WO2020031245A1 - Authentication object issuing device, authentication object issuing system, authentication object issuing method, and program - Google Patents

Authentication object issuing device, authentication object issuing system, authentication object issuing method, and program Download PDF

Info

Publication number
WO2020031245A1
WO2020031245A1 PCT/JP2018/029494 JP2018029494W WO2020031245A1 WO 2020031245 A1 WO2020031245 A1 WO 2020031245A1 JP 2018029494 W JP2018029494 W JP 2018029494W WO 2020031245 A1 WO2020031245 A1 WO 2020031245A1
Authority
WO
WIPO (PCT)
Prior art keywords
authentication
information
user terminal
telephone number
authentication target
Prior art date
Application number
PCT/JP2018/029494
Other languages
French (fr)
Japanese (ja)
Inventor
小川 雅雄
福石 李
博 豊泉
東 陽一
Original Assignee
藤光樹脂株式会社
A・Tコミュニケーションズ株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 藤光樹脂株式会社, A・Tコミュニケーションズ株式会社 filed Critical 藤光樹脂株式会社
Priority to JP2018558364A priority Critical patent/JP6488434B1/en
Priority to PCT/JP2018/029494 priority patent/WO2020031245A1/en
Publication of WO2020031245A1 publication Critical patent/WO2020031245A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/33User authentication using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials

