JPH10198636A - System and method for personal authentication - Google Patents

Abstract

PROBLEM TO BE SOLVED: To continue the reception of profit from a service provider in the case of coincidence and to disable the acquisition of profit in the case of noncoincidence by judging the coincidence of member's data and existence area data. SOLUTION: A personal authentication system reads the member's data through a member's data reading means. A service provider AA reads existence area data D2 of PHS terminal equipment 20 from the output of PHS entrepreneour PP through an existence area data possessing means. An arithmetic means judges the coincidence of member's data previously stored in a storage means and the existence area data D2. In this case, when a member user has his own PHS terminal equipment 20 at his hand, the arithmetic means judges that the member's data are coincident with the existent area data D2. When the arithmetic means judges that the member's data are not coincident with the existent area data D2, the person who starts communication can not acquire the profit from the service provider AA.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a personal authentication system and a personal authentication method, and more particularly to a personal authentication system and a contract for purchasing goods using electronic means such as a credit card. And a method for doing so.

[0002]

2. Description of the Related Art Conventionally, when a contract, a transaction, or the like is performed using electronic means, a person who uses the electronic means is authenticated as to whether or not the person is a legitimate contractor. And so on. For example, in the case of PC communication (the same applies to so-called Internet communication), a PC communication member transmits application information using a PC and a telephone line, and a computer system installed on the business side receives this information, We have made a contract between them. At this time, the following basic means have been used to authenticate whether or not the personal computer communication member is following a formal contract procedure.

First, a use contract is concluded in advance between a personal computer user and a personal computer carrier. At that time, the business operator determines the member ID number and the password and notifies the regular member user. When an access request is made from a user via personal computer communication, the business operator requests the accessor for a member ID and password registered in advance, and when the accessor inputs these, the business operator records the membership ID and password. If it matches with the regular member information
Authorize the accessor as a regular member user. Then, the order information and the like transmitted during the communication connection are simulated as those transmitted by the regular member user, and are accepted.

[0004] Further, in order to more strictly confirm whether or not the regular contract procedure is being carried out by the regular contractor,
When the member ID number and password are requested from the business side, the time that the user can enter is limited, and if the user makes an incorrect input a certain number of times or more, it is determined that this is an unauthorized accessor and the line And try to eliminate unauthorized access by other means.

[0005]

However, in the above-described method for eliminating an unauthorized access person, for example, a hacker (an unauthorized intruder) invades a regular member user's personal computer as a transmission gate or a modem. Once the member ID number and password transmitted by the regular member user have been acquired, the user is disabled. If others know the member ID number and password set in advance by any means,
It no longer fulfills its role as personal authentication.

On the other hand, in order to prevent a hacker from illegally acquiring a member ID number and a password, information transmission may be performed between a regular member user and a business by encryption processing to ensure communication security. . But,
No matter how sophisticated and complicated the means for preventing unauthorized acquisition of passwords and the like are, there is no essential solution with hackers who develop more sophisticated unauthorized acquisition means.

[0007] This kind of incident has conventionally occurred in bank cards and credit cards. In particular, since the password set by the regular member user often uses the last four digits of the self or close relative's birthday or telephone number for fear of forgetting it, it is relatively difficult for those who try to misuse it. You can easily detect the password,
As a result, the goods can be obtained fraudulently.

The problem to be solved by the present invention is that the authentication information to be held by a regular member user is not excessively complicated,
An object of the present invention is to provide an authentication technology that does not require a member user to perform any extra operation. Here, an object of the present invention described in claims 1 to 3 and claim 9 is to provide a member user with an unnecessary operation more than before without excessively complicating authentication information to be held by a regular member user. It is to provide a strong personal authentication system.

[0009] An object of the invention described in claim 4 is to provide a personal authentication system that can prevent an unauthorized access user by using a system that disadvantageously gives an unauthorized access person. It is to be. Claim 5
An object of the present invention is to provide a personal authentication method in which the authentication information to be held by a legitimate member user is not excessively complicated, and the member user is not forced to perform extra operations.

[0010] An object of the present invention described in claims 6 and 7 is to provide an individual who does not force cardholders to perform any more unnecessary operations without excessively complicating authentication information to be held by a regular credit card member. It is to provide an authentication system. An object of the invention described in claim 8 is to provide a personal authentication method that does not force cardholders to perform any more unnecessary operations without excessively complicating authentication information that a regular credit card member should have. is there.

