JP4199179B2 - Method for detecting unauthorized electronic storage medium and IC card system using the same - Google Patents

Description

  The present invention relates to an unauthorized electronic storage medium detecting method for detecting an electronic storage medium having identification information (ID) recognized as an unauthorized electronic storage medium, and an IC card system using the method. The present invention relates to a technique for detecting a fraudulent electronic storage medium for detecting a fraudulent card in a gate device using an IC card such as a ticket gate, and a technique effective when applied to an IC card system.

  First, as an electronic storage medium having an identification information ID that is recognized as an unauthorized electronic storage medium, for example, an unauthorized card can be cited. This fraudulent card indicates a card that has been prohibited from being used, for example, a card that has been lost by the user, even though it is within the valid period of use.

  Conventionally, a fraudulent card is detected before the card is used so that the above-mentioned fraudulent card cannot be used.

  At present, there are methods for inquiring a host computer, for example, a method for checking a financial card such as CAFIS (Credit And Finance Information System), which has been put into practical use as means for detecting this fraudulent card.

  In addition, as a method to be performed without a query, there is a method of downloading a list of unauthorized IDs to a terminal, checking whether there is a card to be inspected in the list, and detecting an unauthorized card depending on whether it exists. In this case, as a method for checking whether or not an inspection target card exists in the list, for example, there is a method using a hash function.

  The method will be described below with reference to the drawings. FIG. 7 is a flowchart showing a conventional fraud card detection method using a hash function.

  First, as shown in FIG. 7, an illegal card detection method using a hash function reads an ID from an IC card (step 701), and performs hash function (number of IC cards used, grouping according to purpose). The hash value of the read IC card is obtained by some arithmetic operation (step 702).

  Then, it is checked whether or not the ID of the check target IC card is in the hash value group obtained in the hash list (step 703). If the ID of the check target IC card exists in the hash value group, An illegal card process is executed (step 704), and if it does not exist, a normal card process is executed (step 705).

  In this way, the hash value is obtained from the ID of the IC card using the hash function, and the illegal card is detected by comparing the ID existing in the group of the hash value with the ID of the check target card. .

  In recent years, cards have been used in various fields, and the number of illegal cards themselves has increased with the increase in the number of circulation cards due to their widespread use. Therefore, it is necessary to process a larger amount of data at a higher speed for checking illegal cards. ing.

  Conventionally, by using the hash function described above, the IC cards are divided into appropriate groups, thereby reducing the amount of search and increasing the detection speed.

  However, in this detection method using a hash function, the hash function for deriving a hash value that is sufficiently distributed so that the number of issued cards is evenly grouped requires a large amount of calculation, resulting in a large total time for checking. There was a problem of becoming. For this reason, the above-mentioned conventional technology has a problem in that it cannot cope with a device requiring higher speed processing such as an automatic ticket gate system in each facility such as railways, buses, airplanes, and public / entertainment facilities. there were.

  In addition, the hash list in which the IDs of the illegal cards are registered is a list of IDs grouped based on the hash values described above. However, since the card distribution itself is fluid, there are equal numbers of illegal cards in each group. It is not registered.

  Accordingly, there is a problem that registration is biased in each group, and illegal cards are concentrated in a specific group, and detection in a group in which many illegal cards are registered cannot be performed at high speed.

  The present invention has been made to solve the above problems, and an object of the present invention is to provide a technology capable of detecting an unauthorized electronic storage medium (an unauthorized card) at high speed.

  Of the inventions disclosed in this application, the outline of typical ones will be briefly described as follows.

  In a detection method of an unauthorized electronic storage medium for detecting an electronic storage medium having identification information recognized as an unauthorized electronic storage medium, the identification information or individual identification information of the unauthorized electronic storage medium is grouped by a hash value. It is registered as a list, and identification information or individual identification information and hash value information are allocated and stored in each electronic storage medium, and both the information are read when the electronic storage medium is requested to be used. If the identification information or individual identification information of the electronic storage medium requested to be used is registered in the hash value group, and the identification information or individual identification information exists, If the requested electronic storage medium is determined to be an unauthorized electronic storage medium and does not exist, the use request is made. Detecting fraudulent electronic storage medium by determining the electronic storage medium to normal electronic storage medium. In addition, when reading both information of identification information and hash value information, it is not necessarily required to read in multiple times, and can be read at once. In such a case, it is possible to consider both pieces of information as identification information, but in an essential sense, it is a pair of identification information and hash value information.