Definitions

  • the present invention relates to an authentication target issuance device, an authentication target issuance system, an authentication target issuance method, and a program, and more particularly, to an authentication target issuance device that can issue an authentication target that can be authenticated without using a password, and an authentication target issuance.
  • the present invention relates to a system, an authentication target issuing method, and a program.
  • the present invention has been made to solve the above problems, and is an authentication target issuing apparatus, an authentication target issuing system, and an authentication target issuing method capable of issuing an authentication target that can be authenticated without using a password. , And to provide programs.
  • the authentication target issuing device (3) has received a request to issue an authentication target from a user terminal (2) via the Internet network (5).
  • Confirmation information notifying means for notifying, via the telephone network (6), confirmation information requesting an input by the user to the telephone number of the user terminal (2) specified from the issuance request in response to the request (33) and in response to receiving the confirmation information notified by the confirmation information notification means (33) from the user terminal (2) via the telephone network (6),
  • An authentication target issuing unit (33) for issuing the authentication target to the input user.
  • the authentication target issuance means (33) includes an information area expressing a URL (Uniform Resource Locator) by a cell distribution pattern, and correction information for correcting an error of the cell.
  • the authentication target may be generated by embedding authentication information in the correction area of the data code (100) including the correction area expressed by the distribution pattern.
  • the authentication target issuing unit (33) obtains an embedding bit string from a part of the correction area and excludes the embedding bit string from the authentication bit string indicating the authentication information.
  • the authentication information may be embedded in the correction area by obtaining a first exclusive OR that is a logical OR and replacing a part of the correction area with the first exclusive OR.
  • the authentication target issuing unit (33) embeds all or a part of the telephone number of the user terminal (2) as the authentication information in the correction area. You may.
  • the authentication target issuing device (3) may be the authentication target in which the telephone number of the user terminal (2) and all or a part of the telephone number are embedded in the correction area as the authentication information.
  • the telephone number reading means (33) for reading the telephone number corresponding to the URL from the database (320), and the authentication information received from the reading terminal (4)
  • a telephone number discriminating means (33) for discriminating whether or not the telephone number matches all or a part of the telephone number read by the telephone number reading means (33); If it is determined by the telephone number reading means (33) that there is a match, the fact that the authentication target has been successfully authenticated is addressed to the telephone number read by the telephone number reading means (33) via the telephone network (6).
  • an authentication success notification unit (33) for notifying.
  • the authentication target issuing unit (33) may transmit the authentication target to the user terminal (2) via the Internet network (5). .
  • the authentication target issuance system (1) provides the authentication target issuance request for specifying the telephone number of the user terminal (2) via the Internet network (5).
  • the user inputs the issuance request transmitting means (25) for transmitting to the target issuing device (3) and the confirmation information notified from the authentication target issuing device (3) via the telephone network (6).
  • An authentication target issuance system (1) includes an imaging unit (41) configured to capture the data code (100) and obtain an imaging bit sequence, and the imaging unit (41) configured to obtain the imaging bit sequence.
  • a decoding unit (44) for decoding an imaging bit string to obtain an information bit string indicating the URL and a correction bit string indicating the correction information; an imaging bit string obtained by the imaging unit (41); Calculating a second exclusive OR that is an exclusive OR of the information bit string and the correction bit string acquired by the means (44), and calculating a second exclusive OR of the embedding bit string and the authentication bit string;
  • An error detecting means (44) for detecting the first exclusive OR as an error, the embedded bit string included in the corrected bit string, and an error detected by the error detecting means (44).
  • the authentication target issuance method is characterized in that the authentication target issuance device (3) responds to the reception of an authentication target issuance request from the user terminal (2) via the Internet network (5). Then, to the telephone number of the user terminal (2) specified from the issuance request, the user is notified via the telephone network (6) of confirmation information requesting an input by the user, and the notified confirmation is transmitted. In response to receiving information from the user terminal (2) via the telephone network (6), the authentication object is issued to the user who has input the confirmation information.
  • the program according to the fifth aspect of the present invention is specified from the issuance request in response to the computer receiving the issuance request for the authentication target from the user terminal (2) via the Internet network (5).
  • the user who has input the confirmation information is notified of the authentication target.
  • the authentication target issuance procedure (33) to be issued is executed.
  • an authentication target issuance device an authentication target issuance system, an authentication target issuance method, and a program that can issue an authentication target that can be authenticated without using a password.
  • FIG. 3 is a block diagram illustrating a configuration example of a user terminal.
  • FIG. 3 is a block diagram illustrating a configuration example of a management server.
  • It is a figure showing the example of composition of QR Code (registered trademark).
  • FIG. 9 is a schematic diagram for explaining a procedure for embedding authentication information. It is a block diagram showing an example of composition of a reading terminal.
  • 9 is a flowchart illustrating details of a ticket issuing process. It is a flowchart which shows the continuation of a ticket issuing process. It is a flowchart which shows the continuation of a ticket issuing process.
  • 9 is a flowchart illustrating details of a ticket authentication process. It is a flowchart which shows the continuation of a ticket authentication process.
  • the ticket management system issues an electronic ticket (authentication target) of an event including a two-dimensional code such as a QR (Quick Response) code (registered trademark) or a data code such as a barcode.
  • a two-dimensional code such as a QR (Quick Response) code (registered trademark)
  • a data code such as a barcode.
  • FIG. 1 is a diagram showing a configuration example of a ticket management system according to the present embodiment.
  • the ticket management system 1 includes a user terminal 2, a management server (authentication target issuing device) 3, and a reading terminal 4, which are connected to the Internet network 5 and the telephone network 6. Are communicably connected to each other.
  • the user terminal 2 is composed of, for example, a general-purpose smartphone.
  • the user terminal 2 is used by a user who purchases an electronic ticket.
  • FIG. 2 is a block diagram showing a configuration example of a user terminal.
  • the user terminal 2 includes an audio output unit 21, a touch panel 22, a communication unit 23, a storage unit 24, and a control unit 25, which are connected via a bus or the like. Have been.
  • the audio output unit 21 includes, for example, a general-purpose speaker or the like.
  • the voice output unit 21 outputs a telephone ringtone, voice, and the like.
  • the voice output unit 21 outputs an automatic voice or the like for instructing input of confirmation information (“15” in the present embodiment) such as “Please input“ 15 ”for authentication.” You.
  • the touch panel 22 includes, for example, a general-purpose touch panel that combines a liquid crystal display device and a pointing device.
  • the touch panel 22 displays various screens and receives various operations by the user.
  • a ticket purchase page for purchasing an electronic ticket is displayed on the touch panel 22.
  • the user inputs the user's name, address, telephone number of the user terminal 2, and the like, and instructs the purchase of an electronic ticket for the event.
  • the user gives an instruction on the touch panel 22 to receive a telephone call from the management server 3.
  • a dial pad for inputting a telephone number or the like is displayed.
  • the user operates the dial pad with the telephone connected to the management server 3 and inputs the confirmation information instructed by the automatic voice. Further, the electronic ticket purchased by the user is displayed on the touch panel 22.
  • the communication unit 23 includes, for example, a general-purpose wireless communication device.
  • the communication unit 23 performs wireless communication with the management server 3 via the Internet network 5 and performs wireless communication via the telephone network 6.
  • the storage unit 24 is composed of, for example, a nonvolatile memory such as a general-purpose flash memory.
  • the storage unit 24 stores the electronic ticket purchased by the user.
  • the control unit 25 includes, for example, a CPU (Central Processing Unit), a ROM (Read Only Memory), and a RAM (Random Access Memory).
  • the CPU controls various operations of the user terminal 2 by using the RAM as a work memory and appropriately executing programs and the like stored in the ROM and the storage unit 24.
  • control unit 25 accesses the electronic ticket purchase site operated by the management server 3 from the communication unit 22 via the Internet 5 in response to the operation of the touch panel 22 by the user, and A purchase page is displayed on touch panel 22.
  • the control unit 25 requests the purchase of a ticket capable of specifying the user's name and address, the telephone number of the user terminal 2, and the like input on the touch panel 21.
  • the request for issuance of the authentication target is transmitted from the communication unit 22 to the management server 3 via the Internet 5.
  • the control unit 25 outputs a ringtone from the voice output unit 21 in response to receiving a call automatically transmitted from the management server 3 via the telephone network 6. Then, the control unit 25 connects the telephone with the management server 3 in response to the instruction to receive the telephone from the management server 3 by the user. Subsequently, in response to the communication unit 23 receiving the audio data transmitted from the management server 3 via the telephone network 6, the control unit 25 outputs an automatic audio based on the audio data from the audio output unit 21. .
  • control unit 25 transmits the confirmation information from the communication unit 23 to the management server 3 via the telephone network 6. Then, the control unit 25 receives the electronic ticket transmitted from the management server 3 via the Internet 5 and stores the electronic ticket in the storage unit 24.
  • the control unit 25 displays the electronic ticket stored in the storage unit 24 on the touch panel 22 in response to the operation of the touch panel 22 by the user.
  • the control unit 25 receives a short mail indicating that the electronic ticket transmitted from the management server 3 via the telephone network 6 has been successfully authenticated, and displays the short mail on the touch panel 22.
  • the management server 3 shown in FIG. 1 is composed of, for example, a general-purpose server computer and a general-purpose database.
  • the management server 3 issues and manages electronic tickets, and performs telephone authentication using an automatic voice response (Interactive ⁇ Voice ⁇ Response: IVR).
  • IVR Automatic voice response
  • FIG. 3 is a block diagram showing a configuration example of the server device.
  • the management server 3 includes a communication unit 31, a storage unit 32, and a control unit 33, which are connected via a bus or the like.
  • the communication unit 31 is configured by, for example, an NIC (Network Interface Card) or the like.
  • the communication unit 31 performs wireless communication with the user terminal 2 via the Internet network 5 and performs wireless communication via the telephone network 6.
  • the storage unit 32 is composed of, for example, a hard disk drive or the like.
  • the storage unit 32 includes a ticket DB (Database) 320.
  • the ticket DB 320 includes a ticket ID (identification) for identifying an electronic ticket, a URL (Uniform Resource Locator) indicated by a two-dimensional code included in the electronic ticket, and the name, address, and use of the user who purchased the electronic ticket.
  • the telephone number of the user terminal 2 is registered in association with the telephone number.
  • the control unit 33 includes, for example, a CPU, a ROM, a RAM, and the like.
  • the CPU controls various operations of the management server 3 by using the RAM as a work memory and appropriately executing programs and the like stored in the ROM and the storage unit 32.
  • the control unit 33 determines the confirmation information in response to the communication unit 31 receiving a ticket purchase request transmitted from the user terminal 2 via the Internet 5.
  • the confirmation information may be predetermined, or may be generated according to a predetermined algorithm in response to receiving the ticket purchase request.
  • the control unit 33 automatically sends a call to the user terminal 2 via the telephone network 6.
  • the control unit 33 transmits voice data for outputting automatic voice instructing input of confirmation information from the communication unit 31 via the telephone network 6 to the user terminal 2. Send to
  • the control unit 33 issues an electronic ticket to the user in response to the communication unit 31 receiving confirmation information transmitted from the user terminal 2 via the telephone network 6. Specifically, the control unit 33 registers the user's name, address, and telephone number of the user terminal 2 in the ticket DB 320 in association with the ticket ID indicating the electronic ticket purchased by the user. Next, the control unit 33 reads the URL and the telephone number corresponding to the ticket ID from the ticket DB 320.
  • the control unit 33 generates a QR code (registered trademark) indicating the URL read from the ticket DB 320. Then, the control unit 33 embeds, as authentication information, all or a part (for example, the last four digits) of the telephone number read from the ticket DB 320 in a correction area of the QR code (registered trademark) indicating the URL, and stores the electronic ticket. Generate. Regarding a technique for embedding authentication information in a correction area of a QR code (registered trademark), Japanese Patent Application Laid-Open Nos. 2013-058965 and 2014-029659, WO2014 / 027424, and WO2015 / 001637 International Publications And the like.
  • control unit 33 embeds the authentication information in the correction area of the QR code (registered trademark) as follows.
  • FIG. 4 is a diagram showing a configuration example of a QR code (registered trademark).
  • the QR code (registered trademark) 100 includes three positioning symbols 104A, 104B, and 104C, an information code recording area 106, a timing cell 108, a format code 109, and the like.
  • the information code recording area 106 includes a code pair of an information code (information area) Cd and a corresponding RS (Reed-Solomon) code (correction area) Ce.
  • the information code Cd is obtained by encoding a URL read from the ticket DB 320, and expresses the URL by a cell distribution pattern (cell pattern) included in the information code Cd.
  • the RS code Ce is obtained by encoding the URL read from the ticket DB 320 using RS (Reed-Solomon) and coded for correction information, and corrects an error by a cell pattern included in the RS code Ce. It expresses the information for correction.
  • the information code recording area 106 includes, for example, a total of 134 symbols including 44 information symbols constituting the information code Cd and 90 RS symbols constituting the RS code Ce.
  • the information code recording area 106 is divided into four blocks. Of these, two blocks are composed of a total of 33 symbols including 11 information symbols and 22 RS symbols corresponding to the information symbols. Are composed of a total of 34 symbols including 11 information symbols and 23 corresponding RS symbols.
  • FIG. 5 is a schematic diagram for explaining a procedure for embedding authentication information.
  • the control unit 33 shown in FIG. 3 arranges the information bit string and the RS bit string in which the authentication information is embedded according to the code arrangement rule of the QR code (registered trademark), so that the QR code in which the authentication information is embedded in the correction area.
  • An electronic ticket including a code (registered trademark) is generated. Then, the control unit 33 transmits the electronic ticket from the communication unit 31 to the user terminal 2 via the Internet 5.
  • the control unit 33 responds to the reception of the authentication information transmitted via the Internet network 5 by the communication unit 31 after the access from the reading terminal 4, and responds to the user corresponding to the URL accessed by the reading terminal 4.
  • the telephone number of the terminal 2 is read from the ticket DB 320. Then, the control unit 33 determines whether or not the authentication information received by the communication unit 31 matches the last four digits of the telephone number of the user terminal 2 read from the ticket DB 320.
  • the control unit 33 determines that the information has been tampered with, and sends an authentication failure notification indicating that the authentication of the electronic ticket has failed,
  • the data is transmitted from the communication unit 31 to the reading terminal 4 via the Internet 5.
  • the control unit 33 determines that the electronic ticket has not been tampered with and notifies the user that the electronic ticket has been successfully authenticated.
  • the short mail shown is transmitted from the communication unit 31 to the telephone number of the user terminal 2 via the telephone network 6.
  • the reading terminal 4 shown in FIG. 1 is composed of, for example, a QR code (registered trademark) reader having a communication function, a smartphone or a tablet computer having a QR code (registered trademark) reading function, or the like.
  • the reading terminal 4 is used by a staff member near the entrance of the event venue to read an electronic ticket displayed on the touch panel 22 of the user terminal 2.
  • the reading terminal 4 may be installed near the entrance of the event venue. In this case, the user may hold the reading terminal 4 to read the electronic ticket displayed on the touch panel 22 of the user terminal 2.
  • FIG. 6 is a block diagram showing a configuration example of the reading terminal.
  • the reading terminal 4 includes an imaging unit 41, a communication unit 42, a display unit 43, and a control unit 44, and these are connected via a bus or the like.
  • the imaging unit 41 includes a light receiving element such as a CCD (Charge Coupled Device).
  • the image capturing section 41 captures an image of an electronic ticket displayed on the touch panel 22 of the user terminal 2.
  • the communication unit 42 includes, for example, a general-purpose wireless communication device.
  • the communication unit 42 performs wireless communication with the management server 3 via the Internet 5.
  • the display unit 43 is composed of, for example, a general-purpose liquid crystal display.
  • the display unit 43 displays various screens.
  • the control unit 44 includes, for example, a CPU, a ROM, a RAM, and the like.
  • the CPU controls various operations of the reading terminal 4 by using the RAM as a work memory and appropriately executing a program or the like stored in the ROM.
  • the control unit 44 takes an image of the electronic ticket displayed on the touch panel 22 of the user terminal 2 with the imaging unit 41 in response to the instruction of the authentication of the electronic ticket by the attendant.
  • the control unit 44 decodes the imaging bit sequence obtained by imaging the electronic ticket by the imaging unit 41 in accordance with the above-described code arrangement rule, thereby obtaining 11 information symbols from each block of the QR code (registered trademark). , And an RS bit string composed of 22 or 23 RS symbols.
  • the control unit 44 obtains an exclusive OR (second exclusive OR) of the imaging bit sequence, the information bit sequence, and the RS bit sequence, thereby obtaining four bit sequences m ′ including two RS symbols.
  • the control unit 44 displays an authentication failure screen indicating that the authentication of the electronic ticket has failed in response to the communication unit 42 receiving the authentication failure notification transmitted from the management server 3 via the Internet 5. 43.
  • the ticket management system 1 executes a ticket issuing process.
  • FIGS. 7 to 9 are flowcharts showing details of the ticket issuing process.
  • the control unit 25 of the user terminal 2 issues a ticket capable of specifying the name and address of the user, the telephone number of the user terminal 2 and the like input on the touch panel 21.
  • the purchase request is transmitted from the communication unit 22 to the management server 3 via the Internet 5 (step S1).
  • the control unit 33 of the management server 3 determines the confirmation information in response to the receipt of the ticket purchase request transmitted from the user terminal 2 via the Internet 5 by the communication unit 31 (step S2) (step S2). S3).
  • control unit 33 automatically sends a call to the user terminal 2 via the telephone network 6 (step S4).
  • the control unit 25 of the user terminal 2 outputs a ringtone from the voice output unit 21 in response to receiving an automatic call from the management server 3 via the telephone network 6 (step S5) (step S5). S6).
  • control unit 25 connects the telephone with the management server 3 (step S8).
  • the control unit 33 of the management server 3 transmits voice data for outputting automatic voice instructing input of confirmation information from the communication unit 31 to the user via the telephone network 6.
  • the data is transmitted to the terminal 2 (step S9).
  • the control unit 25 of the user terminal 2 responds to the reception of the voice data transmitted from the management server 3 via the telephone network 6 by the communication unit 23 (step S10), and outputs an automatic voice based on the voice data. Output from the output unit 21 (step S11).
  • control unit 25 responds to the input of the confirmation information by the user (Step S12; Yes), and transmits the confirmation information from the communication unit 23 to the management server via the telephone network 6. 3 (step S13).
  • the control unit 33 of the management server 3 responds to the reception of the confirmation information transmitted from the user terminal 2 via the telephone network 6 by the communication unit 31 (step S14), and deletes the electronic ticket purchased by the user.
  • the user's name, address, and telephone number of the user terminal 2 are registered in the ticket DB 320 in association with the indicated ticket ID (step S15).
  • control unit 33 reads the URL and the telephone number corresponding to the ticket ID from the ticket DB 320 (Step S16).
  • control unit 33 generates a QR code (registered trademark) indicating the URL read from the ticket DB 320 (Step S17).
  • control unit 33 decodes each block of the QR code (registered trademark) in accordance with a predetermined code arrangement rule, thereby obtaining an information bit string including 11 information symbols and 22 or 23 information symbols from each block.
  • An RS bit string composed of RS symbols is obtained (step S18).
  • the control unit 33 embeds the authentication information in the correction area by arranging the information bit string and the RS bit string in which the authentication information is embedded according to the QR code (registered trademark) code arrangement rule, as shown in FIG. An electronic ticket including the acquired QR code (registered trademark) is generated (step S22).
  • control unit 33 transmits the electronic ticket from the communication unit 31 to the user terminal 2 via the Internet 5 (step S23).
  • the control unit 25 of the user terminal 2 receives the electronic ticket transmitted from the management server 3 via the Internet 5 (step S24), stores the electronic ticket in the storage unit 24 (step S25), and issues the ticket. To end.
  • the user displays the electronic ticket issued in the ticket issuing process on the touch panel 22 of the user terminal 2 and presents it to the attendant near the entrance of the event venue.
  • the ticket management system 1 executes the ticket authentication process.
  • FIGS. 10 and 11 are flowcharts showing details of the ticket authentication process.
  • control unit 44 captures an electronic ticket displayed on the touch panel 22 of the user terminal 2 by the imaging unit 41 as shown in FIG. 10 (step S31).
  • the control unit 44 decodes the imaging bit sequence obtained by imaging the electronic ticket by the imaging unit 41 in accordance with the above-described code arrangement rule, thereby obtaining 11 information symbols from each block of the QR code (registered trademark). , And an RS bit string composed of 22 or 23 RS symbols (step S32).
  • the control unit 44 accesses the URL indicated by the information bit string from the communication unit 42 via the Internet 5 (step S35).
  • the control unit 33 of the management server 3 responds to the reception of the authentication information transmitted via the Internet 5 by the communication unit 31 (step S ⁇ b> 37).
  • the telephone number of the user terminal 2 corresponding to the URL is read out from the ticket DB 320 (step S38).
  • control unit 33 determines whether the authentication information received by the communication unit 31 matches the last four digits of the telephone number of the user terminal 2 read from the ticket DB 320 (Step S39).
  • the control unit 33 determines that the electronic information has been tampered with and notifies that the electronic ticket authentication has failed.
  • the authentication failure notification is transmitted from the communication unit 31 to the reading terminal 4 via the Internet 5 (step S40).
  • the control unit 44 of the reading terminal 4 responds to the reception of the authentication failure notification transmitted from the management server 3 via the Internet 5 by the communication unit 42 (step S41), and informs that the authentication of the electronic ticket has failed. Is displayed on the display unit 43 (step S42), and then the ticket authentication process ends.
  • step 39 if the authentication information matches the last four digits of the telephone number of the user terminal 2 (step 39; Yes), the control unit 33 determines that the tampering has not been performed as shown in FIG. Then, a short mail indicating that the electronic ticket has been successfully authenticated is transmitted from the communication unit 31 to the telephone number of the user terminal 2 via the telephone network 6 (step S43).
  • the control unit 25 of the user terminal 2 receives the short mail indicating that the electronic ticket transmitted from the management server 3 via the telephone network 6 has been successfully authenticated (step S44), and displays the short mail on the touch panel 22. From (step S45), the ticket authentication process ends.
  • the user can prove that the electronic ticket has been legally purchased and not resold by presenting the short mail displayed on the touch panel 22 to the attendant. After checking the presented short mail, the attendant determines that the electronic ticket has been purchased and permits the user to enter the event site.
  • the ticket management system 1 includes the user terminal 2, the management server (authentication target issuing device) 3, and the reading terminal 4, which are the Internet network 5 and the They are communicably connected via a telephone network 6.
  • the control unit 25 of the user terminal 2 transmits a ticket purchase request capable of specifying the telephone number of the user terminal 2 to the management server 3 via the Internet network 5 (step S1). .
  • the control unit 33 of the management server 3 automatically sends the request to the telephone number of the user terminal 2 specified from the ticket purchase request.
  • a transmission is made, and confirmation information requesting an input by the user is notified via the telephone network 6 (step S9).
  • the control unit 25 of the user terminal 2 transmits confirmation information notified from the management server 3 via the telephone network 6 to the management server 3 via the telephone network 6 in response to the user's input. (Step S13).
  • the control unit 33 of the management server 3 transmits the electronic ticket to the user terminal 2 via the Internet network 5 in response to receiving the notified confirmation information from the user terminal 2 via the telephone network 6. As a result (step S23), an electronic ticket is issued to the user who has input the confirmation information.
  • the ticket management system 1 can issue an electronic ticket that can be authenticated without using a password.
  • the control unit 33 of the management server 3 includes an information code (information area) Cd for expressing a URL by a cell distribution pattern and an RS code for expressing correction information for correcting an error by a cell distribution pattern.
  • the management server 3 stores the telephone number of the user terminal 2 and a QR code (registered trademark) 100 which is an electronic ticket in which all or a part of the telephone number is embedded as authentication information in an RS code (correction area) Ce. It has a ticket DB 320 for registering the indicated URLs in association with each other.
  • the reading terminal 4 includes an imaging unit 41 that captures an image of the QR code (registered trademark) 100 and obtains an imaging bit sequence.
  • the control unit 44 of the reading terminal 4 decodes the imaging bit string acquired by the imaging unit 41 to acquire an information bit string indicating a URL and a correction bit string indicating correction information ( Step S32).
  • the control unit 33 of the management server 3 responds to the reading terminal 4 accessing the URL via the Internet 5 and receiving the authentication information from the reading terminal 4 (step S37), and changes the telephone number corresponding to the URL. It is read from the ticket DB 320 (step S38).
  • the control unit 33 determines whether or not the authentication information received from the reading terminal 4 matches all or a part of the telephone number read in step S38 (step 39). If it is determined in step 39 that they match (step 39; Yes), the control unit 33 notifies the telephone number read out in step S38 that the electronic ticket has been successfully authenticated via the telephone network 6.
  • the ticket management system 1 does not use only one element of an ID and a password to authenticate with only one path of the Internet network 5 as in the related art, but uses a QR code (registered trademark) in the Internet network.
  • the electronic ticket can be authenticated by using two elements of the QR code (registered trademark) and the telephone number by two different routes, such as using the telephone number in the telephone network 6 and using the telephone number in the telephone network 6.
  • the ticket management system 1 can authenticate an electronic ticket without using a password, so that it is not necessary to manage a password.
  • the Internet network 5 is hacked and the password is leaked, the telephone network 6 is not hacked, so that the security of the authentication of the electronic ticket can be secured.
  • the telephone number can be used by anyone anywhere, the electronic ticket can be authenticated overseas, for example. Since a third party cannot identify a user using only a telephone number, anonymity can be secured.
  • the management server 3 holds the operation history of the user and the transaction history of the electronic ticket, and the telephone company holds the transaction history of the electronic ticket in the call history. Since the history cannot be operated by the user, the security of the purchase of the electronic ticket can be secured. For example, when an incident or accident occurs, the telephone company can identify the user from the call history, so that the security of the purchase of the electronic ticket can be secured.
  • the ticket management system 1 Accordingly, at the time of authentication, it was necessary to input an ID and a password. However, in the ticket management system 1 according to the present embodiment, it is only necessary to read the electronic ticket with the reading terminal 4, so that the authentication operation is simplified. can do. Further, according to the ticket management system 1 according to the present embodiment, the maintenance cost can be reduced as compared with the existing system using the ID and the password.
  • the authentication target is described as an electronic ticket.
  • the present invention is not limited to this, and the authentication target is arbitrary.
  • the authentication target may be a paper ticket.
  • the control unit 33 of the management server 3 generates a paper medium ticket on which a QR code (registered trademark) in which the authentication information is embedded in the correction area is printed.
  • the ticket seller has to mail the paper ticket to the user's address specified from the ticket purchase request.
  • the user made the reading terminal 4 read the QR code (registered trademark) printed on the paper medium ticket near the entrance of the event venue, and successfully authenticated the electronic ticket on the touch panel 22 of the user terminal 2. Display a short mail indicating that. Then, the user may present the short mail displayed on the touch panel 22 to the attendant together with the paper medium ticket.
  • the authentication target may be for authenticating the user.
  • the management server 3 receives the authentication code issuance request transmitted from the user terminal 2 via the Internet 5, and responds to the confirmation information received via the telephone network 6. A unique URL to the user.
  • the management server 3 embeds, as authentication information, all or a part of the telephone number of the user identified from the request for issuing the personal authentication code in the correction area of the QR code (registered trademark) indicating the URL, and generates the personal authentication code. I do.
  • the management server 3 issues the personal authentication code to the user by transmitting the personal authentication code to the user terminal 2 via the Internet network 5.
  • the user terminal 2 is automatically transmitted from the management server 3 via the telephone network 6. , A short mail is sent. Thereby, for example, it is possible to confirm that the settlement partner of the user is the user himself, so that settlement can be performed.
  • a predetermined monetary value may be given to the personal identification code.
  • both the user terminal 2 of the user himself and the personal identification code to which a monetary value has been assigned are required for the settlement. For this reason, cash can be provided in a digital currency using a QR code (registered trademark).
  • the confirmation information is described as being notified to the user by an automatic voice.
  • the present invention is not limited to this, and the confirmation information is notified to the user by a short mail. It may be something.
  • the user has been notified that the electronic ticket has been successfully authenticated by a short mail, the user may be notified by an automatic voice.
  • the QR code (registered trademark) 100 constituting the electronic ticket is described as a general-purpose QR code (registered trademark) that represents a URL by a distribution pattern of white cells and black cells.
  • a two-dimensional code with a logo in which a two-dimensional code is superimposed on a visible logo image may be used.
  • a two-dimensional code with a logo is a logo image of less than a predetermined brightness that is recognized as black by a general-purpose two-dimensional code reader, and a cell with a predetermined brightness or more that is recognized as white by a general-purpose two-dimensional code reader is superimposed. It may be something.
  • the two-dimensional code 11 with a logo is a cell having a predetermined brightness or higher that is recognized as white by a general-purpose two-dimensional code reader, a logo image with a predetermined brightness that is recognized as black by a general-purpose two-dimensional code reader, (For example, refer to Japanese Patent Laid-Open Publication No. 2007-287004).
  • the two-dimensional code with a logo is a part of the logo image that has a predetermined brightness that is recognized as black by a general-purpose two-dimensional code reader and has a brightness equal to or higher than a predetermined brightness that is recognized as white by a general-purpose two-dimensional code reader.
  • the cells are superimposed, and a portion having a predetermined brightness which is recognized as white by a general-purpose two-dimensional code reader is a cell in which cells having a predetermined brightness which is recognized as black by a general-purpose two-dimensional code reader are superimposed.
  • the two-dimensional code with the logo is such that only the cells of the first type of brightness are superimposed on the portion of the logo image having a brightness lower than the first brightness, while the portion of the logo image having the brightness of the first brightness or higher is superimposed. May be a cell in which both cells of the first type of brightness and cells of the second type of brightness are superimposed.
  • the two-dimensional code with a logo is such that only a cell of the first type of brightness is superimposed on a portion of the logo image having a brightness lower than the first brightness, and a portion of the first brightness or higher and a portion of the logo brightness lower than the second brightness is used.
  • the cell of the first type of brightness and the cell of the second type of brightness are superimposed, and a portion of the second type or higher that is recognized as white by a general-purpose two-dimensional code reader has the second type of brightness. Only cells may be superimposed.
  • the two-dimensional code with the logo is a cell of the first type of lightness that is recognized as white by the general-purpose two-dimensional code reader and a portion of the logo image that has the second lightness or higher, and is blackened by the general-purpose two-dimensional code reader.
  • the URL is expressed by the distribution pattern of the cell of the second type of lightness and the part of the logo image which is recognized as being less than the first lightness (for example, see WO2011 / 118540).
  • the two-dimensional code has been described as a QR code (registered trademark).
  • the two-dimensional code is, for example, another matrix type two-dimensional code such as a data matrix, an aztec code, a code one, an array tag, a box graphic code, a maxi code, a peri code, a soft strip, a CP code, a carla code, and an ultra code.
  • a stack type two-dimensional code in which one-dimensional bar codes such as PDF417, code 49, code 16k, and coder block are vertically stacked may be used.
  • the programs executed by the CPUs of the control units 25, 33, and 44 are described as being stored in advance in the ROM and the storage units 24 and 32, but the present invention is not limited to this. Instead, by applying a program for executing the above-described processing to an existing general-purpose computer, the program is caused to function as the user terminal 2, the management server 3, and the authentication terminal 4 according to the above-described embodiment. Is also good.
  • the program may be stored in a computer-readable recording medium (such as a flexible disk, a CD (Compact Disc) -ROM, or a DVD (Digital Versatile Disc) -ROM) and distributed.
  • a computer-readable recording medium such as a flexible disk, a CD (Compact Disc) -ROM, or a DVD (Digital Versatile Disc) -ROM
  • the program may be stored in a storage on a network such as the Internet and provided by downloading the program.
  • the above-described processing is executed by sharing an OS (Operating System) and an application program, or when the OS and the application program cooperate with each other, only the application program may be stored in a recording medium or a storage. It is also possible to superimpose a program on a carrier wave and distribute it via a network. For example, the program may be posted on a bulletin board (BBS: Bulletin Board System) on a network, and the program may be distributed via the network. Then, the above-described processing may be executed by activating this program and executing it in the same manner as other application programs under the control of the OS.
  • BSS Bulletin Board System

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Telephonic Communication Services (AREA)

Abstract

According to the present invention, in response to receiving a ticket purchase request from a user terminal 2 via an Internet network 5, a management server 3 automatically makes a call to the telephone number of the user terminal 2 and notifies, via a telephone network 6, the user of confirmation information that requests an input by the user. In response to receiving the notified confirmation information from the user terminal 2 via the telephone network 6, the management server 3 issues an electronic ticket to the user who has entered the confirmation information, by transmitting the electronic ticket to the user terminal 2 via the Internet network 5. Thus, it is possible to issue an electronic ticket that can be authenticated without using a password.