[0011]

In order to solve the above-mentioned problems, the present applicant has set forth the claims 1 to 10 described above.
The invention described in the above is provided. The invention according to the present application is based on the fact that a legitimate member user of the system owns a PHS terminal device, a pager, and a mobile phone that are rapidly spreading in recent years, and that the PHS terminal device is always at hand of the legitimate member user. It is assumed that it exists. In Claims 1 to 8, the location information of the PHS terminal device is obtained from the PHS communication carrier who has obtained the location information, and where the person who intends to make a contract or transaction using electronic means is located. If the communication connection point and the location information of the PHS terminal device are different, it is determined that this is illegal.

According to the ninth and tenth aspects, the fraud is determined based on the presence or absence of a call immediately after the transaction, including not only the PHS terminal device but also a pager or a normal mobile phone. (Claim 1) The invention according to claim 1 is a member who intends to receive the service provided by a computer provided by a service provider (for example, a personal computer carrier AA) that provides a service using information communication. A personal authentication system for authenticating whether or not a connected user is a legitimate member user when a user connects, a member data storage unit for storing member data relating to a member user, a member data relating to a member user (for example, Member's address or residence)
Means for reading member data, means for acquiring the area data (D2) of the PHS terminal device (20) owned by the member user from the PHS operator (PP), member data and area data (D2) Arithmetic means for determining a match with
As a result of the determination by the calculation means, if they match, the benefit from the service provider (AA) can be continued, and if they do not match, the output from the service provider (AA) cannot be obtained. An output unit for outputting a result is provided. (Definition of terms) A "member user" is a regular member who can use the personal authentication system according to the present invention, and is a service provider that operates the system (for example, a personal computer carrier (AA) and issues a cash card). Bank (BB), credit card company (CC), etc.). A store (C1) that has made a contract with a credit card company (CC) so that the credit card can be used for shopping is not included in the “member user” here.

[0013] In order for the member user to receive the service of the service provider, communication connection means (10) is required. The communication connection means (10) means, for example, a means for transmitting a "communication connection signal" indispensable for connection for communication with a service provider. When this system is employed in personal computer communication, it refers to hardware such as a personal computer (12) and a modem (13), and communication software and software such as a password. If this system is used in transactions with cash cards (15) or credit cards (17), the card body (15, 17) and the data or password recorded on the card body (15, 17) Refers to software such as numbers. The cash dispenser (16) that can use the bank's cash card (15) and the card reader (18) installed in the store (C1) that has signed a contract with the credit company (CC) are referred to as `` communication connection means ( 10)).

[0014] "Member data" is data stored in advance in a database by a service provider, such as the address or residence of a member user and a telephone number. "Member data storage means" may include a device that stores data read at the time of communication connection, in addition to a storage device that stores data in advance. When the personal authentication system of the present invention is employed in personal computer communication, communication connection means (10) belonging to a member user (for example, personal computer 12, modem
The connection area data (D1) at the time of starting communication to the service provider using a personal computer communication device such as PC 13 can be used as “member data”. Further, since the "connection area data (D1)" is usually the address or residence of a PC communication member, it is registered with a PC communication carrier (AA) and stored in a database of the member data.
Further, if the connection area data (D1) is read at the time of connection as data of the connection area, even if the personal computer communication device is taken out and connected to a place other than the address or residence of the member user, the personal information of the present invention is connected. The authentication system will work.

[0015] The present system is a cash card (15)
If it is adopted in transactions with credit cards (17), the member data will be `` connection area data (D1) '', and branches and credit cards (15) and credit cards (17) will use the transaction contract. The location of the store. In that case, the member data "connection area data (D1)"
Is registered in the computer center (BB) and the card company (CC) managed by the bank and stored in the database, as well as cash dispensers (16) and card readers (18) installed in bank branches and shops (C2) Is sent to the computer center (BB) and the credit card company (CC).

The "location data (D2)" refers to the P
PHS base station that can be used by the HS terminal device (20)
(For example, P1), which is received by the PHS base station (for example, P1). Normally, the PHS terminal device (20) and the PHS base station (P1) constantly and regularly transmit and receive the base station ID by radio waves. The service provider (AA) operating this system transmits the presence area data (D2) recognizable by the base station ID to the PHS base station (P1).
Obtain from the HS operator (PP).