  Also, an IC card, an IC card management system that issues and manages the IC card, and an IC card that is connected to the IC card management system via a communication line and acquires and processes the IC card data when requested for use. In an IC card system including a device to be used, the IC card includes identification information or individual identification information and hash value information indicating a group to be searched, and the IC card management system issues and manages the IC card. Card issuing management means, negative list creating means for creating a negative list that is a list of unauthorized IC cards, and communication means for communicating with the IC card using equipment via a communication line, the IC card using equipment Reading means for reading identification information or individual identification information and a hash value from an IC card; Hash list creating means for creating a hash list based on a hash value from a negative list distributed from a C card management system via a communication line, and determining whether or not the read IC card is an unauthorized IC card An unauthorized card determination unit, a processing unit that processes an IC card based on a result of the unauthorized card determination unit, and a communication unit that communicates with the IC card management system via a communication line.

  The effects obtained by the representative ones of the inventions disclosed in the present application will be briefly described as follows.

  Since the process of calculating the hash value is unnecessary, it is possible to detect an illegal card at high speed.

  Further, it is possible to prevent an increase in the search time for a fraudulent card that occurs due to an increase in the number of registered groups of specific hash values, and it is possible to detect a fraudulent electronic storage medium (illegal card) at high speed.

  Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings.

  FIG. 1 is a block diagram showing a configuration of an IC card system that realizes a method for detecting an unauthorized electronic storage medium according to an embodiment of the present invention.

  As shown in FIG. 1, the IC card system of the present embodiment issues and manages an IC card 10, and creates an unauthorized card list (hereinafter referred to as a negative list), and the IC card. An IC card using device 40 is connected to the management system 20 via the communication line 30 to acquire and process data of the IC card 10 in a contact or non-contact manner.

  Further, the IC card 10 has identification information or individual identification information (ID) 11 and a hash value 12 given by the card issuing unit 22, and stores it in the format of “aaaAA”, for example.

  The IC card management system 20 is composed of one or a plurality of computers, and creates a card issuance management unit 22 that issues and manages an IC card 10 to which an ID 11 and a hash value 12 are assigned, and a negative list 21 of a list of illegal cards. And a communication unit 24 that communicates with the IC card using device 40 via the communication line 30.

  FIG. 2 is a diagram showing a configuration example of the negative list 21 described above.

  The negative list 21 shown in FIG. 2 includes “aaa”, “bbbb”, “cccc”, which are the original identification information (ID) of the IC card 10, and the hash value “ It is registered in the form “aaaAA” in combination with “AA” and “BB”.

  The above-mentioned “aaaa”, “bbbb”, “cccc” and “AA”, “BB” schematically represent information, and are irrelevant to the number of digits and the format. The hash values “AA” and “BB” are assigned when the card is manufactured or issued.

  The card issuance management unit 22 normally issues the card by sequentially assigning the hash value 12 to the ID 11, but when a bias is found or at a certain period (for example, monthly or yearly), the card issue management unit 22 It is checked whether or not there is a bias in the number of IDs registered in the group of the hash value 12, and if a bias is seen, a hash value that is biased to a newly issued IC card is not assigned. The hash value 12 is assigned such that the bias of is distributed.

  The IC card using device 40 reads the ID 11 and the hash value 12 from the IC card 10, and the hash based on the hash value 12 from the negative list 21 distributed from the IC card management system 20 via the communication line 30. Based on the results of the hash list creation unit 43 that creates the list 41, the unauthorized card determination unit 44 that determines whether the read card is an unauthorized card, and the unauthorized card determination unit 44, the processing of the IC card 10 is performed. A card processing unit 45 for performing communication and a communication unit 46 for performing communication with the IC card management system 20 via the communication line 30 are provided. It should be noted that the delivery timing of the negative list 21 from the IC card management system 20 may be set for a predetermined fixed period, or may be performed every time the negative list 21 is updated.