Description

認証対象発行装置、認証対象発行システム、認証対象発行方法、及びプログラムAuthentication target issuing device, authentication target issuing system, authentication target issuing method, and program
 本発明は、認証対象発行装置、認証対象発行システム、認証対象発行方法、及びプログラムに関し、特に、パスワードを利用することなく認証可能な認証対象を発行することができる認証対象発行装置、認証対象発行システム、認証対象発行方法、及びプログラムに関する。 The present invention relates to an authentication target issuance device, an authentication target issuance system, an authentication target issuance method, and a program, and more particularly, to an authentication target issuance device that can issue an authentication target that can be authenticated without using a password, and an authentication target issuance. The present invention relates to a system, an authentication target issuing method, and a program.
 インターネット上での認証には、通常、ID(identification)及びパスワードの一要素のみが利用される(例えば特許文献1及び2参照)。なお、本明細書中に特許文献1及び2の明細書、特許請求の範囲、図面全体を参考として取り込むものとする。 (4) Usually, only one element of an ID (identification) and a password is used for authentication on the Internet (for example, see Patent Documents 1 and 2). It is to be noted that the specifications of Patent Documents 1 and 2, the claims, and the entire drawings are incorporated herein by reference.
特開2012-164149号公報JP 2012-164149 A 特開2013-105334号公報JP 2013-105334 A
 しかしながら、特許文献1及び2に記載の認証では、パスワードを厳重に管理するのみならず、定期的に更新する必要もあるが、それでも漏洩を完全に防止することはできない。そして、一旦ID及びパスワードが漏洩してしまうと、所謂なりすましによって不正アクセス行為が行われる等の課題が生じてしまう。このような課題を解決するためには、パスワードを利用することなく認証を可能にするのが最善である。 However, in the authentication described in Patent Literatures 1 and 2, it is necessary not only to strictly manage the password but also to periodically update the password, but it is still impossible to completely prevent leakage. Then, once the ID and the password are leaked, there arises a problem that an unauthorized access act is performed by so-called spoofing. In order to solve such problems, it is best to enable authentication without using a password.
 本発明は、上記の課題を解決するためになされたものであって、パスワードを利用することなく認証可能な認証対象を発行することができる認証対象発行装置、認証対象発行システム、認証対象発行方法、及びプログラムを提供することを目的とする。 The present invention has been made to solve the above problems, and is an authentication target issuing apparatus, an authentication target issuing system, and an authentication target issuing method capable of issuing an authentication target that can be authenticated without using a password. , And to provide programs.
 上記の目的を達成するため、本発明の第1の観点に係る認証対象発行装置(3)は、利用者端末(2)からインターネット網(5)を介して認証対象の発行依頼を受信したことに応答して、該発行依頼から特定される該利用者端末(2)の電話番号に宛てて、利用者による入力を要求する確認情報を電話網(6)を介して通知する確認情報通知手段(33)と、前記確認情報通知手段(33)によって通知した前記確認情報を、前記利用者端末(2)から前記電話網(6)を介して受信したことに応答して、該確認情報を入力した前記利用者に、前記認証対象を発行する認証対象発行手段(33)と、を備える。 In order to achieve the above object, the authentication target issuing device (3) according to the first aspect of the present invention has received a request to issue an authentication target from a user terminal (2) via the Internet network (5). Confirmation information notifying means for notifying, via the telephone network (6), confirmation information requesting an input by the user to the telephone number of the user terminal (2) specified from the issuance request in response to the request (33) and in response to receiving the confirmation information notified by the confirmation information notification means (33) from the user terminal (2) via the telephone network (6), An authentication target issuing unit (33) for issuing the authentication target to the input user.
 上記の認証対象発行装置(3)において、前記認証対象発行手段(33)は、URL(Uniform Resource Locator)をセルの分布パターンによって表現する情報領域と、誤りを訂正するための訂正情報をセルの分布パターンによって表現する訂正領域と、を備えるデータコード(100)の該訂正領域に認証情報を埋め込んで、該認証対象を生成する、ようにしてもよい。 In the authentication target issuance device (3), the authentication target issuance means (33) includes an information area expressing a URL (Uniform Resource Locator) by a cell distribution pattern, and correction information for correcting an error of the cell. The authentication target may be generated by embedding authentication information in the correction area of the data code (100) including the correction area expressed by the distribution pattern.
 上記の認証対象発行装置(3)において、前記認証対象発行手段(33)は、前記訂正領域の一部から埋込ビット列を取得し、前記埋込ビット列と前記認証情報を示す認証ビット列との排他的論理和である第1排他的論理和を求め、前記訂正領域の一部を前記第1排他的論理和に置換することにより、該訂正領域に前記認証情報を埋め込む、ようにしてもよい。 In the authentication target issuing device (3), the authentication target issuing unit (33) obtains an embedding bit string from a part of the correction area and excludes the embedding bit string from the authentication bit string indicating the authentication information. The authentication information may be embedded in the correction area by obtaining a first exclusive OR that is a logical OR and replacing a part of the correction area with the first exclusive OR.
 上記の認証対象発行装置(3)において、前記認証対象発行手段(33)は、前記訂正領域に前記認証情報として、前記利用者端末(2)の電話番号の全部又は一部を埋め込む、ようにしてもよい。 In the authentication target issuing device (3), the authentication target issuing unit (33) embeds all or a part of the telephone number of the user terminal (2) as the authentication information in the correction area. You may.
 上記の認証対象発行装置(3)は、前記利用者端末(2)の前記電話番号と、前記訂正領域に該電話番号の全部又は一部が前記認証情報として埋め込まれた前記認証対象である前記データコード(100)が示すURLと、を対応付けて登録するデータベース(320)と、読取端末(4)によって前記インターネット網(5)を介して前記URLにアクセスされ、該読取端末(4)から前記認証情報を受信したことに応答して、該URLに対応する前記電話番号を前記データベース(320)から読み出す電話番号読出手段(33)と、前記読取端末(4)から受信した前記認証情報が、前記電話番号読出手段(33)によって読み出した前記電話番号の全部又は一部と合致するか否かを判別する電話番号判別手段(33)と、前記電話番号判別手段(33)によって合致すると判別した場合、前記電話番号読出手段(33)によって読み出した前記電話番号に宛てて、前記認証対象の認証に成功したことを前記電話網(6)を介して通知する認証成功通知手段(33)と、をさらに備えるものであってもよい。 The authentication target issuing device (3) may be the authentication target in which the telephone number of the user terminal (2) and all or a part of the telephone number are embedded in the correction area as the authentication information. A database (320) for registering the URL indicated by the data code (100) in association with the URL, and the reading terminal (4) accesses the URL via the Internet network (5), and reads from the reading terminal (4). In response to receiving the authentication information, the telephone number reading means (33) for reading the telephone number corresponding to the URL from the database (320), and the authentication information received from the reading terminal (4) A telephone number discriminating means (33) for discriminating whether or not the telephone number matches all or a part of the telephone number read by the telephone number reading means (33); If it is determined by the telephone number reading means (33) that there is a match, the fact that the authentication target has been successfully authenticated is addressed to the telephone number read by the telephone number reading means (33) via the telephone network (6). And an authentication success notification unit (33) for notifying.
 上記の認証対象発行装置(3)において、前記認証対象発行手段(33)は、前記認証対象を前記インターネット網(5)を介して前記利用者端末(2)に送信する、ようにしてもよい。 In the authentication target issuing device (3), the authentication target issuing unit (33) may transmit the authentication target to the user terminal (2) via the Internet network (5). .
 本発明の第2の観点に係る認証対象発行システム(1)は、前記利用者端末(2)の電話番号を特定可能な前記認証対象の発行依頼を前記インターネット網(5)を介して前記認証対象発行装置(3)に送信する発行依頼送信手段(25)と、前記認証対象発行装置(3)から前記電話網(6)を介して通知された前記確認情報を、前記利用者が入力したことに応答して、該電話網(6)を介して該認証対象発行装置(3)に送信する確認情報送信手段(25)と、を備える利用者端末(2)と、上記の認証対象発行装置(3)と、を具備する。 The authentication target issuance system (1) according to a second aspect of the present invention provides the authentication target issuance request for specifying the telephone number of the user terminal (2) via the Internet network (5). The user inputs the issuance request transmitting means (25) for transmitting to the target issuing device (3) and the confirmation information notified from the authentication target issuing device (3) via the telephone network (6). A user terminal (2) including a confirmation information transmitting means (25) for transmitting to the authentication target issuing device (3) via the telephone network (6) in response to the authentication target issuance. Device (3).
 本発明の第3の観点に係る認証対象発行システム(1)は、前記データコード(100)を撮像して撮像ビット列を取得する撮像部(41)と、前記撮像部(41)で取得した前記撮像ビット列をデコードして、前記URLを示す情報ビット列と、前記訂正情報を示す訂正ビット列と、を取得するデコード手段(44)と、前記撮像部(41)で取得した前記撮像ビット列と、前記デコード手段(44)によって取得した前記情報ビット列及び前記訂正ビット列と、の排他的論理和である第2排他的論理和を求めて、前記埋込ビット列と前記認証ビット列との排他的論理和である前記第1排他的論理和を誤りとして検出する誤り検出手段(44)と、前記訂正ビット列に含まれる前記埋込ビット列と、前記誤り検出手段(44)によって誤りとして検出した前記第1排他的論理和と、の排他的論理和である第3排他的論理和を求めて、前記認証ビット列を取得する認証ビット列取得手段(44)と、前記デコード手段(44)によって取得した前記撮像ビット列が示す前記URLに、前記インターネット網(5)を介してアクセスして、前記認証ビット列取得手段(44)によって取得した前記前記認証ビット列が示す前記認証情報を、該インターネット網(5)を介して前記認証対象発行装置(3)に送信する認証情報送信手段(44)と、を備える前記読取端末(4)と、上記の認証対象発行装置(3)と、を具備する。 An authentication target issuance system (1) according to a third aspect of the present invention includes an imaging unit (41) configured to capture the data code (100) and obtain an imaging bit sequence, and the imaging unit (41) configured to obtain the imaging bit sequence. A decoding unit (44) for decoding an imaging bit string to obtain an information bit string indicating the URL and a correction bit string indicating the correction information; an imaging bit string obtained by the imaging unit (41); Calculating a second exclusive OR that is an exclusive OR of the information bit string and the correction bit string acquired by the means (44), and calculating a second exclusive OR of the embedding bit string and the authentication bit string; An error detecting means (44) for detecting the first exclusive OR as an error, the embedded bit string included in the corrected bit string, and an error detected by the error detecting means (44). An authentication bit string obtaining means (44) for obtaining a third exclusive OR, which is an exclusive OR of the first exclusive OR detected as, and obtaining the authentication bit string, and the decoding means (44) Accessing the URL indicated by the imaging bit string acquired by the authentication bit string acquired by the authentication bit string acquisition means (44), by accessing the URL indicated by the imaging bit string acquired by the authentication network. The reading terminal (4) including an authentication information transmitting unit (44) that transmits the authentication information to the authentication target issuing device (3) via (5), and the authentication target issuing device (3). .
 本発明の第4の観点に係る認証対象発行方法は、認証対象発行装置(3)が、利用者端末(2)からインターネット網(5)を介して認証対象の発行依頼を受信したことに応答して、該発行依頼から特定される該利用者端末(2)の電話番号に宛てて、利用者による入力を要求する確認情報を電話網(6)を介して通知し、前記通知した前記確認情報を、前記利用者端末(2)から前記電話網(6)を介して受信したことに応答して、該確認情報を入力した前記利用者に、前記認証対象を発行する。 The authentication target issuance method according to the fourth aspect of the present invention is characterized in that the authentication target issuance device (3) responds to the reception of an authentication target issuance request from the user terminal (2) via the Internet network (5). Then, to the telephone number of the user terminal (2) specified from the issuance request, the user is notified via the telephone network (6) of confirmation information requesting an input by the user, and the notified confirmation is transmitted. In response to receiving information from the user terminal (2) via the telephone network (6), the authentication object is issued to the user who has input the confirmation information.
 本発明の第5の観点に係るプログラムは、コンピュータに、利用者端末(2)からインターネット網(5)を介して認証対象の発行依頼を受信したことに応答して、該発行依頼から特定される該利用者端末(2)の電話番号に宛てて、利用者による入力を要求する確認情報を電話網(6)を介して通知する確認情報通知手順(33)と、前記確認情報通知手順(33)によって通知した前記確認情報を、前記利用者端末(2)から前記電話網(6)を介して受信したことに応答して、該確認情報を入力した前記利用者に、前記認証対象を発行する認証対象発行手順(33)と、を実行させるためのものである。 The program according to the fifth aspect of the present invention is specified from the issuance request in response to the computer receiving the issuance request for the authentication target from the user terminal (2) via the Internet network (5). A confirmation information notification procedure (33) for notifying confirmation information requesting an input by a user to the telephone number of the user terminal (2) via the telephone network (6); 33) In response to receiving the confirmation information notified by the user terminal (2) via the telephone network (6) from the user terminal (2), the user who has input the confirmation information is notified of the authentication target. The authentication target issuance procedure (33) to be issued is executed.
 本発明によれば、パスワードを利用することなく認証可能な認証対象を発行することができる認証対象発行装置、認証対象発行システム、認証対象発行方法、及びプログラムを提供することができる。 According to the present invention, it is possible to provide an authentication target issuance device, an authentication target issuance system, an authentication target issuance method, and a program that can issue an authentication target that can be authenticated without using a password.
本実施形態に係るチケット管理システムの構成例を示す図である。It is a figure showing the example of composition of the ticket management system concerning this embodiment. 利用者端末の構成例を示すブロック図である。FIG. 3 is a block diagram illustrating a configuration example of a user terminal. 管理サーバの構成例を示すブロック図である。FIG. 3 is a block diagram illustrating a configuration example of a management server. QRコード(登録商標)の構成例を示す図である。It is a figure showing the example of composition of QR Code (registered trademark). 認証情報の埋込手順を説明するための模式図である。FIG. 9 is a schematic diagram for explaining a procedure for embedding authentication information. 読取端末の構成例を示すブロック図である。It is a block diagram showing an example of composition of a reading terminal. チケット発行処理の詳細を示すフローチャートである。9 is a flowchart illustrating details of a ticket issuing process. チケット発行処理の続きを示すフローチャートである。It is a flowchart which shows the continuation of a ticket issuing process. チケット発行処理の続きを示すフローチャートである。It is a flowchart which shows the continuation of a ticket issuing process. チケット認証処理の詳細を示すフローチャートである。9 is a flowchart illustrating details of a ticket authentication process. チケット認証処理の続きを示すフローチャートである。It is a flowchart which shows the continuation of a ticket authentication process.
 以下、本発明を実施するための最良の形態について説明する。 Hereinafter, the best mode for carrying out the present invention will be described.
 まず、本発明の実施形態に係るチケット管理システム(認証対象発行システム)の構成について図面を参照しつつ説明する。チケット管理システムは、例えばQR(Quick Response)コード(登録商標)等の二次元コードやバーコード等のデータコードから構成されるイベントの電子チケット(認証対象)を発行する。 First, the configuration of the ticket management system (authentication target issuing system) according to the embodiment of the present invention will be described with reference to the drawings. The ticket management system issues an electronic ticket (authentication target) of an event including a two-dimensional code such as a QR (Quick Response) code (registered trademark) or a data code such as a barcode.
 図1は、本実施形態に係るチケット管理システムの構成例を示す図である。 FIG. 1 is a diagram showing a configuration example of a ticket management system according to the present embodiment.
 図1に示すように、チケット管理システム1は、利用者端末2と、管理サーバ(認証対象発行装置)3と、読取端末4と、を具備し、これらは、インターネット網5及び電話網6を介して相互に通信可能に接続されている。 As shown in FIG. 1, the ticket management system 1 includes a user terminal 2, a management server (authentication target issuing device) 3, and a reading terminal 4, which are connected to the Internet network 5 and the telephone network 6. Are communicably connected to each other.
 利用者端末2は、例えば汎用のスマートフォン等から構成されている。利用者端末2は、電子チケットを購入する利用者によって利用される。 The user terminal 2 is composed of, for example, a general-purpose smartphone. The user terminal 2 is used by a user who purchases an electronic ticket.
 図2は、利用者端末の構成例を示すブロック図である。 FIG. 2 is a block diagram showing a configuration example of a user terminal.
 図2に示すように、利用者端末2は、音声出力部21と、タッチパネル22と、通信部23と、記憶部24と、制御部25と、を備え、これらは、バス等を介して接続されている。 As shown in FIG. 2, the user terminal 2 includes an audio output unit 21, a touch panel 22, a communication unit 23, a storage unit 24, and a control unit 25, which are connected via a bus or the like. Have been.
 音声出力部21は、例えば汎用のスピーカ等から構成されている。音声出力部21は、電話の着信音や音声等を出力する。 The audio output unit 21 includes, for example, a general-purpose speaker or the like. The voice output unit 21 outputs a telephone ringtone, voice, and the like.
 本実施形態において、音声出力部21からは、「認証のため“15”を入力して下さい。」等といった確認情報(本実施形態では“15”)の入力を指示する自動音声等が出力される。 In the present embodiment, the voice output unit 21 outputs an automatic voice or the like for instructing input of confirmation information (“15” in the present embodiment) such as “Please input“ 15 ”for authentication.” You.
 タッチパネル22は、例えば液晶表示装置とポインティングデバイスとを組み合わせた汎用のタッチパネル等から構成されている。タッチパネル22は、各種画面を表示するとともに、利用者による各種操作を受け付ける。 (4) The touch panel 22 includes, for example, a general-purpose touch panel that combines a liquid crystal display device and a pointing device. The touch panel 22 displays various screens and receives various operations by the user.
 本実施形態において、タッチパネル22には、電子チケットを購入するためのチケット購入ページが表示される。利用者は、チケット購入ページにおいて、利用者の氏名、住所、及び利用者端末2の電話番号等を入力して、イベントの電子チケットの購入を指示する。利用者は、タッチパネル22において、管理サーバ3からの電話の受信を指示する。 In the present embodiment, a ticket purchase page for purchasing an electronic ticket is displayed on the touch panel 22. On the ticket purchase page, the user inputs the user's name, address, telephone number of the user terminal 2, and the like, and instructs the purchase of an electronic ticket for the event. The user gives an instruction on the touch panel 22 to receive a telephone call from the management server 3.
 また、タッチパネル22には、電話番号等を入力するためのダイヤルパッドが表示される。利用者は、管理サーバ3との電話が繋がった状態で、ダイヤルパッドを操作して、自動音声によって指示された確認情報を入力する。さらに、タッチパネル22には、利用者が購入した電子チケットが表示される。 (4) On the touch panel 22, a dial pad for inputting a telephone number or the like is displayed. The user operates the dial pad with the telephone connected to the management server 3 and inputs the confirmation information instructed by the automatic voice. Further, the electronic ticket purchased by the user is displayed on the touch panel 22.
 通信部23は、例えば汎用の無線通信装置等から構成されている。通信部23は、管理サーバ3とインターネット網5を介して無線通信を行うとともに、電話網6を介して無線通話を行う。 The communication unit 23 includes, for example, a general-purpose wireless communication device. The communication unit 23 performs wireless communication with the management server 3 via the Internet network 5 and performs wireless communication via the telephone network 6.
 記憶部24は、例えば汎用のフラッシュメモリ等の不揮発性メモリ等から構成される。記憶部24は、利用者が購入した電子チケットを記憶する。 The storage unit 24 is composed of, for example, a nonvolatile memory such as a general-purpose flash memory. The storage unit 24 stores the electronic ticket purchased by the user.
 制御部25は、例えばCPU(Central Processing Unit)、ROM(Read Only Memory)、及びRAM(Random Access Memory)等から構成されている。CPUは、RAMをワークメモリとして用い、ROM及び記憶部24に記憶されているプログラム等を適宜実行することによって、利用者端末2の各種動作を制御する。 The control unit 25 includes, for example, a CPU (Central Processing Unit), a ROM (Read Only Memory), and a RAM (Random Access Memory). The CPU controls various operations of the user terminal 2 by using the RAM as a work memory and appropriately executing programs and the like stored in the ROM and the storage unit 24.
 本実施形態において、制御部25は、利用者によるタッチパネル22の操作に応答して、通信部22からインターネット網5を介して、管理サーバ3が運営する電子チケットの購入サイトにアクセスして、チケット購入ページをタッチパネル22に表示する。制御部25は、利用者によって電子チケットの購入が指示されたことに応答して、タッチパネル21で入力された利用者の氏名及び住所や利用者端末2の電話番号等を特定可能なチケット購入依頼(認証対象の発行依頼)を、通信部22からインターネット網5を介して管理サーバ3に送信する。 In the present embodiment, the control unit 25 accesses the electronic ticket purchase site operated by the management server 3 from the communication unit 22 via the Internet 5 in response to the operation of the touch panel 22 by the user, and A purchase page is displayed on touch panel 22. In response to the user's instruction to purchase the electronic ticket, the control unit 25 requests the purchase of a ticket capable of specifying the user's name and address, the telephone number of the user terminal 2, and the like input on the touch panel 21. The request for issuance of the authentication target is transmitted from the communication unit 22 to the management server 3 via the Internet 5.