In the case where the present system is employed in personal computer communication, as shown in FIG. 3, a member user connects the PHS terminal device (20) to a modem (13) of the personal computer (12) and communicates with the personal computer. Is performed, the “location data” can be the location of the PHS base station (P3) to which the communication is connected. The "calculating means" is intended to include, for example, when "member data" and "existing area data" are simple data, a device that decodes both data and performs correspondence using a table. For example, as shown in FIG. 1, when there is a possibility that the presence area data (D2) by a plurality of PHS base stations (P1, P2) may be read, the "judgment of membership data and existence area data" It is determined that they match by correction means or the like.

The "output result in the case of inconsistency" usually refers to connection of a line so that communication or transaction cannot be continued, but such a disadvantage that continuation of communication causes a disadvantage. It may be an output. For example, data output for rewriting recorded data on a card in order to invalidate a credit card is applicable. Along with this, a regular member may be notified through a credit institution or the like that there is a possibility of unauthorized use.

According to the personal authentication system according to the first aspect of the present invention, the following operations are performed. First, the member user starts communication to the service provider (AA), and the personal authentication system according to the present invention reads the member data by the member data reading means. Further, the service provider (AA) determines the location data (D2) of the PHS terminal device (20) owned by the member user.
Is read from the PHS operator (PP) by the presence area data acquisition means by output. Then, the arithmetic means determines the coincidence between the member data stored in advance by the storage means and the existence area data (D2).

At this time, the member user makes a P
Assuming that the HS terminal device (20) is at hand, the calculating means determines that the member data and the location data (D2) match. In that case, the personal authentication system according to the present invention determines that the person who has started communication with the service provider (AA) is a legitimate member user, and the member user is output from the service provider (AA) by the output means. Continue to enjoy the benefits.

On the other hand, if the calculating means determines that the member data does not match the existence area data (D2), the personal authentication system according to the present invention starts communication with the service provider (AA). Is determined not to be a legitimate member user. Then, the person who started the communication by the output means cannot obtain the profit from the service provider (AA). Since the PHS terminal device (20) owned by the regular member user does not exist in the vicinity of the person who started the communication to the service provider (AA), the possibility of unauthorized access is extremely high. It is.

As described above, the only new burden imposed on the member user by the personal authentication system according to the present invention is to keep the PHS terminal device (20) owned by the user at hand. This does not impose a burden on the member user. Due to the nature of the portable communication terminal, PH
This is because it is natural to keep the S terminal device (20) at hand. (Claim 2) The invention described in claim 2 is an invention in which the invention described in claim 1 is limited to the case of personal computer communication. The service provider is a personal computer communication company, and the member data is the connection telephone number of the personal computer communication. It is characterized in that it is recognized by

If the member data is the address or residence of the personal computer communication member at the time of member registration, if communication is performed from a place other than home using a portable personal computer, it is determined that the member is not an authorized member. In addition, when we move, we must report each time. Therefore, the connection telephone number of the communication access point is stored in the member data (connection area data
D1). This is because a PC communication member generally connects to an access point with the lowest telephone charge required for PC communication. (Claim 3) The invention described in claim 3 is a technical limitation of the invention described in claim 2, and the connection area data (D1)
Is characterized in that the personal computer communication member inputs the information when the personal computer communication is connected.

When communication is performed by a portable personal computer, the connection area data may not be the address or residence of the personal computer communication member. In this case, the connection area data can be determined as in claim 2, but it is the invention described in this claim that the member inputs directly. This is because the access point does not always have the lowest telephone charge due to the communication speed. (Claim 4) The invention of claim 4 is a technical limitation of the invention of claim 1, 2, or 3, and obtains the benefit of the personal computer communication when the calculation results do not match. The output result that cannot be obtained is an output result for bringing disadvantage to the personal computer communication member. (Definition of terms) "Output results due to disadvantage"
In addition to the passive output result that communication cannot be continued or terminated, this output is one that actively impairs the interests of the user of the personal computer. For example, it is software for freezing a personal computer used for communication or displaying a warning display screen on the personal computer.

