]
On the other hand, if it is determined that the ID card is a magnetic card, the card control unit 465 is controlled, and the card reader 109 controls the magnetic recording data (transaction history data 513a, 513b, transaction history aggregation) from the magnetic stripe 503 of the magnetic card. Information 515, expiration date information 511, etc.) are acquired, and are temporarily stored in the memory 103 as transaction re-execution history information (S1004). Then, the checksum included in the magnetic recording data acquired at this time is inspected (S1005), and if an error is detected, the transaction history data 513a and 513b are erased from the magnetic stripe 503 of the magnetic card and the memory 103 is also erased. Also deletes the transaction history data 513a and 513b.
[0057]
Next, a default transaction process executed by the overall control unit 401 will be described with reference to FIG.
[0058]
The overall control unit 401 reads transaction history data 513a, 513b and the like from the memory 103.
[0059]
At this time, if the transaction history data 513a and 513b cannot be extracted from the memory 103, it is determined that there is no new transaction history (S1101), and it is determined that there is no re-executable transaction (S1105). This is the case, for example, when no transaction history data is recorded on the ID card.
[0060]
On the other hand, if the transaction history data 513a and 513b can be extracted from the memory 103, it is determined that there is a new transaction history (S1101). Then, the transaction date and time of these two transaction history data 513a and 513b are compared, and the transaction history data of the latest transaction date and time is selected from them (S1102). It is determined whether or not the transaction date and time of the latest transaction history data selected here is within the period indicated by the expiration date information (for example, up to 90 days from the present date) (S1103). Specifically, the current date is acquired from the real-time clock, and it is determined whether or not the difference between this date and the transaction date and time of the latest transaction history data is within the period represented by the expiration date information. If it is determined that the transaction date and time of the latest transaction history data is within that period, the transaction type of this transaction history data is determined as the type of re-executable transaction (S1104), and the transaction of the latest transaction history data is determined. If it is determined that the date / time is not within that period, it is determined that there is no re-executable transaction (S1105).
[0061]
Next, among the specific transaction processing executed by the transaction processing unit 403 under the control of the overall control unit 401, transaction processing that can be re-executed using transaction history data (drawing processing, electronic money loading processing, transfer processing) Will be described.
[0062]
The withdrawal process, electronic money loading process, and transfer process are as follows: (1) When the corresponding selection button 200a, 200c, 200f is touch-selected on the initial screen, (2) Touch any selection button on the initial screen Instead, the ID card is inserted into the card reader 109, the same transaction re-execution button 213 is touch-selected on the history confirmation screen, and the re-execution is instructed. The Hereinafter, (1) and (2) will be described in each case, but since the flow of these three types of transaction processing is common, a withdrawal process will be exemplified here.
[0063]
(1) When the drawer button 200a is touch-selected on the initial screen (see FIG. 12), the drawer processing unit 407 first checks whether an ID card has been inserted into the card reader 109 (S1201). In the following processing, when a situation occurs in which the procedure cannot be continued, the transaction NG display processing unit 447 that has received an instruction from the withdrawal processing unit 407 controls the display control unit 461, Touch panel combined display device 105 After displaying a transaction NG screen (message display indicating that the procedure cannot be continued) on the top, the process is returned to the overall control unit 401.
[0064]
When an ID card is not inserted in the card reader 109, the card insertion display instruction unit 435 that has received an instruction from the drawer processing unit 407 controls the display control unit 461 to display the second information shown in FIG. One guidance screen Touch panel combined display device 105 Display above. When the ID card is inserted into the card reader 109, the drawer processing unit 407 requests the overall control unit 401 to execute card data acquisition processing (see FIG. 10), and records data (name information 505) in the ID card. Financial institution identification information 507, account identification information 509, two types of transaction history data 513a, 513b, etc.) are acquired (S1203).
[0065]
When the record data is acquired from the ID card by the above processing, or when the ID card is originally inserted in the card reader 109, the transaction type information 755 of any of the transaction history data 513a and 513b is “draw”. If the transaction type information 755 is “drawer”, it is determined whether or not the transaction date and time indicated by the corresponding transaction date and time information 751 is within a predetermined period indicated by the expiration date information 511. Judgment is made (S1204).
[0066]
If the transaction type information 755 of any of the transaction history data 513a and 513b is not “withdrawal”, or if the transaction date and time is not within a predetermined period, an instruction from the withdrawal processing unit 407 is received. The password input instruction unit 437 controls the display control unit 461 to display the password input screen shown in FIG. Touch panel combined display device 105 It is displayed on the top (S1205).