 制御部25は、管理サーバ3から電話網6を介して自動発信された電話を着信したことに応答して、着信音を音声出力部21から出力する。そして、制御部25は、利用者によって管理サーバ3からの電話の受信が指示されたことに応答して、管理サーバ3との電話を繋げる。続いて、制御部25は、管理サーバ3から電話網6を介して送信される音声データを通信部23で受信したことに応答して、音声データに基づく自動音声を音声出力部21から出力する。 The control unit 25 outputs a ringtone from the voice output unit 21 in response to receiving a call automatically transmitted from the management server 3 via the telephone network 6. Then, the control unit 25 connects the telephone with the management server 3 in response to the instruction to receive the telephone from the management server 3 by the user. Subsequently, in response to the communication unit 23 receiving the audio data transmitted from the management server 3 via the telephone network 6, the control unit 25 outputs an automatic audio based on the audio data from the audio output unit 21. .
 その後、制御部25は、利用者によって確認情報が入力されたことに応答して、確認情報を通信部23から電話網6を介して管理サーバ3に送信する。そして、制御部25は、管理サーバ3からインターネット網5を介して送信される電子チケットを受信して記憶部24に保存する。 Then, in response to the confirmation information being input by the user, the control unit 25 transmits the confirmation information from the communication unit 23 to the management server 3 via the telephone network 6. Then, the control unit 25 receives the electronic ticket transmitted from the management server 3 via the Internet 5 and stores the electronic ticket in the storage unit 24.
 制御部25は、利用者によるタッチパネル22の操作に応答して、記憶部24に記憶されている電子チケットをタッチパネル22に表示する。 The control unit 25 displays the electronic ticket stored in the storage unit 24 on the touch panel 22 in response to the operation of the touch panel 22 by the user.
 制御部25は、管理サーバ3から電話網6を介して送信される電子チケットの認証に成功した旨を示すショートメールを受信して、タッチパネル22に表示する。 The control unit 25 receives a short mail indicating that the electronic ticket transmitted from the management server 3 via the telephone network 6 has been successfully authenticated, and displays the short mail on the touch panel 22.
 図1に示す管理サーバ3は、例えば汎用のサーバコンピュータ及び汎用のデータベース等から構成されている。管理サーバ3は、電子チケットの発行及び管理等を行うとともに、自動音声応答(Interactive Voice Response:IVR)を利用して電話認証を行う。 The management server 3 shown in FIG. 1 is composed of, for example, a general-purpose server computer and a general-purpose database. The management server 3 issues and manages electronic tickets, and performs telephone authentication using an automatic voice response (Interactive \ Voice \ Response: IVR).
 図3は、サーバ装置の構成例を示すブロック図である。 FIG. 3 is a block diagram showing a configuration example of the server device.
 図3に示すように、管理サーバ3は、通信部31と、記憶部32と、制御部33と、を備え、これらは、バス等を介して接続されている。 (3) As shown in FIG. 3, the management server 3 includes a communication unit 31, a storage unit 32, and a control unit 33, which are connected via a bus or the like.
 通信部31は、例えばNIC(Network Interface Card)等から構成されている。通信部31は、利用者端末2とインターネット網5を介して無線通信を行うとともに、電話網6を介して無線通話を行う。 The communication unit 31 is configured by, for example, an NIC (Network Interface Card) or the like. The communication unit 31 performs wireless communication with the user terminal 2 via the Internet network 5 and performs wireless communication via the telephone network 6.
 記憶部32は、例えばハードディスクドライブ等から構成されている。本実施形態において、記憶部32は、チケットDB(Database)320を含んでいる。 The storage unit 32 is composed of, for example, a hard disk drive or the like. In the present embodiment, the storage unit 32 includes a ticket DB (Database) 320.
 チケットDB320は、電子チケットを識別するためのチケットID(identification)と、電子チケットを構成する二次元コードが示すURL(Uniform Resource Locator)と、電子チケットを購入した利用者の氏名、住所、及び利用者端末2の電話番号と、を対応付けて登録する。 The ticket DB 320 includes a ticket ID (identification) for identifying an electronic ticket, a URL (Uniform Resource Locator) indicated by a two-dimensional code included in the electronic ticket, and the name, address, and use of the user who purchased the electronic ticket. The telephone number of the user terminal 2 is registered in association with the telephone number.
 制御部33は、例えばCPU、ROM、及びRAM等から構成されている。CPUは、RAMをワークメモリとして用い、ROM及び記憶部32に記憶されているプログラム等を適宜実行することによって、管理サーバ3の各種動作を制御する。 The control unit 33 includes, for example, a CPU, a ROM, a RAM, and the like. The CPU controls various operations of the management server 3 by using the RAM as a work memory and appropriately executing programs and the like stored in the ROM and the storage unit 32.
 本実施形態において、制御部33は、利用者端末2からインターネット網5を介して送信されるチケット購入依頼を通信部31で受信したことに応答して、確認情報を決定する。確認情報は、予め定められたものであってもよいし、チケット購入要求を受信したことに応答して、所定のアルゴリズムに従って生成されるものであってもよい。続いて、制御部33は、電話網6を介して利用者端末2に自動発信する。そして、制御部33は、利用者端末2との電話が繋がると、確認情報の入力を指示する自動音声を出力するための音声データを、通信部31から電話網6を介して利用者端末2に送信する。 In the present embodiment, the control unit 33 determines the confirmation information in response to the communication unit 31 receiving a ticket purchase request transmitted from the user terminal 2 via the Internet 5. The confirmation information may be predetermined, or may be generated according to a predetermined algorithm in response to receiving the ticket purchase request. Subsequently, the control unit 33 automatically sends a call to the user terminal 2 via the telephone network 6. When the telephone connection with the user terminal 2 is established, the control unit 33 transmits voice data for outputting automatic voice instructing input of confirmation information from the communication unit 31 via the telephone network 6 to the user terminal 2. Send to
 その後、制御部33は、利用者端末2から電話網6を介して送信される確認情報を通信部31で受信したことに応答して、利用者に電子チケットを発行する。具体的に、制御部33は、利用者が購入した電子チケットを示すチケットIDに対応付けて、利用者の氏名、住所、及び利用者端末2の電話番号を、チケットDB320に登録する。次に、制御部33は、チケットIDに対応するURLと電話番号とをチケットDB320から読み出す。 After that, the control unit 33 issues an electronic ticket to the user in response to the communication unit 31 receiving confirmation information transmitted from the user terminal 2 via the telephone network 6. Specifically, the control unit 33 registers the user's name, address, and telephone number of the user terminal 2 in the ticket DB 320 in association with the ticket ID indicating the electronic ticket purchased by the user. Next, the control unit 33 reads the URL and the telephone number corresponding to the ticket ID from the ticket DB 320.
 続いて、制御部33は、チケットDB320から読み出したURLを示すQRコード(登録商標)を生成する。そして、制御部33は、URLを示すQRコード(登録商標)の訂正領域に、チケットDB320から読み出した電話番号の全部又は一部(例えば下4桁)を、認証情報として埋め込んで、電子チケットを生成する。QRコード(登録商標)の訂正領域に認証情報を埋め込む技術については、特開2013-058965号及び特開2014-029659号日本国特許公開公報、並びにWO2014/027424号及びWO2015/001637号国際公開公報等に、その詳細が記載されている。なお、本明細書中に特開2013-058965号及び特開2014-029659号日本国特許公開公報、並びにWO2014/027424号及びWO2015/001637号国際公開公報の明細書、特許請求の範囲、図面全体を参考として取り込むものとする。 Next, the control unit 33 generates a QR code (registered trademark) indicating the URL read from the ticket DB 320. Then, the control unit 33 embeds, as authentication information, all or a part (for example, the last four digits) of the telephone number read from the ticket DB 320 in a correction area of the QR code (registered trademark) indicating the URL, and stores the electronic ticket. Generate. Regarding a technique for embedding authentication information in a correction area of a QR code (registered trademark), Japanese Patent Application Laid-Open Nos. 2013-058965 and 2014-029659, WO2014 / 027424, and WO2015 / 001637 International Publications And the like. In this specification, Japanese Patent Application Laid-Open Nos. 2013-058965 and 2014-029659, and the specifications, claims, and the entirety of WO2014 / 027424 and WO2015 / 001637 are disclosed. Is taken in as a reference.
 具体的に、制御部33は、以下のようにして、QRコード(登録商標)の訂正領域に認証情報を埋め込む。 {Specifically, the control unit 33 embeds the authentication information in the correction area of the QR code (registered trademark) as follows.
 図4は、QRコード(登録商標)の構成例を示す図である。 FIG. 4 is a diagram showing a configuration example of a QR code (registered trademark).
 図4に示すように、QRコード(登録商標)100は、3つの位置決め用シンボル104A,104B,104C、情報コード記録領域106、タイミングセル108及びフォーマットコード109等を備えている。情報コード記録領域106は、情報コード(情報領域)Cdと、これに対応するRS(リード・ソロモン)コード(訂正領域)Ceと、のコード対を含んでいる。情報コードCdは、チケットDB320から読み出したURLをコード化したもので、情報コードCdに含まれるセルの分布パターン(セルパターン)によって、URLを表現している。また、RSコードCeは、チケットDB320から読み出したURLをRS(リード・ソロモン)を用いて符号化した訂正用情報をコード化したもので、RSコードCeに含まれるセルパターンによって、誤りを訂正するための訂正用情報を表現している。情報コード記録領域106は、例えば、情報コードCdを構成する44個の情報シンボルと、RSコードCeを構成する90個のRSシンボルと、の計134個のシンボルからなっている。情報コード記録領域106は、4つのブロックに分けられており、このうち2つのブロックは、11個の情報シンボルとこれに対応する22個のRSシンボルとの計33個のシンボルから構成され、残りの2つのブロックは、11個の情報シンボルとこれに対応する23個のRSシンボルとの計34個のシンボルから構成されている。 As shown in FIG. 4, the QR code (registered trademark) 100 includes three positioning symbols 104A, 104B, and 104C, an information code recording area 106, a timing cell 108, a format code 109, and the like. The information code recording area 106 includes a code pair of an information code (information area) Cd and a corresponding RS (Reed-Solomon) code (correction area) Ce. The information code Cd is obtained by encoding a URL read from the ticket DB 320, and expresses the URL by a cell distribution pattern (cell pattern) included in the information code Cd. The RS code Ce is obtained by encoding the URL read from the ticket DB 320 using RS (Reed-Solomon) and coded for correction information, and corrects an error by a cell pattern included in the RS code Ce. It expresses the information for correction. The information code recording area 106 includes, for example, a total of 134 symbols including 44 information symbols constituting the information code Cd and 90 RS symbols constituting the RS code Ce. The information code recording area 106 is divided into four blocks. Of these, two blocks are composed of a total of 33 symbols including 11 information symbols and 22 RS symbols corresponding to the information symbols. Are composed of a total of 34 symbols including 11 information symbols and 23 corresponding RS symbols.
 図3に示す制御部33は、このような構成を有するQRコード(登録商標)の各ブロックを、所定のコード配置規則に従ってデコードして行くことにより、各ブロックから11個の情報シンボルからなる情報ビット列と22個又は23個のRSシンボルからなるRSビット列とを取得する。次に、制御部33は、各ブロックのRSビット列の予め定められた位置から2個のRSシンボルを抽出して、各ブロックから、2個のRSシンボルからなるビット長16のビット列(埋込ビット列)mi(i=1~4)をそれぞれ取得する。続いて、制御部33は、ビット列mi(i=1~4)と、電話番号の下4桁の各数字を示すビット長16のビット列(認証ビット列)ni(i=1~4)と、の排他的論理和をそれぞれ算出して、ビット列m’i(i=1~4)(第1排他的論理和)を生成する。 The control unit 33 shown in FIG. 3 decodes each block of the QR code (registered trademark) having such a configuration in accordance with a predetermined code arrangement rule, thereby obtaining information including 11 information symbols from each block. A bit sequence and an RS bit sequence composed of 22 or 23 RS symbols are acquired. Next, the control unit 33 extracts two RS symbols from a predetermined position of the RS bit sequence of each block, and from each block, a bit sequence of 16 bits consisting of two RS symbols (embedding bit sequence). ) Mi (i = 1 to 4) are obtained respectively. Subsequently, the control unit 33 compares the bit string mi (i = 1 to 4) with a bit string (authentication bit string) ni (i = 1 to 4) having a bit length of 16 indicating the last four digits of the telephone number. The exclusive OR is calculated to generate a bit string m′i (i = 1 to 4) (first exclusive OR).
 図5は、認証情報の埋込手順を説明するための模式図である。 FIG. 5 is a schematic diagram for explaining a procedure for embedding authentication information.
 制御部33は、図5(a)及び(b)に示すように、ビット列mi(i=1~4)を、それぞれビット列m’i(i=1~4)に置換することにより、ビット列ni(i=1~4)を認証情報として埋め込む。 The control unit 33 replaces the bit string mi (i = 1 to 4) with the bit string m′i (i = 1 to 4), as shown in FIGS. (I = 1 to 4) are embedded as authentication information.
 図3に示す制御部33は、情報ビット列と、認証情報が埋め込まれたRSビット列と、をQRコード(登録商標)のコード配置規則に従って配置することにより、訂正領域に認証情報が埋め込まれたQRコード(登録商標)からなる電子チケットを生成する。そして、制御部33は、電子チケットを通信部31からインターネット網5を介して利用者端末2に送信する。 The control unit 33 shown in FIG. 3 arranges the information bit string and the RS bit string in which the authentication information is embedded according to the code arrangement rule of the QR code (registered trademark), so that the QR code in which the authentication information is embedded in the correction area. An electronic ticket including a code (registered trademark) is generated. Then, the control unit 33 transmits the electronic ticket from the communication unit 31 to the user terminal 2 via the Internet 5.
 制御部33は、読取端末4からのアクセス後に、インターネット網5を介して送信される認証情報を通信部31で受信したことに応答して、読取端末4によってアクセスされたURLに対応する利用者端末2の電話番号を、チケットDB320から読み出す。そして、制御部33は、通信部31で受信した認証情報が、チケットDB320から読み出した利用者端末2の電話番号の下4桁と合致するか否かを判別する。 The control unit 33 responds to the reception of the authentication information transmitted via the Internet network 5 by the communication unit 31 after the access from the reading terminal 4, and responds to the user corresponding to the URL accessed by the reading terminal 4. The telephone number of the terminal 2 is read from the ticket DB 320. Then, the control unit 33 determines whether or not the authentication information received by the communication unit 31 matches the last four digits of the telephone number of the user terminal 2 read from the ticket DB 320.
 制御部33は、認証情報が利用者端末2の電話番号の下4桁と合致していない場合、改ざんされたものと判別して、電子チケットの認証に失敗した旨を示す認証失敗通知を、通信部31からインターネット網5を介して読取端末4に送信する。これに対して、制御部33は、認証情報が利用者端末2の電話番号の下4桁と合致している場合、改ざんされていないものと判別して、電子チケットの認証に成功した旨を示すショートメールを、通信部31から電話網6を介して利用者端末2の電話番号に宛てて送信する。 When the authentication information does not match the last four digits of the telephone number of the user terminal 2, the control unit 33 determines that the information has been tampered with, and sends an authentication failure notification indicating that the authentication of the electronic ticket has failed, The data is transmitted from the communication unit 31 to the reading terminal 4 via the Internet 5. On the other hand, if the authentication information matches the lower four digits of the telephone number of the user terminal 2, the control unit 33 determines that the electronic ticket has not been tampered with and notifies the user that the electronic ticket has been successfully authenticated. The short mail shown is transmitted from the communication unit 31 to the telephone number of the user terminal 2 via the telephone network 6.
 図1に示す読取端末4は、例えば通信機能を有するQRコード(登録商標)リーダ、又はQRコード(登録商標)読取機能を有するスマートフォンやタブレットコンピュータ等から構成されている。読取端末4は、イベント会場の入口付近の係員が、利用者端末2のタッチパネル22に表示される電子チケットを読み取るために利用する。なお、読取端末4は、イベント会場の入口付近に設置されるものであってもよい。この場合、利用者は、利用者端末2のタッチパネル22に表示される電子チケットを読取端末4に翳して読み取らせればよい。 The reading terminal 4 shown in FIG. 1 is composed of, for example, a QR code (registered trademark) reader having a communication function, a smartphone or a tablet computer having a QR code (registered trademark) reading function, or the like. The reading terminal 4 is used by a staff member near the entrance of the event venue to read an electronic ticket displayed on the touch panel 22 of the user terminal 2. Note that the reading terminal 4 may be installed near the entrance of the event venue. In this case, the user may hold the reading terminal 4 to read the electronic ticket displayed on the touch panel 22 of the user terminal 2.
 図6は、読取端末の構成例を示すブロック図である。 FIG. 6 is a block diagram showing a configuration example of the reading terminal.
 図6に示すように、読取端末4は、撮像部41と、通信部42と、表示部43と、制御部44と、を備え、これらは、バス等を介して接続されている。 As shown in FIG. 6, the reading terminal 4 includes an imaging unit 41, a communication unit 42, a display unit 43, and a control unit 44, and these are connected via a bus or the like.
 撮像部41は、CCD(Charge Coupled Device)等の受光素子を含んで構成されている。撮像部41は、利用者端末2のタッチパネル22に表示される電子チケットを撮像する。 The imaging unit 41 includes a light receiving element such as a CCD (Charge Coupled Device). The image capturing section 41 captures an image of an electronic ticket displayed on the touch panel 22 of the user terminal 2.
 通信部42は、例えば汎用の無線通信装置等から構成されている。通信部42は、管理サーバ3とインターネット網5を介して無線通信を行う。 The communication unit 42 includes, for example, a general-purpose wireless communication device. The communication unit 42 performs wireless communication with the management server 3 via the Internet 5.
 表示部43は、例えば汎用の液晶表示器等から構成されている。表示部43は、各種画面を表示する。 The display unit 43 is composed of, for example, a general-purpose liquid crystal display. The display unit 43 displays various screens.
 制御部44は、例えばCPU、ROM、及びRAM等から構成されている。CPUは、RAMをワークメモリとして用い、ROMに記憶されているプログラム等を適宜実行することによって、読取端末4の各種動作を制御する。 The control unit 44 includes, for example, a CPU, a ROM, a RAM, and the like. The CPU controls various operations of the reading terminal 4 by using the RAM as a work memory and appropriately executing a program or the like stored in the ROM.
 本実施形態において、制御部44は、係員によって電子チケットの認証が指示されたことに応答して、利用者端末2のタッチパネル22に表示される電子チケットを撮像部41で撮像する。制御部44は、撮像部41で電子チケットを撮像して得られた撮像ビット列を、上述のコード配置規則に従ってデコードして行くことにより、QRコード(登録商標)の各ブロックから11個の情報シンボルからなる情報ビット列と、22又は23個のRSシンボルからなるRSビット列と、を取得する。次に、制御部44は、撮像ビット列と、情報ビット列及びRSビット列と、の排他的論理和(第2排他的論理和)を求めることにより、2個のRSシンボルからなる4個のビット列m’i(i=1~4)(第1排他的論理和)を誤りとして検出する。続いて、制御部44は、RSビット列に含まれる4個のビット列mi(i=1~4)と、誤りとして検出した4個のビット列m’i(i=1~4)と、の排他的論理和を算出することにより、認証情報として埋め込まれた4個のビット列ni(i=1~4)を取得する。 In the present embodiment, the control unit 44 takes an image of the electronic ticket displayed on the touch panel 22 of the user terminal 2 with the imaging unit 41 in response to the instruction of the authentication of the electronic ticket by the attendant. The control unit 44 decodes the imaging bit sequence obtained by imaging the electronic ticket by the imaging unit 41 in accordance with the above-described code arrangement rule, thereby obtaining 11 information symbols from each block of the QR code (registered trademark). , And an RS bit string composed of 22 or 23 RS symbols. Next, the control unit 44 obtains an exclusive OR (second exclusive OR) of the imaging bit sequence, the information bit sequence, and the RS bit sequence, thereby obtaining four bit sequences m ′ including two RS symbols. i (i = 1 to 4) (first exclusive OR) is detected as an error. Subsequently, the control unit 44 performs exclusive control of the four bit strings mi (i = 1 to 4) included in the RS bit string and the four bit strings m′i (i = 1 to 4) detected as errors. By calculating the logical sum, four bit strings ni (i = 1 to 4) embedded as the authentication information are obtained.
 制御部44は、通信部42からインターネット網5を介して、情報ビット列が示すURLにアクセスする。そして、制御部44は、4個のビット列ni(i=1~4)からなる認証情報を、通信部42からインターネット網5を介して管理サーバ3に送信する。 The control unit 44 accesses the URL indicated by the information bit string from the communication unit 42 via the Internet 5. Then, the control unit 44 transmits the authentication information including the four bit strings ni (i = 1 to 4) from the communication unit 42 to the management server 3 via the Internet 5.
 制御部44は、管理サーバ3からインターネット網5を介して送信される認証失敗通知を通信部42で受信したことに応答して、電子チケットの認証に失敗した旨を示す認証失敗画面を表示部43に表示する。 The control unit 44 displays an authentication failure screen indicating that the authentication of the electronic ticket has failed in response to the communication unit 42 receiving the authentication failure notification transmitted from the management server 3 via the Internet 5. 43.