According to the fourth aspect of the invention, the following operations are performed, unlike the first aspect of the invention. In other words, the calculation means uses the connection area data (D1) and the existence area data (D
If it is determined that 2) does not match, the personal authentication system according to the present invention determines that the person who has started communication with the service provider (AA) is not a legitimate member user. And
The person who initiates the communication suffers from the output means. This notification of the possibility of suffering disadvantages can prevent unauthorized access as a result. (Claim 5) The invention according to claim 5 is applicable to a case where a member user who intends to receive the service connects to a computer owned by a service provider (AA) that provides a service using information communication. , A personal authentication method for authenticating whether a connected user is a legitimate member user,
A member data reading step of reading member data relating to a member user, a member data storage step of storing member data relating to a member user, a PHS terminal device owned by the member user
The existence area data acquisition step of acquiring the existence area data (D2) of (20) from the PHS operator (PP), the calculation step of determining whether the membership data matches the existence area data (D2), and the determination of the calculation means As a result, if they match, the service provider (A
It is characterized by including an output step of outputting an output result such that the benefit from the service provider (AA) cannot be obtained in the case of a mismatch, while the benefit from the service provider (AA) can be continued. (Claim 6) A connection area data reading means for reading connection area data (D1) by communicating with a card company (CC) using a credit card member's card (17), Contract area storage means for storing connection area data (D1) and card contract data, and existence area data (D2) based on the output from the nearest PHS base station where the PHS terminal device (20) owned by the credit card member can be used. ), The area service data storage means for storing the area service data corresponding to the area data (D2), and the area service data.
A personal authentication system comprising a local service data output means for outputting the contents of (D3). (Definition of terms) "Communicating to the credit card company (CC) using the credit card member's card (17)" means using a communication line such as a card reader (18) and telephone (14) or a dedicated line, This refers to performing communication for checking the expiration date and the like of the card (17).

"Regional service data (D3)" means PHS
This is useful information for the card member of the PHS terminal device (20) regarding the area where the antenna base station (P1) is located. More specifically, simple and short data such as the nearest station name and the telephone number of the nearest personal computer communication access point that can be output through the display screen of the PHS terminal device (20) or a speaker, or a portable personal computer connected to and taken out. Large data, such as a nearby map, a local shopping guide, and the like. However, since the output is for confirming whether or not the person who tried to use the credit card is a legitimate credit card member, the output is often short. In particular, since the information is for members who have completed shopping, the nearest station name, the last train time of the nearest station, event information of the nearest store where the credit card can be used, and the like are useful.

The local service data (D3) may use the PHS terminal device (20) owned by the card member as its output device as shown in FIG. 6, or may use a credit card company (CC) as shown in FIG. ) May be output to devices owned by the store (C1) that has made a contract with the store (C1). PHS terminal
The phone number in (20) is `` Credit card member's card (1
"Communication to the card company (CC) using 7)" may be transmitted using a device such as a card reader (18) or telephone (14). In this case, if the card user is not a legitimate card member, he will hesitate to tell the phone number of the PHS terminal device (20) to the store clerk.

Next, the operation of the present invention will be described. First, the communication to the card company (CC) is started using the credit card member's card (17), and the personal authentication system according to the present invention reads the connection area data (D1) by the connection area data reading means. Further, the card company (CC) reads the area data (D2) of the PHS terminal device (20) owned by the credit card member from the nearest base station (for example, P1) by using the area data acquisition means. Then, the area service data (D3) corresponding to the area data (D2) is output from the area service data storage means.

At this time, if the card user is an authorized credit card member, the local service data (D3)
The store can determine that the card user is an authorized credit card member. Thereafter, a transaction contract may be concluded. On the other hand, if the card user is not a legitimate credit card member, the merchant can determine that the card user is not a legitimate credit card member because he or she cannot receive the local service data (D3). This is because there is a very high possibility that a person who has illegally acquired only the credit card (17) is using the card (17).

Similar to the first aspect of the present invention, the new burden imposed on the member user by the personal authentication system according to the present invention is to keep the PHS terminal device (20) owned by the user at hand. Only. This does not impose a burden on the member user. Due to the nature of portable communication terminals,
This is because the PHS terminal device (20) owned by the user is usually at hand. (Claim 7) The invention according to claim 7 is a technical limitation of the invention according to claim 6, wherein the local service data
If the output of (D3) is received, it is determined that the credit member can conclude the transaction contract, and the local service data
If there is no output of (D3), the credit member is provided with a judging means for judging that a card contract cannot be concluded.