[0067]
Then, when the input of a password with a predetermined number of digits is received on the password input screen, the drawer processing unit 407 executes an authentication process using the password (S1206). For example, when the ID card is a magnetic card, the communication control unit 473 executes communication processing with the host computer 130 according to an instruction from the drawer processing unit 407, and the drawer processing unit 407 executes the communication processing based on the communication result. Then, an authentication process using a personal identification number is executed and the validity of the user is confirmed.
[0068]
If the authenticity of the user is not confirmed by this authentication process, the password input instruction unit 437 that has received an instruction from the drawer processing unit 407 controls the display control unit 461 to display a message prompting the user to re-enter the password. Display above. The drawer processing unit 407 then performs an authentication process using the re-entered password, and confirms the validity of the user again. However, the input of the personal identification number is accepted up to three times, and if the user's validity cannot be confirmed even with the personal identification number re-entered again, the card control unit 465 instructs the card processing unit 407 to While discharging the ID card from the reader 109, the transaction NG display instruction unit 447 controls the display control unit 461, Touch panel combined display device 105 A transaction NG screen (a message display indicating that the procedure cannot be continued due to an incorrect input of the password) is displayed on the screen (S1207). Thereafter, the drawer processing unit 407 returns the process to the overall control unit 401.
[0069]
On the other hand, if the user's legitimacy is confirmed, the amount input instruction unit 441 receiving the instruction from the drawer processing unit 407 controls the display control unit 461 to display the amount input screen shown in FIG. Touch panel combined display device 105 It is displayed on the top (S1208). When the withdrawal amount is input on this amount input screen, the record button 210 is touched as necessary, and then the confirmation button 208 is further touched, the communication control unit 473 receiving the instruction of the withdrawal processing unit 407 The result of the authentication process using the withdrawal amount designated by the user, the financial institution identification information 507, the account identification information 509, and the personal identification number is transmitted to the host computer 130 (S1209). Thereby, on the host computer 130 side, update processing of the user's account information is executed.
[0070]
When the update processing on the host computer 130 side is completed and the communication control unit 473 receives the update result, the print control unit 471 receiving the instruction from the drawer processing unit 407 displays the update result on the host computer 130 side as a statement slip or passbook. Is printed (S1210).
[0071]
When the record button 210 is touched on the amount input screen, or when the transaction currently being executed is a re-execution of a past transaction, the withdrawal processing unit 407 performs a history saving process described later. The transaction history data and transaction history total information 515 in the ID card are updated (S1211).
[0072]
Thereafter, in response to an instruction from the drawer processing unit 407, the card control unit 465 ejects the ID card from the card reader 109, while the print control unit 471 receives a statement slip or passbook from the receipt printing device 113 or the passbook printing device 114. Let it drain. Further, the card discharge instruction unit 443 that has received the instruction from the drawer processing unit 407 controls the display control unit 461, Touch panel combined display device 105 Above, the second guidance screen shown in FIG. 2E is displayed (S1212).
[0073]
And the banknote depositing / withdrawing control part 467 which received the instruction | indication of the drawer | drawing-out process part 407 discharges the banknote of the designated amount from the banknote depositing / withdrawing apparatus apparatus 111 (S1213). Further, the withdrawal display instruction unit 445 that has received an instruction from the withdrawal processing unit 407 controls the display control unit 461, Touch panel combined display device 105 Above, the third guidance screen shown in FIG. 2F is displayed (S1214). Thereafter, the withdrawal processing unit 407 waits for the ID card, statement slip or bankbook, and banknotes to be taken out, and returns them to the overall control unit 401 when they are taken out.
[0074]
By the way, in S1204, the transaction history data in which the transaction type information 755 is “drawer” and the transaction date and time represented by the transaction date and time information 751 is within a predetermined period among the two types of transaction history data 513a and 513b. If it exists, the withdrawal processing unit 407 executes the following process using the transaction history total information associated therewith as the transaction re-execution history information. However, if the two transaction history data 513a and 513b match both of these conditions, the withdrawal processing unit 407 obtains the transaction history data of the latest transaction date and time from the two transaction history data 513a and 513b. After selecting and selecting the transaction history total information associated therewith as the transaction re-execution history information, the following processing is executed.
[0075]
First, the risk determination unit 417 that has received an instruction from the withdrawal processing unit 407 executes a later-described risk determination process based on transaction re-execution history information (S1215). Thereby, it is determined whether the procedure of the past transaction may be re-executed. Specifically, it is determined which of the high risk “history transaction is impossible”, the extremely low risk “history transaction is possible”, and the low risk “history transaction authentication is possible”. The following processes are divided according to the risk determination process result (S1215).
[0076]
If the risk determination processing result is “history transaction is not possible”, that is, if the past transaction procedure cannot be re-executed, the withdrawal processing unit 407 executes the above-described processing S1205 to S1214.