 次に、上記構成を備えるチケット管理システム1が実行する各種処理について図面を参照して説明する。 Next, various processes executed by the ticket management system 1 having the above configuration will be described with reference to the drawings.
 利用者が、タッチパネル22に表示されるチケット購入ページにおいて、利用者の氏名、住所、及び利用者端末2の電話番号等を入力した後、イベントの電子チケットの購入を指示したことに応答して、チケット管理システム1は、チケット発行処理を実行する。 In response to the user inputting the user's name, address, telephone number of the user terminal 2, and the like on the ticket purchase page displayed on the touch panel 22, in response to instructing the purchase of an electronic ticket for the event, The ticket management system 1 executes a ticket issuing process.
 図7~図9は、チケット発行処理の詳細を示すフローチャートである。 FIGS. 7 to 9 are flowcharts showing details of the ticket issuing process.
 チケット発行処理において、まず、利用者端末2の制御部25は、図7に示すように、タッチパネル21で入力された利用者の氏名及び住所や利用者端末2の電話番号等を特定可能なチケット購入依頼を、通信部22からインターネット網5を介して管理サーバ3に送信する(ステップS1)。 In the ticket issuing process, first, as shown in FIG. 7, the control unit 25 of the user terminal 2 issues a ticket capable of specifying the name and address of the user, the telephone number of the user terminal 2 and the like input on the touch panel 21. The purchase request is transmitted from the communication unit 22 to the management server 3 via the Internet 5 (step S1).
 管理サーバ3の制御部33は、利用者端末2からインターネット網5を介して送信されるチケット購入依頼を通信部31で受信したことに応答して(ステップS2)、確認情報を決定する(ステップS3)。 The control unit 33 of the management server 3 determines the confirmation information in response to the receipt of the ticket purchase request transmitted from the user terminal 2 via the Internet 5 by the communication unit 31 (step S2) (step S2). S3).
 続いて、制御部33は、電話網6を介して利用者端末2に自動発信する(ステップS4)。 Next, the control unit 33 automatically sends a call to the user terminal 2 via the telephone network 6 (step S4).
 利用者端末2の制御部25は、管理サーバ3から電話網6を介して自動発信された電話を着信したことに応答して(ステップS5)、着信音を音声出力部21から出力する(ステップS6)。 The control unit 25 of the user terminal 2 outputs a ringtone from the voice output unit 21 in response to receiving an automatic call from the management server 3 via the telephone network 6 (step S5) (step S5). S6).
 そして、制御部25は、利用者によって管理サーバ3からの電話の受信が指示されたことに応答して(ステップS7;Yes)、管理サーバ3との電話を繋げる(ステップS8)。 Then, in response to the user's instruction to receive a telephone call from the management server 3 (step S7; Yes), the control unit 25 connects the telephone with the management server 3 (step S8).
 管理サーバ3の制御部33は、利用者端末2との電話が繋がると、確認情報の入力を指示する自動音声を出力するための音声データを、通信部31から電話網6を介して利用者端末2に送信する(ステップS9)。 When the telephone connection with the user terminal 2 is established, the control unit 33 of the management server 3 transmits voice data for outputting automatic voice instructing input of confirmation information from the communication unit 31 to the user via the telephone network 6. The data is transmitted to the terminal 2 (step S9).
 利用者端末2の制御部25は、管理サーバ3から電話網6を介して送信される音声データを通信部23で受信したことに応答して(ステップS10)、音声データに基づく自動音声を音声出力部21から出力する(ステップS11)。 The control unit 25 of the user terminal 2 responds to the reception of the voice data transmitted from the management server 3 via the telephone network 6 by the communication unit 23 (step S10), and outputs an automatic voice based on the voice data. Output from the output unit 21 (step S11).
 その後、制御部25は、図8に示すように、利用者によって確認情報が入力されたことに応答して(ステップS12;Yes)、確認情報を通信部23から電話網6を介して管理サーバ3に送信する(ステップS13)。 Thereafter, as shown in FIG. 8, the control unit 25 responds to the input of the confirmation information by the user (Step S12; Yes), and transmits the confirmation information from the communication unit 23 to the management server via the telephone network 6. 3 (step S13).
 管理サーバ3の制御部33は、利用者端末2から電話網6を介して送信される確認情報を通信部31で受信したことに応答して(ステップS14)、利用者が購入した電子チケットを示すチケットIDに対応付けて、利用者の氏名、住所、及び利用者端末2の電話番号を、チケットDB320に登録する(ステップS15)。 The control unit 33 of the management server 3 responds to the reception of the confirmation information transmitted from the user terminal 2 via the telephone network 6 by the communication unit 31 (step S14), and deletes the electronic ticket purchased by the user. The user's name, address, and telephone number of the user terminal 2 are registered in the ticket DB 320 in association with the indicated ticket ID (step S15).
 次に、制御部33は、チケットIDに対応するURLと電話番号とをチケットDB320から読み出す(ステップS16)。 Next, the control unit 33 reads the URL and the telephone number corresponding to the ticket ID from the ticket DB 320 (Step S16).
 続いて、制御部33は、チケットDB320から読み出したURLを示すQRコード(登録商標)を生成する(ステップS17)。 Next, the control unit 33 generates a QR code (registered trademark) indicating the URL read from the ticket DB 320 (Step S17).
 そして、制御部33は、QRコード(登録商標)の各ブロックを、所定のコード配置規則に従ってデコードして行くことにより、各ブロックから11個の情報シンボルからなる情報ビット列と22個又は23個のRSシンボルからなるRSビット列とを取得する(ステップS18)。 Then, the control unit 33 decodes each block of the QR code (registered trademark) in accordance with a predetermined code arrangement rule, thereby obtaining an information bit string including 11 information symbols and 22 or 23 information symbols from each block. An RS bit string composed of RS symbols is obtained (step S18).
 次に、制御部33は、各ブロックのRSビット列の予め定められた位置から2個のRSシンボルを抽出して、各ブロックから、2個のRSシンボルからなるビット長16のビット列mi(i=1~4)をそれぞれ取得する(ステップS19)。 Next, the control unit 33 extracts two RS symbols from a predetermined position of the RS bit sequence of each block, and from each block, a bit sequence mi (i = i = i = 2) composed of two RS symbols and having a bit length of 16 1) to 4) are obtained (step S19).
 続いて、制御部33は、ビット列mi(i=1~4)と、電話番号の下4桁の各数字を示すビット長16のビット列ni(i=1~4)と、の排他的論理和をそれぞれ算出して、ビット列m’i(i=1~4)を生成する(ステップS20)。 Subsequently, the control unit 33 performs an exclusive OR operation on the bit sequence mi (i = 1 to 4) and the bit sequence ni (i = 1 to 4) having a bit length of 16 indicating the last four digits of the telephone number. Are calculated, and a bit string m′i (i = 1 to 4) is generated (step S20).
 制御部33は、ビット列mi(i=1~4)を、それぞれビット列m’i(i=1~4)に置換することにより、ビット列ni(i=1~4)を認証情報として埋め込む(ステップS21)。 The control unit 33 embeds the bit string ni (i = 1 to 4) as authentication information by replacing the bit string mi (i = 1 to 4) with the bit string m′i (i = 1 to 4) (step S1). S21).
 制御部33は、図9に示すように、情報ビット列と、認証情報が埋め込まれたRSビット列と、をQRコード(登録商標)のコード配置規則に従って配置することにより、訂正領域に認証情報が埋め込まれたQRコード(登録商標)からなる電子チケットを生成する(ステップS22)。 The control unit 33 embeds the authentication information in the correction area by arranging the information bit string and the RS bit string in which the authentication information is embedded according to the QR code (registered trademark) code arrangement rule, as shown in FIG. An electronic ticket including the acquired QR code (registered trademark) is generated (step S22).
 そして、制御部33は、電子チケットを通信部31からインターネット網5を介して利用者端末2に送信する(ステップS23)。 Then, the control unit 33 transmits the electronic ticket from the communication unit 31 to the user terminal 2 via the Internet 5 (step S23).
 利用者端末2の制御部25は、管理サーバ3からインターネット網5を介して送信される電子チケットを受信して(ステップS24)、記憶部24に保存してから(ステップS25)、チケット発行処理を終了する。 The control unit 25 of the user terminal 2 receives the electronic ticket transmitted from the management server 3 via the Internet 5 (step S24), stores the electronic ticket in the storage unit 24 (step S25), and issues the ticket. To end.
 その後、利用者は、イベント会場の入口付近において、チケット発行処理で発行された電子チケットを、利用者端末2のタッチパネル22に表示して係員に提示する。そして、係員が、利用者端末2のタッチパネル22に表示される電子チケットに、読取端末4の撮像部41を翳して、電子チケットの認証を指示したことに応答して、チケット管理システム1は、チケット認証処理を実行する。 Thereafter, the user displays the electronic ticket issued in the ticket issuing process on the touch panel 22 of the user terminal 2 and presents it to the attendant near the entrance of the event venue. Then, in response to the clerk instructing the electronic ticket displayed on the touch panel 22 of the user terminal 2 with the imaging unit 41 of the reading terminal 4 instructing authentication of the electronic ticket, the ticket management system 1 Execute the ticket authentication process.
 図10及び図11は、チケット認証処理の詳細を示すフローチャートである。 FIGS. 10 and 11 are flowcharts showing details of the ticket authentication process.
 チケット認証処理において、制御部44は、図10に示すように、利用者端末2のタッチパネル22に表示される電子チケットを撮像部41で撮像する(ステップS31)。 In the ticket authentication process, the control unit 44 captures an electronic ticket displayed on the touch panel 22 of the user terminal 2 by the imaging unit 41 as shown in FIG. 10 (step S31).
 制御部44は、撮像部41で電子チケットを撮像して得られた撮像ビット列を、上述のコード配置規則に従ってデコードして行くことにより、QRコード(登録商標)の各ブロックから11個の情報シンボルからなる情報ビット列と、22又は23個のRSシンボルからなるRSビット列と、を取得する(ステップS32)。 The control unit 44 decodes the imaging bit sequence obtained by imaging the electronic ticket by the imaging unit 41 in accordance with the above-described code arrangement rule, thereby obtaining 11 information symbols from each block of the QR code (registered trademark). , And an RS bit string composed of 22 or 23 RS symbols (step S32).
 次に、制御部44は、撮像ビット列と、情報ビット列及びRSビット列と、の排他的論理和を求めることにより、2個のRSシンボルからなる4個のビット列m’i(i=1~4)を誤りとして検出する(ステップS33)。 Next, the control unit 44 obtains an exclusive OR of the imaging bit sequence, the information bit sequence, and the RS bit sequence, thereby obtaining four bit sequences m′i (i = 1 to 4) including two RS symbols. Is detected as an error (step S33).
 続いて、制御部44は、RSビット列に含まれる4個のビット列mi(i=1~4)と、誤りとして検出した4個のビット列m’i(i=1~4)と、の排他的論理和を算出することにより、認証情報として埋め込まれた4個のビット列ni(i=1~4)を取得する(ステップS34)。 Subsequently, the control unit 44 performs exclusive control of the four bit strings mi (i = 1 to 4) included in the RS bit string and the four bit strings m′i (i = 1 to 4) detected as errors. By calculating the logical sum, four bit strings ni (i = 1 to 4) embedded as the authentication information are obtained (step S34).
 制御部44は、通信部42からインターネット網5を介して、情報ビット列が示すURLにアクセスする(ステップS35)。 The control unit 44 accesses the URL indicated by the information bit string from the communication unit 42 via the Internet 5 (step S35).
 そして、制御部44は、4個のビット列ni(i=1~4)からなる認証情報を、通信部42からインターネット網5を介して管理サーバ3に送信する(ステップS36)。 Then, the control unit 44 transmits the authentication information including the four bit strings ni (i = 1 to 4) from the communication unit 42 to the management server 3 via the Internet 5 (step S36).
 管理サーバ3の制御部33は、読取端末4からのアクセス後に、インターネット網5を介して送信される認証情報を通信部31で受信したことに応答して(ステップS37)、読取端末4によってアクセスされたURLに対応する利用者端末2の電話番号を、チケットDB320から読み出す(ステップS38)。 After the access from the reading terminal 4, the control unit 33 of the management server 3 responds to the reception of the authentication information transmitted via the Internet 5 by the communication unit 31 (step S <b> 37). The telephone number of the user terminal 2 corresponding to the URL is read out from the ticket DB 320 (step S38).
 そして、制御部33は、通信部31で受信した認証情報が、チケットDB320から読み出した利用者端末2の電話番号の下4桁と合致するか否かを判別する(ステップS39)。 Then, the control unit 33 determines whether the authentication information received by the communication unit 31 matches the last four digits of the telephone number of the user terminal 2 read from the ticket DB 320 (Step S39).
 制御部33は、認証情報が利用者端末2の電話番号の下4桁と合致していない場合(ステップ39;No)、改ざんされたものと判別して、電子チケットの認証に失敗した旨を示す認証失敗通知を、通信部31からインターネット網5を介して読取端末4に送信する(ステップS40)。 If the authentication information does not match the last four digits of the telephone number of the user terminal 2 (step 39; No), the control unit 33 determines that the electronic information has been tampered with and notifies that the electronic ticket authentication has failed. The authentication failure notification is transmitted from the communication unit 31 to the reading terminal 4 via the Internet 5 (step S40).
 読取端末4の制御部44は、管理サーバ3からインターネット網5を介して送信される認証失敗通知を通信部42で受信したことに応答して(ステップS41)、電子チケットの認証に失敗した旨を示す認証失敗画面を表示部43に表示してから(ステップS42)、チケット認証処理を終了する。 The control unit 44 of the reading terminal 4 responds to the reception of the authentication failure notification transmitted from the management server 3 via the Internet 5 by the communication unit 42 (step S41), and informs that the authentication of the electronic ticket has failed. Is displayed on the display unit 43 (step S42), and then the ticket authentication process ends.
 これに対して、制御部33は、認証情報が利用者端末2の電話番号の下4桁と合致している場合(ステップ39;Yes)、図11に示すように、改ざんされていないものと判別して、電子チケットの認証に成功した旨を示すショートメールを、通信部31から電話網6を介して利用者端末2の電話番号に宛てて送信する(ステップS43)。 On the other hand, if the authentication information matches the last four digits of the telephone number of the user terminal 2 (step 39; Yes), the control unit 33 determines that the tampering has not been performed as shown in FIG. Then, a short mail indicating that the electronic ticket has been successfully authenticated is transmitted from the communication unit 31 to the telephone number of the user terminal 2 via the telephone network 6 (step S43).
 利用者端末2の制御部25は、管理サーバ3から電話網6を介して送信される電子チケットの認証に成功した旨を示すショートメールを受信して(ステップS44)、タッチパネル22に表示してから(ステップS45)、チケット認証処理を終了する。 The control unit 25 of the user terminal 2 receives the short mail indicating that the electronic ticket transmitted from the management server 3 via the telephone network 6 has been successfully authenticated (step S44), and displays the short mail on the touch panel 22. From (step S45), the ticket authentication process ends.
 利用者は、タッチパネル22に表示されるショートメールを係員に提示することで、電子チケットが正規に購入したものであって、転売されたものではないということを証明することができる。係員は、提示されたショートメールを確認した後、電子チケットが正規に購入したものであるとして、利用者のイベント会場への入場を許可する。 (4) The user can prove that the electronic ticket has been legally purchased and not resold by presenting the short mail displayed on the touch panel 22 to the attendant. After checking the presented short mail, the attendant determines that the electronic ticket has been purchased and permits the user to enter the event site.
 以上説明したように、本実施形態に係るチケット管理システム1は、利用者端末2と、管理サーバ(認証対象発行装置)3と、読取端末4と、を具備し、これらは、インターネット網5及び電話網6を介して相互に通信可能に接続されている。 As described above, the ticket management system 1 according to the present embodiment includes the user terminal 2, the management server (authentication target issuing device) 3, and the reading terminal 4, which are the Internet network 5 and the They are communicably connected via a telephone network 6.
 図7に示すチケット発行処理において、利用者端末2の制御部25は、利用者端末2の電話番号を特定可能なチケット購入依頼をインターネット網5を介して管理サーバ3に送信する(ステップS1)。管理サーバ3の制御部33は、利用者端末2からインターネット網5を介してチケット購入依頼を受信したことに応答して、チケット購入依頼から特定される利用者端末2の電話番号に宛てて自動発信して、利用者による入力を要求する確認情報を電話網6を介して通知する(ステップS9)。利用者端末2の制御部25は、管理サーバ3から電話網6を介して通知された確認情報を、利用者が入力したことに応答して、電話網6を介して管理サーバ3に送信する(ステップS13)。管理サーバ3の制御部33は、通知した確認情報を、利用者端末2から電話網6を介して受信したことに応答して、電子チケットをインターネット網5を介して利用者端末2に送信することにより(ステップS23)、確認情報を入力した利用者に電子チケットを発行する。 In the ticket issuing process shown in FIG. 7, the control unit 25 of the user terminal 2 transmits a ticket purchase request capable of specifying the telephone number of the user terminal 2 to the management server 3 via the Internet network 5 (step S1). . In response to receiving the ticket purchase request from the user terminal 2 via the Internet network 5, the control unit 33 of the management server 3 automatically sends the request to the telephone number of the user terminal 2 specified from the ticket purchase request. A transmission is made, and confirmation information requesting an input by the user is notified via the telephone network 6 (step S9). The control unit 25 of the user terminal 2 transmits confirmation information notified from the management server 3 via the telephone network 6 to the management server 3 via the telephone network 6 in response to the user's input. (Step S13). The control unit 33 of the management server 3 transmits the electronic ticket to the user terminal 2 via the Internet network 5 in response to receiving the notified confirmation information from the user terminal 2 via the telephone network 6. As a result (step S23), an electronic ticket is issued to the user who has input the confirmation information.
 これにより、チケット管理システム1は、パスワードを利用することなく認証可能な電子チケットを発行することができる。 Thereby, the ticket management system 1 can issue an electronic ticket that can be authenticated without using a password.
 本実施形態において、管理サーバ3の制御部33は、URLをセルの分布パターンによって表現する情報コード(情報領域)Cdと、誤りを訂正するための訂正情報をセルの分布パターンによって表現するRSコード(訂正領域)Ceと、を備えるQRコード(登録商標)100のRSコード(訂正領域)Ceに認証情報として、利用者端末2の電話番号の全部又は一部を埋め込んで、電子チケットを生成する(ステップS22)。具体的に、制御部33は、RSコード(訂正領域)Ceの一部からビット列mi(i=1~4)を取得し、ビット列mi(i=1~4)と、電話番号の下4桁の各数字を示すビット列ni(i=1~4)と、の排他的論理和であるビット列m’i(i=1~4)を求める(ステップS20)。そして、制御部33は、RSコード(訂正領域)Ceの一部を示すビット列mi(i=1~4)を、それぞれビット列m’i(i=1~4)に置換することにより、ビット列ni(i=1~4)を認証情報として埋め込む(ステップS21)。 In the present embodiment, the control unit 33 of the management server 3 includes an information code (information area) Cd for expressing a URL by a cell distribution pattern and an RS code for expressing correction information for correcting an error by a cell distribution pattern. An electronic ticket is generated by embedding all or part of the telephone number of the user terminal 2 as authentication information in the RS code (correction area) Ce of the QR code (registered trademark) 100 including (correction area) Ce. (Step S22). Specifically, the control unit 33 acquires the bit string mi (i = 1 to 4) from a part of the RS code (correction area) Ce, and stores the bit string mi (i = 1 to 4) and the last four digits of the telephone number. And a bit string m'i (i = 1 to 4) which is an exclusive OR of the bit string ni (i = 1 to 4) indicating each number (step S20). Then, the control unit 33 replaces the bit string mi (i = 1 to 4) indicating a part of the RS code (correction area) Ce with the bit string m′i (i = 1 to 4), thereby forming the bit string ni. (I = 1 to 4) are embedded as authentication information (step S21).
 このように、RSコードCeに認証情報を埋め込むことで、URLを表現する情報コードCdに何ら変更を加える必要が無くなるため、QRコード(登録商標)によって表現される情報のデータ量が削減されることを防止することができる。 By embedding the authentication information in the RS code Ce in this way, it is not necessary to make any change to the information code Cd representing the URL, and thus the data amount of the information represented by the QR code (registered trademark) is reduced. Can be prevented.
 また、管理サーバ3は、利用者端末2の電話番号と、RSコード(訂正領域)Ceに電話番号の全部又は一部が認証情報として埋め込まれた電子チケットであるQRコード(登録商標)100が示すURLと、を対応付けて登録するチケットDB320を備える。読取端末4は、QRコード(登録商標)100を撮像して撮像ビット列を取得する撮像部41を備える。 The management server 3 stores the telephone number of the user terminal 2 and a QR code (registered trademark) 100 which is an electronic ticket in which all or a part of the telephone number is embedded as authentication information in an RS code (correction area) Ce. It has a ticket DB 320 for registering the indicated URLs in association with each other. The reading terminal 4 includes an imaging unit 41 that captures an image of the QR code (registered trademark) 100 and obtains an imaging bit sequence.
 図10に示すチケット認証処理において、読取端末4の制御部44は、撮像部41で取得した撮像ビット列をデコードして、URLを示す情報ビット列と、訂正情報を示す訂正ビット列と、を取得する(ステップS32)。制御部44は、撮像部41で取得した撮像ビット列と、ステップS32で取得した情報ビット列及び訂正ビット列と、の排他的論理和である第2排他的論理和を求めて、ビット列mi(i=1~4)とビット列ni(i=1~4)との排他的論理和であるビット列m’i(i=1~4)(第1排他的論理和)を誤りとして検出する(ステップS33)。制御部44は、訂正ビット列に含まれるビット列mi(i=1~4)と、誤りとして検出したビット列m’i(i=1~4)と、の排他的論理和である第3排他的論理和を求めて、ビット列ni(i=1~4)を取得する(ステップS34)。 In the ticket authentication process illustrated in FIG. 10, the control unit 44 of the reading terminal 4 decodes the imaging bit string acquired by the imaging unit 41 to acquire an information bit string indicating a URL and a correction bit string indicating correction information ( Step S32). The control unit 44 obtains a second exclusive OR that is an exclusive OR of the imaging bit sequence acquired by the imaging unit 41 and the information bit sequence and the correction bit sequence acquired in step S32, and obtains the bit sequence mi (i = 1 4) and a bit string m′i (i = 1 to 4) (first exclusive OR) which is an exclusive OR of the bit string ni (i = 1 to 4) is detected as an error (step S33). The control unit 44 performs a third exclusive logical operation which is an exclusive OR operation of the bit string mi (i = 1 to 4) included in the correction bit string and the bit string m′i (i = 1 to 4) detected as an error. The bit string ni (i = 1 to 4) is obtained by obtaining the sum (step S34).