That is, a "judgment means" is added to the constitutional requirements of claim 6. In other words, the reason why the "judgment means" is not an essential component in the invention described in claim 6 is that such a judgment may be made by an artificial means, that is, a store clerk. (Claim 8) A card contract data reading step of reading connection area data (D1) and card contract data by communicating with a card company using a credit card member's card, a credit card member The nearest P that the PHS terminal (20) owned by
Presence area data reading step of reading presence area data (D2) by output from the HS base station, regional service data output step of outputting contents of local service data (D3) corresponding to presence area data (D2), and local service Data (D
If the output of 3) is received, it is determined that the credit member can conclude a card contract, and the local service data
If there is no output of (D3), this is a personal authentication method characterized by including a judgment step of judging that a credit member cannot conclude a card contract. (Claim 9) The invention according to claim 9 is a method for connecting a computer provided by a service provider that provides a service using information communication when a member user who wants to receive the service connects to a computer. Is a personal authentication system for authenticating whether or not is a legitimate member user,
Connection area data acquisition means for acquiring the connection area data of the member user, a communication terminal device owned by the member user, a telephone number storage means for storing the telephone number of the communication terminal apparatus in advance, and a telephone number storage means Authentication call means for reading the telephone number and calling the communication terminal device.

Here, the “communication terminal device” is a PHS,
In addition to the so-called pager, this is intended to include ordinary mobile phones. (Claim 10) When a member user who intends to receive the service connects to a computer owned by a service provider that provides a service using information communication, whether the connected user is an authorized member user A personal authentication method for authenticating whether or not a telephone number of a communication terminal device owned by a member user is stored in advance, a connection area data obtaining step of obtaining connection area data of a member user, and An authentication call step of reading the telephone number stored in the telephone number storage means and making a call to the communication terminal device is provided.

[0033]

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS Hereinafter, the present invention will be described in more detail with reference to embodiments and drawings. The drawings used here are FIGS. 1 to 10. FIG. 1 is a conceptual diagram showing a first embodiment of the present invention. FIG. 2 is a flowchart showing the first embodiment of the present invention. FIG. 3 is a conceptual diagram showing a second embodiment of the present invention. FIG.
FIG. 11 is a conceptual diagram illustrating a third embodiment of the present invention. FIG.
FIG. 14 is a conceptual diagram showing a fourth embodiment of the present invention. FIG. 6 is a conceptual diagram showing a fifth embodiment of the present invention.
FIG. 7 is a flowchart showing the fifth embodiment of the present invention. FIG. 8 is a conceptual diagram showing a sixth embodiment of the present invention. FIG. 9 is a conceptual diagram showing a seventh embodiment of the present invention. FIG. 10 is a flowchart showing the seventh embodiment of the present invention. (First Embodiment) First, a first embodiment of the present invention will be described with reference to FIGS. The first embodiment is a system adopted when a member user who intends to receive the service is connected to a computer owned by a personal computer carrier AA that provides a service using information communication. An individual authentication system and an individual authentication method for authenticating whether or not a connected user is a legitimate member user.

In order to receive the service provided by the personal computer communication company AA, the name, address or residence, telephone number, and the like are registered with the personal computer communication company AA, and the person who has completed the registration is a member user. Personal computer carrier AA
Records the member data (for example, the address or residence of the member) regarding the member user in the database (DB). In order to receive the service provided by the personal computer carrier AA, the member user needs to exchange the hardware such as the personal computer 12, the modem 13, and the telephone 14 with the communication software, the password agreed with the personal computer carrier AA, and the like. Use to connect communications. The connection is performed by access points A1 and A1 provided by a personal computer carrier AA.
An appropriate one is selected from A2, A3,... In consideration of the distance and the communication speed.

On the other hand, in the present system, it is assumed that the member user owns the PHS terminal device 20. Therefore, the personal computer carrier AA usually registers and stores the telephone number and identification number of the PHS as member data. The PHS operator (PP) has installed a number of base stations P1, P2, P3,... In the area, and each base station P1, P2, P3 has According to the position of the PHS terminal device 20, information as to which base station to use is transmitted by radio waves. Therefore, which PHS terminal device 2
0 can be obtained as information on the area where the base station is located.

When a certain user starts connection to personal computer communication, the personal computer carrier AA reads the member data corresponding to the user by the member data reading means. In this embodiment, the member data stored in the database (DB) is accessed from the password or the like of the connected user, and the address or residence is read.

On the other hand, existence area data D2, which is information on the existence area of the PHS terminal device 20 owned by the member user,
From the PHS operator (PP). If there are two nearest base stations P1 and P2, the radio wave Q
Which one of Q1 and Q2 is the existence area data D2 depends on P
It is determined by the correction means provided in the HS carrier (PP) or the personal computer carrier AA.