[0077]
Further, when the risk determination processing result is “history transaction is possible”, that is, when the past transaction procedure is re-executable, the history confirmation display instruction received from the instruction of the withdrawal processing unit 407 The unit 439 controls the display control unit 461 to display the history confirmation screen shown in FIG. Touch panel combined display device 105 In the display field 212 on the history confirmation screen, predetermined information included in the transaction re-execution history information (transaction date / time information, transaction type information, transaction content information (here, withdrawal amount)) Is displayed (S1218).
[0078]
When the separate transaction execution button 214 is touched on this history confirmation screen, the withdrawal processing unit 407 executes the above-described processing S1205 to S1214, and then returns the processing to the overall control unit 401.
[0079]
On the other hand, when the same transaction execution button 213 is touched on the history confirmation screen, the withdrawal processing unit 407 returns the processing to the overall control unit 401 after executing the above-described processing S1209 to S1214. However, in this case, unlike the case described above, the host computer 130 does not store the withdrawal amount specified by the user, but the transaction content information included in the transaction re-execution history information (the withdrawal amount in the previous withdrawal process). 757 is transmitted together with the financial institution identification information and the like (S1209).
[0080]
In addition, if the risk judgment processing result is “possible after history transaction authentication, that is, if the past transaction procedure is re-executable after authentication processing with a PIN, Similar to the above-described case, the authentication process using the personal identification number is executed up to three times to confirm the validity of the user (S1220, S1221).
[0081]
If the user's legitimacy cannot be confirmed by the re-entered personal identification number, the card control unit 465 causes the card reader 109 to eject the ID card according to an instruction from the withdrawal processing unit 407, while displaying the transaction NG. The instruction unit 447 controls the display control unit 461, Touch panel combined display device 105 A transaction NG screen (a message display indicating that the procedure cannot be continued due to an incorrect input of a password) is displayed on the screen (S1202). Thereafter, the process is returned to the overall control unit 401.
[0082]
On the other hand, when the user's legitimacy is confirmed, the withdrawal processing unit 407 controls the card control unit 465, and the unauthenticated transaction continuation number information 761 of the transaction history total information 715 recorded in the ID card and After initializing the total no-authentication transaction 763 to 0 (S1217), the same processing (S1218-) as when the risk determination processing result is “history transaction is possible” is executed. Thereafter, the process is returned to the overall processing unit 401.
[0083]
(2) An ID card is inserted into the card reader 109 without touching any selection button on the initial screen, and past withdrawal processing can be re-executed with the same transaction re-execution button 213 on the history confirmation screen. When instructed When an ID card is inserted into the card reader 109 without touching any selection button on the initial screen, as described above, the card data acquisition process (see FIG. 10) and the default transaction determination process ( 11) is executed, the history confirmation screen shown in FIG. Touch panel combined display device 105 Displayed above.
[0084]
When the transaction type “drawer” is displayed in the display field 212 on the history confirmation screen, when the same transaction re-execution button 213 is touch-selected on the history confirmation screen, the withdrawal processing unit 407 displays the initial screen. When the drawer button 200a is touch-selected above, the same process as the risk determination process (S1215 in FIG. 12) after (1) is executed, and then the process is returned to the overall control unit 401. However, in this case, since the touch selection of the same transaction re-execution button 213 has already been accepted on the history screen, the history confirmation screen display processing (S1218) and the touch operation acceptance processing on the history confirmation screen (S1219). ) Is not executed.
[0085]
As described above, transaction processing that can be re-executed using transaction history data (drawing processing, electronic money loading processing, transfer processing) has been described with reference to the withdrawal processing, but as described above, electronic money loading processing, Regarding the transfer process, the flow of the process does not change, and only appropriate changes are made to the processing contents from S1209 to S1214.
[0086]
Next, the above-described risk determination processing executed by the risk determination unit 417 will be described with reference to FIG.
[0087]
The risk determination of the present embodiment is performed at the above-described three levels, that is, (1) history transaction is not possible, (2) history transaction is possible, and (3) history transaction authentication is possible. Here, (1) History transaction impossible is a level at which it is determined that past transactions cannot be re-executed because it is high risk, and (2) History transaction is possible because it is extremely low risk. This is the level at which it is judged that the authentication process with the PIN is not required when re-executing the procedure in the transaction of (3). (3) The post-history transaction authentication is relatively low risk. If the legitimacy of the user can be confirmed, it is determined that the procedure in the past transaction can be executed.