 これにより、電子チケットが改ざんされた場合、読取端末4は、ビット列mi(i=1~4)とビット列ni(i=1~4)との排他的論理和であるビット列m’i(i=1~4)(第1排他的論理和)を誤りとして検出できなくなるため、電子チケットの偽造を検出することができる。 Thereby, when the electronic ticket is tampered, the reading terminal 4 sets the bit string m′i (i = i = i = i), which is the exclusive OR of the bit string mi (i = 1 to 4) and the bit string ni (i = 1 to 4). 1 to 4) (first exclusive OR) cannot be detected as an error, so that forgery of the electronic ticket can be detected.
 そして、読取端末4の制御部44は、ステップS32で取得した撮像ビット列が示すURLに、インターネット網5を介してアクセスして(ステップS35)、ステップS34で取得したビット列ni(i=1~4)が示す認証情報を、インターネット網5を介して管理サーバ3に送信する(ステップS36)。管理サーバ3の制御部33は、読取端末4によってインターネット網5を介してURLにアクセスされ、読取端末4から認証情報を受信したことに応答して(ステップS37)、URLに対応する電話番号をチケットDB320から読み出す(ステップS38)。制御部33は、読取端末4から受信した認証情報が、ステップS38で読み出した電話番号の全部又は一部と合致するか否かを判別する(ステップ39)。制御部33は、ステップ39で合致すると判別した場合(ステップ39;Yes)、ステップS38で読み出した電話番号に宛てて、電子チケットの認証に成功したことを電話網6を介して通知する。 Then, the control unit 44 of the reading terminal 4 accesses the URL indicated by the imaging bit string acquired in step S32 via the Internet network 5 (step S35), and acquires the bit string ni (i = 1 to 4) acquired in step S34. ) Is transmitted to the management server 3 via the Internet network 5 (step S36). The control unit 33 of the management server 3 responds to the reading terminal 4 accessing the URL via the Internet 5 and receiving the authentication information from the reading terminal 4 (step S37), and changes the telephone number corresponding to the URL. It is read from the ticket DB 320 (step S38). The control unit 33 determines whether or not the authentication information received from the reading terminal 4 matches all or a part of the telephone number read in step S38 (step 39). If it is determined in step 39 that they match (step 39; Yes), the control unit 33 notifies the telephone number read out in step S38 that the electronic ticket has been successfully authenticated via the telephone network 6.
 本実施形態に係るチケット管理システム1は、従来のように、ID及びパスワードの一要素のみを利用してインターネット網5の一経路のみで認証するのではなく、QRコード(登録商標)をインターネット網5で利用する一方で、電話番号を電話網6で利用するといったように、QRコード(登録商標)及び電話番号の二要素を、それぞれ異なる二経路で、電子チケットを認証することができる。このように、チケット管理システム1では、パスワードを利用することなく、電子チケットを認証することができるため、パスワードを管理する必要をなくすことができる。また、インターネット網5は、ハッキングされてパスワードが漏洩する可能性はあるが、電話網6は、ハッキングされることがないため、電子チケットの認証の安全性を担保することができる。 The ticket management system 1 according to the present embodiment does not use only one element of an ID and a password to authenticate with only one path of the Internet network 5 as in the related art, but uses a QR code (registered trademark) in the Internet network. For example, the electronic ticket can be authenticated by using two elements of the QR code (registered trademark) and the telephone number by two different routes, such as using the telephone number in the telephone network 6 and using the telephone number in the telephone network 6. As described above, the ticket management system 1 can authenticate an electronic ticket without using a password, so that it is not necessary to manage a password. In addition, although there is a possibility that the Internet network 5 is hacked and the password is leaked, the telephone network 6 is not hacked, so that the security of the authentication of the electronic ticket can be secured.
 さらに、電話番号は、何処でも誰でも利用可能なものであるため、例えば海外でも電子チケットの認証を行うことができる。電話番号だけでは、第三者が利用者を特定することはできないため、匿名性を担保することができる。 Furthermore, since the telephone number can be used by anyone anywhere, the electronic ticket can be authenticated overseas, for example. Since a third party cannot identify a user using only a telephone number, anonymity can be secured.
 また、管理サーバ3には、利用者の操作履歴や電子チケットの取引履歴が保持され、電話会社には、通話履歴の中に電子チケットの取引履歴が保持されるが、これらの操作履歴や取引履歴を利用者が操作することはできないため、電子チケットの購入の安全性を担保することができる。例えば、事件や事故が発生した場合、電話会社は、通話履歴から利用者を特定することができるため、電子チケットの購入の安全性を担保することができる。 The management server 3 holds the operation history of the user and the transaction history of the electronic ticket, and the telephone company holds the transaction history of the electronic ticket in the call history. Since the history cannot be operated by the user, the security of the purchase of the electronic ticket can be secured. For example, when an incident or accident occurs, the telephone company can identify the user from the call history, so that the security of the purchase of the electronic ticket can be secured.
 さらに、従来は、認証に際、ID及びパスワードを入力する必要があったが、本実施形態に係るチケット管理システム1では、電子チケットを読取端末4で読み取るだけでよいため、認証操作を簡易にすることができる。また、本実施形態に係るチケット管理システム1によれば、ID及びパスワードを利用する既存のものに比べて、維持費用を低コストにすることができる。 Further, conventionally, at the time of authentication, it was necessary to input an ID and a password. However, in the ticket management system 1 according to the present embodiment, it is only necessary to read the electronic ticket with the reading terminal 4, so that the authentication operation is simplified. can do. Further, according to the ticket management system 1 according to the present embodiment, the maintenance cost can be reduced as compared with the existing system using the ID and the password.
 なお、本発明は、上記の実施形態に限定されず、種々の変形、応用が可能である。以下、本発明に適用可能な上記の実施形態の変形態様について、説明する。 The present invention is not limited to the above embodiment, and various modifications and applications are possible. Hereinafter, modifications of the above-described embodiment applicable to the present invention will be described.
 上記の実施形態において、認証対象は、電子チケットであるものとして説明した。しかしながら、本発明は、これに限定されるものではなく、認証対象は、任意である。例えば、認証対象は、紙媒体のチケットでもよい。この場合、管理サーバ3の制御部33は、訂正領域に認証情報が埋め込まれたQRコード(登録商標)が印刷された紙媒体のチケットを生成する。そして、チケットの販売者は、紙媒体のチケットを、チケット購入依頼から特定される利用者の住所に郵送すればい。利用者は、イベント会場の入口付近において、紙媒体のチケットに印刷されたQRコード(登録商標)を読取端末4に読み取らせて、利用者端末2のタッチパネル22に、電子チケットの認証に成功した旨を示すショートメールを表示させる。そして、利用者は、紙媒体のチケットとともに、タッチパネル22に表示されるショートメールを係員に提示すればよい。 In the above embodiment, the authentication target is described as an electronic ticket. However, the present invention is not limited to this, and the authentication target is arbitrary. For example, the authentication target may be a paper ticket. In this case, the control unit 33 of the management server 3 generates a paper medium ticket on which a QR code (registered trademark) in which the authentication information is embedded in the correction area is printed. Then, the ticket seller has to mail the paper ticket to the user's address specified from the ticket purchase request. The user made the reading terminal 4 read the QR code (registered trademark) printed on the paper medium ticket near the entrance of the event venue, and successfully authenticated the electronic ticket on the touch panel 22 of the user terminal 2. Display a short mail indicating that. Then, the user may present the short mail displayed on the touch panel 22 to the attendant together with the paper medium ticket.
 また、認証対象は、利用者本人を認証するためのものであってもよい。この場合、管理サーバ3は、利用者端末2からインターネット網5を介して送信される本人認証コード発行依頼を受信した後、電話網6を介して確認情報を受信したことに応答して、利用者に固有のURLを付与する。管理サーバ3は、URLを示すQRコード(登録商標)の訂正領域に、本人認証コード発行依頼から特定される利用者の電話番号の全部又は一部を認証情報として埋め込んで、本人認証コードを生成する。そして、管理サーバ3は、本人認証コードをインターネット網5を介して利用者端末2に送信することにより、利用者に本人認証コードを発行する。その後、利用者が、本人認証コードを利用者端末2のタッチパネル22に表示させて読取端末4に翳すと、利用者端末2には、管理サーバ3から電話網6を介して自動発信されたり、ショートメールが送信されたりする。これにより、例えば利用者の決済相手は、利用者本人であることを確認できるため、決済を行うことができる。 認証 Also, the authentication target may be for authenticating the user. In this case, the management server 3 receives the authentication code issuance request transmitted from the user terminal 2 via the Internet 5, and responds to the confirmation information received via the telephone network 6. A unique URL to the user. The management server 3 embeds, as authentication information, all or a part of the telephone number of the user identified from the request for issuing the personal authentication code in the correction area of the QR code (registered trademark) indicating the URL, and generates the personal authentication code. I do. Then, the management server 3 issues the personal authentication code to the user by transmitting the personal authentication code to the user terminal 2 via the Internet network 5. Thereafter, when the user displays the personal identification code on the touch panel 22 of the user terminal 2 and holds it over the reading terminal 4, the user terminal 2 is automatically transmitted from the management server 3 via the telephone network 6. , A short mail is sent. Thereby, for example, it is possible to confirm that the settlement partner of the user is the user himself, so that settlement can be performed.
 さらに、本人認証コードには、予め決められた金銭的価値が付与されていてもよい。このようにすれば、決済するためには、利用者本人の利用者端末2と金銭的価値が付与された本人認証コードとの両方が必要となる。このため、現金をQRコード(登録商標)によってデジタル通貨にして提供することが可能となる。 Further, a predetermined monetary value may be given to the personal identification code. In this way, both the user terminal 2 of the user himself and the personal identification code to which a monetary value has been assigned are required for the settlement. For this reason, cash can be provided in a digital currency using a QR code (registered trademark).
 上記の実施形態において、確認情報は、自動音声によって利用者に通知されるものとして説明したが、本発明はこれに限定されるものではなく、確認情報は、ショートメールによって利用者に通知されるものであってもよい。また、電子チケットの認証に成功した旨は、ショートメールによって利用者に通知されるものとして説明したが、自動音声によって利用者に通知されるものであってもよい。 In the above embodiment, the confirmation information is described as being notified to the user by an automatic voice. However, the present invention is not limited to this, and the confirmation information is notified to the user by a short mail. It may be something. In addition, although the user has been notified that the electronic ticket has been successfully authenticated by a short mail, the user may be notified by an automatic voice.
 上記の実施形態において、電子チケットを構成するQRコード(登録商標)100は、白色のセルと黒色のセルとの分布パターンによってURLを表現する汎用のQRコード(登録商標)であるものと説明した。しかしながら、視認可能なロゴ画像に二次元コードを重ね合わせたロゴ付き二次元コードであってもよい。 In the above embodiment, the QR code (registered trademark) 100 constituting the electronic ticket is described as a general-purpose QR code (registered trademark) that represents a URL by a distribution pattern of white cells and black cells. . However, a two-dimensional code with a logo in which a two-dimensional code is superimposed on a visible logo image may be used.
 例えば、ロゴ付き二次元コードは、汎用の二次元コードリーダによって黒色と認識される所定明度未満のロゴ画像に、汎用の二次元コードリーダによって白色と認識される所定明度以上のセルが重ね合わされたものであってもよい。この場合、ロゴ付き二次元コード11は、汎用の二次元コードリーダによって白色と認識される所定明度以上のセルと、汎用の二次元コードリーダによって黒色と認識される所定明度未満のロゴ画像と、の分布パターンによって、URLを表現する(例えば特開2007-287004号日本国特許公開公報参照)。 For example, a two-dimensional code with a logo is a logo image of less than a predetermined brightness that is recognized as black by a general-purpose two-dimensional code reader, and a cell with a predetermined brightness or more that is recognized as white by a general-purpose two-dimensional code reader is superimposed. It may be something. In this case, the two-dimensional code 11 with a logo is a cell having a predetermined brightness or higher that is recognized as white by a general-purpose two-dimensional code reader, a logo image with a predetermined brightness that is recognized as black by a general-purpose two-dimensional code reader, (For example, refer to Japanese Patent Laid-Open Publication No. 2007-287004).
 また、ロゴ付き二次元コードは、ロゴ画像のうち、汎用の二次元コードリーダによって黒色と認識される所定明度未満の部分には、汎用の二次元コードリーダによって白色と認識される所定明度以上のセルが重ね合わされ、汎用の二次元コードリーダによって白色と認識される所定明度以上の部分には、汎用の二次元コードリーダによって黒色と認識される所定明度未満のセルが重ね合わされたものであってもよい(例えば特開2008-15642号日本国特許公報参照)。 In addition, the two-dimensional code with a logo is a part of the logo image that has a predetermined brightness that is recognized as black by a general-purpose two-dimensional code reader and has a brightness equal to or higher than a predetermined brightness that is recognized as white by a general-purpose two-dimensional code reader. The cells are superimposed, and a portion having a predetermined brightness which is recognized as white by a general-purpose two-dimensional code reader is a cell in which cells having a predetermined brightness which is recognized as black by a general-purpose two-dimensional code reader are superimposed. (For example, see Japanese Patent Application Laid-Open No. 2008-15624).
 さらに、ロゴ付き二次元コードは、ロゴ画像のうちの第1明度未満の部分には、第1種類の明度のセルのみが重ね合わされる一方で、ロゴ画像のうちの第1明度以上の部分には、第1種類の明度のセルと第2種類の明度のセルとの双方が重ね合わされているものであってもよい。また、ロゴ付き二次元コードは、ロゴ画像のうち、第1明度未満の部分には、第1種類の明度のセルのみが重ね合わされ、第1明度以上の部分で第2明度未満の部分には、第1種類の明度のセルと第2種類の明度のセルとの双方が重ね合わされ、汎用の二次元コードリーダによって白色と認識される第2明度以上の部分には、第2種類の明度のセルのみが重ね合わされたものであってもよい。この場合、ロゴ付き二次元コードは、汎用の二次元コードリーダによって白色と認識される第1種類の明度のセル及びロゴ画像うちの第2明度以上の部分と、汎用の二次元コードリーダによって黒色と認識される第2種類の明度のセル及びロゴ画像のうちの第1明度未満の部分と、の分布パターンによって、URLを表現する(例えばWO2011/118540号国際公開公報参照)。 Furthermore, the two-dimensional code with the logo is such that only the cells of the first type of brightness are superimposed on the portion of the logo image having a brightness lower than the first brightness, while the portion of the logo image having the brightness of the first brightness or higher is superimposed. May be a cell in which both cells of the first type of brightness and cells of the second type of brightness are superimposed. Further, the two-dimensional code with a logo is such that only a cell of the first type of brightness is superimposed on a portion of the logo image having a brightness lower than the first brightness, and a portion of the first brightness or higher and a portion of the logo brightness lower than the second brightness is used. , The cell of the first type of brightness and the cell of the second type of brightness are superimposed, and a portion of the second type or higher that is recognized as white by a general-purpose two-dimensional code reader has the second type of brightness. Only cells may be superimposed. In this case, the two-dimensional code with the logo is a cell of the first type of lightness that is recognized as white by the general-purpose two-dimensional code reader and a portion of the logo image that has the second lightness or higher, and is blackened by the general-purpose two-dimensional code reader. The URL is expressed by the distribution pattern of the cell of the second type of lightness and the part of the logo image which is recognized as being less than the first lightness (for example, see WO2011 / 118540).
 なお、本明細書中に特開2007-287004号日本国特許公報、特開2008-15642号日本国特許公報、及びWO2011/118540号国際公開公報の明細書、特許請求の範囲、図面全体を参考として取り込むものとする。 In this specification, reference is made to Japanese Patent Application Laid-Open No. 2007-287004, Japanese Patent Application Laid-Open No. 2008-15654, and Japanese Patent Application Publication No. WO2011 / 118540, claims, and the entire drawings. It shall be taken as.
 上記の実施形態において、二次元コードは、QRコード(登録商標)であるものとして説明した。しかしながら、本発明は、これに限定されるものではない。二次元コードは、例えば、データマトリクス、アズテックコード、コードワン、アレイタグ、ボックス図形コード、マキシコード、ペリコード、ソフトストリップ、CPコード、カルラコード、及びウルトラコード等といった他のマトリクス式の二次元コードであってもよい。あるいは、PDF417、コード49、コード16k、コーダブロック等といった一次元バーコードを縦に積み重ねたスタック式の二次元コードであっても構わない。 In the above embodiment, the two-dimensional code has been described as a QR code (registered trademark). However, the present invention is not limited to this. The two-dimensional code is, for example, another matrix type two-dimensional code such as a data matrix, an aztec code, a code one, an array tag, a box graphic code, a maxi code, a peri code, a soft strip, a CP code, a carla code, and an ultra code. There may be. Alternatively, a stack type two-dimensional code in which one-dimensional bar codes such as PDF417, code 49, code 16k, and coder block are vertically stacked may be used.
 また、上記の実施形態において、制御部25、33、及び44のCPUが実行するプログラムは、予めROM、並びに記憶部24及び32等に記憶されるものとして説明したが、本発明はこれに限定されるものではなく、上述の処理を実行させるためのプログラムを、既存の汎用コンピュータに適用することで、上記の実施形態に係る利用者端末2、管理サーバ3、及び認証端末4として機能させてもよい。 In the above embodiment, the programs executed by the CPUs of the control units 25, 33, and 44 are described as being stored in advance in the ROM and the storage units 24 and 32, but the present invention is not limited to this. Instead, by applying a program for executing the above-described processing to an existing general-purpose computer, the program is caused to function as the user terminal 2, the management server 3, and the authentication terminal 4 according to the above-described embodiment. Is also good.
 このようなプログラムの提供方法は任意であり、例えばコンピュータが読取可能な記録媒体(フレキシブルディスク、CD(Compact Disc)-ROM、DVD(Digital Versatile Disc)-ROM等)に格納して配布してもよいし、インターネット等のネットワーク上のストレージにプログラムを格納しておき、これをダウンロードさせることにより提供してもよい。 The method of providing such a program is arbitrary. For example, the program may be stored in a computer-readable recording medium (such as a flexible disk, a CD (Compact Disc) -ROM, or a DVD (Digital Versatile Disc) -ROM) and distributed. Alternatively, the program may be stored in a storage on a network such as the Internet and provided by downloading the program.
 さらに、上記の処理をOS(Operating System)とアプリケーションプログラムとの分担、又はOSとアプリケーションプログラムとの協働によって実行する場合には、アプリケーションプログラムのみを記録媒体やストレージに格納してもよい。また、搬送波にプログラムを重畳し、ネットワークを介して配信することも可能である。例えば、ネットワーク上の掲示板(BBS:Bulletin Board System)に上記プログラムを掲示し、ネットワークを介してプログラムを配信してもよい。そして、このプログラムを起動し、OSの制御下で、他のアプリケーションプログラムと同様に実行することにより、上記の処理を実行できるように構成してもよい。 In the case where the above-described processing is executed by sharing an OS (Operating System) and an application program, or when the OS and the application program cooperate with each other, only the application program may be stored in a recording medium or a storage. It is also possible to superimpose a program on a carrier wave and distribute it via a network. For example, the program may be posted on a bulletin board (BBS: Bulletin Board System) on a network, and the program may be distributed via the network. Then, the above-described processing may be executed by activating this program and executing it in the same manner as other application programs under the control of the OS.
 なお、本発明は、本発明の広義の精神と範囲を逸脱することなく、様々な実施の形態及び変形が可能とされるものである。また、上述した実施の形態は、本発明の一実施例を説明するためのものであり、本発明の範囲を限定するものではない。 The present invention allows various embodiments and modifications without departing from the broad spirit and scope of the present invention. Further, the above-described embodiment is for describing an example of the present invention, and does not limit the scope of the present invention.
  1 チケット管理システム(認証対象発行システム)
  2 利用者端末
  3 管理サーバ(認証対象発行装置)
  4 読取端末
  5 インターネット網
  6 電話網
 21 音声出力部
 22 タッチパネル
 23 通信部
 24 記憶部
 25 制御部
 31 通信部
 32 記憶部
 33 制御部
 41 撮像部
 42 通信部
 43 表示部
 44 制御部
100 QRコード(登録商標)
104 位置決め用シンボル
106 情報コード記録領域
108 タイミングセル
109 フォーマットコード
320 チケットDB 1 ticket management system (authentication target issuing system)
2 User terminal 3 Management server (authentication target issuing device)
4 reading terminal 5 Internet network 6 telephone network 21 voice output unit 22 touch panel 23 communication unit 24 storage unit 25 control unit 31 communication unit 32 storage unit 33 control unit 41 imaging unit 42 communication unit 43 display unit 44 control unit 100 QR code (registration) Trademark)
104 Positioning symbol 106 Information code recording area 108 Timing cell 109 Format code 320 Ticket DB