The personal computer communication carrier AA has an operation means for judging the coincidence between the member data and the area data D2, and judges the coincidence of the two data by the operation means. As a result of the determination, if they match, the benefit from the personal computer carrier AA can be continued, and if they do not match, an output result that cannot acquire the benefit from the personal computer carrier AA is output. In this embodiment, the personal computer communication AA outputs an output that unilaterally terminates the personal computer communication.

If the member user has his or her PHS terminal device 20 at hand, the calculating means determines that the member data and the area data D2 match. In that case, the personal authentication system according to the present embodiment determines that the person who started the communication is a legitimate member user, and the member user can continue to enjoy the benefit of the personal computer communication by the output means.

On the other hand, when the calculating means determines that the member data and the area data (D2) do not match,
That is, there is no PHS terminal device 20 owned by the regular member user near the person who started the communication. It is usually impossible that the PHS terminal device 20 owned by the user is not at hand, and the possibility of unauthorized access is extremely high. (Second Embodiment) Next, a second embodiment will be described with reference to FIG.

In the first embodiment, the member data is accessed from the password or the like of the connected user to read the address or whereabouts.
If the user goes out with the HS terminal device 20 and starts communication using a portable personal computer at a place other than the address or residence, it is determined that the member data and the existence area data D2 do not match. Therefore, in the second embodiment, the connection from the access point A1 is replaced with the telephone number or the like without using the member's address or whereabouts stored in the database in advance as the member data. The connection area data D1 is read as member data. If the connection area data D1 is read at the time of connection as data of the connection area, the personal authentication system can function even if the personal computer communication device is taken out and connected to a place other than the address or residence of the member user. Becomes

Although the connection area data D1 can be determined as described above, the member can also be directly input. This is because the access point does not always have the lowest telephone charge due to the communication speed. (Third Embodiment) Next, a third embodiment will be described with reference to FIG.

The third embodiment is a case where the personal authentication system is adopted in transactions with a bank card 15 of a bank. "Member data" is the connection area data D1, that is, the location of the bank branch B1 which makes a transaction contract with the cash card 15. FIG. 4 illustrates a case where cash is withdrawn from the cash dispenser 16 by the cash card 15.

Assuming that the cash card 15 is inserted into the cash dispenser 16 and the personal identification number is entered, the cash dispenser 16 stores the connection area data D1.
To the computer center BB. On the other hand, the computer center BB stores the location data D2 of the PHS terminal device 20 of the authorized owner of the cash card 15 in the PHS
It is obtained from the business operator (PP), and it is determined whether the connection area data D1 matches the existence area data D2. Then, an output result is output to the cash dispenser 16 such that cash can be withdrawn if it is determined that they match, and cash cannot be withdrawn if it is determined that they do not match. (Fourth Embodiment) Next, a fourth embodiment will be described with reference to FIG.

The fourth embodiment is a case where the personal authentication system is adopted in the transaction by the credit card 17 of the credit company CC. The “member data” is the connection area data D1, that is, the location of the store C1 that has signed a card use contract that allows the credit card 17 to be used. FIG. 5 illustrates a case where a product is read by a card reader 18 for inquiring the expiration date of the credit card 17 when purchasing a product with the credit card 17.

If the magnetic information of the credit card 17 is read by the card reader 18, the information is transferred to the credit company C via the telephone 4 (or a dedicated line).
Send to C. On the other hand, the credit company CC reads the card contract data, acquires the location data D2 of the PHS terminal device 20 of the authorized owner of the credit card 17 from the PHS operator (PP), and connects the connection data D1.
Is determined to match with the existence area data D2. If it is determined that they match, the credit card 17 can be used, and if they do not match, an output result indicating that the credit card 17 cannot be used is output to the card reader 18. (Fifth Embodiment) Next, a fifth embodiment will be described with reference to FIGS. The fifth embodiment is a modification of the fourth embodiment in which the personal authentication system is adopted in a transaction by the credit card 17 of the credit company CC.

The fifth embodiment is different from the fourth embodiment in that the fifth embodiment has a system for outputting service data to the PHS terminal device 20 that should be owned by the user of the credit card 17. This will be described in more detail.
In the fifth embodiment, the area service data storage means for storing area service data corresponding to the area data D2, and the contents of the area service data are stored in the PHS terminal device 20 of the credit card member.
Is provided.

Further, the card reader 18 is provided with a judging means 19 for judging whether or not the local service data D3 has been output by connecting to the PHS terminal device 20. Here, “local service data D3” is PHS
This is useful information for the user of the PHS terminal device 20 regarding the area where the antenna base station P1 is located. Specifically, since the information is for the user who has completed shopping, the information includes the name of the nearest station, the last train time of the nearest station, event information of the nearest store where the credit card can be used, and the like.