[0088]
Upon receiving an instruction from transaction processing unit 403, risk determination processing unit 417 determines whether or not the location represented by the transaction location information included in the history information for transaction re-execution is a store where automatic teller terminal 100 is installed. Is determined (S1301). Information representing the store where the automatic teller terminal 100 is installed is stored in the memory 103 in advance.
[0089]
And when the place which the transaction place information contained in the history information for transaction re-execution represents is different from the store where the automatic teller machine 100 is installed, the risk determination processing unit 417 has a high risk, that is, It is determined that “history transaction is not possible”, and the determination result is returned to the transaction processing unit 403 as a return value (S1309).
[0090]
On the other hand, when the place represented by the transaction place information included in the history information for transaction re-execution matches the store where the automatic teller terminal 100 is installed, the risk determination processing unit 417 uses the random number r (0 <R <1) is generated, and it is determined whether or not it is 0.1 or more (S1302).
[0091]
When the random number r is less than a predetermined reference value (0.1 in the present embodiment), the risk determination processing unit 417 determines that the risk is low, that is, “authentication history transaction is possible”, The determination result is returned to the transaction processing unit 403 as a return value (S1308). In this way, by adding the evaluation using a random number, the case where the personal identification number is required is randomly generated by a person who knows the conditions to be verified in the following processing (S1303 to S1305). This is to further reduce the risk of unauthorized use of the theft card.
[0092]
On the other hand, when the random number r is greater than or equal to the reference value, the risk determination processing unit 417 determines that the authentication non-transaction total 763 of the transaction history total information 715 included in the transaction re-execution history information is a predetermined reference total ( It is further determined whether or not the first condition of less than 100,000 yen is satisfied in this embodiment (S1303).
[0093]
If the first condition is not satisfied, the risk determination processing unit 417 determines that the risk is low, that is, “post-authentication history transaction is possible” (S1308), and returns the determination result to the transaction processing unit 403 as a return value.
[0094]
On the other hand, if the first condition is satisfied, the risk determination processing unit 417 determines that the transaction amount represented by the transaction content 757 of the transaction history data 713 included in the transaction re-execution history information is a predetermined reference transaction amount (this embodiment It is further determined whether or not the second condition of less than 30,000 yen in the form is satisfied (S1304).
[0095]
If the second condition is not satisfied, the risk determination processing unit 417 determines that the risk is low, that is, “post-authentication history transaction is possible” (S1308), and returns the determination result to the transaction processing unit 403 as a return value.
[0096]
On the other hand, if the second condition is satisfied, the risk determination processing unit 417 determines that the non-authenticated transaction continuation count 761 of the transaction history aggregation information 715 included in the transaction re-execution history information is a predetermined reference transaction count (this implementation It is further determined whether or not the third condition of less than 4 times is satisfied (S1305).
[0097]
If the third condition is not satisfied, the risk determination processing unit 417 determines that the risk is low, ie, “post-authentication history transaction is possible” (S1308), and returns the determination result to the transaction processing unit 403 as a return value.
[0098]
On the other hand, if the third condition is satisfied, the risk determination processing unit 417 further determines whether or not the fourth condition that the ID card is an IC card is satisfied (S1306).
[0099]
If the fourth condition is not satisfied, the risk determination processing unit 417 determines that the risk is low, that is, “post-authentication history transaction is possible” (S1308), and returns the determination result to the transaction processing unit 403 as a return value.
[0100]
On the other hand, if the fourth condition is satisfied, the risk determination processing unit 417 determines that the risk determination processing unit 417 is extremely low risk, that is, “history transaction is possible” (S1307), and performs transaction processing using the determination result as a return value. Return to section 403.
[0101]
As a result of the above risk judgment processing, “history transaction is not possible” only when the past transaction to be re-executed has not been conducted at the same store. In other cases, in principle, from the first condition to the fourth condition If all conditions are met, “history transaction is possible”, and if any of the conditions from the first condition to the fourth condition is not met, “history transaction after authentication” is permitted, but from the first condition to the fourth condition Even in a case where all of the above conditions can be satisfied, there is an exception that “history transaction after authentication is possible” in order to further reduce the risk.
[0102]
In the present embodiment, the fact that past transactions to be re-executed are performed at the same store is a precondition that “post-authentication history transaction is possible” or “history transaction is possible” In place of this precondition, other preconditions, for example, distance information between a plurality of stores are prepared, and the distance from a store where a past transaction to be re-executed is performed is within a predetermined range. You may use the condition that there exists.
[0103]
Moreover, since the conditions from the first condition to the fourth condition are examples, it is possible to appropriately change these conditions, for example, by adding another condition.
[0104]
Next, the above-described history saving process executed by the transaction processing unit 403 in S1211 will be described with reference to FIG.