Claims (10)

  1.  利用者端末(2)からインターネット網(5)を介して認証対象の発行依頼を受信したことに応答して、該発行依頼から特定される該利用者端末(2)の電話番号に宛てて、利用者による入力を要求する確認情報を電話網(6)を介して通知する確認情報通知手段(33)と、
     前記確認情報通知手段(33)によって通知した前記確認情報を、前記利用者端末(2)から前記電話網(6)を介して受信したことに応答して、該確認情報を入力した前記利用者に、前記認証対象を発行する認証対象発行手段(33)と、
     を備える認証対象発行装置(3)。     In response to receiving the issuance request for authentication from the user terminal (2) via the Internet network (5), addressing the telephone number of the user terminal (2) specified from the issuance request, Confirmation information notifying means (33) for notifying confirmation information requesting an input by the user via the telephone network (6);
    The user who inputs the confirmation information in response to receiving the confirmation information notified by the confirmation information notification means (33) from the user terminal (2) via the telephone network (6). An authentication object issuing means (33) for issuing the authentication object;
    An authentication target issuing device (3) comprising:
  2.  前記認証対象発行手段(33)は、URL(Uniform Resource Locator)をセルの分布パターンによって表現する情報領域と、誤りを訂正するための訂正情報をセルの分布パターンによって表現する訂正領域と、を備えるデータコード(100)の該訂正領域に認証情報を埋め込んで、該認証対象を生成する、
     請求項1に記載の認証対象発行装置(3)。     The authentication target issuing means (33) includes an information area for expressing a URL (Uniform Resource Locator) by a cell distribution pattern, and a correction area for expressing correction information for correcting an error by a cell distribution pattern. Generating authentication target by embedding authentication information in the correction area of the data code (100);
    The authentication target issuance device (3) according to claim 1.
  3.  前記認証対象発行手段(33)は、前記訂正領域の一部から埋込ビット列を取得し、
     前記埋込ビット列と前記認証情報を示す認証ビット列との排他的論理和である第1排他的論理和を求め、
     前記訂正領域の一部を前記第1排他的論理和に置換することにより、該訂正領域に前記認証情報を埋め込む、
     請求項2に記載の認証対象発行装置(3)。     The authentication target issuing means (33) acquires an embedded bit string from a part of the correction area,
    Calculating a first exclusive OR that is an exclusive OR of the embedded bit string and an authentication bit string indicating the authentication information;
    Embedding the authentication information in the correction area by replacing a part of the correction area with the first exclusive OR;
    An authentication target issuance device (3) according to claim 2.
  4.  前記認証対象発行手段(33)は、前記訂正領域に前記認証情報として、前記利用者端末(2)の電話番号の全部又は一部を埋め込む、
     請求項3に記載の認証対象発行装置(3)。     The authentication target issuing unit (33) embeds all or a part of the telephone number of the user terminal (2) in the correction area as the authentication information.
    The authentication target issuing device (3) according to claim 3.
  5.  前記利用者端末(2)の前記電話番号と、前記訂正領域に該電話番号の全部又は一部が前記認証情報として埋め込まれた前記認証対象である前記データコード(100)が示すURLと、を対応付けて登録するデータベース(320)と、
     読取端末(4)によって前記インターネット網(5)を介して前記URLにアクセスされ、該読取端末(4)から前記認証情報を受信したことに応答して、該URLに対応する前記電話番号を前記データベース(320)から読み出す電話番号読出手段(33)と、
     前記読取端末(4)から受信した前記認証情報が、前記電話番号読出手段(33)によって読み出した前記電話番号の全部又は一部と合致するか否かを判別する電話番号判別手段(33)と、
     前記電話番号判別手段(33)によって合致すると判別した場合、前記電話番号読出手段(33)によって読み出した前記電話番号に宛てて、前記認証対象の認証に成功したことを前記電話網(6)を介して通知する認証成功通知手段(33)と、
     をさらに備える請求項4に記載の認証対象発行装置(3)。     The telephone number of the user terminal (2) and the URL indicated by the data code (100) to be authenticated, in which all or part of the telephone number is embedded in the correction area as the authentication information. A database (320) to be registered in association with;
    The URL is accessed by the reading terminal (4) via the Internet network (5), and in response to receiving the authentication information from the reading terminal (4), the telephone number corresponding to the URL is stored in the URL. Telephone number reading means (33) for reading from the database (320);
    A telephone number determining unit (33) for determining whether the authentication information received from the reading terminal (4) matches all or a part of the telephone number read by the telephone number reading unit (33); ,
    If it is determined by the telephone number determination means (33) that they match, the telephone network (6) is notified to the telephone number read by the telephone number reading means (33) that the authentication of the authentication target has been successful. Authentication success notification means (33) for notifying via
    The authentication target issuing device (3) according to claim 4, further comprising:
  6.  前記認証対象発行手段(33)は、前記認証対象を前記インターネット網(5)を介して前記利用者端末(2)に送信する、
     請求項1に記載の認証対象発行装置(3)。     The authentication target issuing means (33) transmits the authentication target to the user terminal (2) via the Internet network (5);
    The authentication target issuance device (3) according to claim 1.
  7.  前記利用者端末(2)の電話番号を特定可能な前記認証対象の発行依頼を前記インターネット網(5)を介して前記認証対象発行装置(3)に送信する発行依頼送信手段(25)と、
     前記認証対象発行装置(3)から前記電話網(6)を介して通知された前記確認情報を、前記利用者が入力したことに応答して、該電話網(6)を介して該認証対象発行装置(3)に送信する確認情報送信手段(25)と、
     を備える利用者端末(2)と、
     請求項1に記載の認証対象発行装置(3)と、
     を具備する認証対象発行システム(1)。     Issuance request transmitting means (25) for transmitting an issuance request for the authentication target capable of specifying the telephone number of the user terminal (2) to the authentication target issuance device (3) via the Internet network (5);
    In response to the user inputting the confirmation information notified from the authentication target issuing device (3) via the telephone network (6), the authentication target is transmitted via the telephone network (6). Confirmation information transmitting means (25) for transmitting to the issuing device (3);
    A user terminal (2) having
    An authentication target issuance device (3) according to claim 1,
    An authentication target issuance system (1) comprising:
  8.  前記データコード(100)を撮像して撮像ビット列を取得する撮像部(41)と、
     前記撮像部(41)で取得した前記撮像ビット列をデコードして、前記URLを示す情報ビット列と、前記訂正情報を示す訂正ビット列と、を取得するデコード手段(44)と、
     前記撮像部(41)で取得した前記撮像ビット列と、前記デコード手段(44)によって取得した前記情報ビット列及び前記訂正ビット列と、の排他的論理和である第2排他的論理和を求めて、前記埋込ビット列と前記認証ビット列との排他的論理和である前記第1排他的論理和を誤りとして検出する誤り検出手段(44)と、
     前記訂正ビット列に含まれる前記埋込ビット列と、前記誤り検出手段(44)によって誤りとして検出した前記第1排他的論理和と、の排他的論理和である第3排他的論理和を求めて、前記認証ビット列を取得する認証ビット列取得手段(44)と、
     前記デコード手段(44)によって取得した前記撮像ビット列が示す前記URLに、前記インターネット網(5)を介してアクセスして、前記認証ビット列取得手段(44)によって取得した前記前記認証ビット列が示す前記認証情報を、該インターネット網(5)を介して前記認証対象発行装置(3)に送信する認証情報送信手段(44)と、
     を備える前記読取端末(4)と、
     請求項5に記載の認証対象発行装置(3)と、
     を具備する認証対象発行システム(1)。     An imaging unit (41) that captures the data code (100) to obtain an imaging bit sequence;
    Decoding means (44) for decoding the imaging bit sequence acquired by the imaging unit (41) to obtain an information bit sequence indicating the URL and a correction bit sequence indicating the correction information;
    A second exclusive OR, which is an exclusive OR of the imaging bit sequence acquired by the imaging unit (41) and the information bit sequence and the correction bit sequence acquired by the decoding unit (44), is obtained. Error detecting means (44) for detecting the first exclusive OR, which is the exclusive OR of the embedded bit string and the authentication bit string, as an error;
    Calculating a third exclusive OR, which is an exclusive OR of the embedded bit string included in the correction bit string and the first exclusive OR detected as an error by the error detection means (44); An authentication bit string acquisition unit (44) for acquiring the authentication bit string;
    The URL indicated by the imaging bit string acquired by the decoding means (44) is accessed via the Internet network (5), and the authentication indicated by the authentication bit string acquired by the authentication bit string acquisition means (44). Authentication information transmitting means (44) for transmitting information to the authentication target issuing device (3) via the Internet network (5);
    The reading terminal (4) comprising:
    An authentication target issuance device (3) according to claim 5,
    An authentication target issuance system (1) comprising:
  9.  認証対象発行装置(3)が、
     利用者端末(2)からインターネット網(5)を介して認証対象の発行依頼を受信したことに応答して、該発行依頼から特定される該利用者端末(2)の電話番号に宛てて、利用者による入力を要求する確認情報を電話網(6)を介して通知し、
     前記通知した前記確認情報を、前記利用者端末(2)から前記電話網(6)を介して受信したことに応答して、該確認情報を入力した前記利用者に、前記認証対象を発行する、
     認証対象発行方法。     The authentication target issuing device (3)
    In response to receiving the issuance request for authentication from the user terminal (2) via the Internet network (5), addressing the telephone number of the user terminal (2) specified from the issuance request, Notify via a telephone network (6) confirmation information requesting user input,
    In response to receiving the notified confirmation information from the user terminal (2) via the telephone network (6), issuing the authentication target to the user who has input the confirmation information. ,
    Authentication target issuance method.
  10.  コンピュータに、
     利用者端末(2)からインターネット網(5)を介して認証対象の発行依頼を受信したことに応答して、該発行依頼から特定される該利用者端末(2)の電話番号に宛てて、利用者による入力を要求する確認情報を電話網(6)を介して通知する確認情報通知手順(33)と、
     前記確認情報通知手順(33)によって通知した前記確認情報を、前記利用者端末(2)から前記電話網(6)を介して受信したことに応答して、該確認情報を入力した前記利用者に、前記認証対象を発行する認証対象発行手順(33)と、
     を実行させるためのプログラム。     On the computer,
    In response to receiving the issuance request for authentication from the user terminal (2) via the Internet network (5), addressing the telephone number of the user terminal (2) specified from the issuance request, A confirmation information notification procedure (33) for notifying confirmation information requesting an input by the user via the telephone network (6);
    The user who has input the confirmation information in response to receiving the confirmation information notified by the confirmation information notification procedure (33) from the user terminal (2) via the telephone network (6). An authentication object issuance procedure (33) for issuing the authentication object;
    A program for executing
PCT/JP2018/029494 2018-08-06 2018-08-06 Authentication object issuing device, authentication object issuing system, authentication object issuing method, and program WO2020031245A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
JP2018558364A JP6488434B1 (en) 2018-08-06 2018-08-06 Authentication object issuing device, authentication object issuing system, authentication object issuing method, and program
PCT/JP2018/029494 WO2020031245A1 (en) 2018-08-06 2018-08-06 Authentication object issuing device, authentication object issuing system, authentication object issuing method, and program