  FIG. 3 is a diagram showing a configuration example of the hash list 41 described above.

  As shown in FIG. 3, the hash list 41 has a configuration in which the hash list “AA” and “BB” are grouped based on the negative list 21.

  When using the IC card 10, the IC card using device 40 reads the pair of the ID 11 and the hash value 12 of the IC card 10, searches the hash list 41 using the hash value 12, and the IC card 10 is illegal. Detect whether it is a card or not.

  In FIG. 1 of the present embodiment, only one IC card using device 40 and one IC card 10 are shown, but of course, there are actually a plurality of IC card using devices and IC cards. Not too long.

  Next, a method for detecting an unauthorized card in the IC card using device 40 will be described. FIG. 4 is a flowchart for explaining a fraud card detection method.

  As shown in FIG. 4, in the unauthorized card detection method of the present embodiment, first, when an IC card use request is received from a user, both the ID 11 and the hash value 12 are read from the IC card 10 by the reading unit 42 (step 401). ) The hash list 41 is checked using the hash value 12 read by the unauthorized card determination unit 44 (step 402), and if the ID 11 of the IC card 10 to be checked exists in the data of the hash value 12, The card processing unit 45 executes illegal card processing (step 403), and if it does not exist, the card processing unit 45 executes normal card processing (step 404). In addition, when reading both information of ID11 and the hash value 12, it is not necessarily required to read in multiple times, and can be read at once. In such a case, both information can be considered as ID11 together, but in an essential sense, it is a pair of ID11 and hash value 12.

  As described above, by applying the present invention, the processing for calculating the hash value is unnecessary as compared with the conventional method, so that it is possible to detect an unauthorized card at high speed.

  Next, card issue processing in the card issue management unit 22 will be described.

  FIG. 5 is a flowchart showing the card issuing process, and FIG. 6 is a diagram for explaining the hash value 12 assigning process in the card issuing process.

  In the card issuing process of the present embodiment, as shown in FIG. 5, the number of illegal card IDs registered for each hash value group of the negative list 21 is acquired (step 501).

  Thereafter, an average value of the registered numbers is obtained (step 502), a hash value 12 of a group lower than the average value is assigned to ID11, and an IC card is issued (step 503). At this time, the hash value 12 of the group having the lowest average value may be preferentially assigned.

  The card issuing process described above will be specifically described with reference to FIG. 6. First, 22 IDs 11 of the illegal card are included in the group of the hash value “AA”, 2 IDs of “BB”, and 9 of “CC”. Each is registered. In such a case, if the hash value of the card to be searched is “AA”, the number of searches will be greater than when the hash values are “BB” and “CC”, and a search time will be required.

  For this reason, the average value “11” is obtained, the hash values “BB” and “CC” of the group lower than the average value are assigned to the ID of the IC card, the hash value “AA” is not assigned, and the hash value The number registered in “AA” should not be increased any more. At this time, the hash value “BB” that is lower than the average value may be assigned with priority.

  Thus, the same group (hash value “AA” in FIG. 6) is prevented from being registered in a concentrated manner and is distributed evenly.

  Therefore, by performing the card issuance process as described above, it is possible to prevent an increase in the time for searching for a fraudulent card due to an increase in the number of registered groups of specific hash values, and to detect a fraudulent card at high speed. It becomes possible.

  In the present embodiment, the IC card has been mainly described. However, the detection of an unauthorized card according to the present invention can be similarly applied to other electronic storage media such as a magnetic card.

  The units 22 to 24 and 42 to 46 described in the present embodiment may be realized by a program that can be executed by a computer. The program at that time is stored in a floppy disk, a CD / ROM, a mask ROM, or the like. Provided to general users on media. In this case, in addition to these processes, the program may be provided to the user in combination with another program such as a GUI program.

  Further, as an alternative means provided by the above-described storage medium, it may be provided for a fee through a network such as the Internet.

  As mentioned above, the invention made by the present inventor has been specifically described based on the embodiment. However, the invention is not limited to the embodiment, and various modifications can be made without departing from the scope of the invention. Of course.