[0105]
The transaction processing unit 403 first determines whether or not the current transaction is a re-execution of a past transaction (S1400).
[0106]
If the current transaction is not a re-execution of a past transaction, the transaction processing unit 403 further determines whether or not the storage button 210 is touched on the amount input screen (S1401), and the touch on the storage button 210 is determined. If not, nothing is performed and the process proceeds to S1212.
[0107]
When the current transaction is a re-execution of a past transaction, or when the storage button 210 is touched on the amount input screen, it is determined whether the ID card type is a magnetic card or an IC card. Judgment is made (S1402).
[0108]
When the ID card is an IC card, of the two types of transaction history data 513a and 513b stored in the built-in memory 620, the transaction history data including transaction information representing the same transaction type as the current transaction The contents are updated with transaction date / time information representing the current date / time, location information representing the store where the current transaction is being performed, transaction content representing the content of the current transaction, and transaction information representing the type of the current transaction (S1403). However, when both types of transaction history data 513a and 513b include transaction information representing the same transaction type as the current transaction, or any transaction history data 513a and 513b represents the same transaction type as the current transaction. When transaction information is not included, the transaction date / time information indicating the current date / time, the store where the current transaction is performed, of the two types of transaction history data 513a and 513b. It is updated with the location information, the transaction content indicating the content of the current transaction, and the transaction information indicating the type of the current transaction. If transaction history data is not recorded at all, new transaction history data (transaction date and time information indicating the current date and time, location information indicating the store where the current transaction is performed, transaction information indicating the contents of the current transaction) Content, transaction information indicating the type of current transaction).
[0109]
Further, when the risk determination unit 417 determines that “history transaction is possible”, that is, when the procedure for the past transaction is re-executed without performing the authentication process with the password, it is stored in the built-in memory 620 of the IC card. The authentication non-transaction continuation count 761 and the authentication non-transaction total amount 763 of the stored transaction history total information 715 are updated. Then, the process proceeds to S1212.
[0110]
On the other hand, if the ID card is a magnetic card, after the checksum calculation process (S1405), the same transaction type as the current transaction is selected from the two types of transaction history data 513a and 513b recorded in the magnetic stripe 503. Transaction history data including transaction information to represent, transaction date and time information representing the current date, location information representing the store where the current transaction is being conducted, transaction content representing the content of the current transaction, and type of current transaction It is updated with the transaction information to be represented (S1406). However, when both types of transaction history data 513a and 513b include transaction information representing the same transaction type as the current transaction, or any transaction history data 513a and 513b represents the same transaction type as the current transaction. When transaction information is not included, the transaction date / time information indicating the current date / time, the store where the current transaction is performed, of the two types of transaction history data 513a and 513b. It is updated with the location information, the transaction content indicating the content of the current transaction, and the transaction information indicating the type of the current transaction. If transaction history data is not recorded at all, new transaction history data (transaction date and time information indicating the current date and time, location information indicating the store where the current transaction is performed, transaction information indicating the contents of the current transaction) Content, transaction information indicating the type of current transaction).
[0111]
In addition, when the risk determination unit 417 determines that “history transaction is possible”, that is, when the procedure for the past transaction is re-executed without performing the authentication process with the password, the magnetic stripe 503 of the magnetic card is displayed. The authentication non-transaction continuation count 761 and the authentication non-transaction total amount 763 of the recorded transaction history total information 715 are updated. Then, the process proceeds to S1212.
[0112]
As described above, according to the system according to the present embodiment, procedures can be automatically re-executed in the past transaction. Thus, it is possible to save the trouble of repeating complicated procedures in the service frequently used by the user. This is useful for reducing the operation burden of a user who is not good at terminal operation, a user with a handicap, or the like. The transaction history data and transaction history summary information described above are stored on the host computer side or the automated teller machine side, and biometric identification information (fingerprints, etc.) is automatically cashed as information for confirming the validity of the user. If it can be detected by the deposit payment device, it is not necessary to use an ID card and it is not necessary to input a personal identification number, so that the operation burden on the user can be further reduced.
[0113]
On the other hand, at the time of re-execution of the procedure in the past transaction, risk determination is performed, and authentication processing is appropriately executed according to the determination result, so that the safety of the transaction is sufficiently ensured.
[0114]
By the way, in the above, the case where the present invention is applied to a banking system is given as an example. However, the present invention is not limited to a banking system, but is applied to other systems that provide users with a plurality of services, such as a payment system. Can be applied. Hereinafter, this settlement system will be described.
[0115]
FIG. 15 shows a schematic configuration of the payment system according to the present embodiment.
[0116]
In this system, a dedicated line or the like is provided between one or more (in this case, multiple) payment terminals 1500 for providing services to the user and a host computer 130 that manages various information such as customer deposit information. Connected by communication line.