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2018/029494 WO2020031245A1 (en) 2018-08-06 2018-08-06 Authentication object issuing device, authentication object issuing system, authentication object issuing method, and program

Publications (1)

Publication Number Publication Date
WO2020031245A1 true WO2020031245A1 (en) 2020-02-13

Family

ID=65803001

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2018/029494 WO2020031245A1 (en) 2018-08-06 2018-08-06 Authentication object issuing device, authentication object issuing system, authentication object issuing method, and program

Country Status (2)

Country Link
JP (1) JP6488434B1 (en)
WO (1) WO2020031245A1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP6664785B1 (en) 2019-04-01 2020-03-13 佐鳥電機株式会社 Data restoration device, data management server, data management system, data restoration method, and program

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2006018892A1 (en) * 2004-08-20 2006-02-23 Yoshiaki Kosaka Telephone authentication system preventing spoofing even when personal information is leaked
WO2011083867A1 (en) * 2010-01-08 2011-07-14 Hishinuma Noboru Authentication device, authentication method, and program
JP2013205862A (en) * 2012-03-27 2013-10-07 Nippon Telegr & Teleph Corp <Ntt> Identity verification system, identity verification means, identify verification method, and program thereof
WO2015001637A1 (en) * 2013-07-03 2015-01-08 A・Tコミュニケーションズ株式会社 Authentication server, authentication system, authentication method, and program

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8798380B1 (en) * 2012-08-08 2014-08-05 Google Inc. Techniques for generating customized two-dimensional barcodes

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2006018892A1 (en) * 2004-08-20 2006-02-23 Yoshiaki Kosaka Telephone authentication system preventing spoofing even when personal information is leaked
WO2011083867A1 (en) * 2010-01-08 2011-07-14 Hishinuma Noboru Authentication device, authentication method, and program
JP2013205862A (en) * 2012-03-27 2013-10-07 Nippon Telegr & Teleph Corp <Ntt> Identity verification system, identity verification means, identify verification method, and program thereof
WO2015001637A1 (en) * 2013-07-03 2015-01-08 A・Tコミュニケーションズ株式会社 Authentication server, authentication system, authentication method, and program

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
"ARS (Automatic Voice) Verification (Telephone Verification Service", THEME, vol. 2, no. 85, 15 November 2017 (2017-11-15), Retrieved from the Internet <URL:https://www.opensquare.co.jp/seminar-document/85/2_ARS.pdf> [retrieved on 20181009] *

Also Published As

Publication number Publication date
JP6488434B1 (en) 2019-03-20
JPWO2020031245A1 (en) 2020-08-20

Similar Documents

Publication Publication Date Title
US11915210B2 (en) Animated two-dimensional barcode checks
TWI591554B (en) Electronic ticket security system and method
US8498940B2 (en) Unified identity verification
CN111164627B (en) Information processing device, information processing system, information processing method, and program
US20130247218A1 (en) System And Method For Verifying Authenticity Of Documents
US10439813B2 (en) Authentication and fraud prevention architecture
US20100211506A1 (en) Mobile transaction system and method
CN107392583B (en) Two-dimensional code graphic data generation method and device
KR20090005336A (en) Methods and systems for secure transactions with electronic devices
JP2008204248A (en) Settlement system and settlement method
US10803139B2 (en) Instrument disambiguation to facilitate electronic data consolidation
KR20140145190A (en) Electronic transaction method
KR20150011933A (en) Payment system using identification code of member shop
KR101554218B1 (en) Method and system for authentication and payment by using portable terminal
WO2020031245A1 (en) Authentication object issuing device, authentication object issuing system, authentication object issuing method, and program
US11631062B2 (en) Voucher verification auxiliary device, voucher verification auxiliary system, and voucher verification auxiliary method
KR101711697B1 (en) Security bankbook, method and apparatus for providing bankbook printing service using identification code
KR20150105937A (en) Method for loan covenant and apparatus for using the same
TWM595276U (en) Paying system using quick response code to verify user identity
CN112396418A (en) Information processing method, device and system
JP5179201B2 (en) Confirmation server, transaction terminal, program, transaction system, and identity verification method
KR20140142465A (en) Method for loan covenant and apparatus for using the same
JP2017146828A (en) Server device, remittance system, remittance method, and program
JP7274202B2 (en) Optical code creation program, optical code reading authentication program, optical code authentication system, payment system, printed matter manufacturing method, and optical code authentication method
WO2014003684A1 (en) Terminal and method of authentication

Legal Events

Date Code Title Description
ENP Entry into the national phase

Ref document number: 2018558364

Country of ref document: JP

Kind code of ref document: A

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 18929564

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 18929564

Country of ref document: EP

Kind code of ref document: A1