In such an embodiment, if the card user is an authorized credit card member,
From the local PHS terminal device 20 to the local service data D3
The store side can determine that the card user is a legitimate credit card member by receiving this, and determining by the determining means 19. Thereafter, a transaction contract may be concluded. On the other hand, if the card user is not a legitimate credit card member, the judgment means 19 determines
It must be determined that the local service data D3 cannot be received from the S terminal device 20, and the store can determine that the card user is not a regular credit card member. This is because a person who has illegally acquired only the credit card 17 is very likely to be using the card 17. (Sixth Embodiment) Next, a sixth embodiment will be described with reference to FIG.

The sixth embodiment is a modification of the fifth embodiment, in which the personal authentication system is adopted in a transaction by the credit card 17 of the credit company CC. The difference from the fifth embodiment is that the local service data D3 is connected to a device owned by the store C1, for example, a speaker 19 connected to a card reader 18.
A is to output to A. If the output is not performed or if the output does not match the area where the store C1 exists, the transaction by the credit card 17 is stopped.

In the first to sixth embodiments described above, the only requirement of the member user for personal authentication is to keep the PHS terminal device 20 at hand. It does not force you to remember or carry new keys. (Seventh Embodiment) Next, a seventh embodiment will be described with reference to FIGS.

The seventh embodiment is a case where the personal authentication system is adopted in the transaction by the credit card 17 of the credit company CC, which simplifies the configuration and furthermore, not only the PHS terminal but also the pager and the like. This is a personal authentication system that can use ordinary mobile phones. In the seventh embodiment, the telephone number of the PHS terminal device 20 of the member user is stored in a database in advance. Then, the credit card 17 of the member user who intends to make a transaction is read by the card reader 18, and the connection area data D1 of the member user is obtained from the communication line such as the telephone 14 of the store C1. The credit card company CC that has acquired the connection area data D1 reads the member user's telephone number stored in the database and calls the PHS terminal device 20 for authentication.

When a credit card company CC makes a call to the member user's PHS terminal device 20 for authentication, the clerk receives the call, and the member user in front is a regular member. The transaction may be concluded by estimating that. If there is no authentication call, it may be presumed that the member user in front may not be a legitimate member, and it may be informed that the card transaction cannot be performed.

In this embodiment, the PHS terminal device 20 is used as a portable communication terminal, but it may be a pager or an ordinary portable telephone. In the seventh embodiment, what is required by the member user for personal authentication is that the portable communication terminal device (in this example, the PHS terminal device 20) registered with the credit card company CC is kept at hand. It does not force you to remember a new PIN or carry a new key.

[0055]

According to the present invention, claims 1 to 3 and claim 9 are provided.
According to the described invention, it is possible to provide a personal authentication system that does not force member users to perform extra operations without excessively complicating authentication information to be held by a legitimate member user. According to the fourth aspect of the present invention, it is possible to provide a personal authentication system that can prevent unauthorized access users by using a system that disadvantageously gives unauthorized access users. did it.

According to the fifth and tenth aspects,
It was possible to provide a personal authentication method that does not require the member user to perform any extra operations without excessively complicating the authentication information that the regular member user should have. According to the inventions described in claims 6 and 7, a personal authentication system that does not force card members to perform extra operations than before without excessively complicating authentication information that a regular credit card member should have. Could be provided.

According to the invention described in claim 8, a personal authentication method is provided in which the authentication information to be possessed by a regular credit card member is not excessively complicated, and the card member is not forced to perform extra operations. We were able to.

[Brief description of the drawings]

FIG. 1 is a conceptual diagram showing a first embodiment of the present invention.

FIG. 2 is a flowchart showing a first embodiment of the present invention.

FIG. 3 is a conceptual diagram showing a second embodiment of the present invention.

FIG. 4 is a conceptual diagram showing a third embodiment of the present invention.

FIG. 5 is a conceptual diagram showing a fourth embodiment of the present invention.

FIG. 6 is a conceptual diagram showing a fifth embodiment of the present invention.

FIG. 7 is a flowchart showing a fifth embodiment of the present invention.

FIG. 8 is a conceptual diagram showing a sixth embodiment of the present invention.

FIG. 9 is a conceptual diagram showing a seventh embodiment of the present invention.