[0117]
The host computer 130 has the same configuration as the host computer described above. Although one host computer 130 is used here, a plurality of host computers may be used as in the case described above.
[0118]
On the other hand, each settlement terminal 1500 has a CPU 1501, a memory 1503, a display device 1505 on which an operation screen described later is displayed, a card reader 1509 into which an IC card described later is inserted, a key input device 1507, and data transfer between the host computer 130. And a communication control device 1510 for controlling the above, and a bus 1511 for interconnecting them. Among these, those directly related to the user's operation (display device 1505, card reader 1509, key input device 1507) are provided in the front portion of settlement terminal 1500 as shown in FIG. Note that the key input device 1507 of the present embodiment is provided with input keys from 0 to 9, an execution instruction key, and a cancel key.
[0119]
The card reader 1509 has an IC card take-in / discharge function and a data read / write function with respect to the IC card, similar to the card reader 109 of the automatic teller machine 100 described above.
[0120]
The input device 1507 receives input information from the user, and the display device 1505 displays an execution result of the processing by the CPU 1501 and the like.
[0121]
The CPU 1501 executes control processing for the entire payment terminal and also executes user operation support processing described later. The memory 1503 stores in advance a program in which various processes to be executed by the CPU 1501 are defined, and various data necessary for executing these processes. Further, the memory 1503 temporarily stores the processing execution result of the CPU 1501. FIG. 17 shows functional components realized by the stored programs of the CPU 1501 and the memory 1503.
[0122]
The initial processing unit 1603 executes an initial setting process of the settlement terminal device 1500 when the power is turned on. As a result, each of the built-in devices 1501 to 111 of the settlement terminal device 1500 is activated, and execution of processing by the payment control unit 1600 described below is started.
[0123]
The input control unit 1604 executes conversion processing for converting the input information received by the input device 1507 into a character code string, and the payment control unit 1600 performs settlement based on the input information delivered from the input control unit 1604. Execute the process. In addition, the display control unit 1609 executes display processing on the display device 1505 and causes the display device 1505 to display the execution result of the payment processing by the payment control unit 1600.
[0124]
A card control unit 1601 executes operation control of the card reader 1509. Accordingly, the card reader 1509 executes ID card acceptance / discharge processing, data reading processing from the ID card, data writing processing to the ID card, and the like.
[0125]
Further, the host communication control unit 1605 executes operation control of the communication control device 1510. Under the control of the communication control unit 1605, the communication control device 1510 executes data transfer via the communication line.
[0126]
FIG. 18 shows an outline configuration of an IC card as an example of the ID card used in the settlement system.
[0127]
This IC card contains an IC chip. This IC chip is equipped with a card interface 1800 for controlling data input / output with the outside, a memory 1802, and a CPU 1801 for controlling them.
[0128]
In the memory 1802, an application list 1803, an application program group 1804 in which payment processing by a predetermined payment method (credit, bank debit, electronic money, etc.) is defined, a program related data group 1805 related to application program execution, rewriting Possible payment history information 1806 is stored.
[0129]
The application list 1803 includes correspondence information that associates an application name 1803a with a pointer 1803b indicating a storage address of the application program and program-related data for each payment method. Note that the data structure of the application list 1803 shown in FIG. 18 is that in the case where the IC card supports a plurality of payment methods, and the application list in the case where the IC card supports only one payment method. Contains only one piece of correspondence information.
[0130]
The payment history information 1806 stores the application name used for the previous settlement process. FIG. 19 shows payment history information when the application “C electronic money” is used for the previous settlement process.
[0131]
Here, an IC card is given as an example of an ID card, but other types of cards storing application lists and payment history information, such as magnetic cards, may be used as ID cards.
[0132]
FIG. 20 shows a flowchart of payment processing executed by the payment terminal 1500 of the present payment system.
[0133]
When the payment terminal 1500 is turned on, first, the initial processing unit 1603 executes initialization processing, and then the payment control unit 1600 controls the other processing units shown in FIG. Start the payment process.
[0134]
When the transaction amount is input from the key input device (S2000), the card control unit 1601 waits for the IC card to be inserted into the card reader 1509 (S2001), and when the IC card is inserted, its internal memory 1802 is inserted. The application list 1803 is taken out from (S2002).
[0135]
The payment control unit 1600 extracts the application name 1803a of the application that can be executed on the own terminal from the application list 1803 extracted at this time. Then, a settlement means list including one or more application names extracted at this time is created (S2003).