It is the block diagram which showed the structure of the IC card system which implement | achieves the detection method of the unauthorized electronic storage medium concerning embodiment of this invention. FIG. 4 is a diagram illustrating a configuration example of a negative list 21. FIG. 4 is a diagram showing a configuration example of a hash list 41. It is a flowchart for demonstrating the detection method of a fraudulent card. It is a flowchart which shows a card | curd issuing process. It is a figure for demonstrating the allocation process of the hash value 12 in a card | curd issuing process. It is the flowchart which showed the fraudulent card detection method using the conventional hash function.

Explanation of symbols

  DESCRIPTION OF SYMBOLS 10 ... IC card, 20 ... IC card management system, 21 ... Negative list, 22 ... Card issue management part, 23 ... Negative list creation part, 24 ... Communication part, 30 ... Communication line, 40 ... IC card use apparatus, 41 ... Hash list 42 ... Reading unit 43 ... Hash list creation unit 44 ... Unauthorized card determination unit 45 ... Card processing unit 46 ... Communication unit

Claims (8)

In a method for detecting an unauthorized electronic storage medium in a system for detecting an electronic storage medium having identification information that is recognized as an unauthorized electronic storage medium,
The system
Register the identification information of the unauthorized electronic storage medium as a group and list,
From the list, obtaining the number of identification information of the illegal electronic storage medium for each group, the allocation information assigned to each group of the group determined based on the number of identification information of the illegal electronic storage medium for each group, assigned to the identification information issued by the electronic storage medium, wherein by storing the identification information and said allocation information issued electronic storage medium in the electronic storage medium to the issuing,
The identification information stored in the electronic storage medium and reads the allocation information at the time of use request of electronic storage medium,
On whether the identification information of the electronic storage medium in the group identification information allocation information read the check whether or not it is registered in the electronic storage medium having pre SL use request before Christ are registered Done
If the identification information exists as a result of the check, an unauthorized electronic storage medium is detected by determining the electronic storage medium requested to be used as an unauthorized electronic storage medium. Detection method. The method of detecting an unauthorized electronic storage medium according to claim 1,
The method of detecting an unauthorized electronic storage medium, wherein the group determined based on the number of identification information is a group determined based on an average value of the number of identification information. The method of detecting an unauthorized electronic storage medium according to claim 2,
The method of detecting an unauthorized electronic storage medium, wherein the group determined based on an average value of the number of identification information is a group lower than the average value. The method for detecting an unauthorized electronic storage medium according to claim 3,
The method of detecting an unauthorized electronic storage medium, wherein the group that is lower than the average value is a group that is lower than the average value. In a detection system for an unauthorized electronic storage medium that detects an electronic storage medium having identification information that is recognized as an unauthorized electronic storage medium,
Means for grouping and registering the identification information of the unauthorized electronic storage medium as a list;
From the list, the number of identification information of the illegal electronic storage medium for each group is acquired, and the allocation information assigned to each group of the group determined based on the number of identification information of the illegal electrical storage medium for each group acquired and means for issuing an electronic storage medium assigned to the identification information issued by the electronic storage medium, stores and the identification information and the allocation information in the issued electronic storage medium,
Means for reading said identification information to the electronic storage medium during use request of electronic storage media allocation information,
On whether the identification information of the electronic storage medium in the group identification information allocation information read the check whether or not it is registered in the electronic storage medium having pre SL use request before Christ are registered Means to do,
If the identification information exists as a result of the check, the unauthorized storage device has means for detecting the unauthorized electronic storage medium by determining the requested electronic storage medium as an unauthorized electronic storage medium. Electronic storage medium detection system. The unauthorized electronic storage medium detection system according to claim 5,
The detection system for an unauthorized electronic storage medium, wherein the group determined based on the number of identification information is a group determined based on an average value of the number of identification information. The system for detecting an unauthorized electronic storage medium according to claim 6,
The detection system for an illegal electronic storage medium, wherein a group determined based on an average value of the number of identification information is a group lower than the average value. The unauthorized electronic storage medium detection system according to claim 7,
2. The illegal electronic storage medium detection system according to claim 1, wherein the group lower than the average value is a group lower than the average value.

Images