FIG. 10 is a flowchart showing a seventh embodiment of the present invention.

[Explanation of symbols]

DESCRIPTION OF SYMBOLS 10 Communication connection means 12 Personal computer 13 Modem 14 Telephone 15 Cash card 16 Cash dispenser 17 Credit card 18 Card reader 19 Judgment means 19A Speaker 20 PHS terminal device AA Personal computer carrier A1, A2, A3 Access point BB Computer center managed by bank B1 Bank branch CC credit company C1 Store D1 Connected area data D2 Existing area data D3 Local service data PP PHS carrier P1, P2, P3 Base station Q1, Q2

──────────────────────────────────────────────────の Continued on front page (51) Int.Cl. ⁶ Identification code FI H04M 3/42 H04B 7/26 109B

Claims (10)

[Claims] When a member user who wants to receive a service connects to a computer held by a service provider that provides a service using information communication, whether the connected user is a legitimate member user A personal authentication system for authenticating whether or not a member user has member data, a member data storage means for storing member data relating to a member user, a member data reading means for reading member data, and a PH owned by the member user.
The existence area data acquisition means for acquiring the existence area data of the S terminal device from the PHS operator, the arithmetic means for determining the coincidence between the member data and the existence area data, and the result of the judgment by the arithmetic means, A personal authentication system comprising an output unit that can continue to receive the benefit from the service provider and output an output result that cannot obtain the benefit from the service provider in the case of a mismatch. 2. The personal authentication system according to claim 1, wherein the service provider is a personal computer communication company, and the member data is recognized by a connection telephone number of the personal computer communication. 3. The personal authentication system according to claim 2, wherein the member data is inputted by a personal computer communication member when connecting personal computer communication. 4. An output result for which a profit from personal computer communication cannot be obtained when the result of calculation is inconsistent is an output result for bringing disadvantage to the personal computer communication member. The personal authentication system according to claim 2 or 3. 5. When a member user who intends to receive the service is connected to a computer owned by a service provider that provides a service using information communication, whether the connected user is a legitimate member user. A personal authentication method for authenticating whether or not a member user has a PHS terminal device, a member data reading step of reading member data of a member user, a member data storing step of storing member data of a member user, and a location data of a PHS terminal device owned by the member user. The existence area data acquisition step acquired from the PHS operator, the calculation step of determining whether the member data and the existence area data match, and the result of the determination by the calculation means, if the two match, the benefit from the service provider is enjoyed. Outputs results that can be continued and that in the event of a mismatch, the benefit from the service provider cannot be obtained Personal authentication method characterized by comprising the output step that. 6. A connection area data reading means for reading connection area data by communicating with a card company using a credit card member's card, a connection area data storage means for storing connection area data in advance, a credit card member The location data of PHS terminal devices owned by
It is characterized by comprising local area data obtaining means for obtaining local service data corresponding to the local area data, and local service data output means for outputting the contents of the local service data. And personal authentication system. 7. When the local service data is output, it is determined that the credit member can conclude a transaction contract, and when the local service data is not output, it is determined that the credit member cannot conclude a card contract. 7. The personal authentication system according to claim 6, further comprising a determination unit. 8. A card contract data reading step of reading connection area data and card contract data by communicating with a card company using a credit card member's card, and reading the area data of the PHS terminal device owned by the credit card member. A region service data reading process for obtaining from the PHS operator, a region service data output process for outputting the contents of the region service data corresponding to the region data,
And determining that the credit member can conclude a card contract if the local service data is output, and determining that the credit member cannot conclude the card contract if the local service data is not output A personal authentication method characterized by that: 9. When a member user who intends to receive the service connects to a computer owned by a service provider that provides a service using information communication, whether the connected user is an authorized member user A personal authentication system that authenticates whether or not a member has a connection area data acquisition means for acquiring connection area data of a member user, a communication terminal device owned by the member user, and a telephone that stores a telephone number of the communication terminal device in advance A personal authentication system comprising: a number storage means; and an authentication call means for reading a telephone number stored in the telephone number storage means and making a call to a communication terminal device. 10. When a member user who intends to receive the service connects to a computer owned by a service provider that provides a service using information communication, whether the connected user is a legitimate member user. A personal authentication method for authenticating whether or not a telephone number of a communication terminal device owned by a member user is stored in advance, a connection area data obtaining step of obtaining connection area data of a member user, and A personal authentication method comprising an authentication call step of reading a telephone number stored in telephone number storage means and making a call to a communication terminal device.