[0136]
Furthermore, the card control unit 1601 reads the payment history information 1806 from the built-in memory 1802 of the IC card according to an instruction from the payment control unit 1600. At this time, if the payment history information 1806 can be read (S2004), the payment control unit 1600 further determines whether or not the application having the application name included in the payment history information 1806 can be executed by the own terminal. Judgment is made (S2005), and only when it is executable, the application name is inserted at the head of the settlement means list (S2006).
[0137]
After the above processing steps, that is, when the payment history information 1806 cannot be read (S2004), when the application with the application name included in the payment history information 1806 is determined to be impossible on the own terminal (S2006) When the application name included in the payment history information 1806 is inserted at the head of the payment method list, the payment control unit 1600 controls the display control unit 1602 to select the payment method list and application selection. The method is displayed on the display device 1505. Thereby, for example, when the payment history information 1806 cannot be read or when it is determined that the application having the application name included in the payment history information 1806 is not possible in the own terminal, FIG. ), The numbered application name 2100 and the application selection method 2101 are displayed on the display device 1505, and the application name included in the payment history information 1806 is inserted at the top of the payment method list. 21B, first, the application name 2102 included in the payment history information 1806 is displayed with a selection key name at the top, followed by other numbered application names 2103 and applications. A selection method 2101 is displayed.
[0138]
When the key input device 1507 accepts key input for selecting any application name in the settlement means list 2100 on the display device 1505 (S2007), the input control unit 1604 passes the selection result to the payment control unit 1600. .
[0139]
Then, the payment control unit 1600 determines the type of the input key of the user based on the selection result passed from the input control unit 1604 (S2008).
[0140]
If the user input key is an execution key, the payment control unit 1600 selects an application having an application name included in the payment history information 1806 as an execution target (S2009), and if the user input key is a numeric key. Then, an application having an application name associated with the number in the settlement means list is selected as an execution target (S2010). Then, in response to an instruction from the payment control unit 1600, the card control unit 1601 reads the application program 1804 and the program related data 1805 associated with the application name selected as the execution target from the built-in memory 1802 of the IC card.
[0141]
Then, the payment control unit 1600 executes the application program using the program related data 1805 as necessary. That is, communication by the communication method defined in the application program is performed with the host computer 130. Thereby, the user authentication process (S2011) and the input transaction amount transmission process (S2012) determined for the payment method corresponding to the selected application are performed.
[0142]
Upon completion of the above processing, the card control unit 1601 that has received an instruction from the payment control unit 1600 updates the contents of the payment history information 1806 in the IC card built-in memory 1802 with the name of the application used for the current payment processing. . And the payment control part 1600 repeatedly performs the process below S2000 in order to receive the next transaction amount payment.
[0143]
According to such a payment process, even if many application names are listed in the list, the user can immediately find out the application name of the payment method used last time without performing an operation such as scrolling the list. . Usually, since a user often uses a service of the same payment method repeatedly, such a payment process can reduce the operation burden on the user.
[0144]
In this embodiment, when the application name of the payment method used last time is displayed on the display device, the application name is first displayed with a selection key name, followed by another number. Although the application name and the application selection method are displayed, the display layout does not necessarily have to be as described above. For example, as shown in FIG. 21C, only an application name included in the payment history information may be presented with an appropriate mark (here, a character string “previous”). However, in this case, scrolling of the list may be required, but since the payment application name used last time is marked, it is possible to scroll once without repeating scrolling many times. You can find the payment application name used last time.
[0145]
【The invention's effect】
According to the present invention, since the contents of the procedure in the past transaction can be retained and can be automatically reproduced from the next time onward, while providing various services as in the past, For this user, it is possible to save the trouble of repeating a complicated procedure in a service frequently used by the user many times. This is particularly useful for reducing the operation burden of a user who is not good at terminal operation, a user with a handicap, and the like.
[0146]
In addition, since risk determination is performed prior to re-execution of procedures in past transactions, and authentication processing is appropriately performed according to the determination results, the safety of the transactions is ensured. For this reason, the present invention is particularly suitable for application to financial transactions.
[Brief description of the drawings]
FIG. 1 is a system configuration diagram according to an embodiment of the present invention.
FIG. 2 is a diagram showing an operation screen that is switched and displayed on a touch-panel display device of an automatic teller machine according to an embodiment of the present invention.
FIG. 3 is an external view of an automated teller machine terminal according to an embodiment of the present invention.
FIG. 4 is a functional configuration diagram of an automated teller terminal according to an embodiment of the present invention.
5A is a front view of a magnetic card used as an ID card, and FIG. 5B is a diagram conceptually showing the data structure of data recorded on the magnetic stripe of the magnetic card. .
6A is a front view of an IC card used as an ID card, and FIG. 6B is a diagram conceptually showing the hardware configuration of this IC card and the data structure of recorded data.
FIG. 7 is a diagram conceptually showing the data structure of each recording data on the ID card.
FIG. 8 is a flowchart showing the flow of user operation support processing executed by the automatic teller terminal of the system according to the embodiment of the present invention.
FIG. 9 is a flowchart showing a flow of transaction type acquisition processing executed by a main menu display processing unit.
FIG. 10 is a flowchart showing a flow of card data acquisition processing executed by the overall control unit.
FIG. 11 is a flowchart showing a flow of a default transaction determination process executed by the overall control unit.
FIG. 12 is a flowchart showing a flow of a drawer process executed by a drawer processor.
FIG. 13 is a flowchart showing a flow of risk determination processing executed by a risk determination unit.
FIG. 14 is a flowchart showing a flow of history saving processing executed by a transaction processing unit.
FIG. 15 is a system configuration diagram according to an embodiment of the present invention.
FIG. 16 is a front view of a payment terminal according to an embodiment of the present invention.
FIG. 17 is a functional configuration diagram of a payment terminal according to an embodiment of the present invention.
FIG. 18 is a diagram conceptually showing the hardware configuration of an IC card used as an ID card and the data structure of recorded data.
FIG. 19 is a diagram for explaining data contents of payment history information.
FIG. 20 is a flowchart showing a flow of payment processing executed by the payment terminal of the system according to the embodiment of the present invention.
FIG. 21 is a diagram showing an example of a display screen on the display device of the payment terminal according to the embodiment of the present invention.
[Explanation of symbols]
100 ... Automatic teller machine
130: Host computer
401 ... Overall control unit
403 ... Transaction processing section
417 ... Risk judgment processing
419 ... Deposit and withdrawal management department
431 ... Input management unit
461 ... Display control unit
463 ... Touch panel input control unit
465 ... Card control unit
467 ... Banknote deposit and withdrawal control unit
471: Print control unit
473: Communication control unit
475 ... Initial processing section
503: Magnetic stripe of magnetic card
513a, 513b ... Transaction history data
515 ... Transaction history summary information
610: CPU of the IC card
620 ... Built-in memory of IC card
1500 ... Payment terminal
1501 ... CPU
1503 ... Memory
1505 ... Display device
1507 ... Key input device
1509: Card reader
1510: Communication control device
1600: Payment control unit
1601 ... Card control unit
1602 ... Display control unit
1603 ... Initial processing section
1604: Input control unit
1605: Host communication control unit

Claims (2)

A terminal that accepts a procedure in a transaction and executes transaction processing according to the procedure,
History information input / output means for executing acquisition of history information of procedures in the past transaction from a recording medium, and storing the history information of procedures in the executed transaction in a recording medium;
Determining whether or not the history information acquired from the recording medium satisfies a risk generated by reproducing the procedure represented by the latest history information in the history information acquired by the history information input / output means. A risk determination means for evaluating whether the risk is low risk, medium risk or high risk, and determining the reproduction of the procedure represented by the history information according to the risk ,
When the risk determination unit determines that the procedure represented by the latest history information is reproducible, the procedure represented by the history information is reproduced, and the history information regarding the procedure content is stored in the history information input / output unit. A procedure execution means for instructing;
An authentication process executing means for executing a user authentication process;
With
The history information acquired by the history information input / output means includes the location information of the terminal that made the transaction, and the cumulative number of transactions information by the procedure reproduced without performing the authentication process,
The risk determination means includes
When comparing the location information and information representing the store installed in advance stored in the memory of the terminal, if they do not match, evaluate as high risk, determine that the procedure is not reproducible,
When the location information matches, the cumulative number information is compared with a predetermined reference value for the cumulative number, and when the cumulative number information exceeds the reference value, it is evaluated as a medium risk, and the cumulative number information Is evaluated as low risk when the standard value does not exceed the standard value,
The authentication process execution means executes the authentication process when the risk determination means determines that the medium risk,
The procedure execution means is
When the risk determination unit determines that the medium risk is detected, the history information is initialized so that the cumulative number information is initialized to 0 when the procedure is reproduced after the authentication process is performed by the authentication process execution unit. Instruct the input / output means,
When the risk judging means evaluates the low risk, the procedure representing the history information is reproduced, the history information input / output means is instructed to save the history information regarding the procedure contents, and the authentication process is performed. A terminal characterized by instructing to update the cumulative number when the procedure is reproduced without being executed . A system comprising a terminal that accepts a procedure in a transaction and executes transaction processing according to the procedure, and a recording medium that stores history information of a procedure in a past transaction,
The system according to claim 1, wherein the terminal is a terminal according to claim 1 .

Images